The Early History of Usenet, Hacker News

(September) :The U2 Incident

(February) :Hiding in the Firmware?

28 March 2016:The FBI and the iPhone: Important Unanswered Questions

24 August 2016:Does Apple’s Cloud Key Vault Answer the Key Escrow Question?

(May) :Patching is Hard

(May) :Who Pays?

2 May (**********************************************************************************************************************************************************************************************************************************************************************************************:Eran Tromer’s Attack on Ray Ozzie’s CLEAR Protocol

(March) :Facebook and Privacy

Avi Rubin

1 August 2007:Electronic Voting Machines

bibliographies

7 March (**********************************************************************************************************************************************************************************************************************************************************************************************:Please Embed Bibliographic Data in Online Documents

Bitcoin

(December) :Bitcoin — The Andromeda Strain of Computer Science Research

Bruce Schneier

1 August 2007:Electronic Voting Machines

7 July (*************************************************************************************************************************************************************************************************************************************************************************************************:Keys under the Doormat

(July) :Posting PDFs

CALEA

(May) :Vernam, Mauborgne, and Friedman: The One-Time Pad and the Index of Coincidence

CFAA

(September) :What is a Security Mechanism?

(CIA)

(July) :Insider Attacks

(November) :A Bad Week for Privacy

(January) :The CIA Blames Hackers for Power Outages

26 September 2009:The Problem of Computerized Search

(July) :What Spies Do

(December) :Did the DPRK Hack Sony?

7 March 2017:Wikileaks, the CIA, and the Press

8 August (**********************************************************************************************************************************************************************************************************************************************************************************************: (Foldering)

(June) :The Associated Press and Fair Use

(July) :Control as a Motive for Content Owners

3 September 2008 :This Blog and Creative Commons

8 March 2009:Access to Old Information

(September) :Skype’s EULA

(September) :Update to Skype’s EULA

(January) :Why I Won’t Buy an E-book Reader – and When I Might

(July) :How DRM Can Hurt Sales

(September) :Intel’s “Known-Good” Plan

(January) :USACM SOPA and PIPA Letters

1 April (*************************************************************************************************************************************************************************************************************************************************************************************************:ISPs to Enforce Copyright Law

cryptocurrency

(December) :Bitcoin — The Andromeda Strain of Computer Science Research

cryptography

(December) :Companies, Courts, and Computer Security

28 August 2009:One-Time Pads and Vernam’s “Cipher Printing Telegraph Systems” Paper

(May) :The Oldest Algorithmic Patent?

22 April 2014:Doing Crypto

5 February (*************************************************************************************************************************************************************************************************************************************************************************************************:The Uses and Abuses of Cryptography

(December) :Cryptography is Hard

3 January (************************************************************************************************************************************************************************************************************************************************************************************************:Why More Effort Won’t Solve the Exceptional Access Problem

8 April (************************************************************************************************************************************************************************************************************************************************************************************************:Problems with the Burr-Feinstein Bill

24 August 2016:Does Apple’s Cloud Key Vault Answer the Key Escrow Question?

(October) :Two More Crypto Holes

(October) :Another Thought About KRACK

(October) :Historical Loop

(February) :Usenet, Authentication, and Engineering (or: Early Design Decisions for Usenet)

24 March 2018:Crypto War III: Assurance

(April) :Ray Ozzie’s Proposal: Not a Step Forward

24 August 2018:German Cryptanalytic Attacks on the British World War II “TYPEX” Machine

7 October 2019:The Crypto Wars Resume

Cyberspooks

(July) :Scary Security Developments

(September) :Stuxnet: The First Weaponized Software?

(October) :The Worm and the Wiretap

(October) :The Sins of the Flash

1 June 2012:Flame On!

(February) :Goto Fail

(February) :Speculation About Goto Fail

(December) :Did the DPRK Hack Sony?

(February) :What Must We Trust?

(February) :Hiding in the Firmware?

7 March 2017:Wikileaks, the CIA, and the Press

(March) :A Dangerous, Norm-Destroying Attack

Ed Felten

1 August 2007:Electronic Voting Machines

4 April 2008 :Buggy Voting Systems in New Jersey

(December) :Companies, Courts, and Computer Security

3 August 2012:I’m Going to Washington …

(March) :Ed Felten to be Named as a PCLOB Board Member

(October) :A Voting Disaster Foretold

exceptional access

(October) :The Worm and the Wiretap

28 March 2016:The FBI and the iPhone: Important Unanswered Questions

24 August 2016:Does Apple’s Cloud Key Vault Answer the Key Escrow Question?

24 March 2018:Crypto War III: Assurance

(April) :Ray Ozzie’s Proposal: Not a Step Forward

7 October 2019:The Crypto Wars Resume

Facebook

(November) :A Bad Week for Privacy

5 December 2007:Facebook Apologizes

(December) :The Report on “Securing Cyberspace for the 44 th Presidency “

16 August 2010:A Facebook Privacy Study

(July) :Will the Circle Be Unbroken?

