By Henry Birge-Lee, Grace Cimaszewski, Liang Wang, Cyrill Krähenbühl, Kerstin Fagerstrom, and Prateek Mittal Today we are announcing the development of a new open source project by our research group at Princeton University designed to strengthen certificate issuance against Bord … | Continue reading
CITP is releasing a report today based on a two day in-person workshop on the security of the Web Public Key Infrastructure (Web PKI) we held last year. The workshop convened a multistakeholder gathering of experts from across the internet infrastructure, including browser develo … | Continue reading
Twenty years ago, social media companies started telling us: “Hey, use this free digital mediaproduct!” We individually used it, or didn’t. And then we all used it, because we had to. Just like the car.The existence of the technology restricts human freedom and agency. The die ha … | Continue reading
Apply here now to be part of the Siegel Public Interest Technology Summer Fellowship! Artificial intelligence, privacy and security, social media platforms and the internet are influencing all sectors of society — from the justice system and banking, to online shopping and the wa … | Continue reading
Do you work at the intersection of tech and society? The Center for Information Technology Policy (CITP) and the Princeton School of Engineering and Applied Science (SEAS) are accepting applications for an assistant, associate or full professor whose work aligns with CITP’s three … | Continue reading
Last year, I published a 5-part series about Switzerland’s e-voting system. Like any internet voting system, it has inherent security vulnerabilities: if there are malicious insiders, they can corrupt the vote count; and if thousands of voters’ computers are hacked by malware, t … | Continue reading
Experts from industry, academia and government share lessons learned and outline a path forward at a Princeton-Stanford workshop Author Kevin Klyman is a researcher at the Stanford Center for Research on Foundation Models and M.A. candidate at Stanford University. Foundation mode … | Continue reading
To run vote centers that must supply many different ballot styles, for hand-markable paper ballots to be counted by optical scanners, it’s convenient and effective to use ballot-on-demand (BOD) printers. When the voter signs in at the vote center, the BOD laser printer produces … | Continue reading
The Princeton Center for Information Technology Policy is hiring for the following positions: Assistant, Associate or Full Professor CITP is now accepting applications for a new assistant, associate or full professor whose research work aligns with our three priorities areas: Vis … | Continue reading
Almost all Arkansas counties have been using ballot-marking devices (BMDs) in their elections. Searcy County has just chosen to switch to hand-marked (fill-in-the-oval) paper ballots, which will be counted by machine (for an unofficial, immediate count) and then counted by hand ( … | Continue reading
Five years ago I described a serious security flaw in the design of all-in-one voting machines made by two competing manufacturers, ES&S and Dominion. These all-in-one machines work like this: the voter indicates choices on a touchscreen; then a printer prints the votes onto a pa … | Continue reading
Recently, the White House opened a number of opportunities for the public to comment on the growing field of accountability for artificial intelligence (AI) systems. The National Telecommunications and Information Administration (NTIA), the Executive Branch agency that is princip … | Continue reading
Today, the Federal District Court for the Northern District of Georgia permitted the public release of Security Analysis of Georgia’s ImageCast X Ballot Marking Devices, a 96-page report that describes numerous security problems affecting Dominion voting equipment used in Georgia … | Continue reading
By Yash Parikh and Mihir Kshirsagar While some states like Montana are trying to ban data collection by TikTok, other states like Missouri are actively – and perhaps, unknowingly – sending their citizen’s data to TikTok. Yash Parikh, a Princeton computer science student, conducte … | Continue reading
Statement by Computer Security Experts, May 12, 2023 The report on security flaws in Dominion voting machines, written by Professors J. Alex Halderman and Drew Springall in July 2021 and placed under seal by the Federal District Court for the Northern District of Georgia, should … | Continue reading
Part 4 of a 4-part series When the voter marks 2 votes in a vote-for-1 contest, or 5 votes in a vote-for-4 contest (etc.), that’s called an overvote. The Los Angeles VSAP optical-scan voting machines are so eager to treat a mark as a vote, that they treat stray marks of the kind … | Continue reading
