Notices by Cory Doctorow (pluralistic@mamot.fr)

Hot take: if you play sound out of your phone around strangers in a public place, you should be shot. If that place is a public transit vehicle, you should be shot and pissed on.

(Why yes, I am in transit all day, thanks for asking)

"It turns out that if you put Elon Musk on the graph, almost the entire US population is crammed into a vertical bar, one pixel wide. Each pixel is $500 million wide, illustrating that $500 million essentially rounds to zero from the perspective of the wealthiest Americans."

-@kenshirriff, Wealth distribution in the United States

https://www.righto.com/2024/10/wealth-distribution-in-united-states.html

State-affiliated Chinese hackers penetrated AT&T, Verizon, Lumen and others; they entered their networks and spent months intercepting US traffic - from individuals, firms, government officials, etc - and they did it all without having to exploit any code vulnerabilities. Instead, they used the back door that the FBI requires every carrier to furnish:

https://www.wsj.com/tech/cybersecurity/u-s-wiretap-systems-targeted-in-china-linked-hack-327fc63b?st=C5ywbp&reflink=desktopwebshare_permalink

1/

"Generally, I don’t think rich people believe anything besides: 1. they are basically good; 2. they deserve their money and no one should take it; and 3. anything that threatens ideas 1. and 2. is bad. Everything else is pretty flexible."

-Elizabeth Lopatto

https://www.theverge.com/2022/12/2/23488770/elon-musk-texas-twitter-politics-republican

Here's a fun AI story: a security researcher noticed that large companies' AI-authored source-code repeatedly referenced a nonexistent library (an AI "hallucination"), so he created a (defanged) malicious library with that name and uploaded it, and thousands of developers automatically downloaded and incorporated it as they compiled the code:

https://www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/

1/

Earlier this month, Ed Pierson was supposed to fly from Seattle to New Jersey on Alaska Airlines. He boarded his flight, but then he had an urgent discussion with the flight attendant, explaining that as a former senior Boeing engineer, he'd specifically requested that flight because the aircraft wasn't a 737 Max:

https://www.cnn.com/travel/boeing-737-max-passenger-boycott/index.html

1/

Today's threads (a thread)

Inside: Palantir's NHS-stealing Big Lie; and more!

Archived at: https://pluralistic.net/2024/03/08/the-fire-of-orodruin/

#Pluralistic

1/

At long last, the San Francisco stop of the book tour for my new novel "The Bezzle" has been finalized: I'll be at the San Francisco Public Library Main Branch on Wednesday, March 13th, in conversation with Robin Sloan!

https://sfpl.org/events/2024/03/13/author-cory-doctrow-bezzle

--

Name your price for 18 of my DRM-free ebooks and support @eff with the Humble Cory Doctorow Bundle:

https://www.humblebundle.com/books/cory-doctorow-novel-collection-tor-books-books

2/

@feditips This is wrong. It's a common misunderstanding (so common I think it qualifies as the fediverse's first urban legend), but still wrong.

Unlisted toots are hidden only for nonfollowers on the same instance, not followers.

More here:
https://pluralistic.net/2023/04/16/how-to-make-the-least-worst-mastodon-threads/

20 years ago, I got in a (friendly) public spat with #ChrisAnderson, who was then the editor in chief of @WIRED. I'd publicly noted my disappointment with glowing *Wired* reviews of #DRM-encumbered digital devices, prompting Anderson to call me unrealistic for expecting the magazine to condemn gadgets for their DRM:

https://longtail.typepad.com/the_long_tail/2004/12/is_drm_evil.html

1/

Our monopoly is perfect, no matter what the touts claim

#MadisonSquareGarden #MSG #NYC

If you own an Alexa, you might enjoy its integration with #IFTTT, an easy scripting environment that lets you create your own little voice-controlled apps, like "start my Roomba" or "close the garage door." If so, tough shit, Amazon just nuked IFTTT for Alexa:

https://www.theverge.com/2023/10/25/23931463/ifttt-amazon-alexa-applets-ending-support-integration-automation

If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2023/10/26/hit-with-a-brick/#graceful-failure

1/

Amazon can do this because the Alexa's operating system sits behind a cryptographic lock, and any tool that bypasses that lock is a felony under #Section1201 of the #DMCA, punishable by a 5-year prison sentence and a $500,000 fine. That means that it's literally a crime to provide a rival OS that lets users retain functionality that Amazon no longer supports.

2/

This is the proverbial gun on the mantelpiece, a moral hazard and invitation to mischief that tempts Amazon executives to run a bait-and-switch con where they sell you a gadget with five features and then remotely kill-switch two of them. This is prime directive of the #DarthVaderMBA: "I am altering the deal. Pray I don't alter it any further."

So many companies got their business-plan at the Darth Vader MBA.

3/

The ability to revoke features after the fact means that companies can fuck around, but never find out. Apple sold millions of tracks via iTunes with the promise of letting you stream them to any other device you owned. After a couple years of this, the company caught some heat from the record labels, so they just pushed an update that killed the feature:

https://memex.craphound.com/2004/10/30/apple-to-ipod-owners-eat-shit-and-die-updated/

4/

That gun on the mantelpiece went off all the way back in 2004 and it turns out it was a *starter-pistol*. Pretty soon, everyone was getting in on the act. If you find an alert on your printer screen demanding that you install a "security update" there's a damned good chance that the "update" is designed to block you from using third-party ink cartridges in a printer that you (sorta) own:

https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer

5/

Selling your Tesla? Have fun being poor. The upgrades you spent thousands of dollars on go up in a puff of smoke the minute you trade the car into the dealer, annihilating the resale value of your car at the speed of light:

https://pluralistic.net/2022/10/23/how-to-fix-cars-by-breaking-felony-contempt-of-business-model/

Telsa has to detect the ownership transfer first. But once a product is sufficiently cloud-based, they can destroy your property from a distance without any warning or intervention on your part.

6/

That's what Adobe did last year, when it literally stole the *colors* from your Photoshop files, in history's SaaSiest heist:

https://pluralistic.net/2022/10/28/fade-to-black/#trust-the-process

But when we hear about remote killswitches in the news, it's usually part of a PR blitz for their virtues. Russia's invasion of Ukraine kicked off a new genre of these PR pieces, celebrating the fact that a #JohnDeere dealership was able to remotely brick looted tractors that had been removed to Chechnya:

https://pluralistic.net/2022/05/08/about-those-kill-switched-ukrainian-tractors/

7/

Today, Deere's PR minions are pitching search-and-replace versions of this story about Israeli tractors that Hamas is said to have looted, which were also remotely bricked.

But the main use of this remote killswitch isn't confounding war-looters: it's preventing farmers from fixing their own tractors without paying rent to John Deere.

8/

An even bigger omission from this narrative is the fact that John Deere is objectively Very Bad At Security, which means that the world's fleet of critical agricultural equipment is one breach away from being rendered permanently inert:

https://pluralistic.net/2021/04/23/reputation-laundry/#deere-john

There are plenty of good and honorable people working at big companies, from Adobe to Apple to Deere to Tesla to Amazon.

9/