Well, that's one for the history books
Too bad, Google.
Google last month announced plans to prevent customer files stored in Google Drive from being shared when the web giant's automated scanning system finds files that violate its abuse prevention rules. "When [a file is] restricted, you may see a flag next to the filename, you won't be able to share it, and your file will no …
In both cases the fault is with the users who somehow expected things will necessarily go their way. Google is like that monster wave, you might ride it for a while, but it's at your own risk, don't go crying if it suddenly breaks every bone in your body.
I did register the letters G, O, L and E a very long time ago. I remember I had to fight the registration bureau quite a bit because they suggested prior art in literature. But, I've been able to convince them of a time paradox where my thoughts, ideas, designs and all I produced have been scattered over time and have presented definite proof of ownership.
Now I own the alphabet in all its glory. Therefore, you are all infringing! Stop writing you repeat infringers! You owe me lots and lots of money. Are you reading this? Hello? Hello?
Pfft. I went back even further and registered elctrons, photons and time travel. Sadly, this also resulted in discovering the rather mundane origin of the Big Bang. In hindsight, it should have been obvious what would happen when hordes of lawyers and their time machines all converged on a single point in space and time to file the first claim.
Patents aren't perpetual. You apply for a patent, and you can use it to confirm your ownership until that provision expires, which is at least twenty years though may be longer in some countries. Then it expires. You still have the patent for the record that you invented something, but you can't use it to prevent others from developing your thing anymore. The protection rights entailed in a patent are time limited.
Mani had prior art circa 250 AD. Your "electronic states" bit is just an implementation detail.
Now, if you'd said "electronic states with rounded corners"...
The one piece of text in that Google notice that really pisses me off and demonstrates Google's arrogance is: "A review cannot be requested for this restriction" which roughly translates as "We can do what we want and there's nothing you can do to question it, suckers!"
I used to merely hate Google, now I totally loathe them.
Anonymous Coward
Yeah, even MS isn't (usually) that stuck up their own ass. That displays an almost breathtaking amount of conceit by Google.
Google conceited? Just because they think they own the world? Hmm... I'm hearing a knock at the door and someone yelling "Open up! Google Police!!!!"
Not a big fan of more legislation myself but this issue of companies clobbering users with zero explanation, chance to appeal, human being to talk about it with is getting out of hand. That coupled with deflection-mode call centres and websites that just send frustrated customers round in circles to the same inadequate FAQs. It looks like companies now need to be legally bound to be accountable as to how they treat their users.
Since 1 is now off limits I propose we switch from 1 / 0 binary notation to simply yes / no.
A decimal number like 69 in the new notation would be:
yes no no no yes no yes!!!
The triple exclamation marks serve to clearly identify the new notation. This could be the dawn of a new more exciting era in computing!!!
I'm afraid I've found some prior art going back about two millennia. (NSFW)
But denial (no) and acceptance (yes) have been appropriated by other forces. You are no longer allowed these traditional methods because they are confusing in the online markets. Denial to accept consumer produce is no longer allowed. Acceptance of TOS and EULA is mandatory to disallow the denial.
Yes?
No?
consume stay asleep buy no imagination no thought conform obey
Why would anyone in their right mind put copyright material on network drives? Why not just stream from somewhere if you're going to go through network IO to watch or listen to it?
Sharing said content would be another matter entirely regardless, but I honestly don't understand the point. Surely a USB drive of some sort would be more suitable for backups.
I think the point is that it was obviously not pirated material, highlighting the fact that any automated means to detect pirated material is going to be error prone.
Does this mean they may also reject academic documents that quote published material or other similar fair use situations?
> may also reject academic documents that quote published material
We're far from there yet, they apparently just check for the presence of certain letters or numbers...
What this has to do with copyright is anyone's guess.
IMHO it's just a case of the old "it's not important to do something, but to be seen doing it": They now can claim to the big copyright owners that they are cracking down on piracy, and as long as they don't need to specify if they are doing it successfully...
> I guess it depends if "off site" is important to you.
I don't really see why "USB drive" and "off site" must be mutually exclusive.
I have disseminated USB drives (protected with strong encryption, not the toy stuff some come equipped with) at several places. Nothing prevents you from having a couple 256 GB USB drives in a drawer at work, and another set at a relative's home. (Note this is for my private backups, my own private stuff. Work backups are an entirely different thing and are handled entirely differently.)