Part 3 of a 4-part series In a recent article I wrote about the recount of a very close tax-rate referendum in the city of Long Beach, California. The referendum passed by 16 votes out of 100,000 ballots; the opponents of the measure requested a recount, as they are entitled to … | Continue reading
Part 2 of a 4-part series My previous article explained why it’s a bad practice, used in some election offices, to open absentee ballot envelopes before sorting them by precinct (or ballot-style). Those jurisdictions rely on the ballot-style barcode, printed on the optical-scan … | Continue reading
How mail-in ballot envelopes are handled by local election officials can make a huge difference in the cost of recounts and can also affect the security of elections against one form of voting fraud. Counties that count thousands or millions of mail-in (or dropbox) ballots can do … | Continue reading
By Sihao Huang and Justin Curl On April 11th, 2023, China’s top internet regulator proposed new rules for generative AI. The draft builds on previous regulations on deep synthesis technology, which contained detailed provisions on user identity registration, the creation of a dat … | Continue reading
Anyone reading Freedom to Tinker has seen examples of ChatGPT doing cool things. One of my favorites is its amazing answer to this prompt: “write a biblical verse in the style of the King James Bible explaining how to remove a peanut butter sandwich from a VCR.” Based in part … | Continue reading
In the November 2020 election in Williamson County, Texas, flawed e-pollbook software resulted in voters inadvertently voting for candidates and questions not from their own districts but from others in the same county. These voters were deprived of the opportunity to vote for c … | Continue reading
By Nia Brazzell and Mihir Kshirsagar In Gonzalez v. Google, a case under review at the Supreme Court, the families of individuals killed by ISIS terrorist attacks in Paris allege that YouTube aided and abetted terrorist strikes by radicalizing recruits through personalized recomm … | Continue reading
Hand-marked optical-scan paper ballots are the most secure form of voting: with any other method, if the computerized voting machines are hacked, there’s no trustworthy paper trail from which we can determine the true outcome of the election, based on the choices that voters actu … | Continue reading
On Election Day, November 8, 2022, every voting machine in every polling place in Mercer County, New Jersey failed to work. Voters in each precinct filled in the ovals in their preprinted optical-scan paper ballots, but the voting machines couldn’t read them. So voters were ins … | Continue reading
Those with a background in information integrity, or in precision health are especially encouraged to apply. As part of our Fellows program, CITP is hiring a Postdoctoral Research Associate. This position is designed for people who have recently received or are about to receive a … | Continue reading
We are seeking an Assistant, Associate, or Full professor whose work aligns with one or more of our three focus areas. Please visit the Princeton University open position’s page for more details about the position and the application. Both CITP and Princeton University seek for o … | Continue reading
Read the full announcement and Q & A with Investigative Data Journalist and Engineer, Surya Mattu. Princeton University’s Center for Information Technology Policy (CITP) is excited to announce the launch of the Digital Witness Lab — an innovative research laboratory where enginee … | Continue reading
This article was originally published on the Knight Institute website at Columbia University. The distribution of online speech today is almost wholly algorithm-mediated. To talk about speech, then, we have to talk about algorithms. In computer science, the algorithms driving soc … | Continue reading
The Princeton Center for Information Technology Policy is happy to announce that applications for our in-residence Fellows Program are now open. CITP is seeking candidates for the following three Fellows tracks: Microsoft Visiting Research Scholar/Visiting Professor of Informatio … | Continue reading
By Henry Birge-Lee, Liang Wang, Grace Cimaszewski, Jennifer Rexford and Prateek Mittal Security, BGP, KLAYswap, PKI, Public Key Infrastructure, CA, Certificate Authorities, CryptocurrencyOn February 3, 2022, attackers launched a highly effective attack against the Korean cryptocu … | Continue reading
By Ryan Amos, Roland Maio, and Prateek Mittal Online reviews are an important source of consumer information, play an important role in consumer protection, and have a substantial impact on businesses’ economic outcomes. Some of these reviews may be problematic; for example, ince … | Continue reading
