It’s long been the case that access to certain services, whether on or offline, will only be granted when customers prove their identity.

Often linked to financial products but in many cases basic money/goods transactions carried out online, handing over a name, address, date of birth and similar details, can increase confidence that a deal will more likely than not go according to plan. In some cases, especially when buying restricted products, proving identity can be a condition of sale.

Yet, for many years, companies operating in the online space have been happy to do business with customers without knowing very much about them at all.

In some cases, where companies understand that a lack of friction is valuable to the customer, an email address has long been considered sufficient. If the credit or pre-payment card eventually used to pay for a product has enough credit and isn’t stolen, there seems very little to be concerned about. For many governments, however, any level of anonymity has the capacity to cause concern, and if that means unmasking everyone to identify a few bad actors, so be it.

Improving Detection and Prevention of Foreign Malicious Cyber Activity

Perceived and actual threats from shadowy overseas actors are something few countries can avoid. Whether in the West or the East, reports of relatively low-key meddling through to seriously malicious hacks, even attacks on key infrastructure, are becoming a fact of modern life.

After being under discussion for years, late January the U.S. Department of Commerce published a notice of proposed rulemaking hoping to reduce threats to the United States. If adopted, the proposal will establish a new set of requirements for Infrastructure as a Service providers (IaaS), often known as cloud infrastructure providers, to deny access to foreign adversaries.

The premise is relatively simple. By having a more rigorous sign-up procedure for platforms such as Amazon’s AWS, for example, the risk of malicious actors using U.S. cloud services to attack U.S. critical infrastructure, or undermine national security in other ways, can be reduced. The Bureau of Industry and Security noted the following in its announcement late January.

The proposed rule introduces potential regulations that require U.S. cloud infrastructure providers and their foreign resellers to implement and maintain Customer Identification Programs (CIPs), which would include the collection of “Know Your Customer” (KYC) information. Similar KYC requirements already exist in other industries and seek to assist service providers in identifying and addressing potential risks posed by providing services to certain customers. Such risks include fraud, theft, facilitation of terrorism, and other activities contrary to U.S. national security interests.

While supposedly aimed at external threats, only positive identification of all customers can eliminate the possibility that an ‘innocent’ domestic user isn’t actually a foreign threat actor. Or, according to the proposal, anyone (or all people) from a specified jurisdiction at the government’s discretion. Upon notification by IaaS providers, that could include foreign persons training large artificial intelligence models “with potential capabilities that could be used in malicious cyber-enabled activity.”

Scope of IaaS and Customer Identification Programs

Under the proposed rule, Customer Identification Programs (CIPs) operated by IaaS providers must collect information from both existing and prospective customers, i.e. those at the application stage of opening an account. The bare minimum includes the following data: a customer’s name, address, the means and source of payment for each customer’s account, email addresses and telephone numbers, and IP addresses used for access or administration of the account.

What qualifies as an IaaS is surprisingly broad:

Any product or service offered to a consumer, including complimentary or “trial” offerings, that provides processing, storage, networks, or other fundamental computing resources, and with which the consumer is able to deploy and run software that is not predefined, including operating systems and applications.

The consumer typically does not manage or control most of the underlying hardware but has control over the operating systems, storage, and any deployed applications. The term is inclusive of “managed” products or services, in which the provider is responsible for some aspects of system configuration or maintenance, and “unmanaged” products or services, in which the provider is only responsible for ensuring that the product is available to the consumer.

And it doesn’t stop there. The term IaaS includes all ‘virtualized’ products and services where the computing resources of a physical machine are shared, such as Virtual Private Servers (VPS). It even covers ‘baremetal’ servers allocated to a single person. The definition also extends to any service where the consumer does not manage or control the underlying hardware but contracts with a third party for access.

“This definition would capture services such as content delivery networks, proxy services, and domain name resolution services,” the proposal reads.

The proposed rule , National Emergency with Respect to Significant Malicious Cyber-Enabled Activities , will stop accepting comments from interested parties on April 30, 2024.

Given the implications for regular citizens, many of whom are already hanging on to what remains of their privacy, the prospect of handing over highly sensitive information just to obtain a product trial is a real concern. The potential for leaks grows with each disclosure, as does the possibility of personal information ending up for sale on the dark web.

