Security researchers: the W3C's DRM needs to be thoroughly audited

animation-17

Encrypted Media Extensions (EME), part of a DRM system that's being standardized at the World Wide Web Consortium (W3C), marks the first instance in which a W3C standard will fall under laws like the DMCA, which let companies threaten security researchers with criminal and civil liability just for disclosing the defects in these products. Read the rest

As browsers decline in relevance, they're becoming DRM timebombs

My op-ed in today's issue of The Tech, MIT's leading newspaper, describes how browser vendors and the W3C, a standards body that's housed at MIT, are collaborating to make DRM part of the core standards for future browsers, and how their unwillingness to take even the most minimal steps to protect academics and innovators from the DMCA will put the MIT community in the crosshairs of corporate lawyers and government prosecutors. Read the rest

I'm profiled in the Globe and Mail Report on Business magazine

Screen Shot 2016-05-17 at 4.54.24 PM.png

The monthly Report on Business magazine in the Canadian national paper The Globe and Mail profiled my work on DRM reform, as well as my science fiction writing and my work on Boing Boing. Read the rest

How to protect the future web from its founders' own frailty

OrfnjkI
Earlier this month, I gave the afternoon keynote at the Internet Archive's Decentralized Web Summit, and my talk was about how the people who founded the web with the idea of having an open, decentralized system ended up building a system that is increasingly monopolized by a few companies -- and how we can prevent the same things from happening next time.

Google's version of the W3C's video DRM has been cracked

animation

Since 2013, the World Wide Web Consortium (W3C) has been working with the major browser companies, Netflix, the MPAA, and a few other stakeholders to standardize "Encrypted Media Extensions" (EME), which attempts to control web users' behavior by adding code to browsers that refuses to obey user instructions where they conflict with the instructions sent by video services. Read the rest

Video: Guarding the Decentralized Web from its founders' human frailty

animation (1)

Earlier this month, I gave the afternoon keynote at the Internet Archive's Decentralized Web Summit, speaking about how the people who are building a new kind of decentralized web can guard against their own future moments of weakness and prevent themselves from rationalizing away the kinds of compromises that led to the centralization of today's web. Read the rest

W3C DRM working group chairman vetoes work on protecting security researchers and competition

drm-og-1

For a year or so, I've been working with the EFF to get the World Wide Web Consortium to take steps to protect security researchers and new market-entrants who run up against the DRM standard they're incorporating into HTML5, the next version of the key web standard. Read the rest

How security and privacy pros can help save the web from legal threats over vulnerability disclosure

drm-og-1

I have a new op-ed in today's Privacy Tech, the in-house organ of the International Association of Privacy Professionals, about the risks to security and privacy from the World Wide Web Consortium's DRM project, and how privacy and security pros can help protect people who discover vulnerabilities in browsers from legal aggression. Read the rest

Open letter to from EFF to members of the W3C Advisory Committee

drm-og-1

The World Wide Web Consortium (W3C) has made a sea-change: now, in addition to making open web standards that anyone can implement, they're creating a video DRM standard designed to prevent people from implementing it unless they have permission from the big movie and TV companies, by invoking the notorious Digital Millennium Copyright Act and its international equivalents. Read the rest

Save Firefox: The W3C's plan for worldwide DRM would have killed Mozilla before it could start

drm-firefox2

The World Wide Web Consortium has been co-opted into standardizing a DRM scheme for letting entertainment companies control your browser; what's more, they've rejected even basic safeguards for competition, changing the browser landscape in a way that threatens the kind of disruptive innovation that gave us the Mozilla project and the Firefox browser. Read the rest

Save iTunes: how the W3C's argument for web-wide DRM would have killed iTunes

drm-itunes2b

The World Wide Web Consortium's plan to standardize web-wide digital rights management is based on the idea that if an entertainment company doesn't like a new technology, it should have the right to prevent that technology from coming into being. Read the rest

How standardizing DRM will make us all less secure

retailer

After decades of fighting for open Web standards that let anyone implement software to receive and render online data, the World Wide Web Consortium changed course and created EME, a DRM system that locks up video in formats that can only be played back with the sender's blessing, and which also gives media giants the power to threaten and sue security researchers who discover bugs in their code. Read the rest

The open web's guardians are acting like it's already dead

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1045

The World Wide Web Consortium -- an influential standards body devoted to the open web -- used to make standards that would let anyone make a browser that could view the whole Web; now they're making standards that let the giant browser companies and giant entertainment companies decide which browsers will and won't work on the Web of the future. Read the rest

SAVE COMCAST!

drm-comcast-2c

The World Wide Web Consortium, once the world's most trusted source of open standards, is helping Comcast make a DRM standard designed to give studios a veto over the legal use of their programming -- something that would have prevented the cable industry from ever coming into being. Read the rest

MIT panel on the W3C's decision to make DRM part of the Web's "open" standards

animation (2)

The World Wide Web Consortium spent more than 20 years making standards that remove barriers to developers who want to make Web technology; now, for the first time, they're creating a standard that makes it a crime to make Web technology without permission from the entertainment industry. Read the rest

Save Netflix!

drm-3

Not this Netflix, but the next one, the one that'll make Netflix look like Blockbuster -- because if the World Wide Web Consortium goes along with its plan to make it illegal to innovate in ways that the movie studios and record labels disapprove of, there will be no more companies like Netflix. Read the rest

How DRM would kill the next Netflix (and how the W3C could save it)

netflix1

The World Wide Web Consortium's decision to make DRM part of HTML5 doesn't just endanger security researchers, it also endangers the next version of all the video products and services we rely on today: from cable TV to iTunes to Netflix. Read the rest

More posts