Steve Bellovin
@SteveBellovin@infosec.exchange
mastodon
4.6.0-alpha.5+glitch
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
0
Followers
0
Following
Joined November 16, 2024
Home Page:
Pronouns:
He/Him
Photography-only account:
License:
All of my photos available via a Creative Commons BY-NC license: http://creativecommons.org/licenses/by-nc/4.0/
Posts
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Mar 09, 2026
Here we go again: the FBI seizes 2020 (and maybe 2024!) voting records from Arizona: https://www.nytimes.com/2026/03/09/nyregion/fbi-subpoena-arizona-maricopa-county-election.html
View on infosec.exchange
0
4
1
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Mar 02, 2026
Not sure who needs to see this, but…
From the Wikipedia page on the Nuremberg trials: "The International Military Tribunal agreed with the prosecution that aggression was the gravest charge, stating in its judgment that because "war is essentially an evil thing", "to initiate a war of aggression, therefore, is not only an international crime; it is the supreme international crime differing only from other war crimes in that it contains within itself the accumulated evil of the whole".
From the Wikipedia page on Hideki Tojo: he was "found guilty of, among other actions, waging wars of aggression; war in violation of international law; unprovoked or aggressive war against various nations; and ordering, authorizing, and permitting inhumane treatment of prisoners of war".
Is this at all relevant today?
View on infosec.exchange
147
0
171
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Feb 25, 2026
If you're planning on live-posting anything about Trump's verbal diarrhea tonight, please don't post anything else I might want to see, because I'll mute you on first appearance of such content…
27
0
3
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Feb 23, 2026
From the New Yorker, four-step authentication, because 2FA isn't enough: https://www.newyorker.com/humor/daily-shouts/introducing-four-step-authentication
6
0
6
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Feb 21, 2026
My reaction to https://mastodon.social/@arstechnica/116105214098438914 is to quote West Virginia State Board of Education v. Barnette (319 U.S. 624): "If there is any fixed star in our constitutional constellation, it is that no official, high or petty, can prescribe what shall be orthodox in politics, nationalism, religion, or other matters of opinion or force citizens to confess by word or act their faith therein." And that was a *wartime* ruling.
View on infosec.exchange
21
0
14
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Feb 13, 2026
488
0
584
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Feb 11, 2026
It is hard to overstate how extraordinary it is that DoJ has repeatedly failed to obtain indictments in these political cases. As I understand it, grand juries hear only one side of the case: the government's. But a panel of ordinary citizens, most of whom have never heard of the Speech and Debate clause, and (I suspect) only a few having a deep understanding of the First Amendment, are fulfilling the role that the Framers intended grand juries to fulfill: to act as a check on overzealous prosecutors. It's a truly remarkable development.
View on infosec.exchange
10
0
7
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Jan 30, 2026
I just finished reading @cstross@wandering.shop 's _Regicide Report_. What a trip… I mean, I get to the climactic fight scene, figuring "ah, this is how it will end", and look down at the progress counter and see I'm only 75% of the way through. I did *not* see the ending coming—a good thing.
But Charlie: first you trash Leeds, where I know you grew up. In this book, you trashed—well, I won't say it, to avoid spoilers, but I know it's one of your bête noirs.
View on infosec.exchange
1
0
1
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Jan 30, 2026
Dear @usenixassociation@infosec.exchange Security: this is a security conference. Are you seriously asking folks to download and run a 500+ Python program downloaded from a random site I've never heard of? If you really want people to use a PDF format-checker, install it as a web app on your web site.
View on infosec.exchange
26
0
12
Thread context
4 posts in path
Root
@cstross@wandering.shop
Open
@cstross@wandering.shop
Parenthetically; back in 2008 a book of mine was getting attention in some … odd … quarters, and I got invited to a weekend retreat by some people in US department of defense—a reading crit group for
Ancestor 2
@cstross@wandering.shop
Open
@cstross@wandering.shop
I found myself sharing a table at breakfast on the second day with a couple of admirals. Who turned out to be former fast jet pilots a couple of years older than me, and formidably astute (their caree
Parent
@cstross@wandering.shop
Open
@cstross@wandering.shop
One of them opined that if DHS wasn't abolished before the coming presidential election it would be too late for the nation. And that DHS and the attitude it embodied was a danger to democracy. This,
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Jan 27, 2026
@cstross@wandering.shop ~20 years ago, I served on the DHS Science and Technology Advisory Committee. (Why? Because I wanted someone who cared about privacy and civil liberties in that slot, and it wasn't the sort of invite I could hand off to someone else.) One evening during dinner, I opined to other committee members that DHS was completely dysfunctional and needed to be split up. They laughed—it had taken me that long to figure it out? (Why yes, I am administratively and bureaucratically challenged…)
As a sign of how different the times were then, we were asked *optionally* to fill out a form with our political party registration, so that the administration could show the media that it wasn't playing partisan politics with the membership. (It was probably a matter of public record in my state, but the Privacy Act of 1974—yes, the US passed one way back when, but it only applied to the government, not the private sector, and one of the motivations for passing it was Nixon's abuses during Watergate—forbade the government from collecting such data without consent.) I declined to answer, but another committee member answered "liberal Democrat", and he was added to the committee—during W's term.
