So I made a couple of predictions about the iPad, Apple’s tablet, and I realize in retrospect that, while I got some of the details right, I got the gist completely wrong. I thought it was going to be a special-purpose device. And most commentators are saying just that. But I was wrong and they are wrong. The iPad is very much meant to be a new approach to how we use computers in general. Still think it’s just a big iPhone? Watch these few minutes of video, a summary of how you interact with the iPad to create slides … Continue reading I was wrong about the iPad
Bruce Schneier writes that it’s reasonable for unmanned drones to broadcast unencrypted video streams, because the video stream is not that useful to enemies, and given that many people need access to the video feed, the key distribution problem would be very difficult to manage, and some allies could be severely handicapped if they happened not to have the key. So, Bruce is typically fantastic at finding those interesting areas of security where the answer is counter-intuitive. But huh? How can both of those points be true? If the video stream is valuable to allies, then I’m guessing it’s valuable … Continue reading Sometimes it’s not counter-intuitive
I’m having some interesting offline followup discussions with folks about oAuth WRAP and my relatively negative reaction to it. One of the comments seems to be that SSL will recreate exactly the security that HMAC signatures were trying to achieve, and it was really hard for developers to do oAuth right in the first place. I definitely sympathize with “it’s hard to get security right,” and I certainly agree that we should begin to standardize oAuth libraries ASAP. The reference implementations are okay, but they’re not solid enough for widespread standardization, which means people are cooking up their own, which … Continue reading It’s a WRAP followup: maybe the goal was client-side certs?
I’m just finding out about oAuth WRAP, a new, simplified version of oAuth which some are calling the “valet key” approach to web data sharing: don’t give your Facebook password to a random web app, instead use oAuth to mint them a valet key that lets the app access only some specific portions of your Facebook profile. I like and use oAuth, so I was a little bit confused as to what WRAP brings to the table. I read up a bit: The main difference between OAuth and OAuth WRAP is that WRAP does not have elaborate token exchanges or … Continue reading It’s a WRAP
So this evening my Facebook account was hacked and spam messages were posted to a few dozen friends on my behalf. Thankfully, since I’m friends with a number of security-savvy folks, I was notified almost instantly. Now I’ve never cared too much about my Facebook account, so I used one of my weak passwords. I’m pretty sure I wasn’t phished, and I’m pretty sure I don’t have malware installed on my machine, so I’m guessing (as suggested by Aaron) that some site where I reused my weak password was hacked…. but which site? Who knows. Maybe it’s really time for … Continue reading Facebook account hacked
Let’s say someone’s trying to sell you a house. It’s a beautiful house. You visit it. You have it inspected and re-inspected, and it’s perfect. You get a loan approved, and you’re about to sign the papers when you’re told: wait, actually, that house is no longer available, but why don’t you just sign here on the dotted line for the exact same house just down the street. Really, really it’s the exact same house, promised. Would you sign on the dotted line assuming your inspections of the first house have any bearing on this new house you’ve never seen? … Continue reading Source Code and Voting: what’s really on that machine?
For background on this post, check out the Auditing Takoma Park 2009 Election.
I’m gathering all documentation on a Google Site. This blog will continue to serve as the narrative, while the datasets and documentation will live on the Google Site, and I’ll refer to them as needed from this blog.
Let’s begin with an explanation of the voting process that Takoma Park citizens will experience on November 3rd, 2009.
(If you’re a Takoma Park resident: make sure to register by October 5th if you want to participate in this historic election!)
Say hello to Valerie, our token voter. At a high level, Valerie’s voting experience is identical to her past experience with a typical optical-scan election. She fills in the bubbles for the candidates of her choice, casts her ballot, and walks away. With one twist: if Valerie wants to, she can write down some confirmation codes that will let her audit her ballot later on.
Continue reading Takoma Park 2009: the voter experience
On Friday, I attended Social Network Security 2009 at Stanford. This was a fantastic get-together, with some very interesting info from Facebook, Google, Yahoo, Loopt, and the research front. I have some notes, mostly from the first half of the day, at which point my laptop battery ran out. Time to upgrade to the 7-hour battery, I think. Facebook When I walked in (late, sorry), Tao Stein from Facebook was expressing some frustration with social network privacy research as he sarcastically quipped “yawn, people get lost in the fashion. Privacy is boring.” Facebook wants to give people control. They’re concerned … Continue reading A Partial Report from Social Network Security 2009 @ Stanford
The US government has just announced a pilot program to integrate OpenID (and Information Cards) into public government web sites. This is very interesting news, as it will likely catalyze even greater OpenID deployment and use. [I’ve poo-poo’ed OpenID here and here, because of phishing and privacy concerns. I’m still very worried. I’ve suggested ways to defend OpenID against phishing, and I helped Creative Commons deploy a privacy-conscious OpenID service.] What’s fascinating to me is the evolution of OpenID. The pitch used to be “log in with your URL.” The backend protocol was cool, but it didn’t really matter. Authentication … Continue reading The evolution of OpenID: you’re not a URL after all
I gave an invited talk on crypto voting. Ran out of time, as usual. I need to find a way to describe this stuff more efficiently. Later, I also presented MarkPledge2, joint work with Andy Neff. Olivier de Marneffe presented the UCL/Helios implementation. So much material to present there, he did a fantastic job of focusing on the core parts. Ari Feldman presented some work on surprising covert channels on the bulletin board. Seems like one of the good themes for the year. Vanessa Teague delved into the details of Pret-a-Voter voting. Missed a couple of talks after lunch as … Continue reading Quick Thoughts from EVT Day #2