[...] These keyservers are computers which store and index OpenPGP keys over the Internet. This helps users who rely on encrypted email, for example. The servers generally share the keys amongst each other in a pool and uploaded keys generally can't be removed.
The permanent storage of keys generally isn't an issue. However, when the system is used as a stealth resource to store magnet links to pirated content, this resilience is put in a different light.
This is exactly what happened.
A few weeks ago a series of rather odd, but valid, PGP keys were uploaded to SKS keyservers. These keys were not meant to encrypt email though, but as a safe storage for torrent magnet links.
As a result, popular keyservers, including the ones hosted by research university MIT and Surfnet, have transformed into pirate sites.
The magnet links, most of which point to pirated content, were added in the UID field. In examples we've seen, sometimes there were a hundred magnet links added to a single key entry. And with the search functionality of the keyservers, these are easy to find.
What better way to destroy public encryption?
(Score: 0) by Anonymous Coward on Sunday September 09 2018, @02:00AM (1 child)
Lets put magnet links in blockchain!!1!
(Score: 5, Interesting) by JoeMerchant on Sunday September 09 2018, @02:36AM
There's a protocol for that [mangocats.com].
🌻🌻🌻🌻 [google.com]
(Score: 0, Troll) by Anonymous Coward on Sunday September 09 2018, @02:17AM (1 child)
First11!!!
(Score: 2) by MichaelDavidCrawford on Sunday September 09 2018, @07:05AM
You sat that like it's something bad.
Yes I Have No Bananas. [gofundme.com]
(Score: 2, Insightful) by Anonymous Coward on Sunday September 09 2018, @02:43AM (5 children)
That is why we can not have nice things.
And damn if that is not clever... Which means it will be everywhere within a month.
(Score: 0) by Anonymous Coward on Sunday September 09 2018, @03:02AM (1 child)
Surely this is something a regex could check for.
(Score: 0) by Anonymous Coward on Sunday September 09 2018, @04:36AM
Yep every blockchain coin system out there is going to start checking tomorrow. Didn't you get your notice email?
(Score: 5, Informative) by qzm on Sunday September 09 2018, @08:02AM (2 children)
This is what happens when the powers that be get to redefine what things are bad.
Why does containing a magnet link make these a pirate site. That is just a reference. They don't even index it.. They are no more a pirate site than Google, bing, etc etc.
They are not distributing copyright material in any way..
(Score: 3, Interesting) by JoeMerchant on Sunday September 09 2018, @01:55PM (1 child)
If you haven't noticed: searching Google for "latest marvel pre-release torrent full copy" doesn't turn up as many hits as Google could if they just passed it through a simple matching algorithm.
Google, and virtually every other search engine, shapes the data they index and present - the way that Google shapes the data away from presenting Warez, while TPB shapes their data toward it is what distinguishes non-pirate from pirate sites.
Interestingly, Google Translate + Baidu can often turn up sites of questionable copyright compliance that Google alone does not.
🌻🌻🌻🌻 [google.com]
(Score: 1, Informative) by Anonymous Coward on Sunday September 09 2018, @10:11PM
And it all comes down to the "safe harbor" clause of the DMCA that was passed during Clinton.
This clause demands that for a service provider to maintain "safe harbor" status, they have to purge any and all infringing content (or references to same) upon notification.
Thus you have things like "ban first, check later" policies at Youtube, that allows any and all to file a claim on a video and have it taken down (or siphon off the ad revenue).
Yes, supposedly filing a fraudulent claim is treated as perjury. But this has to be proven somehow, and most of the entities have the resources and lawyers to stall their opponents into bankruptcy (never mind that it has to be an official DMCA claim, while Youtube et al open use pr service fast track claims that are outside the law).
The concept of copyright only worked for those sunshine years when making copies involved large, manually operated machinery. Since the introduction of magnetic tape and photocopiers, the concept is anachronistic at best.
(Score: 0) by Anonymous Coward on Sunday September 09 2018, @03:11AM
Specializing in the storage of magnet links since 1492. Encrypted, unencrypted, blockchained, naked, we deal with all magnet links. No liability to you for sunken ships, lost squadrons, or random seamonsters rising from the deep. All magnet links insured by Lloyd's.
(Score: 2) by bzipitidoo on Sunday September 09 2018, @04:14AM (7 children)
Next thing you know, there'll be pr0n on the keyservers, oh no!
