A banner advertisement posted on the MySpace Web site may have infected more than one million users with adware, according to security firm iDefense. The advertisement was included in user profiles on MySpace and could have been operating for about one week.
The deckoutyourdeck.com advertisement exploited a flaw in the way Microsoft's Internet Explorer (IE) browser handles Windows Metafile (WMF) image files. Users running unpatched versions of IE would never have realized that the banner ad had silently installed programs that generate pop-up ads on their system.
"This is a criminal act," said Hemanshu Nigam, chief security office at MySpace, in a statement. "This ad is being delivered by ad networks who distribute these ads to over a thousand sites across the Internet in addition to ours. We are working to have these ad networks remove this ad so that they do not appear on our site."
Banner Patch
An iDefense spyware analyst, Michael La Pilla, told The Washington Post that he discovered the attack on Sunday as he browsed the MySpace site. When he came across a page with the offending ad, he received a message from his browser asking him if he wanted to open a file named exp.wmf.
After a brief investigation, La Pilla found out that the spyware installation program contacted a Russian-language Web server in Turkey that tracks the PCs on which the program has been installed. The tally had climbed to 1.07 million machines, though La Pilla said the seven Internet addresses contacted by the downloader seem to be inactive now.
According to La Pilla, the ad also attempted to infect users of Webshots.com, a photo-sharing site. Though he cannot pinpoint the date the ads began sending out their spyware, it is believed that it coincided with the occurrence on MySpace on July 12.
The WMF vulnerability was originally discovered last December after hackers exploited the flaw using a specially created WMF image distributed via e-mail, instant message links, and Web sites. When users opened the image, the hacker could take control of the infected PC. Microsoft released a patch for the bug back in January, but many people did not install the patch.
PCs with unpatched systems can become infected simply by accessing a Web page with the deckoutyourdeck.com ad. The exp.wmf Trojan horse program could upload automatically without the warning prompt that La Pilla received.
Once installed, PCs running the Trojan horse will contact multiple Web sites and download a slew of unwanted programs such as PurityScan advertising software. PurityScan is an adware program that can cause pop-up windows containing unsolicited ads to appear. The application also keeps track of the user's online activity.
Two Wrongs
Rob Ayoub, an analyst at the research firm Frost & Sullivan, said two facts stand out regarding the MySpace infections. First, home users are clearly not as educated about the need to make sure they have up-to-date patches and other security fixes installed. Second, MySpace needs to have a better security system to identify dangers hidden in the ads they serve.
If you are a legitimate business with a legitimate Web site hosting banner ads, you have a responsibility to keep the service clean, Ayoub said. "MySpace has some problems and this is a real blunder on their part. I can't believe any business would not scan or take more caution with banner ads posted on their sites. Ad network or not, there is no excuse for them not having a checking system."
One million people is a very large number, Ayoub said, and it demonstrates that the technology industry, and security firms and software makers in particular, might not have done enough to impress upon home users the importance of downloading patches. PCs that have not been updated exponentially increase problems with viruses, spyware and adware.
"MySpace should have been checking and users should have been patching," Ayoub said. "And because of that combination you have a million downloads."
Some PC users have said their reluctance to install patches and updates centers around the fear that any changes will negatively impact their computers. However, Ayoub pointed out, unwanted changes or problems with updates is relatively rare these days.
"There was a time when you had to watch and be very careful with your patches," Ayoub said. "And some of the big ones are a problem, but there haven't been big problems with patches for ages."
Home users, Ayoub predicted, will not start to take security seriously until Internet service providers start to make antivirus and antispyware software compulsory. That may or may not be the best solution, he said, but incidents like this are a "perfect storm" for users not protecting themselves.
"That's extremely dangerous," Ayoub said. "Maybe what we need to do is run public service announcements."
MySpace is "strongly" urging all Internet users to "follow basic Internet security practices such as running the latest version of the Windows operating system, installing the latest security patches, and running the latest anti-spyware and anti-adware software."