Which is where the threat actors will obtain other people’s credentials to masquerade as regular users when subjected to a Know Your Customer process. For IaaS services themselves, the largest will have few problems implementing customer identification programs and may even consider them useful. On one hand, they can help to stop threat actors and on the other, take the opportunity to build a database containing the personal details of every single customer.

From: TF , for the latest news on copyright battles, piracy and more.

Twenty-five years ago, peer-to-peer file-sharing took the Internet by storm.

The ability to search for and share content with complete strangers was nothing short of a revolution.

In the years that followed, media consumption swiftly moved online. This usually involved content shared without permission, but pirate pioneers ultimately paved the way for new business models.

The original ‘pirate’ ethos has long since gone. There are still plenty of unauthorized sites and services, but few today concern themselves with decentralization and similar technical advances; centralized streaming is the new king with money as the main motivator.

AI Meets BitTorrent

There are areas where innovation and technological progress still lead today, mostly centered around artificial intelligence. Every month, numerous new tools and services appear online, as developers embrace what many see as unlimited potential.

How these developments will shape the future is unknown, but they have many rightsholders spooked. Interestingly, an ‘old’ research group, that was already active during BitTorrent’s heyday, is now using AI to amplify its technology.

Researchers from the Tribler research group at Delft University of Technology have been working on their Tribler torrent client for nearly two decades . They decentralized search , removing the need for torrent sites, and implemented ‘ anonymity ‘ by adding an onion routing layer to file transfers.

Many millions of euros have been spent on the Tribler research project over the years. Its main goal is to advance decentralized technology, not to benefit corporations, but to empower the public at large.

“Our entire research portfolio is driven by idealism. We aim to remove power from companies, governments, and AI in order to shift all this power to self-sovereign citizens,” the Tribler team explains.

Decentralized AI-powered Search

While not every technological advancement has been broadly embraced, yet, Tribler has just released a new paper and a proof of concept which they see as a turning point for decentralized AI implementations; one that has a direct BitTorrent link.

The scientific paper proposes a new framework titled “De-DSI”, which stands for Decentralised Differentiable Search Index . Without going into technical details, this essentially combines decentralized large language models (LLMs), which can be stored by peers, with decentralized search.

This means that people can use decentralized AI-powered search to find content in a pool of information that’s stored across peers. For example, one can ask “find a magnet link for the Pirate Bay documentary,” which should return a magnet link for TPB-AFK, without mentioning it by name.

This entire process relies on information shared by users. There are no central servers involved at all, making it impossible for outsiders to control.

Endless Possibilities, Limited Use

While this sounds exciting, the current demo version is not yet built into the Tribler client. Associate Professor Dr. Johan Pouwelse, leader of the university’s Tribler Lab, explains that it’s just a proof of concept with a very limited dataset and AI capabilities.

“For this demo, we trained an end-to-end generative Transformer on a small dataset that comprises YouTube URLs, magnet links, and Bitcoin wallet addresses. Those identifiers are each annotated with a title and represent links to movie trailers, CC-licensed music, and BTC addresses of independent artists,” Pouwelse says.

We tried some basic searches with mixed results. That makes sense since there’s only limited content, but it can find magnet links and videos without directly naming the title. That said, it’s certainly not yet as powerful as other AI tools.

In essence, De-DSI operates by sharing the workload of training large language models on lists of document identifiers. Every peer in the network specializes in a subset of data, which other peers in the network can retrieve to come up with the best search result.

A Global Human Brain to Fight Torrent Spam and Censors

The proof of concept shows that the technology is sound. However, it will take some time before it’s integrated into the Tribler torrent client. The current goal is to have an experimental decentralized-AI version of Tribler ready at the end of the year.

While the researchers see this as a technological breakthrough, it doesn’t mean that things will improve for users right away. AI-powered search will be slower to start with and, if people know what they’re searching for, it offers little benefit.

Through trial and error, the researchers ultimately hope to improve things though, with a “global brain” for humanity as the ultimate goal.

Most torrent users are not looking for that, at the moment, but Pouwelse says that they could also use decentralized machine learning to fight spam, offer personal recommendations, and to optimize torrent metadata. These are concrete and usable use cases.

The main drive of the researchers is to make technology work for the public at large, without the need for large corporations or a central government to control it.

“The battle royale for Internet control is heating up,” Pouwelse says, in a Pirate Bay-esque fashion.

