O’Reilly Hardware Podcast on the risks to the open Web and the future of the Internet of Things

From The Cory Doctorow Wiki

Metadata[edit | edit source]

Published[edit | edit source]

May 11, 2016

Website[edit | edit source]

craphound.com, O’Reilly Hardware Podcast

Download[edit | edit source]

MP3 (99 MB)

About[edit | edit source]

«I appeared on the O’Reilly Hardware Podcast this week, talking about the way that DRM has crept into all our smart devices, which compromises privacy, security and competition.»

Summary[edit | edit source]

«In this episode of the Hardware podcast, we talk with writer and digital rights activist Cory Doctorow. He’s recently rejoined the Electronic Frontier Foundation to fight a World Wide Web Consortium proposal that would add DRM to the core specification for HTML. When we recorded this episode with Cory, the W3C had just overruled the EFF’s objection. The result, he says, is that “we are locking innovation out of the Web.”

“It is illegal to report security vulnerabilities in a DRM,” Doctorow says. “[DRM] is making it illegal to tell people when the devices they depend upon for their very lives are unsuited for that purpose.”

In our “Tools” segment, Doctorow tells us about tools that can be used for privacy and encryption, including the EFF surveillance self-defense kit, and Wickr, an encrypted messaging service that allows for an expiration date on shared messages and photos. “We need a tool that’s so easy your boss can use it,” he says.» O’Reilly Hardware Podcast.

Transcript[edit | edit source]

Machine transcription – Start helping here[edit | edit source]

The following is a machine transcription. Please help out with fixing errors and adding paragraphs, subheadings and time stamps to make it easier to read and use! To do this download the audio file from the top of this page and listen to it while you edit this page. Do as much or little as you like, then please move the heading and this message to the place where you drop off. Thank you!

