Berkman Luncheon Series >

may
26
2009

Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era

Christopher Soghoian, Berkman Fellow

Tuesday, May 26, 12:30 pm
Berkman Center, 23 Everett Street, second floor
RSVP required for those attending in person (rsvp@cyber.law.harvard.edu)
This event will be webcast live at 12:30 pm ET.

It is now more than 30 years since the invention of public key cryptography. Yet today, the vast majority of Internet users still transmit their own personal information over networks without any form of encryption. When most users log in to Google Mail or Facebook using the increasingly ubiquitous free wireless networks in public places, they face a very real risk of theft and hijacking of their online accounts. While skilled technical experts and corporations have easy access to effective security technologies, most consumers still lack basic privacy online. The question we must ask is why?

The shift to cloud computing exposes end-users to an increased risk of privacy invasion and fraud by hackers. In this presentation, I will argue that this increased risk is primarily a result of cost-motivated design decisions on the part of the cloud providers, who have repeatedly opted to forgo strong security solutions already in widespread use by other Internet services.

Cloud computing also leaves users vulnerable to significant invasions of privacy by the government, resulting in the evisceration of traditional Fourth Amendment protections. I will argue that the fault for this privacy harm does not lie with the service providers; but the inherently coercive powers the government can flex at will.

About Chris

Christopher Soghoian is currently a student fellow at the Berkman Center for Internet & Society at Harvard University, and a Ph.D. Candidate at Indiana University's School of Informatics.  His research interests include data security and privacy, cyber law and policy. As a security researcher, he has discovered and disclosed vulnerabilities in software applications made by Google, Yahoo, Facebook and Apple. In the policy sphere, his activism has resulted in the successful passage of an amendment to Indiana's data breach laws and a Congressional investigation into security flaws at the Transportation Security Administration.

Links

Radio Berkman 126: The G-fail thumbnail

Click the play button below to start the audio.

Location
Berkman Center for Internet and Society
License
Creative Commons 3.0 Attribution Unported
Copyright Holder
The President and Fellows of Harvard College

Radio Berkman 126: The G-fail

You don’t need to be a crowned Ranger class master hacker to sneak into someone’s email or facebook account these days. Which means that you’re not simply being a nervous nellie if you’re worried about security. In fact, users of public WiFi should be worried. If you use WiFi to access some of the most popular email and social networking services, like, gmail, yahoo mail, hotmail, and facebook, your account information floats around in the air, often completely unsecured. You want some more fear with your coffee? Chris Soghoian, a fellow at the Berkman Center for Internet and Society, took a look into WiFi and account security to find out just how scary the situation is.

Produced 15 Jul 2009

download media

The web player requires Adobe Flash to function. If you do not have Flash you can still download the media using the links to the right.
Location
Berkman Center for Internet and Society
License
Creative Commons 3.0 Attribution Unported
Copyright Holder
The President and Fellows of Harvard College

download media

Last updated May 26, 2009

Speakers