#so its not that unless its not photosensitive epilepsy | Explore Tumblr posts and blogs

marculees · 4 years ago

Text

Epilepsy Awareness Month💜

I recently seen this post by��@interstellix who made great points about epilepsy for Epilepsy Awareness Month. It sums it up really well so I suggest you give it a read and reblog! Its nice to find another photosensitive here too because we’re such a small group within the epilepsy community. I deal with anxiety on top of my epilepsy and while they aren’t always related to each other, I don’t hear enough about the day-to-day worries of epileptics. Things that seem completely normal or fine to some people can be dangerous for me, which is why stuff like giving trigger warnings are much appreciated. But often, non-epileptics don’t know about what its like to actually live with epilepsy - not just having seizures. I want to add on some of my own experiences with a funky clickbait title, below the cut. Anyone who reads this all is a star and ily⭐️

10 Things Non-Epileptics Don’t Get (Yet)

1. That moment in movies when the character wakes up and a bunch of faces are gawking down at the camera uncomfortably. Always have someone to stay with the person having a seizure. But out of care for both that person and the people around, its best to get everyone else away. No one enjoys watching someone have a seizure - it’s scary and knowing you can’t stop it can ignite feelings of guilt or panic. For the person having the seizure, its embarrassing - they aren’t even conscious of what’s happening and for all they can remember, they were minding their own business and now they’re waking up and barely able to move their body without wincing in pain.

*TW: BODY FLUIDS* I’ve literally puked, shit and pissed myself all at the same time unconsciously in front of a room of people. I’m lucky these people were my family but it doesn’t make it any less embarrassing or upsetting knowing that everyone there saw me in such a state. A fear I had growing up was having a seizure in front of my class and the students making comments about it, thinking it was funny. In today’s age, filming seizures is something to worry about too because of how easily it can be shared to others online. Even if you aren’t an arsehole like that, try to be as respectful as possible and get everyone else to evacuate the room. At most, have three people to stay there: one person to stay close and time the seizure, one person to move furniture away and find something soft to lay under the epileptic’s head, and one person for crowd control who is keeping everyone else out and reassuring them all it’s okay.

Whatever you do, don’t make the epileptic feel bad for having a seizure. They can’t control it. Afterwards, comfort them and let them know its all over and you’ll stay with them until they feel better (unless they say they would rather be alone). Most of the time, the epileptic will be so tired and sore after their seizure that they’ll fall asleep. Let them; they need it. I’ve woken up on a couch, in my bed, the back of an ambulance or in a hospital bed and sometimes I was laying there for half an hour, sometimes a whole day. Knowing someone was there is relieving. Knowing everyone was there is shaming and it doesn’t make you feel any better when they’re all in your face afterwards too. Don’t be the camera crew.

2. Travelling alone is either a dream or everyday reality for a lot of people, but its a no-go for some of us. I was raised in a very overprotective household and still today, I don’t have a lot of freedom. Driving is usually one of the first bits of independence you get, but not for me. I’ve had seizures while out travelling because of the SUN. The sunlight flickering through trees, railings or bouncing off surfaces have triggered seizures in me where my family have had to pull over. The thought of being the one driving in such a scenario is terrifying to me, my loved ones and everyone else on the road. Driving is such a normalised thing for people my age that I’m embarrassed to bring up my own case unless someone specifically asks.

Then you have public transport. The sunlight issue is also here but this time, you’re with a bunch of strangers (see Point 1 again). Something my mum drilled into my head since I was younger was that if I ever got public transport by myself, then I could have a seizure and someone would film it and another person would rob me (and then you wonder why I have an anxiety disorder). I got my first bus by myself when I was 19 and for something so mundane to most people, it was like a little adventure to me. My mum didn’t approve but she complained about having to drive me everywhere too. While its fun to get the bus into town every now and then though, it becomes a bigger issue when travelling is a daily requirement and you aren’t able/allowed to drive yourself.

Free public transport doesn’t always include those with epilepsy, depending on which country you live in. What do you do when an employer asks if you can drive? What do you do if you have committments to go to and no one is around to drive or come with you? Or you need to explain why you’re going out, every single time, because someone else has to decide whether its worth the risk. Sunny roadtrips? Want to be a pilot? That last one isn’t a joke, by the way! I used to get a coach/private bus to college and if it was sunny, I’d pull the curtain over, wear my sunglasses and try to nonchalantly cover one eye to help. You can’t really get a curtain while driving your own car though and driving one-handed is not cool, its irresponsible.

3. Staying up all night talking with someone you love isn’t as romantic as we’d like it to be. All-nighters, i.e. lack of sleep, are a huge trigger for many epileptics. I wasn’t allowed to go to sleepovers with friends as a kid until I was 13, and at that sleepover I ended up having a seizure in the middle of the night after waking up to use the bathroom. Not to flex, but I had a seizure on the toilet. Where’s the weirdest place anyone else has had a seizure?. As a result of that, I was put back on medication after being told I was growing out of my seizures and had been med-free for one whole year. I’d love to stay up with a loved one and spend the night talking or watching movies, but I think a seizure would be more of a killjoy than going to bed early.

3. Unless you’re the paparazzi, camera flashes won’t give photosensitive epileptics seizures. Its a small gesture and I do appreciate it, but don’t worry - one small flash from a camera will not send my brain into override. Just don’t be taking photos from 5 different phones at the same time for more than one pic. Standing and waiting for people to take a photo all at the same time is awkward already because you don’t know who to look at, what to do with your hands, if you should change pose, smile or not, etc. Just take one flash photo and be done, or don’t use the flash at all if you don’t need to. Ring lights are a common thing now, by the way and I love them? Bye-bye camera flash!

I don’t blame anyone for having these types of concerns though. The only time you’re probably warned about flashing lights is when you’re about to watch a news report or awards show where there will be paparazzi and performances will be aired. Concerts are another thing that can be risky depending on the genre, size of the venue, whether its indoors or outdoors (if you’re like me and enjoy EDM music, you’ll have a very low chance of actually attending or watching anything live fdkslbjfdhb). Those things we avoid. But you taking a photo with a once-off flash will be okay, don’t worry. Seizures aren’t triggered by a single flash, but rather multiple flashes in a short period of time. They’re called Hertz and that shit hertz when its between 3-30 flashes per second. Also, fuck strobes, the Incredibles 2, Into The Spiderverse and any other movie that uses these for unnecessary effect.

4. Not everyone is diagnosed with epilepsy in their childhood and though some might grow out of it as they get older, not everyone will. I thought I had been growing out of it on two occasions (see point 3 again and point 9). Some people only get diagnosed with epilepsy later into their life. If you’re diagnosed while young, its easier to adjust your life because you’re growing up with it as your norm and its something you’ve just learned to live with. But for some people, they suddenly have to change their entire routine that they’ve established since they became an adult. Be sympathetic to those with epilepsy in their adult years, especially those who only got a diagnosis. Its not just a disability for children.

5. There are different types of seizures and one that’s commonly misunderstood is the partial seizure. These types of seizures have been mistaken for people being drunk or high (i.e. slurred speech, difficulty standing up or walking in a straight line, etc.), which has led them to getting kicked out of venues for something they have no control over. Swimming pools seem to be a common place for these bans, as well as gyms. Sometimes, these people are still somewhat aware they are having a seizure but cannot control them, which is really scary to think about. I don’t have them myself but I cannot imagine how frustrating they must be to not be taken seriously and instead as someone being high or intoxicated and then being punished for that. Alcohol is usually avoided as it can trigger seizures but when these seizures happen at social events, people can get the wrong idea. If you know someone who has these types of seizures, keep an eye on them if you’re out together. We’re usually only allowed one pint and hardly anyone gets that drunk after just one, so be aware that its likely they aren’t actually hammered but having a seizure instead.

6. Nobody likes being overworked but school, college, jobs and sport can very hard on us. Unless you’ve had a seizure, your teacher or boss probably won’t extend a deadline for you. The latter might even fire you. Chronic fatigue isn’t taken seriously. School is one big memory test in most countries, but for those with aura seizures, their ‘spacing out’ can affect how information they are actually taking in. Side-effects of meds can also make concentration and memory tough, and I hate how forgetful I can be because then I feel like I’m unreliable even though I push myself to give 110% anyway. Some activities like sports and physical education can be more draining than they would be for the average person, and sometimes I’d have to sit out during these activities because I felt an aura coming on after overexerting myself. I wish I could sit out having multiple assignments and group projects due in the same week, but college doesn’t work that way. I wish I could tell employers that I might not have that presentation done by the end of the day, but that wouldn’t go down too good either.

If you know someone who takes longer to complete tasks that might seem simple to you, ask yourself if you’ve ever considered they might have epilepsy or another chronic illness or disability. Don’t assume they’re lazy if they need to take an extra day or two to complete their final essay or have to stop their beep test earlier than the rest of the class. I didn’t know a good average for the beep test was 8-9, because no one ever told me. I pushed myself to 16 because I was scared people would think I was lazy and that I was dropping out to be with the other girls who agreed beforehand. I then ended up having an aura that almost slipped into a full seizure. I also almost had a seizure an hour before my religion exam in my Junior Cert at school. My mum even insisted I stay home and miss my State exam because of it. I still went though, took a bathroom break because I had another aura, and finished with an ‘A’ but had it been a different day, I might not have been so lucky. Its about knowing yourself and your limits, but we aren’t always informed that they should exist and then you end up doing stupid things like me that could hurt you. Likewise, its important to be understanding that not everyone can work at the same pace as you. It doesn’t make the quality of our work any less even if we need more time or energy to do it.

7. Side-effects aren’t always in the short-term. My own meds are advised to not be taken long-term as they weaken my bones over time. I’m 21 now and I’ve been on meds since I was 8. I wanted to reduce my dosage and eventually become med-free last year but the neurologist told me I still had brain activity and needed to stick with them. In fact, they almost ended up prescribing me more even after I had told them I was five years seizure-free. Why? See point 9. I’m lucky though because I’ve only been on one type of med. Some people can take years to find what works and their neurologists will prescribe them all sorts and leave them with awful side effects. Only last year I was chatting with a woman whose meds had caused sudden depression and fits of anger in her after she had been diagnosed and given her prescriptions. She eventually got brain surgery instead.

