Thailand is losing the war on dissent, thanks to user notifications and HTTPS

Thailand's insane lese majeste laws make it radioactively illegal to criticize the royal family, reflecting a profound insecurity about the legitimacy of the ruling elites there that can only be satisfied through blanket censorship orders whenever one of the royals does something ridiculous, cruel or both (this happens a lot). Read the rest

Trump wanted Comey to throw journalists in prison

Yesterday, The New York Times ran a story with the headline "Comey Memo Says Trump Asked Him to End Flynn Investigation." But another nugget was hidden towards the bottom of the article:

Alone in the Oval Office, Mr. Trump began the discussion by condemning leaks to the news media, saying that Mr. Comey should consider putting reporters in prison for publishing classified information, according to one of Mr. Comey’s associates.

But isn't it legal in the United States for journalists to publish leaks whether they are legally obtained by someone else or not? According to The Guardian:

The real danger, which got far less attention, was that Trump might use the draconian 100-year-old Espionage Act to target reporters with prosecution for publishing classified information. Less than six months into his presidency, we now have reason to believe this is a distinct possibility.

The Espionage Act is blatantly unconstitutional, which is part of the reason why every justice department in modern history has avoided reaching the point of prosecution against a newspaper. But it has long been a specter hanging over journalists: if you read just the text of the law, it is being violated almost daily by reporters at every major paper in the country. (And it’s not just journalists: the law is so wildly broad that just by reading the New York Times, you are arguably guilty.)

Many lawyers have believed the law would be struck down if a prosecution ever took place, but it’s not exactly a chance anyone wants to take.

Read the rest

Iran sucks at censoring apps, so the Persian diaspora is using them for unfiltered political discussion

With a (symbolic) (but it's a potent symbol) election looming in Iran, the global Persian diaspora is not lacking for news organs that are producing the kind of unfiltered political news that would get you jailed or killed in Iran. Read the rest

Human rights coalition from the global south to W3C: don't put DRM in web standards!

The Just Net Coalition -- whose membership roll includes leading human rights organisations from across the global south -- have written urgently to the World Wide Web Coalition and its founder, Tim Berners-Lee, calling on him to intervene to stop the Consortium from publishing its first-ever DRM standard, a system for restricting video streams called Encrypted Media Extensions. Read the rest

The Internet of Things will host devastating, unstoppable botnets

Bruce Schneier takes to the pages of Technology Review to remind us all that while botnets have been around for a long time, the Internet of Things is supercharging them, thanks to insecurity by design. Read the rest

How Netflix is driving permanent, terrible, standards-defined insecurity for billions of browser users

The New Scientist has published a good piece on Encrypted Media Extensions (previously), the World Wide Web Consortium's proposed standard for adding DRM to video streams; they're creating their first-ever standard that is encompassed by laws protecting DRM (such as the DMCA), and in so doing, they're creating new liability for security researchers, who'll face unprecedented criminal and civil liability just for reporting defects in browsers. Read the rest

How the EU's imaginary "value gap" would kill user-generated content online

One of the music industry's dumbest, most pernicious talking-points is the "value gap" (AKA the "value recognition right") which is code for, "Online platforms should employ an army of copyright lawyers to assess everything that users share for copyright compliance." Read the rest

How companies should plan for, and respond to, security breaches

Troy Hunt, proprietor of the essential Have I Been Pwned (previously) sets out the hard lessons learned through years of cataloging the human costs of breaches from companies that overcollected their customers' data; undersecured it; and then failed to warn their customers that they were at risk. Read the rest

W3C moves to finalize DRM standardization, reclassifies suing security researchers as a feature, not a bug

The World Wide Web Consortium has announced that its members have until April 19 to weigh in on whether the organization should publish Encrypted Media Extensions, its DRM standard for web video, despite the fact that this would give corporations the new right to sue people who engaged in legal activity, from security researchers who revealed defects in browsers to accessibility workers who adapted video for disabled people to scrappy new companies who come up with legal ways to get more use out of your property. Read the rest

Mormon church uses bogus copyright claims in attempt to censor Mormonleaks

Mormonleaks is a whistleblower site dedicated to revealing corruption and hypocrisy in the Church of Latter Day Saints; over four months, it has published many documents that did just that, but when it published a leaked Powerpoint revealing the Church's view on "the roots of apostasy, such as pornography, campaigns to ordain women, challenges to church history and general 'lack of righteousness,'" the Church turned to the Digital Millennium Copyright Act and a bogus claim of copyright infringement to get the document taken down. Read the rest

UK government threatens jail for journalists who work with whistleblowers

Under a new proposal from the UK Law Commission, journalists who handle or report on leaked documents demonstrating corruption or government malfeasance would face prison sentences. Read the rest

Techdirt is being sued by the "I invented email" guy and needs your money

Indie news outlet Techdirt is being sued for $15M by Shiva Ayyadurai, who claims to have invented email in 1978, eight years after Ray Tomlinson sent an email over ARPANET; Ayyadurai is represented by Charles Harder, a key figure in the Gawker-killing legal campaign that Peter Thiel financed, and who is also representing Melania Trump in her $150m lawsuit against The Daily Mail. Read the rest

The World Wide Web Consortium wants to give companies a veto over warnings about browser defects

Since 2013, when the W3C decided to standardize DRM for web videos, activists, security researchers and disabled rights advocates have been asking the organization what it plans on doing about the laws that make it illegal to bypass DRM, even to add features to help blind people, or to improve on browsers, or just to point out the defects in browsers that put billions of web users at risk. Read the rest

Enterprise firewalls are man-in-the-middling HTTPS sessions like crazy, and weakening security

A group of security researchers from academe and industry (including perennial Boing Boing favorite J Alex Halderman) have published an important paper documenting the prevalence and problems of firewalls that break secure web sessions in order to scan their contents for undesirable and malicious content. Read the rest

Gun violence researchers at UC Davis are racing to save the ATF's gun violence data before Trump blows it away

Magdalena Cerdá and Garen Wintemute are epidemiological researchers with US Davis's Violence Prevention Research Program; when they witnessed the Trump administration's mass-deletion of publicly funded EPA research, they feared gun violence stats would be next. Read the rest

Thailand's military-appointed Assembly unanimously passes an internet law combining the world's worst laws

On Dec 15, an amendment to Thailand's 2007 Computer Crime Act passed its National Legislative Assembly -- a body appointed by the country's military after the 2014 coup -- unanimously, and in 180 days, the country will have a new internet law that represents a grab bag of the worst provisions of the worst internet laws in the world, bits of the UK's Snooper's Charter, America's Computer Fraud and Abuse Act, and the dregs of many other failed laws. Read the rest

When tech leaders meet with Trump tomorrow, here's what they need to tell him

Execs representing the biggest tech companies in America are gathering for a meeting with Donald Trump tomorrow in New York; these companies have it in their power to spy on us, locate us, censor us, and terminally compromise the free and open internet. Read the rest

More posts