A Geek With Guns

Chronicling the depravities of the State.

Archive for the ‘Technology’ tag

Advertising Self-Hosted Services

without comments

The ceaseless lock down that many states are experiencing has lead to the inevitable push back. Protests have already taken place in a number of states and more protests are being planned. Unfortunately, many of these protests are being organized on Facebook and Facebook has decided to remove them.

It probably doesn’t surprise anybody that I have friends interested or participating in the protests in Minnesota. When I saw them posting on social media saying that the latest protest event had been removed, I saw a number of people recommend other centralized social media sites such as MeWe and Minds. I have a tradition when I see such recommendations. I point out that jumping from one centralized social media site to another simply kicks the can down the road because they could decide to implement restrictions at any point and that the only long term solution is using self-hosted services to advertise events. The usual rebuttal I received is a variation of we have to post the event where the people are (falsely implying that many people use MeWe or Minds). Apparently there is a lot of misunderstanding about using self-hosted services to organize events.

When you use a self-hosted service, you don’t have to isolate it from everything else. You can advertise your self-hosted service on Facebook, Twitter, and other centralized social media sites. The point of a self-hosted service is to be authoritative and under your sole control. When you share a link to your self-hosted service, you note that the website you’re hosting is the place to go for official information. If Facebook removes your post, it doesn’t matter because the people who have already seen it will know where to go for updates to your event and because Facebook cannot remove your website. The official information still exists and can be shared with interested parties.

Written by Christopher Burg

May 4th, 2020 at 6:30 am

Posted in Self-Hosting

Tagged with

Mullvad VPN

without comments

Periodically I’m asked to recommend a good Virtual Private Network (VPN) provider. I admit that I don’t spend a ton of time researching VPN providers because my primary use case for VPNs is to access my local network and secure my communications when traveling so most of the time I use my own VPN server. When I want to guard my network traffic against my Internet Service Provider (ISP), I use Tor. With that said, I do try to keep at least one known decent VPN provider in my back pocket to recommend to friends.

In the past I have usually recommended Private Internet Access because it’s ubiquitous, affordable, and its claim that it doesn’t keep logs has been proven in court. However, Private Internet Access is based in the United States, which means it can be subject to National Security Letters (NSL). Moreover, Private Internet Access was recently acquired by Kape Technologies. Kape Technologies has a troubling past and you can never guarantee that a company will maintain the same policies after it has been purchased so I’ve been looking at some alternative recommendations.

Of the handful with which I experimented, I ended up liking Mullvad VPN the most. In fact I ended up really liking it (for me finding a decent VPN provider is usually an exercise in finding the least terrible option).

Mullvad is headquartered in Sweden, which means it’s not subject to NSLs or other draconian United States laws (it’s subject to Swedish laws, but I’m outside of that jurisdiction). But even if it’s subjected to some kind of surveillance law, Mullvad goes to great length to enable you to be anonymous, which greatly hinders its ability to surveil you. To start with your account is just a pseudorandomly generated number. You don’t need to provide any identifiable information, not even an e-mail address. When you want to log in to pay your account, you simple enter your number. The nice thing about this is that the number is also easily disposed of. Since you can generate a new account by simply clicking on a link, you can throw away your account whenever you want. You can even generate accounts via its onion service (this link will only work if you’re using the Tor Browser).

Mullvad’s pricing is €5 (roughly $5.50 when I last paid) per month. Paying per month allows you to change accounts every month if you want. Payments can be made using more traditional services such as credit cards and PayPal, but you can also use more anonymous payment options such as Bitcoin and Bitcoin Cash (I would like to see the option of using Monero since it has anonymity built-in).

The thing that initially motivated me to test Mullvad was the fact that it uses WireGuard. WireGuard is our new VPN overlord. If you’re new to WireGuard or less technically inclined, you can download and use Mullvad’s app. If you’re familiar with WireGuard or willing to learn about it, you can use Mullvad’s configuration file generator to generate WireGuard configuration files for your system (this is how I used it). Mullvad also supports OpenVPN, but I didn’t test it because it’s 2020 and WireGuard is our new VPN overlord.

