Commentators on the Lavabit case, including the judge himself, have criticized Lavabit for designing its system in a way that resisted court-ordered access to user data. They ask: If court orders are legitimate, why should we allow engineers to design services that protect users against court-ordered access? The answer is simple but subtle: There are […]
Lavabit and how law enforcement access might be done in the future
October 14, 2013 by
The saga of Lavabit, the now-closed “secure” mail provider, is an interesting object of study. They’re in the process of appealing a court order to produce their SSL private keys, with which a government eavesdropper would then have access to the entirety of all traffic going in and out of Lavabit. You can read Lavabit’s […]
The Linux Backdoor Attempt of 2003
October 9, 2013 by
Josh wrote recently about a serious security bug that appeared in Debian Linux back in 2006, and whether it was really a backdoor inserted by the NSA. (He concluded that it probably was not.) Today I want to write about another incident, in 2003, in which someone tried to backdoor the Linux kernel. This one […]
A Start-Up Born at CITP
October 8, 2013 by
As is probably the case with many start-ups, Gloobe was born late at night. Early in 2013, on the night of a snowstorm in Princeton, I presented at the student-led Code at Night hackathon an idea for a web site that organized civic information onto online maps of local communities. With experience as a former […]
