I mean, when a lawyer takes a case on contingency, they're essentially gambling their time on hopes of an outcome where their share (30-50% isn't uncommon, if I remember correctly) would make the time and effort spent on the case worth it. Against a company the size of Disney, with incentive to make the case as long and painful as possible to try and discourage other creators from trying to get what they're owed, it would likely take thousands of man hours, and tens of thousands of dollars out of pocket. Between discovery, filing fees, appeals, all for a victory that would result in (and I'm just completely guessing based on essentially no data) only hundreds of thousands of dollars. Lawsuits can very much end up being pyrrhic victories based on the costs incurred alone, not to mention the emotional toll that fighting a protracted legal battle can inflict upon a person.
Alright, since linking the entirety of title 17 isn't exactly easy to refer to as a source, the relevant part is 17 USC 203.^1
It's probably one of the more complex parts of copyright law. There's a few well-known cases of section 203 being used to claw back copyright decades down the line. (Note: I'm am very much not a lawyer)
In 1938, John Steinbeck granted Viking Press rights to publish 13 of his works, including Of Mice And Men, The Grapes of Wrath, and Tortilla Flats, as long as they were kept in print and for sale. In 2005, John Steinbeck's son and granddaughter served notice to Penguin Publishing, who were the interested party at the time, that they were terminating the agreement.^2
This section was originally designed to give artists who may have essentially (or even literally) given away their rights due to inequitable bargaining power a chance to recoup their property down the line with at least several years notice that they are planning on terminating the agreement.^3 In practice, however, it's kind of a mess, and to say that it would allow an artist or their heirs to terminate a grant to the public domain is dubious. It's something that would likely see its way to the supreme court should it ever come to pass.
I've included a couple other articles here just in the general interest of providing more info.^4^5
Down towards the bottom it seems like it's only presently available in the US, and they're simply using `.sm` as a clever domain name hack/gccTLD (e.g. .io domains, .ly domains, etc)
My understanding of persisted XSS attacks is that it's not that the site is malicious, but that it had security holes, so other people who got through the captcha uploaded malicious scripts. Now the site is serving them unawares. Does that sound right?
There are definitely some games that just don't translate as well to Tabletop Sim, but as far as shared tabletop experiences, TTS blows every other one I've tried out of the water on the widest variety of games. I use it for D&D, Wizards' Academy, and I own about half of the official DLC games.
Aw, thank you. I must admit, I'm such a novice with Steam and online games in general that I didn't even know what are "Workshop Mods" until I looked up now. :-)
There's a lot more regulation and guidance around taking down a phishing site at the domain level, rather than at the provider level. (E.g. Hosting company, CloudFlare and other DNS providers, etc.) If I remember correctly, ICANN requires takedowns to be either compelled by law enforcement, or done through the UDRP[1], whereas the providers themselves are typically more able to quickly respond to abuse. In addition, phishing domains are typically short lived, as once they're flagged by Google Safe Browsing[2] and the like, they're essentially worthless to the ne'er-do-wells that purchase them, regardless of if they're actually taken down.
I feel like the title "Facebook sues Namecheap for registering phishing domains" is somewhat misleading.
> We found that Namecheap’s proxy service, Whoisguard, registered or used 45 domain names that impersonated Facebook and our services, such as instagrambusinesshelp.com, facebo0k-login.com and whatsappdownload.site. We sent notices to Whoisguard between October 2018 and February 2020, and despite their obligation to provide information about these infringing domain names, they declined to cooperate.
Specifically, they're suing Namecheap and their proxy service for not providing information about the true registrants of the allegedly infringing domains.
"This week we filed a lawsuit in Arizona against Namecheap [...] for registering domain names that aim to deceive people by pretending to be affiliated with Facebook apps."
The press release says "for registering domain names" so I think the original title was accurate.
And to be clear, all Namecheap had to do to prevent this lawsuit was identify the owners of or delete the obviously-phishing and obviously-TM-infringing domain names. They didn't, so now Facebook is taking them to court over it.
Facebook listed 3 of the 45, including one that I'd argue does not at all violate TM or phish. In a post like this, they'd likely pick the most egregious examples, so your statement about how obvious this is is entirely baseless. Furthermore, I'm absolutely okay with Namecheap not honoring a demand for information without a subpoena. Those whoisguards protect me from spammers, scammers, and anyone who would want my information from a whois.
Agreed 100%. I'm a huge fan of removing all PII from whois info. Get a subpoena if you want that data. Otherwise next thing you know they'll be demanding registrant info for "facebookisevil.com" because it "infringes on our trademarks!!!"
I thought the point was that they're suing namecheap to get the names of the people who registered the domain, because namecheap was serving as an anonymity service.
"Under the policy, most types of trademark-based domain-name disputes must be resolved by agreement, court action, or arbitration before a registrar will cancel, suspend, or transfer a domain name."