Like most decent VPN providers, Mullvad also has a page to check if your Mullvad connection is setup correctly. It performs the usual tasks of reporting if you’re connecting through a Mullvad server and if your Domain Name System (DNS) requests are leaking. It also attempts to check if your browser is leaking information through WebRTC. You can also test your torrent client in case you want to download Linux distros (because that’s the only thing anybody downloads via BitTorrent) more securely.

I didn’t come across anything egregious with Mullvad, but don’t take my recommendation too seriously (this is the caveat I give to everybody who asks me to recommend a VPN provider). My VPN use case isn’t centered around maintaining anonymity and I didn’t perform thorough testing in that regard. Instead I tested it based on my use case, which is mostly protecting my connection from local actors when traveling. As with anything, you should test the service yourself.

Written by Christopher Burg

April 15th, 2020 at 6:00 am

The Users and the Used

without comments

I’m happy that computer technology (for the purpose of this post, I mean any device with a computer in it, not a traditional desktop or laptop) has become ubiquitous. An individual who wants a computer no longer has to buy a kit and solder it together. Instead they can go to the store and pick up a device that will be fully functional out of the box. This has lead to a revolution in individual capabilities. Those of us who utilize computers can access a global communication network from almost anywhere using a device that fits in our pocket. We can crank out printed documents faster than any other time in human history. We can collect data from any number of sources and use it to perform analysis that was impractical before ubiquitous access to computers. In summary life is good.

However, the universe is an imperfect place and few things are without their downsides. The downside to the computer revolution is that there are, broadly speaking, different classes of users. They are often divided into technical and non-technical users, but I prefer to refer to them as users and used. My categorization isn’t so much based on technical ability (although there is a strong correlation) as by whether one is using their technology or being used by it.

Before I continue, I want to note that this categorization, like all attempts to categorize unique individuals, isn’t black and white. Most people will fall into the gray area in between the categories. The main question is whether they fall more towards the user category of the used.

It’s probably easiest to explain the used category first. The computing technology market is overflowing with cheap devices and free services. You can get a smartphone for little or even nothing from some carriers, an Internet connected doorbell for a pittance, and an e-mail account with practically unlimited storage for free. On the surface these look like amazing deals, but they come with a hidden cost. The manufacturers of those devices and providers of those services, being predominantly for-profit companies, are making their money in most cases by collecting your personal information and selling it to advertisers and government agencies (both of which are annoying, but the latter can be deadly). While you may think you’re using the technology you’re actually being used through it by the manufacturers and providers.

A user is the opposite. Instead of using technology that uses them, they use technology that they dominate. For example, Windows 10 was a free upgrade for users of previous versions of Windows. Not surprisingly, Windows 10 also collects a lot of personal information. Instead of using Windows 10, users of that operating system are being used by it. The opposite side of the spectrum is something like Linux from Scratch, where a user creates their own Linux distro from the ground up so they know every component that makes up their operating system. As I stated earlier most people fall into the gray area between the extremes. I predominantly run Fedora Linux on my systems. As far as I’m aware there is no included spyware and the developers aren’t otherwise making money by exploiting my use of the operating system. So it’s my system, I’m using it, not being used through it.

Another example that illustrates the user versus the used categories is online services. I sometimes think everybody on the planet has a Gmail account. Its popularity doesn’t surprise me. Gmail is a very good e-mail service. However, Gmail is primarily a mechanism for Google to collect information to sell to advertisers. People who use Gmail are really being used through it by Google. The opposite side of the spectrum (which is where I fall in this case) is self-hosting an e-mail server. I have a physical server in my house that runs an e-mail server that I setup and continue to maintain. I am using it rather than being used by it.