Thursday, July 27, 2006
Companies take costly steps to secure laptops
Big U.S. companies are taking tough measures to shore up laptop security amid a rash of thefts. The actions of Ernst & Young, Fidelity Investments and other high-profile victims underscore the balancing act for executives, who must weigh the costs of additional security and customer privacy with the financial benefits of a mobile workforce.
"There is a trade-off between the cost of security and how much security you actually get," says Robert Seliger, CEO of Sentillion, a data-security company.
About 88 million Americans have been exposed to potential ID theft since February 2005 as a result of reported data breaches, says the Privacy Rights Clearinghouse. In at least 43 instances - a fourth of all reported breaches - stolen or missing laptops were involved. Few of the laptops have been recovered.
What companies are doing:
• Ernst & Young started encrypting - or scrambling - data on laptops for its 30,000-person workforce in the USA and Canada after a laptop with personal information on about 38,000 customers was stolen from an employee's car in February.
• Fidelity accelerated encryption on thousands of employee laptops. The mutual fund giant was the victim of a laptop breach in March that affected data of 196,000 current and former Hewlett-Packard workers. It also is increasing training on laptop security and protection of customer data.
• Aetna undertook several preventive measures after a laptop containing names, addresses and
Social Security' name=c1> SEARCHNews News Photos Images Web' name=c3> Social Security numbers for 59,000 members was swiped from an employee's car in April. The insurer had employees re-encrypt and recertify files. Every company PC was audited to ensure files were properly encrypted. Aetna also tightened restrictions for storage devices such as thumb drives.
Encryption can be pricey. Gartner estimates a company with 100,000 customer accounts can spend $30 to $40 per laptop on data encryption. Yet, the cost of a data breach is even higher. Companies with 100,000 customer accounts will spend at least $90 per account if data are compromised or exposed - not including fines and lawsuits, Gartner says.
Walking off with a laptop is easy. Few have alarms, and only a few have encrypted data. People also tend to leave them in unlocked cars or unattended at airports, says Keith Burt, project director of San Diego's Computer and Technology Crime High-Tech Team.
As more people store data in a mobile environment, laptops have become more attractive to identity thieves, says Bob Egner, a marketing executive at security software maker Pointsec Mobile Technologies. Personal information sells on the Internet for about $1 per stolen record, Egner says.
"There is a trade-off between the cost of security and how much security you actually get," says Robert Seliger, CEO of Sentillion, a data-security company.
About 88 million Americans have been exposed to potential ID theft since February 2005 as a result of reported data breaches, says the Privacy Rights Clearinghouse. In at least 43 instances - a fourth of all reported breaches - stolen or missing laptops were involved. Few of the laptops have been recovered.
What companies are doing:
• Ernst & Young started encrypting - or scrambling - data on laptops for its 30,000-person workforce in the USA and Canada after a laptop with personal information on about 38,000 customers was stolen from an employee's car in February.
• Fidelity accelerated encryption on thousands of employee laptops. The mutual fund giant was the victim of a laptop breach in March that affected data of 196,000 current and former Hewlett-Packard workers. It also is increasing training on laptop security and protection of customer data.
• Aetna undertook several preventive measures after a laptop containing names, addresses and
Social Security' name=c1> SEARCHNews News Photos Images Web' name=c3> Social Security numbers for 59,000 members was swiped from an employee's car in April. The insurer had employees re-encrypt and recertify files. Every company PC was audited to ensure files were properly encrypted. Aetna also tightened restrictions for storage devices such as thumb drives.
Encryption can be pricey. Gartner estimates a company with 100,000 customer accounts can spend $30 to $40 per laptop on data encryption. Yet, the cost of a data breach is even higher. Companies with 100,000 customer accounts will spend at least $90 per account if data are compromised or exposed - not including fines and lawsuits, Gartner says.
Walking off with a laptop is easy. Few have alarms, and only a few have encrypted data. People also tend to leave them in unlocked cars or unattended at airports, says Keith Burt, project director of San Diego's Computer and Technology Crime High-Tech Team.
As more people store data in a mobile environment, laptops have become more attractive to identity thieves, says Bob Egner, a marketing executive at security software maker Pointsec Mobile Technologies. Personal information sells on the Internet for about $1 per stolen record, Egner says.