This is the O'Reilly hardware podcast I'm John Bruner And I'm David Crane or it's never been easier to go from idea to digital design to physical product the new hardware movement is radically changing the way the technology in the world around us is being conceived built and connected this podcast brings you the new generation of hardware creators who work across the boundary between digital and physical their designers engineers scientists artists and business people for more information on the new hardware movement and the resources you need to become a full stack hardware creator visit O'Reilly dot com slash hardware and if you'd like to send in a question for us to discuss on the show email us at hardware at O'Reilly dot com. Hello welcome to this week's episode of The O'Reilly hardware podcast I'm David Crane or and I'm here with John Bruner this week we have a very special guest Cory Doctorow He's a writer digital rights activist and KOHLER And one of the main editors of the blog Boing Boing which is one of our favorite reads around here in the source of more than a few clicks spirals so we're very excited to have you here today Corey and thanks a lot for joining us Oh it's my pleasure thank you for inviting me on so the first thing I wanted to talk about today is this Io T. company called revolves they were acquired by Google they've been working with NIST but recently a few weeks ago they decided to shut down their service and their users were issued a notification that not only was accessibility to the platform going to stop working but the actual hardware that they'd invested several hundred dollars in was also going to stop working right well yeah that's it's pretty scary and you know their argument was well your word she will well have run out I don't think that's not a word she's worked I don't think the warranty is not a warranty is the same thing as like a countdown clock to the day that your device stops working I guess the reason I brought this up is that on this podcast we talk a lot about the intersection between the physical in the digital You know Corey you've done a lot with digital rights and digital activism and there are some. The ridiculous things happening right now with people trying to get the arm of software but I feel like people in the physical world maybe have a hard time noticing what is going on because concepts of software ownership can seem pretty abstract unless you really spend some time trying to figure it out but something like this you know physical product that you've bought and it's been working just fine for a while and it's just gonna stop working in this is OK because the warranty is over so it doesn't really need to keep working the contractual standpoint I mean I feel it's a pretty big wakeup call to people to start thinking about the concept of ownership if you buy something you actually own it well you know the thing is there's no such thing as a hard work as a small right the margins on hardware so thin that hardware companies are all really data companies or service companies or both and data is not copyrightable and services where your margin is that and someone else might come along and provide a better service even more cheaply or in a more convenient package or interconnected with something else and so that means that all of the devices that are on the market today all the smart devices that are really just lumps of plastic and metal that are inert and useless they're impact they have negative value they turn into each waste if they don't have software that's running on the all of these devices are only yours in so far as you up by five to license terms that are associated with them and they are all designed to keep you from being able to understand what they're doing and to keep you from being able to add more features to them or reconfigure them beyond the parameters set by the manufacturer or stop you from allowing them to take their party consumables or access a fair party service and in order to stop you from de off you skating them from breaking through this barrier they all add just enough to the rights management to invoke sessions wanted to be M.C.A. which makes it a felony punishable by five years and President a five hundred thousand dollar fight to tamper with a law that controls access to a copyrighted work that is the operating system of the device so you're saying is that if you go. A Best Buy and you buy one of these things and you take it to your house and start hacking on and taking apart hardware and software so the UN other people can understand how it works they can brand you a criminal Yeah or more to the point if you look out there and you see someone is selling a thing that's like an H.F. printer where they've got giant margins on a consumable and you go hey I believe in markets and capitalism I'm going to provide third party components for the Although that guy's customers that don't couch them all the hank then as soon as you have to remove a digital law that restricts a copyrighted work to do that you suddenly end up in deep trouble so light even if you're not tired of anything there's no trade secret So here's like a really good concrete real world non speculative example that you don't have to go to the I.O.T. to understand cars we talk a lot about whether people should be able to model cars or not while cars rather there's this great American tradition of money curse there is something to that read like there's something in the American story of the car involves take arraying and hacking and then we can like valorize that but the real problem with digital locks on cars is not what it does to hot rodders it's that if you want to fix a car you need to access its diagnostic computers and the diagnostic papers have Diarra longer interfaces and a mechanic could probably build a device that bypassed the DRAM but he would be committing a felony if he did so and so in order to on law those diagnostic computers and read the data from the engine the mechanic has to get his equipment from the manufacturer and the manufacturer makes the mechanic sign a deal saying he's only going to buy parts from them and so your parents for your G.M. or your forward cost a hell of a lot more because there are third party candidates using third party parts so it's a way to enforce vendor lock in yeah it's just a it's just your normal everyday garden variety razor blade and razor blade handle scam but it has the force of law which is you know an amazing thing it's you know it's. The thing about the razor blade scam is that it relies on the company spending its own dollars to enforce its rights and to prevent its competition from a law and to play cat and mouse with them by continuously changing the way that the handle of the razorblade talk to each other to stop their competition from knocking it off but as soon as the government gives you this right they're affectively saying we the taxpayers will give you up Sri court system costs and prosecutors to defend your business and that's a gift that you know no company is going to turn down if they're if they know what's good for them it's what economists call the moral hazard right it's the it's the government telling companies that if they act as badly as possible in the market they will make as much money as possible that's the opposite of what we want from regulation does this happen anywhere outside of electronics where you bring home a thing that you've bought and there's a sticker on the mechanism inside that says even though you've bought this it's illegal to open it well there are companies that are tried out for sure they you know the courts are generally tell them to get bent when they when they tried it you know if you look at the early days of records there were record players sometimes had a little thing on and that said you could only play Thomas Edison records on this Thomas Edison record player but you know the courts are not super sympathetic to this idea if for the same reason that like saying well you can only buy toast from the company that sold your toaster