Category: Uncategorized
-
California review of the ES&S AutoMARK and M100
California’s Secretary of State has been busy. It appears that ES&S (manufacturers of the Ink-a-Vote voting system, used in Los Angeles, as well as the iVotronic systems that made news in Sarasota, Florida in 2006) submitted its latest and greatest “Unity 3.0.1.1” system for California certification. ES&S systems were also considered by Ohio’s study last…
-
Sequoia's Explanation, and Why It's Not the Whole Story
I wrote yesterday about discrepancies in the results reported by Sequoia AVC Advantage voting machines in New Jersey. Sequoia issued a memo giving their explanation for what might have happened. Here’s the relevant part: During a primary election, the “option switches” on the operator panel must be used to activate the voting machine. The operator…
-
Evidence of New Jersey Election Discrepancies
Press reports on the recent New Jersey voting discrepancies have been a bit vague about the exact nature of the evidence that showed up on election day. What has the county clerks, and many citizens, so concerned? Today I want to show you some of the evidence. The evidence is a “summary tape” printed by…
-
Privacy: Beating the Commitment Problem
I wrote yesterday about a market failure relating to privacy, in which a startup company can’t convincingly commit to honoring its customers’ privacy later, after the company is successful. If companies can’t commit to honoring privacy, then customers won’t be willing to pay for privacy promises – and the market will undersupply privacy. Today I…
-
Privacy and the Commitment Problem
One of the challenges in understanding privacy is how to square what people say about privacy with what they actually do. People say they care deeply about privacy and resent unexpected commercial use of information about them; but they happily give that same information to companies likely to use and sell it. If people value…
-
InfoTech and Public Policy Course Blog
Postings here have been a bit sparse lately, which I hope to remedy soon. In the meantime, you can get a hearty dose of tech policy blog goodness over at my course blog, where students in my course in Information Technology and Public Policy post their thoughts on the topic.
-
Cold Boot Attacks: Vulnerable While Sleeping
Our research on cold boot attacks on disk encryption has generated lots of interesting discussion. A few misconceptions seem to be floating around, though. I want to address one of them today. As we explain in our paper, laptops are vulnerable when they are “sleeping” or (usually) “hibernating”. Frequently used laptops are almost always in…
-
New Research Result: Cold Boot Attacks on Disk Encryption
Today eight colleagues and I are releasing a significant new research result. We show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which…
-
Comcast's Disappointing Defense
Last week, Comcast offered a defense in the FCC proceeding challenging the technical limitations it had placed on BitTorrent traffic in its network. (Back in October, I wrote twice about Comcast’s actions.) The key battle line is whether Comcast is just managing its network reasonably in the face of routine network congestion, as it claims,…
-
The continuing saga of Sarasota's lost votes
At a hearing today before a subcommittee of Congress’s Committee on House Administration, the U.S. Government Accountability Office (GAO) reported on the results of their technical investigation into the exceptional undervote rate in the November 2006 election for Florida’s 13th Congressional District. David Dill and I wrote a long paper about shortcomings in previous investigations,…