Month: September 2009
-
Breaking Vanish: A Story of Security Research in Action
Today, seven colleagues and I released a new paper, “Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs”. The paper’s authors are Scott Wolchok (Michigan), Owen Hofmann (Texas), Nadia Heninger (Princeton), me, Alex Halderman (Michigan), Christopher Rossbach (Texas), Brent Waters (Texas), and Emmett Witchel (Texas). Our paper is the next chapter in an interesting story…
-
Android Open Source Model Has a Short Circuit
[Update: Google subsequently worked out a mechanism that allows Cyanogen and others to distribute their mods separate from the Google Apps.] Last year, Google entered the mobile phone market with a Linux-based mobile operating system. The company brought together device manufacturers and carriers in the Open Handset Alliance, explaining that, “Together we have developed Android™,…
-
The Markey Net Neutrality Bill: Least Restrictive Network Management?
It’s an exciting time in the net neutrality debate. FCC Chairman Jules Genachowski’s speech on Monday promised a new FCC proceeding that will aim to create a formal rule to replace the Commission’s existing policy statement. Meanwhile, net neutrality advocates in Congress are pondering new legislation for two reasons: First, there is a debate about…
-
Netflix's Impending (But Still Avoidable) Multi-Million Dollar Privacy Blunder
In my last post, I had promised to say more about my article on the limits of anonymization and the power of reidentification. Although I haven’t said anything for a few weeks, others have, and I especially appreciate posts by Susannah Fox, Seth Schoen, and Nate Anderson. Not only have these people summarized my article…
-
Improving the Government's User Interface
The White House’s attempts to gather input from citizens have hit some bumps, wrote Anand Giridharadas recently in the New York Times. This administration has done far more than its predecessors to let citizens provide input directly to government via the Internet, but they haven’t always received the input they expected. Giridharadas writes: During the…
-
NY Times Should Report on NY Times Ad Malware
Yesterday morning, while reading the New York Times online, I was confronted with an attempted security attack, apparently delivered through an advertisement. A window popped up, mimicking an antivirus scanner. After “scanning” my computer, it reported finding viruses and invited me to download a free antivirus scanner. The displays implied, without quite saying so, that…
-
Finnish Court Orders Re-Vote After E-Voting Snafu
The Supreme Administrative Court of Finland has ruled that three municipal elections, the first in Finland to use electronic voting, must be redone because of voting machine problems. (English summary; ruling in Finnish) The troubles started with a usability problem, which caused 232 voters (about 2% of voters) to leave the voting booth without fully…
-
Consolidation in E-Voting Market: ES&S Buys Premier
Yesterday Diebold sold its e-voting division, known as Premier Election Systems, to ES&S, one of Premier’s competitors. The price was low: about $5 million. ES&S is reportedly the largest e-voting company, and Premier was the second-largest, so the deal represents a substantial consolidation in the market. The odds of one major e-voting company breaking from…
-
Finding and Fixing Errors in Google's Book Catalog
There was a fascinating exchange about errors in Google’s book catalog over at the Language Log recently. We rarely see such an open and constructive discussion of errors in large data sets, so this is an unusual opportunity to learn about how errors arise and what can be done about them. The exchange started with…
-
When spammers try to go legitimate
I hate to sound like a broken record, complaining about professional mail distribution / spam-houses that are entirely unwilling to require their customers to follow a strict opt-in discipline. But I’m going to complain again and I’m going to name names. Today, I got a spam touting a Citrix product (“Free virtualization training for you…