For private stuff, those 3 sets of USB drives are perfect. Too close to each other? Well, if the whole area gets so utterly obliterated that all your sets of USB drives are trashed, chances are you won't need your backups anymore anyway. And yes, updating is a little more involved, but if you are a little organized it's no big deal to think every now and then to take the backup drives back home to update. It's not like your important private files, those you desperately need to preserve if your house burns down, change daily.
Practically all original content -- as distinct from *facts* -- that is not in the public domain has a copyright owned by someone. The bad poem you wrote at university? Copyright owned by you. The email you wrote your colleague last week about the TPS reports? Copyright owned by your employer. Those home videos your parents made when you were a baby? Yep, copyright is owned by your parents. I own the copyright to this comment; El Reg has a license I granted as a condition of being allowed to post it here. Your copy of Linux contains files with hundreds of copyright holders. And so on.
It's common to express ideas vaguely (Google's communication is an example of making this worse), and when most people say "copyrighted content" what they really mean is content to which the speaker doesn't have a license, or has a license that doesn't allow arbitrary distribution. But that's wildly different from what "copyright [sic] material" really means, and in fact nearly everything everyone stores anywhere is subject to copyright. It's true that with the kind of extremely low-entropy content described by this article (as well as performances of the infamous 4'33" etc) things get dicey, but that isn't how I interpreted your question. It's perfectly fine to store works subject to copyright on these services; if it weren't they wouldn't be useful.
The problem here is missing metadata, specifically (a) whether the piece of data is subject to copyright, (b) the identity of the copyright owner if so, and (c) the terms of any license to it held by the account owner who's storing it. From that it would be possible to determine conclusively whether or not a work's presence at a particular storage location is infringing. Without it, their actions represent at best an unreliable guess and at worst opaque, asymmetrical, and abusive pandering to giant corporations at everyone else's expense. Wikipedia have done this pretty well: they associate this kind of metadata with the objects they store, which makes it easy to detect problems or document the basis for a work's use. Google, of course, provide their customers with no way to record that metadata, which is why anyone serious about document control uses something else.
but that's exactly why there needs to be a mechanism for communicating those bugs back to the developers.
This is an issue that goes far beyond Google or this story. It is a general issue in all large companies ( and a good few medium ones, I think)
Beancounter lead companies do not want to hear from the public that things are going wrong, that there is a fault etc. To do that would cost money providing customer service and hit short term profits, bonuses etc. So they hide or remove contact details, create websites that take customers round in circles from "contact us" to FAQs to "need more help" to "contact us" to..... Or direct users to "Support forums" where people who have nothing to do with the official company and don't get paid can offer amateur advice that may or may not be helpful, but won't make the company aware of or resolve any genuine product issues.
That they piss off customers and lose them, is a matter for the next financial reporting period.
Because, given the quality of this, every encrypted zip file (which has a distinct signature) will become copyright-infringing overnight. If they're using machine learning rather than a big list of hashes, this wouldn't even be surprising as it's exactly the correlation such models tend to identify.
I've been working in IT for decades and have hand crafted HTTPS clients.
What you've proposed still fills me with fear and horror, and that's before I have to try and explain it to students.
Frankly it's easier to build my own cloud service with document creation and sharing capabilities.
Sigh.
1) Don't use zip. Files can be replaced in encrypted zip archives with non-encrypted files of the same name, and zip will not complain on unpacking. You need an archiver that doesn't just put a collection of encrypted files in a non-encrypted wrapper that includes metadata such as filenames. 7zip works (with the correct settings).
https://security.stackexchange.com/questions/35818/are-password-protected-zip-files-secure
Naïve zip implementations can have other interesting behaviour:
https://nakedsecurity.sophos.com/2018/06/06/the-zip-slip-vulnerability-what-you-need-to-know/
2) Assuming you are using something other than zip, then adding a salt file with a few 10s of random bytes to the archive will change the signature of the archive so it doesn't match with other encrypted archives.
3) If you really, really want to use zip, at least double zip encrypt - create the encrypted archive, then put the encrypted archive you have just created as a single file in its own encrypted archive.
