Podcast – Cory Doctorow's craphound.com

Jason Klamm stopped my office to interview me for his Comedy on Vinyl podcast, where I talked about the first comedy album I ever loved: Allan Sherman’s My Son, the Nut. I inherited my mom’s copy of the album when I was six years old, and listened to it over and over until I discovered — the hard way — that you can’t leave vinyl records on the dashboard of a car on a hot day. Our discussion ranged far and wide, over the golden age of novelty flexidiscs, Thomas Piketty, Hamilton, corporate anthems and many other subjects. http://media.blubrry.com/comedyonvinyl/p/stolendress.com/comedyonvinyl/podcast_episodes/COV_Episode_199.mp3 Episode 199 – Cory Doctorow on Allan Sherman – My Son, The Nut [Comedy on Vinyl]

I did an interview with the Changelog podcast (MP3) about my upcoming talk at the O’Reilly Open Source conference in London, explaining how it is that the free and open web became so closed and unfree, but free and open software stayed so very free, and came to dominate the software landscape. “Desperate” is often the opposite of “open”: it’s when we’re in trouble that we’re most likely to compromise on our principles. How, then, did open become the default for so many tools and applications? Because when you use irrevocable open/free licenses, you lock your code open, defending it from anyone who would lock it up again—including a future version of you, in a moment of weakness. Open licenses have served us well for more than two decades, but they need help if we’re going to survive the era in which computers invade our bodies and the structures we keep those bodies in. Cory Doctorow explains that we can lock the whole future Web open, if we do it right. #221: How We Got Here with Cory Doctorow [The Changelog] (Image: Tux Droid, Sunny Ripert, CC-BY-SA)

On this just-released episode of the O’Reilly Radar podcast (MP3), I talk about EFF’s lawsuit against the US government to invalidate Section 1201 of the DMCA, which will make it legal to break DRM in order to fix security vulnerabilities in the Internet of Things devices that, today, are almost invariable insecure, and are also designed to be as privacy-invading as possible (to create “monetizable” data-streams) — a brutal combo. Auditing IoT products is a liability for security researchers Think about the conditions under which IoT companies operate. Their business plan—the thing they show to VCs to get the money to go into the business—is to monetize data. They’re all designed with security as an afterthought. They’re all designed with the minimum viable security to make this product not immediately burst into flames after you put it inside your body or put your body inside of it. Even worse, security researchers face total, brutal liability for investigating these devices and telling people which ones are and aren’t safe. It is completely nightmarish. New pro-security business models Note: The Electronic Frontier Foundation is representing Bunnie Huang and Matthew Green in a case challenging the constitutionality of Section 1201 of the DMCA. One of the things that our DMCA lawsuit would provide for is a pro-security business model. Imagine if you could start a commercial consultancy that would come in and deworm your IoT household. It could come in and jailbreak all the devices and check their firmware loads, and replace the firmware loads with open firmware or patched firmware, or something else that sits in between. All of those things, all that commercial stuff as well, is currently off-limits, and would be available in the same way that you can enable third-party parts and services if there are no legal impediments. The hardware service and support market in the U.S. for all classes of goods, from lawnmowers to cars to air conditioners to computers, is 2 to 4% of America’s GDP. It’s a gigantic multi-billion-dollar sector, and in many cases, these are small and medium-size enterprises.

While I was in NYC to keynote the 11th Hackers on Planet Earth convention, I sat down with the Radio Statler folks and explained what I was going to talk about, as well as bantering with the hosts about the relative merits of DEFCON and HOPE and the secret to managing cons and marriages (MP3).

