Books

O'Reilly No Longer Selling Individual Books, Videos Online 47

dovf writes: Just got an email from O'Reilly Media that as of today, they are no longer selling individual books or videos online -- rather, they are encouraging people to sign up for Safari. They are continuing to publish books and videos, "and you'll still be able to buy them at Amazon and other retailers." They also make it clear that we will not lose access to already-purchased content, updates to such content, etc. More details can be found in the FAQ. No mention, though, of whether the content sold at these other retailers will remain DRM-free... From the FAQ: "You can buy all of the books (ebooks and print) at shop.oreilly.com from Amazon and other digital and bricks-and-mortar retailers. We're no longer selling individual books and videos via shop.oreilly.com -- but we are definitely continuing to publish books and videos on the topics you need to know. And of course, every O'Reilly book and video (including O'Reilly conference sessions) is available instantly on Safari." The only mention of "DRM" in the FAQ is in regard to what happens to the digital content you have in your account at members.oreilly.com. According to O'Reilly, "Your DRM-free ebooks and videos are safe and sound, and you'll continue to have free lifetime access to download them anytime, anywhere."
Anime

New 'Lupin III' Commentary Track Celebrates The Glories Of Ignoring Copyrights (terrania.us) 71

In 2004, film critic Roger Ebert "realized that auteurs weren't the only ones who had things to say about movies, and suggested that experts in other fields or even just fans of the movies could create MP3 commentary tracks to discuss their favorite films, which could then be downloaded and played alongside them." This inspired Slashdot reader #14,247 to produce his own commentary on Hayao Miyazaki's first movie, Lupin III: Castle of Cagliostro -- and 13 years later, to release a new commentary track celebrating the film's 35th anniversary. Robotech_Master writes: Among other things, it offers proof that excessive copyright really harms creativity by restricting the uses people are able to make of prior art -- by showing what can happen when people get away with ignoring copyright and creating anyway. Not only were Lupin III and Cagliostro effectively inspired as "fanfic" of characters and works that had come before, many of those characters and works were effectively fanfic themselves -- and Cagliostro in turn inspired parts of a number of other works that came afterward, including a couple by Disney.
Anyone else have a favorite example of a movie that bends the rules of copyright law?
Movies

Studio-Defying VidAngel Launches New Video-Filtering Platform (yahoo.com) 201

Last December VidAngel fought three Hollywood studios in court for the right to stream filtered versions of movies. Now fogez reports that "they have come up with a new tactic in their attempts to bring filtering choice into the streaming media equation. Instead of leveraging the legal loophole that landed them in court, VidAngel is now going to insert themselves as a filtering proxy for services like Netflix and Amazon." From the Hollywood Reporter: Its new $7.99 per month service piggybacks on users' streaming accounts. Customers log into the VidAngel app, link it to their other accounts and then filter out the language, nudity and violence in that content to their heart's desire... "Out of the gate we'll be supporting Netflix and Amazon and HBO through Amazon channels," says Harmon, adding that Hulu, iTunes and Vudu will follow... Harmon says it remains to be seen if the studios will fight VidAngel's new platform, but his biggest concern is how Amazon and Netflix will respond. He says his company has reached out to the streamers, and he hopes they'll raise any concerns through conversation instead of litigation... "VidAngel's philosophy is very libertarian," he says. "Let directors create what they want, and let viewers watch how they want in their own home. That kind of philosophy respects the views of both parties."
The original submission describes the conflict as a "freedom of choice versus Hollywood."
DRM

'Rime' Developer Keeps Promise, Removes Denuvo DRM After Game Gets Cracked (cinemablend.com) 133

An anonymous reader quotes CinemaBlend: Tequila Works and Grey Box had previously announced that the DRM for the PC version of Rime would be removed if it were cracked. Well, in just five days the DRM was cracked and a cracked version of the game was made available online. So, now the DRM will be removed...

Five days after the PC launch of Rime, the cracking scene managed to get into the executable and spill all of its guts, removing the DRM and putting the exe back together so it could be distributed across the usual sites. One of the things noted by the cracker was that he found Denuvo executing hundreds of triggers a second, which caused major slowdown in the performance of Rime on PC. This form of digital rights management resulted in every legitimate customer having to deal with a lot of slowdown and performance hiccups... The sad reality was that those who pirated Rime and used the cracked file essentially gained access to a game that had improved performance and frame-rates over those who actually paid for the game.

