Researchers find mountains of sensitive data on totalled Teslas in junkyards

Teslas are incredibly data-hungry, storing massive troves of data about their owners, including videos of crashes, location history, contacts and calendar entries from paired phones, photos of the driver and passengers taken with interior cameras, and other data; this data is stored without encryption, and it is not always clear when Teslas are gathering data, and the only way to comprehensively switch off data-gathering also de-activates over-the-air software updates for the cars, which have historically shipped with limited or buggy features that needed the over-the-air updates to fix them. Read the rest

A critical flaw in Switzerland's e-voting system is a microcosm of everything wrong with e-voting, security practice, and auditing firms

Switzerland is about to have a national election with electronic voting, overseen by Swiss Post; e-voting is a terrible idea and the general consensus among security experts who don't work for e-voting vendors is that it shouldn't be attempted, but if you put out an RFP for magic beans, someone will always show up to sell you magic beans, whether or not magic beans exist. Read the rest

Record label censors copyright lawyers' site by falsely claiming it infringes copyright

SpicyIP is arguably the leading blog for experts on India's copyright system, but links to it disappeared from Google's search index following a fraudulent claim of copyright infringement filed by Saregama, India's oldest record label. Read the rest

Bird nonpologizes: "we accidentally sent you a threatening letter"

Last week, our lawyers at the Electronic Frontier Foundation sent a reply to Bird, the scooter company, which had sent us an intimidating letter seeking to censor this post on Bird conversion kits, which let you unlock the hundreds of Bird scooters that are auctioned off by cities after Bird fails to claim them from their impound lots. Read the rest

Bird Scooter tried to censor my Boing Boing post with a legal threat that's so stupid, it's a whole new kind of wrong

Last month, I published a post discussing the mountains of abandoned Bird Scooters piling up in city impound lots, and the rise of $30 Chinese conversion kits that let you buy a scooter at auction, swap out the motherboard, and turn it into a personal scooter, untethered from the Bird company. Read the rest

A history of the sprawling personality clashes over RSS

Sinclair Target's long, deeply researched history of the format wars over RSS are an excellent read and a first-rate example of what Charlie Stross has called "the beginning of history": for the first time, the seemingly unimportant workaday details of peoples' lives are indelibly recorded and available for people researching history (for example, Ada Palmer points out that we know very little about the everyday meals of normal historical people, but the daily repasts of normal 21 centurians are lavishly documented). Read the rest

Big Tech loves disruption, when they're doing the disruption

My latest Locus Magazine column is "Disruption for Thee, But Not for Me," and it analyzes how Big Tech has been able to "disrupt" incumbent industries, but has repurposed obscure technology regulations to prevent anyone from meting out the same treatment to their new digital monopolies. Read the rest

Podcast: "Sole and Despotic Dominion" and "What is the Internet For?"

Here's my reading (MP3) of my Locus column, "What is the Internet For?" (which asks, "Is the internet a revolutionary technology?") and my short story for the fiftieth anniversary of Reason Magazine, Sole and Despotic Dominion, which builds on my 2015 Guardian column, If Dishwashers Were iPhones.

MP3 Read the rest

Thousands of sleep apnea sufferers rely on a lone Australian CPAP hacker to stay healthy

An Australian developer named Mark Watkins painstakingly reverse-engineered the proprietary data generated by Continuous Positive Airway Pressure (CPAP) machines and created Sleepyhead, a free/open piece of software that has become the go-to tool for thousands of sleep apnea sufferers around the world who want to tune their machines to stay healthy. Read the rest

Apple's new bootloader won't let you install GNU/Linux -- Updated

Locking bootloaders with trusted computing is an important step towards protecting users from some of the most devastating malware attacks: by allowing the user to verify their computing environment, trusted computing can prevent compromises to operating systems and other low-level parts of their computer's operating environment. Read the rest

Talking about the DMCA and 20 years of tech law malpractice on PRI's Marketplace

The Digital Millennium Copyright Act -- tech's stupidest law -- turns 20 this year; I chatted with Molly Wood on Marketplace Tech about the law's history and how dismally little we've learned from it, repeating and even magnifying its mistakes today. (MP3) Read the rest

The Copyright Office's DMCA-defanging is nice, but man, there are: So. Many. Hoops to jump through

Yesterday's Copyright Office ruling on when you are allowed to break DRM went further than any such ruling in the DMCA's 20-year history, and that's swell, but when you drill into the ruling, it's still a flaming pile of garbage. Read the rest

Insecure medical equipment protocols let attackers spoof diagnostic information

Douglas McKee of McAffee presented his research into the security of medical diagnostic equipment at last week's Defcon conference in Las Vegas. Read the rest

Bad infrastructure means pacemakers can be compromised before they leave the factory

It's been ten years since the first warnings about the security defects in pacemakers, which made them vulnerable to lethal attacks over their wireless links, and since then the news has only gotten worse: one researcher found a way to make wireless pacemaker viruses that spread from patient to patient in cardiac care centers, and the medical device makers responded to all this risk by doubling down on secrecy and the use of proprietary code. Read the rest

Universal, having learned nothing from its "dancing baby" ass-kicking, is once again attacking Prince fans

In 2008, Universal Music fraudulently claimed that a short Youtube clip of a toddler dancing to Prince's "Let's Go Crazy" was a copyright infringement, leading to eight years of litigation and, eventually, a landmark ruling secured by the Electronic Frontier Foundation in which the court found that Universal had a duty to consider fair use before using the Digital Millennium Copyright Act to censor other peoples' media. Read the rest

Meet the people who went to the US Copyright Office to demand your right to repair, remix and preserve!

Every three years, the US Copyright Office undertakes an odd ritual: they allow members of the public to come before their officials and ask for the right to use their own property in ways that have nothing to do with copyright law.

It's a strange-but-true feature of American life. Blame Congress. When they enacted the Digital Millennium Copyright Act in 1998, they included Section 1201, a rule that bans people from tampering with copyright controls on their devices. That means that manufacturers can use copyright controls to stop you from doing legitimate things, like taking your phone to an independent service depot; or modifying your computer so that you can save videos to use in remixes or to preserve old games. If doing these legal things requires that you first disable or remove a copyright control system, they can become illegal, even when you're using your own property in the privacy of your own home.

But every three years, the American people may go before the Copyright Office and ask for the right to do otherwise legal things with their own property, while lawyers from multinational corporations argue that this should not happen.

The latest round of these hearings took place in April, and of course, EFF was there, with some really cool petitions (as dramatized by the science fiction writers Mur Lafferty, John Scalzi, and Cory Doctorow [ahem]), along with many of our friends and allies, all making their own pleas for sanity in copyright law.

We commemorated the occasion with a collection of short video conversations between me and our pals. Read the rest

After London builders' bid to remove a complaint from Mumsnet failed, a mysterious Pakistani-American copyright claim did the job

Annabelle Narey hired a London construction firm called BuildTeam to do some work, which she found very unsatisfactory (she blames them for a potentially lethal roof collapse in a bedroom); so she did what many of us do when we're unhappy with a business: she wrote an online complaint, and it was joined by other people who said that they had hired BuildTeam and been unhappy with the work. Read the rest

More posts