(July) :Security Flaw in the iPhone
24 August 2007:Defending Against the Owner
(September) :What’s Missing in the iPod Touch
1 October 2007:The Technical-Social Contract
(March) :Privacy: Little Brother
2 December 2008 :Cybercrime and “Remote Search”
(April) :Apple and Location-Tracking
6 June 2012:Restricting Anti-Virus Won’t Work
(February) :Goto Fail
(February) :Speculation About Goto Fail
(July) :What Should PGP Look Like?
(September) :The U2 Incident
(September) :Apple’s “Warrant-Proof” Encryption
(February) :Hiding in the Firmware?
28 March 2016:The FBI and the iPhone: Important Unanswered Questions
24 August 2016:Does Apple’s Cloud Key Vault Answer the Key Escrow Question?
(May) :Patching is Hard
(May) :Who Pays?
2 May (**********************************************************************************************************************************************************************************************************************************************************************************************:Eran Tromer’s Attack on Ray Ozzie’s CLEAR Protocol
(March) :Facebook and Privacy
1 August 2007:Electronic Voting Machines
7 March (**********************************************************************************************************************************************************************************************************************************************************************************************:Please Embed Bibliographic Data in Online Documents
6 July 2007:The Greek Cellphone Tapping Scandal
1 August 2007:Electronic Voting Machines
7 July (*************************************************************************************************************************************************************************************************************************************************************************************************:Keys under the Doormat
(July) :Posting PDFs
(September) :What is a Security Mechanism?
(CIA)
(July) :Insider Attacks
(November) :A Bad Week for Privacy
(January) :The CIA Blames Hackers for Power Outages
26 September 2009:The Problem of Computerized Search
(July) :What Spies Do
(December) :Did the DPRK Hack Sony?
7 March 2017:Wikileaks, the CIA, and the Press
8 August (**********************************************************************************************************************************************************************************************************************************************************************************************: (Foldering)
3 September 2008 :This Blog and Creative Commons
8 March 2009:Access to Old Information
(September) :Skype’s EULA
(September) :Update to Skype’s EULA
(July) :How DRM Can Hurt Sales
(September) :Intel’s “Known-Good” Plan
(January) :USACM SOPA and PIPA Letters
1 April (*************************************************************************************************************************************************************************************************************************************************************************************************:ISPs to Enforce Copyright Law
(December) :Companies, Courts, and Computer Security
22 April 2014:Doing Crypto
(July) :What Should PGP Look Like?
(September) :Apple’s “Warrant-Proof” Encryption
5 February (*************************************************************************************************************************************************************************************************************************************************************************************************:The Uses and Abuses of Cryptography
7 July (*************************************************************************************************************************************************************************************************************************************************************************************************:Keys under the Doormat
(December) :Cryptography is Hard
3 January (************************************************************************************************************************************************************************************************************************************************************************************************:Why More Effort Won’t Solve the Exceptional Access Problem
8 April (************************************************************************************************************************************************************************************************************************************************************************************************:Problems with the Burr-Feinstein Bill
24 August 2016:Does Apple’s Cloud Key Vault Answer the Key Escrow Question?
(October) :Two More Crypto Holes
(October) :Another Thought About KRACK
(October) :Historical Loop
24 March 2018:Crypto War III: Assurance
2 May (**********************************************************************************************************************************************************************************************************************************************************************************************:Eran Tromer’s Attack on Ray Ozzie’s CLEAR Protocol
1 August 2019:Facebook, Privacy, and Cryptography
7 October 2019:The Crypto Wars Resume
(July) :Scary Security Developments
(September) :Stuxnet: The First Weaponized Software?
(October) :The Worm and the Wiretap
(October) :The Sins of the Flash
1 June 2012:Flame On!
(February) :Goto Fail
(February) :Speculation About Goto Fail
(December) :Did the DPRK Hack Sony?
(February) :What Must We Trust?
(February) :Hiding in the Firmware?
