Lawsuit: DRM spied on me, gathered my personal info, sent it to copyright enforcers who called me with $150,000 legal threat

A lawsuit has been filed over a 3D imaging tool called Transmagic whose demo came bundled with a DRM program called Sheriff, produced by Licensing Technologies Limited. The suit alleges after Miguel Pimentel, a Boston-area architect, installed and then deleted Transmagic, Sheriff remained on his computer, and that it scoured his computer for his personal details, then phoned home to a copyright shakedown company called ITCA (IT Compliance Association), and that subsequently, a rep from ITCA called Pimentel and accused him of pirating Transmagic. The ITCA rep demanded an immediate $10,000 license fee payment, and threatened a $150,000 copyright lawsuit if he didn't cough up.

The shadowy ITCA's web page is apparently in a constant state of upgrade and contains nothing more than a link to their online software validation program and some impressive client logos (Microsoft, Siemens and McAfee to name a few). There is a contact page but not a single email address is listed nor is any indication given as to what exactly they do while not enjoying the tropical weather.
However, Chris Luijten has made no effort to hide his real agenda, as evidenced by his partnership with V.i. Labs. V.i. Labs is an organization, which claims it's dedicated to wiping out software piracy. As such, it has taken care to rely on dubious formulas (pirated software x full retail price = amount of lost sales) and acrimonious methodology to try to "turn infringement into leads."

DRM Accused Of Sending Personal Info To Help With Licensing Shakedown (via The Command Line)

I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.

MORE: extortion

More at Boing Boing

Ants and Stars: Bruce Sterling and Jasmina Tesanovic visit the Sardinia Radio Telescope in Italy

The Snowden Principle

Anonymous

I don’t know anything about Transmagic, even through I’m a graphics person. However, it’s clear that whatever I need, I’m not going to buy a product that installs spyware. Transmagic’s practice should be noted in our respective professional mailinglists so folk know and are forewarned.
Anonymous

Transmagic

I get it!!! I really get it!!

wooohaaaa!!
Anonymous

how did this thread become about operating systems and there reliability

being pushed around buy someone who possibly has a little more $ to hire a lawyer
Chris Tucker

Little Snitch for Mac OS informs you every time an application attempts to access the Internet. It informs you what port it wants to use, and you can get a few more details about the connection as well.

For trusted applications, such as an email app that needs to connect to SMTP or POP, Little Snitch can be easily configured on the fly to permanently allow such connections.

If there is a similar app for Windows and/or Linux, I think it would be a good idea to get and install it.

Unlike Peerblock, Little Snitch blocks or allows applications to ‘phone home’ as YOU, the user, permits.

Shareware. Worth every cent as far as I’m concerned.
marco antonio

I use PeerBlock. Free, easy to install, it blocks all kinds of nasties trying to ‘phone home’ both in P2P and HTML. I have no idea if it acts as a firewall for whatever port this DRM spyware uses though.
- Anonymous
  
  Peerblock is essentially an IP based firewall. Where a normal firewall blocks based on ports, it blocks based on IPs, so instead of it blocking all traffic along, say, port 6000, it would only block traffic from an specific IP and let the other traffic through.
- teapot
  
  I second the peerblock call. I think these sheriff assholes would probably be on their blacklist.
  
  So, if you wanna use transmagic for free, just use one of the many available downloads and run peerblock :)
  
  http://isohunt.com/torrents/?ihq=transmagic
  http://thepiratebay.org/torrent/3320119/Transmagic_Plus_v2005_SP4-iSO
  http://www.peerblock.com/
IronEdithKidd

I can’t imagine why there wouldn’t be a concurrent criminal complaint against Transmagic, et al. Extortion and possibly racketeering this.
Anonymous

If Linux repos are so trusted, why did the laughable OpenVPN fiasco happen?

Root kits, buffer exploits, user escalation et al all exist on nix platforms, and have for some 50 years. You are seriously deluding yourself if you think “Just use Lunix!” is a reasonable reply to this sort of thing.
Anonymous

“Yes, that is so true. And linux also has just as many problems as windows with malware, trojans, viruses and those damn metal mites that eat holes in the sides of your tower. :)”

Can’t tell if you’re being sarcastic, but the fact that a software is open source is exactly what makes it more trustworthy. The chances of someone looking through the code is infinitely greater compared to a software that is closed source. And I’d like to see those windows vs linux malware/virus/trojan statistics you seem to be referring to.
- Victor Drath
  
  “Can’t tell if you’re being sarcastic, but the fact that a software is open source is exactly what makes it more trustworthy. The chances of someone looking through the code is infinitely greater compared to a software that is closed source. And I’d like to see those windows vs linux malware/virus/trojan statistics you seem to be referring to.”
  