The Courts

The Lawyer Who Founded Prenda Law Just Got Disbarred (engadget.com) 62

Long-time Slashdot reader lactose99 writes: One of the original copyright trolls finally got their comeuppance. From TFA: "John L. Steele, a Chicago lawyer who pled guilty to perjury, fraud and money laundering resulting from alleged 'honeypot' schemes, has just been disbarred by an Illinois court." John L. Steele, as you may know, is one of the principals of Prenda Law, a notorious copyright troll who has been featured on /. several times. The article goes on to describe how the Prenda lawyers used honeypot-like tactics to trick people into downloads and then subsequently scammed them for copyright violations.
Their operation brought in $6 million in settlement fees, reports Engadget, adding "While it is illegal to download copyrighted files from file-sharing sites, it is also against the law to extort downloaders."
Security

Stealing Windows Credentials Using Google Chrome (helpnetsecurity.com) 53

Orome1 writes: A default setting in Google Chrome, which allows it to download files that it deems safe without prompting the user for a download location, can be exploited by attackers to mount a Windows credential theft attack using specially-crafted SCF shortcut files, DefenseCode researchers have found. What's more, for the attack to work, the victim does not even have to run the automatically downloaded file. Simply opening the download directory in Windows File Explorer will trigger the code icon file location inserted in the file to run, and it will send the victim's username, domain and NTLMv2 password hash to a remote SMB server operated by the attackers.
Android

Netflix Says No To Unlocked Android Smartphones (androidpolice.com) 255

An anonymous reader writes: Last week Netflix app started showing up as "incompatible" on the Play Store for rooted and unlocked Android devices. However, the app itself continued to work fine, leading some to think it could have been an accident. However, Netflix has now confirmed to blog AndroidPolice that blocking modified devices from downloading the app was intentional. This is the full statement: "With our latest 5.0 release, we now fully rely on the Widevine DRM provided by Google; therefore, many devices that are not Google-certified or have been altered will no longer work with our latest app and those users will no longer see the Netflix app in the Play Store."
Electronic Frontier Foundation

EFF Warns Most Of Intel's Chipsets Contain 'A Security Hazard' (eff.org) 158

The EFF is issuing a warning about the "tiny homunculus computer" in most of Intel's chipsets -- the largely-undocumented "Management Engine" which houses more than just the AMT module. An anonymous reader quotes their report: While AMT can be disabled, there is presently no way to disable or limit the Management Engine in general. Intel urgently needs to provide one....vulnerabilities in any of the other modules could be as bad, if not worse, for security. Some of the other modules include hardware-based authentication code and a system for location tracking and remote wiping of laptops for anti-theft purposes... It should be up to hardware owners to decide if this code will be installed in their computers or not. Perhaps most alarmingly, there is also reportedly a DRM module that is actively working against the user's interests, and should never be installed in a Management Engine by default...

While Intel may put a lot of effort into hunting for security bugs, vulnerabilities will inevitably exist, and having them lurking in a highly privileged, low-level component with no OS visibility or reliable logging is a nightmare for defensive cybersecurity. The design choice of putting a secretive, unmodifiable management chip in every computer was terrible, and leaving their customers exposed to these risks without an opt-out is an act of extreme irresponsibility... EFF believes that Intel needs to provide a minimum level of transparency and user control of the Management Engines inside our computers, in order to prevent this cybersecurity disaster from recurring. Unless that happens, we are concerned that it may not be appropriate to use Intel CPUs in many kinds of critical infrastructure systems.

TLDR: "We have reason to fear that the undocumented master controller inside our Intel chips could continue to be a source of serious vulnerabilities in personal computers, servers, and critical cybersecurity and physical infrastructure."
DRM

FSF Supports Today's Boston March Against DRM In HTML5 (defectivebydesign.org) 89

Atticus Rex writes: A small artist-led group called Ethics in Tech is joining the long-simmering struggle between streaming video giants and Internet freedom activists over whether the Web should include Digital Rights Management in its technical standards. This Saturday, Ethics in Tech will lead a march on the W3C, the body -- led by Web inventor Tim Berners-Lee -- that decides on Web standards.
The Free Software Foundation is promoting the march, and their "Defective By Design" site is sharing this quote from the march's organizers. Dear W3C: we demand you comply with UNESCO and international civil and political rights. Halt EME -- ensure the protection of a secure, accessible, and open web. Make ethical standards or stand on the wrong side of history.
DRM

