Category: Privacy & Security
-
What happens when responsible disclosure fails?
The topic of how to handle security vulnerabilities has been discussed for years. Wikipedia defines responsible disclosure as: Responsible disclosure is a computer security term describing a vulnerability disclosure model. It is like full disclosure, with the addition that all stakeholders agree to allow a period of time for the vulnerability to be patched before…
-
When Technology Sanctions Backfire: The Syria Blackout
American policymakers face an increasingly complex set of choices about whether to permit commerce with “repressive regimes” for core internet technologies. The more straightforward cases involve prohibitions on US import of critical network technology from states that we suspect may include surveillance backdoors. For example, fears of “cyber espionage” have fueled a push for import…
-
No Longer Bit Players: Internet Governance & Economic Growth in Developing Countries
The 200 sovereign state members of the United Nations International Telecommunications Union (ITU) will gather in Dubai this week for the World Conference of International Telecommunications (WCIT). The WCIT is a treaty developed to facilitate global interconnection and interoperability between telecommunications carriers. The treaty was last reviewed in 1988, an era where the majority of telecommunications networks…
-
Smart Campaigns, Meet Smart Voters
Zeynep pointed to her New York Times op-ed, “Beware the Smart Campaign,” about political campaigns collecting and exploiting detailed information about individual voters. Given the emerging conventional wisdom that the Obama campaign’s technological superiority played an important role in the President’s re-election, we should expect more aggressive attempts to micro-target voters by both parties in…
-
My NYT Op-Ed: "Beware the Smart Campaign"
I just published a new opinion piece in the New York Times, entitled “Beware the Smart Campaign”. I react to the Obama campaign’s successful use of highly quantitative voter targeting that is inspired by “big data” commercial marketing techniques and implemented through state-of-the-art social science knowledge and randomized field experiments. In the op-ed, I wonder…
-
Uncertified voting equipment
(Or, why doing the obvious thing to improve voter throughput in Harris County early voting would exacerbate a serious security vulnerability.) I voted today, using one of the many early voting centers in my county. I waited roughly 35 minutes before reaching a voting machine. Roughly 1/3 of the 40 voting machines at the location…
-
Zuckerberg Goes to Russia as the Global Network Initiative Turns 4
The Global Network Initiative (GNI) was founded in October 2008 to help technology firms navigate the political implications of their success. Engineers at the world’s leading technology firms have been incredibly innovative, but do not always the global dynamics of their innovation. Moreover, they do not always acknowledge the ways in which politicians get involved…
-
My Work at Princeton: Mobile Technology, Community Building and Civic Engagement
I’m excited to spend my year as a Fellow at the Center for Information Technology Policy exploring and testing ideas about how broadband technology – particularly mobile wireless services – can and should be used to build strong local communities. I have always been interested in how seemingly simple improvements to the existing way of…
-
Unlocking Hidden Consensus in Legislatures
A legislature is a small group with a big impact. Even for people who will never be part of one, the mechanics of a legislature matter — when they work well, we all benefit, and when they work poorly, we all lose out. At the same time, with several hundred participants, legislatures are large enough…
-
Sloppy Reporting on the "University Personal Records" Data Breach by the New York Times Bits Blog
This morning I ran across a distressing headline while perusing my RSS feeds. The New York Times’ Bits Blog proclaimed that, “Hackers Breach 53 Universities and Dump Thousands of Personal Records Online.” I clicked, and was informed that: Hackers published online Monday thousands of personal records from 53 universities, including Harvard, Stanford, Cornell, Princeton, Johns…