The Center for Research on Computation and Society continues its
weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, February 4, 2009
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 119

Speaker: Alissa Cooper

Title: From a Series of Tubes to the BarackBerry: Net Neutrality as an Illustration of Talking Technology in Washington

Abstract: Over the last several years, a number of policy issues have been debated under the heading of “net neutrality,” and these battles show no signs of slowing as the new President and Congress get settled in Washington. At the heart of the net neutrality question is whether the Internet will continue to thrive as an open platform for innovation and free expression and what policies, if any, are necessary to ensure that it will. In some ways, the net neutrality events of the last few years provide the perfect narrative to illustrate why technical knowledge is so fundamental to policymaking in the digital age.

In this talk I will trace through the recent history of net neutrality in Washington, including the 2006 legislative battle, the federal agency proceedings, the Comcast/BitTorrent action and the Internet standards work that it spurred, and recent developments initiated by the new administration. I will use these events to demonstrate how knowledge (or lack thereof) of the Internet’s technical operations has shaped the policy debate, and to point out where technical research could make beneficial contributions going forward.

Watch Video

The Center for Research on Computation and Society continues its
weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, December 10, 2008
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 2nd Floor Lounge Area

Speaker: Carl Landwehr

Title: IARPA Information Assurance Research

Abstract: IARPA, just past its first birthday, sponsors high-risk/high-payoff research that has the potential to provide the U.S. with an overwhelming intelligence advantage over our future adversaries. This talk will introduce IARPA and survey recent information assurance research conducted under IARPA sponsorship that aims to raise the bar substantially for attackers and to support accountable information flow. The technologies involved cover a broad range, from techniques that support tying a computation to a particular silicon chip to assuring that routers are configured in accordance with specified policies to automatically diversifying software to renewing the Internet. A new program to develop practical methods for symmetric private information retrieval will be introduced. The talk will close with a short discussion of potential new program areas aimed at providing trustworthy computing in an infrastructure that may be compromised. Audience participaton in this discussion will be welcomed.

Watch Video

The Center for Research on Computation and Society continues its
weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, December 3, 2008
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 119

Speaker: Ben Edelman

Title: The Darker Side of Online Advertising

Abstract: The best online ads are well-targeted, unobtrusive, and even useful. But ads can also go far astray. For example, various scammers claim payment for purportedly delivering ads, when in fact the ads were invisible, duplicative, or never shown at all. For advertisers, this fraud wastes limited budgets. For publishers and networks, fraud destabilizes platforms and reduces the earnings of legitimate participants. I’ll show a variety of the examples I’ve uncovered in several years of hands-on testing. Then we’ll think through the implications of these attacks, including suitable defenses through manual auditing, automated detection, and economic incentives.

Watch Video

The Center for Research on Computation and Society continues its
weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, November 19, 2008
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 119

Speaker: Heidi Voskuhl

Title: Machines and Manners: Android Automata and Sentimental Body Techniques in Eighteenth-Century Europe

Abstract: This paper explores the relationships between sentiments and mechanical machinery in the German Enlightenment through an investigation of two android automata that both display women playing a keyboard instrument. I analyze the two women automata’s mechanical motion and musical performance, and the respective clockwork mechanisms that gave rise to it, against the background of corresponding social and cultural contexts of music-making at the time. I demonstrate that the clockwork mechanisms were designed to reproduce mechanically a set of body techniques that were used in eighteenth-century Germany to communicate affects during musical performance from the musician to the audience. Such systematic attempts to cultivate affects were part of larger efforts in this age of “sentimentality” to establish new types of social relationships to create a new social order – civil society – and have it take the place of the traditional estate society. My analysis of these automata’s “mechanics of sentiment” asks, furthermore, how they embodied in this moment of the formation of modern society the fundamental tension residing in the mass production of individuality.

Bio: Heidi Voskuhl is an assistant professor in the Department of the History of Science at Harvard University, where she teaches the history of technology from the early modern to the modern period. She specializes in the history of technology and “robotics” in eighteenth-century continental Europe. Her broader interests include the philosophy of technology and the history of the human-machine relationship. She teaches classes in the history and historiography of technology, the history of engineering and computing, the Enlightenment, and the philosophy and theory of technology and literature. She is working on a book manuscript tentatively titled _The Mechanics of Sentiment: Automata and the Culture of Affect in Eighteenth-Century Europe_. She holds masters degrees in History and Philosophy of Science from Cambridge University (UK) and in Physics from Oldenburg University (Germany), as well as a Ph.D. in Science and Technology Studies from Cornell University.

Watch Video

The Center for Research on Computation and Society continues its
weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, November 12, 2008
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 2nd Floor Lounge Area

Speaker: Stuart Shieber

Title: The Future of Open Access, and How to Stop It

Abstract: Efforts such as the open access policies enacted by the Harvard Faculty of Arts and Sciences and Law School are intended to promote the broadest access to the university’s scholarly writings by retaining rights to distribute scholarly articles according to the principles of “open access”. There are reasonable worries, however, of unintended consequences of a wholesale change of scholarly communications practice along these lines. I will discuss the policies, the dystopian scenarios they sometimes evoke, and how universities can help avoid them.

Watch Video

The Center for Research on Computation and Society continues its
weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, November 5, 2008
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 119

Speaker: Tal Moran

Title: Receipt-Free Universally-Verifiable Voting With Everlasting Privacy

Abstract:
Using cryptographic techniques, it is possible to design a fair voting system whose correct operation can be verified by anyone, while still retaining ballot secrecy. Such voting schemes are called “Universally Verifiable”. If, in addition, the voting scheme prevents vote buying and coercion, we say it is “receipt-free”.

