Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Cloud United States Your Rights Online

Bruce Schneier: IoT + DMCA = More Monopolies, Limits On Consumer Choice ( 118

New submitter OldMan17 writes: On Dec 24, while many of us were busy in a frenzy of commercial excess and socially-conditioned good cheer, The Atlantic published an article by Bruce Schneier predicting that the IoT will be abused in conjunction with DMCA to make our lives worse instead of better. Some of the precedents he cites are old news, but I expect we will have a lively debate in the comments as to whether the over-arching conclusion is justified by his arguments. When everything is online, laws made for "the internet" suddenly apply to everything.
This discussion has been archived. No new comments can be posted.

Bruce Schneier: IoT + DMCA = More Monopolies, Limits On Consumer Choice

Comments Filter:
  • Don't forget TPP (Score:3, Insightful)

    by darthsilun ( 3993753 ) on Sunday December 27, 2015 @01:38PM (#51190617)
    Which places even more limits on Consumer Choice. []
    web site take-downs without court orders?
    Illegal to modify devices you own?
    • by mbone ( 558574 )

      It is a shame that the best way to block this bad idea may be the gridlock in Congress.

      • Re:Don't forget TPP (Score:4, Interesting)

        by ShanghaiBill ( 739463 ) on Sunday December 27, 2015 @02:29PM (#51190863)

        It is a shame that the best way to block this bad idea may be the gridlock in Congress.

        There are many, many good things about gridlock. The only reason I am planning to vote for Hillary in November is because that will ensure that the gridlock continues.

        • Frank Herbert wrote a series of novels and short stories about a future in which the Government had become efficient, and because of that, sorely oppressive. In order to restore basic freedoms, a Ministry of Sabotage was instituted, whose job it was to throw wrenches into Government projects, especially ones that intruded into the basic freedoms of the populace.

          Edward Snowden comes to mind...

      • by dryeo ( 100693 )

        I'm sure the members of Congress can put aside their differences and cooperate to screw the average person by giving the big corporations more powers and allowing them to socialize the enforcement.

    • Vote trump to kill the job killing bill. Manufacturers already are lining up to send jobs to Vietnam, where the minimum wage is just 52 cents an hour.

      • Vote trump to kill the job killing bill.

        Bernie and Huck are also opposed. Bush, Rubio, and Kasich are supporters. All the others (including Hillary) have waffled.

  • by mbone ( 558574 ) on Sunday December 27, 2015 @01:44PM (#51190637)

    The Internet of Things (IOT) is being driven by commercial interests that are more interesting in spying (known in commercial circles as marketing) and in control. Benefits will accrue, but they will not accrue to the people paying for the gear, which makes the IOT value subtracting for the average citizen.

    • by fermion ( 181285 ) on Sunday December 27, 2015 @02:18PM (#51190813) Homepage Journal
      Smart phones are stupid. they cost privacy and security. They are expensive and you don't get any benefits.

      People want free things, so firms are going to produce products for this market. People don't understand the technology or how it impacts security or privacy so they sill just buy the cheap or free products. Look at PCs in the 90's. People were fine having malware on their purchased computers if it meant saving $50. For the most part they would not buy more secure computers because they cost more.

      • by Anonymous Coward

        They are expensive and you don't get any benefits.

        I have the sum of human knowledge in the palm of my hand, and a kick ass SSH client, to boot.

        People don't understand the technology or how it impacts security or privacy

        Yeah, they do. Protip: Most people don't give a flying fuck, and are in the right of it for their lack of fucks.

      • by dougmc ( 70836 )

        Smart phones are stupid. they cost privacy and security. They are expensive and you don't get any benefits.

        Clearly, the users of these phones think there are some benefits or they wouldn't use them.

        And given than the phones *are* expensive (at least the good ones), clearly the users think those benefits are worth paying a lot for.

      • by AmiMoJo ( 196126 )

        Don't get any benefits? Easy text comms in real time in multiple languages is poetry beneficial to me. Mapping and navigation, being able to look stuff up and compare prices in shops... I could go on.

