Last month, a developer called Axi0mx released an Iphone crack called Checkm8, which attacks a defect in the Ios bootrom, a low-level piece of code that has not been successfully attacked since 2010. The bootrom is read-only, making its defects effectively unpatchable, short of removing the chip and swapping it for one with more robust code (the attack also works on version 1, 2 and 3 Apple Watches). Read the rest

Hkmap Live is a crowdsourced app that uses reports from a Telegram group to track the locations of protesters, police, and traffic, as well as the use of antipersonnel weapons like tear gas, mass arrests of people wearing t-shirts associated with the protest movement, and mass transit closures in proximity to demonstrations (it's a bit like Sukey, the British anti-kettling app). Read the rest

Hasbro's got a new foam dart gun, the $50 Nerf Ultra One blaster, and to make sure that owners of this toy arrange their affairs to the benefit of Hasbro's shareholders, the company has engineered a digital rights management system that detects and refuses to fire third-party darts, which sell by the hundreds for just a few bucks (the official darts are $10 for 20), which means that party organizers running Nerf wars will have to scale back their ambitions or shell out like crazy. Read the rest

In my latest podcast (MP3), I read my new Locus column, DRM Broke Its Promise, which recalls the days when digital rights management was pitched to us as a way to enable exciting new markets where we'd all save big by only buying the rights we needed (like the low-cost right to read a book for an hour-long plane ride), but instead (unsurprisingly) everything got more expensive and less capable.

The established religion of markets once told us that we must abandon the idea of owning things, that this was an old fashioned idea from the world of grubby atoms. In the futuristic digital realm, no one would own things, we would only license them, and thus be relieved of the terrible burden of ownership. They were telling the truth. We don’t own things anymore. This summer, Microsoft shut down its ebook store, and in so doing, deactivated its DRM servers, rendering every book the company had sold inert, unreadable. To make up for this, Microsoft sent refunds to the custom­ers it could find, but obviously this is a poor replacement for the books themselves. When I was a bookseller in Toronto, noth­ing that happened would ever result in me breaking into your house to take back the books I’d sold you, and if I did, the fact that I left you a refund wouldn’t have made up for the theft. Not all the books Microsoft is confiscating are even for sale any lon­ger, and some of the people whose books they’re stealing made extensive annotations that will go up in smoke.

Read the rest

As long we've had electronic mass media, audiences and creators have benefited from periods of technological upheaval that force old gatekeepers to compete with brash newcomers with new ideas about what constitutes acceptable culture and art. Those newcomers eventually became gatekeepers themselves, who then faced their own crop of revolutionaries. But today, the cycle is broken: as media, telecoms, and tech have all grown concentrated, the markets have become winner-take-all clashes among titans who seek to dominate our culture, our discourse and our communications. Read the rest

The next version of Chrome will patch a bug that lets websites detect users who are in incognito mode by by probing the Filesystem API; they've also pledged to seek out and block any other vulnerabilities that will let servers detect users in incognito mode. Read the rest

The latest XKCD strip, "Sharing Options/#2016" is a brilliant and trenchant surfacing of the hidden rhetoric of social media, where your options are "permanently share with billions of people, including internet scammers, random predatory companies, and hostile foreign governments" or "a small set of 300 or so approved friends," and when this is questioned, the social media companies profess an inability to understand what other options could exist. Read the rest

An Australian developer named Mark Watkins painstakingly reverse-engineered the proprietary data generated by Continuous Positive Airway Pressure (CPAP) machines and created Sleepyhead, a free/open piece of software that has become the go-to tool for thousands of sleep apnea sufferers around the world who want to tune their machines to stay healthy. Read the rest

Denuvo bills itself as the best-of-breed in games DRM, the most uncrackable, tamper-proof wrapper for games companies; but its reputation tells a different story: the company's products are infamous for falling quickly to DRM crackers and for interfering with game-play until you crack the DRM off the products you buy. Read the rest

Locking bootloaders with trusted computing is an important step towards protecting users from some of the most devastating malware attacks: by allowing the user to verify their computing environment, trusted computing can prevent compromises to operating systems and other low-level parts of their computer's operating environment. Read the rest

The Digital Millennium Copyright Act -- tech's stupidest law -- turns 20 this year; I chatted with Molly Wood on Marketplace Tech about the law's history and how dismally little we've learned from it, repeating and even magnifying its mistakes today. (MP3) Read the rest

Section 1201 of the Digital Millennium Copyright Act bans bypassing "access controls" for copyrighted works -- that is, breaking DRM. Read the rest

You remember when HP tricked its users into downgrading their printers by sending them a fake "security update" that actually made the printers refuse third-party and refilled ink cartridges? Read the rest

Last year, Apple outraged independent technicians when they updated the Iphone design to prevent third party repair, adding a "feature" that allowed handsets to detect when their screens had been swapped (even when they'd been swapped for an original, Apple-manufactured screen) and refuse to function until they got an official Apple unlock code. Read the rest

As I wrote last week, the California Farm Bureau (which lobbies for the state's farmers) struck a deal to gut the state's Right to Repair legislation, a move that will cost farmers their right to fix their own tractors and other heavy equipment. Read the rest

As part of yesterday's International Day Against DRM, Public Knowledge's John Bergmayer published It’s Always DRM’s Fault, which uses this month's viral story about an Apple user named Anders G da Silva whose movie was deleted from his Itunes because he moved from one country to another. Read the rest

On this International Day Against DRM, I've published an editorial for EFF Deeplinks setting out a theory of change for getting us to a world without Digital Rights Management, where all our devices obey us instead of betraying us. Read the rest