Game developers say no to DRM: "hurts our customers"


The developers behind the hotly anticipated Shadow Warrior 2 have gone on record explaining why they didn't add DRM to their new title: they themselves hate DRM, and understand that DRM disproportionately inconveniences legit customers, not pirates who play cracked versions without DRM. Read the rest

Podcast: How we'll kill all the DRM in the world, forever

I'm keynoting the O'Reilly Security Conference in New York in Oct/Nov, so I stopped by the O'Reilly Security Podcast (MP3) to explain EFF's Apollo 1201 project, which aims to kill all the DRM in the world within a decade. Read the rest

How a digital-only smartphone opens the door to DRM (and how to close the door)


Fast Company's Mark Sullivan asked me to explain what could happen if Apple went through with its rumored plans to ship a phone with no analog sound outputs, only digital ones -- what kind of DRM badness might we expect to emerge? Read the rest

48 hours later, Adblock Plus beats Facebook's adblocker-blocker


On August 9, Facebook announced that it had defeated adblockers; on August 11, Adblock Plus announced that it had defeated Facebook. Read the rest

American Bar Association votes to DRM the law, put it behind a EULA


Rogue archivist Carl Malamud writes, "I just got back from the big debate on is free law like free beer that has been brewing for months at the American Bar Association over the question of who gets to read public safety codes and on what terms." Read the rest

Your medical data: misappropriated by health-tech companies, off-limits to you


Backchannel's package on medical data and the health-tech industry profiles three people who were able to shake loose their own data and make real improvements in their lives with it: Marie Moe, who discovered that the reason she was having terrifying cardiac episodes was out-of-date firmware on her pacemaker; Steven Keating, who created a website with exquisitely detailed data on his brain tumor, including a gene-sequence that had to be run a second time because the first scan wasn't approved for "commercial" use, which included publishing it on his own site; and Annie Kuehl, whose advocacy eventually revealed the fact that doctors had suspected all along that her sick baby had a rare genetic disorder, which she only learned about after years of agonizing victim-blaming and terrifying seizures. Read the rest

Return of Dieselgate: 3 more hidden programs found in VW Audi/Porsche firmware


The German newspaper Bild am Sonntag says that US investigators have discovered three more hidden cheat apps in a Volkswagen product line: these ones were discovered in 3-liter Audi diesels. Read the rest

1 billion computer monitors vulnerable to undetectable firmware attacks


A team led by Ang Cui (previously) -- the guy who showed how he could take over your LAN by sending a print-job to your printer -- have presented research at Defcon, showing that malware on your computer can poison your monitor's firmware, creating nearly undetectable malware implants that can trick users by displaying fake information, and spy on the information being sent to the screen. Read the rest

DRM: You have the right to know what you're buying!


Today, the EFF and a coalition of organizations and individuals asked the US Federal Trade Commission (FTC) to explore fair labeling rules that would require retailers to warn you when the products you buy come locked down by DRM ("Digital Rights Management" or "Digital Restrictions Management"). Read the rest

Copyright Office to FCC: Hollywood should be able to killswitch your TV


20 years ago, Congress ordered the FCC to begin the process of allowing Americans to buy their pay TV boxes on the open market (rather than every American household spending hundreds of dollars a year renting a trailing-edge, ugly, energy-inefficient, badly designed box that is increasingly the locus of networked attacks that expose both the home LAN and the cameras and mics that are more and more likely to be integrated into TVs and decoder boxes) -- now, at last, the FCC is doing something about it. Read the rest

Big rigs can be hijacked and driven with software-based attacks


In a two-month-long class assignment, researchers from the University of Michigan found vulnerabilities in J1939, the standard for networking in big rigs and other large industrial vehicles, that allowed them to control the acceleration, braking, and instrument panels of their target vehicles. Read the rest

UK Royal Society's #1 cybersecurity recommendation: don't backdoor crypto

Royal_Society_entrance (1)

The Royal Society, once presided over by Isaac Newton, is one of Britain's most respected learned institutions: that's why it matters so much that the organisation's new report, "Progress and research in cybersecurity," begins by demanding that government "must commit to preserving the robustness of encryption, including end-to-end encryption, and promoting its widespread use. Encryption is a foundational security technology that is needed to build user trust, improve security standards and fully realise the benefits of digital systems." Read the rest

Security researchers: the W3C's DRM needs to be thoroughly audited


Encrypted Media Extensions (EME), part of a DRM system that's being standardized at the World Wide Web Consortium (W3C), marks the first instance in which a W3C standard will fall under laws like the DMCA, which let companies threaten security researchers with criminal and civil liability just for disclosing the defects in these products. Read the rest

Tenant farmers: how "smart" agricultural equipment siphons off farmers' crop and soil data


The agricultural sector is increasingly a data-driven business, where the "internet of farming" holds out the promise of highly optimized plowing, fertilizing, sowing, pest-management and harvesting -- a development that is supercharging the worst practices of the ag-business monopolies that have been squeezing farmers for most of a century. Read the rest

Spotify threatens to report Apple to competition regulators over App Store rejection


Apple has rejected Spotify's latest app for inclusion in the Ios App Store, citing its rules against app vendors processing their own payments; Apple requires software vendors to pay to use Apple's own payment processor -- which collects hefty commissions -- in their apps. Read the rest

I'm profiled in the Globe and Mail Report on Business magazine

Screen Shot 2016-05-17 at 4.54.24 PM.png

The monthly Report on Business magazine in the Canadian national paper The Globe and Mail profiled my work on DRM reform, as well as my science fiction writing and my work on Boing Boing. Read the rest

How to protect the future web from its founders' own frailty

Earlier this month, I gave the afternoon keynote at the Internet Archive's Decentralized Web Summit, and my talk was about how the people who founded the web with the idea of having an open, decentralized system ended up building a system that is increasingly monopolized by a few companies -- and how we can prevent the same things from happening next time.

More posts