AOMedia Video 1 (AV1) was invented by a group of technology companies to be an open, royalty-free alternative to other video codecs, like HEVC/H.265. But a lawsuit that Dolby Laboratories Inc. filed this week against Snap Inc. calls all that into question with claims of patent infringement.

Numerous lawsuits are currently open in the US regarding the use of HEVC. Relevant patent holders, such as Nokia and InterDigital, have sued numerous hardware vendors and streaming service providers in pursuit of licensing fees for the use of patented technologies deemed essential to HEVC.

It’s a touch rarer to see a lawsuit filed over the implementation of AV1. The Alliance for Open Media (AOMedia), whose members include Amazon, Apple, Google, Microsoft, Mozilla, and Netflix, says it developed AV1 “under a royalty-free patent policy (Alliance for Open Media Patent License 1.0)” and that the standard is “supported by high-quality reference implementations under a simple, permissive license (BSD 3-Clause Clear License).”

Yet, Dolby’s lawsuit filed in the US District Court for the District of Delaware [PDF] alleges that AV1 leverages technologies that Dolby has patented and has not agreed to license for free and without receiving royalties. The filing reads:

[AOMedia] does not own all patents practiced by implementations of the AV1 codec. Rather, the AV1 specification was developed after many foundational video coding patents had already been filed, and AV1 incorporates technologies that are also present in HEVC. Those technologies are subject to existing third-party patent rights and associated licensing obligations.

Dolby is seeking a jury trial, a declaration that Dolby isn’t obligated to license the patents in questions under FRAND (fair, reasonable, and non-discriminatory) licensing obligations, and for the court to enjoin Snap from further “infringement.”

Dolby claims infringed patents are “critical” to Snapchat’s business

Dolby is accusing Snap of infringing upon four of its patents: U.S. Patent No. 10,855,99 “Inter-plane prediction”; U.S. Patent No. 9,924,193 “Picture coding supporting block merging and skip mode”; U.S. Patent No. 9,596,469 “Sample array coding for low-delay”; and U.S. Patent No. 10,404,272 “Entropy encoding and decoding scheme.”

The San Francisco-headquartered company claims that Snapchat relies heavily on HEVC for video and has acquired HEVC patent licenses through a patent pool, but that its mobile app also “accepts AV1-compliant videos, and Snap will decode and encode these videos into other formats for delivery and viewing across a range of devices.”

“Snap’s software further tracks whether AV1 decoding is supported on a given device to stream AV1 video when appropriate,” Dolby’s suit says.

Dolby asserts that AV1 “reuses” concepts from HEVC, for which implementation is generally understood to come with licensing and royalty fees, and that the codecs "are 'based on the same hybrid block-based video-coding flow' and employ nearly the same approach to dividing images into coding units... and blocks," citing a paper published by the IEEE in 2019 and titled "Fast Hevc-to-Av1 Transcoding Based On Coding Unit Depth Inheritance." 

Dolby said that it and Access Advance, which it says runs a patent pool administering AV1 and HEVC-related patents held by Dolby, have been contacting Snap to get it to license AV1 patents through an Access pool. It also claimed that Snap has been informed of the option to “seek bilateral licenses from individual” licensors.

“Despite these efforts, Snap remains unlicensed. Snap has continued to use Dolby’s patented technology without paying any royalties,” the lawsuit says.

Dolby is arguing that its patented technologies are “critical to Snap’s business, driving the efficiency and quality of the videos that help keep users engaged on the application” and that Snapchat gains “an unfair competitive advantage” by not licensing the technologies.

AV1 in question

Despite AOMedia’s goal of creating a video codec that could be adopted without concerns about fees and lawsuits, numerous tech companies outside of the group dispute if AV1 meets those claims. Two patent pool administrators, Access and The Sisvel Group, are administering AV1-related patent licenses, despite AOMedia’s objections.

“The legal framework around video codecs is well established, and incorporating patented technology carries clear licensing obligations," Access CEO Peter Moller said in a statement accompanying an announcement of Dolby’s lawsuit. "Labeling a codec ‘royalty-free’ does not eliminate underlying patent rights."

Besides Dolby, InterDigital is also suing over AV1 [PDF] and is accusing some Amazon Fire streaming devices of infringing on its patents by supporting the codec.

