Category: Privacy & Security
-
Questions for the FBI on Encryption Mandates
I wrote on Monday about how to analyze a proposal to mandate access to encrypted data. FBI Director James Comey, at the University of Texas last week, talked about encryption policy and his hope that some kind of exceptional access for law enforcement will become available. (Here’s a video.) Let’s look at what Director Comey…
-
How to Analyze An Encryption Access Proposal
It looks like the idea of requiring law enforcement access to encrypted data is back in the news, with the UK government apparently pushing for access in the wake of the recent London attack. With that in mind, let’s talk about how one can go about analyzing a proposed access mandate. The first thing to…
-
How to buy physical goods using Bitcoin with improved security and privacy
Bitcoin has found success as a decentralized digital currency, but it is only one step toward decentralized digital commerce. Indeed, creating decentralized marketplaces and mechanisms is a nascent and active area of research. In a new paper, we present escrow protocols for cryptocurrencies that bring us closer to decentralized commerce. In any online sale of…
-
Pragmatic advice for buying “Internet of Things” devices
We’re hearing an increasing amount about security flaws in “Internet of Things” devices, such as a “messaging” teddy bear with poor security or perhaps Samsung televisions being hackable to become snooping devices. How are you supposed to make purchasing decisions for all of these devices when you have no idea how they work or if…
-
How the Politics of Encryption Affects Government Adoption
I wrote yesterday about reports that people in the White House are using encrypted communication apps more often, and why that might be. Today I want to follow up by talking about how the politics of encryption might affect government agencies’ choices about how to secure their information. I’ll do this by telling the stories of…
-
On Encryption Apps in the White House
Politico ran a long story today pointing to an increase in the use of encrypted communication apps by people in DC, government, and the White House specifically. Poisonous political divisions have spawned an encryption arms race across the Trump administration, as both the president’s advisers and career civil servants scramble to cover their digital tracks in…
-
Engineering around social media border searches
The latest news is that the U.S. Department of Homeland Security is considering a requirement, while passing through a border checkpoint, to inspect a prospective visitor’s “online presence”. That means immigration officials would require users to divulge their passwords to Facebook and other such services, which the agent might then inspect, right there, at the…
-
Regulatory Questions Abound as Mobile Payments Clamor for Position in Apps
People frequently associate mobile payments with “tap and pay” — walking into a store, flashing your smartphone, and then walking out with stuff. But in-store sales really aren’t the focus of companies working on mobile payment issues. That’s because payment in stores generally isn’t a problem in need of a fix. Swiping a payment card…
-
Concerned about Internet of Things Security?
There is no shortage of warnings about the need to improve security for the Internet of Things: The Guardian asks “Can we secure the internet of things in time to prevent another cyber-attack?”. The New York Times calls for “Stepping up Security for an Internet of Things world”. Technology Review reports that Security Experts Warn…
-
AdNauseam, Google, and the Myth of the “Acceptable Ad”
Earlier this month, we (Helen Nissenbaum, Mushon Zer-Aviv, and I), released a new and improved AdNauseam 3.0. For those not familiar, AdNauseam is the adblocker that clicks every ad in an effort to obfuscate tracking profiles and inject doubt into the lucrative economic system that drives advertising-based surveillance. The 3.0 release contains some new features we’ve been excited to…