7 March 2017:Wikileaks, the CIA, and the Press
(March) :A Dangerous, Norm-Destroying Attack
1 August 2007:Electronic Voting Machines
4 April 2008 :Buggy Voting Systems in New Jersey
(December) :Companies, Courts, and Computer Security
3 August 2012:I’m Going to Washington …
(October) :A Voting Disaster Foretold
6 July 2007:The Greek Cellphone Tapping Scandal
(October) :The Worm and the Wiretap
7 July (*************************************************************************************************************************************************************************************************************************************************************************************************:Keys under the Doormat
3 January (************************************************************************************************************************************************************************************************************************************************************************************************:Why More Effort Won’t Solve the Exceptional Access Problem
28 March 2016:The FBI and the iPhone: Important Unanswered Questions
8 April (************************************************************************************************************************************************************************************************************************************************************************************************:Problems with the Burr-Feinstein Bill
24 August 2016:Does Apple’s Cloud Key Vault Answer the Key Escrow Question?
24 March 2018:Crypto War III: Assurance
2 May (**********************************************************************************************************************************************************************************************************************************************************************************************:Eran Tromer’s Attack on Ray Ozzie’s CLEAR Protocol
1 August 2019:Facebook, Privacy, and Cryptography
7 October 2019:The Crypto Wars Resume
(November) :A Bad Week for Privacy
5 December 2007:Facebook Apologizes
16 August 2010:A Facebook Privacy Study
(July) :Will the Circle Be Unbroken?
28 April 2012:The Dangers of Asking for Social Network Passwords
2 June (*************************************************************************************************************************************************************************************************************************************************************************************************: (Facebook and PGP) *****
(May) :Patching is Hard
(November) :Facebook’s Initiative Against “Revenge Porn”
4 May (**********************************************************************************************************************************************************************************************************************************************************************************************:Facebook’s New Dating App
(March) :Facebook and Privacy
1 August 2019:Facebook, Privacy, and Cryptography
5 July 2007:Belgian Court Rules ISPs Must Stop File-Sharing
(September) :Personal Data Disclosed via Peer-to-Peer Networks
9 December 2007:Western Digital’s Crippled Drive
(November) :Congress and Peer-to-Peer Filesharing
(December) :Weird Idea of the Day – Analysis
(June) :Password Leaks
3 August 2012:I’m Going to Washington …
(August) :I’m Back …
9 November (**********************************************************************************************************************************************************************************************************************************************************************************************:Protecting Privacy Differently
1 October 2007:The Technical-Social Contract
(November) :A Bad Week for Privacy
(December) :Exploiting Linkages for Good
(January) :A New Internet Wiretapping Plan?
(March) :Privacy: Little Brother
(November) :Will Google Need a Bailout Some Day?
(January) :YouTube, the Government, and Privacy
(January) : (More on YouTube, the Government, and Privacy)
2 March 2009:The White House Removes Videos from YouTube
8 March 2009:Access to Old Information
(January) :Google, China, and Lawful Intercept
(January) :Why Isn ‘t My Web Site Encrypted?
2 March 2011:Doing History
(July) :Will the Circle Be Unbroken?
28 April 2012:The Dangers of Asking for Social Network Passwords
(February) :Speculation About Goto Fail
(April) :Heartbleed: Don’t Panic
2 June (*************************************************************************************************************************************************************************************************************************************************************************************************: (Facebook and PGP) *****
(May) :Patching is Hard
(May) :Who Pays?
4 January (**********************************************************************************************************************************************************************************************************************************************************************************************:Meltdown and Specter: Security is a Systems Property
8 August (**********************************************************************************************************************************************************************************************************************************************************************************************: (Foldering)
9 January 2009:A Telegraph-Era TLD?
8 March 2009:Access to Old Information
2 March 2011:Doing History
(June) :Robert Morris, 78
(November) :Rewriting History
(December) :Lessons from Suppressing Research
6 June 2014:The Battle of Midway
(October) :Historical Loop
(November) :The Early History of Usenet
(legal)
5 July 2007:Belgian Court Rules ISPs Must Stop File-Sharing
7 July 2007:Pen Registers and the Internet
(July) :Secondary Uses and Privacy
26 July 2007:Hacking Forensic Software
(January) :A New Internet Wiretapping Plan?
