How do we fix IoT security without blocking interoperability and creating monopolies?

Jonathan Zittrain (previously) writes, "There’s reason to worry about security for the ever-growing Internet of Things, and it’ll be tempting to encourage vendors to solely control their devices that much more, limiting interoperability or user tinkering. There are alternatives - models for maintaining firmware patches for orphaned devices, and a 'Faraday mode' so that iffy devices can still at least partially function even if they’re not able to remain safely online. Procrastination around security has played a key role in its success. But 'later' shouldn’t mean 'never' for the IoT." Read the rest

UK consumer review magazine Which?: your smart home is spying on you, from your TV to your toothbrush

The UK consumer review magazine Which? (equivalent to America's Consumer Reports) has published a special investigation into the ways that Internet of Things smart devices are spying on Britons at farcical levels, with the recommendation that people avoid smart devices where possible, to feed false data to smart devices you do own, and to turn off data-collection settings in devices' confusing, deeply hidden control panels. Read the rest

My science fiction story about EFF's proposed jailbreaking exemption

Every three years, the US Copyright Office lets the public beg for limited exemptions to Section 1201 of the Digital Millennium Copyright Act, which bans bypassing DRM, even in your own property, even for strictly legal reasons. Read the rest

Mur Lafferty wrote a science fiction story about the DMCA to help EFF's fair use for vidders campaign

Every three years, the US Copyright Office asks America about the problems with Section 1201 of the DMCA, which bans breaking DRM even for legal reasons, and America gets to answer with requests for exemptions to this rule. Read the rest

John Scalzi wrote a science fiction story about the DMCA to help EFF's Right to Repair campaign

Every three years, the US Copyright Office asks America about the problems with Section 1201 of the DMCA, which bans breaking DRM even for legal reasons, and America gets to answer with requests for exemptions to this rule. Read the rest

Innovation should be legal; that's why I'm launching NeTV2

I’d like to share a project I’m working on that could have an impact on your future freedoms in the digital age. It’s an open video development board I call NeTV2.

FanFlick Editor: an entry in EFF's Catalog of Missing Devices

Wonderful EFF supporters keep on coming up with great new entries for EFF's Catalog of Missing Devices, which lists fictional devices that should exist, but don't, because to achieve their legal, legitimate goals, the manufacturer would have to break some Digital Rights Management and risk retaliation under Section 1201 of the Digital Millennium Copyright Act.

Now, EFF supporter Rico Robbins has sent us the "FanFlick Editor," a welcome addition to the Catalog, alongside of Dustin Rodriguez's excellent list of missing devices like the Software Scalpel and MovieMoxie; and Benjamin MacLean's Mashup Maker.

If you have your own great ideas for additions, send them to me and maybe you'll see them on EFF's Deeplinks!

Meet the FanFlick Editor. With this revolutionary video editor, you can directly rip your favorite movies from DVDs or Blu-rays or even digital copies from iTunes, Google Play, and any other service. Edit the film to your heart's content and then distribute the edit decision list (EDL) -- a file that contains instructions that other people can use to edit their own copies during playback while they watch, so they can experience your vision for the movies you both love (or even the ones you hate!).

Used your own footage, graphics, or audio? No problem! FanFlick Editor keeps track of what you made and what you ripped, and packages up your other content with your FanFlick EDL. That way, you only distribute material whose copyright you control, or that is in the public domain, or that fair use permits.

Read the rest

Three artificial pancreases: a special trio of Catalog of Missing Devices entries

EFF has just published an update to its Catalog of Missing Devices (a catalog of things that don’t exist thanks to the chilling effects of Section 1201 of the DMCA): a trio of ads for future artificial pancreas firmwares that illustrate the way that control over devices can magnify or correct power imbalances.

Read the rest

Mashup Maker: Another entry for the Catalog of Missing Devices

EFF supporter Benjamin McLean was kind enough to send along his "Mashup Maker" as a new entry to EFF Catalog of Missing Devices, a tour through some of the legitimate, useful and missing gadgets, tools and services that don't exist but should. They're technologies whose chance to exist was snuffed out by Section 1201 of the Digital Millennium Copyright Act of 1998, which makes tampering with "Digital Rights Management" into a legal no-go zone, scaring off toolsmiths, entrepreneurs, and tinkerers. Read the rest

EFF and iFixit are hosting a Reddit AMA on jailbreaking TOMORROW at 11AM Pacific

Join me, EFF attorney Kit Walsh and iFixit's Kyle Wiens -- along with special guests! -- in a Reddit Ask Me Anything session tomorrow (Thursday) from 11AM-3PM Pacific; we'll be talking about the upcoming Copyright Office hearings on creating exceptions to the DMCA to make room for independent repair and security research. We'll be live here at 11AM tomorrow! Pass it on. Read the rest

More DRM-bustin' stuff for the Catalog of Missing Devices, courtesy of EFF supporters

When EFF launched its Catalog of Missing Devices, we invited EFF supporters to come up with their own ideas for gadgets that should exist, but don't, because the Digital Millennium Copyright Act bans breaking DRM, even for the most legitimate of purposes. Read the rest

To do in LA, April 24: come hear from the people fighting for Right to Repair, freedom to tinker and the right to know

Update: due to popular demand, we've moved to a bigger space! We'll be at UCLA Moore Hall, Room 3340 (Reading Room), 457 Portola Plaza, Los Angeles, CA 90095. There's 20 new spaces open: RSVP today!

A law intended to stop people from making off-brand DVD players now means that security researchers can’t warn you about dangers from the cameras in your bedroom; that mechanics can’t fix your car; and that your printer won’t take third party ink. Read the rest

A detailed, cross-disciplinary syllabus for a "Cybersecurity Law and Policy" graduate course

University of Texas law professor Bobby Chesney has developed a detailed syllabus for a course in "Cybersecurity Foundations: Law, Policy, and Institutions" that is aimed at grad students from law, business, engineering, and computer science. Read the rest

Dropbox has some genuinely great security reporting guidelines, but reserves the right to jail you if you disagree

Dropbox has published a set of guidelines for how companies can "encourage, support, and celebrate independent open security research" -- and they're actually pretty great, a set of reasonable commitments to take bug reports seriously and interact respectfully with researchers. Read the rest

A proposal to stop 3D printers from making guns is a perfect parable of everything wrong with information security

Many people worry that 3D printers will usher in an epidemic of untraceable "ghost guns," particularly guns that might evade some notional future gun control regime that emerges out of the current movement to put sensible, minimal curbs on guns, particularly anti-personnel guns. Read the rest

Teen's devastating bug-report on a "tamper-proof" cryptocurrency wallet shows why companies can't be left in charge of bad news about their products

Saleem Rashid is a 15 year old self-taught British programmer who discovered a fatal defect in the Ledger Nano S, an offline cryptocurrency wallet that is marketed as being "tamper-proof." Read the rest

Vendor lock-in, DRM, and crappy EULAs are turning America's independent farmers into tenant farmers

"Precision agriculture" is to farmers as Facebook is to publishers: farmers who want to compete can't afford to boycott the precision ag platforms fielded by the likes of John Deere, but once they're locked into the platforms' walled gardens, they are prisoners, and the platforms start to squeeze them for a bigger and bigger share of their profits. Read the rest

More posts