Cyberlocker
Ariano Waiker
Cyberlockers are online storage services which are used primarily to host and allow access to IP rights infringing material (movies, television shows, music) while affording both the uploader and the cyberlocker itself degrees of anonymity and deniability that illegal activity is taking place. However, in addition to IP Rights Infringing content, cyberlockers are a hotbed for the dissemination of child exploitative material, non-consensual pornography, and other harmful content.
The starkest difference between legitimate cloud storage services and cyberlockers is the types of content which they host and their attitude towards removing and preventing the dissemination of illicit material. Cyberlockers are notoriously lax about enforcing take-down requests.
To help our customers stay ahead of risk associated with cyberlockers, we've built our technology to assist in the detection of merchants involved in cyberlocker related activity and therefore reducing portfolio risk and exposure to card brand notifications.
A file-hosting service, also known as cloud-storage service, online file-storage provider, or cyberlocker, is an internet hosting service specifically designed to host user files. These services allow users to upload files that can be accessed over the internet after providing a username and password or other authentication. Typically, file hosting services allow HTTP access, and in some cases, FTP access. Other related services include content-displaying hosting services (i.e. video and image), virtual storage, and remote backup solutions.
Document-sharing services allow users to share and collaborate on document files. These services originally targeted files such as PDFs, word processor documents, and spreadsheets.[2] However many remote file storage services are now aimed at allowing users to share and synchronize all types of files across all the devices they use.
File syncing and sharing services allow users to create special folders on each of their computers or mobile devices, which are then synchronized across all devices. Files placed in this folder can be accessed through a website or mobile app and easily shared with others for viewing or collaboration.[3]
Content providers who encounter bandwidth congestion issues may use specialized services for distributing cached or static content. This is especially common for companies with a major internet presence.[5]
Many businesses use file hosting services as part of their backup and disaster recovery strategies. By storing copies of important files offsite in a secure data center, they can quickly recover from data loss due to hardware failure, natural disasters, or other unexpected events.[6]
Some online file storage services offer space on a per-gigabyte basis, and sometimes include a bandwidth cost component as well. Usually these will be charged monthly or yearly. Some companies offer the service for free, relying on advertising revenue.[citation needed] Some hosting services do not place any limit on how much space the user's account can consume. Non-paying users' accounts may be deleted or suspended after a predefined period of inactivity.[7]
Some services require a software download which makes files only available on computers which have that software installed, others allow users to retrieve files through any web browser. With the increased inbox space offered by webmail services, many users have started using their webmail service as an online drive. Some sites offer free unlimited file storage but have a limit on the file size. Some sites offer additional online storage capacity in exchange for new customer referrals.
Many providers offer tiered storage levels, charging differently based on frequency of access and retrieval latency. There may be a different cost associated with access vs storage. For example, in a cold storage scenario, the price per GB stored over time can be very low, but it may take longer to access an item at a higher per GB retrieval cost.[8] In some cases, users may have to commit to retrieval being much higher latency as well.
One-click hosting, sometimes referred to as cyberlocker[9] generally describes web services that allow internet users to easily upload one or more files from their hard drives (or from a remote location) onto the one-click host's server free of charge.
Most such services simply return a URL which can be given to other people, who can then fetch the file later. In many cases these URLs are predictable allowing potential misuse of the service.[10] As of 2005[update] these sites have drastically increased in popularity, and subsequently, many of the smaller, less efficient sites have failed. Although one-click hosting can be used for many purposes, this type of file sharing has, to a degree, come to compete with P2P filesharing services.[11]
The sites make money through advertising or charging for premium services such as increased downloading capacity, removing any wait restrictions the site may have or prolonging how long uploaded files remain on the site. Premium services include facilities like unlimited downloading, no waiting, maximum download speed etc. Many such sites implement a CAPTCHA to prevent automated downloading. Several programs aid in downloading files from these one-click hosts; examples are JDownloader, FreeRapid, Mipony, Tucan Manager and CryptLoad.