DRM Will Be Gone By 2025, Predicts Cory Doctorow (theregister.co.uk) 191

An anonymous reader writes: It's been two years since Cory Doctorow joined the EFF's campaign to eliminate DRM within 8 years -- and he still believes it'll happen. "Farmers and the Digital Right To Repair Coalition have done brilliantly and have a message which is extremely resonant with the political right as well as the political left." And now even the entertainment industry seems to oppose extending the DMCA to tractors. "The entertainment industry feels very proprietary towards laws that protect DRM. They really feel that they lobbied for and bought these laws in order to protect the business model they envisioned. For these latecomer upstarts to turn up and stretch and distort these laws out of proportion has really exposed one of the natural cracks in copyright altogether."
Doctorow also says that "If there's anything good that might come of Brexit, it's that the UK will renegotiate and reevaluate its relationship to the Organisation for Economic Co-operation and Development and other directives. The UK enjoys a really interesting market position if it wants to be the only nation in the region that makes, exports, and supports DRM-breaking tools."
DRM

An Open Letter on DRM To the Inventor of the Web, From the Inventor of Net Neutrality (boingboing.net) 46

Tim Wu, a law professor at the Colombia University, and best known for coining the term "net neutrality," has published an open letter to Tim Berners-Lee, the creator of the web and director of the World Wide Web Consortium (W3C). In the letter, Wu has asked Berners-Lee to "seriously consider extending a protective covenant to legitimate circumventers who have cause to bypass EME, should it emerge as a W3C standard." Cory Doctorow, writes for BoingBoing: But Wu goes on to draw a connection between the problems of DRM and the problems of network discrimination: DRM is wrapped up in a layer of legal entanglements (notably section 1201 of America's Digital Millennium Copyright Act), which allow similar kinds of anticompetitive and ugly practices that make net neutrality so important. This is a live issue, too, because the W3C just held the most contentious vote in its decades-long history, on whether to publish a DRM standard for the web without any of the proposed legal protections for companies that create the kinds of competing products and services that the law permits, except when DRM is involved. As Wu points out, this sets up a situation where the incumbents get to create monopolies that produce the same problems for the open web that network neutrality advocates -- like Berners-Lee -- worry about.
Bitcoin

Backdoor Could Allow Company To Shut Down 70% of All Bitcoin Mining Operations (bleepingcomputer.com) 102

An anonymous reader writes: "An anonymous security researcher has published details on a vulnerability named "Antbleed," which the author claims is a remote backdoor affecting Bitcoin mining equipment sold by Bitmain, the largest vendor of crypto-currency mining hardware on the market," reports Bleeping Computer. The backdoor code works by reporting mining equipment details to Bitmain servers, who can reply by instructing the customer's equipment to shut down. Supposedly introduced as a crude DRM to control illegal equipment, the company forgot to tell anyone about it, and even ignored a user who reported it last fall. One of the Bitcoin Core developers claims that if such command would ever be sent, it could potentially brick the customer's device for good. Bitmain is today's most popular seller of Bitcoin mining hardware, and its products account for 70% of the entire Bitcoin mining market. If someone hijack's the domain where this backdoor reports, he could be in the position to shut down Bitcoin mining operations all over the world, which are nothing more than the computations that verify Bitcoin transactions, effectively shutting down the entire Bitcoin ecosystem. Fortunately, there's a way to mitigate the backdoor's actions using local hosts files.
GNU is Not Unix

Richard Stallman Interviewed By Bryan Lunduke (youtube.com) 172

Many Slashdot readers know Bryan Lunduke as the creator of the humorous "Linux Sucks" presentations at the annual Southern California Linux Exposition. He's now also a member of the OpenSUSE project board and an all-around open source guy. (In September, he released every one of his books, videos and comics under a Creative Commons license, while his Patreon page offers a tip jar and premiums for monthly patrons). But now he's also got a new "daily computing/nerd show" on YouTube, and last week -- using nothing but free software -- he interviewed the 64-year-old founder of the Free Software Foundation, Richard Stallman. "We talk about everything from the W3C's stance on DRM to opinions on the movie Galaxy Quest," Lunduke explains in the show's notes.