Additionally, European Union (EU) antitrust regulators investigated AOMedia’s licensing policy in 2022 but closed the investigation in 2023 “for priority reasons,” an EU spokesperson told Reuters at the time, noting that “the closure is not a finding of compliance or non-compliance of the conduct in question with EU competition rules.”

The results of Dolby’s and InterDigital’s lawsuits could have lasting implications for AV1 adoption, which lags behind that of HEVC eight years after its release.

“Only because Big Tech says a codec should be royalty-free doesn't mean that it is. … Given that all codecs use somewhat similar techniques, the risk of an infringement of patents belonging to parties who did not offer royalty-free licenses is substantial,” intellectual property activist and commentator Florian Mueller told Ars Technica.

Mueller said that many streaming services have operated without video codec licenses for years as patent holders prioritized collecting royalties on hardware and software products. That has changed in recent years amid the growth of streaming.

“Companies like Amazon and Disney would like to persuade courts that after many years of no one, or at least no major player, knocking at their doors, they don't have to pay now,” Mueller, who runs the online publication IP Fray, said.

Although the debate over whether a codec can be truly royalty-free goes back years, the debate around AV1 is getting more attention than previous discussions. Dolby’s lawsuit in particular could have resounding implications on the AV1 standard should a judge decide that Dolby is not obligated to license patented technologies said to be leveraged by AV1.

As Mueller pointed out, HEVC was created with most essential patent holders signing a FRAND licensing pledge, which differs from AV1’s creation:

With AV1, it could turn out that there are far more patent holders out there with essential patents but no FRAND licensing obligation. In that case, they could theoretically ask for anything, even extortionate amounts, up to the point where someone would then stop implementing AV1. And the really bad thing here, which I'm sure is not Dolby's objective but it could be someone else's, is that someone could purposely make prohibitive royalty demands for AV1 in order to discourage use of the standard.

Dolby and Snap didn’t respond to requests for comment. An AOMedia spokesperson acknowledged receipt of our questions but didn’t provide responses ahead of publication.

Read full article

Comments

Memory and storage shortages and price hikes that started hitting PC components late last year have steadily rippled outward across all kinds of consumer tech—some products have disappeared, gone out of stock, or been delayed, and others have undergone multiple rounds of price hikes.

Today's bad news comes from Sony, which is raising prices for PlayStation 5 consoles in the US just eight months after their last price hike. The drive-less Digital Edition will increase from $500 to $600; the base PS5 with an optical drive will increase from $550 to $650; and the PS5 Pro is going up from $750 to a whopping $900. At the beginning of 2025, these consoles cost $450, $500, and $700, respectively.

Sony, Microsoft, and Nintendo had all announced one or more price increases for one or more consoles throughout 2025, though these were driven more by the Trump administration's tariffs on imported goods than component shortages. Game console price cuts had already become less common over the course of the 2010s, making consoles like the 5-plus-year-old PS5 historically expensive compared to older consoles at this point in their lifespans.

RAM and flash memory chips are in short supply primarily because of demand from AI data centers—memory manufacturers have shifted more production toward making the kind of memory found in AI accelerators like Nvidia's H200, leaving less for the consumer market.

And the situation is unlikely to improve any time soon, barring a major shift in demand from the AI industry. Manufacturers like Kioxia have said that their capacity is already sold out through the end of 2026. The complexity of chipmaking means it takes months or years to ramp up additional manufacturing capacity, and chipmakers can be slow to do it because they don't want to end up with a glut of memory they can't sell if market conditions change. In the short-to-medium term, this all means these high prices will probably stick around for a while.

Read full article

Comments

Iran-linked hackers successfully broke into FBI Director Kash Patel's personal email, the Department of Justice confirmed to Reuters on Friday.

Reuters could not authenticate the leaked emails themselves but noted that the Gmail address matched an email account "linked to Patel in previous data breaches ⁠preserved by the dark web intelligence firm District 4 Labs." The DOJ suggested the emails appeared to be authentic.

On their website, the Handala Hack Team boasted that Patel "will now find his name among the list of successfully hacked victims." The hacker group taunted Patel by sharing photos of him sniffing cigars and holding up a jug of rum, along with other documents that Reuters reported were from 2010 to 2019.

"Soon you will realize that the FBI's security was nothing more than a joke," the group posted, as documented in screenshots from the website shared widely on X.

The hack came after the DOJ disrupted some of the hacker group's websites earlier this month. In a press release, Patel threatened to "hunt" down the group, which Reuters reported "calls itself a group of pro-Palestinian vigilante hackers." After detailing four attacks this month that the group had taken credit for, Patel offered rewards of up to $10 million for information on its members.

