Four short links: 25 May 2017
Crypto vs. Regulation, Crippling Genomic Research, There Are Bots, and Web Security
- Chaffinch — crypto system that’s an interesting response to an attempt to regulate crypto. The Chaffinch system allows several further messages to be steganographically concealed behind the main message. This allows cover traffic to be divulged to any authorities who wish to inspect the confidential information, without compromising the hidden material. The system is evaluated not only in terms of the traditional threat to confidentiality, eavesdroppers with significant computing power, but also in terms of its interaction with the U.K.’s Regulation of Investigatory Powers (RIP) Act, one of the first laws to attempt to engage with cryptography.
- We’re About to Cripple the Genomic Medical Era (DJ Patil) — When we were developing the Precision Medicine Initiative and meeting with Americans across the country, a key concern was ensuring that their data couldn’t be used against them or their families (this is genetic information, so if you share a biological basis, you have overlap in the data). If there is any threat of this data being used in a way that is contrary to research, my deep fear is that people won’t be willing to donate their data. And there are too many people who have diseases who need us to donate our data to help.
- There Are Bots, Look Around (Renee DiResta) — Something very similar happened in finance with the advent of high-frequency trading (the world I came from as a trader at Jane Street): technology was used to distort information flows and access in much the same way it is now being used to distort and game the marketplace of ideas. The future arrived a lot earlier for finance than for politics.
- Web Developer Security Checklist — This checklist is simple, and by no means complete. I’ve been developing secure web applications for over 14 years, and this list contains some of the more important issues that I’ve painfully learned over this period. I hope you will consider them seriously when creating a web application.