“Driven by our idealism we will iteratively take away their power and give it back to citizens. We started 18 years ago and will take decades more. We should not give up on fixing The Internet, just because it is hard.”

The very limited De-DSI proof of concept and all related code is available on Huggingface . All technological details are available in the associated paper . The latest Tribler version, which is fully decentralized without AI, can be found on the official project page .

From: TF , for the latest news on copyright battles, piracy and more.

Since its invasion of Ukraine in February, Russian Members of Parliament and lawmakers have taken turns to see who can come up with the most aggressive anti-Western legislative proposals.

Suitably dressed-up in anti-American, anti-European rhetoric, plans to let everyone in Russia pirate Western content came early . While obvious to everyone else right from the beginning, the proposals were fundamentally flawed.

If Russians were allowed to gorge on free, high-quality foreign content, incentives to pay for Russian content would find themselves all but eliminated. Not only do local creators rely on that revenue for food and clothing, it also helps to prevent the collapse of Russia’s own entertainment sector.

Other plans, involving everything from state licensing of pirate platforms to the unblocking of previously blocked pirate sites, would’ve been comical had it not been for the death and destruction wreaked in Ukraine. And then there were those crazy stories about Russia’s ‘Sovereign RuNet’ initiative, which would see Russia’s corner of the internet placed behind a giant firewall, where it would thrive within the confines of a utopian closed ecosystem completely isolated from the rest of the world.

Draconian Plans Aren’t Speculative – They’re Becoming Law

While Russia hasn’t been able to cut itself off from civilization just yet, it can make people, companies, and investors leave of their own free will. By rendering its corner of the internet a hostile environment where free speech is a thing of the past, it raises the prospect of internet entrepreneurs walking in lockstep with the government, choosing another line of business, or leaving Russia altogether.

Citizens, meanwhile, will need identification to enjoy whatever remains.

Dated July 31, 2023, and approved by President Putin himself, Federal Law No. 406-FZ (On Amendments to the Federal Law ‘On Information, Information Technologies and Information Protection’ and the Federal Law “On Communications”) reads like a dystopian nightmare laying the foundations for worse to come.

Registering on Russian internet platforms using foreign email systems such as Gmail or Apple will soon be prohibited. That’s just a prelude to further restrictions coming into force in the weeks before Christmas 2023.

No Anonymity, No Privacy

Starting December, Russian online platforms will be required by law to verify the identities of new users before providing access to services. That won’t be a simple case of sending a confirmation link to a Russian-operated email account either.

Platforms will only be authorized to provide services to users who are able to prove exactly who they are through the use of government-approved verification mechanisms.

For instance, users who already have a mobile phone subscriber number, obtained through another official process established by the government, will be able to enter into an identification agreement with the operator of an online service/website. Once cleared, the user will be able to use the service, safe in the knowledge that whatever they say on the platform is traceable to their home address.

Another option for site owners is to verify users through a federal platform known as the Unified System of Identification and Authentication. A law passed in December 2022 relates to the use of the Unified System and the identification and authentication of citizens’ identities using biometric data.

The final option is to use an authorization system operated by a third-party platform already in compliance with government rules and regulations. Those rules go beyond the technical capabilities of the service; the platform must be owned by a Russian citizen who does not have citizenship of any other country, and is not controlled by anyone who fails to meet the same standards.

VPNs Still Not Outlawed But Talk of Circumvention is a Crime

Despite the draconian nature of the above, Russia still isn’t imposing an outright ban on VPN providers and similar services, but does appear to be using familiar tactics.

After imposing obligations most mainstream providers found intolerable, including registration with the state, only compliant VPN companies remain in Russia today. No evidence has been produced to show they have been compromised but at this point, believing otherwise could amount to playing Russian Roulette with the authorities.

Instead, posting information online that amounts to advice on how to use VPNs, Tor, and similar tools, for circumvention purposes, will be considered a crime. On top, regular hosting providers will be subjected to state registration and new obligations along similar lines to those imposed on VPN providers.

Hosting Companies Must Obtain State Approval

The new legal amendments effectively regulate the business of “providing computing power” for the purposes of the “placement of information” on a system “permanently connected to the internet.”