I noted earlier in this article that there is a strong correlation between technical people and users as well as non-technical people and those being used. It isn’t a one-to-one correlation though. I know people with little technical savvy who utilize products and services that aren’t using them. Oftentimes they have a technical friend who assists them (I’m often that friend), but not always. I would actually argue that the bigger correlation to users and those being used is those who are curious about technology versus those who aren’t. I know quite a few people with little technical savvy who are curious about technology. Their curiosity leads them to learn and they oftentimes become technically savvy in time. But before they do they often make use of technology rather than be used by it. They may buy a laptop to put Linux on it without having the slightest clue at first how to do it. They may setup a personal web server poorly, watch it get exploited, and then try again using what they learned from their mistakes. They may decide to use Signal instead of WhatsApp not because they understand the technical differences between the two but because they are curious about the “secure communications app” that their technical friends are always discussing.

Neither category is objectively better. Both involve trade-offs. I generally encourage people to move themselves more towards the user category though because it offers individuals more power over the tools they use and I’m a strong advocate for individual power. If you follow an even slightly radical philosophy though, I strongly suggest that you to move towards the user category. The information being collected by those being used often finds its way into the hands of government agents and they are more than happy to make use of it to suppress dissidents.

Written by Christopher Burg

April 14th, 2020 at 6:00 am

Upgrading My Network

without comments

The network at my previous dwelling evolved over several years, which made it a hodgepodge of different gear. Before I moved out the final form of it was a Ubiquiti EdgeMax router, a Ubiquiti Edge Switch, and an Apple Airport Extreme (I got a good deal on it, but it was never something I recommended to people). When I bought my new house I decided to upgrade my network to Ubiquiti UniFi gear. For those who are unaware UniFi gear fits into that niche between consumer and enterprise networking gear (it’s often touted as enterprise gear, but I have my doubts that it would work as well on a massive network spanning multiple locations as more traditional enterprise gear) often referred to as prosumer or SOHO (Small Office/Home Office).

Because I live out in the boonies, my Internet connection is pretty lackluster so I opted for a Security Gateway 3P for my router (it’s generally agreed that the hardware is too slow to keep up with the demands of many modern Internet connections, but I don’t have to worry about that). If I had built a new house, I’d have put Ethernet drops in every room, but I bought a preexisting house with no Ethernet drops, which meant Wi-Fi was going to be my primary form of network connectivity. I still needed Ethernet connections for my servers though so I opted for a 24-port switch as my backbone and AP-AC-M access points for Wi-Fi. The AP-AC-M access points provide mesh networking, which is nice in a house without Ethernet drops because you can extend your Wi-Fi network by connecting new access points to already installed access points. Moreover, they’re rated for outdoor use so I can use them to extend my Wi-Fi network across my property.

A UniFi network is really a software defined network, which means that there is a central controller that you enter your configuration information into and it pushes the required settings out to the appropriate devices. Ubiquiti provides the Cloud Key as a hardware controller, but I already have virtual machine hosts aplenty so I decided to setup a UniFi Controller in a virtual machine.

Previously I was resistant to the idea of having to have a dedicated controller for my network. However, after experiencing software defined networking, I don’t think I could ever go back. Making a single change in one location and having that change propagated out to my entire network is a huge time saver. For example, I decided that I wanted to setup a guest Wi-Fi network. Without a central controller this would have required me to log into the web interface of each access point and enter the new guest network configuration. With a software defined network I merely add the new guest network configuration into my UniFi Controller and it pushes that configuration to each of my access points. If I want to change the Wi-Fi Protected Access (WPA) password for one of my wireless networks, I can change it in the UniFi Controller and each access point will receive the update.

The UniFi Controller also provides a lot of valuable information. I initially setup my wireless network with two access points, but the statistics in the UniFi Controller indicated that my wireless coverage wasn’t great in the bedroom, was barely available on my three season porch, and was entirely unavailable out by my fire pit. I purchased a third access point and rearranged the other two and now have excellent Wi-Fi coverage everywhere I want it. While I could have gathered the same information on a network without a centralized controller by logging into each access point individually, it would have been a pain in the ass. The UniFi Controller also allows you to upload the floor plan of your home and it will show you the expected Wi-Fi coverage based on where you place your access points. I haven’t used that feature yet (I need to create the floor plan in a format that the controller can use), but I plan on playing with it in the future.

