The recent conviction of Andrew “Weev” Auernheimer for identity theft and conspiracy has renewed interest in the question of what researchers should do when they find security vulnerabilities in popular products. See, for example, Matt Blaze’s op-ed on how the research community views these matters, and Weev’s own response. Weev and associates discovered a flaw […]
What happens when responsible disclosure fails?
December 5, 2012 by
The topic of how to handle security vulnerabilities has been discussed for years. Wikipedia defines responsible disclosure as: Responsible disclosure is a computer security term describing a vulnerability disclosure model. It is like full disclosure, with the addition that all stakeholders agree to allow a period of time for the vulnerability to be patched before […]
When Technology Sanctions Backfire: The Syria Blackout
December 4, 2012 by
American policymakers face an increasingly complex set of choices about whether to permit commerce with “repressive regimes” for core internet technologies. The more straightforward cases involve prohibitions on US import of critical network technology from states that we suspect may include surveillance backdoors. For example, fears of “cyber espionage” have fueled a push for import […]
No Longer Bit Players: Internet Governance & Economic Growth in Developing Countries
December 3, 2012 by
The 200 sovereign state members of the United Nations International Telecommunications Union (ITU) will gather in Dubai this week for the World Conference of International Telecommunications (WCIT). The WCIT is a treaty developed to facilitate global interconnection and interoperability between telecommunications carriers. The treaty was last reviewed in 1988, an era where the majority of telecommunications networks […]
Congressman Issa's "Internet Law Freeze": Appealing but Impractical
November 29, 2012 by
This week, Congressman Darrell Issa released a draft bill that would prevent Congress and administrative agencies from creating any new internet-related laws, rules, or regulations. The Internet American Moratorium Act (IAMA) is a rhetorical stake in the ground for the notion that the government should “keep its hands off the internet.” In the wake of […]