Click through to read some of the highlights.
DRM

The Kodi Development Team Wants To Be Legitimate and Bring DRM To the Platform. (torrentfreak.com) 156

New submitter pecosdave writes: The XBMC/ Kodi development team has taken a lot of heat over the years, mostly due to third-party developers introducing piracy plugins to the platform. In many cases, cheap Android computers are often sold with these plugins pre-installed with the Kodi or XBMC name attached to them -- something that caused Amazon to ban sales of such devices. The Kodi team is not happy about this, and has taken the fight to the sellers. The Kodi team is now trying to work with rights holders to introduce DRM and legitimate plugins to the platform. Is this the first step towards creating a true one-stop do it yourself Linux entertainment system?
DRM

American Farmers Are Still Fighting Tractor Software Locks (npr.org) 316

Manufacturers lock consumers into restrictive "user agreements," and inside "there's things like you won't open the case, you won't repair," complains a U.S. advocacy group called The Repair Association. But now the issue is getting some more attention in the American press. An anonymous reader quotes NPR: Modern tractors, essentially, have two keys to make the engine work. One key starts the engine. But because today's tractors are high-tech machines that can steer themselves by GPS, you also need a software key -- to fix the programs that make a tractor run properly. And farmers don't get that key.

"You're paying for the metal but the electronic parts technically you don't own it. They do," says Kyle Schwarting, who plants and harvests fields in southeast Nebraska... "Maybe a gasket or something you can fix, but everything else is computer controlled and so if it breaks down I'm really in a bad spot," Schwarting says. He has to call the dealer. Only dealerships have the software to make those parts work, and it costs hundreds of dollars just to get a service call. Schwarting worries about being broken down in a field, waiting for a dealer to show up with a software key.

The article points out that equipment dealers are using those expensive repair calls to offset slumping tractor sales. But it also reports that eight U.S. states, including Nebraska, Illinois and New York, are still considering bills requiring manufacturers to sell repair software, adding that after Massachusetts passed a similar lar, "car makers started selling repair software."
Government

Should The FBI Have Arrested 'The Hacker Who Hacked No One'? (thedailybeast.com) 227

Last week The Daily Beast ran an article about the FBI's arrest of "the hacker who hacked no one." In December they'd arrested 26-year-old Taylor Huddleston, "the author of a remote administration tool, or RAT, called NanoCore that happens to be popular with hackers." It's been "linked to intrusions in at least 10 countries," reported Kevin Poulsen, but "as Huddleston sees it, he's a victim himself -- hackers have been pirating his program for years and using it to commit crimes."

The article quotes Huddleston's lawyer, as well as a Cornell law professor who warns of the "chilling effect" of its implications on programmers. But it also says security experts who examined the software are "inherently skeptical" of Huddleston's claim that the software was intended for legal use, since that's "a common claim amongst RAT authors." Security researcher Brian Krebs also sees "a more complex and nuanced picture" after "a closer look at the government's side of the story -- as well as public postings left behind by the accused and his alleged accomplices."

Click through for the rest of the story.
Movies

Netflix Now Lets You Download Videos Onto Your PC (pcworld.com) 60

Netflix now offers offline streaming via its Windows 10 PC application, meaning you'll have even more options wherever you're stuck without Internet access. From a report: Netflix added the offline viewing options as part of the most recent update to the Netflix app on Windows 10. Because the Windows Store doesn't show you what version of the Netflix app you're using, just make sure you check for updates using the large blue button in the upper-right corner of the Windows Store app to receive the latest version. You won't need the Creators Update to take advantage of the new feature, either. When you open the app, Netflix will show you a large splash screen that advertises the new "download and go" capability. Unfortunately, if you click the Find me something to download button, the Netflix app doesn't currently display a list of downloadable titles; you'll have to hunt them down yourself. Netflix introduced the same capability on iOS and Android late last year. It's a bold move by Netflix to bring this feature to desktop. There is always the risk of someone finding out a way to break the DRM and easily distribute the files.
The Internet

