The RISKS Digest
Volume 30 Issue 49

Tuesday, 7th November 2017

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


Airports Worldwide Are Hit by Delays After Software Outage
NYPD claims to have incompetent sysadmins
Ed Ravin
AirBnB monopolizing and forcing incorrect currency conversions
Toby Douglass
To Survive the Streets, Robocars Must Learn to Think Like Humans
Palestinian Man Arrested After Facebook Auto-Translates 'Good Morning' as 'Attack Them'
Fixing cities' data privacy potholes
Apple's Machine Learning Engine Could Surface Your iPhone's Secrets
A Bug in a Popular Maritime Platform Left Ships Exposed
Corrected monitor resolution, pinup model no longer slim
Dan Jacobson
Risks of being interrupted while using Siri to comment online
NYTimes via David Tarabar
Denver Art Museum warns donors, members, employees after sensitive data breach
John Wenzel
Even lower chances of winning the lottery
Jeremy Epstein
Researchers Devise 2FA System That Relies on Taking Photos of Ordinary Objects
Bleeping Computer
Technology seeks to preserve fading skill: Braille literacy
Fundamental problems with the Infineon crypto library
Ars via PGN
Taser Company Ignored SEC Emails Because They Were In a Spam Folder
Bloomberg via Gabe Goldberg
Lauren Weinstein
USS John S McCain
Dick Mills
Stuxnet-style code signing is more widespread than anyone thought
Ars Technica
Medical device security
Mark Thorson
Inside story: How Russians hacked the Democrats emails
Estonia freezes resident ID cards due to security flaw
The 2020 census is in big trouble. Here's how we got here
Hackers prey on home buyers, with hundreds of millions of dollars at stake
Re: North Korea hacking Sony
Michael Bacon
Re: Wikipedia deletions: make my day
Denis Bloodnok
Re: UK Banks, etc. to check account-holders' residence eligibility
Peter Houppermans
Tom Gardner
Google exec: Our society is in real jeopardy
Gerhard Eschelbeck
Susan Landau: Listening In: Cybersecurity in an Insecure Age
Info on RISKS (comp.risks)

Airports Worldwide Are Hit by Delays After Software Outage (NYTimes)

Monty Solomon <>
Fri, 29 Sep 2017 04:35:39 -0400

A “network issue'' affected programs used by several major carriers,
delaying flights and causing other problems for travelers.

NYPD claims to have incompetent sysadmins

Ed Ravin <>
Fri, 20 Oct 2017 00:32:29 -0400
The NYC Police Department has in the past gone to great lengths to avoid
disclosing information to the public. Their latest defense seems to be that
they don't know how to manage their systems or databases—they told a
judge that they "lack the technical capacity" to answer the public records
request, and that they don't know how to make a backup copy of their data.
The creation of this particular database system for civil asset forfeiture
records reportedly cost the city $25.5 million back in 2009.

AirBnB monopolizing and forcing incorrect currency conversions

Toby Douglass <>
Sun, 22 Oct 2017 01:51:23 +0100
AirBnB detect the currency of payment cards and force charges to be in that
currency; users are no longer permitted to chose between AirBnB with their
conversion rate, and their bank, with its conversion rate.

The detection mechanism is not perfect, and is incorrectly asserting Revolut
(a FinTech) Mastercards, which are multi-currency, are denominated in GBP.

(It's probably not unreasonable to suspect other multi-currency cards are
incorrectly detected.  Presumably there are also other causes of failure,
which are wholly unknown to me.)

This means that AirBnB are in the cases where currency detection goes wrong
forcing an unnecessary currency conversion, which adds about 5% to the cost
of a booking.

For a booking of about 1000 euro this 5% is about a 50% addition to the
service charge levied by AirBnB.

It seems clear then why AirBnB have taken this step to remove from its users
choice in this matter.

The possibility of the computing risk in this case—incorrect card
currency detection—must have been considered, and so the problem faced by
a user in that situation was perceived and understood, but the cost of this
risk to users (and so, indirectly, also to AirBnB) are obviously much less
than the benefit to the AirBnB and so this risk has been accepted.

To Survive the Streets, Robocars Must Learn to Think Like Humans (WiReD)

Gabe Goldberg <>
Sat, 21 Oct 2017 23:41:31 -0400
“We call it the freezing robot problem,'' says Anca Dragan, who studies
autonomy in UC Berkeley's electric engineering and computer sciences
department. “Anything the car could do is too risky, because there is some
worst-case human action that would lead to a collision.''