View full thread on infosec.exchange
1
0
1
Thread context
3 posts in path
Root
@mattblaze@federate.social
Open
@mattblaze@federate.social
Possibility of 2" of snow in DC this weekend, which would create an excellent opportunity for Greenland to annex us.
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
I promise we will great you as liberators.
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Jan 22, 2026
@mattblaze@federate.social I was in Death Valley over the weekend. My hotel was on Greenland Boulevard, which is apparently an old name (and possibly just as intentionally duplicitous as the name of the island…).
View full thread on infosec.exchange
0
0
0
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Jan 21, 2026
Fourth Amendment? What’s that? https://apnews.com/article/ice-arrests-warrants-minneapolis-trump-00d0ab0338e82341fd91b160758aeb2d
View on infosec.exchange
5
0
9
Thread context
4 posts in path
Root
@mattblaze@federate.social
Open
@mattblaze@federate.social
@marklevinenyc @SteveBellovin@infosec.exchange Cool! But how will the connection to the 1 train work, since the station is elevated on a viaduct there? An out-of-system transfer perhaps?
Ancestor 2
@SteveBellovin@infosec.exchange
Open
@SteveBellovin@infosec.exchange
@mattblaze@federate.social @marklevinenyc That's my guess—they use that technology elsewhere, so the fare system can already handle it.
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@SteveBellovin@infosec.exchange @marklevinenyc Whatever they do, an uptown crosstown line would be fantastic.
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Jan 13, 2026
@mattblaze@federate.social @marklevinenyc Exactly. Where they'll get the money for it, I don't know…
View full thread on infosec.exchange
0
0
0
Thread context
3 posts in path
Root
a post on threads.net
Open
on threads.net
Open ancestor post
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@marklevinenyc @SteveBellovin@infosec.exchange Cool! But how will the connection to the 1 train work, since the station is elevated on a viaduct there? An out-of-system transfer perhaps?
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Jan 13, 2026
@mattblaze@federate.social @marklevinenyc That's my guess—they use that technology elsewhere, so the fare system can already handle it.
View full thread on infosec.exchange
0
0
0
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Jan 13, 2026
Remember those late 1950s/early 1960s cars with tailfins? Well, seeing a cyberdumpster on the highway today I thought of a way to make it look even dorkier. Hear me out; grid fins.
Elon: send my check to Antifa.
View on infosec.exchange
14
0
3
Thread context
2 posts in path
Parent
@cstross@wandering.shop
Open
@cstross@wandering.shop
… THE UNITED STATES ROBOT GOVERNMENT (Why am I earwormed by Thomas Dolby's "She Blinded Ne With Science" right now?) https://mastodon.social/@jwz/115872568737668476
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Jan 10, 2026
@cstross@wandering.shop @jwz@mastodon.social From the number, that’s an application, not a patent, so this, at least, isn’t the fault of the government.
View full thread on infosec.exchange
0
0
0
Thread context
3 posts in path
Root
@carlmalamud@official.resource.org
Open
on official.resource.org
Open ancestor post
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@carlmalamud@official.resource.org drooling
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Jan 09, 2026
@mattblaze@federate.social @carlmalamud@official.resource.org Have you ever been to the AD White Library at Cornell?
View full thread on infosec.exchange
0
0
0
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 31, 2025
From a new book, "New York's Secret Subway"—a pneumatic tube under Broadway—there is this marvelous description of Broadway in 1870: "covered, as it always was with stinking piles of garbage that mixed with mud and animal excrement to create a foul bouillabaisse that residents called 'Corporation Pudding'." They knew where to put the blame! Maybe, instead of speaking of AI slop, we should speak of corporation droppings.