The obligations placed upon operating companies by the state are numerous and the new amendments make no attempt to hide that compliance with the state on security matters is mandatory. Authorized ‘state bodies’ carrying out investigative activities or those related to the security of Russia may require use of “computing power” and hosting companies will be expected to prevent any disclosure of those activities.

As mentioned earlier, before hosting companies are permitted to provide services to users, they will be required to positively identify potential customers using government-approved mechanisms. However, that can only take place when hosting companies themselves receive government permission to conduct business. That appears to involve the shouldering of considerable liability for whatever appears on their platforms.

Registration and Compliance

It’s envisioned that the government will appoint an entity to form and maintain a register of hosting companies. Once on the register and with permission to operate (deadline February 1, 2024), hosting companies and online services will be provided with a list of activities, content types, and certain behaviors prohibited by the state.

Platform operators will be required to implement measures to “eliminate the identified violations” and then report the outcome to the authorities. Failure to do so will mean exclusion from the register and with that, the ability to conduct business in Russia.

To even qualify for potential placement on the register, hosting companies must be Russian legal entities, under the control of a Russian citizen who doesn’t have citizenship in another country. By September 2024, state entities may only use “computing power” available from companies with a listing on the register while the use of “information systems” and software owned by foreign legal entities or citizens, will be prohibited.

Similar Russian ownership rules will also apply to news aggregator platforms, which will operate under the ultimate control of the Russian government, with known implications for the freedom of the press.

Federal Law No. 406-FZ is available here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.

There are thousands of pirate sites on the Internet but only a few will receive a permanent entry in the history books. That includes Sci-Hub .

Founded by Kazakhstani computer programmer Alexandria Elbakyan, the shadow library provides free access to millions of academic publications. As such, it’s an essential tool for less privileged students and researchers around the world.

Tearing Down Paywalls Since 2011

Without Sci-Hub, many academics would be unable to complete their research projects. This all comes at the detriment of the profits of major publishers, but many argue that’s an easy tradeoff to make.

Alexandra knows this from experience. She started Sci-Hub after running into accessibility problems more than a decade ago while studying at a less fortunate university.

“When I was working on my research project, I found out that all research papers I needed for work were paywalled. I was a student in Kazakhstan at the time and our university was not subscribed to anything,” Alexandra told TorrentFreak years ago.

Today, Sci-Hub continues to tear down academic paywalls but that comes at a cost. Sci-Hub has been sued several times and owes millions in damages to major publishers. In addition, Elbakyan also drew the attention of the FBI.

Instead of throwing in the towel, Sci-Hub’s founder continues to defend her ideals. They’re a thorn in the side of major publishers, but on the other side of the debate, Elbakyan reaps praise.

EFF Award

This week, the Electronic Frontier Foundation (EFF) announced that Sci-Hub’s founder will receive an award for her accomplishments in advancing access to scientific knowledge.

EFF’s awards are presented to people who have taken a leading role in the fight for freedom and innovation online. The previous winners include Internet pioneer Vint Cerf, Linux creator Linus Torvalds, and whistleblower Chelsea Manning.

According to EFF, Elbakyan deserves the award as her life’s work enables millions of people to access scientific knowledge that would otherwise exist beyond their financial reach.

“Sci-Hub is used by millions of students, researchers, medical professionals, journalists, inventors, and curious people all over the world, many of whom provide feedback saying they are grateful for this access to knowledge.

“Some medical professionals have said Sci-Hub helps save human lives; some students have said they wouldn’t be able to complete their education without Sci-Hub’s help,” EFF adds.

The Real Threat?

EFF also highlights that Elbakyan’s work helps to challenge the current academic publishing system, where researchers are used as unpaid workhorses.

“Through Sci-Hub, Elbakyan has strived to shatter academic publishing’s monopoly-like mechanisms in which publishers charge high prices even though authors of articles in academic journals receive no payment,” EFF writes.

Elbakyan previously said that academic publishers are the real threat to the progress of science as they keep scientific progress and findings behind closed doors, instead of sharing knowledge freely as Sci-Hub does.

In addition to Elbakyan, the digital rights group will also present awards to the Library Freedom Project and the Signal Foundation for their achievements.

‘I Am Sci-Hub’

Sci-Hub’s founder is pleased with EFF’s acknowledgment, although the initial plan to give the award to the Sci-Hub website, rather than her personally, wasn’t well received.

