Bogus Security Company Can't Take Criticism, Issues Bogus DMCA Takedowns, Creates Sockpuppet Accounts
from the not-how-it's-done dept
A few weeks ago, Brian Krebs published a fantastic article entitled how not to start an encryption company, which detailed the rather questionable claims of a company called Secure Channels Inc (SCI). The post is long and detailed and suggests strongly that (1) SCI was selling snake oil pretending to be an "unbreakable" security solution and (2) that its top execs had pretty thin skins (and in the case of the CEO, a criminal record for running an investment ponzi scheme). The company also set up a bullshit "unwinnable" hacking challenge, and then openly mocked people who criticized it.Now enter Asher Langton, who has an uncanny ability to spot all sorts of scams (he was the one who initially tipped me off to the Walter O'Brien scam, for example). He seems to especially excel at calling out bullshit security products and companies. He's spent the past few weeks tweeting up a storm showing just how bogus Secure Channels is -- including revealing that they're just rebranding someone else's free app. He also noted that the company appeared to be (not very subtly) astroturfing its own reviews, noting that the reviews came from execs at the company:
Oh, and keep up the great astroturfing. Very subtle. @SecureChannels @RichardBlech @ThefoodFriends pic.twitter.com/zgJM7uEJIr
— Asher Langton (@AsherLangton) September 4, 2015
So, uh, how did SCI respond? Let's just say not well. As detailed by Adam Steinbaugh at Popehat, a bunch of anonymous Twitter accounts magically appeared attempting to attack Langton, claiming that he was violating various computer crime and copyright laws. The accounts ridiculously argued that by posting screenshots of Secure Channel's source code, he was violating various statutes, including copyright law. This is wrong. Very wrong. Laughably wrong. In one of the screenshots posted by one of these "anonymous" accounts, other browser tabs were left visible -- and you'll notice the other two tabs.
James said he let it go when SCI refused to talk seriously about sharing its cryptography solution, only to hear again this past weekend from SCI’s director of marketing Deirdre “Dee” Murphy on Twitter that his dismissal of their challenge proved he was “obsolete.” Murphy later deleted the tweets, but some of them are saved here.
Oh, and then it gets worse. Right about the time Steinbaugh's article was published, someone claiming to be SecureChannels' CEO Richard Blech, sent Twitter a DMCA notice over some of Langton's tweets -- and Twitter took them down:
About an hour and a half after this post went live, SecureChannels CEO Richard Blech (or someone claiming to be him) sent a DMCA notice to Twitter for two of Langton's tweets, complaining that they consisted of "employee pics, company and personnel, posts copyright material, hacks products and posts copyright code from products, using trademarks, targeted harassment, slander to destroy commerce." As for the description of the "original work," Blech blathered: "Cracked an app and placed code online, uses trademarked logos to attack company."A little while ago, I tweeted about how ridiculous it was that Twitter's legal team would go forward with the takedown on an obviously bogus takedown notice, and within 10 minutes, I was told by someone on Twitter's legal team that the notice had been reviewed and the posts had been restored.
This is a censorious abuse of copyright law to suppress criticism. It is, in essence, an attempt to use copyright law for everything except copyright. That SecureChannels would use copyright law to shield criticism on the basis that its trademarks are being used and because of "slander" is, well, hysterical. This is not a company interested in permitting people to criticize it.
Either way, for a company bragging that its "security" solution is "unhackable" -- you'd think the company would be more open to actual criticism. Instead, it seems to spend an inordinate amount of time attacking critics and abusing the law to try to silence them. Odd.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: asher langton, attacks, bogus, copyright, deirdre murphy, dmca, richard blech, security, takedowns
Companies: sci, secure channel
Reader Comments
Subscribe: RSS
View by: Time | Thread
Simple rule of thumb:
[ link to this | view in chronology ]
https://www.youtube.com/watch?v=iDNg4UdwmNw
[ link to this | view in chronology ]
Re:
https://www.youtube.com/embed/kfj0sRiEqx4
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
These are companies after all. They have a bottom line. Profit & loss. These companies must be spending a considerable amount of their precious resources in having to deal with fraudulent DMCA claims. Ergo they would save money if they could reduce the number of bogus claims coming in through their front door. One way to do that would be to start making examples of at least the ones that have nothing to do with copyright, but are all about silencing criticism. The message would soon get out.
I can see a parallel in the patent world, with companies like Newegg not bending over for patent trolls.