View on infosec.exchange
0
0
1
Thread context
4 posts in path
Root
@mattblaze@federate.social
Open
@mattblaze@federate.social
WTF?? https://fosstodon.org/@adafruit/115810815370282865
Ancestor 2
@boiledpotato@mastodon.social
Open
@boiledpotato@mastodon.social
@mattblaze@federate.social What's the flipper zero everyone's talking about?
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@boiledpotato@mastodon.social it’s a small, inexpensive programmable NFC/RFID/RF/Infrared transceiver that has been the subject of a wildly disproportionate moral panic because you can use it to do si
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 31, 2025
@mattblaze@federate.social @boiledpotato@mastodon.social I wonder what they'd say if I showed up with my VHF scanner and a frequency counter.
View full thread on infosec.exchange
0
0
0
Thread context
2 posts in path
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
WTF?? https://fosstodon.org/@adafruit/115810815370282865
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 30, 2025
@mattblaze@federate.social @adafruit@fosstodon.org I bet you could write a Raspberry Pi emulator for an Android phone. Is that legal?
View full thread on infosec.exchange
0
0
0
Thread context
2 posts in path
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
Very interesting summary of the alleged J6 pipe bomber's interrogation in this filing: https://storage.courtlistener.com/recap/gov.uscourts.dcd.287328/gov.uscourts.dcd.287328.17.0.pdf A couple observa
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 30, 2025
@mattblaze@federate.social The FBI quasi-tricked him into confessing. They asked him if he was the guy in the videos, and told him, quite truthfully, that lying in his answer was a crime. But they didn’t repeat the Miranda warning that he had a right to remain silent and he didn’t have an attorney to tell him to shut up.
View full thread on infosec.exchange
0
0
0
Thread context
4 posts in path
Root
@mattblaze@federate.social
Open
@mattblaze@federate.social
If these fail, you can always complain to my dean, who definitely wants to hear your thoughts about how faculty use social media. That's George Mason University. Operators are standing by.
Ancestor 2
@mattblaze@federate.social
Open
@mattblaze@federate.social
Correction: George Washington University. I always get those confused.
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
Another weird complaint I frequently get here (in addition to not using enough hashtags, failing to content warn about ordinary, innocuous comments, and posting insufficiently chromatic art) is that I
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 30, 2025
@mattblaze@federate.social What does John Mastodon say?
View full thread on infosec.exchange
0
0
0
Thread context
4 posts in path
Root
@mattblaze@federate.social
Open
@mattblaze@federate.social
Going to need to get my block button refurbished soon.
Ancestor 2
@plragde@mstdn.social
Open
@plragde@mstdn.social
@mattblaze@federate.social I think you should put everything behind a content warning that says "Another post by Matt Blaze".
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@plragde@mstdn.social "May contain words with which you disagree"
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 29, 2025
@mattblaze@federate.social @plragde@mstdn.social And pictures! Don't forget pictures!
View full thread on infosec.exchange
0
0
0
Thread context
4 posts in path
Root
@mattblaze@federate.social
Open
@mattblaze@federate.social
It occurs to me that people outside the security field might find it odd that we openly publish stuff like this. Why help people who might use the knowledge to do bad things? There are a number of rea
Ancestor 2
@mattblaze@federate.social
Open
@mattblaze@federate.social
So while openly publishing offensive security techniques might indeed help criminals, that harm is outweighed by significant benefits. Every properly trained computer science student should understand
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
The bottom line here is that while being the subject of attack by a deranged internet mob is never fun, sometimes it's the cost of doing business for doing interesting work. And for those who yell at
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 29, 2025
@mattblaze@federate.social And they never once changed the keying on your office lock. Or did they? (The right way to do it, of course, is to rekey is that your key works but the master keys don't, thereby locking the maintenance people out. Then wait for something to go wrong—or "help" that along…)
View full thread on infosec.exchange
0
0
0
Thread context
4 posts in path
Root
@mattblaze@federate.social
Open
@mattblaze@federate.social
Essentially, their argument was that this would be a huge pain and expense to fix, and so we are all better off just keeping it on the down low. And that kind of worked, for about a hundred years, unt
Ancestor 2
@mattblaze@federate.social
Open
@mattblaze@federate.social
Anyway, my intent in looking at locks and publishing my paper wasn't to disrupt the lock industry. I believed, as I still do, that mechanical locks and physical security have quite a bit to teach comp
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
I never did reach a truce with the locksmiths. A couple years later, I met Billy Edwards, the author of that editorial denouncing me, at a trade show, and when he learned who I was he refused to shake
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 29, 2025
@mattblaze@federate.social What's really funny to me is this 1853 book that Ches and I quoted in the first edition of "Firewalls", about whether it's proper to discuss vulnerabilities in locks.
