Some thoughts about modeling sidechannels as a 3-step attack and how that framing might help think about realistic defenses. Read more

A little near-future sci-fi vignette centering around military influence operations. Read more

The GDPR outright bans the processing of several types of sensitive personal data except under special circumstances. What happens if a company reveals data that can be used to _infer_ these sensitive pieces of data? Is that also prohibited? Read more

A Washington Post opinion piece about the Russian political ads made me think about how false-flag social media advertising can complement politically-motivated ADINT operations to provide an easy path to surveillance. Read more

I was just catching up on some academic reading by looking over CCS 2016 and found this paper, Game of Decoys: Optimal Decoy Routing Through Game Theory. It sparked an idea, that others have probably had, about what seems like an unaddressed possibility in the hypothetical world where Decoy Routing systems actually get implemented: does the censor have leverage to get domains to move to non-decoy routing Autonomous Systems (ASs)? Read more