Profile

Cover photo
Steven Bellovin
1,588 followers|40,177 views
AboutPostsPhotos

Stream

Steven Bellovin

Shared publicly  - 
 
New blog post: "Speculation About Goto Fail" (https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html)

Following the logic in my previous post, I don't think that Apple's goto fail was a deliberate attack. Suppose it was, though. What can we learn about the attacker? 

....
4
4
Vicky Vic's profile photoJürgen Christoffel's profile photoPeter Berlich's profile photoJared Mauch's profile photo
2 comments
 
Hi
Add a comment...

Steven Bellovin

Shared publicly  - 
 
Congratulations to +Jennifer Rexford on her election to the National Academy of Engineering (http://www8.nationalacademies.org/onpinews/newsitem.aspx?RecordID=02062014).
20
1
Hubert Chao's profile photo
Add a comment...

Steven Bellovin

Shared publicly  - 
 
Reading https://support.google.com/hangouts/answer/3111929?p=circles&rd=1, I saw this: "If you use Google+ you can enable specific circles to Hangout with you. When someone from an enabled circle sends you a message or invites you to a video call, you'll be able to Hangout right away without having to accept a Hangout request (Invite) first."   Surely I'm reading this incorrectly--it seems to say that if you enable that feature, certain people (plus whoever has hacked their computers) can turn on your video camera without you having to do anything.  And if that's correct, how does your computer (or, more precisely, the g+ plug-in for video chats) authenticate the request?  Because it's digitally signed by Google?  Or digitally signed by whoever--or whatever agency--has stolen that private key?

Again, I hope I'm misreading this; it's hard to imagine a bigger misfeature.
1
Phil Pennock's profile photoKristian Köhntopp's profile photoPeter da Silva's profile photoChristopher Morrow's profile photo
10 comments
 
I have never voluntarily joined a hangout, nor enabled anything.

This was on the G+ client on my Nexus 4.

After leaving I proceeded to get several additional calls, which I rejected.

Perhaps Google was testing something.
Add a comment...

Steven Bellovin

Shared publicly  - 
 
 
The +NBA's Jason Collins Changes the Face of Sports Forever By Coming Out.  

Share this image to show your support! Read more: http://bit.ly/NBAcollins
2
Add a comment...

Steven Bellovin

Shared publicly  - 
 
 
t appears that Richard Nixon intentionally sabotaged the Paris peace talks in 1968, perpetuating the Vietnam war and killing untold numbers of people, in order to assure his election. Also revealed: LBJ congratulated Mayor Daley for his brutal suppression of protesters in Chicago. Politicians are a species all their own.

http://www.bbc.co.uk/news/magazine-21768668
3
David Newman's profile photoJames Johnston's profile photo
2 comments
 
Nixon double-dealing with SVN is not news; only LBJ's response on the tapes is new.

In a similar vein, Reagan's team talked with the Iranians during the 1980 campaign.
Add a comment...
In their circles
325 people
Have them in circles
1,588 people
Bob Hinden's profile photo

Steven Bellovin

Shared publicly  - 
 
A Song of Ice and Aluminum -- the ice won...
4
Douglas Schales's profile photoSteven Bellovin's profile photoMichael Dillon's profile photoChristopher Morrow's profile photo
4 comments
 
Just be thankful that you don't have a tale of ice and copper pipes. Two winters in a row.
Add a comment...

Steven Bellovin

Shared publicly  - 
 
Also see http://blogs.scientificamerican.com/the-curious-wavefunction/2013/05/01/how-to-repel-students-from-science/

If there's any justice in the world, the school and the local police will hastily back down and try to wipe the egg off their collective faces.  Not only that, Kiera will have a lot more doors not just opened to her, but actively beckoning her in.

I read recently about Zworykin's experience when caught doing unauthorized experiments in his high school's physics lab.  This teacher was smarter, and hired him.  One wonders how different the world would be if the teacher reacted the way this school did.
 
Girl tries science in science class. Is expelled from School. Anyone want to organize a summer science opportunity? This is terrible.  This is a young scientist who needs our support! Google! Invite her to your high school event for girls!!! This is a  young scientist who needs our support! 
4
Peter Thoenen's profile photoRussell Nelson's profile photoMarty Shannon's profile photoMarc Staveley's profile photo
4 comments
 
If she was that smart, why was she in a public school at age 16? Both my children were high school dropouts (that is, they stopped bothering to report their homeschooling to the public school). My daughter never got anything less than a 4.0 (and is writing her dissertation), and my son is receiving Presidential honors in college.
Add a comment...

Steven Bellovin

Shared publicly  - 
 
The reasoning makes sense to me, even if weren't from the most authoritative source possible on this topic.
 
Because the question comes up every now and then.
1
George Michaelson's profile photo
 
there is a building outside the Copenhagen central railway station which looks like a Hollerith card. As the light reflects off the open or shut windows, the effect is only increased because they look like the chad holes.

http://en.wikipedia.org/wiki/Radisson_Blu_Royal_Hotel,_Copenhagen

the cute thing is I said to deb "hey.. this looks like a punch card" before I read online the meme...
Add a comment...

Steven Bellovin

Shared publicly  - 
12
5
Allison Mankin's profile photoSteven Bellovin's profile photoVictor Duchovni's profile photo
4 comments
 
+Steven Bellovin For what it's worth, I might also note that Google's own domains (google.com and gmail.com) are not yet signed. Furthermore, I tend to view 8.8.8.8 and friends as a passive eavesdropping attack on DNS... So I read the announcement as marketing for the MITM attack. :-)
Add a comment...

Steven Bellovin

Shared publicly  - 
 
 
LOL: The Death Star Destruction Conspiracy Revealed
8
2
Kevin W. Wall's profile photo
 
Ah, it all makes perfect sense now! ;-)
Add a comment...
People
In their circles
325 people
Have them in circles
1,588 people
Bob Hinden's profile photo
Story
Introduction
Columbia University