
Apple and Facebook helped bust the world's biggest torrent site - nkjoep
https://www.engadget.com/2016/07/21/kickasstorrents-apple-facebook-homeland-security/
======
ungzd
Creating database of music and movies metadata (titles, descriptions, song
names, file checksums) is treated like terrorism in todays world. The only
difference of Wikipedia is that it doesn't contain that checksums. So seems
that these checksums are something like plutonium so even Homeland Security is
fighting against it. And every country in the world agrees to send any its
citizen to american jail for torture for just hosting these checksums. We're
living in medieval times.

~~~
imaginenore
_> The only difference of Wikipedia is that it doesn't contain that checksums_

That's false. A typical magnet link looks like this:

    
    
        magnet:?xt=urn:btih:264886d841442158b3efc861bbfca5ef91d8f68b&dn=
        Mr.Robot.S02E01.720p.WEBRip.AAC2.0.H.264-KNiTTiNG%5Bettv%5D&tr=u
        dp%3A%2F%2Ftracker.leechers-paradise.org%3A6969&tr=udp%3A%2F%2Fz
        er0day.ch%3A1337&tr=udp%3A%2F%2Fopen.demonii.com%3A1337&tr=udp%3
        A%2F%2Ftracker.coppersurfer.tk%3A6969&tr=udp%3A%2F%2Fexodus.desy
        nc.com%3A6969
    

Notice all the tracker URLs.

~~~
Retr0spectrum
Most torrent clients will work fine if you just give them the hash.

~~~
imaginenore
Yes, but that's not my point. My point is these torrent sites have links, not
just hashes.

------
herbst
Did he upload and distribute torrents tho? It sounds like he just run the
platform and "forgot" to tax his advertisment income.

Also i really don't get how the U.S. is involved in this at all. Did
poland/ukraine specifically allow the U.S. to catch a tax evader? I mean
seriously, how is this legal? Why can the U.S. hunt foreigners in forgeign
countries?

Edit:// Seems he hosted in the US once. I take my accusations back (mostly),
what a stupid mistake to make.

~~~
visarga
Probably because foreign countries trade with US, so they need to maintain
good relations. Also, I don't think EU or Ukraine care too much to protect
this guy.

~~~
herbst
i dont doubt it was easy. but i question on which juristic base this was done.
I dont get why the US is even involved, this guy seems to have no relation
with the US.

~~~
rdl
The victims were US companies. (i.e. the media companies which own the
copyright to the materials exchanged on KAZ). I disagree with a lot of
copyright law, particularly criminal and international parts, but this is the
USG belief of jurisdiction.

~~~
herbst
Not sure if you are serious, but i dont think that is how it works.

Let's say i sell candy with the profile of Kim Jong-un online, based on your
answer that would justify North Korea to hunt me down in other countries and
take me back under their jurisdiction? Gladly that's not how it works.

~~~
rdl
1) USA is not North Korea. Both because the USA has ~infinite power, and
because it has (highly imbalanced) power relationships with most other
countries -- particularly Poland and Ukraine who are basically clinging to the
hope NATO (i.e. USA) will save them.

2) Selling candy with profile of the Dearest Leader is not recognized as a
crime in most countries by treaties they've signed. Copyright crime is in many
countries, hence it's extradition-possible.

2b) Copyright crime isn't a capital offense, so "but he might be executed" is
not a bar to extradition here. Most countries would view lese majeste in Best
Korea as a likely capital offense and wouldn't extradite on that basis alone.

3) Dude wasn't a citizen of the country where he was caught. Non-citizens have
substantially inferior rights in most countries, particularly in this kind of
matter.

4) Ukraine isn't in EU.

5) Because it's the ultimate factor here, it bears repeating: the US
Government has essentially unlimited power globally. It is restricted
primarily by its own policies, and by secondarily realpolitik concerns. Only
in extremely few places is its power actually checked by another actor
(Russia, China, and in some contexts, the EU, and in other contexts, Iran and
North Korea).

