E3 management act like a bunch of babies, call LAPD on rogue Ouya booth across the street —

Ouya, the Android-based, kickstarted games console, rented a storefront across from the E3 games conference, hoping to catch the eye of the conferencegoers. E3's management rented the parking spots in front of the storefront and blocked it off with trucks. Ouya rented the space in front of the trucks and set up their own booth. Then E3 called the LAPD on them. (Thanks, Anthony!) — Cory •

Gawker's Max Read tried to set up a Zazzle store to sell t-shirts with the logo of the NSA Prism program, recently outed in a set of spectacular leaks in the Guardian and Washington Post. His store was short-lived; a copyright complaint from an unnamed party shut it down. He has researched possible copyright holders for the image, and found one candidate: Adam Hart-Davis, known for presenting BBC science-shows, who made the underlying image of a prism splitting a light-beam available on his website as a low-rez image. However, he is on vacation and is unlikely to have generated the takedown.

A British Television Host Took the Photo Used in the NSA PRISM Logo (via Super Punch)

Raging Heroes is a spectacularly successful new Kickstarter to produce 150 female warrior miniatures divided into three armies. They were looking for $12,000 and hit that in 30 seconds. Now they're over $300K and still rising, with over 1,400 backers. The minis are very beautiful, and the studio, based in France, has a textbook-example, perfectly structured KS. But 30 seconds. Wow.

Raging Heroes - The Toughest Girls of the Galaxy (Thanks, Alice)

Read the rest

Spirit Airlines is sure you'll enjoy its new 6% alcohol wine-in-a-can —

Because "Your choices at 30,000 feet are pretty limited." — Cory •

Brian Krebs reports on the Russian arrest of Pavel Vrublevsky, owner of the ChronoPay service (about whom Krebs has written an upcoming book) for witness intimidation. Vrublevsky is on trial for hiring hackers to attack a ChronoPay competitor called Assist, and he admitted that he phoned a witness in the trial and offered that person money; the witness said "he felt pressured and threatened by the offer."

Where this gets good is where Krebs recounts his own conversation with Vrublevsky, when the Russian businessman offered Krebs money as well:

“My proposition to you is to come to Moscow, and if you don’t have money….I realize journalists are not such wealthy people in America, we’re happy to pay for it,” Vrublevsky said in a phone conversation on May 8, 2010.

When I politely declined his invitation, Vrublevsky laughed and said I was wrong to feel like I was being bribed or intimidated.

“It’s quite funny that you think somehow when you fly to meet me in Moscow or ChronoPay offices that you are in any possible danger from me for being murdered,” Vrublevsky said. “Come to Moscow and see for yourself. Take your notebook, come to my office. Sit in front of me and look around. Because you’re getting information, which, to be honest, is not factual.”

As you can see, Vrublevsky is a master of putting people at their ease with his warm and cuddly demeanor, as is evidenced by his official Facebook profile photo, above.

Vrublevsky Arrested for Witness Intimidation

Writing in The New Yorker, Tim Wu calls for "total war on patent trolls" and lays out a roadmap for attacking the extortionists who are costing the US economy a reported $30B/year by extorting license fees for patents that never should have been issued and don't cover what the patent trolls say they cover.

There are good laws in place that could fight trolls, but they sit largely unused. First are the consumer-protection laws, which bar “unfair or deceptive acts and practices.” Some patent trolls, to better coerce settlement, purposely misrepresent matters such as the strength of their patents, the extent of other settlements, and their actual willingness to litigate. Second, there are plenty of remedies available under the unfair-competition laws. Some trolls work by aggregating an enormous number of patents, and then present the threat that one of their thousands of patents might actually be valid. The creation of these portfolios for trolling may be “agreements in restraint of trade” under Section 1 of the Sherman Antitrust Act, or they may “substantially lessen competition” under the Clayton Antitrust Act. More generally, the methods of the trolls are hardly what you would call ordinary methods of competition; they should be considered, rather, what the Federal Trade Commission calls “unfair methods of competition” under Section 5 of the F.T.C. Act. The Commission has the power to define and punish methods of business that are inherently harmful with few or no redeeming benefits, and that’s what trolling is. Finally, it is possible that the criminal laws barring larceny and schemes to defraud may cover the conduct of some trolls.

