@jbruchon GitHub does not have the legal capacity to determine the validity, just as YouTube does not have the legal capacity to stop Alex Mauer takedown notices. @ryanbr should consider filing a counter-notice due to its invalidity.

@WilliamFeely Agreed, a counter-notice is the best solution. Then they have to take it to court and subsequently get laughed out of it.

@jbruchon Or 10 business days pass without response from the complainant and Github gives the green light to re-post.

@WilliamFeely

@ryanbr should consider filing a counter-notice due to its invalidity.

Meanwhile, the repo will be disrupted or blocked until the counter-notice is ready. Filing a counter-notice will be quite expensive also.

Then they have to take it to court and subsequently get laughed out of it.

And this will be extremely expensive. We're talking about a community-driven project here.

Counter notice is free if there is no lawsuit. Wonder why nobody mentions GoFundMe? Snopes got over half a million in donations in a day to fight their legal troubles.
Surely EasyList is popular enough to drum up that kind of support?

@uda this point exactly. You are not preventing copyright infringement if you use javascript to hide content already served to the user agent. At that point it's trivial to disable javascript, and if the entire content is served as static html in the first instance then some browsers are incapable of running said scripts in any case. That's not circumvention, that's the copyright holder not actually trying to protect their stuff.

There's no copyright infringement in this repository. Either with that URL or without it.

Please do not comply with frivolous DMCA takedowns. Tell GitHub that you wish to contest the takedown and file a counter-notice.

Just make a separate file of all the domains that have made a DMCA request.

The list should only be used as an enumerated list of DMCA take-down requests and nothing more.

@ameshkov A counter notice would not be expensive. You just need to affirm that the content you offer is not violating their rights. No need to explain any further. It can be as broad as you want. 5 minutes of your time, no lawyer needed. When GitHub receives a DMCA, it deactivates the content, when GitHub receives a counter DMCA, it enables it again. The parties can battle in court then.

I've seen some media outlets post a link to this page, if you've come from one of those and don't have something constructive or helpful to say and just want to express your anger at this then do it here instead: https://discord.me/BlockAdmiral

heuristic blocking would solve this, right?

@Beaving @WilliamFeely

1. A counter-notice should be signed by somebody. EasyList is not a company, so it should be one of the maintainers willing to take the risk.
2. The risk I am talking about is that the counter-notice may trigger a lawsuit, which is extremely expensive whatever is the outcome.

I think what we should do is not just blindly demand to reinstate the domain but to let EasyList people know that they can rely on us, and we're ready to support them.

heuristic blocking would solve this, right?

Yes. Remember the news about perceptual ad blocker? It is time to seriously consider implementing this technology in the main stream ad blockers.

Hey, all.

A couple of people have reached out to GitHub and asked us to weigh in here. Hi.

We follow the DMCA framework when we receive a complaint with sufficient details. In this case, we received a complaint based on a theory of anti-circumvention.

We apologize if our delay in posting the notice led to any confusion. According to our policy, we allow the repository owner a window of time to make changes before we post the notices, and we also take time to redact any personal information.

To clarify, the dmcahelper account is not affiliated with GitHub.

Hannah Poteat
Privacy & IP Counsel
GitHub, Inc.

@ameshkov
Could they form an LLC and then issue a counter-notice?

@hook54321a That would be too complex and too much work. Since EFF offered help, I guess leaving it to them is the best.

@gorhill Look who's following you on twitter.

heuristic blocking would solve this, right?

Yes. Remember the news about perceptual ad blocker? It is time to seriously consider implementing this technology in the main stream ad blockers.

@ameshkov
If I recall, that method was more like a cosmetic blocking. Doesn't do anything to reduce the bandwidth or tracking that could come along with an image. I'm all for hiding stuff but I'd rather firewall the traffic. In-browser would be slick.

I'm thinking more like Privacy Badger, Karma Blocker, LibreJS, Kaspersky Banner Ad Blocker, Bluehell firewall (which is just a big regex string), and Privoxy or Proxomitron (I can't remember which was rule-based. Maybe both.) It may be that building an app which lets you adjust thresholds for variables of certain characteristics of content might be a good approach to learn out to hone in on what constitutes unwanted content. Say, strip out all content that's a transparent pixel. junk like that.

But also look at more modern tracking techniques such as registering service workers, reading sensor values and junk.