8. If you have a uterus and/or want to have children, do your research and a LOT of it. Birth control is usually a tough decision to make and often times, it can feel like you have no choice. Its so important to check with multiple neurologists and doctors which form of birth control is the best for you with your medication, because even the slightest new introduction to your meds box can have unpleasant side-effects. With the current medication I’m on, I can’t take the pill unless I want to increase my current dosage of meds as the pairing cancel each other and make me more vulnerable to seizures and other side-effects. I’m not pregnant and yet I have to take daily folic acid supplements because my meds cancel that out too. Every month or two, I will faint or almost faint on the first day of my period and I’m more vulnerable to having a seizure during that time. If I ever want to give birth, my children can possibly inherit my condition or be stuck taking care of me when I should be caring for them. I wouldn’t wish that upon anyone.

This is not to say that people with epilepsy can’t have fulfilling sex lives or raise families. But we just do it at a greater risk that even some neurologists aren’t aware of. I had to tell my neurologist last year why I didn’t want to go on the pill because HE didn’t know it interacted negatively with my meds. I’ve known women who were prescribed the pill or meds BY A PROFESSIONAL that interacted negatively with each other and gave them seizures as a result. It takes ‘find the right method for you’ to a whole new level. If your partner has epilepsy, its so important to discuss birth control and take their condition into consideration. I hear men telling their girlfriends to go on the pill so that they don’t have to use a condom, which is really selfish for a start and also disregards other forms of birth control. Do your research but let them and their own trusted neurologist decide which form is best. You should still be using a condom to protect yourselves anyway! And if you and your epileptic partner decide you would like to have children, do the same process and make sure that they are in a safe position to do so.

9. *TW: DEATH* Threatening (even ‘jokingly’) to trigger a seizure in someone is playing with that person’s life. SUDEP (Sudden Unexpected Death in Epilepsy) affects roughly 1 in 1000 people each year. Even if that person doesn’t die after their seizure, you may have just broken a record they set for days, months or YEARS without a seizure. You just revoked their driving license and they weren’t even behind a wheel. You just prescribed them new doses of medication without any years of medical school.

Growing up, I had countless incidences where classmates would joke about making me have a seizure. If the teacher left the room for anything, the first thing they would do is run up to the lightswitch and fuck around with it. In secondary school, I stopped using the bathroom at lunch because one of the girls thought it was funny to deliberately flick the lights on and off anytime I was inside. She would snicker and call out to me while I was in the stall, asking if it could make me have a seizure. Even after saying yes, she continued to do it. If I did end up having a seizure in that bathroom, god knows what could have happened. I had a seizure in a bathroom before and was lucky I only hurt my jaw as my head slammed against the wall. Others aren’t so lucky. Injuries from seizures can be brutal, just like OP said. Yeah, you might not kill them by triggering a seizure, but what injuries do they have to deal with after?

Imagine playing a game for years and you spent ages collecting all the items, defeating every boss and proudly showing off the trophies you won. Now imagine someone suddenly pulls the cord as you’re playing; your game freezes, the screen shuts to black and when you try to frantically start it up again and see where you had remembered to last save, it says your data is corrupted and deletes everything without your permission. It doesn’t matter where or when you saved. You have to start your progress all over again. You can try memorise the strategies from before but the game switches things up and suddenly you’re hit with a difficulty spike out of nowhere. The person who joked around and pulled the plug doesn’t have to do anything. And if they wanted to, they could do the same thing again and again. Don’t be that person. Be their Player 2 and help them. If they need to go into a dungeon but they’re scared to be alone, offer to cover their back. If their health is low, find them a safe spot and let them heal. The same goes for appointments and seizures. Its not a multiplayer game by default and while they can power through solo, that doesn’t mean they don’t need help if they’re ever stuck.

10. To end on a more positive note, there are lots of successful people out who have/had epilepsy and you probably never even knew. Cameron Boyce’s passing brought attention to SUDEP and celebrities with epilepsy but did you also know about these people and their own cases and seizures?

Prince

Elton John

Lewis Carroll

Danny Glover

Lil Wayne

Neil Young

Hugo Weaving

Charles Dickens

Julius Caesar

Vincent Van Gogh

Theodore Roosevelt

Adam Horovitz

Susan Boyle

Rick Harrison (the Pawn Stars guy!)

And some who are not confirmed (due to medical practices of the time) but are suggested as a result of numerous seizures:

Leonardo da Vinci

Michelangelo

Edgar Allen Poe

Agatha Christie

Socrates

Napoleon Bonaparte

Aristotle

Alexander the Great

Epileptics are humans, normal people just like you. And like you, they’re capable of great things too. If you think about making a crude comment to someone with epilepsy, think about these people and ask yourself if you would say the same things to them.

If you read all of this, comment with a ⭐️ and please reblog to spread awareness. Whenever we talk about epilepsy, we start and stop the conversation at seizures. Its good to bring awareness to the other things too because its something that affects every part of our lives. Its an invisible disability but that doesn’t mean we are hidden from the disability community and discussion!

#actually epileptic #epilepsy awareness month #epilepticon2020 #just epilepsy things

15 notes · View notes

beardycarrot · 5 years ago

Photo

Eizouken probably won’t be my 2020 anime of the year, despite how much I love traditional animation, Mirai Shounen Conan, and girls whose driving motivation can be summed up as STRAIGHT UP CASH MONEY… but its opening is a strong contender. It’s just so… unlike anything else. After watching it I’m returned to the real world and don’t really know what to do with myself. Is this what taking drugs is like? Look at those images again, and try to imagine the song they’re set to, what other than these silly dance moves you might see.

Then, watch. Unless you have photosensitive epilepsy.

youtube

#eizouken

9K notes · View notes

aion-rsa · 4 years ago

Text

Cyberpunk 2077’s Epilepsy Concerns Represent a Bigger Problem

https://ift.tt/eA8V8J

A recent Game Informer article reveals that Cyberpunk 2077 features several notable sequences that may cause epileptic seizures and other health risks.

The report comes from Game Informer editor Liana Ruppert who describes herself in the article as “someone that does have seizures myself due to an injury from my time when I was active duty.” She goes on to explain that her condition prohibits her from being able to play certain games and that she “suffered one major seizure” while playing Cyberpunk 2077.

Sadly, Ruppert also revealed later on Twitter that some people have started sending her videos designed to induce epileptic reactions in response to her reporting on this subject.

Warning: I’ve been sent hundreds of videos disguised as support that are deliberate flashing to induce photosensitive triggers. If you’re sharing this saying you’re epileptic and receive a video, don’t press play. I’m back to being on my ass. Be better, please.

— Liana Ruppert (@DirtyEffinHippy) December 8, 2020

cnx.cmd.push(function() { cnx({ playerId: "106e33c0-3911-473c-b599-b1426db57530", }).render("0270c398a82f44f49c23c16122516796"); });

Why would anyone do that? That’s a question that we should all be asking, and the unfortunate answers to that question lie in the heads of those who would resort to such actions. We’ve seen fans who have gone out of their way to defend Cyberpunk 2077 and developer CD Projekt Red against anything they perceive to be an attack against the game, but the idea that there are people out there who are so blindly loyal to a game and company that they would attempt to seriously harm someone over a health PSA is unfathomable.

What’s especially odd is that Ruppert’s report is largely designed to be informative rather than any kind of “attack piece” against the game. She��s even asked people to focus more on the game’s triggers and what can be done about them and less on those who are actually attacking her:

Please stop sharing the part about people sending me videos. That sucks, it’s criminal, but now the entire conversation is about that and not on the whole reason I wrote the piece to help make gaming safer. Please keep the focus where it belongs: on accessibility, I’m begging 🙏🏻

— Liana Ruppert (@DirtyEffinHippy) December 8, 2020

That being the case, let’s focus on Cyberpunk 2077‘s epilepsy triggers as they’re not only potentially dangerous but raise questions that need to be answered regarding what can be done about them.

As the article notes, Cyberpunk 2077 features various moments of flashing lights and other intense visual sequences that could trigger negative reactions among some players. For instance, she references sequences involving Johnny Silverhand as likely triggers for some players who struggle with epileptic seizures and other harmful reactions to flashing lights.

However, the bulk of the article focuses on a specific trigger that occurs when players participate in one of the game’s numerous braindance sequences. Those sequences require players to wear a headset that puts flashing blue lights in front of your character’s eyes. Based on a previous gameplay preview of Cyberpunk‘s braindance sequences, this seems to be the headset in question:

As Ruppert points out, that headset not only puts flashing lights directly in front of the player’s eyes, but the design of the headset itself resembles a device used by neurologists to study epileptic seizures and similar attacks. That could just be a coincidence, but it does feel strange that the thematic idea of a braindance does seemingly involve the idea of triggering an intense reaction in the user’s brain. The player’s character even comments on the intensity of the sequence, and it sounds like many of the braindance story segments feature additional moments of flashing lights that are designed to convey transitions into deeper parts of the memory.

At this point, you may be wondering whether or not Cyberpunk 2077 features an epilepsy warning. To be honest, we can’t answer that question with absolute certainty at this time. While some of those who have watched leaked footage of Cyberpunk 2077‘s first few hours noted that they did not see an epilepsy warning, the official information is still somewhat vague. CD Projekt Red has stated in their response to this matter that their EULA features a warning, but the implication is that warning isn’t specifically conveyed in-game:

Thank you for bringing this up. We’re working on adding a separate warning in the game, aside from the one that exists in the EULA (https://t.co/eXpPn73VSK). Regarding a more permanent solution, Dev team is currently exploring that and will be implementing it as soon as possible. https://t.co/lXFypnSit2

— Cyberpunk 2077 (@CyberpunkGame) December 8, 2020

For the moment, let’s assume that there is going to be an epilepsy warning in the game even if there isn’t one already. That still doesn’t address the bigger problem that people are already pointing out: accessibility and fundamental design accommodations.

