Tuesday, 30 April 2019

Securepairs.org will send debullshitifying security researchers to Right to Repair hearings to fight industry FUD

Dozens of Right to Repair bills were introduced across the USA last year, only to be defeated by hardcore lobbying led by Apple and backed by a rogue's gallery of giant manufacturers of every description; one of the most effective anti-repair tactics is to spread FUD about the supposed security risks of independent repairs.

Enter Securerepairs.org, a new nonprofit founded by Paul Roberts, whose experts (including "Harvard University’s Bruce Schneier, bug bounty expert Katie Moussouris, and ACLU technologist Jon Callas") will attend Right to Repair hearings to counter this industry bullshit and explain how "Fixable stuff is secure stuff."

Securepairs.org believes instead in the notion that there’s no such thing as security through obscurity; a robust system will still be secure even if people know how it works. Releasing repair manuals and spare parts shouldn’t undermine an already sound smartphone. The group even takes the idea one step further, arguing that right to repair laws would make devices more safe, by allowing consumers to quickly replace failing parts or update buggy software. For example, John Deere tractors can often only be updated by licensed technicians. Farmers who can't afford to wait have resorted to hacking into their tractors with black market firmware, a far less safe option than, say, using diagnostic tools John Deere could release itself.

Security Experts Unite Over the Right to Repair [Louise Matsakis/Wired]