Bruce Schneier writes in The Atlantic:
In theory, the Internet of Things—the connected network of tiny computers inside home appliances, household objects, even clothing—promises to make your life easier and your work more efficient. These computers will communicate with each other and the Internet in homes and public spaces, collecting data about their environment and making changes based on the information they receive. In theory, connected sensors will anticipate your needs, saving you time, money, and energy.
Except when the companies that make these connected objects act in a way that runs counter to the consumer's best interests...
After giving examples of the Philips Hue light bulb and Keurig coffee pod DRM issues, Schneier explains how these companies rely on the anti-circumvention provision of the DMCA law to stop competitors from reverse-engineering proprietary standards. He continues:
Because companies can enforce anti-competitive behavior this way, there's a litany of things that just don't exist, even though they would make life easier for consumers in significant ways. You can't have custom software for your cochlear implant, or your programmable thermostat, or your computer-enabled Barbie doll.
[...] As the Internet of Things becomes more prevalent, so too will this kind of anti-competitive behavior—which undercuts the purpose of having smart objects in the first place.
[...] We can't have this when companies can cut off compatible products, or use the law to prevent competitors from reverse-engineering their products to ensure compatibility across brands. For the Internet of Things to provide any value, what we need is a world that looks like the automotive industry, where you can go to a store and buy replacement parts made by a wide variety of different manufacturers. Instead, the Internet of Things is on track to become a battleground of competing standards, as companies try to build monopolies by locking each other out.
Related:
Keurig Cup DRM cracked
Philips Backs Down Over Light Bulb DRM
Related Stories
r00t writes:
"Taking a page out of Lexmark playbook, the Keurig company, famous for it's one-cup coffee making system, now comes with new and improved 100% DRM. Apparently, Keurig is upset over re-usable third-party 'coffee pods' which allow the consumer to escape the Keurig throw-away models which carry a retail price 5% to 25% more. Keurig's CEO, Brian Kelly referred to the move as 'game-changing performance.' Perhaps this will finally be the year of Linux on the Coffe Maker?"
Well, that didn't take long!
Last year, after Coke took 10% stake in the company, Keurig started shipping a new version of their instant coffee machines. The primary 'improvement' was the addition of DRM designed to exclude any coffee not approved by Keurig. It is a scheme very much like the ink cartridge DRM of IBM/Lexmark.
One coffee maker has decided to crack that Keurig's DRM and are now shipping a device you insert into the maker that lets you spoof it into thinking any coffee is 'authorized.' They are capitalizing on their new Freedom Clip by giving it away along with free samples of their coffee.
Purchasers of the Philips Hue "smart" ambient lighting system are finding out that the new firmware pushed out by the manufacturer has cut off access to previously-supported lightbulbs.
Philips uses ZigBee, which should mean any bulbs compatible with this standard will work with its Hue products. Not anymore. The firmware update removes this support, limiting this "open, global" standard to Philips' own bulbs and those it has designated as "Friends of Hue."
When owners complained that they had been given the old bait-and-switch on products they already paid for, Philips issued this statement:
While the Philips Hue system is based on open technologies we are not able to ensure all products from other brands are tested and fully interoperable with all of our software updates. For guaranteed compatibility you need to use Philips Hue or certified Friends of Hue products.
The Philips Hue is a premium-priced LED lighting system, but the rapid pace of LED efficiency gains has started to leave them behind. Cheaper competitors have started to significantly undercut Hue's pricing. Maybe this lockout is more about pricing protection than it is about quality protection
Philips has backed down over its plan to keep out third-party bulbs from its Hue smart lighting system:
Dutch electronics giant Philips has been forced into an embarrassing U-turn over its plans to lock out third-party suppliers of light bulbs for its Hue smart lighting system. [...] Philips' customers have staged a very noisy protest at the move and the firm has backed down. In a statement on the Hue Facebook page, Philips gave a somewhat ungracious explanation about why it had reversed its earlier decision.
"We recently upgraded the software for Philips Hue to ensure the best seamless connected lighting experience for our customers. This change was made in good faith," Philips said. "However, we under-estimated the impact this would have on a small number of customers who use lights from other brands which could not be controlled by the Philips Hue software. In view of the sentiment expressed by our customers, we have decided to reverse the software upgrade so that lights from other brands continue to work as they did before with the Philips Hue system."
