Podcast: A cycle of renewal, broken: How Big Tech and Big Media abuse copyright law to slay competition

In my latest podcast (MP3), I read my essay "A Cycle of Renewal, Broken: How Big Tech and Big Media Abuse Copyright Law to Slay Competition", published today on EFF's Deeplinks; it's the latest in my ongoing series of case-studies of "adversarial interoperability," where new services unseated the dominant companies by finding ways to plug into existing products against those products' manufacturers. This week's installment recounts the history of cable TV, and explains how the legal system in place when cable was born was subsequently extinguished (with the help of the cable companies who benefitted from it!) meaning that no one can do to cable what cable once did to broadcasters. Read the rest

Interoperability and Privacy: Squaring the Circle

Last summer, we published a comprehensive look at the ways that Facebook could and should open up its data so that users could control their experience on the service, and to make it easier for competing services to thrive. Read the rest

Podcast: Interoperability and Privacy: Squaring the Circle

In my latest podcast (MP3), I read my essay "Interoperability and Privacy: Squaring the Circle, published today on EFF's Deeplinks; it's another in the series of "adversarial interoperability" explainers, this one focused on how privacy and adversarial interoperability relate to each other. Read the rest

Strange codes from the International Statistical Classification of Diseases and Related Health Problems

ICD-10 is a standard that defines 70,000+ codes for standardizing the reporting of injuries and diseases, and it is terrifyingly comprehensive: if V95.4 ("Unspecified spacecraft accident injuring occupant") isn't enough, how about V97.33XA ("Sucked into jet engine, initial encounter") and for bisto, V97.33XD ("Sucked into jet engine, subsequent encounter"). Read the rest

ISO rejects the NSA's IoT crypto standard, believing it to be backdoored

For three years, International Standards Organization has been wrangling over which cryptographic algorithms will be incorporated into a standard for interoperability in "Internet of Things" gadgets; at issue has been the NSA's insistence that "Simon" and "Speck" would be the standard block cipher algorithms in these devices. Read the rest

At long last, open video formats are triumphing

Apple was the last major holdout on proprietary video codecs, the only major industry player that hadn't signed onto the Alliance for Open Media, home of the AV1 video format, a successor to On2's groundbreaking open formats of the early web years, which led to the company's acquisition by Google in 2010. Read the rest

Crash test: Nissan sold in Mexico vs. Nissan sold in USA

Safety standards matter. The cheapest Nissan sold in Mexico, the Tsuru, and the cheapest Nissan sold in the USA, the Versa, were driven into one another at 40 miles per hour. You don't want to be in either car, but you definitely don't want to be in the Tsuru.

A car-to-car test between a 2015 Nissan Tsuru, the least expensive sedan sold by Nissan in Mexico, and a 2016 Nissan Versa, the least expensive sedan sold by Nissan in the United States. With a 50% overlap and each vehicle travelling at 40 mph (64 km/h) the test highlights the significant differences in safety standards between these two baseline models sold by the same manufacturer in different markets.

Wired reports that the Tsuru (basically a 1990s Sentra) is being put to pasture soon, and that Mexico is toughening its car safety laws. Read the rest

Chabuduo: China's culture of "it's fine"

Explosive growth and change in China means many things must be built. They are not built well, writes British ex-pat James Palmer.

The apartment is five years old. By Chinese standards, it’s far better than the average. Our toilet works, while in many of my friends’ houses, flushing the loo is a hydraulic operation akin to controlling the Nile floods. The sockets do not flash blue sparks when plugged in, and all but two work. None of the lightbulbs have ever exploded; and the mirror merely broke away, rather than falling spontaneously from the frame. The shower is not placed next to the apartment’s central wiring and protected by nothing more than rotting drywall.

It's so brutal—"My time in China has taught me the pleasure and value of craftsmanship, simply because it’s so rare"—I can't help but wonder if it's really that bad! The word Chabuduo is offered as the cultural gravity point at hand. Meaning "close enough," it is depicted here as a powerful and useful concept in earlier times (think: improvisation, effectiveness, ingenuity) that has become dangerous in the context of modern life (think: slapdash, jobsworth, irritable.)

Yet chabuduo is also the casual dismissal of problems. Oh, your door doesn’t fit the frame? Chabuduo, you’ll get used to kicking it open. We sent you a shirt two sizes too big? Chabuduo, what are you complaining about?

At my old compound, the entrance to the underground parking lot was covered by a 20-metre-long half-cylinder of heavy blue plastic. Nobody had noticed that this made a highly effective wind trap, and it had been only crudely nailed to the brick foundations.

Read the rest

W3C DRM working group chairman vetoes work on protecting security researchers and competition

For a year or so, I've been working with the EFF to get the World Wide Web Consortium to take steps to protect security researchers and new market-entrants who run up against the DRM standard they're incorporating into HTML5, the next version of the key web standard. Read the rest

How security and privacy pros can help save the web from legal threats over vulnerability disclosure

I have a new op-ed in today's Privacy Tech, the in-house organ of the International Association of Privacy Professionals, about the risks to security and privacy from the World Wide Web Consortium's DRM project, and how privacy and security pros can help protect people who discover vulnerabilities in browsers from legal aggression. Read the rest

Security researchers: help EFF keep the Web safe for browser research!

With the Electronic Frontier Foundation, I've been lobbying the World Wide Web Consortium (W3C), which sets the open standards that the Web runs on, to take measures to protect security researchers (and the users they help) from their own bad decision to standarize Digital Rights Management as part of HTML5. Read the rest

Open Source Initiative says standards aren't open unless they protect security researchers and interoperability

The Open Source Initiative, a nonprofit that certifies open source licenses, has made an important policy statement about open standards. Read the rest

Will the W3C strike a bargain to save the Web from DRM?

The World Wide Web Consortium, which makes the standards the Web runs on, continues to pursue work on DRM -- technology that you can't connect to without explicit permission, and whose bugs can't be reported without legal jeopardy lest you weaken it. Read the rest

IETF approves HTTP error code 451 for Internet censorship

The 451 HTTP error code, first proposed in 2012 as a tribute to Ray Bradbury's classic novel is now an IETF standard and is the preferred error message for a server to send to a browser when content is blocked for legal reasons. Read the rest

SRSLY, they want to put DRM in JPEGs

The Joint Photographic Expert Group, which oversees the JPEG format, met in Brussels today to discuss adding DRM to its format, so that there would be images that would be able to force your computer to stop you from uploading pictures to Pintrest or social media. Read the rest

Smart Grid consortium rolled its own crypto, which is always, always a bad idea

When you make up your own crypto, it's only secure against people stupider than you, and there are lots of people smarter than the designers of the Open Smart Grid Protocol, who rolled their own (terrible) crypto rather than availing themselves of the numerous, excellent, free public cryptographic protocols. Read the rest

Youtube ditches Flash, but it hardly matters

A year ago, the news that the world's biggest video site was abandoning proprietary software would have been incredible, but thanks to the World Wide Web Consortium's Netflix-driven DRM work, this changes very little. Read the rest

More posts