View full thread on infosec.exchange
0
0
1
Thread context
2 posts in path
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
DC friends: Keren Restaurant, which had a fire 2 years ago, reopened today in the original location (18th and U NW). Yay.
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 28, 2025
0
0
0
Thread context
3 posts in path
Root
@SteveBellovin@infosec.exchange
Open
on infosec.exchange
Open ancestor post
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@SteveBellovin@infosec.exchange @karlauerbach@sfba.social @ChuckMcManis@chaos.social there’s a reversing switch in the cab. I’m not sure whether the actual reversing is geared or electrical polarity,
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 27, 2025
@mattblaze@federate.social @karlauerbach@sfba.social @ChuckMcManis@chaos.social My guess is electrical, since I've never heard the clunk noise that a gear shift would likely generate. But I don't actually know.
View full thread on infosec.exchange
0
0
0
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 26, 2025
From Ulrich's book: Social Democrat parliament member Kurt Schumacher, in 1932: "If we know anything about National Socialism, it's that for the first time in German politics human stupidity has been successfully and completely mobilized."
Not surprisingly, in July 1933 Schumacher was arrested and sent to a concentration camp. He narrowly escaped execution and survived the illnesses and deprivations of the camp, to become a leading politician in postwar West Germany.
That line about mobilizing human stupidity, though…
View on infosec.exchange
1
0
4
Thread context
4 posts in path
Root
@mattblaze@federate.social
Open
@mattblaze@federate.social
@cstross@wandering.shop @Migueldeicaza@mastodon.social But I guess we can just count on the AI part to fix that.
Ancestor 2
@SteveBellovin@infosec.exchange
Open
@SteveBellovin@infosec.exchange
@mattblaze@federate.social @cstross@wandering.shop @Migueldeicaza@mastodon.social A few weeks ago, I saw a presentation of some of the conversions, and it was shockingly good. I'm sure, of course, tha
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@SteveBellovin@infosec.exchange @cstross@wandering.shop @Migueldeicaza@mastodon.social @dwallach@discuss.systems I have no doubt there a bunch of very interesting research projects in this space, whic
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 23, 2025
@mattblaze@federate.social @cstross@wandering.shop @Migueldeicaza@mastodon.social @dwallach@discuss.systems Yup. Ah, well, back to my book—and Charlie, I now know exactly what you mean about when your muse won't shut up and let you finish one book before starting another…
View full thread on infosec.exchange
0
0
0
Thread context
4 posts in path
Root
@cstross@wandering.shop
Open
@cstross@wandering.shop
Psst: Microsoft's suicide note just dropped https://mastodon.social/@Migueldeicaza/115770620333626312
Ancestor 2
@mattblaze@federate.social
Open
@mattblaze@federate.social
@cstross@wandering.shop @Migueldeicaza@mastodon.social Not to mention that if you’re going to *algorithmically* translate unsafe C/C++ code into a safe language, what you’ll get (if it works correctly
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@cstross@wandering.shop @Migueldeicaza@mastodon.social But I guess we can just count on the AI part to fix that.
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 23, 2025
@mattblaze@federate.social @cstross@wandering.shop @Migueldeicaza@mastodon.social A few weeks ago, I saw a presentation of some of the conversions, and it was shockingly good. I'm sure, of course, that they picked the best stuff to show off, but it was still impressive: idiomatic Rust rather than what I refer to as a transliteration of the C into Rust (and which is what you're rightly objecting to). (DARPA has a whole project on such translators; @dwallach@discuss.systems, I think, is running it.)
View full thread on infosec.exchange
0
0
0
Thread context
3 posts in path
Root
@SteveBellovin@infosec.exchange
Open
on infosec.exchange
Open ancestor post
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@SteveBellovin@infosec.exchange @cross@discuss.systems @darryl_ramm@hachyderm.io Also, it seems very hard to get a new highway or bridge name in NYC to stick. RFK Bridge and Jackie Robinson Parkway se
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 22, 2025
@mattblaze@federate.social @cross@discuss.systems @darryl_ramm@hachyderm.io Have they renamed the Midtown Tunnel yet? I've lost track.