[ link to this | view in chronology ]
Re: Re:
Automattic, the company behind Wordpress, has actually done this:
https://www.techdirt.com/articles/20131121/01431725317/wordpress-goes-legal-sues-over-two-egreg iously-bogus-dmca-notices-that-were-designed-to-censor.shtml
And it won (though by default):
https://www.techdirt.com/articles/20150305/18021730221/wordpress-wins-case-against-dmca-abuser-who-i gnored-proceedings.shtml
And it also now rejects a large number of DMCA takedowns:
https://www.techdirt.com/articles/20150728/05285531772/wordpress-takes-stand-against-abusi ve-dmca-takedown-notices-others-should-pay-attention.shtml
[ link to this | view in chronology ]
Re:
Stop being gutless cowards - if you had a false take down notice sue them.
[ link to this | view in chronology ]
Re: Re:
As far as I know at this point as long as you are willing to state that you believe that you own the copyright in question, then that's good enough for the courts. At that point the other party now has to prove something they flat out cannot, that the other party knew that their DMCA claim was false and made it anyway. Good luck proving what someone else did or didn't know and/or was thinking at the time.
Even then courts have shown a willingness to bend over backwards for anything and everything copyright related, so should it reach that point(unlikely), a simple "I'm sorry, we made a mistake" is generally seen as 'punishment' enough.
In short, companies and people don't sue over bogus takedowns in the vast majority of cases because (a)it's guaranteed to be expensive in terms of time, money, and effort, (b) the bar to actually win has been set effectively impossibly high, and (c) even if they 'win', they won't actually get anything from it, except being able to put the content in question back up until the next time someone targets it and they have to start again from the beginning.
[ link to this | view in chronology ]
Re: Re: Re:
And that is why we are where we are at in this nation.
Some days a fight needs to be had for the sake of the fight and as an example to others that, yea, sometimes BS won't be tolerated.
Good luck proving what someone else did or didn't know and/or was thinking at the time.
Pre-lawsuit discovery.
In short,...people don't sue over bogus takedowns in the vast majority of cases because (a)it's guaranteed to be expensive in terms of time, money, and effort,
PEOPLE should put on their big-boy pants and go through the effort to sue. They don't *NEED* a lawyer, you can go pro-se in the Courts.
If you aren't willing to do that when your rights are violated don't whine about the state of affairs if, when you have standing, you opt to do nothing.
even if they 'win', they won't actually get anything from it,
Oh, by IT you mean money.
VS standing up for your rights and enforcing them.
Rights belong to the belligerent litigant. They are belligerent and have the 'right' use the DCMA.
[ link to this | view in chronology ]
Re: Re: Re: Re:
Yes, but this also requires that you be able to fight, and most of those targeted have neither the time, knowledge, or money required to do so.
Pre-lawsuit discovery.
... Will discover absolutely nothing, given I rather doubt most companies are going to write out something along the lines of 'Video/picture X was clearly not ours, but we decided to demand it's removal anyway'. The 'evidence' would all be in the heads of those making the claims, and you can't force them to admit to something they don't want to, especially with potential jail time if they do.
There's nothing stopping them from lying, blaming whatever program they use to file the claims, or claiming that 'someone made a mistake', any of which would work the vast majority of the time.
PEOPLE should put on their big-boy pants and go through the effort to sue. They don't *NEED* a lawyer, you can go pro-se in the Courts.
And lose, badly. The legal battle would be like a child with a BB-gun facing a trained member of the military armed to the teeth. Nasty, short, and utterly one-sided. The lawyers the companies would employ go to court for a living, and they know all the little tricks to win and/or drag out the case until the one filing the lawsuit simply can't continue, and you can be sure they'd use them all.
There's also the two problems I noted above, going pro-se would require time and money that most people simply don't have, and even if they do the 'proof' they'd need to win is effectively impossible to get, given it's locked up in the minds of the ones filing the DMCA claim.
Oh, by IT you mean money.
Yeah, that worthless thing called 'money', I mean jeesh, who doesn't have piles of that stuff just lying around to spend, right? Not to mention time and effort, but again, who doesn't have tons of that to spare on a lawsuit?
Money and time/work, lawsuits will take a ton of at least one of them, and though you can slightly decrease one by spending more of the other, a whole lot of people don't have enough of either to spend on a lawsuit, which is the primary reason why so many fraudulent and/or abusive DMCA claims get filed, because those doing so know that their targets simply cannot afford to fight back.
VS standing up for your rights and enforcing them.
That's the thing, the law as it stands is so pathetic that you basically don't have rights under it if you're not the one making the DMCA claim.
There is no punishment for those who use the DMCA system for abusive means(I'd say 'who abuse the system', but I'm pretty sure it's being used exactly how it was intended to be), and the deck is stacked entirely against those receiving the DMCA claims.
Hard to 'enforce your rights' when the law as written and interpreted doesn't give you anything to work with.
Rights belong to the belligerent litigant. They are belligerent and have the 'right' use the DCMA.
Nice idea, but as I've noted several times now, this requires that one be able to fight back, and most, unfortunately enough, are not.