"Iran thought they could hide behind fake websites and keyboard threats to terrorize Americans and silence dissidents," Patel said. "We took down four of their operation's pillars and we're not done. This FBI will hunt down every actor behind these cowardly death threats and cyberattacks and will bring the full force of American law enforcement down on them."

The group, which Western researchers believe is "one of several personas used by Iranian government cyberintelligence units," opposes US support for Israel, Reuters reported. Their cyberattacks on US entities followed a major military attack from the US and Israel that killed Iran's Supreme Leader Ayatollah Ali Khamenei. In their press release, the DOJ quoted from emails in which the group sent death threats to dissidents in the US.

"We the Handala Hack team, the loyal followers of the supreme leader Ali Hosseini Khamenei, declare war on all the enemies of Islam in the West," the group said.

On Friday, the group confirmed on their website that the hack on Patel's email was in retaliation against the domain seizures:

Today, once again, the world witnessed the collapse of America's so-called security legends. While the FBI proudly seized our domains and immediately announced a $10 million reward for the heads of Handala Hack members, we decided to respond to this ridiculous show in a way that will be remembered forever.

Hackers claimed that their data grab included confidential information about Patel, but that could not be independently verified.

"The so-called 'impenetrable' systems of the FBI were brought to their knees within hours by our team," the group said on their website. "All personal and confidential information of Kash Patel, including emails, conversations, documents, and even classified files, is now available for public download."

The FBI has yet to comment on the hack, and Patel has not posted about it on his X account as of this writing.

Read full article

Comments

Google is dramatically shortening its readiness deadline for the arrival of Q Day, the point at which existing quantum computers can break public-key cryptography algorithms that secure decades' worth of secrets belonging to militaries, banks, governments, and nearly every individual on earth.

In a post published on Wednesday, Google said it is giving itself until 2029 to prepare for this event. The post went on to warn that the rest of the world needs to follow suit by adopting PQC—short for post-quantum cryptography—algorithms to augment or replace elliptic curves and RSA, both of which will be broken.

The end is nigh

“As a pioneer in both quantum and PQC, it’s our responsibility to lead by example and share an ambitious timeline,” wrote Heather Adkins, Google’s VP of security engineering, and Sophie Schmieg, a senior cryptography engineer. “By doing this, we hope to provide the clarity and urgency needed to accelerate digital transitions not only for Google, but also across the industry.”

Separately, Google detailed its timeline for making Android quantum resistant, the first time the company has publicly discussed PQC support on the operating system. Starting with the beta version, Android 17 will support ML-DSA, a digital signing algorithm standard advanced by the National Institute for Standards and Technology. ML-DSA will be added to Android's hardware root of trust. The move will allow developers to have PQC keys for signing their apps and verifying other software signatures.

Google said it now has ML-DSA integrated into the Android verified boot library, which secures the boot sequence against manipulation. Google engineers are also beginning to move remote attestation to PQC. Remote attestation is a feature that allows a device to prove its current state to a remote server to, for example, prove to a server on a corporate network that it's running a secure OS version.

Google further said it's adding ML-DSA support to the Android Keystore so that developers can generate ML-DSA keys and store them within the secure hardware of the device directly. Google is also planning to migrate the Play Store, and the developer signatures on every app listed in it, to PQC.

The additions are likely to put a significant workload on Android developers.

So what's spooking Google so much?

Wednesday's hard deadline came as a surprise to many cryptography engineers, including those who have been active in the PQC transition for years.

"That is certainly a significant acceleration/tightening of the public transition timelines we've seen to date, and is accelerated over even what we've seen the US government ask for," Brian LaMacchia, a cryptography engineer who oversaw Microsoft’s post-quantum transition from 2015 to 2022 and now works at Farcaster Consulting Group, said in an interview. "The 2029 timeline is an aggressive speedup but raises the question of what's motivating them."

Google didn't lay out the rationale for the revision in either of its posts. A spokeswoman didn't immediately provide answers to questions sent by email.

Estimates for when Q Day will arrive have varied widely since the mid-1990s, when mathematician Peter Shor first showed that a quantum computer of sufficient strength could factor integers in polynomial time, much faster than classical computers. That put the world on notice that RSA’s days were limited. Follow-on research showed quantum computers provided a similar speed-up in solving the discrete log problem that underpins elliptic curves.