is a obviously terrible idea or dishes from the company that sold your dishwasher I mean like it's totally true that people sometimes birth down their house by putting the wrong brother toaster and that you can if you control the toast as well as the bread as well as the toaster you could probably get better toast and a more reliable way out of that toaster and like the same is true dishwashers and people probably Kasia only die of food poisoning because their dish was like not the right shape to fit in the dishwasher and yet we've never had a Press poll that making the dishwasher gives you the monopoly on the dishes but for some reason my. Making the phone gives you the monopoly on its apps it's a really strange idea and you know you can see how it plays out as it doesn't just end up screwing the consumers it screws the software vendors to you know Apple's marketplace for games for example as have the same three or four companies in the top ten slots for years now I'm sure you've read about the seans I ecosystem in the generally about the way that they do stuff in the hardware ecosystem over in China it's a topic we like to discuss on here a lot so I'm interested to hear what's your take on the way that things are currently being done in the West versus that system Well I mean you know I think that China certainly has a lot more innovation and in certain issues than we do in the West I mean it's really clear that like giving people exclusive rights does cause them to invest more right there's a lot of money being invested in hardware business models today that wouldn't be there but on the other hand it causes them to invest more and things that in the long run end up slowing stuff down as you know there's always a cost and there's always a benefit and I think that the problem is not just that it slows down you know of Asian and not just that it allows a small number of companies to act as the keepers to rest of the technological world but also that it's like the old woman who swallows the fly and if you say OK we can create Yarra then you now have to have a rule that says you can't tell people about how to break and then you have to rule that says you can't tell people about security vulnerabilities that might help them figure out how to break DRAM and they have to have a role that says well you have to be able to take anything down from the Web instantaneously without going to court or showing any evidence or paying any penalty if you get it wrong because it might be information about how to break the arm and so now we have this system where unlike the tools that go in our bodies that we put our bodies into and that like right down the road one hundred miles an hour these tools are illegal to investigate and report on the web. That ties them all together is subject to arbitrary acts of censorship without any due process and without any penalties for abuse and you know however we think about innovation and whether it's good or bad or how to me optimize it I think that we should all agree that arbitrary access censorship with no penalties and no due process and making it illegal to tell people whether devices they depend on for their very lives are unsuited to that purpose that's not a good political outcome and it's far worse than any question about under or over or misadjustment in hardware so around every device you've got these concentric rings of like figurative police officers standing around it holding truncheons defending it from any kind of open scrutiny Yeah yeah I think that's a good way of putting it another thing that we're interested in hearing your take on is the digital rights activists is this recently called the Panama papers this farm in Panama has been helping wealthy people and companies to hide their assets some for nefarious purposes some for claimed less than if Arius purposes and we'd like to hear what you think what the implications of these leaks are going to be on our corner of the world yeah it's a good question I mean the first order of fact that I think every one of us is watching for who follows the stuff is what's going to happen to the Icelandic government it looks like the government might fall as early as today Friday when we're recording this and if that happens and there's a snap election there's a really good chance the Pirate Party will get in and they previously offered asylum to both Edward Snowden and Julian a son so you know that's my thought we live in a cyber come novel moment for sure but you know the farther reaching a fact is what it's going to say about tech investors who like all other Gusterson I think are free deeply involved in this kind of financial engineering and technology has become very capital intensive. You know Mitch Kapor could start Lotus in his garage and so could Hewlett Packard but I don't think that there are a lot of people who are starting without a lot of capital to begin with the accelerator phenomenon of the angel phenomenon has created a situation on the ground where just to get started you begin with a Power Point back and get a bunch of money and then you go from there are suggesting a lot more money to realize your product and that means that all products from their very earliest days are being steered by people who are up to their eyeballs in this kind of financial engineering and that means that what happens in the fallout from the Pentagon Papers is going to shake down through the whole tech world so do you worry at all that the breadth of the revelations in the Panama papers is going to cause like a kind of global numbness where people fail to condemn politicians and powerful people for hiding their money you know because so many people around the world are doing this constituents will just kind of go now I guess everyone does this yeah that's a super good and hard question you know if you think about the way that this surveillance whistle blowing and leaks have gone it's been really hard to capture the public imagination but at the same time that people involved in the leaking and reporting have gotten smarter about it each turn you know I wrote this novel little brother about mass surveillance in two thousand and six two thousand and seven and I wrote it and heart because this kind of Mark Klein who had an engineer for eating T.V. walked into yes old offices and shot Wall Street in a mission in San Francisco with a pile of papers and said My boss made me build a secret room for the N.S.A. and put a beam splitter in our fire truck and give them or us access to all of the American Internet backbone and that was front page news right and we still have a lot of lawsuits will be N.S.A. That is still going that has to do with the mark fine story and it was on the front page of The New York Times and has been up many times since but no one knows. And then Wiki Leaks in cable kind of came and went and blew over almost as quickly as it started as Snowden was all law and here about how he released and so were the journalists who were you know Gellman portress and Greenwald were really really clever about this and that story lasted a lot longer continues to resonate and I think that in this in the world of financial whistleblowing there has been a series of he's that have built up I mean even the week that we caught the Panama papers we also got something the you know oil scandal you know oil is the largest bribery scandal of the history of the world and just have the misfortune to parade like thirty six hours before a panel of papers you know oil was a company and Monaco is a company in Monaco family run by these you know millionaire shoulder rubbing Navajos jetting Heights who they were the primary fixers for the oil fields of the world's failed states and they helped companies like Rolls Royce and send hack and Halliburton loot the oil fields of countries like Yemen and Iraq that then collapsed into a state that gave rise to ISIS and all of it is in this giant dump of all of their e-mail and it names names including blue chip companies and you know unlike that have a paper where what the firms did in