The penalties for DMCA abuse have been weakened such that they're effectively non-existent, and the bar to reach before they can be even considered has been raised so high that it's effectively impossible to meet. A company might have the resources to fight past these 'obstacles', but most individuals simply don't, even if they really should.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
Given the actual quality of lawyers out there practising law a pro-se can beat 'em.
The legal battle would be like a child with a BB-gun facing a trained member of the military armed to the teeth. Nasty, short, and utterly one-sided.
Given what I've seen of such battles the "military" side uses psychotic troops who screw up SO badly that when you bar grieve 'em they have shareholders quit. And later, they violate the conflict of interest rules while demanding the paperwork generated can't be used in court and how the whole arrangement needs to be on the down-low.
The lawyers the companies would employ go to court for a living, and they know all the little tricks to win
Oh like Prenda?
and/or drag out the case until the one filing the lawsuit simply can't continue, and you can be sure they'd use them all.
Dragging out a case works both ways - the pro-se can have the other side begging for an end. And there is always the appeal.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
By that argument lawyers are useless, which is clearly not the case. When you're in court, and tiny legal details matter, knowing those details can be the difference between winning a case and losing.
Oh like Prenda?
Prenda only starting running into trouble when they got too confident, and you'll note that they haven't actually suffered any real penalties up to this point, despite the fact that a regular person running a scam like their's would have been thrown in jail years ago.
Again, knowing those little legal 'tricks' can very easily be the difference between winning and losing a case, or losing without any real penalties, and losing with very real penalties.
Dragging out a case works both ways - the pro-se can have the other side begging for an end. And there is always the appeal.
Yeah, not likely. Between an individual and a company, the company is pretty much always going to have more resources they can burn through, meaning in a battle of endurance, the individual is very much at a disadvantage.
[ link to this | view in chronology ]
Re: Re: Re: Re:
The law is so rigged in favor of the abusers and against legitimate users that one cannot win just by putting on big-boy pants. It costs virtually nothing to abuse the law, compared with a bare minimum of thousands of dollars and hundreds of hours to defend against abuse.
In such situations, not only is whining appropriate, but to suggest that one should waste money doing nothing as you suggest is absurd.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
False DMCA takedowns & Suits that could stop this:
If there are Groups / Associations / Organizations designed for the sole purpose of destroying people, livelihoods etc., why can't some Group / Association / Organization be formed for the sole purpose of going after the "people" (companies are people too, remember?) who file false reports, incredibly lame trademark and copyright filings, and all the other bull that is discussed here, week after week after week.
What is to stop something, which I am sure could be extraordinarily well funded, from being formed? It takes resources to start this proposition, which I truly lack - excepting the education, but this thing could be (and should be) done. I haven't heard of anything like this, but then again, every other week, the landlord threatens me and holds my internet back 'cuz "it's a privilege" and I'm late with my rent / utilities again.
Nevertheless, this could be done - I'm sure of it, and it too would have no problem in going after false claims, bogus 'troll' suits, and the other flotsam that is making all these headlines these days.
I believe all things have the right to and deserve a speedy trial in your country, so just go on such an offensive that everyone from people who can't work the snipping tool, to the MPAA, to ADAs and DAs and Lawyers, who are in the pockets of big bad business really do start to think again when they attack.
I know it's a fanciful thought, but it was never called Utopia... it's Eutopia - ALWAYS HAS BEEN.
I'm just saying. There's alot of stuff being said daily across the web (dark and light) that's really beginning to confuse me. I stood up to my Bullies - eventually - and it worked. It worked very, very well.
BUT, then again, maybe this is just a non-sensical rant by a guy who owes a hundred plus grand for his education...
Cheers.
[ link to this | view in chronology ]
Bogus and Order.
[ link to this | view in chronology ]
"the copyright holder"
[ link to this | view in chronology ]
I've got a br... Encryption Product to sell you...
Seems like I've been seeing more and more software "companies" lately that are attempting to rehash something old with new branding. And they seem to figure that with enough bluster, they can get away with anything.
Response is generally slow, as others can't believe someone would be this audacious, but eventually the wheels of justice do grind.
[ link to this | view in chronology ]
Snake Oil
Anything after that claim does not matter. The company is probably full of said waste products and can not deliver what it promises. To my knowledge there isn't a system that didn't have bugs and/or exploits.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
some may wish to believe this is anomalous behavior we read about here in this situation, but i doubt it very, very strongly. if virtually every company has a team for responding to threads concerning their product(s), whereby team members pose as ordinary respondents but essentially post as directed, i won't even be a little bit surprised. i believe we see it here on this site almost constantly.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
arturas kerelis
[ link to this | view in chronology ]
arturas kerelis
[ link to this | view in chronology ]