How to Make War on Patent Trolls

My latest Guardian column is "Data protection in the EU: the certainty of uncertainty," a look at the absurdity of having privacy rules that describes some data-sets as "anonymous" and others as "pseudonymous," while computer scientists in the real world are happily re-identifying "anonymous" data-sets with techniques that grow more sophisticated every day. The EU is being lobbied as never before on its new data protection rules, mostly by US IT giants, and the new rules have huge loopholes for "anonymous" and "pseudonymous" data that are violently disconnected from the best modern computer science theories. Either the people proposing these categories don't really care about privacy, or they don't know enough about it to be making up the rules -- either way, it's a bad scene.

Since the mid-noughties, de-anonymising has become a kind of full-contact sport for computer scientists, who keep blowing anonymisation schemes out of the water with clever re-identifying tricks. A recent paper in Nature Scientific Reports showed how the "anonymised" data from a European phone company (likely one in Belgium) could be re-identified with 95% accuracy, given only four points of data about each person (with only two data-points, more than half the users in the set could be re-identified).

Some will say this doesn't matter. They'll say that privacy is dead, or irrelevant, or unimportant. If you agree, remember this: the reason anonymisation and pseudonymisation are being contemplated in the General Data Protection Regulation is because its authors say that privacy is important, and worth preserving. They are talking about anonymising data-sets because they believe that anonymisation will protect privacy – and that means that they're saying, implicitly, privacy is worth preserving. If that's policy's goal, then the policy should pursue it in ways that conform to reality as we understand it.

Indeed, the whole premise of "Big Data" is at odds with the idea that data can be anonymised. After all, Big Data promises that with very large data-sets, subtle relationships can be teased out. In the world of re-identifying, they talk about "sparse data" approaches to de-anonymisation. Though most of your personal traits are shared with many others, there are some things about you that are less commonly represented in the set – maybe the confluence of your reading habits and your address; maybe your city of birth in combination with your choice of cars.

Data protection in the EU: the certainty of uncertainty

Here's a video showing off a publicity stunt in which Domino's delivers one of its "pizzas" using a drone (and, it appears, two or three cameradrones to document the event). The "pizza" is packed in an electrified, heated bag to keep it warm during the high altitude flight. Their publicity material promises a Domino's flight academy to train their deliverator corps to safely navigate the fast-food-filled skies and prevent midair collisions with flying Chinese takeouts, kebabs, curries, and package liquor delivery.

Introducing the Domino's DomiCopter! (via Digg Videos)

The saga of porno-copyright-trolls Prenda Law (previously) just keeps getting more tawdry. Prenda is a mysterious extortionate lawsuit-threat-factory that claimed to represent pornographers when it sent thousands (and thousands!) of legal threats to people, telling them they'd get embroiled in ugly litigation that would forever tie their names to embarrassing pornography titles unless they paid hush money.

Their con has unraveled in a series of legal losses. Now, one of their victims has had an expert witness file an affidavit in First Time Videos vs. Paul Oppold, a case in Florida. The expert fields an astonishing accusation: Prenda Law's principle, John Steele, is the person who uploaded the infringing pornography in the first place, listing it on BitTorrent index sites with information inviting people to download it -- people whom he then sent legal threats to for downloading those selfsame movies.

Among other things, sharkmp4 seemed to be able to post these works on The Pirate Bay before the works were even mentioned anywhere else, and in at least one case, "sharkmp4" put a video up on The Pirate Bay three days before Prenda shell company Ingenuity 13 had even filed for the copyright. On top of that, the "forensics" company that Prenda uses -- which is supposedly run by Paul Hansmeier's brother Peter, but which had its domain registered and controlled by (you guessed it) John Steele -- apparently identified "infringements" almost immediately after the videos were placed on The Pirate Bay -- meaning they were likely looking for such infringement in conjunction with the upload.

