Year: 2014
-
A technological approach to better living, for D.C. and beyond
Washington, D.C., could be a leader in the United States — and worldwide — in using technology to improve the lives of its residents and visitors. As a rapidly growing city with a diverse and highly educated population, the District is a leader in law, education, tourism and, of course, government. With this mass of…
-
Bitcoin mining is NP-hard
This post is (mostly) a theoretical curiosity, but a discussion last week at CITP during our new course on Bitcoin led us to realize that being an optimal Bitcoin miner is in fact NP-hard. NP-hardness is a complexity classification used in computer science to describe many optimization problems for which we believe there is no algorithm…
-
Four Fair Use Takeaways from Cambridge University Press v. Patton
The most important copyright and educational fair use case in recent memory (mine, at least) was decided by the Eleventh Circuit Court of Appeals last week. The case, Cambridge University Press v. Patton, challenged Georgia State University’s use of e-reserves in courses offered by the university. The copyrighted works at issue were scholarly books–i.e., a…
-
POODLE and the fundamental market failure of browser security
Last week saw the public disclosure of the POODLE vulnerability, a practical attack allowing a network attacker to steal plaintext from HTTPS connections. In particular, this attack can be used to steal authentication cookies. It’s a bad vulnerability, and it particularly hurts because it should have been fixed long ago. It only affects the ancient SSL v3 protocol, which was…
-
On the value of encrypting your phone
This is a true story. Yesterday my phone crashed, and it wouldn’t reboot. Actually it would do nothing but reboot, over and over, with a seemingly different error message every time. I tried all of the tricks available to a technically handy person, and nothing worked—I couldn’t get it out of the crash-reboot cycle. So…
-
Guessing passwords with Apple’s full-device encryption
With the recently-introduced iOS 8, Apple has switched to a encrypting a much larger amount of user data by default. Matt Green has provided an excellent initial look at a technical level and big-picture level and Apple has recently released a slightly more detailed specification document and an admirable promise never to include backdoors. This move, and Google’s prompt promise…
-
It’s time to bring Bitcoin and cryptocurrencies into the computer science curriculum
In the privacy technologies grad seminar that I taught last semester, Bitcoin proved to be the most popular topic among students. Two groups did very different and equally interesting final projects on Bitcoin and cryptocurrencies; more on that below. More broadly, we’re seeing a huge demand for learning the computer science underlying Bitcoin, both at…
-
Google Fights Genericide Claim (and Wins)
Google’s famous trademark in its name has just survived a challenger’s attempt to have it declared generic. In Elliott v. Google, a federal court in Arizona held last week that despite the public’s use of the word “googling” to mean “searching on the Internet,” the “Google” word mark still functions in the minds of consumers…
-
Security Audit of Safeplug "Tor in a Box"
Last month at the FOCI workshop, we presented a security analysis of the Safeplug, a $49 box which promised users “complete security and anonymity” online by sending all of their web traffic through the Tor onion routing network. Safeplug claims to offer greater usability, particularly for non-technical customers, than the state-of-the-art in anonymous Internet browsing:…
-
The Dangers of the New Trade Secrets Acts
First, I want to state how thrilled I am to be joining the great group here at CITP. Every CITP scholar that I’ve gotten to know over the past several years have become friends and influenced my work in areas ranging from voting machine code access to international lawmaking processes. I’m delighted to be a…