- My name is Ben Adida. I'm a control freak: I care about people controlling their online lives and the role the Web, Crypto, and Policy play. More About Me.
-
Recent Posts
May 2013 M T W T F S S « Apr 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Category Archives: crypto
it’s the randomness, stupid
The New York Times is reporting that a flaw has been found in RSA. The original paper is here, and it looks like a second team was about to release similar information, so they’ve posted an explanatory blog post, which … Continue reading
Posted in crypto
10 Comments
encryption is (mostly) not magic
A few months ago, Sony’s Playstation Network got hacked. Millions of accounts were breached, leaking physical addresses and passwords. Sony admitted that their data was “not encrypted.” Around the same time, researchers discovered that Dropbox stores user files “unencrypted.” Dozens … Continue reading
Wombat Voting: Open Audit Elections in Israel
My friend Alon Rosen is leading an effort with colleagues Amon Ta-Shma, Ben Riva, and Yoni Ben-Nun in Israel to implement and deploy in-person open-audit voting. The project is called Wombat Voting. It combines a number of existing cryptographic techniques … Continue reading
Posted in crypto, voting
3 Comments
grab the pitchforks!… again
I’m fascinated with how quickly people have reached for the pitchforks recently when the slightest whiff of a privacy/security violation occurs. Last week, a few interesting security tidbits came to light regarding Dropbox, the increasingly popular cloud-based file storage and … Continue reading
Posted in crypto, data, privacy, web
10 Comments
intelligently designing trust
For the past week, every security expert’s been talking about Comodo-Gate. I find it fascinating: Comodo-Gate goes to the core of how we handle trust and how web architecture evolves. And in the end, this crisis provides a rare opportunity. … Continue reading
Posted in crypto, policy, security, web
3 Comments
everything I know about voting I learned from American Idol
Tonight, American Idol began online voting. Yes, I’m a fan of American Idol, but don’t let that fool you: I’m still a bitchin’ cryptographer. I suspect that American Idol online voting will give rise to many questions such as “wow, … Continue reading
Posted in crypto, voting
4 Comments
Facebook, the Control Revolution, and the Failure of Applied Modern Cryptography
In the late 1990s and early 2000s, it was widely assumed by most tech writers and thinkers, myself included, that the Internet was a “Control Revolution” (to use the words of Andrew Shapiro, author of a book with that very … Continue reading
Posted in crypto, privacy, web
9 Comments
Crisis in the Java Community… could they have used a secret-ballot election?
There is a bit of a crisis in the Java community: the Apache Foundation just resigned its seat on the Java Executive Committee, as did two individual members, Doug Lea and Tim Peierls. From what I understand, the central issue … Continue reading
Posted in crypto, privacy, security, voting
Leave a comment
keep your hands off my session cookies
For years, security folks — myself included — have warned about the risk of personalized web sites such as Google, Facebook, Twitter, etc. being served over plain HTTP, as opposed to the more secure HTTPS, especially given the proliferation of … Continue reading
Posted in crypto, security, web
18 Comments
Facebook can and should do more to proactively protect users
A few days ago, the Wall Street Journal revealed that Facebook apps were leaking user information to ad networks. Today, Facebook proposed a scheme to address this issue. This is good news, but I’m concerned that Facebook’s proposal doesn’t address … Continue reading
Posted in crypto, privacy, web
2 Comments