setting up these fake front companies was probably not illegal in most cases just deeply on ethical what you know oil did is totally legal and countries like the U.S. and U.K. actually have prison sentences for executives of companies that participate in this stuff and and yet that story came away and Panama have been a bigger story and I think what's happening with both the Snowden kind of leak and the Panama papers kind of leak is not just that people are getting smarter about how they release those leaks remember the people releasing this stuff are risking their lives and their fortunes but but also public. Is figuring out more and more what this stuff news for them because the consequences of this misconduct is becoming more personal and like I think that the Panama Leaks probably resonates pretty deeply Greece which is a country whose coffers were looted and then collapsed you know if your mom died last year treatable breast cancer because they couldn't buy radioisotopes for their radiotherapy hospitals in Greece and the Panama papers are telling you that these named politicians and Richie's took their money out of the country smuggled out of the country and bankrupted the coffers that probably resonates for you in a way that isn't just going to blow over in a couple of weeks I think the way to think about this is peak and difference right like we are not yeah we're not like the peak corruption we're not a piece of Else there's life so much more to come but we repeat indifference only because life just like were he can difference to climate change because Herman that we went into the atmosphere is going to do what it's going to do no matter what we write all of that carbon from the last twenty years is there and it's effect is for being an unavoidable what we're arguing about now is whether the storms that it's bringing today that the once in a millennium storms that are landing once a month are going to be enough to stop us from putting even more carbon and in the same way all of that private information that was collected and surveillance capitalism all that is going to leak and it's going to destroy people's lives and so what we're trying to figure out now is whether or not we are going to let the I.O.T. which is going to have smart rectal thermometer is and start thermostats and smart cameras everywhere I mean if you ever see one of those Io T. videos really people walk into their house and they wave their arms the lights come on and then they say T. hot earl grey black in the kitchen starts making and that's a house where you're never off camera and off microphone so what we're arguing about is whether or not that stuff is going to breach right can we decarbonise this. Surveillance economy can we do her eyes financial capitalism before it's too late that's the that's the fight we're having right now so speaking of systems and trust and our trust in systems I'd love to move to our next segment which is called Tools and this is where we ask our guest about one or two tools that he or she relies on either in work or outside of work and I'm particularly curious to ask you Kori in the context of this discussion because I bet you have some tools and some ways of doing your work that reflect your awareness of how these systems work and that our listeners would be really interested in so let me tell you about my tools but let me tell you about tools in general soup if I can and what I wear I think the tools can go so I'm I am like everybody privacy conscious I think that maybe I'm subject to more direct scrutiny than media person but no I don't flatter myself that there's you know I have a microphone in the room right now right I'm not paranoid I just feel like I it's better safe than sorry so I do things like I try to on full disk encryption on all of my devices and I use long robots passwords and I generate them with a random password generator on my computer I use a flavor of Linux called going to and center with a distribution is into a call a P.G. that password generator I make long passwords for everything and I keep them in a text file and I encrypt that text file with the successor to True Crypt which is Koby are correct and so after mounting my pretty hard drive I mount this encrypted partition and then that's got my text file and I use that and to my passwords I use G.P.G. to talk to people and crypto cat and so you know to have chats and and sort of all of the above all the stuff you'd expect and if you're interested in figuring out how to be more secure you can go to someplace like this surveillance self-defense kit and yet have we put together which breaks down tools for different users you know if you're a student if you're an L.G. eighteen trying to you know hide out for your entire family if you are you know what have we have all these different ways. Of slicing and dicing this stuff so that you can use it but what I really want to say is if all of that sounded Dante and terrible and terrifying and like full of acronyms that you don't understand and way too much work for anyone to ever do that I agree and I joined the board of a nonprofit called simply secure and simply secure raises foundation money to pay you X. people to work with security companies companies making privacy tools to improve their technology and improve its usability so that normal humans could use it and I think that might when all this privacy tools moving began anyone who understood why they did it was already pretty technical because you had to understand information flows understand why you needed encrypted email and if everybody who needs your product is technical you can make your interface from a technical but it doesn't mean that the technology is intrinsically hard you know when there was no one doing desktop publishing all typesetting software it's injury typesetter and we were able to bridge like ninety five percent of the gap between you know typing up on your craft word she for a grade three plus in one nine hundred seventy five and faultless type father figure we were able to bridge that with a tool that just didn't assume you had technical knowledge at five percent remains irreducible right like you pick up a beautifully made book from mix weenies or Riley and there's some like amazing typesetting in there and that's not something that you get just by reading the manual for Express or in designing a ready set go in nineteen eighty five right but I think we can do the same thing with the actuals and that's why I joined simply secure is because I think that like without this we're not going to be able to bring everyone along so it doesn't matter if I encrypt all my email and put it on her to her drive you don't leave it on my POP server and run my own POS ever ever. When I correspond with uses G. mail and so like all of my e-mail that I was so painstakingly protected at my end is sitting unprotected on Google servers and without other people so play our privacy teams or with me I might as well be doing none of it so this stuff is super important and if you are the kind of deep nerd who can make this stuff work by all means do but if you're not check out the tools that are arriving that are aimed at you don't assume that you have to be a money advisor of a company called Wicker that makes a tool that's like snap chat it has cryptographic Ross ness so unlike Snap Chat which just sort of you have to cross your fingers and hope that they make a crypto with their uses good crypto to make the messages disappear after a set period and it's not on the assumption that I can send someone I don't trust a message and then it will evaporate from their device and they say they won't be able to betray me it's on the assumption that I trust you and I want to share some information with you but I don't trust you to be robotically perfect and not losing your phone or or losing control of it and so we both agree to use a tool that keeps the message protected in transit and then makes the message go away unless we take a step to preserve it and that kind of tool sniffing for normal humans is the stuff