EFF in the News
The tech giant known for its laptops and printers made a controversial decision to quietly trigger a digital lock in the September firmware update. After the update, any customer who attempted to print with a non-HP cartridge would deactivate the printer and receive a cartridge replacement warning. The printer would not resume working until an HP brand cartridge was inserted.
"We should have done a better job of communicating about the authentication procedure to customers, and we apologize," HP said in a corporate blog post last Thursday.
According to the Tuesday report, Yahoo acceded to a 2015 government directive to give email access to the National Security Agency or the FBI. Reuters cited anonymous sources including two former employees and another person with knowledge of the events. Yahoo continues to face questions about a breach in 2014 that compromised at least 500 million accounts.
Yahoo secretly built software in 2015 that let it search the incoming emails of its hundreds of millions of users on behalf of the U.S. government, Reuters reported Tuesday.
“They secretly scanned everything you ever wrote, far beyond what law requires. Close your account today,” tweeted Edward Snowden, the former National Security Agency contractor who leaked details about the government’s surveillance programs in 2013.
“The Fourth Amendment implications are staggering,” tweeted Andrew Crocker, a staff attorney with the Electronic Frontier Foundation, a California-based digital rights group.
A major distributed-denial-of-service (DDoS) attack on cybersecurity blog Krebs on Security reminded technology users that faulty Internet of Things (IOT) security makes all of our devices and appliance vulnerable. But some manufacturers may not be willing to spend money to make their appliances more secure, said Electronic Frontier Foundation (EFF) Senior Staff Attorney Lee Tien. For a company designing a new fitness tracker, "it would be a lot easier and a lot cheaper to design it without having storage and all sorts of things that people think they should have," Tien said.
According to a document obtained by The Intercept, your blue-bubbled texts do leave behind a log of which phone numbers you are poised to contact and shares this (and other potentially sensitive metadata) with law enforcement when compelled by court order. Andrew Crocker, an attorney with the Electronic Frontier Foundation (EFF), said the document prompted further questions: “How often are lookups performed? Does opening [an iMessage] thread cause a lookup? Why is Apple retaining this information?”.
The charge was taken up by the Electronic Freedom Foundation, a San Francisco-based group that takes stands against government surveillance and other tech-policy matters. The group on Monday sent a letter to Dion Weisler, HP’s chief executive, arguing in part that HP’s action could cause customers to become wary of software updates that are increasingly important to improve security.
“By giving tens of millions of your customers a reason to mistrust your updates, you’ve put them at risk of future infections that could compromise their business and home networks, their sensitive data, and the gadgets that share their network with their printers, from baby monitors to thermostats,” wrote Cory Doctorow, an EFF special adviser.
The EFF, which has long criticized the way companies use various forms of digital rights management technology, began an online petition asking readers to demand that “HP make amends for its self-destructing printers.” It has received more than 10,000 signatures, said Elliot Harmon, who holds the title of activist at the group.
HP did apologize for its poor communication about the firmware update and promised to be more "transparent" in the future. But that alone won't satisfy the Electronic Frontier Foundation, which called on HP for a public commitment to never again use its software update process "to distribute anti-features that work against [HP] customers' interests."
The EFF told Ars today that it's glad to hear about the firmware update, but it wants to know what HP's plans are for informing users. "Today, the vast majority of people who use the affected printers do not know why their printers lost functionality, nor do they know that it’s possible to restore it," EFF Activist Elliot Harmon said. "All of those customers should be able to use their printers free of artificial restrictions, not just the relatively few who have been closely following this story."
“You must be aware that this decision has shocked and angered your customers,” wrote Cory Doctorow of the Electronic Frontier Foundation (EFF) in an open letter, in which he suggested steps HP should take to “begin to repair the damage it has done to its reputation and the public’s trust.”
Doctorow added that HP’s customers should be able to choose the ink they put in their printers in much the same way Cuisinart toaster owners can choose their bread. He criticized the company for sneaking the functionality onto printers via what purported to be a security update, arguing that if people mistrust security updates, they might leave their product vulnerable to attack.
Mitch Stoltz (@mitchstoltz) is a Senior Staff Attorney at the Electronic Frontier Foundation. Mitch works on cases where free speech and innovation collide with copyright and trademark law. His current projects include improving the legal environment for mobile software developers and tinkerers, fighting the use of copyright as a tool for censorship, litigation on the copyright status of mandatory safety codes, and legal analysis in the field of Internet television and video. Mitch also counsels clients on Internet video technology and open source software licensing.
San Francisco’s Electronic Frontier Foundation, which promotes online free speech, said it receives queries at least weekly from consumers being sued over online reviews, usually on Yelp and sometimes on Glassdoor, a site where employees rate their workplaces, said staff attorney Sophia Cope. The EFF does not take individual cases, however.
“We need a federal law that applies in all states,” Cope said.