After 9/11, we worked on the economics of security, in an attempt to bring back some rationality. Next followed the economics of privacy, which Alessandro Acquisti and others developed to explain why people interact with social media the way they do. A year after the Snowden revelations, it’s time to talk about the economics of … Continue reading Post-Snowden: the economics of surveillance
I’m liveblogging WEIS 2013, as I did in 2012, 2011, 2010 and 2009. This is the twelfth workshop on the economics of information security, and the sessions are being held today and tomorrow at Georgetown University. The panels and refereed paper sessions will be blogged in comments below this post (and there’s another liveblog by … Continue reading Workshop on the Economics of Information Security 2013
Alex Henney and I have decided to publish a paper on smart metering that we prepared in February for the Cabinet Office and for ministers. DECC is running a smart metering project that is supposed to save energy by replacing all Britain’s gas and electricity meters with computerised ones by 2019, and to cost only … Continue reading The Perils of Smart Metering
I’m liveblogging WEIS 2012, as I did in 2011, 2010 and 2009. The event is being held today and tomorrow at the Academy of Sciences in Berlin. We were welcomed by Nicolas Zimmer, Berlin’s permanent secretary for economics and research who mentioned the “explosive cocktail” of streetview, and of using social media for credit ratings, … Continue reading Workshop on the Economics of Information Security 2012
Our paper Measuring the Cost of Cybercrime sets out to debunk the scaremongering around online crime that governments and defence contractors are using to justify everything from increased surveillance to preparations for cyberwar. It will appear at the Workshop on the Economics of Information Security later this month. There’s also some press coverage. Last year … Continue reading Debunking cybercrime myths
It has been argued that privacy is the new currency on the Web. Services offered for free are actually paid for using personal information, which is then turned into money (e.g., using targeted advertising). But what is the exchange rate for privacy? In the largest experiment ever and the first done in field, we shed … Continue reading Privacy economics: evidence from the field
I’m planning to liveblog WEIS 2011, as I did in 2010 and 2009. This is the tenth WEIS with over 100 people, 20 refereed talks, 2 invited talks and one panel. I’ll blog each session in a follow-up to this post.
The Internet is, by very definition, an interconnected network of networks. The resilience of the way in which the interconnection system works is fundamental to the resilience of the Internet. Thus far the Internet has coped well with disasters such as 9/11 and Hurricane Katrina – which have had very significant local impact, but the … Continue reading Resilience of the Internet Interconnection Ecosystem
This is the fourth and final part in a series on password implementations at real websites, based on my paper at WEIS 2010 with Sören Preibusch. Given the problems associated with passwords on the web outlined in the past few days, for years academics have searched for new technology to replace passwords. This thinking can … Continue reading Passwords in the wild, part IV: the future
This is the third part in a series on password implementations at real websites, based on my paper at WEIS 2010 with Joseph Bonneau. In our analysis of 150 password deployments online, we observed a surprising diversity of implementation choices. Whilst sites can be ranked by the overall security of their password scheme, there is … Continue reading Passwords in the wild, part III: password standards for the Web