Expect a thaw. Researchers like Dragan are tackling the challenges of
interpreting --and predicting—human behavior to make self-driving cars
safer and more efficient, but also more assertive. After all, if every
machine screeches to a stop for every unpredictable human, we'll have soon
millions of terrified robots choking the streets.

Humans ... think? Author must not have been on the road lately.

Palestinian Man Arrested After Facebook Auto-Translates 'Good Morning' as 'Attack Them' (Gizmodo)

Lauren Weinstein <>
Mon, 23 Oct 2017 15:40:57 -0700

  A Palestinian construction worker was arrested by Israeli police after
  Facebook incorrectly translated the text of one of his posts. Haaretz
  reports that the man uploaded a picture from his job at a construction
  site with the text "good morning" in Arabic. When officers used Facebook's
  automatic translation service to read the post, the text was mistranslated
  as "attack them" in Hebrew and "hurt them" in English.  According to
  Haaretz, Arabic speakers said the "English transliteration used by
  Facebook is not an actual word in Arabic but could look like the verb 'to
  hurt'—even though any Arabic speaker could clearly see the
  transliteration did not match the translation."  No Arabic-speaking
  officers reportedly saw the post prior to the man's arrest. He was
  released after several hours of questioning.

Fixing cities' data privacy potholes (Insights)

Gabe Goldberg <>
Thu, 26 Oct 2017 14:06:59 -0400
Fun with big data

How in the world was it OK to just hand that over to anybody who asked for
it, Matis wondered? "If anyone can get this information, thats
getting into Big Brother," Matis mused. "If I was trying to look at what my
spouse is doing, [I could]. To me, that is something that is kind of
scary. Why do they allow people to release this without a law enforcement
reason? Searching it or accessing the information should require a warrant."

Apple's Machine Learning Engine Could Surface Your iPhone's Secrets

Gabe Goldberg <>
Thu, 26 Oct 2017 20:50:41 -0400
Of the many new features in Apple's iOS 11—which hit your iPhone a few
weeks ago—a tool called Core ML stands out. It gives developers an easy
way to implement pre-trained machine learning algorithms, so apps can
instantly tailor their offerings to a specific person's preferences.  With
this advance comes a lot of personal data crunching, though, and some
security researchers worry that Core ML could cough up more information than
you might expect—to apps that you'd rather not have it.

Core ML boosts tasks like image and facial recognition, natural language
processing, and object detection, and supports a lot of buzzy machine
learning tools like neural networks and decision trees. And as with all iOS
apps, those using Core ML ask user permission to access data streams like
your microphone or calendar. But researchers note that Core ML could
introduce some new edge cases, where an app that offers a legitimate service
could also quietly use Core ML to draw conclusions about a user for ulterior

A Bug in a Popular Maritime Platform Left Ships Exposed

Gabe Goldberg <>
Mon, 30 Oct 2017 00:33:07 -0400
Ah, the high seas. Nothing around you but salt air, water for miles, and web
connectivity from satellites. Peace and quiet. But researchers at the
security consulting firm IOActive say that software bugs in the platforms
ships use to access the Internet could expose data at sea. And these
vulnerabilities hint at larger threats to international maritime

A report published Thursday outlines two flaws in the AmosConnect 8 web
platform, which ships use to monitor IT and navigation systems while also
facilitating messaging, email, and web browsing for crewmembers.
Compromising AmosConnect products, developed by the Inmarsat company Stratos
Global, would expose extensive operational and personal data, and could even
undermine other critical systems on a ship meant to be isolated.

It's low-hanging fruit, says Mario Ballano, principal security consultant at
IOActive who conducted the research. “The software that
they're using is often 10 to 15 years old, it was meant to be
implemented in an isolated way. So other software in these environments
probably suffer from similar vulnerabilities, because the maritime sector
originally didn't have connection over the Internet. But now
things are changing.''

Corrected monitor resolution, pinup model no longer slim

Dan Jacobson <>
Fri, 27 Oct 2017 22:13:12 +0800
Today I corrected the resolution on my down-the-hill neighbor's monitor to
1024x768.  Finally, characters were no longer blurred and the browser was no
longer hanging off the edge.  However he now had to face the reality that
the pinup model on his home screen that he stares at all day was very much
no longer as slim as she formerly seemed.