(January) :The Dangers of the Protect America Act
2 December 2008 :Cybercrime and “Remote Search”
(December) :Companies, Courts, and Computer Security
(January) : (More on YouTube, the Government, and Privacy)
4 February 2009:More on Access to Alcohol Breath Tester Source Code
(February) :Computer Processing and the Law
2 March 2009:The White House Removes Videos from YouTube
(March) :Internet Records Retention Bill
(April) :The Cybersecurity Act of
(September) :Skype’s EULA
(September) :Update to Skype’s EULA
26 September 2009:The Problem of Computerized Search
3 November 2009:The Role of a Cybersecurity Czar
6 December (***************************************************************************************************************************************************************************************************************************************************************************************************:Alternate Universes: Academic Publishing in Computer Science vs. Law
4 June 2014:Machine Learning and the Fourth Amendment
(September) :Apple’s “Warrant-Proof” Encryption
6 July 2007:The Greek Cellphone Tapping Scandal
1 August 2007:Electronic Voting Machines
6 August 2007:Dealing With Security Problems
14 August 2007:Safes, Locks, and Override Codes
(August) :The FBI and Computer Security (Updated)
(January) :The Dangers of the Protect America Act
(February) :A Technical Mistake
(January) :Google, China, and Lawful Intercept
(September) :Apple’s “Warrant-Proof” Encryption
7 July (*************************************************************************************************************************************************************************************************************************************************************************************************:Keys under the Doormat
7 August (**********************************************************************************************************************************************************************************************************************************************************************************************:The Economics of Hacking an Election
4 January (**********************************************************************************************************************************************************************************************************************************************************************************************:Meltdown and Specter: Security is a Systems Property
(September) :The Mets
3 August 2012:I’m Going to Washington …
4 May (**********************************************************************************************************************************************************************************************************************************************************************************************:Facebook’s New Dating App
(November) :The Early History of Usenet
(June) :Quantum Cryptography
4 February 2008 :Underwater Fiber Cuts in the Middle East
(December) :Intercepting US Surveillance Videos
(September) :Stuxnet: The First Weaponized Software?
(October) :The Worm and the Wiretap
2 March 2011:Doing History
(October) :The Sins of the Flash
(December) :Lessons from Suppressing Research
(August) :I’m Back …
30 August 2013 :Searching the NSA’s Emails
(February) :Goto Fail
(February) :Speculation About Goto Fail
(July) :What Spies Do
(July) :What Should PGP Look Like?
(December) :Did the DPRK Hack Sony?
(February) :What Must We Trust?
(February) :Hiding in the Firmware?
2 June (*************************************************************************************************************************************************************************************************************************************************************************************************: (Facebook and PGP) *****
7 March 2017:Wikileaks, the CIA, and the Press
1 September 2017:Security is a System Property
24 March 2018:Crypto War III: Assurance
(July) :Posting PDFs
4 June 2014:Machine Learning and the Fourth Amendment
(September) :Apple’s “Warrant-Proof” Encryption
8 April (************************************************************************************************************************************************************************************************************************************************************************************************:Problems with the Burr-Feinstein Bill
(September) :What is a Security Mechanism?
28 April 2012:The Dangers of Asking for Social Network Passwords
(patching) ******
(April) : (The Open Source Quality Challenge)
(July) :Clarke and Knake’s “Cyberwar”
(September) :Stuxnet: The First Weaponized Software?
2 October 2011:The Untrusted Path
(January) :Types of Attack
5 February 2012: (The FBI and Scotland Yard versus Anonymous: Security Lessons)
(June) :Fixing Holes
(February) :Speculation About Goto Fail
(April) :Heartbleed: Don’t Panic
28 March 2016:The FBI and the iPhone: Important Unanswered Questions
(August) :Once Again, Don’t Panic
(May) :Patching is Hard
(May) :Who Pays?
28 June 2017:Patching is Hard and Risky- –But Sometimes, You MUST
1 September 2017:Security is a System Property
(September) :Preliminary Thoughts on The Equifax Hack
(October) :Two More Crypto Holes
(March) :A Dangerous, Norm-Destroying Attack
(June) :Buying Computers Properly
6 July 2007:The Greek Cellphone Tapping Scandal
(July) :What Should PGP Look Like?
2 June (*************************************************************************************************************************************************************************************************************************************************************************************************: (Facebook and PGP) *****
3 July 2007:Beer and Privacy
(July) :Secondary Uses and Privacy
(September) :Personal Data Disclosed via Peer-to-Peer Networks
(October) :“Do Not Track”: All or Nothing?
