There’s no doubt that the quality of tech reporting in major newspapers has improved in recent years. It’s rare these days to see a story in, say, the New York Times whose fundamental technical premise is wrong. Still, it does happen occasionally—as it did yesterday. Yesterday’s Times ran a story gushing about mesh networks as […]
Eternal vigilance is a solvable technology problem: A proposal for streamlined privacy alerts
April 21, 2014 by
Consider three recent news articles about online privacy: Google+ added a new feature that shows view counts on everything you post, including your photos. It’s enabled by default, but if you don’t want to be part of the popularity contest, there’s a setting to turn it off. There is a new privacy tool called XPrivacy […]
Heartbleed and passwords: don't panic
April 11, 2014 by
The Heartbleed bug has captured public attention this week like few security vulnerabilities before it. This is a good thing, as indeed this is a catastrophic flaw. Many people have focused on its impact on passwords with headlines like “Security Flaw Exposes Millions Of Passwords” and “Change these passwords right now.” Heartbleed certainly could have been used […]
Heartsick about Heartbleed
April 10, 2014 by
Ed Felten provides good advice on this blog about what to do in the wake of Heartbleed, and I’ve read some good technical discussions of the technical problem (see this for a particularly understandable explanation). Update Apr 11: To understand what Heartbleed is all about, see XKCD. Best. Explanation. Ever. In this brief posting, I […]
How to protect yourself from Heartbleed
April 9, 2014 by
The Heartbleed vulnerability is one of the worst Internet security problems we have seen. I’ll be writing more about what we can learn from Heartbleed and the response to it. For now, here is a quick checklist of what you can do to protect yourself.