Yes, and to be more specific, there are two (2) distinct types of copyright infringement:
1. The one which creates profits = Good
2. The one which creates lawsuits and makes us lose money = Bad
Obviously you only crack down on the second one. You wouldn't kill the goose that lays the golden eggs, would you.
Google's system is clearly unfit and a problem, but there's another one. Why can't a university provide sufficient storage for class materials, thus making professors resort to Google Drive? Google Drive is a terrible distribution system as it requires the user to click through to download files, either using an unnecessary web rendering page or presenting a page saying that the web rendering page won't work for this file. It's functional for people who don't want to pay for the bandwidth usage, but a university already has servers that can store some small text files.
>>ut a university already has servers that can store some small text files.
Indeed but a university may not want the security risks involved in allowing random students access to their network from random devices in random locations (aka setting themselves up as a private cloud provider)
Yes there are ways around the problems associated with running a private cloud but all are more expensive than letting staff use Google Drive (or OneDrive) for sharing files.
If I were a bean counter at the university I know which option I would pick and, perhaps sadly, bean counters tend to get the final say.
"Indeed but a university may not want the security risks involved in allowing random students access to their network from random devices in random locations (aka setting themselves up as a private cloud provider)"
You may need to look at what a cloud provider does. Hosting your own website with files uploaded by your employees is not being a cloud provider. The students don't need to have upload access to the system (although many universities give them that and it's just fine). If the access needs to be restricted, put a login page in front of the files. If you only want logins from inside the university network, put a firewall rule on it. If you want authenticated access from outside the network, give the students a VPN option. These things are really basic and the university already has the infrastructure to do it.
I stopped using most of their products and software if I have an alternative. After they took over Waze - Waze on Android was so buggy that I could not use it where I needed it mostly (in my car). I was publicly admonished that I posted a bug report on a developer site after I got no reply at all on the customer service site. I've learned my lessons and I stoped using them even for search. The arrogance pervades all of their communications.
"Relying on viral social media posts as a sort of backdoor communication channel to the developers should not be the only option."
Au contraire. That is the modern way of filtering complaints. If social media decides that an issue is not important, then obviously it is not worth spending effort on. Don't worry, once Google is done fixing issues that attract a billion views, they might get concerned about the issues that attract only millions of views.
Who would ever get rich in a billion user market by fixing issues that only affect a few?
News at 10 headlines.
Sorry, this is just to be expected from Google.
Someone needs to sue them into oblivion for false copyright claims. Start at $100B. That might just might get them to take notice.
Oh, and add the likes of Facebook into the mix as well. These 'bots' are getting stupid.
I had a post get flagged for copyright infringement when I quoted three lines of my first novel. I put in a reference to the novel and under fair use, I could do that but no, I was dinged for copyright violation of my own work. Sorry, how can I be in violation when I wrote the text anyway? The systems see a match and 'ding', go to jail, do not pass go, do not collect $200.
Queue wind blowing and sagebrush rolling down the street if you try to get it corrected.
In the end, I had to repost the text, but with several words changed. Then I added a not explaining what the correct words were.
Unfortunately, the legal system will first ask you for demonstrable, personal harm that you have suffered. If there is none, if it is not quantifiable, or if it is zero because the service that you were unable to use was free to start with, you are out of luck.
On the other hand, let's not forget that the bullies in this match are the rights holders. Not the individuals writing books or making movies, but the large agencies. In the fight of Disney, Sony, Random House etc. against Google, we are collateral damage.
20 years ago I worked for a big American corporate.
They scanned all network drives and eventually personal drives for Audio & Video files , if any were found you got a personal meeting with HR because RAA threatened them with massive fines if Audited. It wasn't actually too bad a decision overall the number of pirated songs, films and porn decreased rapidly.
The thing they hadn't thought about was the technical team generated their own content, our technical manager who recorded videos showing how to operate or fix our products was invited to HR on a daily basis.
This sort of thing needs to happen because copyright abuse is rife.
Yeah, kinda fell between 2 stools there. In the states, "professor" has been degraded as a title to encompass lecturers and, from what I can gather, even tutors. Whereas in the commonwealth, "professor" is maybe a couple per department, "reader" is basically a professor without a "chair" -- deputy god rather than god.