that I think has the future of these tools like not tools so easy your mom can use it because moms are have to be super technologically adept because no one gives a damn about them we never make tools that are suited to their needs so they have to present themselves up to using that to acquire like a D. facility on them I think we need tools that are so easy your boss can use that because your boss is that guy who says like I don't care about your security measures I'm in a daze and they have a perfectly good computer here in the lobby and I got a fifteen minute block put on it from you know eight fifteen to eight thirty and I need to get into that corporate network they answer my day e-mail right we needed to it so easy your boss can use it those are awesome tools and now it's time to go to the click spiral section of the podcast which is my favorites. Section the podcasts where we discuss with our esteemed guests something that has been taking up browser tabs recently which may or may not have to do with work and we talk about it and enrich ourselves and one another through the interest discussion and we all of us improve ourselves through this process of mental calisthenics Exactly it's all very it's all very Victorian told him exactly techno Victorian usually who goes first to who should we have go first this week usually John I go first you go first John sure I'd be glad to go first so my click spiral this week has to do with the urban planner Robert Moses So this is the guy who's the subject of a landmark book by Robert Caro called The Power Broker and The Power Broker traces the rise of a young idealistic Robert Moses who breaks the robber barrons hold on oceanfront land and opens up beaches and Recreation to the masses and then his subsequent descent into a highway obsessed power hungry madman so it's more than a story of urban planning it's a story about the accumulation of power which Robert Moses was extraordinarily good at he wrote himself into a lot of chairmanships and commissions for life and it took a lot of untangling eventually by Nelson Rockefeller to remove it so a friend of mine named Tim won has announced a game design competition based on the power broker he's taking submissions for games that reflect something about the power broker and express its themes through gameplay it could be that the power broker is the thin veneer of plot over a game that's really about something else or it could be that it's the basis the core basis of a game about the accumulation of power Yeah there's an amazing graphic novel about Robert Moses called I think called Robert Moses. Robert Moses master builder New York City and it came from first second are now suspect number out which is this British graphic novel publisher extremely high quality thoughtful beautifully made books. When I lived in London. Until last summer they were practically our neighbors and I used to drop by their shop all the time see what they were up to so does Robert Moses have a reputation in the U.K. You know I think that Nobel publishes a lot of US interest work as well they have up on American distributor and they really have done very well with some of their titles here in the USA So I think that it was just about that but you know urban planning as a hotly contested issue in the U.K. not least because there are instant midst of such a housing crisis and also because housing has been weaponized there are these two facts are unrelated but you know the housing market in the U.K. to a greater extent even then in the U.S. treat shelter as an asset and not as a human right and so states are incentivized to increase its price which is you know pretty amazing when you think of it that way like if the government doubled the price of bread in five years they'd never get another vote but double the price or shelter in five years and it's a sure fire election winner so he's an economy is doing great I'm Saqlain And you know the Pentagon Papers don't just reveal that all of that property is is just laundered criminal assets and so London is squeezing out people who do the work of London in favor criminals who buy safe deposit boxes in the sky so that is my click spiral for this week David what's your click spiral my click spiral is something that I read on this blog called going blowing I don't know if you know as you heard of it but I've been following with bated breath all the drama going on in Eve Online and Corey I know that you have been writing about these wars that have been going on even online I feel we're discussing a blog post that you wrote but basically there's a I mean basically there's war brewing there's there's a there's a very large empire so so to to take a step back for our listeners who may not be familiar with EVE Online it's a it's a very large massively multiplayer online game which takes place in space and everyone has a little craft and you can start mining stuff and you can start corporations and. Coalitions and and it turns into this very large generative kind of space society and it's fascinating because some people joke about it being called spreadsheets in space because it's really you know kind of an economic simulator except you fly around in spaceships but over the course of the years that the game has been in play there have been some very large kind of groups and coalitions that are formed that have gradually taken over a large place of the game space and you know there's there's there's banks that do trading in currency of the game called I.S.K. which actually is anchored in real value because I ask a is what you use to pay for your play time so people are trading their converting US dollars and euros into I ask you can be a number of like outside outside means but I mean basically it comes from like mining and acquiring assets and other stuff like that but but people have built these huge corporations and there's there's there's a really giant one that's taken over most of space based on using a scheme based on the way the Persian empire used to do which was like they go in and say OK you swear allegiance to us and give us a little bit attacks and we'll just leave you alone and then you know there's a few people aren't part of that but but apparently it's really kicking off because someone who's a he's like a smaller ally of this giant coalition has been was grieving someone from one of the major banks in the game which is like bankrolled by an online casino which is where you can convert I escape to real money and so now all the people with the money are really really pissed off at the giant empire and are like funding some kind of giant insurrection against them and I'm not entirely sure what's going on but it all sounds very exciting Corey what do you think about all of this yeah it's pretty amazing I mean EVE Online is it's really set up so that there there isn't much of a game in less you are playing a spreadsheet game and less like in the same way that work racket actually turned into a game not about killing monsters but about getting forty of your friends to meticulously plan a reading to kill monsters. Very quickly stop being a game of piloting an imaginary station and started to be about really and truly convincing people. To help you build empires by incidentally following imaginary spaceships and there are no rules in EVE about what is and isn't economically allowed and so there have been major Ponzi schemes which are not a crime any and they've sucked huge amounts of money out of the game like ten thousand dollars worth of law Yeah the first time this ever crossed my radar with Eve was they were they people who ran the game had changed the balance of power by adding certain weapons that favored pirates over merchants and the merchant class became outraged and they felt that there had been a kind of bait and switch and so to members of a merchant class created Ponzi scheme where they or fraud really where they said the other merchants if you give us human general so in game money we're going to use it to build this new kind of spaceship that will let us all