Open Letter to the Cuba Internet Task Force

The following is a response to an invitation to participate in the recently formed Cuba Internet Task Force. Task Force Representatives: I will not be joining the Cuba Internet Task Force, or Subcommittees, because I believe the harm done by the existence of these committees outweighs any potential benefit of the recommendations that can come… Continue reading Open Letter to the Cuba Internet Task Force

Messaging Threat models

I talked yesterday at Bornhack about the current state of secure messaging and the different primitives and threats that groups are working to address. The talk is on youtube. The slides are on this site, as are the directions for dogfooding the talek system.

Initial Measurements of the Cuban Street Network

Internet access in Cuba is severely constrained, due to limited availability, slow speeds, and high cost. Within this isolated environment, technology enthusiasts have constructed a disconnected but vibrant IP network that has grown organically to reach tens of thousands of households across Havana. We present the first detailed characterization of this deployment, which is known… Continue reading Initial Measurements of the Cuban Street Network

IETF 98

Last week I talked briefly about the state of open internet measurement for network anomalies at IETF 98. This was my first time attending an IETF in-person meeting, and it was very useful in getting a better understanding of how to navigate the standards process, how it’s used by others, and what value can be… Continue reading IETF 98

Another Strike against Domain Fronting

In 2014, Domain Fronting became the newest obfuscation technique for covert, difficult to censor communication. Even today, the Meek Pluggable transport serves ~400GB of Tor traffic each day, at a cost of ~$3000/month. The basic technique is to make an HTTPS connection to the CDN directly, and then once the encryption has begun, make the… Continue reading Another Strike against Domain Fronting

First-party Google Analytics

Third party analytics services are suffering from the growing prevalence of ad blocking, tracking protection, and the trend of minimizing connections and requests. However, from a site owner perspective, receiving usage information remains important for measuring site growth. My expectation is that we are already on the curve where ads and tracking software will be… Continue reading First-party Google Analytics

Thoughts on China’s Updated Cyber-security Regulations

On Monday, China ratified an updated cybersecurity legislation that will enter effect next June. The policy regulates a number of aspects of the Chinese Internet: What data companies need to keep on domestic servers, the interaction between companies and the government, and the interaction between companies and Chinese users. Notably, when considering the impact on… Continue reading Thoughts on China’s Updated Cyber-security Regulations