  [That's the "Zaftig" Transformation.  It can do wonders for skinny
  pinups.  PGN]

Risks of being interrupted while using Siri to comment online

David Tarabar <>
Sat, 28 Oct 2017 06:33:12 -0400
Christine McMorrow was in the middle of using her iPhone's voice-to-text
feature to comment on a *New York Times* story this week.

As she paused from ranting on the newspaper's website to take the call on
the house phone, little did she know that her iPhone never stopped recording
her voice. The contents of her private conversation were accidentally
transcribed directly into the story's comment box, and then inadvertently
posted to the Times' website.


Denver Art Museum warns donors, members, employees after sensitive data breach (John Wenzel)

Jim Reisert AD1C <>
Mon, 30 Oct 2017 17:15:34 -0600
John Wenzel, *The Denver Post*, 30 Oct 2017
A phishing scam in June led to the compromised email inboxes, officials said

  The Denver Art Museum warned 800 people this month of a data breach that
  included sensitive personal and financial information about its donors,
  customers, and current and former employees, according to a letter
  obtained by *The Denver Post*.

  The letter, dated 9 Oct, informed recipients of the "data security
  incident" over the summer, as well as the museum's discovery of the breach
  on 13 Sep, which triggered a forensic investigation by an unnamed
  third-party firm.

  The unauthorized access began on or about 5 Jun, and ended on or about 27
  Jun, the letter said. The breach occurred through an email phishing scam
  and affected two of the museum's email inboxes, said Andrea Fulton, chief
  marketing officer for the Denver Art Museum.

  "We have no evidence that anybody's data has been compromised," Fulton
  said. "None of our big databases were impacted. It's simply content that
  was in a couple of email inboxes."

Even lower chances of winning the lottery

Jeremy Epstein <>
Tue, 31 Oct 2017 12:21:30 -0400
An upgrade to software used to run the Virginia lottery meant that a few
hundred tickets were sold that could not win the main jackpot.  The
selection criteria changed during the upgrade (and the price per ticket went
from $1 to $2), and for a short period of time tickets were sold that met
the old rules but not the new ones, and hence could not win.  They could
still win the other prizes, just not the jackpot.

Although the normal odds of winning the lottery are near-zero, reducing
them to actual zero is a (microscopically small) RISK.

  [microscopic?  Not if anyone who actually had the winning combination
  tried to sue the state—and won!]

Researchers Devise 2FA System That Relies on Taking Photos of Ordinary Objects (Bleeping Computer)

Gabe Goldberg <>
Tue, 31 Oct 2017 16:48:46 -0400
Scientists from Florida International University and Bloomberg have created
a custom two-factor authentication (2FA) system that relies on users taking
a photo of a personal object.

The act of taking the photo comes to replace the cumbersome process of using
crypto-based hardware security keys (e.g., YubiKey devices) or entering
verification codes received via SMS or voice call.

The new system is named Pixie, and researchers argue it is more secure than
the aforementioned solutions.

What could go wrong? "What do you mean you threw away that crumpled beer

Then there's this:

This is because the system doesn't restrict users and they can choose
anything they want as their login trinket, from their watch to parts of
their body, and from clothing objects to furniture. Users should be careful
not to choose perishable objects like food, because once it's gone, users
will most likely get locked out of their account.

Too bad Anthony Weiner's in jail, he could test it.

Technology seeks to preserve fading skill: Braille literacy

Lauren Weinstein <>
Tue, 31 Oct 2017 22:38:36 -0700
via NNSquad

  For nearly a century, the National Braille Press has churned out millions
  of pages of Braille books and magazines a year, providing a window on the
  world for generations of blind people.  But as it turns 90 this year, the
  Boston-based printing press and other advocates of the tactile writing
  system are wrestling with how to address record low Braille literacy.
  Roughly 13 percent of U.S. blind students were considered Braille readers
  in a 2016 survey by the American Printing House for the Blind, another
  major Braille publisher, located in Louisville, Kentucky. That number has
  steadily dropped from around 30 percent in 1974, the first year the
  organization started asking the question.

Fundamental problems with the Infineon crypto library

"Peter G. Neumann" <>
Wed, 1 Nov 2017 11:48:37 PDT
Attacks on RSA keys generated by the Infineon crypto library.

Taser Company Ignored SEC Emails Because They Were In a Spam Folder

Gabe Goldberg <>
Sat, 21 Oct 2017 23:50:40 -0400
Check your spam box. It could be the SEC.