Overall the investment into more expensive UniFi gear has been worth it to me. However, most people probably don’t need to spend so much money on their home network. I know many people are able to do everything they want using nothing more than the all in one modem/switch/Wi-Fi access point provided by their Internet Service Provider (admittedly I don’t trust such devices and always place them outside of my network’s firewall). But if you need to setup a network that is more complex than the average home network, UniFi gear is something to consider.

Written by Christopher Burg

April 13th, 2020 at 9:41 pm

Posted in Technology

Tagged with

The Importance of Open Platforms

without comments

Late last week I pre-ordered the UBports Community Edition PinePhone. It’s not ready for prime time yet. Neither of the cameras work and the battery life from what I’ve read is around four to five hours and there are few applications available at the moment. So why did I pre-order it? Because UBports has been improving rapidly, my iPhone is the last closed platform I run regularly (I keep one macOS machine running mostly so I can backup my iPhone to it), and open platforms may soon be our only option for secure communications:

Signal is warning that an anti-encryption bill circulating in Congress could force the private messaging app to pull out of the US market.

Since the start of the coronavirus pandemic, the free app, which offers end-to-end encryption, has seen a surge in traffic. But on Wednesday, the nonprofit behind the app published a blog post, raising the alarm around the EARN IT Act. “At a time when more people than ever are benefiting from these (encryption) protections, the EARN IT bill proposed by the Senate Judiciary Committee threatens to put them at risk,” Signal developer Joshua Lund wrote in the post.

I used Signal as an example for this post, but in the future when (it’s not a matter of if, it’s a matter of when) the government legally mandates cryptographic back doors in consumer products (you know the law will have an exception for products sold to the government) it’ll mean every secure communication application and platform will either have to no longer be made available in the United States or will have to insert a back door that allows government agents and anybody else who can crack the back door complete access to our data.

On an open platform such a Linux this isn’t the end of the world. I can source both my operating system and my applications from anywhere. If secure communication applications are made illegal in the United States, I have the option of downloading and use an application made in a freer area or better yet developed anonymously (it’s much harder to enforce these laws if the government can’t identify and locate the developers). Closed platforms such as iOS and Android (although Android to a lesser extent since it still allows side loading of applications and you can download an image built off of the Android Open Source Project) require you to download software from their walled garden app stores. If Signal is no longer legally available in the United States, people running iOS and Android will no longer be able to use Signal because those apps will no longer be available in the respective United States app stores.

As the governments of the world continue to take our so-called civil rights behind a shed and unceremoniously put a bullet in their heads closed platforms will continue to become more of a liability. Open platforms on the other hand can be developed by anybody anywhere. They can even be developed anonymously (Bitcoin is probably the most successful example of a project whose initial developer remains anonymous), which makes it difficult for governments to put pressure on the developers to comply with laws.

If you want to ensure your ability to communicate securely in the future and you haven’t already transitioned to open platforms, you should either begin your transition or at least begin to plan your transition. Not all of the pieces are ready yet. Smartphones remain one area where open platforms are lagging behind, but there is a roadmap available so you can at least begin planning a move towards open an smartphone (and at $150 the PinePhone is a pretty low risk platform to try).

Written by Christopher Burg

April 13th, 2020 at 6:00 am

Don’t Use Zoom

with 3 comments

With most of the country under a stay at home order turned into a prison, people are turning to video conferencing software to socialize. With all of the available options out there somehow the worst possible option has become the most popular (which seems like the overarching theme to our current crises). Zoom appears to have become the most popular video conferencing software for people imprisoned in their homes.

Don’t use Zoom.

