Category: security

  • EVT/WOTE 2009, Day 1, Afternoon

    I had to miss the first afternoon session of EVT/WOTE to attend WOOT (Workshop on Offensive Technologies) where Adam was presenting a paper Collin and I co-authored on hijacking bookmarklets (I wrote about this work a few months ago). Sadly, I missed what I hear were two great talks. Oh well, hopefully they’ll be on […]

  • EVT/WOTE 2009, Day 1, Morning

    I’m at the Electronic Voting Technology / Workshop on Trustworthy Elections get-together (in Montreal). A few thoughts about the day and talks. Keynote Larry Norden from the Brennan Center is proposing a few ideas about what the voting community should focus on. Voting machine security, including forensics. Thinks statistical analyses to detect fraud is going […]

  • Multi-Factor, maybe, but is it really harder to phish?

    MIT Tech Review asked me for a general comment on web authentication for their article covering new technology by Delfigo. There wasn’t enough time to look in depth at Delfigo’s technology, so my comments were about multi-factor authentication in general, and whether the additional factors are easily phishable. In other words, it’s interesting if authentication […]

  • Engaging Data going, going….

    The Engaging Data Conference at MIT, which brings together a number of interesting folks around the management of personal electronic data, is happening in October. The deadline for papers is this week, so submit a paper now if you’ve got some good ideas to share.

  • Empowering the Patient vs. Enabling an Artificial Monopoly

    Health Information Technology is moving along fairly quickly, with the stimulus money and the rise of Personally Controlled Health Records (Indivo/Dossia, Google Health, Microsoft HealthVault). I’m quite optimistic about the future of health data: there is a growing effort to free the data in order to empower patients. And then there are some really boneheaded […]

  • More on Google Wave Trust Model

    I wrote briefly about Google Wave, and Ben Laurie points out that my statement on the Google Wave trust model is misleading. He’s right. I said that the Google Wave trust model is the same as email (and thus I think Google Wave will succeed). What my words unfortunately and misleadingly implied is that it’s […]

  • Google Wave – thoughts

    First impressions / predictions on Google Wave, Google’s new communication idea/product/protocol/service: because it’s open-source, federated, and follows the same trust patterns as email, it will be successful whatever authentication protocol Google Wave uses will be a significant (if not a crushing) player in the web authentication space, and that’s not a bad thing because it […]

  • Engaging Data Forum @ MIT in October

    I’m on the Program Committee for a new conference being held at MIT in the Fall, the Engaging Data Forum. A number of fascinating topics around the issues of managing personal electronic information. Of course I’m focused on the security, privacy, and interoperability aspects, but there’s more, including geolocation, collection from portable devices, etc… Send […]

  • Back from Israel – talks and press

    Just got back from a trip to Israel, mostly vacation but a couple of very fun days at the Electronic Voting Workshop organized by IDC Herzliya and Tel Aviv University. A great group of folks, some very lively discussion, and a very productive workshop in Israel before they deploy electronic voting machines (imagine that, debating […]

  • Voting Workshop in Israel

    In a couple of weeks, I’ll be in Israel at a voting workshop organized by Ran Canetti, Alon Rosen, Ronitt Rubinfeld, and Assaf Jacob. I’ll be giving a talk on voting security and a second talk on Helios. The workshop will be free and open to the public, and it should be an interesting mix […]

  • Trusting Trust and JavaScript

    About 2 years ago, I tried to come up with a way to make OpenID and similarly single-sign-on systems less phishing-prone. That turned into BeamAuth (note to self: must publish the source code! Argg, so little time.) Minutes before I presented BeamAuth at CCS, Adam and Collin cornered me and found a subtle but significant […]

  • “You can get the ballots and count them yourself”

    My friend Oliver points me to Humboldt County’s initiative to post publicly all of its cast ballots. The article includes a video of Mitch Trachtenberg explaining how his open-source software package counts scanned images of ballots. “You can get the ballots and count them yourself,” he says. Yes! Fantastic! Nice work Mitch, and nice work […]

  • OpenID and Creative Commons

    Creative Commons recently launched the Creative Commons Network, including OpenID support. I wrote up an introduction to OpenID, its risks, and how Creative Commons is addressing them.

  • Kathie Lee wants to verify her ballot!

    My friend and colleague Arjun apparently watches Kathie Lee on television. He points me to this fantastic clip: Did I hear that right? It is weird, when you show up at the polling place and they stuff your vote in an envelope… you wonder where it goes! Exactly. Wouldn’t it be nice if you could […]

  • The Economist Covers Voting

    The Economist covers voting with cryptography, including some of my work. Good to see folks like the Economist paying attention… although the article misses the big point. Voting with cryptography is not about making your vote more secret. It’s about making your vote more verifiable. For those who advocate traditional paper ballots, the point is […]

  • Helios Voting being used for real elections

    From my Helios Blog: The Information Card Foundation is using Helios for its board election. Perfect use case: 50 people who will likely never all meet in person, but who need to vote on some issues. Helios provides them with a feature they literally could not achieve otherwise today: a secret ballot combined with real […]

  • Resig on Chrome: it’s the Process Isolation, Stupid!