That's the lesson learned this week by Axon Enterprise Inc., the company
best known for its Taser stun guns. Late Thursday, Axon announced that “due
to miscommunication issues,'' the company has just become aware of SEC
requests regarding its previous financial reports and is now scrambling to
respond. The stock fell as much as 7 percent, its biggest drop in more than
two months.

What happened? Axon's internal email filters are to blame. The SEC sent its
initial comment on Aug. 10 and follow-up requests only to Axon's new CFO
Jawad Ahsan, and they were quarantined in a spam filter. Dougherty &
Co. analyst Jeremy Hamblin in a note to clients, called the incident
"embarrassing, but nothing to be concerned about.''

That's not the lesson, it's the symptom.

Taser Company Ignored SEC Emails Because They Were In a Spam Folder

Lauren Weinstein <>
Sat, 21 Oct 2017 07:28:19 -0700
The fundamental problem with spam folders, of course, is that they tend to
be ignored by recipients, or only haphazardly inspected—sometimes at very
long intervals. False positive emails end up in spam unread, with no
indication to the sender that they likely were not seen—and may never be

My policy on my servers has long been to do a hard reject on suspected spam,
that should result in an immediate error returned to the sender.  That error
points at a URL that explains my policy, and provides another URL that can
be used to push a brief "hey, you're blocking me and I'm not spam!" message
through to me in those rare instances to request
unblocking/whitelisting. Some sites that do this sort of real time response
don't offer any way to communicate when there's a false positive—they
just say stuff like "spam, go away!" That's hopelessly ignorant and
antisocial since false positives DO happen.

One oddity is that sometimes a false positive person will send me their note
and say something like "how dare you accuse me of suspected spam" (that's
what my error messages says, "suspected" spam). I always reply asking if
they would have preferred their email disappear into a black hole spam
folder without their ever knowing it hadn't been seen?  That always ends the


USS John S McCain

Dick Mills <>
Thu, 2 Nov 2017 14:15:50 -0400

The USS Fitzgerald case seems to be mostly human error, but the USS John S
McCain case includes significant elements of poor ergonomics in the

Extracts from the report:

  At 0519, the Commanding Officer noticed the Helmsman (the watchstander
  steering the ship) having difficulty maintaining course while also
  adjusting the throttles for speed control. In response, he ordered the
  watch team to divide the duties of steering and throttles, maintaining
  course control with the Helmsman while shifting speed control to another
  watchstander known as the Lee Helm station ...  The CO had only ordered
  speed control shifted. Because he did not know that steering had been
  transferred to the Lee Helm, the Helmsman perceived a loss of steering.
  ...  Additionally, when the Helmsman reported loss of steering, the
  Commanding Officer slowed the ship to 10 knots and eventually to 5 knots,
  but the Lee Helmsman reduced only the speed of the port shaft as the
  throttles were not coupled together (ganged). The starboard shaft
  continued at 20 knots for another 68 seconds before the Lee Helmsman
  reduced its speed. The combination of the wrong rudder direction, and the
  two shafts working opposite to one another in this fashion caused an
  un-commanded turn to the left (port) into the heavily congested traffic
  area in close proximity to three ships, including the ALNIC.

So, to gain operational flexibility it seems that the KISS principle (Keep
It Simple Stupid) has been egregiously ignored.  There were 8 stations to
which control could be transferred via pull-down menus and pop-ups.  On top
of that there are multiple operating modes that change the capabilities of
those stations.  A minimum of 24 crew would have to be trained on all the

  [Remember the Einstein version of the KISS principle:
  Everything should be made as simple as possible, *but no simpler*.  PGN]

Few RISKS readers have commanded a ship at sea, but almost all have flown on
an airliner.  Imagine if 8 other stations on the plane or on the ground were
able to take control away from the pilot such that the pilot doesn't even
know if he is in control or not.

I am a technologist but also a blue water sailor.  I am so KISS that I
rejected a steering wheel in favor of an old fashioned tiller because
complex steering can fail at sea.

I also have a grandson in the US Navy.  Now, I'm very worried about his
safety.  There used to be "the Navy way" of doing things.  That meant that
any seaman with minimal training could perform critical tasks.  Apparently,
that no longer applies.