The timeline for this arrival is based on when existing quantum computers will contain the required number of qubits that can correct inevitable errors. In 2012, most estimates were that a 2048-bit RSA key could be broken by a quantum computer with a billion physical qubits. By 2019, the estimate was lowered to 20 million physical qubits. A running joke among researchers has been that Q Day has been 10 to 20 years away for the past 30 years.

Last June, Google published research that once again drastically lowered the expected threshold for breaking RSA. It showed that a 2048-bit RSA integer could be factored in less than a week with a quantum computer with 1 million “noisy qubits,” meaning qubits that are prone to errors resulting from environmental conditions that disrupt the quantum state. The research was led by Craig Gidney, the same scientist behind the 2019 estimate.

In preparation for Q Day, cryptographers have devised new encryption algorithms that rely on problems that quantum computers don't have an advantage over classical computers in solving. Rather than factoring or solving the discrete log, one approach involves mathematical structures known as lattices. A second approach involves a stateless hash-based digital signature scheme. The National Institute of Standards and Technology has advanced several algorithms that have yet to be broken and are presumed to be secure.

In 2022 the NSA set a deadline for PQC readiness in national security systems by 2033 and for 2030 for a few specific applications.

More recently, deadlines have been in flux as both the Biden and Trump administrations have issued executive orders prioritizing quantum readiness. Currently, the NSA is adhering to a 2031 deadline.

PQC algorithms have made their way into a variety of products and protocols, although largely in piecemeal fashion. Last year, the Signal messenger added ML-KEM-768, an implementation of the CRYSTALS-Kyber algorithm, to its existing encryption engine. Software and services from Google, Apple, Cloudflare, and dozens of others have also done the same.

“Quantum computers will pose a significant threat to current cryptographic standards, and specifically to encryption and digital signatures,” Google’s Wednesday morning post stated. “The threat to encryption is relevant today with store-now-decrypt-later attacks, while digital signatures are a future threat that require the transition to PQC prior to a Cryptographically Relevant Quantum Computer (CRQC). That’s why we’ve adjusted our threat model to prioritize PQC migration for authentication services—an important component of online security and digital signature migrations. We recommend that other engineering teams follow suit.”

Read full article

Comments

The Supreme Court today decided that Internet service providers cannot be held liable for their customers' copyright infringement unless they take specific steps that cause users to violate copyrights. The court ruled unanimously in favor of Internet provider Cox Communications, though two justices did not agree with the majority's reasoning.

The ruling effectively means that ISPs do not have to conduct mass terminations of Internet users accused of illegally downloading or uploading pirated files. If the court had ruled otherwise, ISPs could have been compelled to strictly police their networks for piracy in order to avoid billion-dollar court verdicts under the Digital Millennium Copyright Act (DMCA).

The long-running case is Cox Communications v. Sony Music Entertainment. Cox was hit with a $1 billion verdict for music piracy in 2019. Although the damages award was overturned in 2024, a federal appeals court still found that Cox was liable for willful contributory infringement.

The Supreme Court decided to take up Cox's appeal of the finding and heard oral arguments in December 2025. In today's ruling, the court rejected Sony's claims and found that Cox is not liable for its users' copyright infringement.

Justice Clarence Thomas delivered the opinion of the court. "Under our precedents, a company is not liable as a copyright infringer for merely providing a service to the general public with knowledge that it will be used by some to infringe copyrights. Accordingly, we reverse," Thomas wrote.

Cox did not induce subscribers to pirate music

Thomas' opinion was joined by Chief Justice John Roberts, Samuel Alito, Elena Kagan, Neil Gorsuch, Brett Kavanaugh, and Amy Coney Barrett. Justice Sonia Sotomayor filed a concurring opinion that was joined by Ketanji Brown Jackson. Sotomayor objected to the majority limiting liability to the degree it did, but agreed that Cox is not liable for infringement.

"The provider of a service is contributorily liable for the user’s infringement only if it intended that the provided service be used for infringement," Thomas wrote. "The intent required for contributory liability can be shown only if the party induced the infringement or the provided service is tailored to that infringement."

The court decided today that a service is tailored to infringement if it is not capable of "substantial" or "commercially significant" noninfringing uses. The court cited Sony's 1984 victory in the Betamax case, in which justices found that the Betamax was capable of noninfringing uses and that Sony's sale of it did not constitute contributory infringement. Sony's win in 1984 thus contributed to its loss today.