  Can’t tell if I’m being sarcastic? You mean metal mites wasn’t a dead give away?
  
  And to the person right under my first comment, no, linux may not the answer to everything, but it’s the best place to start and light years beyond your other choices. It’s like comparing a pile of manure and a pile of gold and you’re arguing “Hey, the gold has problems too!”
  
  You can clearly see the kind of company microsoft keeps with scum like ITCA. But if people are ok with that and still trust them, whatever. Enjoy.
Anonymous

“Just because the source code can be checked, doesn’t mean anyone will actually do it, and there’s nothing about sources of Linux software which makes them inherently more reliable or trustworthy than sources for other OSes.”

exactly .. ever been a new dev at a place with a product with a huge codebase? it takes months, even years to understand all the code is doing .. and someone is paying you to understand it.

so if i want to use an app i should first understand its code before using it so i can discover any security holes?

is that guy serious? what universe does that guy live in?
Anonymous

Guys, if I make a linux distro and convince people to download it and I embed my nasty spyware in there, why would I open up the source code to you? Also, just because something is in an apt repository doesn’t mean its open source. Finally, I’m pretty sure I could sneak an rm -rf / into some perl code and nobody would see it until its too late.
Ben

I’ve experienced Transmagic before, but it had nothing to with 3D Imaging.

(Heyoooooo!)
Anonymous

Shocking.
I wonder if ITCA’s clients are aware of the way that their interests are “represented”. Not very smart, PR-wise. ITCA’s shady business model is based on intimidation tactics, which makes ITCA sound more like a criminal organisation than a respectable company. Either way, Pimentel need not fear. ITCA won’t stand a chance in court.

BTW. ITCA’s chief exec is based in Willemstad, Curacao of all places. Nuff said.
classic01

That’s why you should always use a firewall and not let any software to phone home when it doesn’t need to.

Also turn off all automatic updates.
- rebdav
  
  better yet only use Linux or another free OS and only compile or obtain software from the apt-get repositories.
  - Chinny Racoon
    
    That’s all well and good, but it’s impractical for a lot of people.
    - Stooge
      
      It’s also not very meaningful. I can recall at least a couple of instances where distros have gone out with malware or reputable repositories have hosted trojans.
      
      Just because the source code can be checked, doesn’t mean anyone will actually do it, and there’s nothing about sources of Linux software which makes them inherently more reliable or trustworthy than sources for other OSes.
      - Victor Drath
        
        “nothing about sources of Linux software which makes them inherently more reliable or trustworthy than sources for other OSes.”
        
        Yes, that is so true. And linux also has just as many problems as windows with malware, trojans, viruses and those damn metal mites that eat holes in the sides of your tower. :)
        
        But I will say no more b/c it’s off topic.
      - Anonymous
        
        “nothing about sources of Linux software which makes them inherently more reliable or trustworthy than sources for other OSes.”
        
        Yes, that is so true. And linux also has just as many problems as windows with malware, trojans, viruses and those damn metal mites that eat holes in the sides of your tower. :) I think you forgot your (/s) tag at the end.
      - Anonymous
        
        Seriously Stooge? The difference is you can actually check the source of Linux apps and OS. That does make it my inherently more trustworthy and reliable as that is the whole point.
        
        You make a good point about the fact that not all source is checked though, but the point is you can check it. You don’t have this option for the majority of Windows applications and the ENTIRE OS.
        
        So basically your full of it.
    - Anonymous
      
      What’s impractical is a lawyer or company shaking you down for 150 grand for absolutely nothing. I’ll take the Linux, thank you.
- Anonymous
  
  A firewall doesn’t help, unless you are blocking outbound HTTP, and in that case you can’t use the web. Why doesn’t a firewall help? Because the Sheriff thing is the one making the request, and as such is no different than your browser. Firewalls keep other clients from accessing your computer, they don’t keep your clients from accessing other computers.
- Anonymous
  
  So it sends data as an HTTP header to a predetermined submit page. Useless advice is useless.
Anonymous

I would have thought that the best way to deal with this kind of problem is to make it uneconomic for those doing it (no offence to the Linux/OS evangelists, but it’s the fraudsters that need to change their ways here). Fine the hell out of these people and chuck them in jail.

Some sort of database of evil software (with information as to why it is evil) for users as a blacklist would probably be good too (this does happen to some degree with anti-virus software).
Anonymous

@ classic01,
Nice practice, but a lot of these programs will not work at all w/o checking in, so you have to unblock it in order to even use it normally, legally.