FSF Activists Want You To Call Tim Berners-Lee About DRM (boingboing.net) 126

"The Free Software Foundation is calling on netizens to make calls to the W3C demanding they not include DRM in Web standards," an anonymous reader writes. Cory Doctorow reports: There's only two weeks left until members of the World Wide Web Consortium vote on whether the web's premier open standards organization will add DRM to the toolkit available to web developers, without effecting any protections for people who discover security vulnerabilities that affect billions of web users, let alone people who adapt web tools for those with disabilities and people who create legitimate, innovative new technologies to improve web video.
Tim Berners-Lee has final say over this change, according to the article, which directs callers to urge him to "keep the web free and open, rather than rescuing DRM from its slow collapse due to the complexity of fielding and supporting it without standards like those the W3C makes."
DRM

W3C Erects DRM As Web Standard (theregister.co.uk) 260

The World Wide Web Consortium (W3C) has formally put forward highly controversial digital rights management as a new web standard. "Dubbed Encrypted Media Extensions (EME), this anti-piracy mechanism was crafted by engineers from Google, Microsoft, and Netflix, and has been in development for some time," reports The Register. "The DRM is supposed to thwart copyright infringement by stopping people from ripping video and other content from encrypted high-quality streams." From the report: The latest draft was published last week and formally put forward as a proposed standard soon after. Under W3C rules, a decision over whether to officially adopt EME will depend on a poll of its members. That survey was sent out yesterday and member organizations, who pay an annual fee that varies from $2,250 for the smallest non-profits to $77,000 for larger corporations, will have until April 19 to register their opinions. If EME gets the consortium's rubber stamp of approval, it will lock down the standard for web browsers and video streamers to implement and roll out. The proposed standard is expected to succeed, especially after web founder and W3C director Sir Tim Berners-Lee personally endorsed the measure, arguing that the standard simply reflects modern realities and would allow for greater interoperability and improve online privacy. But EME still faces considerable opposition. One of its most persistent vocal opponents, Cory Doctorow of the Electronic Frontier Foundation, argues that EME "would give corporations the new right to sue people who engaged in legal activity." He is referring to the most recent controversy where the W3C has tried to strike a balance between legitimate security researchers investigating vulnerabilities in digital rights management software, and hackers trying to circumvent content protection. The W3C notes that the EME specification includes sections on security and privacy, but concedes "the lack of consensus to protect security researchers remains an issue." Its proposed solution remains "establishing best practices for responsible vulnerability disclosure." It also notes that issues of accessibility were ruled to be outside the scope of the EME, although there is an entire webpage dedicated to those issues and finding solutions to them.
Software

Why American Farmers Are Hacking Their Tractors With Ukrainian Firmware (vice.com) 500

Tractor owners across the country are reportedly hacking their John Deere tractors using firmware that's cracked in Easter Europe and traded on invite-only, paid online forums. The reason is because John Deere and other manufacturers have "made it impossible to perform 'unauthorized' repair on farm equipment," which has obviously upset many farmers who see it "as an attack on their sovereignty and quite possibly an existential threat to their livelihood if their tractor breaks at an inopportune time," reports Jason Koebler via Motherboard. As is the case with most modern-day engineering vehicles, the mechanical problems experienced with the newer farming tractors are often remedied via software. From the report: The nightmare scenario, and a fear I heard expressed over and over again in talking with farmers, is that John Deere could remotely shut down a tractor and there wouldn't be anything a farmer could do about it. A license agreement John Deere required farmers to sign in October forbids nearly all repair and modification to farming equipment, and prevents farmers from suing for "crop loss, lost profits, loss of goodwill, loss of use of equipment [...] arising from the performance or non-performance of any aspect of the software." The agreement applies to anyone who turns the key or otherwise uses a John Deere tractor with embedded software. It means that only John Deere dealerships and "authorized" repair shops can work on newer tractors. "If a farmer bought the tractor, he should be able to do whatever he wants with it," Kevin Kenney, a farmer and right-to-repair advocate in Nebraska, told me. "You want to replace a transmission and you take it to an independent mechanic -- he can put in the new transmission but the tractor can't drive out of the shop. Deere charges $230, plus $130 an hour for a technician to drive out and plug a connector into their USB port to authorize the part." "What you've got is technicians running around here with cracked Ukrainian John Deere software that they bought off the black market," he added.

Slashdot Top Deals