Unless Cyberpunk 2077 (and other games) intend to present warnings before every event which could possibly trigger an epileptic reaction, there’s simply no way for anyone whose health is at risk to know when one might occur. As this excellent video on this subject even points out, it’s difficult (if not impossible) for developers to develop a universal “safe mode,” as triggers can vary so much from person to person that there’s no great way for a developer to guarantee the safety of every individual user:

The point is that any possible solutions to this problem involve a mix of clear communication, direct avoidance of the most common visual triggers, a fundamental rethinking of basic design concepts, and any optional accommodations that can be offered which may reduce the potential impact of these sequences when they do occur. It also means that when people point out that there is a potential problem in a game, the move is to learn from them rather than attack or dismiss them.

Too often, though, we see incidents in the gaming community of people being attacked for pointing out ways that developers can better accommodate not just the personal preferences of players but their needs. While companies like Microsoft have made tremendous strides in creating hardware and software designed to accommodate as many needs as possible and developers like Naughty Dog have implemented previously unprecedented accessibility options, this isn’t the kind of subject which can be brushed aside whenever we see an example of how things have gotten better. The important thing to realize is that when people point out the ways that a game falls short of account for their needs, they’re not “complaining” or trying to hinder your enjoyment of a game. More often than not, they’re simply just trying to also be able to also enjoy that game as well and maybe help others prevent problems before they happen.

The fact of the matter is that what we know right now strongly suggests that Cyberpunk 2077 does not do enough to mitigate its visual risks. While its shortcomings in that respect can be attributed to a variety of factors that are not necessarily indicative of any intentional wrongdoing, it is now up to CD Projekt Red, other developers, and everyone in the gaming world to do everything they can to show the proper reaction to these revelations is to find a way to do better.

The post Cyberpunk 2077’s Epilepsy Concerns Represent a Bigger Problem appeared first on Den of Geek.

from Den of Geek https://ift.tt/33XSde2

#aion-rsa #Den of Geek

0 notes

mostlysignssomeportents · 7 years ago

Text

DRM's Dead Canary: How We Just Lost the Web, What We Learned from It, and What We Need to Do Next

PLEASE REBLOG THIS

EFF has been fighting against DRM and the laws behind it for a decade and a half, intervening in the US Broadcast Flag, the UN Broadcasting Treaty, the European DVB CPCM standard, the W3C EME standard and many other skirmishes, battles and even wars over the years. With that long history behind us, there are two things we want you to know about DRM:

Everybody on the inside secretly knows that DRM technology is irrelevant, but DRM law is everything; and

The reason companies want DRM has nothing to do with copyright.

These two points have just been demonstrated in a messy, drawn-out fight over the standardization of DRM in browsers, and since we threw a lot of blood and treasure at that fight, one thing we hope to salvage is an object lesson that will drive these two points home and provide a roadmap for the future of DRM fighting.

DRM IS TECHNOLOGICALLY BANKRUPT; DRM LAW IS DEADLY

Here's how DRM works, at a high level: a company wants to provide a customer (you) with digital asset (like a movie, a book, a song, a video game or an app), but they want to control what you do with that file after you get it.

So they encrypt the file. We love encryption. Encryption works. With relatively little effort, anyone can scramble a file so well that no one will ever be able to decrypt it unless they're provided with the key.

Let's say this is Netflix. They send you a movie that's been scrambled and they want to be sure you can't save it and watch it later from your hard-drive. But they also need to give you a way to view the movie, too. At some point, that means unscrambling the movie. And there's only one way to unscramble a file that's been competently encrypted: you have to use the key.

So Netflix also gives you the unscrambling key.

But if you have the key, you can just unscramble the Netflix movies and save them to your hard drive. How can Netflix give you the key but control how you use it?

Netflix has to hide the key, somewhere on your computer, like in a browser extension or an app. This is where the technological bankruptcy comes in. Hiding something well is hard. Hiding something well in a piece of equipment that you give to your adversary to take away with them and do anything they want with is impossible.

Maybe you can't find the keys that Netflix hid in your browser. But someone can: a bored grad student with a free weekend, a self-taught genius decapping a chip in their basement, a competitor with a full-service lab. One tiny flaw in any part of the fragile wrapping around these keys, and they're free.

And once that flaw is exposed, anyone can write an app or a browser plugin that does have a save button. It's game over for the DRM technology. (The keys escape pretty regularly, just as fast as they can be revoked by the DRM companies.)

DRM gets made over the course of years, by skilled engineers, at a cost of millions of dollars. It gets broken in days, by teenagers, with hobbyist equipment. That's not because the DRM-makers are stupid, it's because they're doing something stupid.

Which is where the law comes in. DRM law gives rightsholders more forceful, far-ranging legal powers than laws governing any other kind of technology. In 1998, Congress passed the Digital Millennium Copyright Act (DMCA), whose Section 1201 provides for felony liability for anyone commercially engaged in bypassing a DRM system: 5 years in prison and a $500,000 fine for a first offense. Even noncommercial bypass of DRM is subject to liability. It also makes it legally risky to even talk about how to bypass a DRM system.

So the law shores up DRM systems with a broad range of threats. If Netflix designs a video player that won't save a video unless you break some DRM, they now have the right to sue -- or sic the police -- on any rival that rolls out an improved alternative streaming client, or a video-recorder that works with Netflix. Such tools wouldn't violate copyright law any more than a VCR or a Tivo does, but because that recorder would have to break Netflix DRM, they could use DRM law to crush it.

DRM law goes beyond mere bans on tampering with DRM. Companies also use Section 1201 of the DMCA to threaten security researchers who discover flaws in their products. The law becomes a weapon they can aim at anyone who wants to warn their customers (still you) that the products you're relying on aren't fit for use. That includes warning people about flaws in DRM that expose them to being hacked.

It's not just the USA and not just the DMCA, either. The US Trade Representative has "convinced" countries around the world to adopt a version of this rule.

DRM HAS NOTHING TO DO WITH COPYRIGHT

DRM law has the power to do untold harm. Because it affords corporations the power to control the use of their products after sale, the power to decide who can compete with them and under what circumstances, and even who gets to warn people about defective products, DRM laws represent a powerful temptation.

Some things that aren't copyright infringement: buying a DVD while you're on holiday and playing it when you get home. It is obviously not a copyright infringement to go into a store in (say) New Delhi and buy a DVD and bring it home to (say) Topeka. The rightsholder made their movie, sold it to the retailer, and you paid the retailer the asking price. This is the opposite of copyright infringement. That's paying for works on the terms set by the rightsholder. But because DRM stops you from playing out-of-region discs on your home player, the studios can invoke copyright law to decide where you can consume the copyrighted works you've bought, fair and square.

Other not-infringements: fixing your car (GM uses DRM to control who can diagnose an engine, and to force mechanics to spend tens of thousands of dollars for diagnostic information they could otherwise determine themselves or obtain from third parties); refilling an ink cartridge (HP pushed out a fake security update that added DRM to millions of inkjet printers so that they'd refuse remanufactured or third-party cartridges), or toasting home-made bread (though this hasn't happened yet, there's no reason that a company couldn't put DRM in its toasters to control whose bread you can use).

It's also not a copyright infringement to watch Netflix in a browser that Netflix hasn't approved. It's not a copyright infringement to record a Netflix movie to watch later. It's not a copyright infringement to feed a Netflix video to an algorithm that can warn you about upcoming strobe effects that can trigger life-threatening seizures in people with photosensitive epilepsy.

WHICH BRINGS US TO THE W3C

The W3C is the world's foremost open web standards body, a consortium whose members (companies, universities, government agencies, civil society groups and others) engage in protracted wrangles over the best way for everyone to deliver web content. They produce "recommendations" (W3C-speak for "standards") that form the invisible struts that hold up the web. These agreements, produced through patient negotiation and compromise, represent an agreement by major stakeholders about the best (or least-worst) way to solve thorny technological problems.

In 2013, Netflix and a few other media companies convinced the W3C to start work on a DRM system for the web. This DRM system, Encrypted Media Extensions (EME), represented a sharp departure from the W3C's normal business. First, EME would not be a complete standard: the organization would specify an API through which publishers and browser vendors would make DRM work, but the actual "content decryption module" (CDM) wouldn't be defined by the standard. That means that EME was a standard in name only: if you started a browser company and followed all the W3C's recommendations, you still wouldn't be able to play back a Netflix video. For that, you'd need Netflix's permission.

It's hard to overstate how weird this is. Web standards are about "permissionless interoperability." The standards for formatting text mean that anyone can make a tool that can show you pages from the New York Times' website; images from Getty; or interactive charts on Bloomberg. The companies can still decide who can see which pages on their websites (by deciding who gets a password and which parts of the website each password unlocks), but they don't get to decide who can make the web browsing program you type the password into in order to access the website.

A web in which every publisher gets to pick and choose which browsers you can use to visit their sites is a very different one from the historical web. Historically, anyone could make a new browser by making sure it adhered to W3C recommendations, and then start to compete. And while the web has always been dominated by a few browsers, which browsers dominate have changed every decade or so, as new companies and even nonprofits like Mozilla (who make Firefox) overthrew the old order. Technologies that have stood in the way of this permissionless interoperabilty -- for instance, patent-encumbered video -- have been seen as impediments to the idea of the open web, not standardization opportunities.

When the W3C starts making technologies that only work when they're blessed by a handful of entertainment companies, they're putting their thumbs -- their fists -- on the scales in favor of ensuring that the current browser giants get to enjoy a permanent reign.