Stuxnet-style code signing is more widespread than anyone thought (Ars Technica)

Gabe Goldberg <>
Sat, 4 Nov 2017 22:00:17 -0400
Forgeries undermine the trust millions of people place in digital

Medical device security

Mark Thorson <>
Thu, 2 Nov 2017 13:03:07 -0700
Based on my experiences as a patient, I'd say hospitals are among the least
competent institutions to handle new technology.  It's a target-rich
environment and it will probably take a major intrusion resulting in deaths
before the industry gets serious about security.

Inside story: How Russians hacked the Democrats emails (WashPo)

Gabe Goldberg <>
Sat, 4 Nov 2017 22:06:57 -0400

Estonia freezes resident ID cards due to security flaw (Engadget)

Lauren Weinstein <>
November 4, 2017 at 10:58:16 PM EDT
via NNSquad

   Estonia's residents use their mandatory national IDs to access pretty
   much anything, from online banking to online voting.  So, it was a huge
   blow to the program when experts found a security flaw in the IDs' chip
   that makes it easy for bad players to impersonate and steal the
   identities of all 760,000 affected individuals. That might not sound like
   a huge number, but that's half the small country's population.  Now, the
   country has blocked most of its residents from accessing all its online
   services for a weekend, so it can go in and and fix the vulnerability.
   All ID cards issued from the beginning of the program in October 2014 to
   October 25th, 2017 will be frozen until their owners apply for updated
   certificates with the fix. They can do that online, but the online
   service kept crashing over the past week, leading people to flock to
   police stations and other government offices to get their IDs
   updated. For now, only medical professionals and the most frequent users
   will be able to apply for updated certificates online, but Estonia will
   open up the system to the public again on Monday.

The 2020 census is in big trouble. Here's how we got here (ThinkProgress)

Gabe Goldberg <>
Fri, 3 Nov 2017 16:45:58 -0400
Years of funding shortfalls and stalled IT projects have placed the census
in a precarious position.

Skimping on every ten years must-do project—what could go wrong?

Of course, leadership gaps and botched estimates never help.

Hackers prey on home buyers, with hundreds of millions of dollars at stake (WashPo)

Gabe Goldberg <>
Sat, 4 Nov 2017 21:51:53 -0400

New to me. Though, somewhat related, I keep hearing radio commercials for
some sort of "Lifelock for home titles" (my term, not theirs) preventing
bogus registration/transfers and mortgages. That seems about as credible as
Lifelock (that is, not).

Though I wonder about this:

Days or sometimes weeks before the settlement, the scammer poses as the
title or escrow agent whose email accounts they've hijacked and instructs
the home buyer to wire the funds needed to close—often hundreds of
thousands of dollars, sometimes far more—to the criminals' own bank
accounts, not the title or escrow company's legitimate accounts. The
criminals then withdraw the money and vanish.

...since funds are often wired by mortgage lenders, I'd hope (!) they pay
attention to where funds go.

Re: North Korea hacking Sony (NYTimes, RISKS-30.48)

Michael Bacon—Grimbaldus <>
Fri, 20 Oct 2017 08:47:23 +0100
To quote from the linked article:

Once North Korea counterfeited crude $100 bills to try to generate hard
cash.  Now intelligence officials estimate that North Korea reaps hundreds
of millions of dollars a year from ransomware, digital bank heists, online
video game cracking, and more recently, hacks of South Korean Bitcoin

One former British intelligence chief estimates the take from its
cyberheists may bring the North as much as $1 billion a year, or a third of
the value of the nation's exports.

The North Korean cyberthreat crept up on us, said Robert Hannigan, the
former director of Britain's Government Communications Headquarters, which
handles electronic surveillance and cybersecurity.  “Because they are such
a mix of the weird and absurd and medieval and highly sophisticated, people
didn't take it seriously, how can such an isolated, backward country have
this capability? Well, how can such an isolated backward country have this
nuclear ability?"

Surely this is asking something of the wrong question, and sadly, typically
so of governments?

The main issue is not how N Korean got so good at hacking, it's how the West
got so bad at security!

Re: Wikipedia deletions: make my day (Jacobson, RISKS-30.48)

Denis Bloodnok <>
Fri, 20 Oct 2017 17:22:53 +0100
Dan Jacobson writes:
>I mentioned to my Mom about the endless deletion attempts on Wikipedia,

Dan seems to have inexplicably forgotten to mention that he originally
created this article, which might have unfortunately led the RISKS reader to
suppose this was a disinterested observation on the deletion process from an
unbiased observer.