(November) :A Bad Week for Privacy
(November) :The FBI Denies Tracking Ethnic Foods
5 December 2007:Facebook Apologizes
6 December 2007:More Tracking Mania: PDFs with Ads
(December) :Ask.com’s “AskEraser”
(December) :Exploiting Linkages for Good
(March) :Privacy: Little Brother
26 March 2008:The Passport File Controversy
(March) :Threat Models
(August) :Update on Laptop Border Searches
4 September 2008 :Political Agendas for Network Design?
2 December 2008 :Cybercrime and “Remote Search”
(January) :YouTube, the Government, and Privacy
(January) : (More on YouTube, the Government, and Privacy)
2 March 2009:The White House Removes Videos from YouTube
3 March 2009:EFF’s Surveillance Self-Defense Website
(March) :Internet Records Retention Bill
16 August 2010:A Facebook Privacy Study
28 March 2011:I’ve Gone Encrypted
(April) :Apple and Location-Tracking
(January) :Bilateral Authentication
6 July (***************************************************************************************************************************************************************************************************************************************************************************************************:I Will Be Speaking at the Privacy and Civil Liberties Oversight Board Workshop
4 June 2014:Machine Learning and the Fourth Amendment
(September) :The U2 Incident
(September) :Apple’s “Warrant-Proof” Encryption
(November) :If it Doesn’t Exist, it Can’t be Abused
(September) :Preliminary Thoughts on The Equifax Hack
(September) :Update on Equifax
(September) :Yet Another Update on Equifax
5 October 2017:Replacing Social Security Numbers Is Harder Than You Think
4 May (**********************************************************************************************************************************************************************************************************************************************************************************************:Facebook’s New Dating App
9 November (**********************************************************************************************************************************************************************************************************************************************************************************************:Protecting Privacy Differently
(March) :Facebook and Privacy
1 August 2019:Facebook, Privacy, and Cryptography
20 August 2007:The Skype Outage
26 August 2007:The Amtrak Ticket System Outage
28 August 2007:Update on the Amtrak Outage
4 February 2008 :Underwater Fiber Cuts in the Middle East
7 February 2008 :Abandoned Ship Anchor Found Near Cable Cut
6 April 2008 :An Outage from Managing P2P Traffic?
8 April 2008 :Ships Impounded in Cable Cut
(April) :Comcast Outage: Not P2P -Related
(December) : (Another Cluster of Cable Cuts)
(April) : (The Open Source Quality Challenge)
(October) :Software is Hard: The Healthcare.gov Problem
(July) :Security Flaw in the iPhone
26 July 2007:Hacking Forensic Software
(July) :Insider Attacks
3 August 2007:Are Secure Systems Possible?
6 August 2007:Dealing With Security Problems
14 August 2007:Safes, Locks, and Override Codes
24 August 2007:Defending Against the Owner
(August) :The FBI and Computer Security (Updated)
(November) :Attempted Credit Card Fraud?
(January) :Hacking Trains
(January) :The CIA Blames Hackers for Power Outages
(January) : (Massive Computer-Assisted Fraud)
(February) :Teach a Man to Phish
(February) :A Pakistani ISP “Hijacks” Youtube
(March) :Threat Models
12 August 2008:The MBTA versus (Student) Security Researchers
28 November 2008:Making Security Incomprehensible
(December) :Companies, Courts, and Computer Security
3 March 2009:EFF’s Surveillance Self-Defense Website
(April) :The Cybersecurity Act of
(April) : (The Open Source Quality Challenge)
3 November 2009:The Role of a Cybersecurity Czar
(December) :The Real Face of Cyberwar?
(January) :Google, China, and Lawful Intercept
(January) :Why Isn ‘t My Web Site Encrypted?
(July) :Clarke and Knake’s “Cyberwar”
(July) :Scary Security Developments
(September) :Intel’s “Known-Good” Plan
(September) :The Buried Threat in that Tweet
(November) :Firewall Configuration Study
(March) :The RSA SecurID Problem
28 March 2011:I’ve Gone Encrypted
28 May 2011:RSA Breach Fallout?
2 October 2011:The Untrusted Path
(October) :Correction re “Sins of the Flash”
(December) :Weird Idea of the Day
(January) :Types of Attack
(January) :Bilateral Authentication
5 February 2012: (The FBI and Scotland Yard versus Anonymous: Security Lessons)
28 April 2012:The Dangers of Asking for Social Network Passwords
1 June 2012:Flame On!
6 June 2012:Restricting Anti-Virus Won’t Work
(June) :Password Leaks
(June) :Fixing Holes
9 August 2012:State -Sponsored Banking Trojan?
30 August 2013 :Searching the NSA’s Emails
5 February 2014:Why the US Doesn’t have Chip-and-PIN Credit Cards Yet
(February) :Goto Fail
(February) :Speculation About Goto Fail
9 April 2014:Open Source Quality Challenge Redux
(April) :Heartbleed: Don’t Panic
22 April 2014:Doing Crypto
(November) :If it Doesn’t Exist, it Can’t be Abused
(February) :What Must We Trust?