    So Google launched their own browser, Chrome, and in the words of a friend “this looks like an operating system to my MBA eyes.” Exactly. John Resig, of jQuery fame, has the smartest comment so far: The blame of bad performance or memory consumption no longer lies with the browser but with the site. By […]

  • Where we’re going, we don’t need SSL

    Read a funny thing on DaringFireball: AppleInsider reports that the MobileMe web apps supposedly do use SSL, even though you don’t see “https:” URLs or the “secure” lock icon in your web browser Hmmm, sounds awfully fishy. If the page is over plain HTTP, then it will have a lot of trouble making requests over […]

  • Helios Voting System — Launched!

    I just gave my talk at Usenix Security on Helios, my new web-based voting system that supports cryptographic auditing. Since it’s web-based, you don’t want to use this for elections where coercion is a serious concern. But if you’re running an online election for your club, software community, etc.., it’s perfect. Just go to: […]

  • Adam & Collin strike again

    I’m now at Usenix Security, which I’m micro-blogging over at Sometimes, though, one talk merits more than a micro-blog. Currently, I’m listening to Adam Barth presenting his web-security paper (joint with Collin Jackson) on subtle but huge issues with frame navigation and communication. Top-notch stuff. What’s fascinating to me about Adam & Collin’s research […]

  • Understanding the Freakonomics of the Secret Ballot

    Steven Levitt, of Freakonomics fame, considers the case of the Minnesota teen who tried to sell his vote on eBay: This guy’s hijinks did, however, give us a glimpse into the market price of a vote. The minimum bid was set at $10. Nobody bid on his item. The failure to attract bidders is consistent […]

  • Don’t Hash Secrets

    Building secure systems is difficult. It would be nice if we had a bunch of well-designed crypto building blocks that we could assemble in all sorts of ways and be certain that they would, no matter what, yield a secure system overall. There are, in fact, folks working on such things at a theoretical level […]

  • WWW2008

    I was at WWW2008 last week in Beijing, where I presented a Tutorial on RDFa with Elias Torres and Ivan Herman, and SessionLock, a technique for securing web session used over unencrypted HTTP. The conference was a lot of fun. Spent quite a bit of time discussing security with Collin Jackson and Tyler Close. The […]

  • You know it’s election season when…

    … the New York Times publishes a huge story on voting machines. To their credit, this is one of the best pieces I’ve seen to date, assuming you accept that these major publications simply refuse to talk about open-audit voting. Some great lines that mirror what I’ve said in my own talks: Part of the […]

  • Web Cookies Explained

    The StopBadware Project and the Berkman Center (disclaimer: I’m affiliated with both) just announced the winner of the “Cookie Crumbles” video contest to help explain web cookies to the world: Clayton Miller. Here’s his video: It is 99% correct, and for a 1.5 minute film, that’s quite impressive. Good video to share with friends and […]

  • Bullet-Proofing the Front Door and Leaving the Back Door Open

    Vote By Mail in California While we’re struggling to secure voting machines, a number of States are deploying “Vote By Mail Permanently!” Here’s a picture on a bus in the San Francisco Bay Area. What a nightmare. I suspect that, for some election officials, the appeal of vote-by-mail is a bit like a magnified version […]

  • The State of Badware

    I’m an advisor to Harvard Law’s Berkman Center, where I work specifically with StopBadware, a group of talented folks who are helping to identify and report on software that does bad stuff to your computer. Malware, spyware, adware, badware, whatever you want to call it, the issue is control and notice: do you control your […]

  • Of Park Benches, Cardboard Boxes, Armored Cars and Voting

    The Swiss have implemented quantum cryptography to transfer votes to a central tallying authority. This is pretty cool, and I applaud the Swiss for trying new technologies to improve election security. However, marketing this as “unbreakable encryption” is troubling. I can’t help but see this as a version of Gene Spafford’s warning writ large: SSL […]

  • The Password Anti-Pattern and the Login Redirection Anti-Pattern

    A few weeks ago, I wrote about about how web sites that manage your data should be more open in order to better protect you. Not so surprisingly, I’m not the only one thinking about this issue. Jeremy Keith has a fantastic detailed write-up regarding what he calls the “password anti-pattern.” It gets at the […]

  • Health Records and Me

    This summer, I joined the faculty at Children’s Hospital Informatics Program. My work is focused on security and privacy of health data. One of the projects I’m contributing to was just announced in the press: Dossia was established by major U.S. employers Applied Materials, BP America Inc., Cardinal Health, Intel Corporation, Pitney Bowes Inc. and […]