For three years, International Standards Organization has been wrangling over which cryptographic algorithms will be incorporated into a standard for interoperability in "Internet of Things" gadgets; at issue has been the NSA's insistence that "Simon" and "Speck" would be the standard block cipher algorithms in these devices.
Read the rest
Apple was the last major holdout on proprietary video codecs, the only major industry player that hadn't signed onto the Alliance for Open Media, home of the AV1 video format, a successor to On2's groundbreaking open formats of the early web years, which led to the company's acquisition by Google in 2010.
Read the rest
Safety standards matter. The cheapest Nissan sold in Mexico, the Tsuru, and the cheapest Nissan sold in the USA, the Versa, were driven into one another at 40 miles per hour. You don't want to be in either car, but you definitely don't want to be in the Tsuru.
A car-to-car test between a 2015 Nissan Tsuru, the least expensive sedan sold by Nissan in Mexico, and a 2016 Nissan Versa, the least expensive sedan sold by Nissan in the United States. With a 50% overlap and each vehicle travelling at 40 mph (64 km/h) the test highlights the significant differences in safety standards between these two baseline models sold by the same manufacturer in different markets.
Wired reports that the Tsuru (basically a 1990s Sentra) is being put to pasture soon, and that Mexico is toughening its car safety laws. Read the rest
Explosive growth and change in China means many things must be built. They are not built well, writes British ex-pat James Palmer.
The apartment is five years old. By Chinese standards, it’s far better than the average. Our toilet works, while in many of my friends’ houses, flushing the loo is a hydraulic operation akin to controlling the Nile floods. The sockets do not flash blue sparks when plugged in, and all but two work. None of the lightbulbs have ever exploded; and the mirror merely broke away, rather than falling spontaneously from the frame. The shower is not placed next to the apartment’s central wiring and protected by nothing more than rotting drywall.
It's so brutal—"My time in China has taught me the pleasure and value of craftsmanship, simply because it’s so rare"—I can't help but wonder if it's really that bad! The word Chabuduo is offered as the cultural gravity point at hand. Meaning "close enough," it is depicted here as a powerful and useful concept in earlier times (think: improvisation, effectiveness, ingenuity) that has become dangerous in the context of modern life (think: slapdash, jobsworth, irritable.)
Read the rest
Yet chabuduo is also the casual dismissal of problems. Oh, your door doesn’t fit the frame? Chabuduo, you’ll get used to kicking it open. We sent you a shirt two sizes too big? Chabuduo, what are you complaining about?
At my old compound, the entrance to the underground parking lot was covered by a 20-metre-long half-cylinder of heavy blue plastic. Nobody had noticed that this made a highly effective wind trap, and it had been only crudely nailed to the brick foundations.
For a year or so, I've been working with the EFF to get the World Wide Web Consortium to take steps to protect security researchers and new market-entrants who run up against the DRM standard they're incorporating into HTML5, the next version of the key web standard. Read the rest
I have a new op-ed in today's Privacy Tech, the in-house organ of the International Association of Privacy Professionals, about the risks to security and privacy from the World Wide Web Consortium's DRM project, and how privacy and security pros can help protect people who discover vulnerabilities in browsers from legal aggression. Read the rest
With the Electronic Frontier Foundation, I've been lobbying the World Wide Web Consortium (W3C), which sets the open standards that the Web runs on, to take measures to protect security researchers (and the users they help) from their own bad decision to standarize Digital Rights Management as part of HTML5. Read the rest
The Open Source Initiative, a nonprofit that certifies open source licenses, has made an important policy statement about open standards. Read the rest
The World Wide Web Consortium, which makes the standards the Web runs on, continues to pursue work on DRM -- technology that you can't connect to without explicit permission, and whose bugs can't be reported without legal jeopardy lest you weaken it. Read the rest
The 451 HTTP error code, first proposed in 2012 as a tribute to Ray Bradbury's classic novel is now an IETF standard and is the preferred error message for a server to send to a browser when content is blocked for legal reasons. Read the rest
The Joint Photographic Expert Group, which oversees the JPEG format, met in Brussels today to discuss adding DRM to its format, so that there would be images that would be able to force your computer to stop you from uploading pictures to Pintrest or social media. Read the rest
When you make up your own crypto, it's only secure against people stupider than you, and there are lots of people smarter than the designers of the Open Smart Grid Protocol, who rolled their own (terrible) crypto rather than availing themselves of the numerous, excellent, free public cryptographic protocols. Read the rest
A year ago, the news that the world's biggest video site was abandoning proprietary software would have been incredible, but thanks to the World Wide Web Consortium's Netflix-driven DRM work, this changes very little. Read the rest
The Unicode Consortium is finalizing its plans for version 8, and 37 new emoji are among the candidates for the final release, including "ZIPPER-MOUTH FACE," "MONEY-MOUTH FACE," "SIGN OF THE HORNS" and "TACO". Read the rest
The Web I want doesn't have DRM in its standards, because the Web I want doesn't believe it's legitimate to design computers so that strangers over a network can give your computer orders that you aren't allowed to know about or override. Read the rest
The Internet Engineering Task Force has published RFC 7258, which is a bombshell whose title is: "Pervasive Monitoring Is an Attack." It represents the outcome of a long argument about whether the Internet's technical architecture should take active countermeasures to fight mass surveillance, which Tim Bray summarizes. I especially like his rejoinder to people who argue against this because there are places where it's legitimate to monitor communications, like prisons: "We don't want an Internet optimized for prisons." Read the rest
Rogue archivist Carl Malamud has been fighting to publish the building and safety codes that have been incorporated into the law, but which you have to pay to see. He's published thousands and thousands of pages' worth of safety codes, and is being sued by some of the standards bodies. Now, he writes: "An announcement from Joe Bhatia, the leader of the American National Standards Institute, says 'A standard that has been incorporated by reference does have the force of law, and it should be available.'" Read the rest