How to protect the future web from its founders' own frailty

OrfnjkI
Earlier this month, I gave the afternoon keynote at the Internet Archive's Decentralized Web Summit, and my talk was about how the people who founded the web with the idea of having an open, decentralized system ended up building a system that is increasingly monopolized by a few companies -- and how we can prevent the same things from happening next time.

Oculus quietly drops DRM from its VR systems

ACWO_Ludovico

In May, Facebook division Oculus broke its longstanding promise not to use DRM to limit its customers' choices, deploying a system that prevented Oculus customers from porting the software they'd purchased to run on non-Oculus hardware. Read the rest

Google's version of the W3C's video DRM has been cracked

animation

Since 2013, the World Wide Web Consortium (W3C) has been working with the major browser companies, Netflix, the MPAA, and a few other stakeholders to standardize "Encrypted Media Extensions" (EME), which attempts to control web users' behavior by adding code to browsers that refuses to obey user instructions where they conflict with the instructions sent by video services. Read the rest

Phones without headphone jacks are phones with DRM for audio

Headphone_jack_3.5mm (1)

Nilay Patel's magnificent rant about Apple's rumored announcement that future phones won't have headphone jacks starts with the main event: "1. Digital audio means DRM audio." Read the rest

Video: Guarding the Decentralized Web from its founders' human frailty

animation (1)

Earlier this month, I gave the afternoon keynote at the Internet Archive's Decentralized Web Summit, speaking about how the people who are building a new kind of decentralized web can guard against their own future moments of weakness and prevent themselves from rationalizing away the kinds of compromises that led to the centralization of today's web. Read the rest

W3C DRM working group chairman vetoes work on protecting security researchers and competition

drm-og-1

For a year or so, I've been working with the EFF to get the World Wide Web Consortium to take steps to protect security researchers and new market-entrants who run up against the DRM standard they're incorporating into HTML5, the next version of the key web standard. Read the rest

Intel x86s hide another CPU that can take over your machine (you can't audit it)

PIC12C508-HD
Recent Intel x86 processors implement a secret, powerful control mechanism that runs on a separate chip that no one is allowed to audit or examine. When these are eventually compromised, they'll expose all affected systems to nearly unkillable, undetectable rootkit attacks. I've made it my mission to open up this system and make free, open replacements, before it's too late.

How security and privacy pros can help save the web from legal threats over vulnerability disclosure

drm-og-1

I have a new op-ed in today's Privacy Tech, the in-house organ of the International Association of Privacy Professionals, about the risks to security and privacy from the World Wide Web Consortium's DRM project, and how privacy and security pros can help protect people who discover vulnerabilities in browsers from legal aggression. Read the rest

Oculus breaks promise, uses DRM to kill app that let you switch VR systems

18722839821_4a03d6fa37_b

As recently as 5 months ago, Oculus founder Palmer Luckey was promising his customers that they could play the software they bought from the Oculus store on "whatever they want," guaranteeing that the company wouldn't shut down apps that let customers move their purchased software to non-Oculus hardware. Read the rest

Brainjacking: the future of software security for neural implants

animation (2)

In a new scientific review paper published in World Neurosurgery, a group of Oxford neurosurgeons and scientists round up a set of dire, terrifying warnings about the way that neural implants are vulnerable to networked attacks. Read the rest

Clicking "Buy now" doesn't "buy" anything, but people think it does

484322226_c7e260fb90_b

In What We Buy When We "Buy Now", a paper forthcoming in The University of Pennsylvania Law Review, respected copyright scholars Aaron Perzanowski and Chris Jay Hoofnagle report on an experiment they set up to test what people clicking the "buy now" button on stores selling digital things (ebooks, games, music, videos, etc) think they get for their money -- it's not what they think. Read the rest

Open letter to from EFF to members of the W3C Advisory Committee

drm-og-1

The World Wide Web Consortium (W3C) has made a sea-change: now, in addition to making open web standards that anyone can implement, they're creating a video DRM standard designed to prevent people from implementing it unless they have permission from the big movie and TV companies, by invoking the notorious Digital Millennium Copyright Act and its international equivalents. Read the rest

Save Firefox: The W3C's plan for worldwide DRM would have killed Mozilla before it could start

drm-firefox2

The World Wide Web Consortium has been co-opted into standardizing a DRM scheme for letting entertainment companies control your browser; what's more, they've rejected even basic safeguards for competition, changing the browser landscape in a way that threatens the kind of disruptive innovation that gave us the Mozilla project and the Firefox browser. Read the rest

O'Reilly Hardware Podcast on the risks to the open Web and the future of the Internet of Things

apollo-1201-pic

I appeared on the O'Reilly Hardware Podcast this week (MP3, talking about the way that DRM has crept into all our smart devices, which compromises privacy, security and competition. Read the rest

Save iTunes: how the W3C's argument for web-wide DRM would have killed iTunes

drm-itunes2b

The World Wide Web Consortium's plan to standardize web-wide digital rights management is based on the idea that if an entertainment company doesn't like a new technology, it should have the right to prevent that technology from coming into being. Read the rest

Kobo "upgrade" deprives readers of hundreds of DRM-locked ebooks

1024px-Kobo_ereader_touch_black_front

Chris writes, "After a recent Kobo software upgrade, a number of Kobo customers have reported losing e-books from their libraries--notably, e-books that had been transferred to Kobo from their Sony Reader libraries when Sony left the consumer e-book business. One customer reported missing 460 e-books, and the only way to get them back in her library would be to search and re-add them one at a time! Customers who downloaded their e-books and illegally broke the DRM don't have this problem, of course." Read the rest

How standardizing DRM will make us all less secure

retailer

After decades of fighting for open Web standards that let anyone implement software to receive and render online data, the World Wide Web Consortium changed course and created EME, a DRM system that locks up video in formats that can only be played back with the sender's blessing, and which also gives media giants the power to threaten and sue security researchers who discover bugs in their code. Read the rest

More posts