Defcon vote-hacking village shows that "secure" voting machines can be broken in minutes

Since the 2000 Bush-Gore election crisis and the hanging-chad controversy, voting machine vendors have been offering touchscreen voting machines as a solution to America's voting woes -- and security researchers have been pointing out that the products on offer were seriously, gravely defective. Read the rest

Security researcher arrested after he warns Hungarian transit company about their dumb mistake

A teenager discovered that the website of Budapesti Közlekedési Központ -- the public transit authority in Budapest -- would allow you to edit the price you paid for your tickets, so that purchasers could give themselves massive discounts on their travel, and when he told the authority about it, they had him arrested and issued a press-release boasting about it. Read the rest

Security researchers: EFF's got your back at this summer's technical conferences

Are you a security researcher planning to present at Black Hat, Defcon, B-Sides or any of this summer's security events? Are you worried a big corporation or the government might attack you for revealing true facts about the defects in the security systems we entrust with our safety, privacy and health? Read the rest

How big is the market for DRM-Free?

It's the Day Against DRM, and EFF is celebrating by publishing the first public look at How Much Do Consumers Value Interoperability? Evidence from the Price of DVD Players, a scholarly economics paper that uses clever techniques to reveal some eye-popping number on the strangled market for DRM-free gadgets. Read the rest

Medical implants and hospital systems are still infosec dumpster-fires

Medical devices have long been the locus of information security's scariest failures: from the testing and life-support equipment in hospitals to the implants that go in your body: these systems are often designed to harvest titanic amounts of data about you, data you're not allowed to see that's processed by code you're not allowed to audit, with potential felony prosecutions for security researchers who report defects in these systems (only partially mitigated by a limited exemption that expires next year). What's more, it can get much worse. Read the rest

All the Second Life rabbits are doomed, thanks to DRM

Every Ozimal digirabbit in the venerable virtual world Second Life will starve to death (well, permanent hibernation) this week because a legal threat has shut down their food-server, and the virtual pets are designed so that they can only eat DRM-locked food, so the official food server's shutdown has doomed them all. Read the rest

Apple, CTA and Big Car are working in secret to kill New York's Right to Repair legislation

Here's the list of companies that are quietly lobbying to kill New York State's Right to Repair legislation (previously), which would force companies to halt anticompetitive practices that prevent small businesses from offering repair services to their communities: "Apple, Verizon, Toyota, Lexmark, Caterpillar, Asurion, Medtronic" and the Consumer Technology Association "which represents thousands of electronics manufacturers." Read the rest

An open letter on DRM to the inventor of the web, from the inventor of net neutrality

Tim Wu, the Colombia University law professor and anti-trust/competition expert who coined the term "Net Neutrality," has published an open letter to Tim Berners-Lee, the creator of the web and director of the World Wide Web Consortium (W3C). Read the rest

John Deere just told the copyright office that only corporations can own property, humans can only license it

John Deere has turned itself into the poster-child for the DMCA, fighting farmers who say they want to fix their own tractors and access their data by saying that doing so violates the 1998 law's prohibition on bypassing copyright locks. Read the rest

Portuguese proposal to legalize breaking DRM passes Parliament

The amazing advocacy of the DRM-PT movement has resulted in the country's Parliament passing a bill that legalizes breaking DRM to accomplish lawful ends, such as exercising the private copying right, or making uses of public domain works or works produced at public expense. Read the rest

IoT vendor objects to "rude" review, renders complainer's device inoperable

R Martin bought a Garadget -- a device that lets you verify whether your garage door is closed using a mobile app -- and couldn't get it to work and left an intemperate 1-star Amazon review for the product. Read the rest

Desperate John Deere tractor owners are downloading illegal Ukrainian firmware hacks to get the crops in

John Deere is notorious for arguing that farmers who buy its tractors actually "license" them because Deere still owns the copyright to the tractors' software; in 2015, the US Copyright Office affirmed that farmers were allowed to jailbreak their tractors to effect repairs and modifications. Read the rest

W3C moves to finalize DRM standardization, reclassifies suing security researchers as a feature, not a bug

The World Wide Web Consortium has announced that its members have until April 19 to weigh in on whether the organization should publish Encrypted Media Extensions, its DRM standard for web video, despite the fact that this would give corporations the new right to sue people who engaged in legal activity, from security researchers who revealed defects in browsers to accessibility workers who adapted video for disabled people to scrappy new companies who come up with legal ways to get more use out of your property. Read the rest

Mormon church uses bogus copyright claims in attempt to censor Mormonleaks

Mormonleaks is a whistleblower site dedicated to revealing corruption and hypocrisy in the Church of Latter Day Saints; over four months, it has published many documents that did just that, but when it published a leaked Powerpoint revealing the Church's view on "the roots of apostasy, such as pornography, campaigns to ordain women, challenges to church history and general 'lack of righteousness,'" the Church turned to the Digital Millennium Copyright Act and a bogus claim of copyright infringement to get the document taken down. Read the rest

Healthcare facilities widely compromised by Medjack, malware that infects medical devices to steal your information

The healthcare industry is a well-known information security dumpster fire, from the entire hospitals hijacked by ransomware to the useless security on medical devices to the terrifying world of shitty state security for medical implants -- all made worse by the cack-handed security measures that hospital workers have to bypass to get on with saving our lives (and it's about to get worse, thanks to the Internet of Things). Read the rest

Source tells Motherboard that Apple will testify against Nebraska's "Right to Repair" law

Motherboard says a source told them that "an Apple representative, staffer, or lobbyist will testify" against the state's Right to Repair bill, which requires companies to make it easy for their customers to choose from a variety of repair options, from official channels to third parties to DIY. Read the rest

HP's Nonpology

The "nonpology" is a corporate standard: a company does something terrible, and then it tells you it's sorry that you found its behaviour upsetting. But HP's October 2016 public statement on its secret, aftermarket attack on its customers' property has made important advances in the field of nopologyology.

More posts