Month: February 2008
-
pesky details with getting a voting system correct
Today was the last day of early voting in Texas’s primary election. Historically, I have never voted in a primary election. I’ve never felt I identified enough with a particular political party to want to have a say in selecting their candidates. Once I started working on voting security, I discovered that this also allowed…
-
Cold Boot Attacks: Vulnerable While Sleeping
Our research on cold boot attacks on disk encryption has generated lots of interesting discussion. A few misconceptions seem to be floating around, though. I want to address one of them today. As we explain in our paper, laptops are vulnerable when they are “sleeping” or (usually) “hibernating”. Frequently used laptops are almost always in…
-
New Research Result: Cold Boot Attacks on Disk Encryption
Today eight colleagues and I are releasing a significant new research result. We show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which…
-
Comcast's Disappointing Defense
Last week, Comcast offered a defense in the FCC proceeding challenging the technical limitations it had placed on BitTorrent traffic in its network. (Back in October, I wrote twice about Comcast’s actions.) The key battle line is whether Comcast is just managing its network reasonably in the face of routine network congestion, as it claims,…
-
The continuing saga of Sarasota's lost votes
At a hearing today before a subcommittee of Congress’s Committee on House Administration, the U.S. Government Accountability Office (GAO) reported on the results of their technical investigation into the exceptional undervote rate in the November 2006 election for Florida’s 13th Congressional District. David Dill and I wrote a long paper about shortcomings in previous investigations,…
-
Google Objects to Microhoo: Pot Calling Kettle Black?
Last week Microsoft offered to buy Yahoo at a big premium over Yahoo’s current stock price; and Google complained vehemently that Microsoft’s purchase of Yahoo would reduce competition. There’s been tons of commentary about this. Here’s mine. The first question to ask is why Microsoft made such a high offer for Yahoo. One possibility is…
-
Unattended Voting Machines, As Usual
It’s election day, so tradition dictates that I publish some photos of myself with unattended voting machines. To recap: It’s well known that paperless electronic voting machines are vulnerable to tampering, if an attacker can get physical access to a machine before the election. Most of the vendors, and a few election officials, claim that…
-
Internet Voting
(or, how I learned to stop worrying and love having the whole world know exactly how I voted) Tomorrow is “Super Tuesday” in the United States. Roughly half of the delegates to the Democratic and Republican conventions will be decided tomorrow, and the votes will be cast either in a polling place or through the…