Tag: Security
-
Recommended Reading: Crime-Facilitating Speech
Eugene Volokh has an interesting new paper about Crime-Facilitating Speech (abridged version): “speech [that] provides information that makes it easier to commit crimes, torts, or other harms”. He argues convincingly that many free-speech cases pertain to crime-facilitating speech. Somebody wants to prevent speech because it may facilitate crime, but others argue that the speech has…
-
Cisco Claims Its Product is a Trade Secret
I wrote Friday about the legal threats by Cisco and ISS against researcher Mike Lynn, relating to Lynn’s presentation at Black Hat about a Cisco security vulnerability. The complaint Cisco and ISS filed is now available online. Jennifer Granick, Lynn’s lawyer, has an interesting narrative of the case (part 1; part 2; part 3; part…
-
WiFi Freeloading Now a Crime in U.K.
A British man has been fined and given a suspended prison sentence for connecting to a stranger’s WiFi access point without permission, according to a BBC story. There is no indication that he did anything improper while connected; all he did was to park his car in front of a stranger’s house and connect his…
-
ISS Caught in the Middle in Cisco Security Flap
The cybersecurity world is buzzing with news about Cisco’s attempt to silence Michael Lynn’s discussion of a serious security flaw in the company’s product. Here’s the chronology, which I have pieced together from news reports (so the obvious caveats apply): Michael Lynn worked for ISS, a company that sells security scanning software. In the course…
-
Who'll Stop the Spam-Bots?
The FTC has initiated Operation Spam Zombies, a program that asks ISPs to work harder to detect and isolate spam-bots on their customers’ computers. Randy Picker has a good discussion of this. A bot is a malicious, long-lived software agent that sits on a computer and carries out commands at the behest of a remote…
-
What is Spyware?
Recently the Anti-Spyware Coalition released a document defining spyware and related terms. This is an impressive-sounding group, convened by CDT and including companies like HP, Microsoft, and Yahoo. Here is their central definition: Spyware and Other Potentially Unwanted Technologies Technologies implemented in ways that impair users’ control over: Material changes that affect their user experience,…
-
Controlling Software Updates
Randy Picker questions part of the computer science professors’ Grokster brief (of which I was a co-signer), in which we wrote: Even assuming that Respondents have the right and ability to deliver such software to end users, there can be no way to ensure that software updates are installed, and stay installed. End users ultimately…
-
Content Filtering and Security
Buggy security software can make you less secure. Indeed, a growing number of intruders are exploiting bugs in security software to gain access to systems. Smart system administrators have known for a long time to be careful about deploying new “security” products. A company called Audible Magic is trying to sell “content filtering” systems to…
-
Analysis of Fancy E-Voting Protocols
Karlof, Sastry, and Wagner have an interesting new paper looking at fancy voting protocols designed by Neff and Chaum, and finding that they’re not yet ready for use. The protocols try to use advanced cryptography to make electronic voting secure. The Neff scheme (I’ll ignore the Chaum scheme, for brevity) produces three outputs: a paper…
-
Virtually Unprotected
Today’s New York Times has a strongly worded editorial saying the U.S. is vulnerable to a devastating cyberattack, and national action is required. We are indeed vulnerable to cyberattack, but this may not be our most serious unaddressed vulnerability. Is the threat of cyberattack more serious than, say, the threat of a physical attack on…