Iran sucks at censoring apps, so the Persian diaspora is using them for unfiltered political discussion

With a (symbolic) (but it's a potent symbol) election looming in Iran, the global Persian diaspora is not lacking for news organs that are producing the kind of unfiltered political news that would get you jailed or killed in Iran. Read the rest

Human rights coalition from the global south to W3C: don't put DRM in web standards!

The Just Net Coalition -- whose membership roll includes leading human rights organisations from across the global south -- have written urgently to the World Wide Web Coalition and its founder, Tim Berners-Lee, calling on him to intervene to stop the Consortium from publishing its first-ever DRM standard, a system for restricting video streams called Encrypted Media Extensions. Read the rest

The Internet of Things will host devastating, unstoppable botnets

Bruce Schneier takes to the pages of Technology Review to remind us all that while botnets have been around for a long time, the Internet of Things is supercharging them, thanks to insecurity by design. Read the rest

How Netflix is driving permanent, terrible, standards-defined insecurity for billions of browser users

The New Scientist has published a good piece on Encrypted Media Extensions (previously), the World Wide Web Consortium's proposed standard for adding DRM to video streams; they're creating their first-ever standard that is encompassed by laws protecting DRM (such as the DMCA), and in so doing, they're creating new liability for security researchers, who'll face unprecedented criminal and civil liability just for reporting defects in browsers. Read the rest

How the EU's imaginary "value gap" would kill user-generated content online

One of the music industry's dumbest, most pernicious talking-points is the "value gap" (AKA the "value recognition right") which is code for, "Online platforms should employ an army of copyright lawyers to assess everything that users share for copyright compliance." Read the rest

How companies should plan for, and respond to, security breaches

Troy Hunt, proprietor of the essential Have I Been Pwned (previously) sets out the hard lessons learned through years of cataloging the human costs of breaches from companies that overcollected their customers' data; undersecured it; and then failed to warn their customers that they were at risk. Read the rest

W3C moves to finalize DRM standardization, reclassifies suing security researchers as a feature, not a bug

The World Wide Web Consortium has announced that its members have until April 19 to weigh in on whether the organization should publish Encrypted Media Extensions, its DRM standard for web video, despite the fact that this would give corporations the new right to sue people who engaged in legal activity, from security researchers who revealed defects in browsers to accessibility workers who adapted video for disabled people to scrappy new companies who come up with legal ways to get more use out of your property. Read the rest

Mormon church uses bogus copyright claims in attempt to censor Mormonleaks

Mormonleaks is a whistleblower site dedicated to revealing corruption and hypocrisy in the Church of Latter Day Saints; over four months, it has published many documents that did just that, but when it published a leaked Powerpoint revealing the Church's view on "the roots of apostasy, such as pornography, campaigns to ordain women, challenges to church history and general 'lack of righteousness,'" the Church turned to the Digital Millennium Copyright Act and a bogus claim of copyright infringement to get the document taken down. Read the rest

UK government threatens jail for journalists who work with whistleblowers

Under a new proposal from the UK Law Commission, journalists who handle or report on leaked documents demonstrating corruption or government malfeasance would face prison sentences. Read the rest

Techdirt is being sued by the "I invented email" guy and needs your money

Indie news outlet Techdirt is being sued for $15M by Shiva Ayyadurai, who claims to have invented email in 1978, eight years after Ray Tomlinson sent an email over ARPANET; Ayyadurai is represented by Charles Harder, a key figure in the Gawker-killing legal campaign that Peter Thiel financed, and who is also representing Melania Trump in her $150m lawsuit against The Daily Mail. Read the rest

The World Wide Web Consortium wants to give companies a veto over warnings about browser defects

Since 2013, when the W3C decided to standardize DRM for web videos, activists, security researchers and disabled rights advocates have been asking the organization what it plans on doing about the laws that make it illegal to bypass DRM, even to add features to help blind people, or to improve on browsers, or just to point out the defects in browsers that put billions of web users at risk. Read the rest

Enterprise firewalls are man-in-the-middling HTTPS sessions like crazy, and weakening security

A group of security researchers from academe and industry (including perennial Boing Boing favorite J Alex Halderman) have published an important paper documenting the prevalence and problems of firewalls that break secure web sessions in order to scan their contents for undesirable and malicious content. Read the rest

Gun violence researchers at UC Davis are racing to save the ATF's gun violence data before Trump blows it away

Magdalena Cerdá and Garen Wintemute are epidemiological researchers with US Davis's Violence Prevention Research Program; when they witnessed the Trump administration's mass-deletion of publicly funded EPA research, they feared gun violence stats would be next. Read the rest

Thailand's military-appointed Assembly unanimously passes an internet law combining the world's worst laws

On Dec 15, an amendment to Thailand's 2007 Computer Crime Act passed its National Legislative Assembly -- a body appointed by the country's military after the 2014 coup -- unanimously, and in 180 days, the country will have a new internet law that represents a grab bag of the worst provisions of the worst internet laws in the world, bits of the UK's Snooper's Charter, America's Computer Fraud and Abuse Act, and the dregs of many other failed laws. Read the rest

When tech leaders meet with Trump tomorrow, here's what they need to tell him

Execs representing the biggest tech companies in America are gathering for a meeting with Donald Trump tomorrow in New York; these companies have it in their power to spy on us, locate us, censor us, and terminally compromise the free and open internet. Read the rest

China's We Chat "shadow-bans" messages with forbidden keywords, but only for China-based accounts

The University of Toronto's Citizen Lab (previously) continues its excellent work, this time with a deep investigative piece on a sneaky form of censorship in China's popular We Chat service, where messages posted to group chats that contain words on a government blacklist are made invisible to other participants in the chat, while the original poster still sees it, giving the illusion that everyone's read the controverial message but no one found it worth commenting upon. Read the rest

Trumpism in Gambia: "marbles" election sparks internet shutdown

Deji writes, "Gambia is a small country but this story is pretty crazy. The president, who is seeking his 6th term, is using Trump rhetoric surrounding the 'rigging of elections.' People are voting by using marbles. Meanwhile, opposition activists and journalists have been arrested -- and the government STILL shut off the internet. It seems the president has lost his marbles." Read the rest

More posts