Search

Filters Applied

1

Taking the Pulse of Security Research

Security researchers and hackers are the tinkerers of the digital age; they toil among bits and bytes and occasionally come up with new, clever methods to both build and break the increasingly digital infrastructure all around us. Today, a number of important things are happening in the world of security research that CDT is involved with.

Read More Read More
2

Cloudflare Steps Up To Help Protect Elections with Project Athenian

It’s no exaggeration to say the US election ecosystem faces a number of challenges in the wake of the 2016 election cycle. We learned of new threats from disinformation campaigns, to attacks on state voter registration websites, to direct attacks on election officials themselves. While the philanthropic sector has been very active from grants to organizations to funding deep academic analysis of threats to the election system, the private sector has been slower to recognize the important role they can play to help better protect US elections. That is changing, particularly with the launch of Cloudflare’s Athenian Project, which will provide free-of-charge protection and content distribution for official election websites.

Read More Read More
3

Campaign Data Breaches: Political Toxic Waste

Calling last week’s news that security researchers found an abandoned political campaign database on the internet with detailed information on over 200 million voters from 2008, 2012, and 2016 troubling is a massive understatement akin to calling the Titanic a boating accident. It’s closer to a catastrophe. Moreover, it may represent only the tip of the iceberg; Gizmodo points out that, “Five voter-file leaks over the past 18 months exposed between 350,000 and 191 million files.” As data collection and usage play an ever-growing role in political campaigns, the iceberg below is starting to look ominous. In partnership with political campaigns, Political Action Committees, consulting firms, and other NGOs that work in and around elections, CDT will lead efforts to draft a “campaign data stewardship pledge,” including templates for privacy policies, data security playbooks, and other materials that will move the principles reflected in a stewardship pledge into action.

Read More Read More
5

“The Cyber” Part IV: Are There Appropriate Ethical Limits on Hacking?

How far is too far? We’ve been asking this question over and over again at CDT while conducting interviews of security researchers and in drafting CDT’s new white paper that surveys “hard questions” in the world of computer security research. Through these conversations, we are developing a basic set of ethical spectra – essentially, axes along which security research activities become more or less ethically questionable. In this white paper, we note a few possible options for better mapping the ethical landscape of the security research world.

Read More Read More
6

Serious Privacy Risks Lie in the Path of Vehicle Automation

Yesterday, CDT joined four top cryptography and security experts in raising serious privacy concerns with proposed next-generation vehicle-to-vehicle communication standards. We call for this system to be explicitly opt-in or for the design to be significantly reconsidered so as to avoid the problems we identify. There are some promising tools from applied cryptography that could be leveraged to design a system that would impact driver and passenger privacy to a much lesser extent.

Read More Read More
8

The Beginning of the End of Sharing Banking Credentials

JPMorgan Chase and Intuit announced that they’ve agreed to a new model on bank login credentials and third-party access. It’s one that not only vastly improves the privacy and security of relationships between banks and third-party financial tools, but also improves how these kinds of apps work. The new process will eliminate cumbersome user interfaces for detailed account access information and will put more choice and control into the hands of consumers.

Read More Read More
9

It’s Time to Move to HTTPS

You’ve heard us talk extensively about the importance of moving the web to HTTPS – the encrypted version of the web’s HTTP protocol. CDT has released a one-pager aimed at website system administrators (and their bosses!) that describes the importance of HTTPS. And we are excited to announce a partnership to increase HTTPS adoption for online adult entertainment.

Read More Read More