Or, alternatively, remove the domain names, since they're blatantly phishing domains.
I think anonymous domain registration is an important property to preserve. Many people need such services for their safety. However, if you're going to serve as an anonymity shield for another party, you're taking on some of that party's liability, and in particular you need to take down malicious domains.
Namecheap is responsible for administrating domain ownership. They are not free to unilaterally change or remove ownership at will.
That doesn't mean it's impossible to deregister infringing domains. It means that there is a process to follow, which is probably what we're seeing right now.
Honestly, I'm glad they didn't. There's not much use in a whois privacy service if they'll give up the info just because a company says "this is infringing".
How is "instagrambusinesshelp.com" impersonating Facebook services? Is the argument here that using "Instagram" in a domain name inherently not allowed?
Edit: Would "instagramsucks.com" or "facebooksucks.com" also be infringing?
I mean, it's alleged they were a phishing operation...
And in terms of trademark law the owners are unlikely to be on stronger grounds if they're not a pure phishing operation as alleged, but have merely chosen to include Facebook's trademark in their website or email marketing name without Facebook's permission to increase the likelihood Facebook's customers will purchase services from them.
You don't have to imply you definitely are the owner of a trademark to fall foul of trademark law, you just have to be trying to profit from using the trademark without permission in their line of trade in a way you can't justify as 'fair use'. I think we can rule out the idea instagrambusinesshelp.com is commentary, comparison, parody or a list of third parties worked with.
But you have to consider your everyday user who has no real understanding of how companies use domains outside of being a name. That domain suggests it's business support for Instagram.
I feel like an everyday person would see that and think “ah a 3rd party consultant to help with my influencer business” (or whatever the professional application of instagram is.)
Almost every windows website in existence is liable under this description. It is confusing, but protecting domain names via trademark law seems undesirable to me in most cases
This seems like a bad knee-jerk reaction, not a real solution.
My company also has a business portal. Can I take down domains that are similar to it as well? Or is this power just reserved for MegaCorp Inc. who can afford large legal teams? At what point does a company become large enough to warrant "protection" of domains similar to their own? Who makes that decision and is there any dispute process? Etc, etc...
So many questions and potential pitfalls surrounding this approach. I don't know if there's any better realistic "solution" than to let users ultimately be responsible for the domains they visit. Not much of a solution but I don't see any better options that are both realistic and helpful.
The big drawback of the process it that it doesn't work well for phishing attacks, where taking down one domain is of limited value. It's designed more for things like nissan.com
But the language on Facebook's press release implies that the names themselves are misleading. They don't mention the content.
I'm not disputing that the sites themselves are scammy/phishing, but what Facebook is saying here sounds like an overreach that amounts to "using Facebook trademarked names in a domain name is misleading and inherently untrustworthy".
So if you started a small consulting company helping people advertise or build a brand on Instagram, and your website was instagrambusinesshelp.com, Facebook has the right to say "not allowed"?
Do I also have the right to impose rules on other businesses naming conventions [1], or no because I'm not a $500B company?
[1] In a fair use context, not blatant copyright/trademark infringement or posing as the company in a phishing context.
There is no fair context for that under the law. The name is trademarked so unless you have approval from Facebook to use their trademark then using it is not legal. It's not that complicated.
Maybe domain names are treated differently from book titles, but I don't see why they should be. There certainly is fair use of trademarks in book titles if the use is descriptive, not likely to lead to confusion about who produced the book, and can't be effectively replaced with a more generic term. E.g. "That Popular Graphics Editor for Dummies" isn't a sensible substitute for "CorelDRAW! for Dummies".
My assumption is that "instagrambusinesshelp.com" was impersonating Instagram to scam people. Instagramsucks.com probably isn't trying to impersonate them, just complaining about them.
Well, their whois proxy services. Namecheap has other proxy services (email for sure, I think also some configurations like parking and redirection use an HTTP proxy), so not specifying whois proxy is pretty confusing.
It's not uncommon for compromised computers to be used as nodes in DDOS-for-hire networks, (though compromised IoT devices seem to be in vogue at the moment) proxies for ne'er-do-wells, sending spam, and other activities that might not be apparent to the user of the computer in the slightest, but still have effects that reach out to the world at large.
That's a channel-specific option though. You can set per-channel bitrate, but it's not something Discord does automatically to accommodate lower throughput clients.
It looks like Ogg Vorbis has theoretical support in the spec for something called "Bitrate Peeling"[1], but there is no functional implementation for this yet, and there's been an open bounty on it since 2004.[2]
This is a really neat idea though. Truncating the packet to change the bitrate per client without re-encoding.
Peeling has been a goal for many audio/video codecs in the past. Nobody's been able to make it work acceptably, though -- either the low-bitrate version sounds awful, or the high-bitrate version increases in size to the point that it might as well just have a low-bitrate version alongside it.