28 April 2012:The Dangers of Asking for Social Network Passwords

2 June (*************************************************************************************************************************************************************************************************************************************************************************************************: (Facebook and PGP) *****

(May) :Patching is Hard

(November) :Facebook’s Initiative Against “Revenge Porn”

4 May (**********************************************************************************************************************************************************************************************************************************************************************************************:Facebook’s New Dating App

(March) :Facebook and Privacy

file-sharing

5 July 2007:Belgian Court Rules ISPs Must Stop File-Sharing

(September) :Personal Data Disclosed via Peer-to-Peer Networks

(October) :Comcast Apparently Blocking Some Peer-to-Peer Traffic

(October) :More on Comcast Blocking Peer-to-Peer Traffic

9 December 2007:Western Digital’s Crippled Drive

(March) :Comcast Will Stop Blocking BitTorrent

(July) :Control as a Motive for Content Owners

(November) :Congress and Peer-to-Peer Filesharing

FTC

(December) :The Report on “Securing Cyberspace for the 44 th Presidency “

(December) :Weird Idea of the Day – Analysis

(June) :Password Leaks

3 August 2012:I’m Going to Washington …

(August) :I’m Back …

9 November (**********************************************************************************************************************************************************************************************************************************************************************************************:Protecting Privacy Differently

Google

1 October 2007:The Technical-Social Contract

(November) :A Bad Week for Privacy

(December) :Exploiting Linkages for Good

(May) :Vernam, Mauborgne, and Friedman: The One-Time Pad and the Index of Coincidence

(March) :Privacy: Little Brother

(November) :Will Google Need a Bailout Some Day?

(December) :The Report on “Securing Cyberspace for the 44 th Presidency “

(January) :YouTube, the Government, and Privacy

(January) : (More on YouTube, the Government, and Privacy)

2 March 2009:The White House Removes Videos from YouTube

8 March 2009:Access to Old Information

(January) :Google, China, and Lawful Intercept

(January) :Why Isn ‘t My Web Site Encrypted?

2 March 2011:Doing History

(July) :Will the Circle Be Unbroken?

28 April 2012:The Dangers of Asking for Social Network Passwords

(February) :Speculation About Goto Fail

(April) :Heartbleed: Don’t Panic

(May) :Patching is Hard

(May) :Who Pays?

4 January (**********************************************************************************************************************************************************************************************************************************************************************************************:Meltdown and Specter: Security is a Systems Property

history

9 January 2009:A Telegraph-Era TLD?

8 March 2009:Access to Old Information

28 August 2009:One-Time Pads and Vernam’s “Cipher Printing Telegraph Systems” Paper

2 March 2011:Doing History

(June) :Robert Morris, 78

(November) :Rewriting History

(December) :Lessons from Suppressing Research

(May) :The Oldest Algorithmic Patent?

6 June 2014:The Battle of Midway

(October) :Historical Loop

(February) :Usenet, Authentication, and Engineering (or: Early Design Decisions for Usenet)

24 August 2018:German Cryptanalytic Attacks on the British World War II “TYPEX” Machine

(November) :The Early History of Usenet

(November) :The Early History of Usenet, Part I: The Technological Setting

(November) :The Early History of Usenet, Part II: Hardware and Economics

(legal)

(June) :The Court of Appeals and Email Privacy

5 July 2007:Belgian Court Rules ISPs Must Stop File-Sharing

7 July 2007:Pen Registers and the Internet

(July) :Secondary Uses and Privacy

26 July 2007:Hacking Forensic Software

(August) :Minnesota Court Orders Release of Alcohol Breath Tester Source Code

22 April 2008:New Jersey Supreme Court Protects Internet Users’ Privacy

(June) :The Associated Press and Fair Use

2 December 2008 :Cybercrime and “Remote Search”

(December) :Companies, Courts, and Computer Security

(January) : (More on YouTube, the Government, and Privacy)

