Category: Privacy & Security
-
The Markey Net Neutrality Bill: Least Restrictive Network Management?
It’s an exciting time in the net neutrality debate. FCC Chairman Jules Genachowski’s speech on Monday promised a new FCC proceeding that will aim to create a formal rule to replace the Commission’s existing policy statement. Meanwhile, net neutrality advocates in Congress are pondering new legislation for two reasons: First, there is a debate about…
-
U.S. Objects to China's Mandatory Green Dam Censorware
Yesterday, the U.S. Commerce Secretary and Trade Representative sent a letter to China’s government, objecting to China’s order, effective July 1, to require that all new PCs sold in China have preinstalled the Green Dam Youth Escort censorware program. Here’s today’s New York Times: Chinese officials have said that the filtering software, known as Green…
-
China's New Mandatory Censorware Creates Big Security Flaws
Today Scott Wolchok, Randy Yao, and Alex Halderman at the University of Michigan released a report analyzing Green Dam, the censorware program that the Chinese government just ordered installed on all new computers in China. The researchers found that Green Dam creates very serious security vulnerabilities on users’ computers. The report starts with a summary…
-
On China's new, mandatory censorship software
The New York Times reports that China will start requiring censorship software on PCs. One interesting quote stands out: Zhang Chenming, general manager of Jinhui Computer System Engineering, a company that helped create Green Dam, said worries that the software could be used to censor a broad range of content or monitor Internet use were…
-
Photo censorship vs. digital photography
On the 20th anniversary of the Tiananmen Square events (protests? uprising? insurrection? massacre?), the New York Times’ Lens Blog put up a great piece about the four different photographers who photographed the iconic “Tank Man”. Inevitably, half of the story concerns the technical details of being in the right place and having the right equipment…
-
Chinese Internet Censorship: See It For Yourself
You probably know already that the Chinese government censors Internet traffic. But you might not have known that you can experience this censorship yourself. Here’s how: (1) Open up another browser window or tab, so you can browse without losing this page. (2) In the other window, browse to baidu.com. This is a search engine…
-
NJ Voting-machine trial update
Earlier this month I testified in Gusciora v. Corzine, the trial in which the plaintiffs argue that New Jersey’s voting machines (Sequoia AVC Advantage) can’t be trusted to count the votes, because they’re so easily hacked to make them cheat. I’ve previously written about the conclusions of my expert report: in 7 minutes you can…
-
More Privacy, Bit by Bit
Before the Holidays, Yahoo got a flurry of good press for the announcement that it would (as the LA Times puts it) “purge user data after 90 days.” My eagle-eyed friend Julian Sanchez noticed that the “purge” was less complete than privacy advocates might have hoped. It turns out that Yahoo won’t be deleting the…
-
Researchers Show How to Forge Site Certificates
Today at the Chaos Computing Congress, a group of researchers (Alex Sotirov, Marc Stevens, Jake Appelbaum, Arjen Lenstra, Benne de Weger, and David Molnar) announced that they have found a way to forge website certificates that will be accepted as valid by most browsers. This means that they can successfully impersonate any website, even for…
-
Security Seals on AVC Advantage Voting Machines are Easily Defeated
On September 2, 2008, I submitted a report to the New Jersey Superior Court, demonstrating that the DRE voting machines used in New Jersey are insecure: it is easy to replace the vote-counting program with one that fraudulently shifts votes from one candidate to another. In Section 10 of my report, I explained that There…