April 24, 2014

Andrew Appel

avatar

Ed Felten elected to National Academy

The National Academy of Engineering announced today that Edward W. Felten, professor of computer science and public affairs, and director, Center for Information Technology Policy, Princeton University, Princeton, N.J., has been elected to the National Academy “For contributions to security of computer systems, and for impact on public policy.”

From the NAE’s announcement:

Election to the National Academy of Engineering is among the highest professional distinctions accorded to an engineer.  Academymembership honors those who have made outstanding contributions to “engineering research, practice, or education, including, where appropriate, significant contributions to the engineering literature,” and to the “pioneering of new and developing fields of technology, making major advancements in traditional fields of engineering, or developing/implementing innovative approaches to engineering education.”

avatar

Oral arguments in NJ voting-machines lawsuit appeal

The appellate hearing (oral argument) of the New Jersey voting-machines lawsuit (Gusciora v. Christie) has been rescheduled to March 5, 2013 in Trenton, NJ.

To learn what this is all about, and why you should attend, click here.

To recheck the location, time of day, and date of the hearing before you go down to Trenton, check this very post for updates.

Note new time!

Time:  10:00 a.m. 11:30 a.m., March 5, 2013  (but arrive significantly earlier, because it takes some time to get through security).

Place:  8th Floor, N. Wing, Hughes Justice Complex, Trenton, NJ.   Specifically,  Part E: Judges Messano, Ostrer and Lihotz.

Transportation:  If anyone from the Princeton area is interested in carpooling, send me mail.

avatar

Voting machine lawsuit, oral arguments, venue change

For those who were considering attending the oral arguments December 4th of the appeal of the Gusciora lawsuit about New Jersey’s voting machines–which I encourage you to do–the location has been changed from Jersey City to Trenton.

Location: 8th Floor, N. Wing, Hughes Justice Complex, Trenton, NJ.

Date/time: December 4th, 2012, 10:00 a.m.

Postponed until a date yet to be determined [note added 11/29/12].

avatar

NJ Lt. Governor invites voters to submit invalid ballots

On November 3rd, the Lieutenant Governor of New Jersey issued a directive, well covered in the media, permitting storm-displaced New Jersey voters to vote by e-mail.  The voter is to call or e-mail the county clerk to request an absentee ballot by e-mail or fax, then the voter returns the ballot by e-mail or fax:

“The voter must transmit the signed waiver of secrecy along with the voted ballot by fax or e-mail for receipt by the applicable county board of election no later than November 6, 2012 at 8 p.m.”

We see already one problem:  The loss of the secret ballot.  At many times in the 20th century, NJ political machines put such intense pressure on voters that the secret ballot was an important protection.  In 2012 it’s in the news that some corporations are pressuring their employees to vote in certain ways.  The secret ballot is still critical to the functioning of democracy.

But there’s a much bigger problem with the Lt. Gov. Kim Guadagno’s directive:  If voters and county clerks follow her instructions, their votes will be invalid.
[Read more...]

avatar

Oral Arguments 12/4 in NJ Voting-Machine Lawsuit

Note new date and time!

This election day, New Jersey voters will vote–if electricity is restored and if they can get to the polls after the hurricane–on a model of voting machine that I have personally demonstrated how to hack.  My hack is simple: prepare fraudulent vote-stealing software on a memory chip, make thousands of copies of the chip, and install the fraudulent chip on as many actual voting machines as possible before an election.

What I demonstrated for the NJ trial court in 2009 was how the fraudulent software moves votes from one candidate’s tally to the other, and how to install the memory chip into the voting machine.  In the courtroom I removed and replaced the supposedly tamper-evident seals, without leaving evidence of tampering.  In real life, voting machines are left unattended and unguarded at polling sites (schools, churches, firehouses) for days before each election.  Anyone can master the simple tool (razor blades) for peeling away the adhesive seals, and the simple tool (screwdriver) for installing the fraudulent chip.
[Read more...]

avatar

Broken Ballots

Broken Ballots book cover A important new book has just been published on the technology and policy of elections. Broken Ballots: Will Your Vote Count by Douglas W. Jones and Barbara Simons, covers voting systems from the 19th century to the present, with particular focus on the last two decades. The authors describe the strengths and weaknesses of the machinery itself–lever machines, optical-scan vote counters, touchscreen voting computers–with technical sophistication, yet in a way that will be accessible to a wide audience. Then they describe the strengths and weaknesses of the policy processes–at the level of election administration, congressional legislation, and Federal administrative-branch agencies–with particular emphasis on the last 10 years. The authors are experts in the field of voting technology and policy, and it shows. The book is well researched with extensive citations, but it’s also a good read (with photos and illustrations) that has an interesting story to tell.

avatar

Contract hacking and community organizing

I discussed community discontent with copyright terms of some scholarly publishers, and I proposed an economic analysis. Now let’s consider two other approaches.

Contract hacking

I have published quite a few scholarly papers, and with each one I am invited to sign a copyright form. This is a contract between author and publisher, which which I hand over certain rights and the give me $0 (plus they publish my paper). These contracts (and my signature) is in dead-tree form, on real paper (though in recent years it follows the print/sign/fax or print/sign/scan/e-mail model).

[Read more...]

avatar

Modest Proposals for Academic Authors

In the scuffles over copyright policies on scholarly articles, what is the academic author to do? First, inform yourself. Find and read the copyright policy of the journals (or refereed conferences) to which you submit the articles describing research results. Find out the subscription price (dead-tree-edition or online) that the publisher charges individuals and institutions, and compare with the norms in your fields and others. Decide for yourself whether your publisher is unduly limiting the spread of ideas, or charging such prices that the effect is the same.

Remember what Thomas Jefferson wrote in 1813:

That ideas should freely spread from one to another over the globe, for the moral and mutual instruction of man, and improvement of his condition, seems to have been peculiarly and benevolently designed by nature, when she made them, like fire, expansible over all space, without lessening their density in any point, and like the air in which we breathe, move, and have our physical being, incapable of confinement or exclusive appropriation. Inventions then cannot, in nature, be a subject of property.

[Read more...]

avatar

Copyright in Scholarly Publishing, 2012 Edition

I’ve heard a lot recently about copyright policies of scholarly journals. Over 9000 researchers signed a pledge to boycott Elsevier, on three grounds: (1) high prices for journal subscriptions, (2) bundling practices for institutional subscriptions; (3) lobbying regarding SOPA, PIPA, and the Research Works Act.

Meanwhile, other organizations such as the ACM (scholarly/professional society for computer science and the computing industry) and IEEE (scholarly/professional society for electrical engineering and computing) once were leaders in open-access; they had relatively low journal prices and relatively liberal policies permitting authors to display preprints on the authors’ web pages. Now the ACM’s and IEEE’s policies have not changed, but they are no longer at the forefront: while ACM and IEEE require an assignment of copyright and leave the author with a few rights, organizations such as Usenix (another professional society in computing) take only a nonexclusive license to reprint a scholarly article.

[Read more...]

avatar

Tech@FTC

Professor Ed Felten, while on loan to the Federal Trade Commission for 2011 and Spring 2012, has a new Tech Policy Blog, Tech@FTC. When he’s in his role as Chief Technologist of the FTC, he’ll blog there; when he’s wearing his regular hat as Professor of Computer Science and Director of the Center for Information Technology Policy, he’ll blog here at freedom-to-tinker.

Of course, the big news from the FTC this week is the official report, Protecting Consumer Privacy in an Era of Rapid Change, and I see that Ed has something to say about that. But he’s also got an article about SQL injection and our friend, little Bobby Tables.