4 February 2009:More on Access to Alcohol Breath Tester Source Code

(February) :Computer Processing and the Law

2 March 2009:The White House Removes Videos from YouTube

(March) :Internet Records Retention Bill

(April) :The Cybersecurity Act of

(September) :Skype’s EULA

(September) :Update to Skype’s EULA

26 September 2009:The Problem of Computerized Search

3 November 2009:The Role of a Cybersecurity Czar

8 September 2010:Online Symposium on “The Future of the Internet – And How to Stop It”

6 December (***************************************************************************************************************************************************************************************************************************************************************************************************:Alternate Universes: Academic Publishing in Computer Science vs. Law

4 June 2014:Machine Learning and the Fourth Amendment

Matt Blaze

1 August 2007:Electronic Voting Machines

6 August 2007:Dealing With Security Problems

14 August 2007:Safes, Locks, and Override Codes

(August) :The FBI and Computer Security (Updated)

(February) :A Technical Mistake

(January) :Google, China, and Lawful Intercept

(May) :The Security Problem with HTML Email

7 August (**********************************************************************************************************************************************************************************************************************************************************************************************:The Economics of Hacking an Election

Meltdown

Mets

(September) :The Mets

5 October 2007:Screendump: # 1 in a Random Series of Messages You Shouldn’t See

3 August 2012:I’m Going to Washington …

Microsoft

(February) :Microsoft is Abandoning SHA-1 Hashes for Updates — But Why?

(January) :Yes, “algorithms” can be biased. Here’s why. *****

Netnews

(February) :Usenet, Authentication, and Engineering (or: Early Design Decisions for Usenet)

(November) :The Early History of Usenet

(November) :The Early History of Usenet, Part I: The Technological Setting

(November) :The Early History of Usenet, Part II: Hardware and Economics

NSA

(June) :Quantum Cryptography

4 February 2008 :Underwater Fiber Cuts in the Middle East

(December) :Intercepting US Surveillance Videos

(September) :Stuxnet: The First Weaponized Software?

(October) :The Worm and the Wiretap

2 March 2011:Doing History

(October) :The Sins of the Flash

(December) :Lessons from Suppressing Research

(August) :I’m Back …

30 August 2013 :Searching the NSA’s Emails

(February) :Goto Fail

(February) :Speculation About Goto Fail

(July) :What Spies Do

(December) :Did the DPRK Hack Sony?

(February) :What Must We Trust?

(February) :Hiding in the Firmware?

(October) :I’m Shocked, Shocked to Find There’s Cryptanalysis Going On Here (Your plaintext, sir.)

7 March 2017:Wikileaks, the CIA, and the Press

1 September 2017:Security is a System Property

24 March 2018:Crypto War III: Assurance

(July) :Posting PDFs

Orin Kerr

4 June 2014:Machine Learning and the Fourth Amendment

(January) :Software Insecurity: The Problem with the White House Cybersecurity Proposals

(September) :What is a Security Mechanism?

passwords

28 April 2012:The Dangers of Asking for Social Network Passwords

(patching) ******

(July) :Cybersecurity Advice for (Possible) President Obama

(April) : (The Open Source Quality Challenge)

(July) :Clarke and Knake’s “Cyberwar”

(September) :Stuxnet: The First Weaponized Software?

2 October 2011:The Untrusted Path

(January) :Types of Attack

5 February 2012: (The FBI and Scotland Yard versus Anonymous: Security Lessons)

(June) :Fixing Holes

(February) :Speculation About Goto Fail

(April) :Heartbleed: Don’t Panic

28 March 2016:The FBI and the iPhone: Important Unanswered Questions

(August) :Once Again, Don’t Panic

(May) :Patching is Hard

(May) :Who Pays?

28 June 2017:Patching is Hard and Risky- –But Sometimes, You MUST

1 September 2017:Security is a System Property

(September) :Preliminary Thoughts on The Equifax Hack

(October) :Two More Crypto Holes

(February) :Microsoft is Abandoning SHA-1 Hashes for Updates — But Why?

(March) :A Dangerous, Norm-Destroying Attack

PCLOB

(March) :Ed Felten to be Named as a PCLOB Board Member

PGP

privacy

3 July 2007:Beer and Privacy

(July) :Secondary Uses and Privacy

(September) :Personal Data Disclosed via Peer-to-Peer Networks

(October) :“Do Not Track”: All or Nothing?