    • IoT can be very useful but it needs standards. My house knows what temperature it is inside the fridge freezer and chest freezer out in the garage, this is useful to me, both in the hey my son forgot to properly close the chest freezer or the odd mechanical/electrical failure. It knows if people are home and when people are going to be getting home. It knows when were going on a weekend trip. This can save me money by kicking back heating/cooling hot water (yea I know instant hot water is the rage but

    • Maybe, maybe not. The Phillips Hue saga shows that maybe consumers have enough of a voice in this case. The formula which maximises profits involves having a strong enough user base to ride through the losses when you royally screw those users. Google has this. Microsoft has this. Philips didn't. Random IoT startup... unlikely.

  • by Anonymous Coward on Sunday December 27, 2015 @01:50PM (#51190667)

    His example of the Hue dustup was a poor, poor choice as example there.

    1) Hue bulbs use ZigBee Light-Link Profile.
    2) The bulbs (all of them...ALL OF THEM in the IoT space right now) cannot be re-flashed.
    3) In order to get a permanent private key for each SKU shipped using ZigBee LL Profile, the devices must conform to the spec and properly interoperate. So, they can't dink with the bulbs, period.
    4) The only place you can even possibly DO what Phillips attempted to do would be to dink with the final phases of the LL handshake, wherein the coordinator (the gateway puck) would allow federation with the mesh or not at the last part of the process, based on manufacturer and manufacturer ID, and just drop the federation request on the floor if it didn't match the list.
    5) It's not DRM, per se. Worse, it's NOT compliant with the ZigBee spec. Not sure how the Consortium would handle a revocation of things like that, but the Coordinator in that configuration no longer complied with the spec (which is to allow Home Automation and Light-Link protocol devices ONTO that mesh and be able to control them, period.
    6) Better yet, there were competing products (Iris, Wink, etc.) that could work with Phillips' crap because of the ZigBee spec. While some of them don't have an "API" to drive it via PC, some do- and moreover, some of them let you have ZB and Z-Wave light controls signal lights on and off or to federate clusters of bulbs with a control panel that acts like a Light Switch. Phillips just simply cut their own throats by trying this. People can go buy up their RGB bulbs or Osram's...and get the same basic functionality as Hue provided...for less money in most cases.

    • by Anonymous Coward on Sunday December 27, 2015 @02:06PM (#51190757)

      Not really.

      What Phillips did was effectively refuse to send control codes to non-Phillips bulbs. So you could still use non-Phillips ZigBee lights and they'd still help form the mesh network, you just couldn't turn them on or off or dim them or whatever it is that Hue does. And, of course, a lightbulb that can't be made to light is essentially useless even if it is helping your bridge communicate with a distant bulb.

      But you're right, you should (in theory) be able to throw away the Phillips hub (the part that communicates from the app to the bulbs) and switch over to a non-Phillips hub and get control of your lights back. Just not with the existing app.

      Which means that involves setting up your entire system from scratch, rebuilding everything you had set up in the Phillips app in the new app, and potentially means your physical switches that Phillips sells no longer works.

      And, of course, any new bulbs you buy from Phillips presumably won't work with the new bridge. And there may be some "special features" that only work with the Phillips bridge but who knows what those would be.

  • by MikeRT ( 947531 ) on Sunday December 27, 2015 @02:12PM (#51190777)

    Most people don't want nuance on the extent they own the goods they buy. This horse shit about you owning the physical properties, but licensing the software that is essential to its function is going to drive a deeper wedge between the public and IP than the corporate sector realizes. When your property rights become antithetical to mine, guess whose rights I'm going to choose...

    • by Opportunist ( 166417 ) on Sunday December 27, 2015 @02:33PM (#51190885)

      Unlikely. People won't even realize it. And it will only affect a tiny portion of the people buying those IoT trinkets.

      Look at the various devices that are already locked down and sealed. People are willing to put up with it. They buy from the walled-garden store, they buy the printer ink, they accept it. Of course they don't actually know what's going on, and they might even complain and lament, but they buy.

      And as long as they buy, the corporations don't give a fuck about the rest.

      • John Deer, most car companies, and other big name product vendors that have gone increasingly "computerized" have taken the view that you have at best a "perpetual license" to the software that runs your machine. The fact is that it works in bigger industries only because of the relative benevolence of the companies involved. However, what are you going to do when your self-driving car is 10 years old and needs updates? You're going to have to buy a new one because they may have switched out all of the unde

    • I fully expect that there will be a lot of overreach attempts with this, but rather than being a bad thing, it'll be good, because it'll wake up the non-techie public to some of the insane shenanigans that are being done in DMCA/etc land on the internet. Right now there are a lot of people, including judges, who don't (or haven't yet) realized just how bad it is because the physical parallels haven't been made clear. Give them some nice, clear examples though, and it's a new ballgame.

