Princeton's Ed Felten (previously) is one of America's preeminent computer scientists, having done turns as CTO of the FTC and deputy CTO of the White House.
Princeton computer scientist and former White House Deputy CTO Ed Felten (previously) writes about the security lessons of the 2016 election: first, that other nation-states are more aggressive than generally supposed, and second, that you don't need to hack the vote-totals to effect devastation on an adversary — it's sufficient to undermine the election's legitimacy by messing with voter rolls, "so there is uncertainty about whether the correct people were allowed to vote."
In 2014, Quentin Tarantino sued Gawker for publishing a link to a leaked pre-release screener of his movie "The Hateful Eight." The ensuing court-case revealed that the screeners Tarantino's company had released had some forensic "traitor tracing" features to enable them to track down the identities of people who leaked copies.
Eminent computer scientist Ed Felten has posted a short, extremely useful taxonomy of four ways that an algorithm can fail to be accountable to the people whose lives it affects: it can be protected by claims of confidentiality ("how it works is a trade secret"); by complexity ("you wouldn't understand how it works"); unreasonableness ("we consider factors supported by data, even when you there's no obvious correlation"); and injustice ("it seems impossible to explain how the algorithm is consistent with law or ethics").
Ernie Smith's Motherboard article on the early years of DRM gets into some fascinating stories about things like IBM's Cryptolope and Xerox PARC's Contentguard (which became a patent troll), Intertrust's belief that it is "developing the basis for a civil society in cyberspace" and the DeCSS fight.
Ed Felten (previously) — copyfighter, Princeton computer scientist, former deputy CTO of the White House — has published a four-and-a-half-page "primer for policymakers" on cryptography that explains how encryption for filesystems and encryption for messaging works, so they can be less ignorant.
I have a new op-ed in today's Privacy Tech, the in-house organ of the International Association of Privacy Professionals, about the risks to security and privacy from the World Wide Web Consortium's DRM project, and how privacy and security pros can help protect people who discover vulnerabilities in browsers from legal aggression.
He'll serve under the brilliant Megan Smith, the CTO.
Michael Daniel thinks "being too down in the weeds at the technical level could actually be a little bit of a distraction"; Ed Felten counters, "Imagine reaction if White House economic advisor bragged about lack of economics knowledge, or Attorney General bragged about lack of legal expertise."
A new set of leaked NSA slides from the Snowden trove was published in the Washington Post today, detailing NSA/GCHQ's use of Web cookies (including Google's PREF cookie) to uniquely identify people as they move around the Web, in order to target them and compromise them. — Read the rest
With admirable clarity and brevity, Princeton's Ed Felten explains why Lavabit's owner was right to design his email service to be resistant to court orders. The whole piece is good and important, but here's the takeaway: "At Lavabit, an employee, on receiving a court order, copies user data and gives it to an outside party—in this case, the government. — Read the rest
Ed Felten comments on the news that MIT has moved to delay the release of the Secret Service files on Aaron Swartz:
— Read the rest
It seems unlikely that MIT will find information redactable under FOIA that hasn't already been redacted by the Secret Service.
Princeton computer science profession Ed Felten has an excellent explanation of what it means to security to have the NSA actively sabotaging cryptographic standards and tools. As he points out, the least secure situation is to believe that you are secure when you are not — a car without breaks can be driven slowly and cautiously, if you know the brakes are shot. — Read the rest
In an urgent, important blog post, computer scientist and security expert Ed Felten lays out the case against rules requiring manufacturers to put wiretapping backdoors in their communications tools. Since the early 1990s, manufacturers of telephone switching equipment have had to follow a US law called CALEA that says that phone switches have to have a deliberate back-door that cops can use to secretly listen in on phone calls without having to physically attach anything to them. — Read the rest
Today, the FTC announced a settlement with Myspace, involving charges that the social networking service misrepresented how it protects users' personal data. The settlement "bars Myspace from future privacy misrepresentations, requires it to implement a comprehensive privacy program, and calls for regular, independent privacy assessments for the next 20 years." — Read the rest
Ed Felten presents and argues for the idea of "accountable algorithms" for use in public life — that is, "output produced by a particular execution of the algorithm can be verified as correct after the fact by a skeptical member of the public." — Read the rest
Original research from Princeton's Joe Calandrino, Ed Felten and Will Clarkson show that machine analysis can make very accurate guesses about the identity of people who complete bubble-in forms — that is, there's something like a recognizable, individual "penmanship" for the small scribbles used to fill in the bubbles on machine-readable forms. — Read the rest