A year ago, Benjamin "Mako" Hill gave a groundbreaking lecture explaining how Big Tech companies had managed to monopolize all the benefits of free software licenses, using a combination of dirty tricks to ensure that the tools that were nominally owned by no one and licensed under free and open terms nevertheless remained under their control, so that the contributions that software developers made to "open" projects ended up benefiting big companies without big companies having to return the favor. Read the rest

The bitter, yearslong debate at the World Wide Web Consortium over a proposal to standardize DRM for web browsers included frequent assurances by the pro-DRM side (notably Google, whose Widevine DRM was in line to be the principal beneficiary) that this wouldn't affect the ability of free/open source authors to implement the standard. Read the rest

Before the W3C green-lit its DRM for web-video, we at EFF made a plea to allow bypassing the DRM to add accessibility features like shifting colors to accommodate color-blind people; the leadership dismissed the idea as a mere nice-to-have that companies could be relied on to fix themselves. Read the rest

Five years ago, Benjamin Delpy was working for an unspecified French government agency and teaching himself to program in C, and had discovered a vital flaw in the way that Windows protected its users' passwords. Read the rest

On Monday, the World Wide Web Consortium published EME, a standard for locking up video on the web with DRM, allowing large corporate members to proceed without taking any steps to protect accessibility work, security research, archiving or innovation. Read the rest

Every three years, the US Copyright Office has to ask America about all the ways in which Section 1201 of the Digital Millennium Copyright Act (which bans bypassing DRM, even for legitimate reasons) interferes with our lives, and then it grants limited exemptions based on the results. Read the rest

The World Wide Web Consortium is pressing ahead with its project to standardize a DRM system for the web, without taking any legal steps to protect people whose legitimate activities would be impaired by the DRM system. Read the rest

Kids Pass is a service that offers discounts on family activities in the UK; their website makes several common -- and serious -- security problems that could allow hackers to capture their users' passwords, which endangers those users' data on other services where they have (unwisely) recycled those same passwords. Read the rest

The International Federation of Library Associations and Institutions is the respected global body representing libraries all over the world; in an open letter to the World Wide Web Consortium, the organization says the recent decision to standardize DRM for the web has undermined the web's openness and the ability of libraries and other public institutions to fulfill their important social role. Read the rest

Yesterday's smashing Net Neutrality campaign showed that people have finally woken up to the risks of the highly concentrated telcoms sector using its commercial muscle to decide what kinds of services can flourish in the online world -- but Big Internet doesn't confine its efforts to control the future to playing around with packets. Read the rest

[[Update, July 13: After consultation with W3C CEO Jeff Jaffe on timing, we've temporarily withdrawn this appeal, for one week, for purely logistical purposes. I am teaching a workshop all next week at UC San Diego and will re-file the objection at the end of the week, so that I will be able to devote undivided attention to garnering the necessary support from other W3C members. -Cory]]

Five days ago, the World Wide Web Consortium announced that it would go ahead with its project of making DRM for web-video, and that the Director, Tim Berners-Lee had overruled or decided not to act further on all objections about the dangers this posed to legitimate and important activities including security audits, accessibility adaptation and competition. Read the rest

It's the Day Against DRM, and EFF is celebrating by publishing the first public look at How Much Do Consumers Value Interoperability? Evidence from the Price of DVD Players, a scholarly economics paper that uses clever techniques to reveal some eye-popping number on the strangled market for DRM-free gadgets. Read the rest

It's been nearly four months since the W3C held the most controversial vote in its decades-long history of standards-setting: a vote where accessibility groups, security experts, browser startups, public interest groups, human rights groups, archivists, research institutions and other worthies went up against trillions of dollars' worth of corporate muscle: the world's largest electronics, web, and content companies in a battle for the soul of the open web. Read the rest

Medical devices have long been the locus of information security's scariest failures: from the testing and life-support equipment in hospitals to the implants that go in your body: these systems are often designed to harvest titanic amounts of data about you, data you're not allowed to see that's processed by code you're not allowed to audit, with potential felony prosecutions for security researchers who report defects in these systems (only partially mitigated by a limited exemption that expires next year). What's more, it can get much worse. Read the rest

Today, activists will gather in Cambridge, Mass to march to the offices of W3C Director Tim Berners-Lee to urge him to keep DRM out of the standards for the open web. Read the rest

Persirai is a new strain of Internet of Things malware that infects more than 1,250 models of security camera, all manufactured by an unnamed Chinese manufacturer that has sold at least 185,000 units worldwide. Read the rest

It's been a year since we warned that Intel's Management Engine -- a separate computer within your own computer, intended to verify and supervise the main system -- presented a terrifying, unauditable security risk that could lead to devastating, unstoppable attacks. Guess what happened next? Read the rest