defend ourselves from pirates and once they'd amassed like a really large appreciable fraction of all of the wealth in the game they resigned their accounts and made that money disappear to create a kind of deflation in the game as a like giant raised middle finger to the game runners and as a way of ruining the gameplay of the other players Wow Right punish the game for doing this so is the community into this kind of Sutter fusion is it is it is it wrecking the appeal of the game or is this what is this what people play it for I think the answer is yes to both Yeah right I mean I think that like the thing that makes this game so compelling is they hang out playing the game and doing all of this really crazy stuff that's really hard to kind of put a boundary on you know kind of the sky's the limit your imagination is the limit of what you can convince other people to do with you is the limit but on the other hand that means that people who can be giant decks. Really thrive in the game which I think. For them and the people who are directly implicated is probably really awesome but for the people on the other side of that not so much and it's kind of like like is you too fat and by or detracted from by the awful prank that people who like you know I don't know happy slapping or any of those other things where they do incredibly cruel things to other people I think the answer is yes to both for yeah I like the reason those guys are doing that is because a lot of people get off on watching the humiliation of strangers strangers probably don't like and the people making videos are getting off on and on the people getting off on them getting off yeah and you know I expect that that like there's someone even who kind of wishes that the only news that broke about their product was naught Oh my God Here is this other like wretchedly awful greedy Stam or war that's taking place in this virtual world but there's also people who like really get off home plate right so another thing that I think is fascinating about this is I was reading a bunch of articles I started with yours and it going down and some of the poly gone coverage about it and I was reading a quote from one of the game developers and he talks about how there are different levels of game in this game so for example if you're just starting and playing casually you know your whole game experience might just be relatively minor tasks like flying around in your spaceship mining in killed by space pirates you know it's kind of making ends meet for your little company but and you you might not ever see the giant sprawling Game of Thrones type macaroon movements on the map that we're that we're reading about so excitedly as this developer said that only a couple hundred people maybe it to experience the game from this aspect and and that type of gameplay is very different some might even say more exciting so it's funny because it seems like the actual game experience is being built on the top of many thousands of people who are grunts in the game who work to provide as the super duper experience for the power players who really invest in it yeah I mean it and the other funny thing of course is that this is all happening in Iceland did. Does the company is headquartered in Iceland which is in the middle of having an actual government non virtual government collapse because of a finance scandal legs to Japan in the papers so Korea now it's your turn what have been in your browser tabs lately so I think Project for the last couple of months ago had a big setback on it has been to convince the World Wide Web Consortium to try to protect people from the negative consequences of its decision to add digital rights management to the core stack for H.T.M.L. and we've just lost a really important battle there it's had me very blunt for the last couple of days so explain the inclusion of D R M in the H.T.M.L. spec first and then we'll get into what you're working on yeah there are a lot of ways of thinking about it and I think I changed my thinking a little bit recently so I'll give you what my current thinking is so there's two ways I'm trying to imagine how we can make the web better and they which one you pursued depends on what your theory about what the future of business online is so if you think that web browsers the Web browsers we have now are unlikely to be the Web browsers we have in ten years and the web browsing companies we have now are unlikely to be the companies we have in ten years then what you need to do to make the web as good as possible is to ensure that anyone can enter the market with a new product that treats people and ecosystem better than the products that exist today if on the other hand you think it's game over if you think the Web is mature to and that although all the browsers now time didn't exist ten years ago that they will continue or exist for the next hundred years and what you need to do is make them behave better even if the rules that you put in place for them are rules that no new start up good bye bye there I ensure that they will be the only browsers that we get forever because no startup could ever enter the market again because we're putting so many impediments in the way so what are they proposing to actually put into the standard So what you get at the World. Weapon source is this belief that digital rights management is a foregone conclusion and that therefore the way that we fix it is by making a standard at the W three C. that all the current web developers all the current Web companies will common agree on and because it's happening to the World Wide Web Consortium which is this public interest group we can force them to put some concessions in for privacy and a few other things fairness but not as good as no be our end all but this is like that compromise that we're going to get and this is how over and he'll So the robot of a consortium created this thing called encrypted media extensions and it's a way for browsers to receive D.R. unlocked it he owes and then to control how their users interact with those videos of that the users if they ask their computers to save them their computers will refuse to do their will that's a huge bummer it really is and it depends on each web browser to implement Yanni needs to find under my job he or in the case and which is what Mozilla is using or in the case of Microsoft and Apple their own internal G.R. in divisions they need to find a dram vendor to partner with them to make another piece that is required to make any run called a content creation module or C.T.M. And so what that means is that all the new companies that we can imagine coming out that might make the next spent generation browsers will need to go and find a C.D.R. partner that the studios approve of and right now that's just the O. S. spenders and Adobe and pay a crap ton of money to license it to be compatible or something that's right and so we're we're you know the future of if we did get new browsers the future would look a lot like the early days of the Web where you have things that were passed viewed with the incumbent browsers or past you with the new browsers and web sites would have to make a decision about whether or not they were going to support those new browsers which is kind of the opposite of what you want from a standards body write standards bodies are supposed to produce interact. About quitting and so that's that's that's a huge pot right the idea that we are light locking innovation out of the web because the studios are only going to grant permission to companies that do what they want even if what they want doesn't have any connection with copyright law you know if you're allowed to own a V.C.R. They can record a video off the T.V. There's not really any legal basis for asserting you can't record video off your computer either and you can do illegal things with the things you record off your T.V. you could you could then you know burn it to a D.V.D. and settled on Broadway and that would still be illegal but the act of recording is legal and the act of making a