Previously: Lightbulb DRM: Philips Locks Purchasers Out Of 3rd-Party Bulbs With Firmware Update
(Score: 2) by Gravis on Wednesday December 30 2015, @02:50AM
it sounds like the DMCA needs to get an exemption for making products compatible. yeah, i would rather the DMCA be sent back to the hell it came from too but i'm trying to think of workable solutions that congress critters can understand.
(Score: 5, Insightful) by davester666 on Wednesday December 30 2015, @03:04AM
congress critters only understand cash. you give them a bundle of cash and a stack of paper with the "law" to enact.
(Score: 4, Interesting) by takyon on Wednesday December 30 2015, @03:30AM
It's the Librarian of Congress that grants exceptions to the DMCA:
https://soylentnews.org/article.pl?sid=15/07/27/0239200 [soylentnews.org]
https://soylentnews.org/article.pl?sid=15/10/06/0122250 [soylentnews.org]
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 2) by davester666 on Wednesday December 30 2015, @04:06AM
Except they are essentially pointless, as you can't count on them. You basically need a political appointee to agree with your exemption, and then do it again, every three years.
How can anyone base a business on an exemption that may have to either shut down or pay millions in damages in a few years [given that the exemption is accepted in the first place]? You might get some fly-by-night companies to use it, but certainly no significant business.
(Score: 2) by Gravis on Wednesday December 30 2015, @04:32AM
so, you dont know anything about the Library of Congress, eh?
(Score: 3, Interesting) by Non Sequor on Wednesday December 30 2015, @02:57AM
Philips Hue has a publicly available API and IFTTT, for example, can bridge that API to about 300 other APIs. Philips' position here is that they want to maintain a programmable interface as a marketing technique for selling lightbulbs.
A lot of people here will loathe that argument. However, this is a democracy and a whole lot of people who don't have any skin in this game are going to think that Philips' position is reasonable. If we were to set up a debate on the topic, I could probably give Schneier 15 minutes to outline his argument, and a Philips representative 1 minute, and I'll bet you that the majority will side with Philips.
What that means in practical terms is that you have virtually no hope of using this line of argument to gather popular support to repeal the DMCA anti-circumvention provisions. What is for some people an intolerable restriction, is no big deal for others.
Because of that, the idea that repurposing and adapting ideas is something that should be encouraged for its own sake is marginalized. We have copyleft and piracy ecosystems, but the ideas developed in these ecosystems aren't circulating into the legal system.
However, a quid-pro-quo modification to the anti-circumvention provisions of the DMCA whereby anti-circumvention protection is only available to providers that provide certain facilities for fair use and interoperability might be something that has more traction with the public.
Write your congressman. Tell him he sucks.
(Score: 0) by Anonymous Coward on Wednesday December 30 2015, @03:16AM
That's all right then. As long as the majority sides with the corporation, the DMCA must be cool.
Maybe if everyone thinks it's cool, we can re-up the Steamboat Willy copyright too?
(Score: 2) by fido_dogstoyevsky on Wednesday December 30 2015, @03:43AM
Maybe if everyone thinks it's cool, we can re-up the Steamboat Willy copyright too?
I thought that happened automatically?
It's NOT a conspiracy... it's a plot.
(Score: 0) by Anonymous Coward on Wednesday December 30 2015, @04:05AM
Maybe if everyone thinks it's cool, we can re-up the Steamboat Willy copyright too?
I thought that happened automatically?
Nope, the checks have to clear first.
(Score: 2) by Non Sequor on Wednesday December 30 2015, @04:08AM
That's all right then. As long as the majority sides with the corporation, the DMCA must be cool.
Right or wrong, democracy is the reality that you always have two options: coexist with other people's opinions or don't. I'm not saying you can't ever play the "don't" side of the spectrum, but if that ends up being your strategy for every problem, there's probably something wrong with you.
Maybe if everyone thinks it's cool, we can re-up the Steamboat Willy copyright too?
We failed to prevent the last extension, what that means is that we need to better develop the arguments against it and better convince people that it's not cool.
Write your congressman. Tell him he sucks.
(Score: 3, Insightful) by Anal Pumpernickel on Wednesday December 30 2015, @04:35AM
That's going to be difficult when so many people are either apathetic about or fundamentally opposed to freedom.