The Supreme Court's 2005 ruling in MGM Studios v. Grokster was also important. Recalling the Grokster ruling, Thomas said the court has held that a service provider may be found to induce infringement if it actively encourages it, such as by promoting and marketing software as a tool to infringe copyrights. By contrast, Cox's actions as the provider of Internet service did not induce infringement, Thomas wrote:

Thus, Cox is not contributorily liable for the infringement of Sony’s copyrights. Cox provided Internet service to its subscribers, but it did not intend for that service to be used to commit copyright infringement. Holding Cox liable merely for failing to terminate Internet service to infringing accounts would expand secondary copyright liability beyond our precedents.

Cox neither induced its users’ infringement nor provided a service tailored to infringement. As for inducement, Cox did not “induce” or “encourage” its subscribers to infringe in any manner. Sony provided no “evidence of express promotion, marketing, and intent to promote” infringement. And, Cox repeatedly discouraged copyright infringement by sending warnings, suspending services, and terminating accounts. As for providing a service tailored to infringement, Cox’s Internet service was clearly “capable of ‘substantial’ or ‘commercially significant’ noninfringing uses.” Cox did not tailor its service to make copyright infringement easier. Cox simply provided Internet access, which is used for many purposes other than copyright infringement.

Cox: Ruling affirms ISPs are not copyright police

Cox hailed the ruling in a statement the company provided to Ars. “The Supreme Court’s unanimous opinion is a decisive victory for the broadband industry and for the American people who depend on reliable Internet service," Cox said. "This opinion affirms that Internet service providers are not copyright police and should not be held liable for the actions of their customers—and after years of battling in the trial and appellate courts, we have definitively shut down the music industry’s aspirations of mass evictions from the Internet."

The Recording Industry Association of America (RIAA) said it is "disappointed in the court's decision vacating a jury's determination that Cox Communications contributed to mass scale copyright infringement, based on overwhelming evidence that the company knowingly facilitated theft. To be effective, copyright law must protect creators and markets from harmful infringement and policymakers should look closely at the impact of this ruling." The RIAA argued that the ruling "is narrow, applying only to 'contributory infringement' cases involving defendants like Cox that do not themselves copy, host, distribute, or publish infringing material or control or induce such activity.”

We contacted Sony about its court loss and will update this article if it provides a response.

Cox's arguments were supported by digital rights groups. "Today’s decision laid to rest the idea that private actors—and not just any private actors, but record labels—can determine when customers deserve to be excluded from applying to jobs, paying bills, and getting an education," Meredith Rose, senior policy counsel at Public Knowledge, said. "That view of the world is not only nonsensical and dated, but also fundamentally anti-democratic. Today’s decision is a long-overdue win for common sense.”

The Trump administration also supported Cox's case over the past year, telling the Supreme Court that a Sony victory could compel ISPs to "terminat[e] subscribers after receiving a single notice of alleged infringement.”

Sotomayor: Majority dismantled DMCA incentive structure

The Sotomayor concurrence said the majority went too far. "The majority holds that Cox is not liable solely because its conduct does not fit within the two theories of secondary liability previously applied by this Court," Sotomayor wrote. "In so doing, the majority, without any meaningful explanation, unnecessarily limits secondary liability even though this Court’s precedents have left open the possibility that other common-law theories of such liability, like aiding and abetting, could apply in the copyright context. By ignoring those past decisions, the majority also upends the statutory incentive structure that Congress created."

As previously noted, the majority found that contributory liability can be shown only if the party induced infringement or if a provided service is tailored to that infringement. Sotomayor said the "majority’s limiting of secondary liability here dismantles the statutory incentive structure that Congress created" in the DMCA.

"Importantly, Congress did not provide that ISPs could never be secondarily liable for copyright infringement," she wrote. "Instead, it struck a balance by creating incentives for ISPs to take reasonable steps to prevent copyright infringement on their networks, while also assuring ISPs that they do not need to take on the impossible task of responding to every instance of infringement on their networks. The majority’s new rule completely upends that balance and consigns the safe harbor provision to obsolescence."

Sotomayor said she nonetheless agrees "with the majority that Cox cannot be held liable here for a different reason. Plaintiffs cannot prove that Cox had the requisite intent to aid copyright infringement for Cox to be liable on a common-law aiding-and-abetting theory. I therefore concur in the judgment."

