Category Archives: web

Facebook, the Control Revolution, and the Failure of Applied Modern Cryptography

Posted on January 14, 2011 by ben

In the late 1990s and early 2000s, it was widely assumed by most tech writers and thinkers, myself included, that the Internet was a “Control Revolution” (to use the words of Andrew Shapiro, author of a book with that very … Continue reading

Posted in crypto, privacy, web | 9 Comments

an answer to John Gruber: Google dropping H.264 is good for everyone

Posted on January 12, 2011 by ben

Google just dropped support for H.264 in Chrome. John Gruber, among others, is not happy. Now, John Gruber is a very smart guy, but his Apple bias is too much even for me, and it’s preventing him from seeing what … Continue reading

Posted in web | 19 Comments

privacy icons

Posted on December 27, 2010 by ben

Aza Raskin has posted alpha 1 of the proposed Mozilla Privacy Icons. I was at the Mozilla-sponsored get-together where this was first discussed, and I’m really happy to see this moving forward. A few quick thoughts: the least useful of … Continue reading

Posted in privacy, web | Leave a comment

OK, let’s work to make SSL easier for everyone

Posted on October 26, 2010 by ben

So in the wake of the FireSheep situation, which I described yesterday, the tech world is filled with people talking past each other on one important topic: should we just switch everything over to SSL? As I stated yesterday, I … Continue reading

Posted in security, web | 5 Comments

keep your hands off my session cookies

Posted on October 25, 2010 by ben

For years, security folks — myself included — have warned about the risk of personalized web sites such as Google, Facebook, Twitter, etc. being served over plain HTTP, as opposed to the more secure HTTPS, especially given the proliferation of … Continue reading

Posted in crypto, security, web | 18 Comments

Facebook can and should do more to proactively protect users

Posted on October 22, 2010 by ben

A few days ago, the Wall Street Journal revealed that Facebook apps were leaking user information to ad networks. Today, Facebook proposed a scheme to address this issue. This is good news, but I’m concerned that Facebook’s proposal doesn’t address … Continue reading

Posted in crypto, privacy, web | 2 Comments

an unwarranted bashing of Twitter’s oAuth

Posted on September 2, 2010 by ben

Ryan Paul over at ArsTechnica claims a compromise of Twitter’s oAuth system, but fails to demonstrate such a compromise. It’s unfortunate, because some of his comments are indeed worthwhile, and there are a few interesting recommendations that Twitter should follow … Continue reading

Posted in security, web | 31 Comments

browser extensions = user freedom

Posted on June 5, 2010 by ben

The web browser has become the universal trusted client. That can be good: users can mostly rely on their browsers to isolate their banking site from the other web sites they visit. It can also be bad for users’ freedom: … Continue reading

Posted in autonomy, privacy, web | 1 Comment

distributed innovation

Posted on April 21, 2010 by ben

A few years ago, a small group of folks (Mark Birbeck, Steven Pemberton, Ralph Swick, Shane McCarron, me, and more recently Ivan Herman, Manu Sporny, and a lot of great new folks) started with the simple idea that, if web … Continue reading

Posted in data, web | 3 Comments

The Great Content Lockdown of 2010

Posted on March 31, 2010 by ben

I had an invigorating and thought-provoking chat with my good friend Oliver Roup today. We agreed that the Apple iPad is going to be an unbelievable success. I’ve thought from day one that it would be huge, but I think … Continue reading

Posted in autonomy, policy, web | 4 Comments