The world's libraries tell the W3C that DRM is bad for the web

The International Federation of Library Associations and Institutions is the respected global body representing libraries all over the world; in an open letter to the World Wide Web Consortium, the organization says the recent decision to standardize DRM for the web has undermined the web's openness and the ability of libraries and other public institutions to fulfill their important social role. Read the rest

How big is the market for DRM-Free?

It's the Day Against DRM, and EFF is celebrating by publishing the first public look at How Much Do Consumers Value Interoperability? Evidence from the Price of DVD Players, a scholarly economics paper that uses clever techniques to reveal some eye-popping number on the strangled market for DRM-free gadgets. Read the rest

The W3C has overruled members' objections and will publish its DRM for videos

It's been nearly four months since the W3C held the most controversial vote in its decades-long history of standards-setting: a vote where accessibility groups, security experts, browser startups, public interest groups, human rights groups, archivists, research institutions and other worthies went up against trillions of dollars' worth of corporate muscle: the world's largest electronics, web, and content companies in a battle for the soul of the open web. Read the rest

US Copyright Office recommends sweeping, welcome changes to America's DRM laws

A new report from the US Copyright Office on Section 1201 of the Digital Millennium Copyright Act -- a controversial law that bans breaking DRM, even for legitimate purposes -- calls for sweeping, welcome changes to the DMCA. Read the rest

Intel declared war on general purpose computing and lost, so now all our computers are broken

It's been a year since we warned that Intel's Management Engine -- a separate computer within your own computer, intended to verify and supervise the main system -- presented a terrifying, unauditable security risk that could lead to devastating, unstoppable attacks. Guess what happened next? Read the rest

An open letter on DRM to the inventor of the web, from the inventor of net neutrality

Tim Wu, the Colombia University law professor and anti-trust/competition expert who coined the term "Net Neutrality," has published an open letter to Tim Berners-Lee, the creator of the web and director of the World Wide Web Consortium (W3C). Read the rest

John Deere just told the copyright office that only corporations can own property, humans can only license it

John Deere has turned itself into the poster-child for the DMCA, fighting farmers who say they want to fix their own tractors and access their data by saying that doing so violates the 1998 law's prohibition on bypassing copyright locks. Read the rest

IoT vendor objects to "rude" review, renders complainer's device inoperable

R Martin bought a Garadget -- a device that lets you verify whether your garage door is closed using a mobile app -- and couldn't get it to work and left an intemperate 1-star Amazon review for the product. Read the rest

Camera-equipped sex toy manufacturer ignores multiple warnings about horrible, gaping security vulnerability

The uniquely horribly named Svakom Siime Eye is an Internet of Things sex-toy with a wireless camera that allows you to stream video of the insides of your orifices as they are penetrated by it; researchers at the UK's Pen Test Partners discovered that once you login to it via the wifi network (default password "88888888"), you can root it and control it from anywhere in the world. Read the rest

Technology should serve us, not boss us around

Today on the Tor-Forge blog, I write about the nearly inescapable temptation of trying to solve our problems with other peoples' actions by redesigning the technology they use to boss them around, rather than serving them. Read the rest

Kickstarting a car-hacking tool that lets you take control of your own vehicle

The fully-funded Macchina project on Kickstarter is an Arduino-based, "open, versatile" gadget that bypasses the DRM in your car's network, allowing you to configure it to work the way you want it to, so you can customize your car in all kinds of cool ways. Read the rest

The previous owners of used "smart" cars can still control them via the cars' apps (not just cars!)

It's not just that smart cars' Android apps are sloppily designed and thus horribly insecure; they are also deliberately designed with extremely poor security choices: even if you factory-reset a car after it is sold as used, the original owner can still locate it, honk its horn, and unlock its doors. Read the rest

Three states considering "right to repair" laws that would decriminalize fixing your stuff

Section 1201 of the 1998 Digital Millennium Copyright Act makes it both a crime and a civil offense to tamper with software locks that control access to copyrighted works -- more commonly known as "Digital Rights Management" or DRM. As the number of products with software in them has exploded, the manufacturers of these products have figured out that they can force their customers to use their own property in ways that benefit the company's shareholders, not the products' owners -- all they have to do is design those products so that using them in other ways requires breaking some DRM. Read the rest

FBI arrest the VW executive who stonewalled on the first Dieselgate reports for defrauding the US Government

Oliver Schmidt led Volkswagen regulatory compliance office from 2014 to Mar 2015, and it was he who issued statements dismissing the initial West Virginia University reports of cheating in the emissions control systems of the company's cars, lying to US regulators and insisting that the systems were merely buggy, and not deliberately designed to get around emissions testing; after the company admitted to the fraud, he appeared before the British Parliament and insisted that the fraud didn't violate EU law. Read the rest

This NES Classic jailbreak is a perfect parable of our feudal future of disobedient dishwashers

Nintendo's nostalgic instant sellout NES Classic (still available from scalpers) only comes with 30 games and no way to add more: but it only took two months from the announcement date for intrepid hackers to jailbreak the device and come up with a way to load your favorite ROMs, using a USB cable and a PC.

Your smart meter is very secure (against you) and very insecure (against hackers)

In On Smart Cities, Smart Energy, And Dumb Security -- Netanel Rubin's talk at this year's Chaos Communications Congress -- Rubin presents his findings on the failings in the security of commonly deployed smart meters. Read the rest

The Mirai worm is gnawing its way through the Internet of Things and will not stop

The Mirai worm made its way into information security lore in September, when it was identified as the source of the punishing flood of junk traffic launched against Brian Krebs in retaliation for his investigative reporting about a couple of petty Israeli criminals; subsequent analysis showed Mirai to be amateurish and clumsy, and despite this, it went on to infect devices all over the world, gaining virulence as it hybridized with other Internet of Things worms, endangering entire countries, growing by leaps and bounds, helped along by negligent engineering practices at major companies like Sony. Read the rest

More posts