I assume it would take a lot of harvesting of desired and undesired javascript and content to come up with some good rules.

Or an easier untrust-all approach.

+hook54321a
To break the following it is simple - click Block then immediately unblock. I do that all the time on my Twitter to kick spam followers that don't quite require blocking.

What about a dummy script, which some of the better ad-blockers already make use of.
NOBODY can claim the ownership of a dummy script that wasn't written by themselves.

Long term, ditch GitHub and utilise some form of decentralised file hosting?

It seems to me that they're circumventing my access controls.

@Tanath interesting point. Is that legal?

Let's create a new list for GetAdmiral customers so we can punish their customers while not bypassing their DRM. I don't think it's fair to ask the maintainers of EasyList to fight the legal system for us, we have to make sure that no other ad servers dare to use DMCA again, and best would be for GetAdmiral to be recorded in history of Internet for the worse failure.

@bbb31
Not at all problem solved, and you run the risk of referenced domains in the list violating local censorship laws which could give rise to criminal liability.
If you live in the US you cannot escape US jurisdiction by hosting abroad, in fact doing so means you consent to not the US and foreign jurisdictions.
Germany has laws against Nazi imagery, so if any websites in the list have that that would be hazardous. Russia has all sorts of censorship laws that would make the list a minefield.

@WilliamFeely It seems to me that since the list is specifically a blocking list it can't really run afoul of censorship laws. I see ad blocking lists as a censorship mechanism controlled by the end user. I may be wrong and I'd be interested in hearing why I might be wrong.

@jbruchon I do suspect though the claims that hosting on a foreign server will prevent liability may be coming from those with misinformation regarding copyright law, as this is featured on the homepage of TorrentFreak today.

If you're considering alternate jurisdictions to host in, Iceland wouldn't be the worst bet. I'm sure Piratar would be able to offer some assistance.

The reactions here.... forks, blocking the site in Windows hosts lists. Did you ever considered that the DCMA owner don't care about you or the handful of people here? If they target Easylist then they care about all the subscribers (million) of people around the world who got the Easylist auto-updated in their adblockers. They will not know and automatically receive the list with the hostname removed.

So hosts/forks/other lists will not help. The only thing that actually does something useful is that EasyList gets out of range of DCMA and re-add the host, period.

The great majority of adblock users are people who just install an addon and expect everything to work and don't read github or changelogs or even touch any settings. And this DCMA request has targeted these users only cuz they build the majority. So please stop trying to pretend to fight back cuz you figured out how to edit a Windows host list. (Sorry for the harsh words but ive seen this discussion drifting away from the original problem).

Admiral is inherently a huge malware risk vector. If you cannot block them directly, then you should block all their customers.

I'd suggest adding a new blocking mode to uBlock Origin where any page attempting to load the blocked content gets redirected to a very scary looking warning page, perhaps modeled after Google warning pages, except that users should be given the option to whitelist for a limited period of time, although few would do so when being warned about malware, etc.

Admiral is just using this squarely as a means to boost their revenue and that of advertisers. They're taking advantage of Github's open platform to try and control publicly available information in order to profit and are working to delegitimize your freedom to simply not connect. If you use EasyList, you are expressing your desire (and freedom) not to connect and download advertising, spyware and possible malware attacks. Publishers who advertise are entirely capable of detecting this and preventing you from accessing their site. I see it all of the time and simply leave the website instead of disabling my ad blocker. This is a simple transaction and it forces us to make decisions so we can negotiate through our conscious actions.

They speak freely about this on their insecure homepage and they're boasting about this on their LinkedIn page: https://www.linkedin.com/company/getadmiral. And re: DMCA, Easylist, Adblock, Copyright Access Control & Admiral: 10 Things To Know This is precisely why their use of the weasel word circumventing is so twisted, manipulative and intentionally misleading.

I'm all for 👍 @ameshkov's suggestion of moving this over to Gitlab or literally any other platform that will allow us to allow us to control how we use the Internet instead of allowing it to be unilaterally manipulated like this so transparently for the profit of a select few. I'm a fan of Github, but this is way too far. Let's move forward with #500 once we're off this platform.

@patricknelson
Unfortunately moving off GitHub would alienate a lot of contributors, and self hosted solutions could potentially become costly if the traffic gets high enough.