>They even tired to delete

He also seems to have failed to mention that the mysterious "they" here was
one person who politely withdrew the deletion proposal after a few
comments. Is there no end to their iniquity?

I've said in the past that Wikipedia's a bit of a sausage factory under the
surface, but I'm not sure these are the most trenchant criticisms of the
process RISKS has ever featured.

Re: UK Banks, etc. to check account-holders' residence eligibility (Youngman, RISKS-30.48)

Peter Houppermans <>
Fri, 20 Oct 2017 09:57:46 +0200
There is another side effect: it actively legitimises banks to acquire more
personal data (to then presumably lose to hackers who got bored reading
through what they had already stolen from Equifax).

Apropos Equifax: I wonder how certain is the company of the integrity of own
its data now.  We're only focusing on the loss and possible abuse, but I
imagine there's more you can do when you have that kind of months long open
door access.

Re: UK Banks, etc. to check account-holders' residence eligibility

Tom Gardner <>
Fri, 20 Oct 2017 09:33:45 +0100
My mother has already suffered from a similar problem. When her husband died
she was 89 had been driving cars without accident for 50 years. We tried to
get insurance for her to continue to drive her car, but no company would
insure her. Why not?  Because the "all driver" comprehensive insurance had
been in her husband's name so the companies had no record of her, and they
would not insure a "new" 89 year old driver.

So I tried to get insurance for her car in my name and to add her as a named
driver, but you can't insure a car you don't own. The only solution was for
me to take ownership of her car and insure it in my name, which presents
different risks.

Seven years later she doesn't drive any more, but we've kept her driving
licence up to data since it is the only form of photo ID she possesses. (My
driving licence doesn't have a photo, which occasionally flummoxes
youngsters in banks.)

Google exec: Our society is in real jeopardy (Gerhard Eschelbeck)

Lauren Weinstein <>
Thu, 19 Oct 2017 16:40:20 -0700
via NNSquad

  Gerhard Eschelbeck is the vice president of privacy and security at
  Google.  He published the "Laws of Vulnerabilities," is one of the
  inventors of the Common Vulnerability Scoring System (CVSS), and holds
  numerous patents in the field of managed network security.

Susan Landau: Listening In: Cybersecurity in an Insecure Age

"Peter G. Neumann" <>
Sun, 5 Nov 2017 10:56:18 PST
240 pages, Yale University Press, 28 Nov 2017

*A cybersecurity expert and former Google privacy analyst's urgent call
to protect devices and networks against malicious hackers*

New technologies have provided both incredible convenience and new threats.
The same kinds of digital networks that allow you to hail a ride using your
smartphone let power grid operators control a country's electricity—and
these personal, corporate, and government systems are all vulnerable. In
Ukraine, unknown hackers shut off electricity to nearly 230,000 people for
six hours. North Korean hackers destroyed networks at Sony Pictures in
retaliation for a film that mocked Kim Jong-un. And Russian cyberattackers
leaked Democratic National Committee emails in an attempt to sway a
U.S. presidential election.

And yet despite such documented risks, government agencies, whose
investigations and surveillance are stymied by encryption, push for a
weakening of protections. In this accessible and riveting read, Susan Landau
makes a compelling case for the need to secure our data, explaining how we
must maintain cybersecurity in an insecure age.

  "Susan Landau is eminently qualified to guide readers to deeper
  understanding of risks and threats that accompany an increasingly
  connected world. Our online appetites are growing and our presence
  attracts hacking and surveillance among other uses we may not have
  authorized or even anticipated. Must read."  Vint Cerf, Internet pioneer

  "Susan Landau manages to harness the sprint of our online era and provides
  a lasting framework for how to manage, protect, and even master our
  digital footprint."  Juliette Kayyem, former Assistant Secretary, United
  States Department of Homeland Security

  "Encryption is essential to our online security, but it also makes the job
  of law enforcement harder.  In Listening In, Landau gives us an
  authoritative and unflinching look at this challenge and confronts the
  urgent question of security in the digital age."  Matt Olsen, Former
  Director, National Counterterrorism Center

  "Susan Landau has performed a remarkable feat of public service with
  *Listening In*: she simplifies the complex contemporary debate around
  privacy and security trade-offs in a way that welcomes anyone with an
  interest in these topics to engage with them—and she demonstrates why
  everyone should."  Jonathan Zittrain, author of *The Future of the
  Internet—and How to Stop It*

  [See Susan's website: ]

Please report problems with the web pages to the maintainer