File hosting services may be used as a means to distribute or share files without consent of the copyright owner. In such cases one individual uploads a file to a file hosting service, which others can then download. Legal assessments can be very diverse.
By contrast in January 2012 the United States Department of Justice seized and shut down the file hosting site Megaupload.com and commenced criminal cases against its owners and others. Their indictment concluded that Megaupload differed from other online file storage businesses, suggesting a number of design features of its operating model as being evidence showing a criminal intent and venture.[16] Examples cited included reliance upon advertising revenue and other activities showing the business was funded by (and heavily promoted) downloads and not storage, defendants' communications helping users who sought infringing material, and defendants' communications discussing their own evasion and infringement issues. As of 2014[update] the case has not yet been heard.[17][needs update] A year later, Megaupload.com relaunched as Mega.
In 2016 the file hosting site Putlocker has been noted by the Motion Picture Association of America for being a major piracy threat,[18] and in 2012 Alfred Perry of Paramount Pictures listed Putlocker as one of the "top 5 rogue cyberlocker services", alongside Wupload, FileServe, Depositfiles, and MediaFire.[19]
Deals with the question of confidentiality and availability, and may be expressed with questions of the kind: Will the user be able to continue accessing their data? Who else can access it? Who can change it?
Whether the user is able to continue accessing their data depends on a large number of factors, ranging from the location and quality of their internet connection, and the physical integrity of the provider's data center, to the financial stability of the storage provider (because, even if perfectly fit from a technical point of view, if the provider financially goes out of business, then its services go offline too).
The question of who can access and, potentially, change, their data, ranges from what physical access controls are in place in the provider's data center to what technical steps have been taken, such as access control, encryption, etc.
Many cloud storage services state that they either encrypt data before it is uploaded or while it is stored. While encryption is generally regarded as best practice in cloud storage[21] how the encryption is implemented is very important.
Consumer-grade, public file hosting and synchronization services are popular, but for business use, they create the concern that corporate information is exported to devices and cloud services that are not controlled by the organization.
Some cloud storage providers offer granular ACLs for application keys. One important permission is append-only, which is distinct from simple "read", "write", and "read-write" permissions in that all existing data is immutable.[22][23] Append-only support is especially important to mitigate the risk of data loss for backup policies in the event that the computer being backed-up becomes infected with ransomware capable of deleting or encrypting the victim's backups.[24][25]
Secret key encryption is sometimes referred to as zero knowledge, meaning that only the user has the encryption key needed to decrypt the data. Since data is encrypted using the secret key, identical files encrypted with different keys will be different. To be truly zero knowledge, the file hosting service must not be able to store the user's passwords or see their data even with physical access to the servers. For this reason, secret key encryption is considered the highest level of access security in cloud storage.[26] This form of encryption is rapidly gaining popularity, with companies such as MEGA[27] (previously Megaupload) and SpiderOak being entirely zero knowledge file storage and sharing.[28]
Convergent encryption derives the key from the file content itself and means an identical file encrypted on different computers result in identical encrypted files.[29] This enables the cloud storage provider to de-duplicate data blocks, meaning only one instance of a unique file (such as a document, photo, music or movie file) is actually stored on the cloud servers but made accessible to all uploaders. A third party who gained access to the encrypted files could thus easily determine if a user has uploaded a particular file simply by encrypting it themselves and comparing the outputs.[29]
Some point out that there is a theoretical possibility that organizations such as the RIAA, MPAA, or a government could obtain a warrant for US law enforcement to access the cloud storage provider's servers and gain access to the encrypted files belonging to a user.[30] By demonstrating to a court how applying the convergent encryption methodology to an unencrypted copyrighted file produces the same encrypted file as that possessed by the user would appear to make a strong case that the user is guilty of possessing the file in question and thus providing evidence of copyright infringement by the user.
93ddb68554