@SteveBellovin@mastodon.lawprofs.org
@SteveBellovin@mastodon.lawprofs.org avatar

SteveBellovin

@SteveBellovin@mastodon.lawprofs.org

I'm a computer science professor and affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
https://www.cs.columbia.edu/~smb

This profile is from a federated server and may be incomplete. Browse more on the original instance.

evacide, to random
@evacide@hachyderm.io avatar

Microsoft says they are making a bunch of changes to Recall to mitigate the many, many security and privacy problems that researchers have found over the last week:

https://www.theverge.com/2024/6/7/24173499/microsoft-windows-recall-response-security-concerns

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@evacide The serious problem with many opt-in solutions is that they're low assurance. In this case, as I understand it, the code will be there but enabled by a switch, possibly in the registry. This means that a simple bug, to say nothing of social engineering or malicious code, could enable it. A higher assurance solution wouldn't have the code there at all. The best solution would be to delete the internal APIs entirely, so that even installing the Recall module wouldn't matter.

SteveBellovin, to random
@SteveBellovin@mastodon.lawprofs.org avatar

Yay! Next, do BGPSEC.
https://mastodon.social/@arstechnica/112571856931886974

SteveBellovin, to random
@SteveBellovin@mastodon.lawprofs.org avatar

There are features, such as the ability to delay patch installation, that at least at some point Microsoft enabled for enterprise versions of Windows but not for consumers. I wonder if they’ll do the same for Recall. (As noted by others, Recall is a gift to hackers and opposing counsel, which means that any decent-sized enterprise will disable it or not run Windows. But consumers? Most won’t know and/or will think themselves safe and won’t care, and can’t switch to Linux or MacOS.)

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@oblomov Yes, I know, However, if you work for a large company, you're already trained to be very careful about what you say to outsiders.

SteveBellovin, to random
@SteveBellovin@mastodon.lawprofs.org avatar

Wondering how Rubio can qualify, since the Constitution frowns* on the president and vice president being from the same state. Or does Trump expect to be a mandatory resident of the state of New York for the next four years…?

*Technically, what it says is that when an elector casts a ballot for president and vice president, at least one must be from a different state than the elector. This is problematic in a close race where a large state like Florida is involved.
https://journa.host/@w7voa/112565236908123932

SteveBellovin, to random
@SteveBellovin@mastodon.lawprofs.org avatar

The full report is available for free at https://nap.nationalacademies.org/catalog/27756/long-term-health-effects-of-covid-19-disability-and-function
https://press.coop/@nytimes/112564670405561367

SteveBellovin, to random
@SteveBellovin@mastodon.lawprofs.org avatar

DRM, but for email sent to Recall-enabled systems.

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@mcdanlj Maybe, but I think we've already lost that battle.

cstross, to random
@cstross@wandering.shop avatar

I think to celebrate this pointed political statement I may take a hike to the nearest MacDonalds and drink a Farage.

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@cstross As long as there is no back-propagation of the toxin…

Keltounet, to random
@Keltounet@mastodon.social avatar

A giant in the BSD world has sadly passed away.

Mike Karels, who worked on all BSD releases for decades and kept on for the free BSDs.

Fare Thee Well my friend, it has been an honour to know you. Thanks again for all your contributions.

https://www.notos.co/albums/WmObSRejzT/7tyo

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@Keltounet Sigh.

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@Keltounet It scares me when people younger than me go…

w7voa, to random
@w7voa@journa.host avatar

Thirteen of the 47 commercial radio operators in Japan have shut off their AM transmitters to see what effect the temporary end of those broadcasts will have. https://japantoday.com/category/national/feature-am-radio-listeners-set-to-be-permanently-tuned-out-in-japan

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@mattblaze @w7voa If I recall correctly, there was a fairly early Heinlein story (in his Future History series) where a group of rebels started using AM for internal communications because it had been abandoned for so long that the government had forgotten about it and no longer monitored it.