I’m keynoting the O’Reilly Security Conference in New York in Oct/Nov, so I stopped by the O’Reilly Security Podcast (MP3) to explain EFF’s Apollo 1201 project, which aims to kill all the DRM in the world within a decade. A couple things changed in the last decade. The first is that the kinds of technologies that have access controls for copyrighted works have gone from these narrow slices (consoles and DVD players) to everything (the car in your driveway). If it has an operating system or a networking stack, it has a copyrighted work in it. Software is copyrightable, and everything has software. Therefore, manufacturers can invoke the DMCA to defend anything they’ve stuck a thin scrim of DRM around, and that defense includes the ability to prevent people from making parts. All they need to do is add a little integrity check, like the ones that have been in printers for forever, that asks, “Is this part an original manufacturer’s part, or is it a third-party part?” Original manufacturer’s parts get used; third-party parts get refused. Because that check restricts access to a copyrighted work, bypassing it is potentially a felony. Car manufacturers use it to lock you into buying original parts. This is a live issue in a lot of domains. It’s in insulin pumps, it’s in voting machines, it’s in tractors. John Deere locks up the farm data that you generate when you drive your tractor around. If you want to use that data to find out about your soil density and automate your seed broadcasting, you have to buy that data back from John Deere in a bundle with seed from big agribusiness consortia like Monsanto, who license the data from Deere. This metastatic growth is another big change. It’s become really urgent to act now because, in addition to this consumer rights dimension, your ability to add things to your device, take it for independent service, add features, and reconfigure it are all subject to approval from manufacturers. All of this has become a no-go zone for security researchers. In the last summer, the Copyright Office entertained petitions for people who have been impacted by Section 1201 of the DMCA. Several security researchers filed a brief saying they had discovered grave defects in products as varied as voting machines, insulin pumps and cars, and they were told by their counsel that they couldn’t disclose because, in so doing, they would reveal information that might help someone bypass DRM, and thus would face felony prosecution and civil lawsuits. Cory Doctorow on legally disabling DRM (for good) [Courtney Nash/O’Reilly]

Science fiction novelist, blogger and technology activist Cory Doctorow joins us for Tuesday’s AU. In a recent column, Doctorow says that “all the data collected in giant databases today will breach someday, and when it does, it will ruin peoples’ lives. They will have their houses stolen from under them by identity thieves who forge their deeds (this is already happening); they will end up with criminal records because identity thieves will use their personal information to commit crimes (this is already happening); … they will have their devices compromised using passwords and personal data that leaked from old accounts, and the hackers will spy on them through their baby monitors, cars, set-top boxes, and medical implants (this is already hap­pening)…” We’ll talk with Cory Doctorow about technology, privacy, and intellectual property. Cory Doctorow is the co-editor of popular weblog Boing Boing and a contributor to The Guardian, Publishers Weekly, Wired, and many other newspapers, magazines and websites. He is a special consultant to the Electronic Frontier Foundation, a non-profit civil liberties group that defends freedom in technology law, policy, standards and treaties. Doctorow is also an award-winning author of numerous novels, including “Little Brother,” “Homeland,” and “In Real Life.” MP3

Earlier this month, I gave the afternoon keynote at the Internet Archive’s Decentralized Web Summit, speaking about how the people who are building a new kind of decentralized web can guard against their own future moments of weakness and prevent themselves from rationalizing away the kinds of compromises that led to the centralization of today’s web. The talk was very well-received — it got a standing ovation — and I’ve heard from a lot of people about it since. The video was heretofore only available as a slice of a 9-hour Youtube archive of the day’s proceeding, but thanks to Jeff Kaplan and the Internet Archive, I’ve now got a cut of just my talk, which is on the Internet Archive for your downloading pleasure and mirrored at Youtube (There’s also an MP3).

I appeared on the O’Reilly Hardware Podcast this week (MP3, talking about the way that DRM has crept into all our smart devices, which compromises privacy, security and competition. In this episode of the Hardware podcast, we talk with writer and digital rights activist Cory Doctorow. He’s recently rejoined the Electronic Frontier Foundation to fight a World Wide Web Consortium proposal that would add DRM to the core specification for HTML. When we recorded this episode with Cory, the W3C had just overruled the EFF’s objection. The result, he says, is that “we are locking innovation out of the Web.” “It is illegal to report security vulnerabilities in a DRM,” Doctorow says. “[DRM] is making it illegal to tell people when the devices they depend upon for their very lives are unsuited for that purpose.” Get O’Reilly’s weekly hardware newsletter In our “Tools” segment, Doctorow tells us about tools that can be used for privacy and encryption, including the EFF surveillance self-defense kit, and Wickr, an encrypted messaging service that allows for an expiration date on shared messages and photos. “We need a tool that’s so easy your boss can use it,” he says. Cory Doctorow on losing the open Web [O’Reilly Hardware Podcast]

It’s been a year since I sat down at the mic, but it’s Christmas and we have a tradition to uphold. Now we’re settling in here in Burbank and I’ve got a new computer, I’m hoping to get everything running again and get back to a regular schedule. MP3

I appeared on the current episode of “A Call From Paul” (MP3), a podcast created by Paul Holdengraber, who curates the NY Public Library’s amazing interview series. Paul and I talked about London, UK politics, class war, education, and books.