Why? First, the company uses misleading marketing. If you’ve seen some of the company’s marketing, you might be under the mistaken impression Zoom video conferences are end-to-end encrypted. They’re not. But that’s the tip of the iceberg. A while back Zoom pulled a rather sneaky maneuver and installed a secret web server on Macs, which was supposedly meant to make using the software easier for Safari users (the claim was bullshit). Apple wasn’t amused and removed the software via an update. Zoom did remove that functionality, but the software still had surprises in store for Mac users. It turns out that it contained a security vulnerability that allowed a remote attacker to access the computer’s webcam and microphone… oh and provided them with root access. Don’t worry Windows users, Zoom didn’t forget about you. The Windows version of Zoom contained a vulnerability that allowed attackers to steal system password. And so everybody could suffer equally, Zoom made it easy for randos to join supposedly private video conferences.

I’m not even done yet. Zoom also leaked users’ e-mail addresses and photos to randos and, until it was caught, was also selling personal data to Facebook.

So I reiterate, don’t use Zoom.

Written by Christopher Burg

April 2nd, 2020 at 6:00 am

Posted in Technology

Tagged with ,

Maybe the Nomads Had It Right

with one comment

Over the last year I’ve done a lot of thinking about statism. I think that it’s safe to say that statism is the predominant ideology of our time. Most so-called revolutionaries don’t talk about eliminating the state, they talk about replacing current states with a more idealistic ones. Even a lot of so-called anarchists fall into this trap. For example, if you talk to an anarcho-communist, they’ll tell you that humanity won’t be truly free until every worker enjoys the same democratic control over their workplace. However, are you really free if your actions are decided by a majority vote? I would argue that you aren’t.

My thinking has lead me to look for historical alternatives to modern statism. If you read enough about human history, you’ll likely come across the fact that until very recently there has been two widespread societal ideologies: sedentary and nomadic. As James C. Scott notes in his book Against the Grain sedentary societies gave rise to statism. Throughout most of human history nomadic people tended to be healthier, happier, and, obviously, overall less centralized.

The health aspect likely comes from the fact that humans only recently figured out how to keep a lot of tightly packed people sanitary (it turns out we’re a filthy species). Until our species figured that out, disease was rampant in cities (COVID-19 was nothing compared to the plagues that frequented cities just a short while ago). Happiness is a harder thing to define and understand. However, nomadic people were able to pick up their entire lives and migrate elsewhere quickly, which made them much harder to oppress. If a tribe on the Asian Steppe didn’t like the conditions they were living under, they could pack up and move to greener pastures. It’s easy for me to see how that would make people happier.

So what happened? If nomadic people were healthier and happier, how did sedentary societies become the dominant societal form? I can’t answer that question authoritatively (I don’t think anybody can), I can only provide some hypotheses. I think the largest contributor to the domination of sedentary societies was the Industrial Revolution. Factories were necessarily centralized and factory jobs during the Industrial Revolution were often the highest paying jobs. It is also easy to see how the state was able to become more authoritarian as more and more people migrated into tightly packed cities (there’s a reason the most authoritarian regimes tightly control travel) and as the state claimed monopoly powers over critical infrastructure such as electricity, power, and sanitation. If you live in a city, the very things you depend on to survive are likely entirely controlled by the state and that gives it literal power of life and death.

However, I do have some home that the situation we find ourselves in is an anomaly. Due to the COVID-19 scare, I am working from home for the indefinite future. This hasn’t cause me any trouble since technology has evolved to the point where I can do my work from anywhere that has an Internet connection. Many people are in the same boat as I am. Moreover, technology is advancing in factory automation. In a few years factory employees might be able to do their job, which will likely evolve into programming the machines that do the actual manufacturing, remotely as well. Amazon is already experimenting with automated grocery stores and delivery drones. If drone technology evolves sufficiently, it may become easy to get even highly perishable goods in the middle of nowhere.

As technology improves nomadic societies may make a resurgence. If that happens, it might reestablish the greatest historical alternative to statism.