Microsoft sees no reason for Vista shipment delay
REDMOND, Washington (Reuters) - Microsoft Corp. said on Thursday it sees no reason why its new Windows Vista operating system would be delayed, but it stopped short of committing to its previously stated launch target. We will ship Windows Vista when it is available," Kevin Johnson, co-president of Microsoft's platforms and services unit, said at the company's annual financial analyst meeting.
"However, we are going to ship the product when it is ready and we are just going to take it milestone by milestone," he said of the upgrade to Windows, which sits on more than 90 percent of the world's personal computers.
Microsoft has already postponed the release of its new Windows for consumers until early 2007 -- after the crucial holiday shopping season -- to improve the system's quality.
Vista is set to ship to corporate customers this November.
Uncertainty over when Microsoft will begin benefiting from the surge in revenue growth that typically accompanies a major Windows software upgrade led the company's shares to dip 43 cents or 1.8 percent to $23.94 in early afternoon Nasdaq trading.
"There was a lot of speculation that Vista will be late and they did not come out and definitely say that it is on time either," said Greg Palmer, head of equity trading at Pacific Crest Securities.
Johnson said he sees revenue from the core desktop Windows business growing 8 percent to 10 percent in the current fiscal year ending June 30, 2007. Windows, nearly a third of Microsoft's total revenue, should generate between $14.3 billion and $14.5 billion in fiscal 2007, he said.
"Explain why I'm paying 20 times for a stock that is growing at 10 with a whole lot of investments that are not really going anywhere," Palmer complained.
MANY PILLARS BEYOND WINDOWS
Chief Executive Steve Ballmer told analysts and reporters at the company's annual financial analysts' meeting here that Microsoft is confident it can build two great new businesses -- online services and entertainment -- on top of its industry-dominating desktop and server software businesses.
"We see incredible amounts of opportunity," Ballmer said.
The giant software company also reiterated that it expects to maintain its double-digit revenue growth in the coming year. Last week, Microsoft had forecast revenue in the fiscal year ending in June 2007 to grow 12 percent to 14 percent, to between $49.7 billion and $50.7 billion.
The new Microsoft is being built on "four pillars," Ballmer said.
He said upgrades to the company's two core products -- the Windows operating system and the Office applications suite -- should act as engines to drive its growth and buy it time to erect two new pillars -- its Internet and
Xbox' game businesses.
Underscoring leadership transition that is taking place at the company,
Bill Gates', the company's co-founder and chairman, is missing from the annual analysts' meeting for the first time ever. He is vacationing in Africa, Ballmer said.
In mid-June, Microsoft announced that Gates planned to move from full-time involvement to part-time in 2008. The company split Gates' technology responsibilities between Chief Software Architect Ray Ozzie and Chief Research and Strategy Officer Craig Mundie.
(Additional reporting by Chris Sanders in New York)
"However, we are going to ship the product when it is ready and we are just going to take it milestone by milestone," he said of the upgrade to Windows, which sits on more than 90 percent of the world's personal computers.
Microsoft has already postponed the release of its new Windows for consumers until early 2007 -- after the crucial holiday shopping season -- to improve the system's quality.
Vista is set to ship to corporate customers this November.
Uncertainty over when Microsoft will begin benefiting from the surge in revenue growth that typically accompanies a major Windows software upgrade led the company's shares to dip 43 cents or 1.8 percent to $23.94 in early afternoon Nasdaq trading.
"There was a lot of speculation that Vista will be late and they did not come out and definitely say that it is on time either," said Greg Palmer, head of equity trading at Pacific Crest Securities.
Johnson said he sees revenue from the core desktop Windows business growing 8 percent to 10 percent in the current fiscal year ending June 30, 2007. Windows, nearly a third of Microsoft's total revenue, should generate between $14.3 billion and $14.5 billion in fiscal 2007, he said.
"Explain why I'm paying 20 times for a stock that is growing at 10 with a whole lot of investments that are not really going anywhere," Palmer complained.
MANY PILLARS BEYOND WINDOWS
Chief Executive Steve Ballmer told analysts and reporters at the company's annual financial analysts' meeting here that Microsoft is confident it can build two great new businesses -- online services and entertainment -- on top of its industry-dominating desktop and server software businesses.