V.C.R. is legal but the thing is that diorama is illegal to break so even if you want to do something illegal directly is illegal to break and so once the W three C. decides to put it into browsers then reverse engineering how an existing browser works to add a new feature to it or to make a competitor to it or to do something that's otherwise lawful for like for example tendencies this legendary security researcher who is also colorblind built an extension that on the fly can change the gamut of video to make it accessible to people who are colorblind that sounds really helpful Mike a generally good thing for society and it's not a legal right but it is a legal separation that you are on to do it and you have to break that you aren't doing as so that's bad and then the other really scary piece of us is that. Is illegal to report security vulnerabilities that right if you report security of all abilities and you're weakening the D.R. And because its attackers now have like a I don't know an attack surface they can target and so we've seen this in the real world that devices that have in them their whole or goalies take longer to come to light it's usually once they're being actively exploited and those active exploits are so widespread that they breach and people notice them like you can't you can't not talk about them that those vulnerabilities come to light and. That's far too like for the people who have already been exploited by these bones and as browsers. That go to interface the whole point of H.T.M.L. five is to replace apps and have browsers be the go to interface for the interconnected internet of things the actuated sensing devices around which I think we were talking about today as well as as that happens then all of those devices become reservoirs Long Live vulnerabilities that we're not allowed to talk about until it's too late so we went to the W three C. At first when they proposed as he said like you guys got to be on crazy pills like you're supposed to represent the open Web How can you claim to represent the open web and the like well you know without G.R. out. The Without actually are having a standard if companies are just going to go off and make DRAM in their own proprietary way and the W three C. will become less significant and that we won't be able to exert our positive influence on red lights and you know we have to destroy the village to save it better a screwed up web with us in that that we were complicit in destroying then. Screwed up web that we have sent ourselves from that we're not around to try and salvage and this is you know the kind of council of the Slayer that always leads to bad outcomes you know this is everyone in the chain here is saying that or something screwed up with some a great like we still around in a position of power that something screwed up without me in it and so this is Mozilla's argument for putting Karen in Firefox and it's Apple's argument for putting D R M and i Tunes and you know it's like everybody has made this argument and if nobody made this argument if we all agreed actually Let's shoot for something better than I screwed up web with us in it let's shoot for a web that's not screwed up but you said that you were unsuccessful in your lobbying effort we came up with a better right or not a better idea but at least a way to salvage things that nobody three see is actually better. This place the form and software patents were first. Real thing the W three C. had this crisis because so many of its members wanted software patents but they could see if there was patented are in the standards that they were making for the web that would be really hard to standardize the weapons you have to go get permission so they decided to clear the ostrich holes so implementing questioned by making everybody who sat down through C. Make a legally binding promise not to use their patents against people who mentioned web standards so we say great we know how to solve this problem we're not going to take musician whether dioramas good or bad we're going to take a position on whether or not there should be a penance to standards implementation and so everybody comes to the three C. in addition to promising not to use their patents as a promise not to use their rights under the Digital and Copyright Act and the worldwide equivalents to it to attack people who are implementing this technology or who are grieving and security and that was what we just lost on we fought so hard for this we got a ton of members to come forward and say that the charter of the group that we're going to standardize that we are in shouldn't be renewed unless they have this and then after a couple of months of wrangling a failure to come to any kind of consensus like for the same reason you know the turkeys don't for Christmas it seems unlikely that companies advocating for directing or Netflix and Comcast are going to say you're right people should be able to break their own for legal reasons so in the absence of consensus Tim Berners Lee personally said All right let's just make our own without any protections and he thought out benevolent dictator W three C. and what he says goes in that set we're I don't know what we're going to do I honestly don't know what we're going to do I think maybe we just lost the way you know we recently saw an early hint of the kind of card Ally's rouser dynamics that you're predicting where you've got a bunch of proprietary DRAM formats and content producers can demand that a browser has a particular D R M scheme in order to run it and that in turn makes it possible to make content that. Runs on only one platform or one browser last fall Amazon announced that its streaming video services would cease to be available on Google T.V. or chrome casts and its excuse was that this was too small a market to justify the support but really it's just a flavor of chrome that's not so different from other flavors of chrome at least from the perspective of the web host so it's purely in any competitive move to shut out the users of a competitor's product well and you know if it was truly the case that it was just too expensive to support it they could promise not to use the D.M.C.A. to punish people who added that support themselves right and then and then it could become a thing that everybody else is they wouldn't even have to remove that they aren't they can just promise not to sue people who broke the DRAM to add back this functionality that they were taking away and I think that the the fact that that option exists which is not something people talk about much the fact that option exists and the fact that no companies take it tells you that when they say oh we're doing this because it's kind of practical decision and has nothing to do with any competitive conduct it's just not true they have it in their power and they choose not to and so this is a it's it's really got me down. I don't know if we forfeit over you three See I don't know if we continue to public pressure on them I do know that if this rule had been in place then the companies advocating for the arm of the W three C. have been started they wouldn't exist right now started by distributing D.V.D. these without permission from the studios and charging money for it and if if there had been a means by which the studios could sue because Netflix out to break some law to put the D.V.D. in the envelope they would have you know and cable Well Comcast started as community antenna television where in the forty's they were they would put up these rocky are these broadcast reception antennas that had wires that went to their customers houses and they suck down broadcast programming without paying for it and then redistributed it for money to people's houses that sort. Able came from that sounds like an awfully familiar business model by the way and it's something that Comcast has recently opposed well and you know if the people who made who made C.D.'s had agreed on something like me there wouldn't have been itunes and it's one company after another if if Netscape had had some means or if