Tuesday, May 26, 12:30 pm Berkman Center, 23 Everett Street, second floor RSVP required for those attending in person (email@example.com) This event will be webcast live at 12:30 pm ET.
It is now more than 30 years since the invention of public key cryptography. Yet today, the vast majority of Internet users still transmit their own personal information over networks without any form of encryption. When most users log in to Google Mail or Facebook using the increasingly ubiquitous free wireless networks in public places, they face a very real risk of theft and hijacking of their online accounts. While skilled technical experts and corporations have easy access to effective security technologies, most consumers still lack basic privacy online. The question we must ask is why?
The shift to cloud computing exposes end-users to an increased risk of privacy invasion and fraud by hackers. In this presentation, I will argue that this increased risk is primarily a result of cost-motivated design decisions on the part of the cloud providers, who have repeatedly opted to forgo strong security solutions already in widespread use by other Internet services.
Cloud computing also leaves users vulnerable to significant invasions of privacy by the government, resulting in the evisceration of traditional Fourth Amendment protections. I will argue that the fault for this privacy harm does not lie with the service providers; but the inherently coercive powers the government can flex at will.
Christopher Soghoian is currently a student fellow at the Berkman Center for Internet & Society at Harvard University, and a Ph.D. Candidate at Indiana University's School of Informatics. His research interests include data security and privacy, cyber law and policy. As a security researcher, he has discovered and disclosed vulnerabilities in software applications made by Google, Yahoo, Facebook and Apple. In the policy sphere, his activism has resulted in the successful passage of an amendment to Indiana's data breach laws and a Congressional investigation into security flaws at the Transportation Security Administration.