How do we fix IoT security without blocking interoperability and creating monopolies?

Jonathan Zittrain (previously) writes, "There’s reason to worry about security for the ever-growing Internet of Things, and it’ll be tempting to encourage vendors to solely control their devices that much more, limiting interoperability or user tinkering. There are alternatives - models for maintaining firmware patches for orphaned devices, and a 'Faraday mode' so that iffy devices can still at least partially function even if they’re not able to remain safely online. Procrastination around security has played a key role in its success. But 'later' shouldn’t mean 'never' for the IoT." Read the rest

UK consumer review magazine Which?: your smart home is spying on you, from your TV to your toothbrush

The UK consumer review magazine Which? (equivalent to America's Consumer Reports) has published a special investigation into the ways that Internet of Things smart devices are spying on Britons at farcical levels, with the recommendation that people avoid smart devices where possible, to feed false data to smart devices you do own, and to turn off data-collection settings in devices' confusing, deeply hidden control panels. Read the rest

FanFlick Editor: an entry in EFF's Catalog of Missing Devices

Wonderful EFF supporters keep on coming up with great new entries for EFF's Catalog of Missing Devices, which lists fictional devices that should exist, but don't, because to achieve their legal, legitimate goals, the manufacturer would have to break some Digital Rights Management and risk retaliation under Section 1201 of the Digital Millennium Copyright Act.

Now, EFF supporter Rico Robbins has sent us the "FanFlick Editor," a welcome addition to the Catalog, alongside of Dustin Rodriguez's excellent list of missing devices like the Software Scalpel and MovieMoxie; and Benjamin MacLean's Mashup Maker.

If you have your own great ideas for additions, send them to me and maybe you'll see them on EFF's Deeplinks!

Meet the FanFlick Editor. With this revolutionary video editor, you can directly rip your favorite movies from DVDs or Blu-rays or even digital copies from iTunes, Google Play, and any other service. Edit the film to your heart's content and then distribute the edit decision list (EDL) -- a file that contains instructions that other people can use to edit their own copies during playback while they watch, so they can experience your vision for the movies you both love (or even the ones you hate!).

Used your own footage, graphics, or audio? No problem! FanFlick Editor keeps track of what you made and what you ripped, and packages up your other content with your FanFlick EDL. That way, you only distribute material whose copyright you control, or that is in the public domain, or that fair use permits.

Read the rest

Mashup Maker: Another entry for the Catalog of Missing Devices

EFF supporter Benjamin McLean was kind enough to send along his "Mashup Maker" as a new entry to EFF Catalog of Missing Devices, a tour through some of the legitimate, useful and missing gadgets, tools and services that don't exist but should. They're technologies whose chance to exist was snuffed out by Section 1201 of the Digital Millennium Copyright Act of 1998, which makes tampering with "Digital Rights Management" into a legal no-go zone, scaring off toolsmiths, entrepreneurs, and tinkerers. Read the rest

EFF and iFixit are hosting a Reddit AMA on jailbreaking TOMORROW at 11AM Pacific

Join me, EFF attorney Kit Walsh and iFixit's Kyle Wiens -- along with special guests! -- in a Reddit Ask Me Anything session tomorrow (Thursday) from 11AM-3PM Pacific; we'll be talking about the upcoming Copyright Office hearings on creating exceptions to the DMCA to make room for independent repair and security research. We'll be live here at 11AM tomorrow! Pass it on. Read the rest

More DRM-bustin' stuff for the Catalog of Missing Devices, courtesy of EFF supporters

When EFF launched its Catalog of Missing Devices, we invited EFF supporters to come up with their own ideas for gadgets that should exist, but don't, because the Digital Millennium Copyright Act bans breaking DRM, even for the most legitimate of purposes. Read the rest

Lobbyists release push-poll in an effort to tank Right to Repair bills and control independent security research

The Security Innovation Center is a lobbying group backed by CompTIA, CTIA, TechNet and the Consumer Technology Association for the express purpose of fighting laws that would legalize repairing your own property, or choosing to have it repaired by third parties. Read the rest