Written by Christopher Burg

March 24th, 2020 at 6:30 am

Posted in Liberty

Tagged with ,

Maintaining a Currency

without comments

I like the idea of cryptocurrencies for several reasons. With the exceptions of ones started by governments or their cronies, they exist outside the direct control of governments. If designed properly, they can also enable anonymous transactions, which hinders the efforts of governments to use transaction information to oppress individuals. However, there is a lot of criticism aimed at cryptocurrencies. Some of the criticism is valid, but much of the criticism is idiotic when considered in the context of currencies in general.

One of the most common criticisms I see regarding cryptocurrencies is their energy consumption. Consider Bitcoin. There is a website dedicated to tracking the estimated power usage of the Bitcoin blockchain. As of this writing the site estimates the blockchain’s energy consumption at 73.12 TWh, which it says is roughly equivalent to the power usage of all of Austria. Consuming the power usage of an entire country to maintain a blockchain appears horribly inefficient… until you compare it to the resources used by other currencies.

Consider the United States dollar. It’s easy to make the mistake of assuming the dollar is a comparatively efficient currency since pieces of paper with pictures of dead tyrants don’t consume electricity. But there’s so much more involved in manufacturing an maintaining dollars. To start with you have the obvious raw materials needed to manufacture dollars. Ink, paper, printing machinery, etc. are needed to make every dollar. Not only is printing machinery used to print dollars, it also requires routine maintenance. Once the dollars are printed they must be stored so you need warehouse facilities. But not any warehouse facility will do. Being a highly sought after good, dollars must be stored in a warehouse that is secure against thieves. These secure storage facilities require hardened materials, security devices, electricity, manpower, etc. Then you have the issue of transporting dollars between storage facilities, which must also be done in a secure manner (armored trucks aren’t exactly fuel efficient vehicles).

The resources needed for manufacturing, storing, and circulating dollars is only a small percentage of the overall resources needed to maintain dollars. A fiat currency quickly becomes worthless if nongovernmental counterfeiters are able to practice their trade unhindered. There are two majors steps to thwarting counterfeiters: hardening the currency itself to make counterfeiting more difficult and punishing counterfeiters once they’re captured.

A dollar can have a lot of built-in security measures. Each of these measures requires resources for both development and implementation. Research and development is needed first to come up with measures that make dollars harder to counterfeit, then manufacturing machinery capable of implementing those measures must be developed, purchased, powered, and maintained.

Then you have the task of punishing captured counterfeiters. The first step in this process is writing and passing legislation, which can be an incredibly inefficient process. The legislation itself is meaningless though, it merely authorizes the allocation of resources for law enforcers. Dollars are probably the most common target of currency counterfeiters, which means the amount of law enforcement effort needed to find and capture counterfeiters is significant, especially when you consider the fact that such efforts must be global in scale. Once captured the counterfeiters must then be tried and, if found guilty, imprisoned. The court system isn’t designed for efficiency and prisons, like the previously mentioned secure warehouses, require a lot of resources to build, operate, and maintain.

What I’ve presented is an incomplete summary of the resources needed to maintain a fiat currency. It’s easy to see that they’re not a resource efficient as many people suspect. Criticizing cryptocurrencies for being inefficient without comparing such inefficiency to their biggest competitors, fiat currencies, is disingenuous and meaingless.

Written by Christopher Burg

October 17th, 2019 at 6:00 am

Posted in Economics

Tagged with , ,

Killing Yourself Slowly

with one comment

Trump is working to take this country back to the good old days of mercantilism when governments decided who would succeed and who would fail. Implementing tariffs was just the first act in his strategy to provide a supposed advantage to American companies. His latest act was far more blatant. He issued an executive order to prohibit Huawei from the United States market. In the aftermath of this executive order Google has revoked Huawei’s use of its services, including its Play Store:

President Trump issued an executive order last week banning “foreign adversaries” from doing telecommunication business in the US. The move was widely understood as a ban on Huawei products, and now we’re starting to see the fallout. According to a report from Reuters, Google has “suspended” business with Huawei, and the company will be locked out of Google’s Android ecosystem. It’s the ZTE ban all over again.