The majority disagreed that it is upending the DMCA's safe harbor, which protects providers from liability when they terminate repeat infringers "in appropriate circumstances." The DMCA does not expressly impose liability for ISPs who serve known infringers, the court majority ruled.

"The DMCA merely creates new defenses from liability for such providers," Thomas wrote. "And, the DMCA made clear that failure to comply with the safe-harbor rules 'shall not bear adversely upon... a defense by the service provider that the service provider’s conduct is not infringing.'"

Although Kagan joined the majority opinion today, she said during oral arguments that the DMCA safe harbor would “seem to do nothing” if the court sides with Cox. “Why would anybody care about getting into the safe harbor if there’s no liability in the first place?” she said at the time.

Sony's Betamax victory hurt it in Cox case

Today's Supreme Court ruling reversed a decision by the US Court of Appeals for the 4th Circuit. The 4th Circuit "did not suggest that Cox induced its users to infringe" and "did not deny that Cox’s service was 'capable of substantial lawful use and not designed to promote infringement,'" Thomas wrote. "Rather, the court held that 'supplying a product with knowledge that the recipient will use it to infringe copyrights is... sufficient for contributory infringement.'"

Thomas said the 4th Circuit holding went beyond the two forms of liability recognized in Grokster and Sony Corp. of America v. Universal City Studios, also known as the Betamax case. The 4th Circuit ruling "also conflicted with this Court’s repeated admonition that contributory liability cannot rest only on a provider’s knowledge of infringement and insufficient action to prevent it," Thomas wrote.

After reading today's ruling, Santa Clara University law professor Eric Goldman wrote, "I do note the irony that Sony created the defense-favorable legal standard in 1984 that is now being cited against it in 2026. As the Bible verse goes, 'You reap what you sow.'"

Goldman explained that "Thomas’ opinion defines 'tailored to infringement' as 'not capable of substantial or commercially significant noninfringing uses.' This resurrects the Sony v. Universal standard for contributory infringement from over 40 years ago, which largely got put on hold after the Grokster case 20 years ago. Because it’s not been well-explored since 2006, we’re not sure what this phrase means in the modern Internet age."

Goldman predicted that "there will be substantial confusion in the lower courts trying to figure out how to apply" the "tailored to infringement" standard. "On balance, the old Sony standard should favor future defendants, but copyright owners will invest a lot of money to try to water it down and undermine it," he wrote.

Sony and other music copyright owners use the MarkMonitor service to trace illegal downloads and uploads to specific IP addresses and send copyright-infringement notices to the users' Internet providers. Cox told the Supreme Court that ISPs can’t verify whether the notices are accurate and that terminating an account would punish every user in a household where only one person may have illegally downloaded copyrighted files. MarkMonitor sent Cox 163,148 piracy notices during the two-year period covered in the case.

Record labels Sony, Warner, and Universal told the Supreme Court that Cox chose not to terminate repeat copyright infringers to avoid a loss in revenue, despite being sent three or more infringement notices for each subscriber at issue in the case. “[W]hile Cox stokes fears of innocent grandmothers and hospitals being tossed off the Internet for someone else’s infringement, Cox put on zero evidence that any subscriber here fit that bill," record labels told the court. "By its own admission, the subscribers here were ‘habitual offenders’ Cox chose to retain because, unlike the vast multitude cut off for late payment, they contributed to Cox’s bottom line.”

ISP has "incomplete knowledge" of infringement

At oral arguments, Cox attorney Joshua Rosenkranz said the ISP created an anti-infringement program, sent out hundreds of warnings a day, suspended thousands of accounts a month, and worked with universities to limit infringement. Rosenkranz told the court that “the highest recidivist infringers” cited in the case were universities, hotels, and regional ISPs that purchase connectivity from Cox, rather than individual households.

"According to Cox, it created a system of responding to the notices that it received from MarkMonitor," Thomas wrote. "After the second MarkMonitor notice for a subscriber’s account, Cox sent a warning to that subscriber. After additional notices, Cox terminated Internet access to that subscriber’s IP address until the subscriber responded to the warning. If it continued to receive notices for that IP address, Cox suspended service until the subscriber called and received a warning over the phone. After 13 notices, the subscriber was subject to termination of all Internet service." Cox also contractually prohibits subscribers from using the service to infringe copyrights, Thomas noted.

