March 19, 2024

Berkeley releases report on barriers to cybersecurity research

I’m pleased to share this report, as I helped organize this event. Researchers associated with the UC Berkeley School of Information and School of Law, the Berkeley Center for Law and Technology, and the International Computer Science Institute (ICSI) released a workshop report detailing legal barriers and other disincentives to cybersecurity research, and recommendations to […]

VW = Voting Wulnerability

On Friday, the US Environmental Protection Agency (EPA) “accused the German automaker of using software to detect when the car is undergoing its periodic state emissions testing. Only during such tests are the cars’ full emissions control systems turned on. During normal driving situations, the controls are turned off, allowing the cars to spew as […]

How not to measure security

A recent paper published by Smartmatic, a vendor of voting systems, caught my attention. The first thing is that it’s published by Springer, which typically publishes peer-reviewed articles – which this is not. This is a marketing piece. It’s disturbing that a respected imprint like Springer would get into the business of publishing vendor white […]

Too many SSNs floating around

In terms of impact, the OPM data breach involving security clearance information is almost certainly the most severe data breach in American history. The media has focused too much on social security numbers in its reporting, but is slowly starting to understand the bigger issues for anyone who has a clearance, or is a relative […]

Decertifying the worst voting machine in the US

On Apr 14 2015, the Virginia State Board of Elections immediately decertified use of the AVS WinVote touchscreen Direct Recording Electronic (DRE) voting machine. This seems pretty minor, but it received a tremendous amount of pushback from some local election officials. In this post, I’ll explain how we got to that point, and what the […]