Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Privacy

Bitcoin over Tor isn’t a good idea – Paper

Paper by Alex Biryukov, Ivan Pustogarov

“Bitcoin is a decentralized P2P digital currency in which coins are generated by a distributed set of miners and transaction are broadcasted via a peer-to-peer network.
While Bitcoin provides some level of anonymity (or rather pseudonymity) by encouraging the users to have any number of random-looking Bitcoin addresses, recent research shows that this level of anonymity is rather low. This encourages users to connect to the Bitcoin network through anonymizers like Tor and motivates development of default Tor functionality for popular mobile SPV clients. In this paper we show that combining Tor and Bitcoin creates an attack vector for the deterministic and stealthy man-in-the-middle attacks. A low-resource attacker can gain full control of information flows between all users who chose to use Bitcoin over Tor. In particular the attacker can link together user’s transactions regardless of pseudonyms used, control which Bitcoin blocks and transactions are relayed to the user and can delay or discard user’s transactions and blocks. In collusion with a powerful miner double-spending attacks become possible and a totally virtual Bitcoin reality can be created for such set of users.”

Security – a perpetual war: lessons from nature

Via Cornell University Library – Security – a perpetual war: lessons from nature, Wojciech Mazurczyk, Elżbieta Rzeszutko (Submitted on 17 Oct 2014) “For ages people have sought inspiration in nature. Biomimicry has been the  propelling power of such inventions, like Velcro tape or “cat’s eyes” – retroreflective road marking. At the same time, scientists have been developing biologicallyContinue Reading

EFF Launches Updated Know Your Rights Guide

“If the police come knocking at your door, the constitution offers you some protection. But the constitution is just a piece of paper—if you don’t know how to assert your rights. And even if you do assert your rights…what happens next? That answer may seem complicated, but protecting yourself is simple if you know yourContinue Reading

Security in the New Mobile Ecosystem – Report

“Ponemon Institute and Raytheon are pleased to present the findings of Security in the New Mobile Ecosystem (reg. req’d). The purpose of this research is to examine the impact of mobile devices, mobile apps and the mobile workforce (a.k.a. mobile ecosystem) on the overall security posture of organizations in the United States. Security is sacrificed for productivity.Continue Reading

Executive Order – Improving the Security of Consumer Financial Transactions

“Given that identity crimes, including credit, debit, and other payment card fraud, continue to be a risk to U.S. economic activity, and given the economic consequences of data breaches, the United States must take further action to enhance the security of data in the financial marketplace. While the U.S. Government’s credit, debit, and other paymentContinue Reading

RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response

Via Cornell University Library Open Access e-prints: RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response. Úlfar Erlingsson, Vasyl Pihur, Aleksandra Korolova (Submitted on 25 Jul 2014 (v1), last revised 25 Aug 2014 (this version, v2)). “Randomized Aggregatable Privacy-Preserving Ordinal Response, or RAPPOR, is a technology for crowdsourcing statistics from end-user client software, anonymously, with strong privacy guarantees. In short, RAPPORsContinue Reading

Safeguarding the Personal Information of all People – ODNI

Office of the Director of National Intelligence (ODNI) – Safeguarding the Personal Information of all People, July 2014. “As the President said in his speech on January 17, 2014, “the challenges posed by threats like terrorism, proliferation, and cyber-attacks are not going away any time soon, and for our intelligence community to be effective over theContinue Reading

EPIC Obtains New Documents About Lack of Student Privacy Enforcement

“EPIC has obtained new documents from the Department of Education detailing parent and student complaints about the misuse of education records. The Department released the documents in response to an EPIC Freedom of Information Act request. EPIC is expecting to receive more documents about the agency’s enforcement of the Family Educational Rights and Privacy Act.Continue Reading

Self-Defense Against Robots

A. Michael Froomkin and Zak Colangelo on “Self-Defense Against Robots” “Deployment of robots in the air, the home, the office, and the street inevitably means their interactions with both property and living things will become more common and more complex. This paper examines when, under U.S. law, humans may use force against robots to protect themselves,Continue Reading

Is Your Company Ready for a Big Data Breach?

The Second Annual Study on Data Breach Preparedness – Ponemon Institute© Research Report – Sponsored by Experian® Data Breach Resolution – Independently conducted by Ponemon Institute LLC. Publication Date: September 2014. “Data breaches are increasing in frequency. Forty-three percent of respondents say their companies had a data breach involving the loss or theft of more than 1,000 records, anContinue Reading

At OECD Global Forum, EPIC Urges “Algorithmic Transparency”

“Speaking to delegates at the OECD Global Forum for the Knowledge Economy in Tokyo, EPIC President Marc Rotenberg urged OECD member countries to endorse “algorithmic transparency,” the principle that data processes that impact individuals be made public. Mr. Rotenberg explained that companies are too secretive about what they collect and how they use personal data. Mr.Continue Reading

UH Law Center debuts first database of Fortune 500 company codes of conduct

“The University of Houston Law Center today released a searchable database that contains the compliance codes for Fortune 500 companies.  The project was led by Houston attorney Ryan McConnell, an adjunct professor at the University of Houston Law Center. McConnell worked with a team of recent graduates and current students to develop the database, whichContinue Reading