------
Cenk
>Using similar tools, Homeland Security investigators also performed something
called a WHOIS lookup on a domain that redirected people to the main KAT site.
A WHOIS search can provide the name, address, email and phone number of a
website registrant. In the case of kickasstorrents.biz, that was Artem Vaulin
from Kharkiv, Ukraine.

Wow, he put his real name in the WHOIS records?

~~~
herbst
now i can only think this is only a sock puppet who got cought.

~~~
zzzcpan
Possibly, especially given how easy it is to get a sock puppet, but not
necessarily. If I remember correctly KAT was even hosted in Ukraine at the
beginning and no one in Ukraine was really hiding back then.

~~~
herbst
Thats a good point and relativates it a bit. Afaik also privacy protection was
rather expensive and rare, not as today for $2 (or even free) with any new
domain.

~~~
Cenk
But could he not just have put any name into the WHOIS?

------
rootlocus
As a person who occasionally pirates tv shows because I can't find any decent
streaming services in my country, this is sad news.

~~~
curiousgal
You might consider looking into private trackers. Piracy can't be abolished.

------
meira
So Facebook doesn'tviolent crimes investigation(like in Brazil) but help when
it favors their growth strategy. Isn't time to break these companies (fb,
alphabet, Apple) into N pieces? Like Standard Oil Co in the past.

~~~
morsch
Brazil wants Facebook (WhatsApp) to release information it doesn't have --
it's not clear to me what data exactly, but presumably message content which
they historically did not store and now, due to e2e encryption, cannot store;
or maybe message metadata which I'm not sure they store (does anybody know?).

This is about data Facebook, like most web sites, does store (site access logs
including IPs). Though I wonder how long they store these kind of logs;
different jurisdictions may have both minimum retention times as well as
maximum retention times for personal data such as IPs.

~~~
htaunay
Brazilian authorities have actually already accepted that previously sent
messages are forever out of reach. Their last blockage of WhatsApp happened
because they where requesting that a specific group of users to be tracked
with previous notice.

If this is technically feasible I can't say, but I don't imagine FB creating a
precedent so that any state authority can require tracking of specific users.
IMHO, this solution wouldn't take so long to start being exploited.

~~~
morsch
Thanks for the correction. Most (recent) articles annoyingly only go about the
blocking and unblocking, and don't actually say what the Brazilian authorities
want.

Do you know what "tracking" entails? That could mean anything from revealing
message contents to revealing social networks or tracking a user's geoposition
or reporting all the IMSI/IMEIs associated with any given WhatsApp user.

~~~
gpribeiro
The last case involved a judge asking Whatsapp to implement a backdoor in its
services.

~~~
simbalion
Kudos to facebook for resisting the government of brazil but why would they
help the U.S. government nail media pirates and not help another government
nail terrorists? This does not add up.

~~~
Jtsummers
The method of assistance involved is different between these two cases.

One case wants them to introduce a deliberate backdoor into their software.
Negating the _entire_ point of their recent move to end-to-end encryption and
a major reason they're such a big player in the communication service market.

The other case was a warrant for, "What IP addresses accessed this account?".

The second one is trivial to comply with and to compile. The first is going to
require them to alienate most of their customers, destroy their business, and
spend a few man-weeks (minimum) to put together.

~~~
meira
Bullshit. The first makes them have less power and profit less, the second do
the opposite. It's a "fair" choice, don't you think? At least if you are the
billionare owner that don't care with anyone and pretends that he is pursuing
an open world.

~~~
Jtsummers
Sure. Let's go with that then.

EDIT: That was just straight snark. Sorry.

Want a better response? I've seen your other comments regarding
WhatsApp/Facebook on past related discussions. If you really think Brazil is
being held back by these companies (WhatsApp in particular) make a competitor.
Win over the Brazilian market. And deliberately make it insecure so your
government can eavesdrop on any conversation. Good luck at keeping that
market.

~~~
meira
Yeah, I'm developing a competitor. Guess what? We don't have zillions of
dollars and if we don't answer the justice right, we bankrupt. Facebook don't.
So yeah, it's part of the development of my product to stop the unfair
benefits foreign technology companies have in my country.

