Amazon's CEO Jeff Bezos apologizes for Kindle ebook deletion [LWN.net]

Amazon's CEO Jeff Bezos apologizes for Kindle ebook deletion

Posted Jul 27, 2009 22:34 UTC (Mon) by MarkWilliamson (guest, #30166)
Parent article: Amazon's CEO Jeff Bezos apologizes for Kindle ebook deletion

'Our "solution" to the problem was stupid, thoughtless, and painfully out of line with our principles. It is wholly self-inflicted, and we deserve the criticism we've received.'

To me, the scandal is not just that they deleted books from users' devices, it's that they designed the device to permit remote deletion in the first place (IIRC this kill switch has been known about for a while? correct me if I'm wrong.).

There are all sorts of tradeoffs in a product - I personally dislike DRM, copy protection, etc but I can see that they can be applied in ways that don't upset your customers too much and that maybe make your content providers happier. I'd rather have a world without it but occasionally I see it done in a way I can *just about* live with for the time being.

But building in the ability to perform remote deletions - why even do that in a device you're intending to sell? Although I'm sure there are business arguments for including the feature, I think it crosses a line. DRM is bad because it restricts what a user can do with their device. But reserving rights to do things to the device yourself is even more distasteful!

As a consumer and technology enthusiast, the fact the device seems to aim to support remote delete is simply evidence of bad faith on the part of Amazon. They're reserving the right to do something that we know and they know (it seems from their press release) that they should never do. That doesn't inspire me with confidence. Whether or not this case is an, the fact remains: if they reserve the right to do it (and here my assumption is that the ToS permits remote deletions in principle), that means they are keeping open the option to *actually* do it. If they're keeping the option open, then there will always be mistakes and misjudgements even if they are acting in good faith.

If they really wanted to show that this was unintentional they would provide a patch to restrict document removal to local users. If they insist on keeping their "nuclear button" whilst simultaneously telling us how bad it is then it's just marketing spiel.

to post comments

Amazon's CEO Jeff Bezos apologizes for Kindle ebook deletion

Posted Jul 28, 2009 0:42 UTC (Tue) by MarkWilliamson (guest, #30166) [Link] (5 responses)

Update: Whilst I largely stand by what I just wrote, commenters at the Howling Void suggest that the remote deletion capability is provided to refund accidental purchases of books. (http://slashdot.org/comments.pl?sid=1315931&cid=28836261)

Seems like a somewhat weaselly way to tackle the problem of potential accidental purchases - they equally could have just put a well-designed "are you sure" dialogue on there, one would have thought. I wonder if they realised the control they had over the device and just got carried away.

I assume their DRM-free MP3 store doesn't have access to your computer in case you need a refund.

Still think it's an example of Amazon getting carried away with what they *can* do and not thinking about what they *should* do.

Amazon's CEO Jeff Bezos apologizes for Kindle ebook deletion

Posted Jul 28, 2009 0:48 UTC (Tue) by dlang (guest, #313) [Link] (4 responses)

it's not just refunds of accidental purchases. it's for any refunds.

I've purchased a couple books that were so unusable that I got refunds on them (less for the money involved than to have them not show up on the list)

Amazon's CEO Jeff Bezos apologizes for Kindle ebook deletion

Posted Jul 28, 2009 0:58 UTC (Tue) by MarkWilliamson (guest, #30166) [Link] (3 responses)

Unusable? Erk! I'd be disappointed if I bought a book from Amazon that wasn't readable on their device :-( But I suppose given the range of items they sell it wouldn't be feasible to verify them all.

All the same, the real issue seems to be that Amazon can delete stuff without your permission. Given that for DRM purposes they probably already authenticate that the OS has not been tampered with, they could have implemented a "Delete this book and receive a refund?" UI that popped up for remote deletion. That would have been harder to do, so I can understand them not doing it.

But at least then the user would *know* what was happening - I believe it's really the "backdoor" appearance of their current solution that makes people so angry.

Amazon's CEO Jeff Bezos apologizes for Kindle ebook deletion

Posted Jul 28, 2009 1:06 UTC (Tue) by dlang (guest, #313) [Link] (2 responses)

it is not that hard to modify the binaries on the kindle, so they do not have the absolute control over the software there that you assume that they have.

everyone, including Amazon (now) agrees that deleting stuff without notice is the wrong thing to do.

the remaining dispute is if Amazon is evil for having the _capability_ of deleting something from the kindle in the first place.

I suspect that the next time something like this comes up they will replace the book contents with a notice explaining what happened instead of just silently deleting the book, as well as sending notice about the refunds to people. but you never know until the next situation arises.

and it will arise, it's impossible for Amazon to know who really owns the copyright on something that is given to them.

Amazon's CEO Jeff Bezos apologizes for Kindle ebook deletion

Posted Jul 28, 2009 1:43 UTC (Tue) by MarkWilliamson (guest, #30166) [Link] (1 responses)

'it is not that hard to modify the binaries on the kindle, so they do not have the absolute control over the software there that you assume that they have.'

Interesting ... to what extent, though? Can you, e.g. modify the kernel? Modify the code that does the remote deletion? If so then there's a fairly straightforward fix waiting for some hacker out there to come up with. I'd be moderately surprised if they hadn't locked down their core components though - surely if they're using remote delete to implement refund they're going to want to verify that the deletion really did happen?

Amazon's CEO Jeff Bezos apologizes for Kindle ebook deletion

Posted Jul 28, 2009 2:07 UTC (Tue) by dlang (guest, #313) [Link]

the update mechanism appears to be well understood, and with that people have modified things like the web browsers, the screen savers, and the fonts, as well as installing new applications that run int he background (file format converters) and released 'update bundles' to allow script-kiddie level people to do the changes

others have reported going in and getting root shell access.

the code to allow amazon to delete books in not in the kernel, it's in the userspace applications.

I've seen at least one report of someone going in and doing much more drastic changes (putting their own linux distro on the box), at the time they didn't have the display and several of the keys working, and since those have explicit support in the kindle kernel patches, this indicates that they probably replaced the kernel along with everything else. but I don't know for sure.

remember that users can mount the kindle as a UDB drive and copy documents to/from the device, so even if amazon issued the command to delete the file, they can't prevent you from copying the file back onto the kindle later.

and taking the approach of blacklisting a filename and deleting it any time it's seen is a _very_ dangerous thing to do, just from a reliability point of view. I would be surprised if they had done so.

as for them locking things down, the Tivo and game console hackers have shown that that sort of thing isn't going to stop the people who are determined to go in and change things, Amazon seems to just be putting up enough of a roadblock to stop casual changes (and to protect themselves from applying the wrong update to the wrong system), but not going to great lengths to try and stop people.

as I understand it, even the DRM they use for their books is something that has been broken quite a while ago. again, it's enough to stop casual copying, but not determined abuse.