March 29, 2017

Archives for April 2014

Mesh Networks Won't Fix Internet Security

There’s no doubt that the quality of tech reporting in major newspapers has improved in recent years. It’s rare these days to see a story in, say, the New York Times whose fundamental technical premise is wrong. Still, it does happen occasionally—as it did yesterday.

Yesterday’s Times ran a story gushing about mesh networks as an antidote to Internet surveillance. There’s only one problem: mesh networks don’t do much to protect you from surveillance. They’re useful, but not for that purpose.
[Read more…]

Eternal vigilance is a solvable technology problem: A proposal for streamlined privacy alerts

Consider three recent news articles about online privacy:

  • Google+ added a new feature that shows view counts on everything you post, including your photos. It’s enabled by default, but if you don’t want to be part of the popularity contest, there’s a setting to turn it off.

  • There is a new privacy tool called XPrivacy for Android that protects you from apps that are hungry for your personal information (it does this by by feeding them fake data).

  • A new study reveals that several education technology providers have intrusive privacy policies. Students and parents might want to take this into account in making choices about online education services.

These are just a few examples of the dozens of articles that come out every month informing privacy-conscious users that they need to change some setting, install a tool, or otherwise take some action to protect their privacy. In particular, companies often release new features with permissive defaults and an opt-out setting. It seems that online privacy requires eternal vigilance.

Eternal vigilance is hard. Even as a privacy researcher I often miss privacy news that affects me; for the majority of people who don’t have as much time to devote to online privacy, the burden is just too much. But before concluding that the situation is hopeless, let’s ask if there’s a technological solution.

[Read more…]

Bitcoin hacks and thefts: The underlying reason

Emin Gün Sirer has a fascinating post about how the use of NoSQL caused technical failures that led to the demise of Bitcoin exchanges Flexcoin and Poloniex. But these are only the latest in a long line of hacks of exchanges, other services, and individuals; a wide variety of bugs have been implicated. This suggests that there’s some underlying reason why Bitcoiners keep building systems that get exploited. In this post I’ll examine why.

[Read more…]