Steven M. Bellovin
Advertisement
Author Archives
Mandating insecurity by requiring government access to all data and communications.
The Physical World and the Real World
Most of us rely on the Internet for news, entertainment, research, communication with our families, friends, and colleagues, and myriad other purposes. What if it went away? Precisely that happened to many people in early February, in the wake of the failure of several undersea cables. According to some reports, more than 80 million users […]
Internal Surveillance, External Risks
Building surveillance technologies into communications networks is risky. Two years ago, Greece discovered that legally installed surveillance software in a cell phone network had been surreptitiously activated by unknown persons: over 100 senior members of their government were tapped for almost a year. Things were no better in Italy, where a number of employees at […]
Virtual Machines, Virtual Security?
Virtual machines (VMs) are once again a hot trend in system configuration, as demonstrated by the emergence of VMware, Xen, and a renewed interest in hardware assists for virtualization. Some uses are clearly beneficial: virtual machines are great for hosting Web sites and servers because VMs avoid the use of multiple computers to support different […]
The Real National-Security Needs For VoIP
In August 2005 the Federal Communications Commission announced that the Communications Assistance for Law Enforcement Act (CALEA) applies to broadband Internet access and "interconnected voice over IP" (VoIP). VoIP providers already had to comply with legally authorized wiretap orders; the FCC ruling means that all VoIP implementations would now have to pass federal wiretapping standards […]
Spamming, Phishing, Authentication, and Privacy
It isn’t news to most readers that email is becoming almost unusable. Unsolicited commercial email (spam) peddles a variety of dubious products, ranging from pharmaceuticals to abandoned bank accounts. The so-called "phishers” try to steal user names and passwords for online banking. And then, we have viruses, worms, and other malware. Although there are would-be […]
Computer Security?an End State?
It seems that one cannot open a newspaper without reading about yet another computer security breach. Worse yet, even sites that should be well protected, such as the CIA’s Web site, have been hacked. Is this inevitable? Will matters continue to get worse? Or is there some fix in sight for the computer security problem? […]
Readers of this column are familiar with the risks of illegal monitoring of Internet traffic. Less familiar, but perhaps just as serious, are the risks introduced when law enforcement taps that same traffic legally. Ironically, as insecure as the Internet may be in general, monitoring a particular user’s traffic as part of a legal wiretap […]
Inside Risks: Evolving Telephone Networks
The U.S. public telephone network (PTN) is changing—partly in response to changes in technology and partly due to deregulation. Some changes are for the better: lower prices with more choices and services for consumers. But there are other consequences and, in some ways, PTN trustworthiness is eroding. Moreover, this erosion can have far-reaching consequences. Critical […]
Shape the Future of Computing
ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.
Get Involved