I will be presenting the above-titled paper at the 2022 Symposium Contemporary Issues in Election Law run by the University of New Hampshire Law review, October 7th in Concord, NH. The paper will be published in the UNH Law Review in 2023 and is available now on SSRN. I have alre … | Continue reading
Last week, CITP’s Tech Policy Clinic, along with Dr. Jennifer King, brought leading interdisciplinary academic researchers together to provide recommendations to the Federal Trade Commission on how it should update the 2013 version of its online digital advertising guidelines (th … | Continue reading
Why are our computer systems so complex and so insecure? For years I’ve been trying to explain my understanding of this question. Here’s one explanation–which happens to be in the context of voting computers, but it’s a general phenomenon about all our computers: There are many … | Continue reading
By Chong Xiang and Prateek Mittal In our previous post, we discussed adversarial patch attacks and presented our first defense algorithm PatchGuard. The PatchGuard framework (small receptive field + secure aggregation) has become the most popular defense strategy over the past ye … | Continue reading
By Orestis Papakyriakopoulos, Christelle Tessono, Arvind Narayanan, Mihir Kshirsagar With the 2022 midterm elections in the United States fast approaching, political campaigns are poised to spend heavily to influence prospective voters through digital advertising. Online platform … | Continue reading
By Chong Xiang and Prateek Mittal Thanks to the stunning advancement of Machine Learning (ML) technologies, ML models are increasingly being used in critical societal contexts — such as in the courtroom, where judges look to ML models to determine whether a defendant is a flight … | Continue reading
Part 5 of a 5-part series starting here Switzerland commissioned independent expert reviews of the E-voting system built by Swiss Post. One of those experts concluded, “as imperfect as the current system might be when judged against a nonexistent ideal, the current system gener … | Continue reading
(Part 4 of a 5-part series starting here) In 2021 the Swiss government commissioned several in-depth technical studies of the Swiss Post E-voting system, by independent experts from academia and private consulting firms. They sought to assess, does the protocol as documented gua … | Continue reading
(Part 3 of a 5-part series starting here) In Part 1 I described how Switzerland decided to assess the security and accuracy of its e-voting system. Swiss Post is the “vendor” developing the system, the Swiss cantons are the “customer” deploying it in their elections, and the Swi … | Continue reading
by Vanessa Teague, an Australian computer scientist, cryptographer, and security/privacy expert. (Part 2 of a 5-part series starting here) Australian elections are known for the secret ballot and a long history of being peaceful, transparent and well run. So it may surprise you t … | Continue reading
Part 1 of a 5-part series If I can shop and bank online, why can’t I vote online? David Jefferson explained in 2011 why internet voting is so difficult to make secure, I summarized again in 2021 why internet voting is still inherently insecure, and many other experts have expl … | Continue reading
By Kevin Lee, Sten Sjöberg, and Arvind Narayanan Compromised passwords have consistently been the number one cause of data breaches by far, yet passwords remain the most common means of authentication on the web. To help, the information security research community has establishe … | Continue reading
As a part of an ethnographic study on blockchain organizations, I recently attended two major conferences – Dcentral Con and Consensus – held back-to-back in Austin, Texas during a blistering heatwave. My collaborator, Johannes Lenhard, and I had conducted a handful of interviews … | Continue reading
" ... it turns out that the students who saw the most positive outcomes were those who designed their social media intervention in a targeted way." | Continue reading
The New York State Legislature is considering a bill that would ban all-in-one voting machines–that is, voting machines that can both print votes on the ballot, and scan and count votes from the ballot, all in the same paper path. This is an important safeguard, because such mach … | Continue reading
For many, the global financial crisis of 2008 marked a turning point for trust in established institutions. It is unsurprising that during this same historical time period, Bitcoin, a decentralized cryptocurrency that aspired to operate independent from state manipulation, began … | Continue reading