February 8, 2023

Is Internet Voting Secure? The Science and the Policy Battles

I will be presenting a similarly titled paper at the 2022 Symposium Contemporary Issues in Election Law run by the University of New Hampshire Law review, October 7th in Concord, NH. The paper will be published in the UNH Law Review in 2023 and is available now on SSRN. I have already serialized parts of […]

Recommendations for Updating the FTC’s Disclosure Guidelines to Combat Dark Patterns

Last week, CITP’s Tech Policy Clinic, along with Dr. Jennifer King, brought leading interdisciplinary academic researchers together to provide recommendations to the Federal Trade Commission on how it should update the 2013 version of its online digital advertising guidelines (the “Disclosure Guidelines”). This post summarizes the comment’s main takeaways.    We focus on how the FTC […]

The anomaly of cheap complexity

Why are our computer systems so complex and so insecure?  For years I’ve been trying to explain my understanding of this question. Here’s one explanation–which happens to be in the context of voting computers, but it’s a general phenomenon about all our computers: There are many layers between the application software that implements an electoral […]

Magical thinking about Ballot-Marking-Device contingency plans

The Center for Democracy and Technology recently published a report, “No Simple Answers: A Primer on Ballot Marking Device Security”, by William T. Adler.   Overall, it’s well-informed, clearly presents the problems as of 2022, and it’s definitely worth reading.  After explaining the issues and controversies, the report presents recommendations, most of which make a lot […]

Toward Trustworthy Machine Learning: An Example in Defending against Adversarial Patch Attacks (2)

By Chong Xiang and Prateek Mittal In our previous post, we discussed adversarial patch attacks and presented our first defense algorithm PatchGuard. The PatchGuard framework (small receptive field + secure aggregation) has become the most popular defense strategy over the past year, subsuming a long list of defense instances (Clipped BagNet, De-randomized Smoothing, BagCert, Randomized […]