Month: February 2017
-
How the Politics of Encryption Affects Government Adoption
I wrote yesterday about reports that people in the White House are using encrypted communication apps more often, and why that might be. Today I want to follow up by talking about how the politics of encryption might affect government agencies’ choices about how to secure their information. I’ll do this by telling the stories of…
-
On Encryption Apps in the White House
Politico ran a long story today pointing to an increase in the use of encrypted communication apps by people in DC, government, and the White House specifically. Poisonous political divisions have spawned an encryption arms race across the Trump administration, as both the president’s advisers and career civil servants scramble to cover their digital tracks in…
-
RIP, SHA-1
Today’s cryptography news is that researchers have discovered a collision in the SHA-1 cryptographic hash function. Though long-expected, this is a notable milestone in the evolution of crypto standards. Kudos to Marc Stevens, Elie Bursztein, Pierre Karpma, Ange Albertine, and Yarik Markov of CWI Amsterdam and Google Research for their result. SHA-1 was standardized by…
-
Smart Contracts: Neither Smart nor Contracts?
Karen Levy has an interesting new article critiquing blockchain-based “smart contracts.” The first part of her title, “Book-Smart, not Street-Smart,” sums up her point. Here’s a snippet: Though smart contracts do have some features that might serve the goals of social justice and fairness, I suggest that they are based on a thin conception of…
-
Mitigating the Increasing Risks of an Insecure Internet of Things
The emergence and proliferation of Internet of Things (IoT) devices on industrial, enterprise, and home networks brings with it unprecedented risk. The potential magnitude of this risk was made concrete in October 2016, when insecure Internet-connected cameras launched a distributed denial of service (DDoS) attack on Dyn, a provider of DNS service for many large…
-
Regulation and Anti-Regulation
[Hi, Freedom to Tinker readers. I’m back at Princeton, having completed my tour of duty as Deputy U.S. CTO, so I can resume writing here. I’ll start with some posts on specific topics, like the one below. As time goes on, I’ll have a lot more to say about what I learned. –Ed Felten] Politicians often…
-
Engineering around social media border searches
The latest news is that the U.S. Department of Homeland Security is considering a requirement, while passing through a border checkpoint, to inspect a prospective visitor’s “online presence”. That means immigration officials would require users to divulge their passwords to Facebook and other such services, which the agent might then inspect, right there, at the…
-
Regulatory Questions Abound as Mobile Payments Clamor for Position in Apps
People frequently associate mobile payments with “tap and pay” — walking into a store, flashing your smartphone, and then walking out with stuff. But in-store sales really aren’t the focus of companies working on mobile payment issues. That’s because payment in stores generally isn’t a problem in need of a fix. Swiping a payment card…