At the end, however, Neville pulls together really damning evidence, tying together a website set up to distribute Ingenuity 13 porn films with the same exact IP address that was confirmed as being used by John Steele to log into his own GoDaddy account, highlighting how Steele -- or someone with access to his logins -- clearly has full access and control over Ingenuity 13 works. As you read through all of the evidence it appears highly likely that Steele is in control of Ingenuity 13, despite all his protests to the contrary.

As the filing notes:

Prenda Law's business structure is such that it is pirate, forensic pirate hunter, and attorney. It also appears that Prenda Law also wants to/has formed/is forming a corporate structure where it is: pornography producer, copyright holder, pornography pirate, forensic investigator, attorney firm, and debt collector. Other than the omission of appearing in the pornography themselves, this would represent an entire in-house copyright trolling monopoly- not designed to promote their own works for distribution and sale, but to induce infringement of their works and reap profits seen from mass anti-piracy litigation.

New Filing Presents Evidence That John Steele Uploaded Videos To BitTorrent Himself

This week, This American Life revisits the question of patents (a subject they did a very good job with in 2011), a move sparked by the attempt to shake down podcasters for patent royalties for a ridiculously overbroad patent from a company that went bust recording magazine articles to cassette and putting them in the mail. The new episode revisits the main stories raised in the earlier broadcast (don't worry, it stands alone), and does a remarkable job of making the case for substantive patent reform -- and pierces the veil on Intellectual Ventures, Nathan Myrvold's notorious patent-troll-that-insists-it-isn't-a-troll.

NPR reporter Laura Sydell and This American Life producer/Planet Money co-host Alex Blumberg tell the story of Intellectual Ventures, which is accused of being the largest of the patent trolls. Executives at Intellectual Ventures insist they are not trolls, but rather, promoters of innovation. They buy patents from struggling inventors, which encourages those inventors to go out and invent more stuff. Intellectual Ventures offers an example of such an inventor, a man named Chris Crawford. But when Laura and Alex try and talk to Chris Crawford, it leads them on a long search, culminating in a small town in Texas, where they find a hallway full of seemingly empty offices with no employees.

496: When Patents Attack...Part Two!

MP3 link

Brian Krebs offers an in-depth look at a "cashout" service used by ransomware crooks to get money from their victims. Ransomware is malicious software that encrypts your personal files and demands that you pay a ransom for the key to decrypt them; the crooks who run the attacks demand that their victims buy prepaid MoneyPak cards and send the numbers for them by way of payment. But converting MoneyPaks to cash is tricky -- one laundry, which pipes the money through a horse/dog-track betting service -- charges a 60% premium.

* The ransomware victims who agree to purchase MoneyPak vouchers to regain control over their PCs.

* The guys operating the botnets that are pushing ransomware, locking up victim PCs, and extracting MoneyPak voucher codes from victims.

* The guy(s) running this cashout service.

* The “cashiers” or “cashers” on the back end who are taking the Moneypak codes submitted to the cashing service, linking those codes to fraudulently-obtained prepaid debit cards, and then withdrawing the funds via ATMs and wiring the proceeds back to the cashing service, minus their commission. The cashing service then credits a percentage of the MoneyPak voucher code values to the ransomware peddler’s account.

How much does the cashout service charge for all this work? More than half of the value of the MoneyPaks, it would seem. When a user logs in to the criminal service, he is greeted with the following message:

“Dear clients, due to decrease of infection rate on exploits we are forced to lift the price. The price is now 0.6. And also, I explained the rules for returns many times, we return only cheques which return on my side if you cash them out after then we lock the account! There are many clients who don’t return anything, and I will work only with these people now. I warn you.”

Cashout Service for Ransomware Scammers