jvagle, to random
@jvagle@mastodon.lawprofs.org avatar

"Like former US president Richard Nixon in the late 1960s and early 1970s, Trump could use the surveillance powers available to him to monitor his political opponents, disrupt protest movements, and more."

https://www.wired.com/story/trump-second-term-surveillance-state/

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@jvagle True fact: the Privacy Act of 1974 was passed partially in reaction to Nixon's abuses—but commercial data collection and national security rationales have both grown tremendously in the last 50 years.

joebeone, to random
@joebeone@techpolicy.social avatar

Day 2 of my Run the Internet challenge, where I'm running 5 miles a day for a 35 mile week. Support me, the @internetsociety and an Internet for everyone: https://donate.internetsociety.org/run-the-internet/?form=FUNVQMSGKDS&fundraiser=NPUMNKCE&member=SQGKLVKY 1/

Map of Joe's usual run along Sligo Creek

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@20002ist @joebeone @internetsociety Same here.

lauren, to random
@lauren@mastodon.laurenweinstein.org avatar

At any moment one expects Trump to start ranting about the stolen strawberries.

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@lauren and his purity of essence and precious bodily fluids?

20002ist, to random
@20002ist@thepit.social avatar

Operation New Bench Slats is nearing completion.

Given that this refurb involves all new wood and lots of new hardware, I may soon face a Garden Bench of Theseus paradox.

image/jpeg
image/jpeg

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@20002ist Do you have (access to) a router to round over the edges?

SteveBellovin, to random
@SteveBellovin@mastodon.lawprofs.org avatar

The other appropriate Doonesbury.

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@oblomov Yup! September, 1974, as soon as the strip could catch up with real-time.

cstross, to random
@cstross@wandering.shop avatar

Putting the tangerine jumpsuit on the tangerine shitgibbon

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@JdeBP @cstross @wolfsbruder Very true. The framers of the US constitution were, basically, well-educated Englishmen, and threw in a lot of provisions to block some abuses and resolve some questions. For example, there is a bar on the (old) English concept of poundage, revenue under the control the executive, the president can only adjourn Congress if the two houses disagree on when to do it, etc. One cannot understand the US constitution without knowing English and British history.

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@cstross @JdeBP @wolfsbruder Yes—but no one wanted it coming back, even though (as I recall) a lot of Parliament was uneasy with bills of attainder even then. (There's another amusing provision about treason: “The Congress shall have Power to declare the Punishment of Treason, but no Attainder of Treason shall work Corruption of Blood, or Forfeiture except during the Life of the Person attainted.” Identify the abuses that led to that clause…)

cstross, to random
@cstross@wandering.shop avatar

Wrt. Trump, all I can say is:

FOUR MORE YEARS! (In Prison!)

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@cstross Back in 1972, when Nixon was running for reelection, his slogan was “Four more years”—to which, at least around my college, someone would invariably add “or maybe 10-20”.

SteveBellovin, to random
@SteveBellovin@mastodon.lawprofs.org avatar

The PLSC reception has appropriate beverages.

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

As a PLSC non-conference subject, this is second only to 2013, when the Snowden story came out during the conference.

SteveBellovin, (edited )
@SteveBellovin@mastodon.lawprofs.org avatar

@jkl Privacy Law Scholars Conference. And the champagne was previously planned. These days, PLSC is my favorite conference.

sjvn, to random
@sjvn@mastodon.social avatar

I've been waiting to re-use this cartoon for years.

SteveBellovin,
@SteveBellovin@mastodon.lawprofs.org avatar

@sjvn @wendynather You’re the third person just in my feed to post this…

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • mdbf
  • ngwrru68w68
  • modclub
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • InstantRegret
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • DreamBathrooms
  • megavids
  • GTA5RPClips
  • tacticalgear
  • normalnudes
  • tester
  • osvaldo12
  • everett
  • cubers
  • ethstaker
  • anitta
  • provamag3
  • Leos
  • cisconetworking
  • lostlight
  • All magazines
    •