Category: Privacy & Security
-
An empirical study of Namecoin and lessons for decentralized namespace design
[Let’s welcome to Freedom to Tinker first-year grad student Miles Carlsten, who, with fellow first-years Harry Kalodner and Paul Ellenbogen, worked on a neat study of Namecoin. — Arvind Narayanan] Namecoin is a Bitcoin-like cryptocurrency that aims to create a secure decentralized namespace — that is, an online system that maps names to values, but without…
-
The story behind the picture of Nick Szabo with other Bitcoin researchers and developers
Reddit seems to have discovered this picture of a group of 20 Bitcoin people having dinner, and the community seems intrigued by Nick Szabo’s public presence. It’s actually an old picture, from March 2014. I was the chief instigator of that event, so let me tell the story of how that amazing group of people happened…
-
Bitcoin faces a crossroads, needs an effective decision-making process
Joint post with Andrew Miller. Virtually unknown outside the Bitcoin community, a debate is raging about whether or not to increase the maximum size of Bitcoin blocks. Blocks are created in Bitcoin roughly once every ten minutes and are currently limited to a size of 1 megabyte, putting a limit on the rate at which…
-
The Error of Fast Tracking the Trans-Pacific Partnership Agreement
National media reported yesterday that a Congressional agreement has been reached on so-called “fast track” authority for the Trans-Pacific Partnership Agreement (TPP). This international agreement, having been negotiated under extreme secrecy by 12 countries including the United States, Australia, Canada, Japan, Malaysia and Singapore, is supposed to be an “ambitious, next-generation, Asia-Pacific trade agreement that reflects…
-
Bitcoin is a game within a game
In this series on Bitcoin and game theory, I’ve argued that Bitcoin’s stability is fundamentally a game-theoretic proposition and shown how we’ve had blind spots for years in our theoretical understanding of mining strategy. In this post, I’ll get to the question of the discrepancy between theory and practice. As I pointed out, even though…
-
Scan This or Scan Me? User Privacy & Barcode-Scanning Applications
[Please welcome guest bloggers Eric Smith and Nina Kollars. Eric Smith serves as the Chief Information Security Officer (CISO) for a higher ed consortium with membership consisting of Bucknell University, Franklin & Marshall College and Susquehanna University. Nina Kollars is assistant professor of government at Franklin & Marshall college, where her scholarship examines the ways…
-
Bitcoin and game theory: we’re still scratching the surface
In an earlier post I argued why Bitcoin’s stability is fundamentally a game-theoretic proposition, and ended with some questions: Can we effectively model the system with all its interacting components in the language of strategies and payoff-maximization? Is the resulting model tractable — can we analyze it mathematically or using simulations? And most importantly, do…
-
Be wary of one-time pads and other crypto unicorns
Yesterday, a new messaging app called Zendo got some very favorable coverage from Tech Crunch. At the core of their sales pitch is the fact that they use one-time pads for encryption. With a few strong assumptions, namely that the pads are truly random and are only used once, it’s true that this scheme is “unbreakable”…
-
Security flaw in New South Wales puts thousands of online votes at risk
Update April 26: The technical paper is now available Update Mar. 23 1:30 PM AEDT: Our response to the NSWEC’s response New South Wales, Australia, is holding state elections this month, and they’re offering a new Internet voting system developed by e-voting vendor Scytl and the NSW Electoral Commission. The iVote system, which its creators…
-
What should we do about re-identification? A precautionary approach to big data privacy
Computer science research on re-identification has repeatedly demonstrated that sensitive information can be inferred even from de-identified data in a wide variety of domains. This has posed a vexing problem for practitioners and policy makers. If the absence of “personally identifying information” cannot be relied on for privacy protection, what are the alternatives? Joanna Huey,…