Insecure medical equipment protocols let attackers spoof diagnostic information

Douglas McKee of McAffee presented his research into the security of medical diagnostic equipment at last week's Defcon conference in Las Vegas. Read the rest

Bad infrastructure means pacemakers can be compromised before they leave the factory

It's been ten years since the first warnings about the security defects in pacemakers, which made them vulnerable to lethal attacks over their wireless links, and since then the news has only gotten worse: one researcher found a way to make wireless pacemaker viruses that spread from patient to patient in cardiac care centers, and the medical device makers responded to all this risk by doubling down on secrecy and the use of proprietary code. Read the rest

Universal, having learned nothing from its "dancing baby" ass-kicking, is once again attacking Prince fans

In 2008, Universal Music fraudulently claimed that a short Youtube clip of a toddler dancing to Prince's "Let's Go Crazy" was a copyright infringement, leading to eight years of litigation and, eventually, a landmark ruling secured by the Electronic Frontier Foundation in which the court found that Universal had a duty to consider fair use before using the Digital Millennium Copyright Act to censor other peoples' media. Read the rest

Meet the people who went to the US Copyright Office to demand your right to repair, remix and preserve!

Every three years, the US Copyright Office undertakes an odd ritual: they allow members of the public to come before their officials and ask for the right to use their own property in ways that have nothing to do with copyright law.

It's a strange-but-true feature of American life. Blame Congress. When they enacted the Digital Millennium Copyright Act in 1998, they included Section 1201, a rule that bans people from tampering with copyright controls on their devices. That means that manufacturers can use copyright controls to stop you from doing legitimate things, like taking your phone to an independent service depot; or modifying your computer so that you can save videos to use in remixes or to preserve old games. If doing these legal things requires that you first disable or remove a copyright control system, they can become illegal, even when you're using your own property in the privacy of your own home.

But every three years, the American people may go before the Copyright Office and ask for the right to do otherwise legal things with their own property, while lawyers from multinational corporations argue that this should not happen.

The latest round of these hearings took place in April, and of course, EFF was there, with some really cool petitions (as dramatized by the science fiction writers Mur Lafferty, John Scalzi, and Cory Doctorow [ahem]), along with many of our friends and allies, all making their own pleas for sanity in copyright law.

We commemorated the occasion with a collection of short video conversations between me and our pals. Read the rest

After London builders' bid to remove a complaint from Mumsnet failed, a mysterious Pakistani-American copyright claim did the job

Annabelle Narey hired a London construction firm called BuildTeam to do some work, which she found very unsatisfactory (she blames them for a potentially lethal roof collapse in a bedroom); so she did what many of us do when we're unhappy with a business: she wrote an online complaint, and it was joined by other people who said that they had hired BuildTeam and been unhappy with the work. Read the rest

DRM, the World Cup, and what happens when a red team plays a green team

Before the W3C green-lit its DRM for web-video, we at EFF made a plea to allow bypassing the DRM to add accessibility features like shifting colors to accommodate color-blind people; the leadership dismissed the idea as a mere nice-to-have that companies could be relied on to fix themselves. Read the rest

With the App Store monopoly case, the Supreme Court could reverse decades of frustrated antitrust enforcement

On Monday, the Supreme Court will review the 9th Circuit's decision in Apple Inc. v. Pepper, in which the plaintiffs argue that Apple has established a monopoly over apps for Ios (this part is actually incontrovertible, as Apple has used both technology and law to prevent rival app stores from operating), and that Iphone and Ipad owners have a right to ask the government to break up this monopoly (that's the controversial part). Read the rest

How do we fix IoT security without blocking interoperability and creating monopolies?