(November) :A Bad Week for Privacy

(November) :The FBI Denies Tracking Ethnic Foods

5 December 2007:Facebook Apologizes

6 December 2007:More Tracking Mania: PDFs with Ads

(December) :Ask.com’s “AskEraser”

(December) :Exploiting Linkages for Good

(March) :Privacy: Little Brother

26 March 2008:The Passport File Controversy

(March) :Threat Models

22 April 2008:New Jersey Supreme Court Protects Internet Users’ Privacy

(August) :Update on Laptop Border Searches

4 September 2008 :Political Agendas for Network Design?

2 December 2008 :Cybercrime and “Remote Search”

(January) :YouTube, the Government, and Privacy

(January) : (More on YouTube, the Government, and Privacy)

2 March 2009:The White House Removes Videos from YouTube

3 March 2009:EFF’s Surveillance Self-Defense Website

(March) :Internet Records Retention Bill

(July) :Comments on the National Strategy for Trusted Identities in Cyberspace

16 August 2010:A Facebook Privacy Study

8 September 2010:Online Symposium on “The Future of the Internet – And How to Stop It”

28 March 2011:I’ve Gone Encrypted

(April) :Apple and Location-Tracking

(January) :Bilateral Authentication

6 July (***************************************************************************************************************************************************************************************************************************************************************************************************:I Will Be Speaking at the Privacy and Civil Liberties Oversight Board Workshop

4 June 2014:Machine Learning and the Fourth Amendment

(September) :The U2 Incident

(November) :If it Doesn’t Exist, it Can’t be Abused

(September) :Preliminary Thoughts on The Equifax Hack

(September) :Update on Equifax

(September) :Yet Another Update on Equifax

5 October 2017:Replacing Social Security Numbers Is Harder Than You Think

(March) :Facebook and Privacy

Quantum cryptography

(June) :Quantum Cryptography

reliability

20 August 2007:The Skype Outage

26 August 2007:The Amtrak Ticket System Outage

28 August 2007:Update on the Amtrak Outage

4 February 2008 :Underwater Fiber Cuts in the Middle East

7 February 2008 :Abandoned Ship Anchor Found Near Cable Cut

6 April 2008 :An Outage from Managing P2P Traffic?

8 April 2008 :Ships Impounded in Cable Cut

(April) :Comcast Outage: Not P2P -Related

(December) : (Another Cluster of Cable Cuts)

(April) : (The Open Source Quality Challenge)

(October) :Software is Hard: The Healthcare.gov Problem

revenge porn

(November) :Facebook’s Initiative Against “Revenge Porn”

security

(July) :Security and Usability: Windows Vista

(July) :Security Flaw in the iPhone

26 July 2007:Hacking Forensic Software

(July) :Insider Attacks

3 August 2007:Are Secure Systems Possible?

6 August 2007:Dealing With Security Problems

14 August 2007:Safes, Locks, and Override Codes

24 August 2007:Defending Against the Owner

(August) :The FBI and Computer Security (Updated)

5 October 2007:Screendump: # 1 in a Random Series of Messages You Shouldn’t See

(October) :The Proper Benefit of an iPhone Design Mistake

(November) :Attempted Credit Card Fraud?

(January) :Hacking Trains

(January) :The CIA Blames Hackers for Power Outages

(January) : (Massive Computer-Assisted Fraud)

(February) :Teach a Man to Phish

(February) :A Pakistani ISP “Hijacks” Youtube

(March) :Threat Models

(April) :PayPal is Wrong About Unsafe Browsers

(July) :Cybersecurity Advice for (Possible) President Obama

12 August 2008:The MBTA versus (Student) Security Researchers

28 November 2008:Making Security Incomprehensible

(December) :Companies, Courts, and Computer Security

3 March 2009:EFF’s Surveillance Self-Defense Website

(April) :The Cybersecurity Act of

(April) : (The Open Source Quality Challenge)

(July) :Emailing Attachments versus Sending Links

3 November 2009:The Role of a Cybersecurity Czar

(December) :The Real Face of Cyberwar?

(January) :Google, China, and Lawful Intercept

(January) :Why Isn ‘t My Web Site Encrypted?

(July) :Comments on the National Strategy for Trusted Identities in Cyberspace

(July) :Clarke and Knake’s “Cyberwar”

(July) :Scary Security Developments

(September) :Intel’s “Known-Good” Plan

(September) :The Buried Threat in that Tweet

(November) :Firewall Configuration Study

(March) :The RSA SecurID Problem

28 March 2011:I’ve Gone Encrypted

28 May 2011:RSA Breach Fallout?

2 October 2011:The Untrusted Path

(October) :Correction re “Sins of the Flash”