"We see incredible amounts of opportunity," Ballmer said.
The giant software company also reiterated that it expects to maintain its double-digit revenue growth in the coming year. Last week, Microsoft had forecast revenue in the fiscal year ending in June 2007 to grow 12 percent to 14 percent, to between $49.7 billion and $50.7 billion.
The new Microsoft is being built on "four pillars," Ballmer said.
He said upgrades to the company's two core products -- the Windows operating system and the Office applications suite -- should act as engines to drive its growth and buy it time to erect two new pillars -- its Internet and
Xbox' game businesses.
Underscoring leadership transition that is taking place at the company,
Bill Gates', the company's co-founder and chairman, is missing from the annual analysts' meeting for the first time ever. He is vacationing in Africa, Ballmer said.
In mid-June, Microsoft announced that Gates planned to move from full-time involvement to part-time in 2008. The company split Gates' technology responsibilities between Chief Software Architect Ray Ozzie and Chief Research and Strategy Officer Craig Mundie.
(Additional reporting by Chris Sanders in New York)
Microsoft: Internet Explorer 7 'High-Priority' Update
Microsoft has announced plans to distribute its upcoming Internet Explorer 7 Web browser as a "high priority" upgrade via its Windows Automatic Update tool. The browser, currently in its third and final beta testing phase, is scheduled for release later this year. The updated version of Microsoft's Web browser, Internet Explorer 7 (IE7), will be delivered using Automatic Updates (AU) to "help our customers become more secure and up-to-date," Tony Chor, group program manager at Microsoft, wrote on the company's IEBlog Web site.
According to Chor, advanced security features in IE7, such as ActiveX Opt-in, the Phishing Filter and Fix My Settings, will help make IE users more secure. Microsoft has designed IE7 to help protect users from malicious software and fraudulent Web sites, Chor continued, and Microsoft recommends that all Windows customers install IE7.
Consumer Considerations
IE7 is the first significant update for Microsoft's Web browser in five years. Microsoft has said that improving security in the browser was priority number one. Since the release of its predecessor, IE6, critics have very vocally berated Microsoft because of the plethora of security flaws with which that browser has been riddled.
The AU distribution strategy is seen as a fairly aggressive tactic. However, it very likely could achieve Microsoft's apparent goal to have the majority of Windows users install the new browser. However, this is not a forced installation. Consumers will be able to choose whether to accept the software or not. Prior to downloading the new browser, the AU tool will notify consumers that the update is ready and ask them whether they would like to continue with the installation.
Users who want to download the new version of IE7, don?t have to wait to be prompted by the Automatic Update utility. They can head to the Windows Update or Microsoft Update sites and download IE7 by performing an "Express" scan for high-priority updates, Chor continued. During installation, users' current settings including toolbars, home page, search engines and favorites will be preserved and will not revert to default setting in the browser.
In addition, Chor added, consumers who want "roll back" to IE6 can do so at any point by using the Add/Remove Programs functions in the Control Panel.
Business Considerations
Enterprise customers who prefer not to have Microsoft automatically install IE7 on their networks can take advantage of a tool Microsoft released on Wednesday. The special "Blocker Toolkit," available for download from Microsoft's Download Center, will allow business users to prevent the automatic distribution and installation.
The tool, according to Microsoft, is intended for companies who may not be prepared to handle the update or would like to have more hands-on management of software installed on its computers.
"I think this approach strikes a good balance across a couple of dimensions -- helping customers become more secure, giving them control, and providing options for enterprises," Chor wrote.
Web developers could be left scrambling to ensure that their sites are compatible with the changes made in IE7. Developers of some online applications will have to change their code to make sure that it will work with the new browser. While beta versions of IE7 have been available since February, many online applications are expected to encounter compatibility issues when the browser is released.
"If my lowest browser support level was IE7, then it would be a dream. However, seeing how many bugs and compatibility issues still exist with IE7, I see this as a nightmare for supporting various apps currently available, and Web sites (Web apps) too," one developer wrote on the IE blog.