EDIT: FB eavesdrop to US gov didn't stopped their growth. Actually, I would
bet that it helped.

~~~
Jtsummers
WhatsApp, before it was owned by Facebook, didn't have zillions of dollars,
which was also when it exploded in Latin America.

------
simbalion
Shame on them both.

I was glad to see KAT bounce back so swiftly. I don't have any emotional ties
to the site, but it was time 10 years ago that big media corporations wake up
and realize their business model is _dead_. They need to stop trying to force
the world to play by the old rules at the barrel of a lawsuit, and find ways
to adapt to the technology instead.

They have failed so far, and so piracy has filled the gap. The lesson here is
people don't f'ing care about the laws when nobody is getting hurt, they're
going to do what they want. That's what freedom is about, and it's never going
to stop, and gestapo tactics will never ever defeat it.

Shame on Apple, shame on Facebook, and shame on anyone who assists in
attacking torrent sites. It used to be that you had to actually host files to
get in trouble. Next they'll want to make saying the word 'torrent' illegal.

------
kakarot
That's a clickbait title. They had absolutely minimal involvement.

~~~
ckastner
And they probably didn't have a choice.

------
sktrdie
I wonder, why don't these torrent sites pop up elsewhere, where they're
virtually impossible to shutdown? Thinking of IPFS or Tor.

~~~
davidsong
The Pirate Bay has a Tor address, which is the only sure way to get to it in
the UK.

~~~
king_phil
Then don't connect from UK but use a VPN if your government censors your
Internet connection...

------
Erwin
According to the article:

> It was a short campaign, but it was enough to link KAT to a Latvian bank
> account, one that received €28 million ($31 million) in deposits -- mainly
> from advertising payments -- between August 2015 and March 2016.

$31 million income in just 7 months? That seems rather high, but if so
there'll be no shortage of sites to replace it.

~~~
reefoctopus
I believe it:
[http://www.alexa.com/siteinfo/kat.cr](http://www.alexa.com/siteinfo/kat.cr)

------
LaSombra
That's not really surprising at all. When served with a subpoena they don't
have much of a choice, I take.

Well, except for the iPhone breaking one.

Now, deporting a foreigner from across the ocean makes me think what would
happen if, for example, had his e-mail hosted on an european provider. Would
the provider be forced to comply?

~~~
Jtsummers
In the San Bernardino case they did not, due to FBI meddling, have a way into
the phone anymore.

In this case, they had the purchase records of the individual:

    
    
      Der-Yeghiayan was able to link the email address found in the
      WHOIS lookup to an Apple email address that Vaulin purportedly
      used to operate KAT. It's this Apple account that appears to
      tie all of pieces of Vaulin's alleged involvement together.
    
      On July 31st 2015, records provided by Apple show that the
      me.com account was used to purchase something on iTunes. The
      logs show that the same IP address was used on the same day to
      access the KAT Facebook page. After KAT began accepting Bitcoin
      donations in 2012, $72,767 was moved into a Coinbase account in
      Vaulin's name. That Bitcoin wallet was registered with the same
      me.com email address.
    

Tying the email address to the person. That's what was used. A _purchase
record_ tying the email address and the IP address together. Paired with the
concurrent access to the KAT Facebook account. It doesn't matter what email
provider he'd been using. It was the simultaneous access from the same IP to
two different accounts. One his personal and one his business that the
investigators needed. It may have been harder if it hadn't been Apple (or
another US provider), but not impossible, just find other services that that
email address was connected to.

------
ommunist
Using Chicago-based NS was not ... smart. Also having no Jersey LLC for
handling the money without disclosing beneficiary trust. Ah, and no using UK
trust. Like Tony Blair alike persons do. Lack of business culture will often
lead to confinement. If you are a pirate, rob like civilised robbers do.

------
Talha-Ansari
That's really sad, I used to download many torrents through KickAss Torrents.
It was quite helpful for me to locate the right file with the help of comments
of users and seeders.

