April 20, 2014

avatar

Bitcoin Research in Princeton CS

Continuing our post series on ongoing research in computer security and privacy here at Princeton, today I’d like to survey some of our research on Bitcoin. Bitcoin is hot right now because of the recent run-up in its value. At the same time, Bitcoin is a fascinating example of how technology, economics, and social interactions fit together to create something of value.
[Read more...]

avatar

Web measurement for fairness and transparency

[This is the first in a series of posts giving some examples of security-related research in the Princeton computer science department. We're actively recruiting top-notch students to enter our Ph.D. program, as well as postdocs and visiting scholars. We don't have enough bandwidth here on the blog to feature everything we do, so we'll be highlighting a few examples over the next couple of weeks.]

Everything we do on the web is tracked, profiled, and analyzed. But what do companies do with that information? To what extent do they use it in ways that benefit us, versus discriminatory ways? While many concerns have been raised, not much is known quantitatively. That’s why at Princeton we’re building an infrastructure to detect, measure and reverse engineer differential treatment of web users.

[Read more...]

avatar

NSA Strategy 2012-16: Outsourcing Compliance to Algorithms, and What to Do About It

Over the weekend, two new NSA documents revealed a confident NSA SIGINT strategy for the coming years and a vast increase of NSA-malware infected networks across the globe. The excellent reporting overlooked one crucial development: constitutional compliance will increasingly be outsourced to algorithms. Meaningful oversight of intelligence practises must address this, or face collateral constitutional damage. [Read more...]

avatar

Improve Connectivity in Rural Communities – Principle #9 for Fostering Civic Engagement Through Digital Technologies

In my recent blog posts, I have been discussing ways that citizens can communicate with government officials through the Internet, social media, and wireless technology to solve problems in their communities and to effect public policy. Using technology for civic engagement, however, should not be limited to communications with elected or appointed government officials. One of the themes I have sought to address across my series of posts – and will discuss in more detail today – is that citizen-to-citizen communication through digital technologies for civic purposes is extremely important in building healthy communities. This is particularly true in rural areas. Improving digital connectivity in rural areas will help people communicate more effectively with civic institutions, such as schools and libraries, and commercial entities, such as commodities markets, that effect residents daily lives and economic well-being.
[Read more...]

avatar

Digital Activism and Non Violent Conflict

As a CITP fellow last year, one of my goals was to get a new project on digital activism off the ground.  With support from the US Institutes of Peace and a distributed network of researchers we pulled together an event dataset of hundreds of instances where people tried using information and communication technologies to achieve political goals.  The Digital Activism project launched.

The research team analyzed some 1,200 cases of digital activism worldwide, including some 400 cases from the past three years. First, we defined activism as efforts not just at regime change, but campaigns for policy changes at all levels of government. Second, we made sure this was a truly global sample – going far beyond the best-known cases that both sides in this debate had cited. Our initial research in this Digital Activism Research Project showed us how much more work can and should be done, one particular trend was apparent right away.
[Read more...]

avatar

Your TV is spying on you, and what you can do about it

A recent UK observer with a packet sniffer noticed that his LG “smart” TV was sending all his viewing habits back to an LG server. This included filenames from an external USB disk. Add this atop observations that Samsung’s 2012-era “smart” TVs were riddled with security holes. (No word yet on the 2013 edition.)

What’s going on here? Mostly it’s just incompetence. Somebody thought it was a good idea to build these TVs with all these features and nobody ever said “maybe we need some security people on the design team to make sure we don’t have a problem”, much less “maybe all this data flowing from the TV to us constitutes a massive violation of our customers’ privacy that will land us in legal hot water.” The deep issue here is that it’s relatively easy to build something that works, but it’s significantly harder to build something that’s secure and respects privacy.
[Read more...]

avatar

A Good Day at the Googleplex

            Judge Chin has issued his decision in the Google Book Search case, and it’s a win for Google. For those of you who have been following the litigation, it’s been a long trip through the arcana of class certification. Today’s decision, however, finally gets to the merits of Google’s fair use defense under the Copyright Act. The outcome is not surprising in light of last year’s decision in the related HathiTrust case, which held that Google’s mass digitization of books on behalf of academic libraries to facilitate scholarship and research and to aid print-disabled library patrons is fair use. The Google Books case could have come out differently, however, given that Google, unlike an academic library, is a commercial enterprise and that the service it provides through Book Search reaches far beyond an academic audience. In addition, the amount of text that Google displays in Book Search results (multiple contextual “snippets” including the search term) is greater than the amount displayed by the HathiTrust (only the page numbers and number of hits per page for the search term). Both of those factors—the commercial or non-profit nature of the use and the amount of text displayed—are relevant to the fair use analysis.

[Read more...]

avatar

Inject New Energy into Problem Solving – Principle #8 for Fostering Civic Engagement Through Digital Technologies

In response to my recent post arguing that the Federal government needs to use the social web more effectively as a tool for improving information sharing between the Federal government and the public, Michael Herz from the Benjamin N. Cardozo School of Law reached out and directed me to a comprehensive report he recently authored for the consideration of the Administrative Conference of the United States entitled “Using Social Media in Rulemaking: Possibilities and Barriers.” One of Mr. Herz’s colleagues described the report’s tone as one of “skeptical optimism.” Mr. Herz asked me specifically about the role of social media in the Federal agency rulemaking process. In short, I generally agree with his statement that “social media culture is at odds with the fundamental characteristics of notice-and-comment rulemaking” because filing insightful comments requires “time, thought, study of the agency proposal and rationale, articulating reasons rather than…off-the-top-of-one’s-head assertions of a bottom line.” Social media, we both agree, however, is a valuable tool for Federal agencies to use to inform the public – particularly those people or groups whom the agency believes may have a vested interest in ongoing rulemakings.

Our e-mail exchange has me thinking now about why many governments and residents are embracing technology-based solutions for urban problems whereas the Federal government, as exemplified by the problems with the Affordable Care Act implementation, has not been as effective in using the Internet, wireless technology and social media to deliver services to the public. Today, I will discuss three reasons why it is easier to inject new energy into technology-based problem solving in local communities.
[Read more...]

avatar

Game Theory and Bitcoin

In light of the back-and-forth about the recent Eyal and Sirer (“ES”) paper about Bitcoin mining, I want to take a step back and talk about what a careful analysis of Bitcoin mining dynamics would look like. (Here are some previous posts if you need backstory: 1 2 3 4 5.)

The key to a sound analysis of situations like this is to use game theory, a well established set of intellectual tools for thinking about strategic behavior in adversarial settings.

The ES paper makes two main claims that use language from game theory. First, they claim that their “selfish” strategy dominates the default “honest” Bitcoin mining strategy. Second, they claim that Bitcoin is not incentive compatible.
[Read more...]

avatar

Why the Cornell paper on Bitcoin mining is important

    Joint post with Andrew Miller, University of Maryland.

Bitcoin is broken, claims a new paper by Cornell researchers Ittay Eyal and Emin Gun Sirer. No it isn’t, respond Bitcoiners. Yes it is, say the authors. Our own Ed Felten weighed in with a detailed analysis, refuting the paper’s claim that a coalition of “selfish miners” will grow in size until it controls the whole currency. But this has been disputed as well.

In other words, the jury is still out. But something has been lost in all the noise about the grandiose statements — on their way to getting to their strong claim, the authors make a weaker and much more defensible argument, namely that selfish miners can earn more than their fair share of mining revenue. [Read more...]