Written by: Walaika K. Haskins, newsfactor.com Thu Jul 27, 12:31 PM ET
According to Chor, advanced security features in IE7, such as ActiveX Opt-in, the Phishing Filter and Fix My Settings, will help make IE users more secure. Microsoft has designed IE7 to help protect users from malicious software and fraudulent Web sites, Chor continued, and Microsoft recommends that all Windows customers install IE7.
Consumer Considerations
IE7 is the first significant update for Microsoft's Web browser in five years. Microsoft has said that improving security in the browser was priority number one. Since the release of its predecessor, IE6, critics have very vocally berated Microsoft because of the plethora of security flaws with which that browser has been riddled.
The AU distribution strategy is seen as a fairly aggressive tactic. However, it very likely could achieve Microsoft's apparent goal to have the majority of Windows users install the new browser. However, this is not a forced installation. Consumers will be able to choose whether to accept the software or not. Prior to downloading the new browser, the AU tool will notify consumers that the update is ready and ask them whether they would like to continue with the installation.
Users who want to download the new version of IE7, don?t have to wait to be prompted by the Automatic Update utility. They can head to the Windows Update or Microsoft Update sites and download IE7 by performing an "Express" scan for high-priority updates, Chor continued. During installation, users' current settings including toolbars, home page, search engines and favorites will be preserved and will not revert to default setting in the browser.
In addition, Chor added, consumers who want "roll back" to IE6 can do so at any point by using the Add/Remove Programs functions in the Control Panel.
Business Considerations
Enterprise customers who prefer not to have Microsoft automatically install IE7 on their networks can take advantage of a tool Microsoft released on Wednesday. The special "Blocker Toolkit," available for download from Microsoft's Download Center, will allow business users to prevent the automatic distribution and installation.
The tool, according to Microsoft, is intended for companies who may not be prepared to handle the update or would like to have more hands-on management of software installed on its computers.
"I think this approach strikes a good balance across a couple of dimensions -- helping customers become more secure, giving them control, and providing options for enterprises," Chor wrote.
Web developers could be left scrambling to ensure that their sites are compatible with the changes made in IE7. Developers of some online applications will have to change their code to make sure that it will work with the new browser. While beta versions of IE7 have been available since February, many online applications are expected to encounter compatibility issues when the browser is released.
"If my lowest browser support level was IE7, then it would be a dream. However, seeing how many bugs and compatibility issues still exist with IE7, I see this as a nightmare for supporting various apps currently available, and Web sites (Web apps) too," one developer wrote on the IE blog.
Written by: Walaika K. Haskins, newsfactor.com Thu Jul 27, 12:31 PM ET
Judge OKs $90M 'click fraud' settlement
TEXARKANA, Ark. - An Arkansas judge on Thursday approved a $90 million settlement between Google and its advertisers who claimed the leading Internet search company improperly billed them for fraudulent "clicks" on their ads.
Miller County Circuit Judge Joe Griffin called the settlement "fair, reasonable and adequate" and downplayed claims it hurt small advertisers. More than 70 objections were filed, with smaller companies saying they didn't have the resources to prove "click fraud" losses.
By settling claims made in the plaintiffs' class-action lawsuit, Google will give advertising credits that are the equivalent of a $4.50 refund on every $1,000 spent in its advertising network during the past 4 1/4 years.
No one will receive cash except the lawyers, who will split $30 million.
In Internet advertising, clicking on ads — typically displayed at the top and sides of Web pages — triggers sales commissions even if the activity doesn't lead to a sale. Click fraud cropped up several years ago as a way for scam artists, rivals and mischief makers to drain ad budgets or funnel illicit revenue to Web sites.
Some of the plaintiffs in the Arkansas case went before Griffin on Monday to argue that Google Inc. hadn't taken reasonable care to prevent click fraud and overstated the steps it has taken against would-be swindlers.
A Texarkana company — Lane's Gifts and Collectibles — filed the lawsuit, which Griffin certified as a class action. Google did not admit liability in the case, which also involves other Internet companies whose cases continue.
Google lawyer Nicole Wong said the company was pleased by Griffin's decision.