Also, would you mind finding a copy of that Linkedin page that doesn't require an account? I deleted my LinkedIn account because I didn't want my boss looking too far into my job-hunting activities.

@WilliamFeely I suppose you're right. What if @a-raccoon's idea of at least simply openly disclosing the list of domains removed due to DMCA requests? Per #501 This will allow people to be aware of the content that is no longer being blocked and it is up to them to continue using EasyList as they wish.

That said, has the OP contacted EFF yet?
Until it gets reinstated, perhaps it would be a good idea for someone to maintain a "forbidden domains" list that can be imported into the "custom" section of one's adblocker? Most if not all adblockers allow for custom blacklist subscription URLs.

@WilliamFeely I've edited my original comment to point to the public version of their page (lucky guess 😉). See here: https://www.linkedin.com/company/getadmiral

I'd also propose a sort of dead man's switch approach; an automated list of domains removed from EasyList with comments containing the reason (or the commit message) for their removal. I think #501 is a good (but still manual) step in that that direction.

Can we add all of their other domains to easylist since they haven't DMCA-ed those? We could do only one and wait for them to send a DMCA for that, then add another one, and then repeat, to waste their time.

Brave handled it in an uhm, interesting way: brave/adblock-lists@2c0e86c

FWIW, we're ready to sponsor the hosting if the guys decide to move the list. Can't say for others, but I guess they also do.

On the other hand, this does not completely solve the issue of a legal trolling and may be perceived as a retreat. Anyway, I'd like to assure EasyList maintainers that when they decide to take action, we will help them with all the means.

I don't always use a blocker but I wanted to participate in the Streisand Effect happening here, so I created a browser extension that blocks Admiral. I will add other domains if other companies start to see legally threatening open-source projects as a way to have themselves removed from blacklists.

https://github.com/paulgb/BarbBlock

Wait, what?

The issue with moving the list to another host is that it will kinda let Admiral win and will inconvenience other block lists on github.

gorhill/uBlock#2864 (comment)

https://twitter.com/getadmiral/status/896486274466533381

https://www.whois.com/whois/104.155.48.223 -- The IP addresses under this netblock are in use by Google Cloud customers

They're using Google hosting.

This is why webpages should not be allowed to load anything third party, also why scripting should be disallowed period. So what are our options to fight admiral?

@ciravbot
With that in mind, do you know if OWASP ZAP can be configured to alert to all third party resources on a web server?
Also, might it be just about time to close this thread, as it has gotten a little out of hand, including with more than a few suggestions that could be considered bad legal advice?

hilariously, functionalclam.com say HTTPS is used whenever possible - whilst the front page is 1 big jpg file, and neither the front page, nor the jpg file, is served over https 😆

@WilliamFeely That I do not know yet. I am currently researching some options for both the short term with current tech and the long term with new tech. I do believe we are reaching a point where a new browser and rules are needed to help put an end to ads and their ability to detect/circumvent adblockers.

If the advertisers think they can employ DMCA to take us down, we too can do the same. Circumventing adblocking tech to shove ads and malware into a system should be met with the same.

DMCA as it stands now is an outdated system and needs to be repealed or replaced and the more news this gets as well as tieing up the courts will help this come about faster.

+cirvabot it was actually a question regarding my own server in order find and destroy third-party resources.

Regarding your thoughts about DMCA, hopefully this is not abusing this unusual case in order to make it easier to distribute copyrighted works without permission.
Repealing 17 U.S. Code § 512 would put hosting providers in danger of liability for content they have no control over.

I don't know what the answer is, there are plenty more people out there more qualified then I who can figure that one out. Something does need to change though and soon. This goes beyond shaving seconds off page load times and securing systems from bad actors on the net. Lists such as EasyList are simply a bandaide and we need to have a larger discussion about moving forward.

Part of the internet history.

What about send a DMCA request to functionalclam?

We can make a meme out of this

@Serkan-devel You mean actually infringe copyright with one of those low effort image macros or an animated GIF screencapped from a copyrighted TV show or movie?
There was no infringement yet on this list.

Feel free to delete the comment. Or tell me and I'll delete it. Here it is, no infringement.

DMCA-machine broke

Ad peddlers - eat shit and die.

Also made sure to add this domain to all my filters manually now.

STREISAND
T
R
E
I
S
A
N
D

Locking this, its run its course.