That’ll give a much needed boost to American device manufacturers, right? You know, all of those device manufacturers who manufacture their devices in China, where Huawei is headquartered. Because I’m sure this executive order won’t result in any reciprocation from the Chinese government.

But even if we set aside the likelihood of a Chinese retaliatory response, this executive order sends a rather clear message for companies headquartered outside of the United States. That message is that they shouldn’t rely on products or services from companies headquartered in the United States. Huawei can still use Android since it’s an open source project (a good reason to prefer open source code to closed source code) so it doesn’t have to write an operating system for its devices from scratch. It does have to figure out a replacement for Google’s proprietary bits though. There are several solid third-party clients available for Android that allow access to online calendaring, contacts, and e-mail services. Many of those clients are also open source. Huawei could utilize them in place of apps like Google Calendar, Google Contacts, and Google Mail (Google Maps is the tough one to replace but a third-party client could be written for it). So it would only need to worry about distribution and it has enough funding to build its own app store (it could also use something like F-Droid, but that’s unlikely). It could also make licensing money off of its app store by providing access to other Android device manufacturers who had their access revoked by Google due to an executive order.

Foreign companies aren’t going to stop doing business when the figurehead of the United States puts his signature on a piece of paper. They’re going to either make or buy replacements for everything can no longer use. If this behavior of barring foreign companies from business in the United States continues, companies headquartered outside of the United States are going to become more and more wary of relying on American products and services and instead seek foreign alternatives. American companies like Google will find themselves more and more isolated from the global market. The constantly dwindling market size will cause them serious economic hardship, which will translate into economic hardship for their employees.

Isolating domestic businesses from foreign markets is slow economic suicide.

Written by Christopher Burg

May 20th, 2019 at 8:00 am

Destructive Rights Management

with 3 comments

Digital Rights Management (DRM), and oxymoronic term since something ceases to be a right the second it’s managed, has been the bane of digital content consumers’ existence since it was first developed. Why does the single player game I bought need a constant Internet connection? DRM. Why is this audio CD trying to install a rootkit on my system? DRM. Why can’t I watch this movie I purchased from the iTunes Store on my Kodi box? DRM.

However, the greatest danger of DRM lies in the fact that any content protected by DRM can be taken away from you. This is a lesson that people who purchased e-books via Microsoft’s service (I’ll be honest, I didn’t even know Microsoft had an e-book service) are learning right now:

There’s bad news for users of Microsoft’s eBook store: the company is closing it down, and, with it, any books bought through the service will no longer be readable.

To soften the blow, the company has promised to refund any customers who bought books through the store (a clue that there may not have been that many of them, hence the closure. Microsoft did not offer further comment).

But just think about that for a moment. Isn’t it strange? If you’re a Microsoft customer, you paid for those books. They’re yours.

But they’re not yours. Why? DRM.

The upside for consumers is that Microsoft isn’t closing its e-book service because it’s is filing for bankruptcy, which means it’s is in a position to offer refunds (more on that in a moment). This situation makes it an oddity though. Oftentimes when a service shuts down it’s doing so because it has run out of money. If this were a small e-book distribution service, not only would its customers lose all access to the books that they purchased, but they would also receive no refund.

But let’s talk about Microsoft’s refund for a moment. If you go to the announcement page, you’ll see that there are some strings attached:

How do I get my refund?

Refund processing for eligible customers start rolling out automatically in early July 2019 to your original payment method. If your original payment method is no longer valid and on file with us, you will receive a credit back to your Microsoft account for use online in Microsoft Store.

If your original payment method is still valid (i.e. if your credit card hasn’t expired or been stolen) you will get a credit back. That’s actually pretty good but if the original payment method is no longer valid, you get Microsoft Fun Bucks, which you can use to buy more DRM encumbered content that may go away at any moment. That’s not as sweet of a deal.

The service will shutdown in July so if you’re in the middle of reading a book, you better finish it up before it’s taken away from you.

Written by Christopher Burg

April 4th, 2019 at 10:00 am

Posted in News You Need to Know

Tagged with