The W3C, DRM, and future of the open web

JM Porup's long, thoughtful article on the W3C's entry into the DRM standardization game gives a sense of the different forces that are pushing one of the open web's staunchest allies into a disastrous compromise: the competition that siloed apps present to open-web browsers, the debts of the W3C, the relentless pressure from the entertainment industry to redesign browsers to do a corporation's bidding, rather than the user's. Read the rest

The World Wide Web Consortium wants to give companies a veto over warnings about browser defects

Since 2013, when the W3C decided to standardize DRM for web videos, activists, security researchers and disabled rights advocates have been asking the organization what it plans on doing about the laws that make it illegal to bypass DRM, even to add features to help blind people, or to improve on browsers, or just to point out the defects in browsers that put billions of web users at risk. Read the rest

The Cyborg Bill of Rights v1.0

Our civil liberties, protections, and rights need to be revised periodically if they are to accompany us as we cross new frontiers. A new frontier looms ahead. More accurately, the new frontier looms within. And it is within our bodies and upon this battlefield that the next electronic rights war will be fought.

Google quietly makes "optional" web DRM mandatory in Chrome

The World Wide Web Consortium's Encrypted Media Extensions (EME) is a DRM system for web video, being pushed by Netflix, movie studios, and a few broadcasters. It's been hugely controversial within the W3C and outside of it, but one argument that DRM defenders have made throughout the debate is that the DRM is optional, and if you don't like it, you don't have to use it. That's not true any more. Read the rest

A lively history of DRM and gaming

17 minutes of funny and informative notes from the history of DRM from Lazy Game Reviews, starting with Bill Gates's infamous Open Letter to Hobbyists and moving through to the modern era with its activation codes, rootkits and scandals. (Thanks, Fipi Lele!) Read the rest

Your smart meter is very secure (against you) and very insecure (against hackers)

In On Smart Cities, Smart Energy, And Dumb Security -- Netanel Rubin's talk at this year's Chaos Communications Congress -- Rubin presents his findings on the failings in the security of commonly deployed smart meters. Read the rest

The kickstarted Pebble smartwatch is now a division of Fitbit, so they may "reduce functionality" on all the watches they ever sold

If you're one of the 60% of Pebble employees who didn't get a job offer from Fitbit, the company's new owner, you're probably not having a great Christmas season -- but that trepedation is shared by 100% of Pebble customers, who've just learned (via the fine print on an update on the Pebble Kickstarter page) that the company may soon "reduce functionality" on their watches. Read the rest

W3C at a crossroads: technology standards setter or legal arms-dealer?

The World Wide Web Consortium (W3C) is an amazing, long-running open standards body that has been largely responsible for the web's growth and vibrancy, creating open standards that lets anyone make web technology and become part of the internet ecosystem. Read the rest

My keynote from the O'Reilly Security Conference: "Security and feudalism: Own or be pwned"

Here's the 32 minute video of my presentation at last month's O'Reilly Security Conference in New York, "Security and feudalism: Own or be pwned." Read the rest

Car Wars: a dystopian science fiction story about the nightmare of self-driving cars

Melbourne's Deakin University commissioned me to write a science fiction story about the design and regulation of self-driving cars, inspired by my essay about the misapplication of the "Trolley Problem" to autonomous vehicles. Read the rest

Barnes & Noble's releasing a $50 Android tablet that does all the things Amazon won't let Kindles do

Chris Meadows writes, "Barnes & Noble is coming out with a $50 Nook Android tablet, with hardware specs similar to Amazon's $50 Fire. The kicker is, this new Nook tablet will run plain-vanilla Android 6.0 Marshmallow and include the full suite of Google Play apps--unlike the Fire, which only permits installation of those apps Amazon deems suitable. Will this be enough to rescue the ailing Nook brand?" Read the rest

A lightbulb worm could take over every smart light in a city in minutes

Researchers from Dalhousie University (Canada) and the Weizmann Institute of Science (Israel) have published a working paper detailing a proof-of-concept attack on smart lightbulbs that allows them to wirelessly take over the bulbs from up to 400m, write a new operating system to them, and then cause the infected bulbs to spread the attack to all the vulnerable bulbs in reach, until an entire city is infected. Read the rest

Every Android device potentially vulnerable to "most serious" Linux escalation attack, ever

The Dirty Cow vulnerability dates back to code included in the Linux kernel in 2007, and it can be trivially weaponized into an easy-to-run exploit that allows user-space programs to execute as root, meaning that attackers can take over the entire device by getting their targets to run apps without administrator privileges. Read the rest

Mercedes' weird "Trolley Problem" announcement continues dumb debate about self-driving cars

In 1967, Philippa Foot posed the "Trolley Problem," an ethical conundrum about whether a bystander should be sacrificed to rescue the passengers of a speeding, out-of-control trolley; as self-driving cars have inched toward reality, this has been repurposed as a misleadingly chin-stroking question about autonomous vehicles: when faced with the choice of killing their owners or someone else, who should die? Read the rest

Game developers say no to DRM: "hurts our customers"

The developers behind the hotly anticipated Shadow Warrior 2 have gone on record explaining why they didn't add DRM to their new title: they themselves hate DRM, and understand that DRM disproportionately inconveniences legit customers, not pirates who play cracked versions without DRM. Read the rest

Youtube's new "offline first" product for India treats telcos as damage and routes around them

Yesterday, Google announced "Youtube Go," an "offline first" version of the popular video service designed for the Indian market where internet coverage is intermittent, provided by monopolistic carriers that have a history of network discrimination, and where people have a wide variety of devices, including very low-powered ones. Read the rest

Demand that HP make amends for its self-destructing printers [SIGN AND SHARE!]

I've written an open letter to HP CEO Dion Weisler on behalf of the Electronic Frontier Foundation, asking him to make amends for his company's bizarre decision to hide a self-destruct sequence in a printer update that went off earlier this month, breaking them so that they would no longer use third-party ink cartridges. Read the rest

More posts