But that's the least of it. Until EME, W3C standards were designed to give the users of the web (e.g. you) more control over what your computer did while you were accessing other peoples' websites. With EME -- and for the first time ever -- the W3C is designing technology that takes away your control. EME is designed to allow Netflix -- and other big companies -- to decide what your browser does, even (especially) when you disagree about what that should be.

Since the earliest days of computing, there's been a simmering debate about whether computers exist to control their users, or vice versa (as the visionary computer scientist and education specialist Seymour Papert put it, "children should be programming the computer rather than being programmed by it" -- that applies equally well to adults. Every W3C standard until 2017 was on the side of people controlling computers. EME breaks with that. It is a subtle, but profound shift.

WHY WOULD THE W3C DO THIS?

Ay yi yi. That is the three billion user question.

The W3C version of the story goes something like this. The rise of apps has weakened the web. In the pre-app days, the web was the only game in town, so companies had to play by web rules: open standards, open web. But now that apps exist and nearly everyone uses them, big companies can boycott the web, forcing their users into apps instead. That just accelerates the rise of apps, and weakens the web even more. Apps are used to implement DRM, so DRM-using companies are moving to apps. To keep entertainment companies from killing the web outright, the Web must have DRM too.

Even if those companies don't abandon the web altogether, continues this argument, getting them to make their DRM at the W3C is better than letting them make it on an ad-hoc basis. Left to their own devices, they could make DRM that made no accommodations for people with disabilities, and without the W3C's moderating influence, these companies would make DRM that would be hugely invasive of web users' privacy.

The argument ends with a broad justification for DRM: companies have the right to protect their copyrights. We can't expect an organization to spend fortunes creating or licensing movies and then distribute them in a way that lets anyone copy and share them.

We think that these arguments don't hold much water. The web does indeed lack some of its earlier only-game-in-town muscle, but the reality is that companies make money by going where their customers are, and every potential customer has a browser, while only existing customers have a company's apps. The more hoops a person has to jump through in order to become your customer, the fewer customers you'll have. Netflix is in a hyper-competitive market with tons of new entrants (e.g. Disney), and being "that streaming service you can't use on the web" is a serious deficit.

We also think that the media companies and tech companies would struggle to arrive at a standard for DRM outside of the W3C, even a really terrible one. We've spent a lot of time in the smoke-filled rooms of DRM standardization and the core dynamic there is the media companies demanding full-on lockdown for every frame of video, and tech companies insisting that the best anyone can hope for is an ineffectual "speed-bump" that they hope will mollify the media companies. Often as not, these negotiations collapse under their own weight.

Then there's the matter of patents: companies that think DRM is a good idea also lovesoftware patents, and the result is an impenetrable thicket of patents that make getting anything done next to impossible. The W3C's patent-pooling mechanism (which is uniquely comprehensive in the standards world and stands as an example of the best way to do this sort of thing) was essential to making DRM standardization possible. What's more, there are key players in the DRM world, like Adobe, who hold significant patent portfolios but are playing an ever-dwindling role in the world of DRM (the avowed goal of EME was to "kill Flash"). If the companies involved had to all sit down and negotiate a new patent deal without the W3C's framework, any of these companies could "turn troll" and insist that all the rest would have to shell out big dollars to license their patents -- they have nothing to lose by threatening the entire enterprise, and everything to gain from even a minuscule per-user royalty for something that will be rolled out into three billionbrowsers.

Finally, there's no indication that EME had anything to do with protecting legitimate business interests. Streaming video services like Netflix rely on customers to subscribe to a whole library with constantly added new materials and a recommendation engine to help them navigate the catalog.

DRM for streaming video is all about preventing competition, not protecting copyrights. The purpose of DRM is to give companies the legal tools to prevent activities that would otherwise be allowed. The DRM part doesn't have to "work" (in the sense of preventing copyright infringement) so long as it allows for the invocation of the DMCA.

To see how true this is, just look at Widevine, Google's version of EME. Google bought the company that made Widevine in 2010, but it wasn't until 2016 that an independent researcher actually took a close look at how well it prevented videos from leaking. That researcher, David Livshits found that Widevine was trivial to circumvent, and it had been since its inception, and that the errors that made Widevine so ineffective were obvious to even a cursory examination. If the millions of dollars and the high-power personnel committed to EME were allocated to create a technology that would effectively prevent copyright infringement, then you'd think that Netflix or one of the other media companies in the negotiations would have diverted some of those resources to a quick audit to make sure that the stuff actually worked as advertised.

(Funny story: Livshits is an Israeli at Ben Gurion University, and Israel happens to be the rare country that doesn't ban breaking DRM, meaning that Israelis are among the only people who can do this kind of research without fear of legal retaliation)

But the biggest proof that EME was just a means to shut down legitimate competitors -- and not an effort to protect copyright -- is what happened next.

A CONTROLLED EXPERIMENT

When EFF joined the W3C, our opening bid was "Don't make DRM."

We put the case to the organization, describing the way that DRM interferes with the important copyright exceptions (like those that allow people to record and remix copyrighted works for critical or transformative purposes) and the myriad problems presented by the DMCA and laws like it around the world.

The executive team of the W3C basically dismissed all arguments about fair use and user rights in copyright as a kind of unfortunate casualty of the need to keep Netflix from ditching the web in favor of apps, and as for the DMCA, they said that they couldn't do anything about this crazy law, but they were sure that the W3C's members were not interested in abusing the DMCA, they just wanted to keep their high-value movies from being shared on the internet.

So we changed tack, and proposed a kind of "controlled experiment" to find out what the DRM fans at the W3C were trying to accomplish.

The W3C is a consensus body: it makes standards by getting everyone in a room to compromise, moving toward a position that everyone can live with. Our ideal world was "No DRM at the W3C," and DRM is a bad enough idea that it was hard to imagine much of a compromise from there.

But after listening closely to the DRM side's disavowals of DMCA abuse, we thought we could find something that would represent an improvement on the current status quo and that should fit with their stated views.

We proposed a kind of DRM non-aggression pact, through which W3C members would promise that they'd only sue people under laws like DMCA 1201 if there was some other law that had been broken. So if someone violates your copyright, or incites someone to violate your copyright, or interferes with your contracts with your users, or misappropriates your trade secrets, or counterfeits your trademarks, or does anything else that violates your legal rights, you can throw the book at them.

But if someone goes around your DRM and doesn't violate any other laws, the non-aggression pact means that you couldn't use the W3C standardised DRM as a route to legally shut them down. That would protect security researchers, it would protect people analyzing video to add subtitles and other assistive features, it would protect archivists who had the legal right to make copies, and it would protect people making new browsers.

If all you care about is making an effective technology that prevents lawbreaking, this agreement should be a no-brainer. For starters, if you think DRM is an effective technology, it shouldn't matter if it's illegal to criticize it.

And since the nonaggression pact kept all other legal rights intact, there was no risk that agreeing to it would allow someone to break the law with impunity. Anyone who violated copyrights (or any other rights) would be square in the DMCA's crosshairs, and companies would have their finger on the trigger.

NOT SURPRISED BUT STILL DISAPPOINTED

Of course, they hated this idea.

The studios, the DRM vendors and the large corporate members of the W3C participated in a desultory, brief "negotiation" before voting to terminate further discussion and press on. The W3C executive helped them dodge discussions, chartering further work on EME without any parallel work on protecting the open web, even as opposition within the W3C mounted.

By the time the dust settled, EME was published after the most divided votes the W3C had ever seen, with the W3C executive unilaterally declaring that issues for security research, accessibility, archiving and innovation had been dealt with as much as they could be (despite the fact that literally nothing binding was done about any of these things). The "consensus" process of the W3C has so thoroughly hijacked that EME's publication was only supported by 58% of the members who voted in the final poll, and many of those members expressed regret that they were cornered into voting for something they objected to.

When the W3C executive declared that any protections for the open web were incompatible with the desires of the DRM-boosters, it was a kind of ironic vindication. After all, this is where we'd started, with EFF insisting that DRM wasn't compatible with security disclosures, with accessibility, with archiving or innovation. Now, it seemed, everyone agreed.

What's more, they all implicitly agreed that DRM wasn't about protecting copyright. It was about using copyright to seize other rights, like the right to decide who could criticize your product -- or compete with it.

DRM's sham cryptography means that it only works if you're not allowed to know about its defects. This proposition was conclusively proved when a W3C member proposed that the Consortium should protect disclosures that affected EME's "privacy sandbox" and opened users to invasive spying, and within minutes, Netflix's representative said that even this was not worth considering.

In a twisted way, Netflix was right. DRM is so fragile, so incoherent, that it is simply incompatible with the norms of the marketplace and science, in which anyone is free to describe their truthful discoveries, even if they frustrate a giant company's commercial aspirations.

The W3C tacitly admitted this when they tried to convene a discussion group to come up with some nonbinding guidelines for when EME-using companies should use the power of DRM law to punish their critics and when they should permit the criticism.

"RESPONSIBLE DISCLOSURE" ON OUR TERMS, OR JAIL

They called this "responsible disclosure," but it was far from the kinds of "responsible disclosure" we see today. In current practice, companies offer security researchers enticements to disclose their discoveries to vendors before going public. These enticements range from bug-bounty programs that pay out cash, to leaderboards that provide glory to the best researchers, to binding promises to act on disclosures in a timely way, rather than crossing their fingers, sitting on the newly discovered defects, and hoping no one else re-discovers them and exploits them.

The tension between independent security researchers and corporations is as old as computing itself. Computers are hard to secure, thanks to their complexity. Perfection is elusive. Keeping the users of networked computers safe requires constant evaluation and disclosure, so that vendors can fix their bugs and users can make informed decisions about which systems are safe enough to use.

But companies aren't always the best stewards of bad news about their own products. As researchers have discovered -- the hard way -- telling a company about its mistakes may be the polite thing to do, but it's very risky behavior, apt to get you threatened with legal reprisals if you go public. Many's the researcher who told a company about a bug, only to have the company sit on that news for an intolerably long time, putting its users at risk. Often, these bugs only come to light when they are independently discovered by bad actors, who figure out how to exploit them, turning them into attacks that compromise millions of users, so many that the bug's existence can no longer be swept under the rug.