“It was really disgusting to read they ask me to accept their EFF Pioneer award ‘on behalf of Sci-Hub’,” Elbakyan said in response two weeks before the awards were officially announced.

“Why did not they want to give the award to me directly? Sci-Hub is my sole creation; it is not an organization and never had any team. In 1998 they awarded Torvalds, not Linux,” she added.

That commentary apparently made EFF reconsider its plan. The award now goes to Elbakyan directly and it will be officially handed out at the awards ceremony in San Francisco this coming September.

EFF previously recognized that it may be challenging for Sci-Hub’s founder to attend the ceremony in person, noting that there are secure methods of communication available in case she prefers to accept it virtually instead.

From: TF , for the latest news on copyright battles, piracy and more.

After years of government censorship to suppress dissent and maintain authorized narratives, unfiltered internet access in Russia is seen as a threat.

Russia’s measures include a massive domain name and IP address blocklist governing what services can be legally delivered by ISPs. Whether that’s the “extremist organization” behind Facebook and Instagram, BBC News, Google News, or thousands of streaming and torrent sites, access is routinely denied.

The inevitable response from citizens was to circumvent these blocks with VPNs and tools such as Tor. The equally predictable response from the authorities was to categorize tools that provide access to blocked resources as banned themselves, and also subject to blocking.

Last year Russia began blocking Tor nodes and TorProject.org , the tool’s official homepage. Tor was branded “an absolute evil” by the chairman of the State Duma’s Information Policy Committee, who dismissed its anti-censorship billing by framing Tor as a tool for criminals.

Activists Mount Legal Challenge

The blocking of TorProject.org was unusual. The authority to implement an ISP blockade was granted at the Saratov District Court back in 2017 but local telecoms watchdog Roscomnadzor only alerted Tor Project to imminent blocking early December 2021. Tor Project decided that in addition to a technical response, legal action would be required.

In partnership with digital rights activists at Roskomsvoboda, The Tor Project filed an appeal at the Saratov District Court. They argued that the blocking decision should be reversed because it was issued without giving Tor representatives an opportunity to participate – a violation of their procedural rights.

Court Agrees, Blocking Decision Set Aside

A Roskomsvoboda announcement reveals that the appeal was a success. Lawyer Ekaterina Abashina says that the exclusion of The Tor Project provided “an absolute basis for setting the decision aside” and the court agreed. The domain was ordered to be unblocked but an outright victory is still a way off.

A second submission by Tor Project, stating that Russian law does not contain any general prohibition on the dissemination of information related to anonymizing tools such as Tor, was rejected by the prosecutor and telecoms watchdog Roscomnadzor, with the latter claiming that courts have “unlimited power” to recognize any information as prohibited.

With no need to address that debate as part of the appeal, the judge ordered the blocking case to be heard at a new trial. Hearings are scheduled for this week and The Tor Project will be allowed to participate. However, the Russian prosecutor will take the opportunity to expand Tor blocking beyond the domain at the heart of the dispute by introducing a new party.

Prosecutor Decides to Involve Google

The unexpected development reported by Roskomsvoboda shows that the Saratov prosecutor’s office has decided to involve Google in the Tor Project blocking case. The prosecution asks the court to do the following:

• recognize the information contained in the Tor Browser software application as prohibited in Russia;
• recognize the Tor Browser application hosted on Google Play as prohibited;
• restrict access to the Tor Browser application;
• oblige Google LLC to remove the Tor Browser app from Google Play.

The involvement of Google in this matter could go either way. Google may choose to stand up and fight, giving The Tor Project an indirect boost with its considerable legal muscle. Alternatively, this may be a complication The Tor Project really doesn’t need right now.

Google and Russia’s Information War

Last week Google’s Russian subsidiary said it would file for bankruptcy and move its staff out of Moscow in response to the Russian government seizing its bank account. The reasons for that seizure are linked to Russia’s position on what content should or should not be available online.

In the past year, Google has been repeatedly fined by Russia over its refusal to remove content that Moscow claims is “prohibited”. Google’s YouTube has also restricted access to Russian media channels, enraging the Kremlin, but in other areas also related to censorship, Google appears much more compliant.

Notably, Google has complied with dozens of Russian government requests to delist tens of thousands of URLs from its search results. These link to VPN services that in most other regions would be entirely legal but in Russia are seen as tools granting access to banned information.