"We look forward to continuing to manage invalid clicks effectively and provide our advertisers with an outstanding return on their investment," she said in a statement.
In his ruling, Griffin said he based his decision on the strength of Lane's case, Google's ability to pay, the potential expense of further litigation and the limited amount of opposition.
Those who opposed the settlement said the agreement switched the burden of proof to them, and they argued they didn't have the resources to easily pursue their claims. Griffin said, however, their task wouldn't be impossible.
"The settlement class is not required ... to submit records or documents that they simply do not possess," Griffin wrote. "The settlement class is not burdened or discouraged from filing claims because they are required only to provide information to the best of their knowledge in submitting a claim form."
Daralyn Durie, an attorney representing Google, said the majority of class members have agreed to the settlement, including 19 of the company's 20 largest advertisers.
An independent report filed in court last week said while Google appears to be doing reasonably well protecting advertisers from scam artists preying upon Internet advertisers, it remains unclear how much the system is being bilked by click fraud.
Since 2001, the ads have generated $15.7 billion in revenue for Google and its partners, turning the Mountain View, Calif.-based company into one of the world's most prized businesses.
Under the settlement, if advertisers do not claim the full amount available, a portion would be made available to charitable organizations. Griffin also said 556 advertisers notified him they did not want to participate in the class-action lawsuit.
Miller County Circuit Judge Joe Griffin called the settlement "fair, reasonable and adequate" and downplayed claims it hurt small advertisers. More than 70 objections were filed, with smaller companies saying they didn't have the resources to prove "click fraud" losses.
By settling claims made in the plaintiffs' class-action lawsuit, Google will give advertising credits that are the equivalent of a $4.50 refund on every $1,000 spent in its advertising network during the past 4 1/4 years.
No one will receive cash except the lawyers, who will split $30 million.
In Internet advertising, clicking on ads — typically displayed at the top and sides of Web pages — triggers sales commissions even if the activity doesn't lead to a sale. Click fraud cropped up several years ago as a way for scam artists, rivals and mischief makers to drain ad budgets or funnel illicit revenue to Web sites.
Some of the plaintiffs in the Arkansas case went before Griffin on Monday to argue that Google Inc. hadn't taken reasonable care to prevent click fraud and overstated the steps it has taken against would-be swindlers.
A Texarkana company — Lane's Gifts and Collectibles — filed the lawsuit, which Griffin certified as a class action. Google did not admit liability in the case, which also involves other Internet companies whose cases continue.
Google lawyer Nicole Wong said the company was pleased by Griffin's decision.
"We look forward to continuing to manage invalid clicks effectively and provide our advertisers with an outstanding return on their investment," she said in a statement.
In his ruling, Griffin said he based his decision on the strength of Lane's case, Google's ability to pay, the potential expense of further litigation and the limited amount of opposition.
Those who opposed the settlement said the agreement switched the burden of proof to them, and they argued they didn't have the resources to easily pursue their claims. Griffin said, however, their task wouldn't be impossible.
"The settlement class is not required ... to submit records or documents that they simply do not possess," Griffin wrote. "The settlement class is not burdened or discouraged from filing claims because they are required only to provide information to the best of their knowledge in submitting a claim form."
Daralyn Durie, an attorney representing Google, said the majority of class members have agreed to the settlement, including 19 of the company's 20 largest advertisers.
An independent report filed in court last week said while Google appears to be doing reasonably well protecting advertisers from scam artists preying upon Internet advertisers, it remains unclear how much the system is being bilked by click fraud.
Since 2001, the ads have generated $15.7 billion in revenue for Google and its partners, turning the Mountain View, Calif.-based company into one of the world's most prized businesses.
Under the settlement, if advertisers do not claim the full amount available, a portion would be made available to charitable organizations. Griffin also said 556 advertisers notified him they did not want to participate in the class-action lawsuit.
Kazaa pays $100 mln to settle lawsuits
LONDON (Reuters) - The music and movie industries have reached a legal settlement with their longtime antagonist Kazaa, one of the world's best known file-sharing networks and a once-popular source of illicit downloads. Under the terms of the deal, Kazaa's owner Sharman Networks will pay the world's four major music companies -- Universal Music, Sony BMG, EMI and Warner Music -- more than $100 million and commit to going legitimate, according to the International Federation of the Phonographic Industry.