As the research world grew more gunshy about talking to companies, companies were forced to make real, binding assurances that they would honor the researchers' discoveries by taking swift action in a defined period, by promising not to threaten researchers over presenting their findings, and even by bidding for researchers' trust with cash bounties. Over the years, the situation has improved, with most big companies offering some kind of disclosure program.

But the reason companies offer those bounties and assurances is that they have no choice. Telling the truth about defective products is not illegal, so researchers who discover those truths are under no obligation to play by companies' rules. That forces companies to demonstrate their goodwill with good conduct, binding promises and pot-sweeteners.

Companies definitely want to be able to decide who can tell the truth about their products and when. We know that because when they get the chance to flex that muscle, they flex it. We know it because they said so at the W3C. We know it because they demanded that they get that right as part of the DRM package in EME.

Of all the lows in the W3C DRM process, the most shocking was when the historic defenders of the open web tried to turn an effort to protect the rights of researchers to warn billions of people about harmful defects in their browsers into an effort to advise companies on when they should hold off on exercising that right -- a right they wouldn’t have without the W3C making DRM for the web.

DRM IS THE OPPOSITE OF SECURITY

From the first days of the DRM fight at the W3C, we understood that the DRM vendors and the media companies they supplied weren't there to protect copyright, they were there to grab legally enforceable non-copyright privileges. We also knew that DRM was incompatible with security research: because DRM relies on obfuscation, anyone who documents how DRM works also makes it stop working.

This is especially clear in terms of what wasn't said at the W3C: when we proposed that people should be able to break DRM to generate subtitles or conduct security audits, the arguments were always about whether that was acceptable, but it was never about whether it was possible.

Recall that EME is supposed to be a system that helps companies ensure that their movies aren't saved to their users' hard-drives and shared around the internet. For this to work, it should be, you know, hard to do that.

But in every discussion of when people should be allowed to break EME, it was always a given that anyone who wanted to could do so. After all, when you hide secrets in software you give to people who you want to keep them secret from, you are probably going to be disappointed.

From day one, we understood that we would arrive at a point in which the DRM advocates at the W3C would be obliged to admit that the survival of their plan relied on being able to silence people who examined their products.

However, we did hold out hope that when this became clear to everyone, that they would understand that DRM couldn't peacefully co-exist with the open web.

We were wrong.

THE W3C IS THE CANARY IN THE COALMINE

The success of DRM at the W3C is a parable about market concentration and the precarity of the open web. Hundreds of security researchers lobbied the W3C to protect their work, UNESCO publicly condemned the extension of DRM to the web, and the many crypto-currency members of the W3C warned that using browsers for secure, high-stakes applications like moving around peoples' life-savings could only happen if browsers were subjected to the same security investigations as every other technology in our life (except DRM technologies).

There is no shortage of businesses that want to be able to control what their customers and competitors do with their products. When the US Copyright Office held hearings on DRM in 2015, they heard about DRM in medical implants and cars, farm equipment and voting machines. Companies have discovered that adding DRM to their products is the most robust way to control the marketplace, a cheap and reliable way to convert commercial preferences about who can repair, improve, and supply their products into legally enforceable rights.

The marketplace harms from this anti-competitive behavior are easy to see. For example, the aggressive use of DRM to prevent independent repair shops ends up diverting tons of e-waste to landfill or recycling, at the cost of local economies and the ability of people to get full use out of your property. A phone that you recycle instead of repairing is a phone you have to pay to replace -- and repair creates many more jobs than recycling (recycling a ton of e-waste creates 15 jobs; repairing it creates 150 jobs). Repair jobs are local, entrepreneurial jobs, because you don't need a lot of capital to start a repair shop, and your customers want to bring their gadgets to someone local for service (no one wants to send a phone to China for repairs -- let alone a car!).

But those economic harms are only the tip of the iceberg. Laws like DMCA 1201 incentivize DRM by promising the power to control competition, but DRM's worst harms are in the realm of security. When the W3C published EME, it bequeathed to the web an unauditable attack-surface in browsers used by billions of people for their most sensitive and risky applications. These browsers are also the control panels for the Internet of Things: the sensor-studded, actuating gadgets that can see us, hear us, and act on the physical world, with the power to boil, freeze, shock, concuss, or betray us in a thousand ways.

The gadgets themselves have DRM, intended to lock our repairs and third-party consumables, meaning that everything from your toaster to your car is becoming off-limits to scrutiny by independent researchers who can give you unvarnished, unbiased assessments of the security and reliability of these devices.

In a competitive market, you'd expect non-DRM options to proliferate in answer to this bad behavior. After all, no customer wants DRM: no car-dealer ever sold a new GM by boasting that it was a felony for your favorite mechanic to fix it.

But we don't live in an a competitive market. Laws like DMCA 1201 undermine the competition that might counter their worst effects.

The companies that fought DRM at the W3C -- browser vendors, Netflix, tech giants, the cable industry -- all trace their success to business strategies that shocked and outraged established industry when they first emerged. Cable started as unlicensed businesses that retransmitted broadcasts and charged for it. Apple's dominance started with ripping CDs and ignoring the howls of the music industry (just as Firefox got where it is by blocking obnoxious ads and ignoring the web-publishers who lost millions as a result). Of course, Netflix's revolutionary red envelopes were treated as a form of theft.

These businesses started as pirates and became admirals, and treat their origin stories as legends of plucky, disruptive entrepreneurs taking on a dinosauric and ossified establishment. But they treat any disruption aimed at them as an affront to the natural order of things. To paraphrase Douglas Adams, any technology invented in your adolescence is amazing and world-changing; anything invented after you turn 30 is immoral and needs to be destroyed.

LESSONS FROM THE W3C

Most people don't understand the risks of DRM. The topic is weird, technical, esoteric and take too long to explain. The pro-DRM side wants to make the debate about piracy and counterfeiting, and those are easy stories to tell.

But people who want DRM don't really care about that stuff, and we can prove it: just ask them if they'd be willing to promise not to use the DMCA unless someone is violating copyright, and watch them squirm and weasel about why policing copyright involves shutting down competitive activities that don't violate copyright. Point out that they didn't even question whether someone could break their DRM, because, of course, DRM is so technologically incoherent that it only works if it's against the law to understand how it works, and it can be defeated just by looking closely at it.

Ask them to promise not to invoke the DMCA against people who have discovered defects in their products and listen to them defend the idea that companies should get a veto over publication of true facts about their mistakes and demerits.

These inconvenient framings at least establish what we're fighting about, dispensing with the disingenuous arguments about copyright and moving on to the real issues: competition, accessibility, security.

This won't win the fight on its own. These are still wonky and nuanced ideas.

One thing we've learned from 15-plus years fighting DRM: it's easier to get people to take notice of procedural issues than substantive ones. We labored in vain to get people to take notice of the Broadcasting Treaty, a bafflingly complex and horribly overreaching treaty from WIPO, a UN specialized agency. No one cared until someone started stealing piles of our handouts and hiding them in the toilets so no one could read them. That was global news: it's hard to figure out what something like the Broadcast Treaty is about, but it's easy to call shenanigans when someone tries to hide your literature in the toilet so delegates don’t see the opposing view.

So it was that four years of beating the drum about DRM at the W3C barely broke the surface, but when we resigned from the W3C over the final vote, everyone sat up and took notice, asking how they could help fix things. The short answer is, "It's too late: we resigned because we had run out of options.

But the long answer is a little more hopeful. EFF is suing the US government to overturn Section 1201 of the DMCA. As we proved at the W3C, there is no appetite for making DRM unless there's a law like DMCA 1201 in the mix. DRM on its own does nothing except provide an opportunity for competitors to kick butt with innovative offerings that cost less and do more.

The Copyright Office is about to hold fresh hearings about DMCA 1201.

The W3C fight proved that we could shift the debate to the real issues. The incentives that led to the W3C being colonized by DRM are still in play and other organizations will face this threat in the years to come. We'll continue to refine this tactic there and keep fighting, and we'll keep reporting on how it goes so that you can help us fight. All we ask is that you keep paying attention. As we learned at the W3C, we can't do it without you.

https://www.eff.org/deeplinks/2017/10/drms-dead-canary-how-we-just-lost-web-what-we-learned-it-and-what-we-need-do-next

#w3c #eff #drm #copyfight #longreads #a11y #pwds

30 notes · View notes

simontalbot · 5 years ago

Text

Tokyo & Seoul Trip - Day 2 (21 February ‘20)

And here we are on day 2. Instead of getting up and heading out to Mount Fuji which was the vaguest of vague plans, we both spent the morning, well, fast asleep. We woke up at around 11.30am (oops). Either way, it’s probably best to catch up on the missed sleep and this is supposed to be a holiday!

After using what can only be described as the perfect shower, we headed out and grabbed a quick packed lunch to have en route to ‘teamLab Borderless’, a digital art museum in the Odaiba area of Tokyo - on the waterfront. The museum was in ‘Palette Town’ which is something of an entertainment district which also has a concert hall (we saw lots of teens getting excited over some boyband who were playing), a Ferris wheel, a race track for go Karts and a race track for real cars as well as a show room for futuristic autonomous vehicles from Toyota. Pretty cool stuff. We thought we would spend one or two hours in teamLab but it sucked us right in and so we ended up spending 4 hours in there. It is pretty difficult to explain what teamLab is exactly, it is something you definitely have to experience for yourself. Yes it is lots of large rooms with pretty sound and light installations with interactive elements to it, but it really was so much more than that. I’m not a massive fan of those descriptions of art that sound unbelievably pretentious, but the description pictured below does capture the experience quite well. You do really feel part of what is going on around you. I will make a subsequent photo only post which will give you a flavour of what was in there. But if anyone reading this goes to Tokyo, you really should put this on your ‘must do’ list. Oh unless you suffer from Photosensitive Epilepsy or similar. In which case, definitely DEFINITELY don’t go.