(Score: 5, Insightful) by ah.clem on Wednesday December 30 2015, @03:11AM
No matter what, all of these trendy "IoT" devices need an opt-out, even if it's just a ball-peen hammer. I have no interest in the IoT nor would I be a willing participant. And you know what else pisses me off? People that get upset with *me* because I choose to keep my phone off until I want to use it, and I don't empty out my messages so no one can leave me any. And no social media engagement is now a crime? What the fuck has happened to people in the last 10 years? How can we even be talking about an IoT with a straight face? Man, this is crazy shit, and I'm usually pretty rational in my postings here.
We need to get a grip and take back control. I guess I'm now officially a luddite, but I'm sick and tired of all this shit being jammed at me 24/7. The only way to be alone is like 30 years ago, toss some food and water in a backpack, grab your best compasses and sectional, and go off for a walk for a few days or a week or whatever.
(Score: 3, Interesting) by patella.whack on Wednesday December 30 2015, @03:49AM
I hear you, and I doubt you're a luddite, and I'm not either, but this claim is so very suspect:
"In theory, connected sensors will anticipate your needs, saving you time, money, and energy."
Really? Do any of us think this forwards those goals in any substantial way??
(Score: 3, Funny) by cmn32480 on Wednesday December 30 2015, @03:53AM
Welcome to the club. We meet every other Thursday, and we have a newsletter if you would like to subscribe.
"It's a dog eat dog world, and I'm wearing Milkbone underwear" - Norm Peterson
(Score: 3, Touché) by takyon on Wednesday December 30 2015, @05:10AM
An electronic newsletter?
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 0) by Anonymous Coward on Wednesday December 30 2015, @05:55AM
Well, usually it's dead-tree, but we have other options available. [backpacker.com]
(Score: 0) by Anonymous Coward on Wednesday December 30 2015, @03:35AM
Wikipedia: Specialty Equipment Market Association [wikipedia.org]
SEMA isn't just an organization that has a huge car show in Vegas every November where every car looks like it came out of The Fast and The Furious or your local circle track or dragstrip. They support the aftermarket modification and repair of motor vehicles. Among SEMA's original founders were the people behind Cragar wheels, Mooneyes, and Edelbrock. Without SEMA, car owners would probably be stuck buying car parts directly from the vendor.
The FTC also has regulations related to the Magnuson-Moss Warranty Act [ftc.gov] that make it illegal for a manufacturer or dealer to deny warranty claims simply due to an aftermarket part being used, or that a non-dealer performed the work.
Of course, proprietary lock-in is the dream of every new "disruptive innovator" trying to spin up an economy. It's (mostly) too late for manufacturers of PCs to try to create a locked-in ecosystem, but the IoT fad is doing its best to create lock-in. Between this lock-in threat and the myriad security vulnerabilities, the best advice you can give someone thinking about jumping into the IoT fad is to avoid it like the plague, and think of a traditional way to solve the problem, such as a cheaper timer-based digital thermostat, or using a pen and paper in the morning to track what groceries need to be bought on the drive home from work.
(Score: 3, Informative) by redneckmother on Wednesday December 30 2015, @04:41AM
s/consumer/customer/
"What we've got here is failure to communicate".
Our society has lost sight of the difference between "customers" and "consumers". I believe that society at large has surrendered to "consumerism". We need a "paradigm shift" (yeah, I know, "paradigm" has become a "buzzword bingo" high score).
Mas cerveza por favor.
(Score: 2) by c0lo on Wednesday December 30 2015, @07:10AM
Ha! That's good shot for the "understatement of the year" prize. To be accurate, customer is an extinct concept.
The last vestigial remnants of the customer are the 3rd-world countries: it is where the low level of industrialization and low purchasing power dictate that a longer life/better quality of a product serves better the buyer and, as such, are product traits which drive increased market share.
For anyone else, there are such things as (but not limited to):
Apple manages to sell a new version and, within a year convince, almost everyone of its consumers to upgrade, even of the older version serves fine the actual needs of their owners. Coincidence? I don't think so.
--
Come on, resolve the acronym to the words it represents. It says: Consumer Electronics Show
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by FatPhil on Wednesday December 30 2015, @02:59PM
And I don't mind being labelled a "consumer". If you overlook a few minor things like houses, I *consume* way more than I *custom* (assuming there is such a verb. My needs are almost entirely satisfied, apart from the needs that I regenerate by losing heat, shitting, pissing, and getting bored. Therefore I consume food, drink, electricity, and bits. That's more true for others less financially stable than me, as they're not customers for things like houses.
