Risk
1/18/2012
12:49 PM
Connect Directly
RSS
E-Mail
50%
50%

SOPA: 10 Key Facts About Piracy Bill

Despite mass opposition to the SOPA and PIPA anti-piracy bills, both continue to move forward in Congress. Here's an update on what's at stake and where the bills stand.

6. Critics cry censorship.
Because SOPA and PIPA would block Internet users from seeing sites that the U.S. government--or perhaps third parties--had accused of hosting pirated content, critics of the bills have posited that the legislation could serve as a censorship weapon for copyright holders. Or as Wikipedia said on its blackout notice Wednesday, "the U.S. Congress is considering legislation that could fatally damage the free and open Internet."

7. Movie studios still like the bills.
If technology companies are largely arrayed against SOPA, the same isn't true for music producers and movie studios, which continue to look to legal sanctions to increase their revenue and reduce piracy. Notably, Chris Dodd, a former senator and now the Motion Picture Association of America CEO, released a statement labeling the blackout as "a dangerous gimmick," as well as "an abuse of power" by the companies involved.

8. The White House has criticized the bills.
Over the weekend, three of the Obama administration's leading technologists issued a statement that acknowledged the need to control online piracy, but criticized SOPA and PIPA for being overly broad. "We must avoid creating new cybersecurity risks or disrupting the underlying architecture of the Internet," they said.

9. Legislative marketing, versus reality.
What do you call a bill that promises to stop online privacy, but which has been criticized by many leading technologists? Without a doubt, at one level, the proposed bills are legislators' attempt to say to constituents and donors, "Look, I proposed a bill about stopping online privacy." But will their approaches actually solve the piracy problem? Blocking websites is inelegant from a technology perspective, and thorny from a freedom-of-speech standpoint.

10. Rogue websites remain difficult to stop.
Beyond DNS filtering, how else might authorities target rogue foreign websites? As part of Operation In Our Sites, federal authorities have used court orders to seize the domain names for hundreds of sites that they determined were hosting pirated content. But there's little to stop the operators of those sites from simply transferring operations to a new domain name, or--in some cases--suing the government for wrongfully seizing their site.

Heightened concern that users could inadvertently expose or leak--or purposely steal--an organization's sensitive data has spurred debate over the proper technology and training to protect the crown jewels. An Insider Threat Reality Check, a special retrospective of recent news coverage, takes a look at how organizations are handling the threat--and what users are really up to. (Free registration required.)

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
cxf
50%
50%
cxf,
User Rank: Apprentice
1/19/2012 | 3:19:35 PM
re: SOPA: 10 Key Facts About Piracy Bill
Content authors already have the civil and criminal remedies they need through existing piracy laws. I'm reminded by this with every copyrighted DVD I watch. It's clear, that if I violate Federal copyright laws, I could face 5 years in the pokie, and a $250,000 fine. Isn't that enough? It is for me.
Bprince
50%
50%
Bprince,
User Rank: Ninja
1/19/2012 | 2:21:36 AM
re: SOPA: 10 Key Facts About Piracy Bill
SOPA and PIPA seem basically dead at the moment. A lot of politicians are dropping support according to the Washington Post. The masses appear to have spoken.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4594
Published: 2014-10-25
The Payment for Webform module 7.x-1.x before 7.x-1.5 for Drupal does not restrict access by anonymous users, which allows remote anonymous users to use the payment of other anonymous users when submitting a form that requires payment.

CVE-2014-0476
Published: 2014-10-25
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

CVE-2014-1927
Published: 2014-10-25
The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$(" command-substitution sequences, a different vulnerability than CVE-2014-1928....

CVE-2014-1928
Published: 2014-10-25
The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "\" (backslash) characters to form multi-command sequences, a different vulner...

CVE-2014-1929
Published: 2014-10-25
python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.