Internet Explorer it had some means to prevent Mozilla from replicating its functionality there be no Firefox so every one of these firms that are participating in D R M got their start by doing something that would have prevented it and you know every pirate wants to be an admiral that's not surprising the surprising thing is that the W three C. is helping them pull up the ladder behind them and I think the reason why is what I was saying at the beginning of this chat here which is that the they are now operating on the assumption that the web is cooked there aren't any future companies coming down the road and so it doesn't matter if you impose barriers to competition because there is no competition comment you know we would like just like there's three auto manufacturers and four record labels and five movie studios and five publishers left there is going to be three or four Rob rouser companies for the rest of the future and that's what our future is going to look like and so now we have to switch from making sure anyone can enter the marketplace to making sure that the people in the marketplace are held to account and some minor way that you know we put a bit of a ring around them yeah so I mean I'm sorry to sound so glum here I have I have been really in the dumps for the last couple of days trying to figure out exactly what it is we do about this and to be honest I don't have any answers I mean this is how all this stuff started and I went back to you after that every three See made this decision and and Mozilla made this decision because I thought this is it you know I can't I can't sit on the sidelines writing science fiction novels we're going to lose the open Web We're going to lose you know we're going to lose the future. If we don't go do something about it and I wrote this piece called getting hot sleet into the full or well where you know we're pursuing entertainment technology in a way that makes our browsers into systems for spying on us for controlling us so a lot of this is motivated by media companies who want to protect media that's already been produced and I mean I think people should pay for the stuff that they make or whatever but the thing that is scary to me is that these rules that are being made to protect the interests of the people who already have the market cornered to a higher degree can also be applied for scarier constraints on free creation and free speech and people don't want to talk about that because they just say oh it's just about movies and video games like question we care let me let me push back on you site laid out whether this is about getting paid because I don't think copyright law is about ensuring that if you can think of a way to charge people money for being entertained the law will stop people from changing the landscape so that's harder you know a good example of this is the F.C.C. just put down a mandate called the unlock the box mandate where they are they're seeking to require cable and satellite operators to allow anyone to build a satellite receiver or cable receivers the average family standing sitting like two hundred sixty dollars a year on a three generations old P.C. in an ugly box of high power consumption that sits on top of their television that they're not allowed to own that does their cable reception and by opening it up you know we can do things like let you skin to skin a U.I. make a U.I. that isn't so like janky and fugly the way that all of you eyes for all those top boxes to let you combine a simple search across you know your Amazon subscription in your Netflix subscription and your pay T.V. options in all of this stuff and the studio as I said well we'll make less money if you do that and that means that it's piracy because like we rely on it being hard for you to figure out if you get to watch something that you're about to spend four ninety nine on for free and one of your other subscription services I'm just saying that these companies are. It by trying to maintain homeostasis But the thing that's troubling to me about all of this is that if you don't care about anything else than just maintaining homeostasis the fight seems a bit short sighted in comparison to all the wonderful future that you might be inadvertently nipping in the bud well and it's what economists call rent seeking you know rather than adding value just lock other people out of adding value so you know what I was doing digital rights management standards and European to T.V. digital television one of the arguments however having was this guy from the motion picture industry was strenuously arguing for a fly that you could put in a program that would limit pauses how long you could post the show and it was like well what or someone like really needed to take a break to like go to the toilet so they can pay for the break so it's ownership of the experience so far down that your pain to pause the media yeah they call in there and they think that copyright industries just put in comments to the F.C.C. where they called it minute Lee controlling the experience minute least pacify the experience right that's what they think that's and that's not copyright that's just like it would be nice if the government would make it illegal for people to pay me less that's not the same as being stolen from right the unwillingness of the government refusing to force people to pay you more is not the same as being stolen from so as a way of wrapping up this segment of the podcast is there a place where listeners can go you know and name for your efforts or your campaign here something that people can support in a tangible way you have a project just call the Apollo twelve go on and Apollo obviously is the Apollo mission the ten year mission to go to the moon and trouble one is the section of the D.M.C.A. that bands breaking these digital logs and the project is meant to kill all the Jarome in the world in a decade we've got some pretty exciting announcements are going to be making soonish about this but in the meantime if you go to a publisher when you can if you google it you can read a little about it well the thing that I'd be really interested in effect if any of your readers are security. Searchers I've got an open sign on for people who want the W three C. to guarantee that security researchers can conduct research on web browsers even the ones that have that they are on their specifying and we really could use your name so if you're a security researcher send me e-mail Korea have taught or let me know what country you operate in and let me know if you have a technical affiliation or professional affiliation you want to submit your name and we'll add you to the list and the more the merrier especially if you're outside the US are and already used to it would be great to hear from you I know that of you who seems very interested in the opinions of what they call the next billion users people in the developing world so that's Apollo twelve zero one definitely worthy of the support of our listeners and this segment is click spiral so if you're out there listening and you have something you'd like us to discuss the future guest on the podcast really dig into something that's absorbed you on the internet email us at hardware at O'Reilly dot com This is been really great but I think that's about all we have time for today thank you again Cory so much if people want to find you in the Internet how do they do that well put her into Google and the first result see are right. I just website with my friends called Boing Boing you know I N G B O I N G and I have a website called Crap pound that's my personal stuff cool sounds great thanks again Corey OK thanks guys. For links and other information related to this week's episode visit O'Reily dot com slash hardware and send your questions and comments to hardware at O'Reilly dot com If you enjoyed the program make sure you subscribe to an i Tunes Sound Cloud stitcher or your favorite podcasting platform and if you really enjoyed it consider leaving us a review until next time I'm David Crane And I'm John Bruner.