From a functionality perspective, Russian authorities see little difference between VPNs and Tor. Both allow access to “prohibited” information, something the Kremlin wants to prevent. The fact that the CIA recently used Instagram to seek out Russians to act as potential informants might also come into the mix, particularly given the advice that to evade detection, they should use Tor.

From: TF , for the latest news on copyright battles, piracy and more.

People being free to share and access ideas, knowledge and opinions with their peers is a universally accepted standard for the entire human race. The big problem is that the definition of ‘free’ differs widely and is often defined by the few, not the many.

In online terms, true freedom is already under threat. As governments take more control over ‘their’ parts of the internet, citizens are informed that this is for the greater good, to keep their families safe and economies strong. Giving up small freedoms here….and a few others over there….are presented as insignificant sacrifices hardly worth our attention.

However, once these systems are in place, governments can use them to ‘protect’ citizens from dissenting opinions, unpalatable news, whistleblowing, and our ability to absorb all information, thereby reaching educated conclusions of our own. Early adopters of VPNs recognized this years ago, and as more people retain choice by using them, some governments are calling for VPNs to be restricted or even banned.

Calls for VPN Ban in India

In common with many countries worldwide, India has introduced laws to render illegal certain types of content online. It blocks thousands of websites due to copyright infringement and pornography, for example, but is now engaged in censorship to suppress political opposition in the name of national security. It even threatened to put Twitter executives in prison for refusing to censor opponents.

Due to the increased security and anonymity they provide, good VPN services with high standards enable people to absorb and impart information more freely. They are not a silver bullet but can be considered as part of a toolkit to unfilter internet access and restore freedoms. As a result, India’s government (and more besides) view them as a threat.

Last year a Parliamentary Standing Committee called for a total ban on VPNs, advising that they allow criminals to be anonymous online. The Ministry of Electronics and Information Technology was urged to force ISPs to block these encryption tools and increase online surveillance to clear any remnants.

While the government didn’t respond with a full ban, new directions to India’s IT sector reveal that if VPNs are to stay, the authorities will have the power to identify their users.

Security Measures for a “Safe & Trusted Internet”

The Indian Computer Emergency Response Team (CERT-In) serves as the national agency for online security. It analyzes cyber threats and can obtain logging information from service providers, intermediaries, data centers and corporate bodies. After identifying gaps in its ability to analyze ‘incidents’, CERT-In recently issued directions to companies providing internet services designed to ensure a “safe & trusted Internet” in the country.

While the directions focus on improved responses to security incidents, Indian authorities have also ordered all service providers, intermediaries, and data centers to enable and maintain logs. These must contain 180 days of event logging and be maintained within Indian jurisdiction for straightforward access. For other service providers the requirements are even tougher.

VPN Providers Cannot Be Anonymous, Must Carry Logs

Although caveats apply (and vary between providers), a good VPN service should be able to offer enhanced or even complete anonymity to users. Many do this, at least in part, by not carrying logs that can link a specific user to any IP address at any given time. India’s directions are designed to thwart this business model.

All VPN services, data centers, VPS (virtual private server) providers, and cloud services must store a laundry list of information and logs for at least five years, longer if the government chooses to change the law. The rules apply to all of the above services, but given the nature of VPN services as censorship-busting anonymity tools, they appear to be the hardest hit.

An email address is often sufficient when a customer signs up for a foreign VPN service like vpntap.com . In future, VPN providers in India will be required to obtain a customer’s real name, address, and phone number. All information provided must be validated as accurate.

Providers will also be required to record the user’s email address, IP address and timestamp used at the time of registration and obtain a statement of intent from the subscriber, i.e a description of what the VPN will be used for.

The ‘period of hire’ (times and dates) must also be logged to include every IP address allocated to and used by customers. All service providers must synchronize their clocks with specified NTP servers for uniform accuracy across the industry.

Implications for VPN Providers and Users

The full implications will become clearer over time, but the directions seem to impact VPN providers in India and, to a lesser extent, those based overseas operating servers in India.

Pervasive logging throughout the entire system translates to a generally hostile environment for anonymity so after consideration, some providers may be less keen to do business locally. Especially given that prison sentences are available for non-compliance.

The directions can be found here (pdf)

From: TF , for the latest news on copyright battles, piracy and more.