Category: Uncategorized
-
Evidence of New Jersey Election Discrepancies
Press reports on the recent New Jersey voting discrepancies have been a bit vague about the exact nature of the evidence that showed up on election day. What has the county clerks, and many citizens, so concerned? Today I want to show you some of the evidence. The evidence is a “summary tape” printed by…
-
Privacy: Beating the Commitment Problem
I wrote yesterday about a market failure relating to privacy, in which a startup company can’t convincingly commit to honoring its customers’ privacy later, after the company is successful. If companies can’t commit to honoring privacy, then customers won’t be willing to pay for privacy promises – and the market will undersupply privacy. Today I…
-
Privacy and the Commitment Problem
One of the challenges in understanding privacy is how to square what people say about privacy with what they actually do. People say they care deeply about privacy and resent unexpected commercial use of information about them; but they happily give that same information to companies likely to use and sell it. If people value…
-
InfoTech and Public Policy Course Blog
Postings here have been a bit sparse lately, which I hope to remedy soon. In the meantime, you can get a hearty dose of tech policy blog goodness over at my course blog, where students in my course in Information Technology and Public Policy post their thoughts on the topic.
-
Cold Boot Attacks: Vulnerable While Sleeping
Our research on cold boot attacks on disk encryption has generated lots of interesting discussion. A few misconceptions seem to be floating around, though. I want to address one of them today. As we explain in our paper, laptops are vulnerable when they are “sleeping” or (usually) “hibernating”. Frequently used laptops are almost always in…
-
New Research Result: Cold Boot Attacks on Disk Encryption
Today eight colleagues and I are releasing a significant new research result. We show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which…
-
Comcast's Disappointing Defense
Last week, Comcast offered a defense in the FCC proceeding challenging the technical limitations it had placed on BitTorrent traffic in its network. (Back in October, I wrote twice about Comcast’s actions.) The key battle line is whether Comcast is just managing its network reasonably in the face of routine network congestion, as it claims,…
-
The continuing saga of Sarasota's lost votes
At a hearing today before a subcommittee of Congress’s Committee on House Administration, the U.S. Government Accountability Office (GAO) reported on the results of their technical investigation into the exceptional undervote rate in the November 2006 election for Florida’s 13th Congressional District. David Dill and I wrote a long paper about shortcomings in previous investigations,…
-
Google Objects to Microhoo: Pot Calling Kettle Black?
Last week Microsoft offered to buy Yahoo at a big premium over Yahoo’s current stock price; and Google complained vehemently that Microsoft’s purchase of Yahoo would reduce competition. There’s been tons of commentary about this. Here’s mine. The first question to ask is why Microsoft made such a high offer for Yahoo. One possibility is…
-
MySpace Photos Leaked; Payback for Not Fixing Flaw?
Last week an anonymous person published a file containing half a million images, many of which had been gathered from private profiles on MySpace. This may be the most serious privacy breach yet at MySpace. Kevin Poulsen’s story at Wired News implies that the leak may have been deliberate payback for MySpace failing to fix…