In addition to criticizing the majority's reasoning today, Sotomayor criticized Cox's anti-piracy enforcement efforts during oral arguments. “There are things you could have done to respond to those infringers, and the end result might have been cutting off their connections, but you stopped doing anything for many of them... You did nothing and, in fact, counselor, your clients’ sort of laissez-faire attitude toward the respondents is probably what got the jury upset," she said at the time.

Despite those comments during oral arguments, Sotomayor's concurrence today said that Sony did not prove that Cox knows specific users will commit infringement. "Cox supplies Internet connections to a wide range of customers, ranging from single users all the way to smaller regional ISPs. When Cox receives a copyright violation notice, however, the notice specifies only which connection was used to infringe, not who used it to commit infringement," she wrote.

For single homes, Cox has no way "to know if the infringer was a neighbor who might have the Wi-Fi password," Sotomayor said, also noting that Cox doesn't have control over regional ISPs that resell Cox network connectivity. "Given this degree of removal from the infringing activity and Cox’s incomplete knowledge, Cox cannot be found to have intended to aid in any specific instance of infringement committed using the connection that Cox provides to the regional ISP," Sotomayor wrote. "The same is true for connections Cox provides to university housing, hospitals, military bases, and other places that are likely to have many different users."

Justice Alito agreed with Cox that Sony's demands for cracking down on piracy at universities were excessive and described Sony's demands as unworkable. He said during oral arguments that if an ISP tells a university, “a lot of your 50,000 students are infringing… the university then has to determine which particular students are engaging in this activity. Let’s assume it can even do that, and so then it knocks out 1,000 students and then another 1,000 students are going to pop up doing the same thing. I just don’t see how it’s workable at all.”

Read full article

Comments

Mozilla developer Peter Wilson has taken to the Mozilla.ai blog to announce cq, which he describes as "Stack Overflow for agents." The nascent project hints at something genuinely useful, but it will have to address security, data poisoning, and accuracy to achieve significant adoption.

It's meant to solve a couple of problems. First, coding agents often use outdated information when making decisions, like attempting deprecated API calls. This stems from training cutoffs and the lack of reliable, structured access to up-to-date runtime context. They sometimes use techniques like RAG (Retrieval Augmented Generation) to get updated knowledge, but they don't always do that when they need to—"unknown unknowns," as the saying goes—and it's never comprehensive when they do.

Second, multiple agents often have to find ways around the same barriers, but there's no knowledge sharing after said training cutoff point. That means hundreds or thousands of individual agents end up using expensive tokens and consuming energy to solve already-solved problems all the time. Ideally, one would solve an issue once, and the others would draw from that experience.

That's exactly what cq tries to enable. Here's how Wilson says it works:

Before an agent tackles unfamiliar work; an API integration, a CI/CD config, a framework it hasn't touched before; it queries the cq commons. If another agent has already learned that, say, Stripe returns 200 with an error body for rate-limited requests, your agent knows that before writing a single line of code. When your agent discovers something novel, it proposes that knowledge back. Other agents confirm what works and flag what's gone stale. Knowledge earns trust through use, not authority.

The idea is to move beyond claude.md or agents.md, the current solution for the problems cq is trying to solve. Right now, developers add instructions for their agents based on trial and error—if they find that an agent keeps trying to use something outdated, they tell it in .md files to do something else instead.

That sort of works sometimes, but it doesn't cross-pollinate knowledge between projects.

The current state

Wilson describes cq as a proof of concept, but it's one you can download and work with now; it's available as a plugin for Claude Code and OpenCode. Additionally, there's an MCP server for handling a library of knowledge stored locally, an API for teams to share knowledge, and a user interface for human review.

I'm just scratching the surface of the details here; there's documentation at the GitHub repo if you want to learn more details or contribute to the project.

In addition to posting on the Mozilla.ai blog, Wilson announced the project and solicited feedback from developers on Hacker News. Reactions in the thread are mixed. Most people chiming in agree that cq is aiming to do something useful and needed, but there's a long list of potential problems to solve.

For example, some commenters have noted that models do not reliably describe or track the steps they take—an issue that could balloon into a lot of junk knowledge at scale across multiple agents. There are also several serious security challenges, such as how the system will deal with prompt injection threats or data poisoning.

This is also not the only attempt to address these needs. There are a variety of different projects in the works, operating on different levels of the stack, to try to make AI agents waste fewer tokens by giving them access to more up-to-date or verified information.

Read full article

Comments