It was dark by the time we left. We thought we’d swing by Harajuku for a quick mooch and some dinner. It was all closing down by the time we got there, so we will head back another time, but Harajuku is sort of like the alternative culture centre of Tokyo. While it wasn’t as crowded as we have seen it before, there were still plenty of people about with very interesting clothes and hair colours. It reminds me of how Camden used to be 20 years ago until it was taken over by tourists with cameras and more mainstream shops and restaurants - I am not sure if Harajuku will head that way, but I guess people like me would be part of the reason!

It was then time for dinner. We tried one place that had good reviews, but when we arrived, there was a queue to get seated and the restaurant absolutely stank of cigarettes - which was really off putting. Strange really, because that is what pubs and restaurants used to be like in the UK. It’s made me quite thankful for the smoking ban (even if I am occasionally left deserted at the dinner table after a meal). We headed down a couple of floors to another restaurant that basically served different varieties of meat accompanied by a set meal. Similar I suppose to bento box, but just not served in a bento box.

I had pork loin as my meat choice (predictable) which was served with rice, Tororo (grated up yam formed into a sticky yoghurty substance, served cold), a clear Oxtail soup and a small dish of pickles. The pork was just incredible it had been marinaded in a light miso paste - so good. The pickles and the Oxtail soup were pretty delicious too. The tororo was not really to my liking. It looked like it was supposed to be mixed in with the rice (that’s what our neighbours were doing), but I wasn’t particularly keen on it so I ditched it. All in all another great meal.

After dinner we meandered back to Harajuku station and then took a subway to Shinjuku. We then walked the 20 minutes back to our hotel to walk off the dinner and relax the brains after they’d been blown away by the 4 hours spent in teamLab.

For all those commenting on us not wearing face masks, well here you go. Thanks to our secret supplier who pilfered them from her work. Having done some reading up on the subject they don’t actually do very much and while there are more people wearing face masks than usual in Tokyo, actually loads of people aren’t bothering. What we are doing is regularly sanitizing our hands and we will use them when in crowded indoor spaces. They are more effective as a way to stop people with Coronavirus passing it on.

teamLab in Pallette town. With the Teleport bridge tower in the background.

Here is the description of teamLab Borderless...

There I am... They say it’s a very instagrammable place. It’s true. Shame I’m not the most instagrammable person. But there you go.

Mirrored floors, walls and ceilings. Easy to get lost in it.

Palette Town wheel in all its glory.

Harajuku main shopping street...

Utterly delicious (and the food). Clear oxtail soup, rice, marinaded meat and a small bowl of pickles. On mine you can see the bowl of Tororo... not for me.

Look at the state of these ice creams (Kawaiiiiiii). I’ll get one next time and enjoy licking the face of a cute pig.

Another reason I love Japan. Look at this example of politeness. Tube users all stand to the right in an orderly queue to let alighting passengers off. No bundles, no shoving. 😍

0 notes

neptunecreek · 7 years ago

Text

DRM's dead canary: how we just lost the web, what we learned from it, and what we need to do next

Everybody on the inside secretly knows that DRM technology is irrelevant, but DRM law is everything; and

The reason companies want DRM has nothing to do with copyright.

DRM IS TECHNOLOGICALLY BANKRUPT; DRM LAW IS DEADLY

So Netflix also gives you the unscrambling key.

But if you have the key, you can just unscramble the Netflix movies and save them to your hard drive. How can Netflix give you the key but control how you use it?

It's not just the USA and not just the DMCA, either. The US Trade Representative has "convinced" countries around the world to adopt a version of this rule.

DRM HAS NOTHING TO DO WITH COPYRIGHT

WHICH BRINGS US TO THE W3C

WHY WOULD THE W3C DO THIS?

Ay yi yi. That is the three billion user question.

Then there's the matter of patents: companies that think DRM is a good idea also love software patents, and the result is an impenetrable thicket of patents that make getting anything done next to impossible. The W3C's patent-pooling mechanism (which is uniquely comprehensive in the standards world and stands as an example of the best way to do this sort of thing) was essential to making DRM standardization possible. What's more, there are key players in the DRM world, like Adobe, who hold significant patent portfolios but are playing an ever-dwindling role in the world of DRM (the avowed goal of EME was to "kill Flash"). If the companies involved had to all sit down and negotiate a new patent deal without the W3C's framework, any of these companies could "turn troll" and insist that all the rest would have to shell out big dollars to license their patents -- they have nothing to lose by threatening the entire enterprise, and everything to gain from even a minuscule per-user royalty for something that will be rolled out into three billion browsers.

But the biggest proof that EME was just a means to shut down legitimate competitors -- and not an effort to protect copyright -- is what happened next.

A CONTROLLED EXPERIMENT

When EFF joined the W3C, our opening bid was "Don't make DRM."

So we changed tack, and proposed a kind of "controlled experiment" to find out what the DRM fans at the W3C were trying to accomplish.

NOT SURPRISED BUT STILL DISAPPOINTED

Of course, they hated this idea.

"RESPONSIBLE DISCLOSURE" ON OUR TERMS, OR JAIL

DRM IS THE OPPOSITE OF SECURITY

However, we did hold out hope that when this became clear to everyone, that they would understand that DRM couldn't peacefully co-exist with the open web.

We were wrong.

THE W3C IS THE CANARY IN THE COALMINE

But we don't live in an a competitive market. Laws like DMCA 1201 undermine the competition that might counter their worst effects.

LESSONS FROM THE W3C

This won't win the fight on its own. These are still wonky and nuanced ideas.

The Copyright Office is about to hold fresh hearings about DMCA 1201.

from Deeplinks http://ift.tt/2hWq9iH

#Deeplinks

0 notes

marculees · 6 years ago

Photo

Happy International Epilepsy Day to all of my followers and fellow epileptics!

For those who don’t know, epilepsy is a neurological condition which affects the brain and is most commonly attributed to seizures though holds other effects such as chronic loss of energy, memory, motor and cognition errors. There are different types of seizures and depending on which form of epilepsy someone may have, their seizures can be different or non-existent. I myself suffer from photosensitive epilepsy but there are more types out there and I wanted to make this post to share a little bit of info and help make others more aware of the condition and what to do in the case of someone having a seizure, as well as to be made aware of some triggers. More than 50,000,000 people are diagnosed with epilepsy across the globe and it is a condition which is not spoken of enough in schools, communities, and other aspects and institutions in our lives. I encourage any people who suffer from epilepsy to share their own tips and experiences for both those experiencing it for themselves and to educate others on how to care for a loved one with epilepsy. This is a really short and mostly personal post so I’d love to see it grow!

Some types of epilepsy

Photosensitive epilepsy: This is the type I suffer from! It is triggered by flashing images and other types of stimuli which f*ck with our heads (think of those weird optical illusions or hypnosis things). These send “KJASGLDKJVGLKSJVGSJ” signals to our brains and can cause us to have seizures. You ever wonder why some (and I wish more did) TV shows or other forms of visual media put a flashing warning at the start of their programme? Its for things like this! This is just a very personal trigger but for some weird reason playing the Wii makes me have seizures?? Something to do with the speed patterns of the game? Don’t ever deliberately flicker lights on and off or show a photosensitive epileptic a flashing video/gif, or else I’ll personally hunt you down... :) *cough*please tag flashing gifs with trigger warnings*cough* do not use #epilepsy because that tag has been ruined for the epilepsy community and we had to make up our own since that was just a spam of triggers rather than actual support and fellow epileptics thank you*cough*

*I’m not confident in describing other types so if any other epileptics would like to describe their own then that would be great! Photosensitive epilepsy affects only roughly 3-5% of all epileptics so there are definitely more common types to be explained >.<

Some types of seizures

There are more than 40 different types of seizures but these are some of the most common. Some are easier to spot than others and everyone’s case is different. Some seizures can involve a mix of different types so it is important to know how each affects the individual. It is always best to ask the person you know for what type they have most often, but keep in mind that while they may look fully conscious during a seizure, they are not and so they won’t remember the actual act itself but rather the before and afters!

Absence seizures: These seizures can often go unnoticed, as the person appears to space out. However, they are rarely a once-off incident and have a tendency to happen multiple times a day which can lead to confusion, loss of time and information absorbing, and general feelings of unsteadiness. In settings like schools or meetings where attention is crucial, a person who experiences these types of seizures is at a disadvantage because their loss of consciousness can lead them to losing out on valuable information and disrupt their work. While these seizures do usually last a few seconds, they can be worrying for the person because afterwards they are aware they have just have just had a seizure and yet since it is not very visible, it can be hard to share their worries with others. They are not just people daydreaming or having their minds wander, they are seriously spacing out of consciousness and should not be ignored or dismissed for the lack of visible symptoms >.<

Grand mal/tonic-clonic seizures: A more frightening sight, tonic-clonic seizures are the ones often dramatised by media and stereotypes alike. These are the types of seizures where a person will suddenly collapse, followed by stiff and jerky movements which can last up to a minute or few. In simple terms (and because I hate science lol), the brain is being overloaded with signals and can’t keep up! These are the types of seizures I experience and while I can’t speak for everyone, I usually show some warning signs before I have one; I’ve been told I go very very pale (and I’m a ghost already), my lips will also go white and my pupils will dilate while staring into space before I collapse. My limbs tighten and stiffen up (the tonic phase) and I’ve been told I have a very strong grip! Then my arms in particular will begin jerking (clonic) and while I might look like I’m having a little breakdance, the last thing I want to do is break/hurt something. These seizures involve a LOT of energy and afterwards, the person will usually fall asleep because their muscles and brain have been working at 100000% and are very sore and tired, especially if they have injured themselves during it. I had one at a sleepover while getting up to go to the toilet in the middle of the night and I ended up falling against the tiled wall in the bathroom and my head and jaw were in pain for days after :(

*There are others such as auras/partial seizures, but I’d rather let someone more experienced and knowledgeable explain them!