Our scheme is the first receipt-free scheme to give “everlasting privacy” for votes: even a computationally unbounded party does not gain any information about individual votes (other than what can be inferred from the final tally). Following in the footsteps of Chaum and Neff, our protocol ensures that the integrity of an election cannot be compromised even if the computers running it are all corrupt!

The talk won’t assume any previous knowledge of cryptography or computer science — I’ll try to explain the protocols and the intuitions behind them using simple physical metaphors.

This is joint work with Moni Naor

Watch Video

The Center for Research on Computation and Society continues its
weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, October 29, 2008
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 119

Speaker: David Lazer

Title: Life in the network– the coming age of computational social science

Abstract:
An increasing fraction of human interactions are digitally captured. These digital breadcrumbs create enormous opportunities for ground breaking social science. This talk will discuss what some of the potential opportunities are, as well the potential barriers to the emergence of a “computational social science.”

Bio: David Lazer is Associate Professor and Director of the Program on Networked Governance at the Harvard Kennedy School, and has written extensively on networks and technology.

Watch Video

The Center for Research on Computation and Society continues its
weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, October 22, 2008
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 119

Speaker: Chris Soghoian

Title:  Deceptive Phishing Research: Moral Questions and Legal Issues

Abstract:  Researchers are increasingly turning to live, “in the wild” phishing studies of users, who unknowingly participate without giving informed consent. Such studies can expose researchers to a number of unique, and fairly significant legal risks. This talk will introduce four case studies highlighting potential moral pitfalls, steps that researchers have taken to avoid legal problems, and the legal risks that they were unable to avoid. It will then provide a high-level introduction to a few particularly dangerous areas of the law. Finally, it will conclude with a series of best practices that may help researchers to avoid legal troubles.

Bio: Christopher Soghoian is a student fellow at Harvard University’s Berkman Center for Internet and Society and is a PhD candidate at Indiana University’s School of Informatics. His research on airport security and the no-fly lists drew the attention of both the TSA and FBI and later prompted the introduction of secure tamper-proof boarding passes in airports around the country. His work has also been cited in testimony before the United States Senate Committee on the Judiciary and in a report issued by the House Committee for Oversight and Government Reform.

His research is focused on security, privacy, cyber-law and technology policy — particularly with regard to phishing and other deception based attacks. He also writes the “Surveillance State” blog for CNET Networks.

Watch Video

The Center for Research on Computation and Society continues its
weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, October 15, 2008
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 119

Speaker: Ben Adida

Title:  Health Privacy in a Facebook World

Abstract:  While the press raves about the coming revolution of “personalized medicine”, it remains a challenge for an individual to obtain simply a usable copy of their complete medical record. Recently, Microsoft, Google, and the Dossia consortium each launched their own version of Personally Controlled Health Records (PCHRs), technology that enables individuals to take control of their medical record, combining hospital data and personal annotations, and sharing it with family and doctors as they see fit.

It is clear that, as more of this data is made available to users, programmatic interfaces will emerge so that medical devices can connect and upload data and third-party applications can connect to download and interpret data. We are getting close to a “Facebook Platform” for health data.

And the key question is, of course, privacy.

This talk will explore work by the Children’s Hospital Informatics team on exploiting PCHRs to provide services to patients while enforcing and respecting their privacy. Much of this work is in its early stages, and feedback/discussion is welcome.

Bio: Ben Adida is a member of the Faculty at Harvard Medical School and at the Children’s Hospital Informatics Program, as well as a research fellow with the Center for Research on Computation and Society with the Harvard School of Engineering and Applied Sciences. His research is focused on security and privacy of health data, the security of web applications, and the design of secure voting systems.

Watch Video

The Center for Research on Computation and Society continues its
weekly lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date: Wednesday, October 8, 2008
Time: 12:00pm-1:30 pm
Place: Maxwell Dworkin 2nd Floor Lounge Area

Speaker: John Viega

Title: Why Anti-Virus sucks, and how to fix it

Abstract: Anti-virus software (AV) is found on most Windows desktops (well over 90%). Many people are amazed that it is so ubiquitous, because it is so widely reviled. Technical people will often claim that AV “doesn’t work”, and that it “causes stability problems”. And almost everyone will claim that it “slows your machine down”. While there is a lot of truth in the above statement, there are also a lot of misconceptions about how AV works, and why it fails.

In this talk, I’ll give an overview of AV technology, the challenges the industry has faced, and the solutions that the industry has been exploring to address those issues, including virtualization, herd technology, application whitelisting, and reputation systems.

Bio: John Viega is the CEO of Stonewall Software. Previously, he was Vice President, Chief Security Architect at McAfee, where he worked on technical strategy and M+A (SiteAdvisor, Onigma) and ran a large development organization that included SiteAdvisor and McAfee’s core anti-virus and anti-spyware technologies. John was also founder and CTO of Secure Software, which was acquired by Fortify. John advises several security companies, including Fortify.

John is a frequent pundit and speaker in the space. He co-author of five books on security, including Building Secure Software, the OpenSSL book, the Secure Programming Cookbook and the 19 Deadly Sins of Software Security. He has done extensive standards work in the IEEE and IETF, and co-invented GCM, a cryptographic algorithm that NIST has standardized.

Watch Video