      Or so I'd hope at lea
  • by NostalgiaForInfinity ( 4001831 ) on Sunday December 27, 2015 @03:01PM (#51191011)

    The complaints began rolling in almost immediately. The Hue system was supposed to be compatible with an industry standard called ZigBee, but the bulbs that Philips cut off were ZigBee compliant. [...] Because companies can enforce anti-competitive behavior this way, there’s a litany of things that just don’t exist, even though they would make life easier for consumers in significant ways.

    The trouble with ZigBee is that "ZigBee compliant" doesn't mean different devices will actually work together. Z-Wave, a more restrictive and more proprietary system, actually works better. And that illustrates what's wrong with Schneier's reasoning: forcing platforms and protocols to be open does not necessarily make life easier for consumers, because something being proprietary can result in better user experiences, as the owner of that technology has a stronger financial interest in policing it. Apple devices are another example of this. Many technologies that we now think of as "open" started off as proprietary.

    Nevertheless, I think the DMCA is overreach and unnecessary: there shouldn't be legal penalties for reverse engineering or making compatible implementations. On the other hand, we should also not mandate open protocols and not scream bloody murder every time someone comes up with a proprietary system or puts up barriers to interoperability.

    As for home automation, there is no "monopoly" and no sign of one: there are a dozen different standards, some open, some mildly proprietary, and some completely proprietary, plus hundreds of vendors. Let the market decide which model works best. I don't think it will be full ZigBee, because that "standard" is a mess.

  • Don't fucking buy this Internet of Things, crap.

    Don't trust that you aren't getting screwed in the deal. Don't trust that your security isn't being left up to some greedy asshole of an MBA. Don't trust that it isn't designed first and foremost for analytics and ads to make even more money for those greedy assholes.

    Stop buying into this garbage, you don't need your damned phone to be able to control your lights.

    Feel like you're getting screwed in the process? Don't play the game.

    Millions of people every d

  • by david.emery ( 127135 ) on Sunday December 27, 2015 @04:20PM (#51191329)

    I think the SDOs (ISO, ANSI, IEEE, etc) made a fundamental mistake when they decided to accept patented technologies as part of formal (de jure) standards.

    If I were King, the FRAND license cost for any patent that appears in a de jure standard would be $0. If the patent-holder won't give up the rights, then the technology should not appear in a standard. Now that clearly would restrict what can be standardized, but that's a tradeoff that both society and patent holders should accept.

    (And technology R&D funded by governments should be royalty/license free. DoD certainly used to do that, and look at the advantages -commercial companies- have gotten from the fact that the basic Internet protocols are royalty free/not patented.)

    • by tlhIngan ( 30335 )

      I think the SDOs (ISO, ANSI, IEEE, etc) made a fundamental mistake when they decided to accept patented technologies as part of formal (de jure) standards.

      That's because you don't know how these groups work.

      They're a consortium of industry groups who get together to make standards.

      Here's how in general it works - if people want to make a new standard, they get together. Each company sends a few technical people to hash out the specification, because every standard is not done for technical excellence, but o

      • Well, I've worked on several IEEE and ISO standards projects in software, so I do have experience with the processes.

        Standards activities might well be the way you describe, but those I've worked on are not.

  • IoT will end up in the pile of rejected consumer electronics technologies - like 3D and curved TVs. Companies are desperately looking for the next big thing to foist on consumers.

    I've seen IoT devices for the past few years at CES (and I will probably see a ton more next week when I go). The IoT display at the Samsung booth always makes me shake my head. Here is a company that can't manage to keep Android updated on 2 year old mobile devices, but somehow they are going to update my 5 year old refrigerato

  • Bruce, thank you for saying some of what needs to be said.

    But please drop the Apple hate—Music downloaded via iTunes can be saved in DRM-free MP3 format, and it has been this way for about 8 years.

    And please do not be afraid of bashing the IoT. It is one of the stupidest ideas tht humanity has ever come up with.

    No, really, the stupidest. Stupider than eugenics. Stupider than. . . OK, that is about the crown of them all, but please somebody prove me wrong and argue that there was ever a stupid

Air is water with holes in it.