How to help someone having a seizure

While it is instinct to jump in and help, you should NEVER try to stop a seizure. You should let the person seize, but if it lasts for more than five minutes then you should definitely call an ambulance! The best thing to do is to make the environment as safe as possible so that the person does not injure themselves while seizing. This can include moving away furniture (e.g. tables) which may cause injury if they hit off them, placing something soft under their head (e.g. pillow, coat), turn them onto their side (especially if they are vomiting too), and what I think is most important is to stay with them till the end. I’ve had nightmares of people laughing and recording me having a seizure, so if possible, try to get other people to give some respect and privacy and leave the epileptic and attendant in peace. The tonic-clonic seizures are very embarrassing for the person and can involve more than just jerking movements but full-on loss of control over bodily functions too. It sounds yuck but when I first started having seizures, I’d lose control of EVERYWHERE and would somehow manage to both piss and shit myself while vomiting at the same time (weird flex, but okay). The epileptic is totally unaware of any of this until they wake up later and have someone explain to them, so try to also remember how long the seizure lasts and note their signs before and what then happened. It helps a lot when we then go to visit our neurologist and also for future reference to educating others on our own personal cases! There is a weird urban legend that you should put a spoon in the person’s mouth while they have a seizure but DO NOT do this, in fact don’t try to touch their mouth at all. Just give them space and give them comfort and reassurance afterwards, because not only is frightening to watch, but its also frightening to not know what happened at all. Let them lie down and rest because its very likely that their head and entire body will be sore after moving so much and so tightly too, so save a hug for later <3

Prevention, treatment and hope?

Fortunately, a lot of people grow out of their seizures as they get older! While there is no telling of what causes the condition, you’ll be happy to know that it may not haunt you or your loved one forever. I had my first seizure when I was eight years old and now I’m almost twenty and have been seizure-free for four years! While the condition never fully leaves, the seizures can become less common and sometimes stop altogether. How we measure this? Tests and scans such as an E.E.G are used to identify the brain’s responses to triggers and how strong or weak they are. E.E.Gs are like visiting a really shitty hair stylist who sticks a load of wires on your head and then proceeds to make you stare at a flashing light lmao the weird glue they use is so gross and I immediately want to wash it out after. Those who suffer from epilepsy will take medication (usually pills though medicinal c*nnabis has become popular) to lower their risks of having a seizure, but it is important to note that these medications never imply prevention or cure. Just because someone is taking medication does not mean they won’t have a seizure, they are just less likely than without! In some extreme cases, surgery can be an option and part of the brain may be removed.

Sadly though, not everyone is lucky enough to grow out of their seizures. Those with a chronic condition can have up to multiple seizures a day and never find peace. There is no definitive cure yet but the best thing to give to these people is hope and support. Let them know that you care for them because in a world that suddenly becomes non-existent to them for those few seconds or minutes, its nice to know that someone exists and loves them regardless of their condition.

Epilepsy affects everyone differently and not only are there medical implications, but social also. Some people will be less vocal about their condition to employers and fear losing employment opportunities, for example. As a young person, I rarely go on a night out and actively avoid nightclubs (which I don’t like the idea of anyway) but it can lead to a feeling of exclusion and isolation from friends and peers, along with dating. Its small things that unless you have to worry about, others don’t really notice. From my own experience, I now try to avoid going on drives on sunny days because I have had seizures from the sun flickering through trees or bouncing off windows and shiny surfaces. In Ireland anyway, as long as I’m seizure-free for one year then I am allowed to drive but I would still be fearful and find it hard to ever travel alone. There are many things I can think of but these come to mind first because they affect my daily life a lot; I’m a student who commutes to college every day and back, and the town is known for its nightlife and partying. Some people have other ‘habits’, such as taking showers over baths in case they seize and you know, drown themselves. We all take preventive measures but there is no cure or safety belt. Like I said, it affects everyone differently so always consult the person you know. It lets them know you care and it helps you to help them too!

There are several great epilepsy-centered blogs on Tumblr and I’m too shy to tag them here... However just know that a whole supportive community is behind the ‘#actually epileptic’ tag and that you are not alone in your condition, or that if you have any further interest or questions then there are others out there who can help share their knowledge and experience with you. Thank you for reading all of this and I wish you a happy and seizure-free day <3

#actually epileptic #epilepsy #international epilepsy day #signal boost #international epilepsy day 2019 #illness #important #its really late rn and i'm exhausted so this post is very short #please add on your own knowledge and help spread awareness and advice!#or share with your followers and maybe learn something new~#<3

8 notes · View notes

mostlysignssomeportents · 7 years ago

Text

#1yrago A lightbulb worm could take over every smart light in a city in minutes

Researchers from Dalhousie University (Canada) and the Weizmann Institute of Science (Israel) have published a working paper detailing a proof-of-concept attack on smart lightbulbs that allows them to wirelessly take over the bulbs from up to 400m, write a new operating system to them, and then cause the infected bulbs to spread the attack to all the vulnerable bulbs in reach, until an entire city is infected.

The researchers demonstrate attacking bulbs by drone or ground station. The demo attacks Philips Hue lightbulbs, the most popular smart lighting system in the market today.

Philips Hue use Zigbee for networking. Zigbee is a wireless protocol designed for low-powered Internet of Things devices, and it has many built-in security features. The most important of these is that once a device is initialized as part of a Zigbee network, it can't be hijacked onto a rival network unless you can bring a controller into close proximity to it (a couple centimeters away). However, there is a fatal flaw in the Zigbee implementation in the Hue system, and the researchers showed that they could hijack the bulbs from nearly half a kilometer away (this attack is only possible because Zigbee doesn't encrypt all traffic between devices).

The Hue system also has safeguards to prevent malicious tampering: updates have to be cryptographically signed using a very strong algorithm or they will be rejected by Hue systems. The researchers were easily able to extract the signing keys -- which are the same for all Philips Zigbee products -- and use them to sign their own malicious updates.

Thus armed, the researchers were able to take over any Philips Hue system.

There are many ways that a hijacked Hue system can be used to cause mischief. Zigbee uses the same radio spectrum as wifi, so a large mesh of compromised Zigbees could simply generate enough radio noise to jam all the wifi in a city. Attackers could also brick all the Hue devices citywide. They could use a kind of blinking morse code to transmit data stolen from users' networks. They could even induce seizures in people with photosensitive epilepsy.

The fact that the attack targets devices by Zigbee signals -- rather than over the internet -- means that it is virtually impossible to defend against through traditional methods like firewalls.

Like many IoT companies, Philips' business model for its smart lights involves controlling who may make and sell the lightbulbs (Philips charges a very high markup on its own bulbs). Last December, the company covertly updated its lights to reject third party bulbs (it later walked this back after public outcry).

Companies that use encryption to prevent third-party consumables can use laws like Section 1201 of the US Digital Millennium Copyright Act to threaten competitors with lawsuits and even prison sentences for breaking the crypto; this right extends to threatening security researchers for revealing embarrassing defects in their products. It's probably not a coincidence that one of the researchers on this paper is affiliated with an Israeli institution, as Israel is the only major US trading partner that has not been forced to adopt a version of DMCA 1201 by the US trade representative (it's no coincidence that a six-year-old showstopper bug in the DRM in Google's Chrome was revealed by another Israeli). Canada has had its version since 2011, meaning that the Canadian author has done something exceptionally brave (and maybe foolhardy) by putting his name to this paper.

https://boingboing.net/2016/11/09/a-lightbulb-worm-could-take-ov.html

3 notes · View notes

mostlysignssomeportents · 7 years ago

Text

EFF has appealed the W3C's decision to make DRM for the web without protections

Five days ago, the World Wide Web Consortium announced that it would go ahead with its project of making DRM for web-video, and that the Director, Tim Berners-Lee had overruled or decided not to act further on all objections about the dangers this posed to legitimate and important activities including security audits, accessibility adaptation and competition.

The W3C has an appeals process, which has never been successfully used in W3C history. If 5 percent of the members appeal a decision by the Director, all members are entitled to vote, and if there's a majority in favor of overulling the Director, the decision is unmade.

Today, I formally initiated that appeal process in my capacity as W3C Advisory Committee representative for the Electronic Frontier Foundation.

Our appeal is based on two premises:

1. That the supposed benefits of standardizing DRM at the W3C can't be realized unless there's protections for people who engage in lawful activity that DRM gets in the way of; and

2. That the W3C's membership were never polled on whether they wished to institute such protections as part of the W3C's DRM standardization project.

This is uncharted territory for the W3C, so we're not sure what happens next. In our submission to W3C CEO Jeff Jaffe and W3C Director Tim Berners-Lee, we asked for their guidance on how to proceed. I'll keep you updated as we learn more.

1. The enhanced privacy protection of a sandbox is only as good as the sandbox, so we need to be able to audit the sandbox.

The privacy-protecting constraints the sandbox imposes on code only work if the constraints can't be bypassed by malicious or defective software. Because security is a process, not a product and because there is no security through obscurity, the claimed benefits of EME's sandbox require continuous, independent verification in the form of adversarial peer review by outside parties who do not face liability when they reveal defects in members' products.

This is the norm with every W3C recommendation: that security researchers are empowered to tell the truth about defects in implementations of our standards. EME is unique among all W3C standards past and present in that DRM laws confer upon W3C members the power to silence security researchers.

EME is said to be respecting of user privacy on the basis of the integrity of its sandboxes. A covenant is absolutely essential to ensuring that integrity.

2. The accessibility considerations of EME omits any consideration of the automated generation of accessibility metadata, and without this, EME's accessibility benefits are constrained to the detriment of people with disabilities.

It's true that EME goes further than other DRM systems in making space available for the addition of metadata that helps people with disabilities use video. However, as EME is intended to restrict the usage and playback of video at web-scale, we must also ask ourselves how metadata that fills that available space will be generated.