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 0) by Anonymous Coward on Wednesday December 30 2015, @07:16PM
You do not "consume" bits.
I am not a consumer; I am a citizen. Our consumerist society encourages greed and waste, and that should really be avoided.
(Score: 3, Insightful) by VLM on Wednesday December 30 2015, @04:39PM
The main thing I see with IoT BS is not limited choice; we're used to that, there's only one big box store in town and there's only one factory in China making all the junk for it and slapping different marketing labels on it, just like clothes, we're collapsing commodity markets into monopolies / oligopolies as fast as we can, and with that comes elimination of choice, aside from minor details about your light bulb being smart or dumb. Of course you're not going to get choice in light bulbs, go ahead, try to buy a 100 watt incandescent bulb, or buy a bulb from a manufacturer who didn't bribe "the" corporate buyer with the right season tickets such that you'd be permitted to have the chance to buy it. Lack of choice is normal in a declining civilization, not an outlier.
The main thing I DO see with IoT is the glorification and mindless worship of unpredictability. Not only do you have no idea what your thermostat will do and when it'll do it, its an inherently good thing because cloud buzzword bingo technobabble. Why by spending hundreds of dollars to upgrade your light bulbs and thermostats and security lights and refrigerator and WTF else, you'll finally achieve the nirvana of having no idea why anything happens or being able to predict anything. Why, your light bulbs might be controllable today, might be tomorrow, who knows? Maybe the algo will change for your thermostat, who knows? Will this energy saving clothes washer clean your clothes? Probably not, but who knows, maybe. Will this water saving toilet that saves 20% per individual flush require 3 flushes or 4 flushes, who knows, who cares, as long as you can signal to other people that you're "green" because your toilet doesn't work right.
Its an inherent and intentional push to a religious, mystical outlook on the world and away from rational thought. Why would you want to know if its below 68F your furnace is on and above 70 F and the furnace shuts off, why do all that thinking instead of sending your money to Google's Nest and praying they help you? Why would you want to know that flipping that switch on will always turn on the light bulb, when instead you could fumble with your phone for 30 seconds to find out if randomly maybe you can control that 3rd party light bulb... or maybe not. Who wants that cognitive load of understanding and remembering light switches when you can just pray to the Philips company, send them your money for salvation, and maybe they reward your prayers with light; maybe not; thats not for an unthinking underling like yourself to know. God works in mysterious ways. Google is your new God ... and thermostat. You do the math on that one.
(Score: 1, Funny) by Anonymous Coward on Wednesday December 30 2015, @06:10PM
Will this water saving toilet that saves 20% per individual flush require 3 flushes or 4 flushes, who knows, who cares, as long as you can signal to other people that you're "green" because your toilet doesn't work right.
Meh, that hasn't been the case for the last decade or so. They've fixed the problems with early low-flow toilets. Newer low-flow toilets will reliably flush an entire Thanksgiving meal's worth of poo. I'm not a greentard, but had no choice (in this "free" country) when my old toilet crapped-out 8 years ago. I replaced it with a cheap low-flow American Standard toilet that honestly works better than the 1974-vintage toilet it replaced.
(Score: 2) by meisterister on Wednesday December 30 2015, @06:23PM
Devo, Freedom of Choice
(May or may not have been) Posted from my K6-2, Athlon XP, or Pentium I/II/III.
(Score: 2) by sjames on Thursday December 31 2015, @09:34PM
Phoning home and the "updates" are the crazy part. Made even worse when they think you should have to subscribe to some service just to be able to actually use the device when the thing it replaces or "upgrades" was expected to be yours for life with no further obligation.
I find it astonishing that companies feel free to send out updates that cripple functionality and the FTC doesn't even blink.
I'll have to amend, devices with local functionality that insist on connecting to the cloud (It's so FLUFFY) just in case I want to flush my toilet (3 or 4 times) when I'm at work are also crazy. Just to make it worse, it's not even an option. Even if I'm at home and want to control a device in that very same home, they want me to log in to a website out there somewhere (for now anyway. Tomorrow, who knows?) rather than sending a direct command.