"There are very substantial damages being paid -- in excess of $100 million -- and Kazaa will go legal immediately. They've had time to prepare for this," said IFPI Chairman and Chief Executive John Kennedy.
The Motion Picture Association of America said Sharman "will continue operations while employing new technologies to prevent unauthorised distribution of copyrighted works on its system."
Terms of the MPAA's settlement were not immediately available.
Two suits were settled as part of the agreement: one in Australia, where a judge had already ruled that the company breached copyright; and another in California, in which Kazaa creators Niklas Zennstrom and Janus Friis were named as co-defendants.
Zennstrom and Friis, who sold Kazaa to Sharman Networks in 2002, later went on to create the popular Internet telephony software Skype, which they sold to eBay last year for an initial $2.6 billion in cash and stock.
Zennstrom declined to comment when reached by Reuters on Thursday.
The music industry has pursued an aggressive legal strategy in its attempts to curb Internet piracy, filing lawsuits against file-sharing companies like Kazaa and
Grokster', as well as individual users who uploaded copyrighted material. Their efforts were bolstered last year when the U.S Supreme Court ruled that content companies can file lawsuits against technology firms that encourage copyright infringement.
Meanwhile, legitimate music services like Apple's iTunes have become wildly popular, offering legal alternatives to illicit file-sharing.
Ovum analyst Jonathan Arber said the settlement would have a mostly symbolic importance, as Kazaa was past its prime.
"It's nowhere near as popular as it used to be. Very few people are thought to be using it anymore because better services came out," he said. "It is a big legal victory, a good symbol for them to put out, but in terms of actually reducing piracy, people migrated to other file-sharing networks a long time ago."
The IFPI said in a report on Thursday that last year there were $4.5 billion in pirated CD sales, or more than one in three CDs sold worldwide, and that there were 20 billion illegal downloads -- roughly three for every human being on Earth.
By Adam Pasick Thu Jul 27, 8:29 AM ET
"There are very substantial damages being paid -- in excess of $100 million -- and Kazaa will go legal immediately. They've had time to prepare for this," said IFPI Chairman and Chief Executive John Kennedy.
The Motion Picture Association of America said Sharman "will continue operations while employing new technologies to prevent unauthorised distribution of copyrighted works on its system."
Terms of the MPAA's settlement were not immediately available.
Two suits were settled as part of the agreement: one in Australia, where a judge had already ruled that the company breached copyright; and another in California, in which Kazaa creators Niklas Zennstrom and Janus Friis were named as co-defendants.
Zennstrom and Friis, who sold Kazaa to Sharman Networks in 2002, later went on to create the popular Internet telephony software Skype, which they sold to eBay last year for an initial $2.6 billion in cash and stock.
Zennstrom declined to comment when reached by Reuters on Thursday.
The music industry has pursued an aggressive legal strategy in its attempts to curb Internet piracy, filing lawsuits against file-sharing companies like Kazaa and
Grokster', as well as individual users who uploaded copyrighted material. Their efforts were bolstered last year when the U.S Supreme Court ruled that content companies can file lawsuits against technology firms that encourage copyright infringement.
Meanwhile, legitimate music services like Apple's iTunes have become wildly popular, offering legal alternatives to illicit file-sharing.
Ovum analyst Jonathan Arber said the settlement would have a mostly symbolic importance, as Kazaa was past its prime.
"It's nowhere near as popular as it used to be. Very few people are thought to be using it anymore because better services came out," he said. "It is a big legal victory, a good symbol for them to put out, but in terms of actually reducing piracy, people migrated to other file-sharing networks a long time ago."
The IFPI said in a report on Thursday that last year there were $4.5 billion in pirated CD sales, or more than one in three CDs sold worldwide, and that there were 20 billion illegal downloads -- roughly three for every human being on Earth.
By Adam Pasick Thu Jul 27, 8:29 AM ET
Subscribe to:
Posts (Atom)
