The Command Line

This is just too funny. I haven’t had a belly laugh at Diebold’s expense lately. Thanks, Professor Felten and Ross Kinard.
If Diebold wasn’t already under massive scrutiny and the state of evoting more broadly wasn’t being so actively scrutinized and discussed, this might be ever so slightly more forgivable even if still inexcusable [...]

I am so glad he provided archive links in his admittedly short comment on the slashdot story. He’s standing by what he said, in terms of this being an important result but not as severe as the story in question made it sound. His archived pieces also remind us that in many ways [...]

I guess the details that Felten explains are perhaps what drives the supposition that rights holders might express the sort of strategic thinking the previous piece in the series suggests. We haven’t seen any evidence of that shrewdness in practice, though, so the idea has to originate from *somewhere*.

J. Alex Halderman has posted the next in the series of discussion of the AACS crack. I am utterly fascinated, especially by the counter intuitive aspects. It is going to be very interesting to see how closely the actual black listing matches the theories and predictions. I don’t typically credit the content [...]

J. Alex Halderman has post the promised details in the series of explorations of AACS over at Freedom to Tinker. I am a bit surprised by the sophistication this seems to suggestion was designed into AACS. I guess the content industry learned their lesson with CSS and DeCSS. I wonder if, like [...]

Just wanted to post a pointer to the first detailed posted by Professor Felten that he promised on the subject. Haven’t even had a chance to read it, yet.
I’ve read this and here are some of my thoughts.
I would not so readily discount people’s willingness to transcode from the native HD format to DivX [...]

Nice to see my understanding of how this crack works has been validated by Professor Felten and his commenters. I tend to agree with him, rather than those claiming this as a non-event, though I am call and reserved in that agreement. As I mentioned in the podcast from the 7th, regardless of [...]

Not surprisingly, the emphasis of the NYT coverage is on the impact on the commercial aspects of the internet. Secondarily, they bemoan the failure of security vendors to solve the problem.
I am glad they are covering such an important issue but I am afraid it doesn’t do a good enough job informing those it [...]

I cannot tell if PayPal’s new virtual debit card is really any more secure than any other form of online transaction. No, seriously, it’s apparently Windows only, working with MSIE 5.01 and later. Even though I have access to a virtual instance of Windows, I refuse to use MSIE for any personal surfing, [...]

Well, not really since this does not appear to be an automated attack, rather a manual and specific one. Also, hello, “cyber cafe”? I am not sure that this constitutes a new form of hijack, but is rather a single case of blinding naivete.
I am worried about the dangers of automatic filling of [...]