For example, EME's metadata channels could be used to embed warnings about upcoming strobe effects in video, which may trigger photosensitive epileptic seizures. Applying such a filter to (say) the entire corpus of videos available to Netflix subscribers who rely on EME to watch their movies would safeguard people with epilepsy from risks ranging from discomfort to severe physical harm.

There is no practical way in which a group of people concerned for those with photosensitive epilepsy could screen all those Netflix videos and annotate them with strobe warnings, or generate them on the fly as video is streamed. By contrast, such a feat could be accomplished with a trivial amount of code. For this code to act on EME-locked videos, EME's restrictions would have to be bypassed.

It is legal to perform this kind of automated accessibility analysis on all the other media and transports that the W3C has ever standardized. Thus the traditional scope of accessibility compliance in a W3C standard -- "is there somewhere to put the accessibility data when you have it?" -- is insufficient here. We must also ask, "Has W3C taken steps to ensure that the generation of accessibility data is not imperiled by its standard?"

There are many kinds of accessibility metadata that could be applied to EME-restricted videos: subtitles, descriptive tracks, translations. The demand for, and utility of, such data far outstrips our whole species' ability to generate it by hand. Even if we all labored for all our days to annotate the videos EME restricts, we would but scratch the surface.

However, in the presence of a covenant, software can do this repetitive work for us, without much expense or effort.

3. The benefits of interoperability can only be realized if implementers are shielded from liability for legitimate activities.

EME only works to render video with the addition of a nonstandard, proprietary component called a Content Decryption Module (CDM). CDM licenses are only available to those who promise not to engage in lawful conduct that incumbents in the market dislike.

For a new market entrant to be competitive, it generally has to offer a new kind of product or service, a novel offering that overcomes the natural disadvantages that come from being an unknown upstart. For example, Apple was able to enter the music industry by engaging in lawful activity that other members of the industry had foresworn. Likewise Netflix still routinely engages in conduct (mailing out DVDs) that DRM advocates deplore, but are powerless to stop, because it is lawful. The entire cable industry -- including Comcast -- owes its existence to the willingness of new market entrants to break with the existing boundaries of "polite behavior."

EME's existence turns on the assertion that premium video playback is essential to the success of any web player. It follows that new players will need premium video playback to succeed -- but new players have never successfully entered a market by advertising a product that is "just like the ones everyone else has, but from someone you've never heard of."

The W3C should not make standards that empower participants to break interoperability. By doing so, EME violates the norm set by every other W3C standard, past and present.

Notice to the W3C of EFF's appeal of the Director's decision on EME [Cory Doctorow/EFF]

http://boingboing.net/2017/07/12/save-the-web.html

21 notes · View notes

neptunecreek · 7 years ago

Text

Amid Unprecedented controversy, W3C Greenlights DRM for the Web

Early today, the World Wide Web Consortium (W3C) standards body publicly announced its intention to publish Encrypted Media Extensions (EME)—a DRM standard for web video—with no safeguards whatsoever for accessibility, security research or competition, despite an unprecedented internal controversy among its staff and members over this issue.

EME is a standardized way for web video platforms to control users' browsers, so that we can only watch the videos under rules they set. This kind of technology, commonly called Digital Rights Management (DRM), is backed up by laws like the United States DMCA Section 1201 (most other countries also have laws like this).

Under these laws, people who bypass DRM to do legal things (like investigate code defects that create dangerous security vulnerabilities) can face civil and criminal penalties. Practically speaking, bypassing DRM isn't hard (Google's version of DRM was broken for six years before anyone noticed), but that doesn't matter. Even low-quality DRM gets the copyright owner the extremely profitable right to stop their customers and competitors from using their products except in the ways that the rightsholder specifies.

EFF objects to DRM: it's a bad idea to make technology that treats the owner of a computer as an adversary to be controlled, and DRM wrecks the fairness of the copyright bargain by preventing you from exercising the rights the law gives you when you lawfully acquire a copyrighted work (like the rights to make fair uses like remix or repair, or to resell or lend your copy).

But EFF understood that the W3C had members who wanted to make DRM, so we suggested a compromise: a covenant, modeled on the existing W3C member-agreement, that would require members to make a binding promise only to use the law to attack people who infringed copyright, and to leave people alone if they bypassed DRM for legal reasons, like making W3C-standardized video more accessible for people with disabilities.

This was a very popular idea. It was endorsed by Unesco, by the Internet Archive, by the creator of the W3C's existing membership agreement, by hundreds of top security researchers, by the competition expert who coined the term "Net Neutrality", and by hundreds of human rights organizations and activists from the global south. The Open Source Initiative amended its definition of "open standard" so that DRM standards could only qualify as a "open" if they protected legitimate activity.

Now, it's fair to say that the W3C's DRM advocates didn't like the idea. After a perfunctory discussion process (during which some progress was made), they walked away from the negotiations, and the W3C decided to allow the standardization work to continue despite their unwillingness to compromise.

But other W3C members did like the idea. On March 12, the final vote for publishing EME closed, and members ranging from the German National Library to the UK Royal National Institute for Blind People to the cryptocurrency startup Ethereum, to Brave, a new entrant to the browser market -- along with dozens more—rejected the idea of publishing EME without some protections for these equities (the numbers in the vote are confidential by W3C's own membership requirements, but all the members mentioned here have given permission to have their votes revealed.)

It was the most controversial vote in W3C history. As weeks and then months stretched out without a decision, another W3C member, the Center for Democracy and Technology, proposed a very, very narrow version of the covenant, one that would only protect security researchers who revealed accidental or deliberate leaks of data marked as private and sensitive by EME. Netflix's representative dismissed the idea out of hand, and then the W3C's CEO effectively killed the proposal.

Today, the W3C announced that it would publish its DRM standard with no protections and no compromises at all, stating that W3C Director Tim Berners-Lee had concluded that the objections raised "had already been addressed" or that they were "overruled."

In its statement, the W3C said that publishing a DRM standard without protections for core open web activities was better than not doing so, because its DRM had better support for privacy, accessibility, and competition than a non-W3C version of DRM would have.

We disagree. Even by the W3C's own measures, EME represents no improvement upon a non-standards approach, and in some important ways, the W3C's DRM is worse than an ad-hoc, industry approach.

At root is the way that DRM interacts with the law. Take security: the W3C's specification says that users' computers should be protected from privacy-invading activities by DRM vendors, but without a covenant, it's impossible to check whether this is happening. Recall that Netflix, one of the principal advocates for DRM at W3C, categorically rejected the narrowest of covenants, one that would protect solely the activity of revealing DRM flaws that compromised user privacy.

On the question of accessibility, the W3C has simply ignored the substantial formal and informal objections raised by its members, including members with deep expertise in accessibility, such as Vision Australia, Media Access Australia, Benetech, and the RNIB. These organizations pointed out that having a place for assistive data was nice, but to make video accessible, it was necessary to use computers to generate that data.

It's great to say that if you know where all the strobe effects are in 10,000,000 hours of videos, you could add warnings to the timelines of those videos to help people with photosensitive epilepsy. But unless you have an unimaginable army of people who can watch all that video, the practical way to find all those strobes is to feed the video to a computer, after bypassing the DRM. Otherwise, most video will never, ever be made safe for people with photosensitive epilepsy.

Multiply that by the unimaginable armies of people needed to write subtitles, translate audio, and generate descriptive audio tracks, and you've exceeded the entire human race's video-annotating capacity several times over—but barely scratched the surface of what computers can (and will be able to) do.

On the question of competition, the W3C's response is even more frustrating and non-responsive. EME only solves part of the video-transmission standard: for a browser to support EME, it must also license a "Content Decryption Module" (CDM). Without a CDM, video just doesn't work.

All the big incumbents advocating for DRM have licenses for CDMs, but new entrants to the market will struggle to get these CDMs, and in order to get them, they have to make promises to restrict otherwise legal activities (for example, CDM licensing terms prevent users in some parts of Europe from seeing videos made available in other parts of the EU).

The W3C says that none of this makes DRM any worse than what was there before the standards effort, but they're dead wrong. DRM is covered by a mess of criss-crossing patents that make any kind of interoperable DRM transcendentally hard to create -- unless there's some way of cutting through the patent thicket. That's where the W3C comes in: its patent policy requires members to swear not to enforce their patents against people who implement W3C standards. Since the W3C's membership includes key DRM patent owners, it's the one forum where such a standard can be set.

At EFF, we've spent decades defending people engaged in legitimate activities that companies or governments disliked: researchers who go public with defects in products whose users are blithely unaware of them; new entrants to monopolized markets who offer better products with features the cozy old guard don't like; public spirited archivists and accessibility workers who want to preserve digital culture and make sure everyone gets to use it.

We're dismayed to see the W3C literally overrule the concerns of its public interest members, security experts, accessibility members and innovative startup members, putting the institution's thumb on the scales for the large incumbents that dominate the web, ensuring that dominance lasts forever.

This will break people, companies, and projects, and it will be technologists and their lawyers, including the EFF, who will be the ones who'll have to pick up the pieces. We've seen what happens when people and small startups face the wrath of giant corporations whose ire they've aroused. We've seen those people bankrupted, jailed, and personally destroyed.

That's why we fought so hard at the W3C, and it's why we're fighting so hard to fix laws like Section 1201 of the DMCA. We've been suing the US government over the constitutionality of DMCA 1201; in the coming months, we'll be back at the US Copyright Office, arguing to maintain and extend the exemptions to 1201 we won in 2015.

As for the W3C... we're working on it. There is an appeals process for Tim Berners-Lee's decisions at the W3C, which has never been successfully triggered. The entire project of designing technology to control web users, rather than empowering them, has taken the W3C into uncharted waters, and this is the most unfamiliar of them all. We're looking into this, counting noses, and assessing our options. We'll keep you informed.

from Deeplinks http://ift.tt/2uzfIa1

#Deeplinks

0 notes