Online security is a disaster and the people who investigate it are being sued into silence

The only thing worse than driving a car with defective brakes is unknowingly driving a car with defective brakes -- and learning about them the hard way. Read the rest

The Copyright Office is spending the year deciding technology's future, but the future doesn't get a seat at the table

Every three years, the US Copyright Office creates temporary exemptions to the Digital Millennium Copyright Act's ban on breaking DRM, provided that people can show that they've been prevented from doing something customary and legitimate with their own property. Read the rest

Since 1998, using your own property has required regulatory permission and the ability to make your own jailbreaking tools from scratch

In Did Congress Really Expect Us to Whittle Our Own Personal Jailbreaking Tools? -- a new post on EFF's Deeplinks blog -- I describe the bizarre, unfair and increasingly salient US Copyright Office DMCA exemptions process, which is underway right now. Read the rest

Documentary on the DRM-breaking farmers who just want to fix their tractors, even if they have to download bootleg Ukrainian firmware to do it

Motherboard's short documentary, "Tractor Hacking: The Farmers Breaking Big Tech's Repair Monopoly" is an excellent look at the absurd situation created by John Deere's position that you can't own your tractor because you only license the software inside it, meaning that only Deere can fix Deere's tractors, and the centuries-old tradition of farmers fixing their agricultural equipment should end because Deere's shareholders would prefer it that way. Read the rest

You absolutely must secure your home router and you probably can't

Lucian Constantin's Motherboard guide to protecting your home router is full of excellent, nearly impossible-to-follow advice that you should follow, but probably won't. Read the rest

Epic Games is suing a 14 year old for making a cheat tutorial and his brilliant mother is PISSED

Epic Games makes the wildly successful multiplayer free-to-play game Fortnite, which is the locus of a pitched battle between players and publisher over game-mods, especially cheat-hacks that give unfair advantage to some players. Read the rest

Sony's new robot dog doubles down on DRM

It's been 15 years since Sony used the DMCA to shut down the community that had sprung up to extend the functionality of its Aibo robot dogs, threatening people with lawsuits and jailtime for modifying their dogs' operating systems. Read the rest

RIP Teaforia, the $1000 IoT tea-infuser

In 2016, Teaforia raised $12,000,000 in venture capital to manufacture a $1,000 tea infuser that combined proprietary, DRM-encumbered tea pods with a "patent-pending microinfusion technology" and a timer to make cups of tea. Read the rest

Why electrical engineers should support the right to repair

Writing in IEEE Spectrum, iFixit's superhero founder Kyle Wiens and Repair.org exective director Gay Gordon-Byrne bring the case for the right to repair (previously) to the engineering community, describing the economic, technical, and environmental benefits of permitting a domestic industry of local, expert technologists to help their neighbors get more out of their gadgets. Read the rest

The ultimate DMCA takedown fail

A gentleman jailed for his part in a $5.4m scam wanted Google to remove links to news stories about the wheeze. His cunning plan to get them to do it – file a DMCA takedown notice claiming copyright in his own name and criminal record – perhaps offers a clue about why he got caught in the first place.

From the FBI's press release:

According to a plea agreement filed in this case, Henrik Sardariani obtained more than $5 million in loans after, among other things, falsifying numerous documents. In order to obtain one of the loans, Henrik Sardariani fraudulently used a house as collateral and falsely claimed to be the president of the company that owned the property. To support the claim that he controlled the company, Henrik Sardariani created false corporate records that were presented to the lender.

Henrik Sardariani also admitted that he created fraudulent property records to make it appear that prior loans had been paid off and that, therefore, new loans would be fully secured by unencumbered property. The fraudulent reconveyances bore forged and fraudulent signatures of notaries public, as well as fraudulent stamps of the notaries public.

Update: Shooting the Messenger writes that there are at least three of these DMCA takedowns filed by people involved in this particular case. Read the rest

More posts