Jonathan Zittrain (previously) writes, "There’s reason to worry about security for the ever-growing Internet of Things, and it’ll be tempting to encourage vendors to solely control their devices that much more, limiting interoperability or user tinkering. There are alternatives - models for maintaining firmware patches for orphaned devices, and a 'Faraday mode' so that iffy devices can still at least partially function even if they’re not able to remain safely online. Procrastination around security has played a key role in its success. But 'later' shouldn’t mean 'never' for the IoT." Read the rest

UK consumer review magazine Which?: your smart home is spying on you, from your TV to your toothbrush

The UK consumer review magazine Which? (equivalent to America's Consumer Reports) has published a special investigation into the ways that Internet of Things smart devices are spying on Britons at farcical levels, with the recommendation that people avoid smart devices where possible, to feed false data to smart devices you do own, and to turn off data-collection settings in devices' confusing, deeply hidden control panels. Read the rest

FanFlick Editor: an entry in EFF's Catalog of Missing Devices

Wonderful EFF supporters keep on coming up with great new entries for EFF's Catalog of Missing Devices, which lists fictional devices that should exist, but don't, because to achieve their legal, legitimate goals, the manufacturer would have to break some Digital Rights Management and risk retaliation under Section 1201 of the Digital Millennium Copyright Act.

Now, EFF supporter Rico Robbins has sent us the "FanFlick Editor," a welcome addition to the Catalog, alongside of Dustin Rodriguez's excellent list of missing devices like the Software Scalpel and MovieMoxie; and Benjamin MacLean's Mashup Maker.

If you have your own great ideas for additions, send them to me and maybe you'll see them on EFF's Deeplinks!

Meet the FanFlick Editor. With this revolutionary video editor, you can directly rip your favorite movies from DVDs or Blu-rays or even digital copies from iTunes, Google Play, and any other service. Edit the film to your heart's content and then distribute the edit decision list (EDL) -- a file that contains instructions that other people can use to edit their own copies during playback while they watch, so they can experience your vision for the movies you both love (or even the ones you hate!).

Used your own footage, graphics, or audio? No problem! FanFlick Editor keeps track of what you made and what you ripped, and packages up your other content with your FanFlick EDL. That way, you only distribute material whose copyright you control, or that is in the public domain, or that fair use permits.

Read the rest

Mashup Maker: Another entry for the Catalog of Missing Devices

EFF supporter Benjamin McLean was kind enough to send along his "Mashup Maker" as a new entry to EFF Catalog of Missing Devices, a tour through some of the legitimate, useful and missing gadgets, tools and services that don't exist but should. They're technologies whose chance to exist was snuffed out by Section 1201 of the Digital Millennium Copyright Act of 1998, which makes tampering with "Digital Rights Management" into a legal no-go zone, scaring off toolsmiths, entrepreneurs, and tinkerers. Read the rest

EFF and iFixit are hosting a Reddit AMA on jailbreaking TOMORROW at 11AM Pacific

Join me, EFF attorney Kit Walsh and iFixit's Kyle Wiens -- along with special guests! -- in a Reddit Ask Me Anything session tomorrow (Thursday) from 11AM-3PM Pacific; we'll be talking about the upcoming Copyright Office hearings on creating exceptions to the DMCA to make room for independent repair and security research. We'll be live here at 11AM tomorrow! Pass it on. Read the rest

More DRM-bustin' stuff for the Catalog of Missing Devices, courtesy of EFF supporters

When EFF launched its Catalog of Missing Devices, we invited EFF supporters to come up with their own ideas for gadgets that should exist, but don't, because the Digital Millennium Copyright Act bans breaking DRM, even for the most legitimate of purposes. Read the rest

Lobbyists release push-poll in an effort to tank Right to Repair bills and control independent security research

The Security Innovation Center is a lobbying group backed by CompTIA, CTIA, TechNet and the Consumer Technology Association for the express purpose of fighting laws that would legalize repairing your own property, or choosing to have it repaired by third parties. Read the rest

Online security is a disaster and the people who investigate it are being sued into silence

The only thing worse than driving a car with defective brakes is unknowingly driving a car with defective brakes -- and learning about them the hard way. Read the rest

The Copyright Office is spending the year deciding technology's future, but the future doesn't get a seat at the table

Every three years, the US Copyright Office creates temporary exemptions to the Digital Millennium Copyright Act's ban on breaking DRM, provided that people can show that they've been prevented from doing something customary and legitimate with their own property. Read the rest

Since 1998, using your own property has required regulatory permission and the ability to make your own jailbreaking tools from scratch

In Did Congress Really Expect Us to Whittle Our Own Personal Jailbreaking Tools? -- a new post on EFF's Deeplinks blog -- I describe the bizarre, unfair and increasingly salient US Copyright Office DMCA exemptions process, which is underway right now. Read the rest

More posts