(February) :Hiding in the Firmware?
24 April 2015:What Congress Should Do About Cybersecurity
28 May 2015 :Hacking: Users, Computers, and Systems
(November) :Why I WroteThinking Security
28 March 2016:The FBI and the iPhone: Important Unanswered Questions
24 August 2016:Does Apple’s Cloud Key Vault Answer the Key Escrow Question?
(August) :Once Again, Don’t Panic
(May) :Patching is Hard
(May) :Who Pays?
28 June 2017:Patching is Hard and Risky- –But Sometimes, You MUST
(September) :Preliminary Thoughts on The Equifax Hack
(September) :Update on Equifax
(September) :Yet Another Update on Equifax
(October) :Two More Crypto Holes
(October) :Another Thought About KRACK
4 December 2017:Voluntary Reporting of Cybersecurity Incidents
4 January (**********************************************************************************************************************************************************************************************************************************************************************************************:Meltdown and Specter: Security is a Systems Property
(July) :Posting PDFs
8 August (**********************************************************************************************************************************************************************************************************************************************************************************************: (Foldering)
(June) :Buying Computers Properly
(September) :What is a Security Mechanism?
4 January (**********************************************************************************************************************************************************************************************************************************************************************************************:Meltdown and Specter: Security is a Systems Property
(July) :Scary Security Developments
(September) :Stuxnet: The First Weaponized Software?
1 June 2012:Flame On!
(March) :A Dangerous, Norm-Destroying Attack
6 July 2007:The Greek Cellphone Tapping Scandal
(January) :The Dangers of the Protect America Act
(September) :Apple’s “Warrant-Proof” Encryption
7 July (*************************************************************************************************************************************************************************************************************************************************************************************************:Keys under the Doormat
4 January (**********************************************************************************************************************************************************************************************************************************************************************************************:Meltdown and Specter: Security is a Systems Property
(February) :Teach a Man to Phish
28 November 2008:Making Security Incomprehensible
(November) :Firewall Configuration Study
(November) :The Early History of Usenet
(November) :The Early History of Usenet
1 August 2007:Electronic Voting Machines
6 January 2008 :Good NY Times Magazine Article on E-Voting
4 April 2008 :Buggy Voting Systems in New Jersey
5 November 2008 :Working the Polls
(May) :An Interesting Recount
30 May 2012:Update on Hand Recount
1 September 2017:Security is a System Property
7 August (**********************************************************************************************************************************************************************************************************************************************************************************************:The Economics of Hacking an Election
6 September (**********************************************************************************************************************************************************************************************************************************************************************************************:The National Academies Report “The Future of Voting”
(October) :A Voting Disaster Foretold
3 November 2009:The Role of a Cybersecurity Czar
(November) :Congress and Peer-to-Peer Filesharing
(January) :USACM SOPA and PIPA Letters
(June) :Fixing Holes
3 August 2012:I’m Going to Washington …
6 July (***************************************************************************************************************************************************************************************************************************************************************************************************:I Will Be Speaking at the Privacy and Civil Liberties Oversight Board Workshop
(August) :I’m Back …
24 April 2015:What Congress Should Do About Cybersecurity
7 July (*************************************************************************************************************************************************************************************************************************************************************************************************:Keys under the Doormat
1 February (************************************************************************************************************************************************************************************************************************************************************************************************:Caveats About “Computer Science For All”
28 March 2016:The FBI and the iPhone: Important Unanswered Questions
8 April (************************************************************************************************************************************************************************************************************************************************************************************************:Problems with the Burr-Feinstein Bill
4 December 2017:Voluntary Reporting of Cybersecurity Incidents
(June) :Buying Computers Properly
6 July 2007:The Greek Cellphone Tapping Scandal
7 July 2007:Pen Registers and the Internet
(August) :The FBI and Computer Security (Updated)
(January) :A New Internet Wiretapping Plan?
(January) :The Dangers of the Protect America Act
(February) :A Technical Mistake
26 September 2009:The Problem of Computerized Search
(January) :Google, China, and Lawful Intercept
GIPHY App Key not set. Please check settings