Er, if pr0n isn't already on there, why not? Oh, no one cares that much about censoring pr0n any more. The prudes have given up.
(Score: 1, Informative) by Anonymous Coward on Sunday September 09 2018, @04:34AM (2 children)
The prudes have given up.
They moved onto calling everyone racists, fascists, and nazis.
(Score: 4, Insightful) by c0lo on Sunday September 09 2018, @08:16AM (1 child)
Not everyone! The ones that aren't called "racists, fascists, and nazis" are nicknamed: progtards, SJW and feminazi.
Welcome to the world, in which the rich and powerful set up a circus with hundred millions of clowns, keeping them too busy to realize how they are being played.
https://www.youtube.com/@ProfSteveKeen https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by Gaaark on Sunday September 09 2018, @10:23AM
Yuuuup.
Sadly, you are correct, sir.
--- Please remind me if I haven't been civil to you: I'm channeling MDC. I have always been here. ---Gaaark 2.0 --
(Score: 2) by maxwell demon on Sunday September 09 2018, @10:49AM (3 children)
I guess there's not too much space available in a public key.
I wouldn't be surprised if some of the magnet links are for porn, though.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 4, Funny) by JoeMerchant on Sunday September 09 2018, @01:58PM (2 children)
Pron is in the eye of the beholder:
(.)(.)
\ /
^
🌻🌻🌻🌻 [google.com]
(Score: 0) by Anonymous Coward on Sunday September 09 2018, @07:16PM (1 child)
I'm no doctor, but I'm pretty sure she should see one for that spine curvature.
(Score: 2) by c0lo on Monday September 10 2018, @12:02AM
Obvious Kamasutra posture, you insensitive clod.
https://www.youtube.com/@ProfSteveKeen https://soylentnews.org/~MichaelDavidCrawford
(Score: 1, Interesting) by Anonymous Coward on Sunday September 09 2018, @02:02PM (1 child)
The article is sort of misleading. MIT and other key server providers DO have the technical capability to remove the keys. MIT cannot remove the keys from other key servers it has forwarded to but it can remove them from its own. For legal purposes, this is not a problem because MIT does not control those other servers and are not its responsibility. If MIT gets a DMCA takeout down request, it can comply. DMCA requests would have to be made to any of the key servers, each seperately, which the copyright holder wants the links removed from. Whether or not they were forwarded from another server is irrelevant as to the legal obligation of the operator of the server to remove them. Also the posting of the links can be considered an abuse of the key server service and may be removed by the operator for that reason.
The article took a somewhat irrelevant statement from MITs FAQ regarding removing legitimate keys. But if it contains a magnet link to pirated materials, its totally irrelevant how many other key servers also have the link as to whether MIT or any other server operator needs to remove the link from their own server due to DMCA issues. They would need to do so if they have a DMCA request sent to them.
Some have mentioned a blockchainish approach to trying to prevent an entry from being technically removeable. That would indeed then make the whole thing technically impossible by anyone
(Score: 0) by Anonymous Coward on Sunday September 09 2018, @07:45PM
Except that MIT's and most other key servers automatically synchronize with each other. Without some sort of blacklist routine in the software, you literally cannot delete the keys if you are too slow. You'll try to delete it, but the next synchronize interval will just add it back again. And IIRC, SKS, PKS, and hockeypuck don't have a blacklist function for keys to avoid censorship issues. Now, I believe MIT doesn't run as part of the SKS pool anymore, but I'd imagine what they run would both synchronize with some of the larger pools and, as mentioned, SKS doesn't have a blacklist function.
(Score: 0) by Anonymous Coward on Sunday September 09 2018, @10:37PM
This "intellectual delusion" mafia can just hash everything they have, can modify their files and hash again until the algorithm starts to give collisions, and then search with these hashes as magnet links, their own links, links of type "not-invented-yet" or similar way to make these hashes represent their degenerate junk which they try to stuff to us for our money. If I write here for example "1234567890abcdefgh", it also can be taken as a forbidden content, doesn't it?
The thing is already lost here and it started to be lost when Internet became regulated by criminals from Hollywood. The only way out is to make it open enough to make the mafia impossible to act any way.
Unfortunately in the modern Internet we became cheaters too, by starting to think the same way as mafia.