Blog Posts: Filtered

New law journal article on the Computer Fraud and Abuse Act

I'm pleased to announce that my latest law journal article has just been published in the new issue of the Richmond Journal of Law and Technology: Shooting the Messenger: Remediation of Disclosed Vulnerabilities as CFAA “Loss." The article reviews post-Van Buren Computer Fraud and Abuse Act cases to determine whether lower courts have followed the Van Buren Court's dicta that "loss" under the CFAA shou Read more about New law journal article on the Computer Fraud and Abuse Act

I Have a Lot to Say About Signal’s Cellebrite Hack

This blog post is based off of a talk I gave on May 12, 2021 at the Stanford Computer Science Department’s weekly lunch talk series on computer security topics. Full disclosure: I’ve done some consulting work for Signal, albeit not on anything like this issue. (I kinda doubt they’ll hire me again if they read this, though.) Read more about I Have a Lot to Say About Signal’s Cellebrite Hack

New Role at Stanford

"Some personal news," as they say: After five wonderful years at CIS, starting tomorrow (December 1) I'll be transitioning into a new role as a Research Scholar at the Stanford Internet Observatory. I'll continue to be a CIS affiliate (with blogging rights on this blog!), and my work will continue to focus on encryption, surveillance, and cybersecurity issues. 2021 is poised to be a consequential year for encryption policy in the U.S. Read more about New Role at Stanford

Pages