(November) :Water Supply System Apparently Hacked, with Physical Damage

(December) :Weird Idea of the Day

(January) :Types of Attack

(January) :Bilateral Authentication

5 February 2012: (The FBI and Scotland Yard versus Anonymous: Security Lessons)

28 April 2012:The Dangers of Asking for Social Network Passwords

(May) :Another Company Doesn’t Understand Phishing

1 June 2012:Flame On!

6 June 2012:Restricting Anti-Virus Won’t Work

(June) :Password Leaks

(June) :Fixing Holes

9 August 2012:State -Sponsored Banking Trojan?

30 August 2013 :Searching the NSA’s Emails

5 February 2014:Why the US Doesn’t have Chip-and-PIN Credit Cards Yet

(February) :Goto Fail

(February) :Speculation About Goto Fail

9 April 2014:Open Source Quality Challenge Redux

(April) :Heartbleed: Don’t Panic

22 April 2014:Doing Crypto

(November) :If it Doesn’t Exist, it Can’t be Abused

(January) :Software Insecurity: The Problem with the White House Cybersecurity Proposals

(February) :What Must We Trust?

(February) :Hiding in the Firmware?

24 April 2015:What Congress Should Do About Cybersecurity

28 May 2015 :Hacking: Users, Computers, and Systems

(November) :Why I WroteThinking Security

28 March 2016:The FBI and the iPhone: Important Unanswered Questions

24 August 2016:Does Apple’s Cloud Key Vault Answer the Key Escrow Question?

(August) :Once Again, Don’t Panic

(May) :Patching is Hard

(May) :Who Pays?

28 June 2017:Patching is Hard and Risky- –But Sometimes, You MUST

(September) :Preliminary Thoughts on The Equifax Hack

(September) :Update on Equifax

(September) :Yet Another Update on Equifax

(October) :Two More Crypto Holes

(October) :Another Thought About KRACK

4 December 2017:Voluntary Reporting of Cybersecurity Incidents

(February) :Usenet, Authentication, and Engineering (or: Early Design Decisions for Usenet)

(May) :The Security Problem with HTML Email

(July) :Posting PDFs

(February) :Microsoft is Abandoning SHA-1 Hashes for Updates — But Why?

(September) :What is a Security Mechanism?

Specter

Stuxnet

(July) :Scary Security Developments

(September) :Stuxnet: The First Weaponized Software?

1 June 2012:Flame On!

(March) :A Dangerous, Norm-Destroying Attack

Susan Landau

system administration

(May) :Patching is Hard

systems properties

tulip bulbs

(December) :Bitcoin — The Andromeda Strain of Computer Science Research

usability

(July) :Security and Usability: Windows Vista

(February) :Teach a Man to Phish

(April) :PayPal is Wrong About Unsafe Browsers

28 November 2008:Making Security Incomprehensible

(November) :Firewall Configuration Study

Usenet

(February) :Usenet, Authentication, and Engineering (or: Early Design Decisions for Usenet) )

(November) :The Early History of Usenet

(November) :The Early History of Usenet, Part I: The Technological Setting

(November) :The Early History of Usenet, Part II: Hardware and Economics

Usenet history

(November) :The Early History of Usenet

(November) :The Early History of Usenet, Part I: The Technological Setting

(November) :The Early History of Usenet, Part II: Hardware and Economics

voting

1 August 2007:Electronic Voting Machines

6 January 2008 :Good NY Times Magazine Article on E-Voting

4 April 2008 :Buggy Voting Systems in New Jersey

5 November 2008 :Working the Polls

(May) :An Interesting Recount

30 May 2012:Update on Hand Recount

1 September 2017:Security is a System Property

6 September (**********************************************************************************************************************************************************************************************************************************************************************************************:The National Academies Report “The Future of Voting”

(October) :A Voting Disaster Foretold

Washington

(July) :Cybersecurity Advice for (Possible) President Obama

(December) :The Report on “Securing Cyberspace for the 44 th Presidency “

3 November 2009:The Role of a Cybersecurity Czar

(November) :Congress and Peer-to-Peer Filesharing

(July) :Comments on the National Strategy for Trusted Identities in Cyberspace

(January) :USACM SOPA and PIPA Letters

(June) :Fixing Holes

3 August 2012:I’m Going to Washington …

(August) :I’m Back …

(January) :Software Insecurity: The Problem with the White House Cybersecurity Proposals

(February) :Packet Loss: How the Internet Enforces Speed Limits

24 April 2015:What Congress Should Do About Cybersecurity

1 February (************************************************************************************************************************************************************************************************************************************************************************************************:Caveats About “Computer Science For All”

28 March 2016:The FBI and the iPhone: Important Unanswered Questions

4 December 2017:Voluntary Reporting of Cybersecurity Incidents

(March) :Ed Felten to be Named as a PCLOB Board Member

wiretapping

(June) :The Court of Appeals and Email Privacy

7 July 2007:Pen Registers and the Internet

(August) :The FBI and Computer Security (Updated)