View full thread on infosec.exchange
0
0
0
Thread context
3 posts in path
Root
@SteveBellovin@infosec.exchange
Open
on infosec.exchange
Open ancestor post
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@SteveBellovin@infosec.exchange @danwing@infosec.exchange I'm thinking that a donor might have standing to sue the Kennedy Center board for wasting resources with an unlawful name change, in violation
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 20, 2025
@mattblaze@federate.social @danwing@infosec.exchange Or maybe Caroline Kennedy or her family.
View full thread on infosec.exchange
0
0
0
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 20, 2025
New draft law article: Quantifying Creepiness: Using Predictive Privacy to Measure Privacy Harms
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=5939183
There are likely to be revisions, perhaps significant ones, before submission.
View on infosec.exchange
4
0
4
Thread context
2 posts in path
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
We don't yet know much about what was going on with Claudio Neves Valente, the Brown and MIT gunman, and we may well never. But this tragic case reminds me how the pressures of academic life, often st
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 20, 2025
@mattblaze@federate.social And take care of your students, both your advisees and classroom students. I've heard some truly horrific stories to accompany requests for short extensions on something. My response is always the same: take care of yourself, don't worry about the deadline, I'll do everything I can to support you if you have to appeal to the dean's office for an exception, and TAKE CARE OF YOURSELF—that's far more important than an arbitrary academic deadline. On more than one occasion, a student has asked for a one week extension due to a family tragedy that I knew was going to require them to get an Incomplete while they processed what happened and grieved—and I made sure that the dean's office knew how strongly I supported the request. People are important. Family is important. Close friends are important. Academic work? Much less so—and apart from anything else, you can't possibly do good academic work when your head and your heart are elsewhere.
I can't make their pain go away. I can make sure I don't add to it.
View full thread on infosec.exchange
0
0
1
Thread context
2 posts in path
Parent
@cstross@wandering.shop
Open
@cstross@wandering.shop
RESEARCH QUESTION (for work): I know what an instar is
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 19, 2025
@cstross@wandering.shop If it’s in the dictionary, go for it — you use enough British English in your writing that I’m accustomed to looking things up frequently when reading your books. (Examples: hob, hoardings, metaled paths, warrant cards, and many more.) I *like* learning new words!
View full thread on infosec.exchange
0
0
0
Thread context
4 posts in path
Root
@SteveBellovin@infosec.exchange
Open
on infosec.exchange
Open ancestor post
Ancestor 2
@mattblaze@federate.social
Open
@mattblaze@federate.social
@SteveBellovin@infosec.exchange That seems pretty clear.
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@SteveBellovin@infosec.exchange It sounds, though, that they COULD name things inside the center for Trump (since he's still putatively among the living, and therefore it would not be a memorial). But
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 19, 2025
@mattblaze@federate.social They could list him on a donor wall if he gave money, but…
View full thread on infosec.exchange
0
0
0
Thread context
4 posts in path
Root
@mattblaze@federate.social
Open
@mattblaze@federate.social
@SteveBellovin@infosec.exchange That seems pretty clear.
Ancestor 2
@SteveBellovin@infosec.exchange
Open
@SteveBellovin@infosec.exchange
@mattblaze@federate.social Does being a practicing member of a non-Christian qualify under the third bullet point? What if your religion thinks of Christianity the way some Christian denominations thi
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@SteveBellovin@infosec.exchange You've lost me.
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 18, 2025
@mattblaze@federate.social Sorry, reply to the wrong message.
View full thread on infosec.exchange
0
0
0
Thread context
3 posts in path
Root
@SteveBellovin@infosec.exchange
Open
on infosec.exchange
Open ancestor post
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@SteveBellovin@infosec.exchange That seems pretty clear.
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 18, 2025
@mattblaze@federate.social Does being a practicing member of a non-Christian qualify under the third bullet point? What if your religion thinks of Christianity the way some Christian denominations think about non-Christians?
View full thread on infosec.exchange
0
0
0
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 18, 2025
FYI: 20 U.S.C §20i(a) (https://www.law.cornell.edu/uscode/text/20/76i) "The Board shall construct for the Smithsonian Institution, with funds raised by voluntary contributions, a building to be designated as the John F. Kennedy Center". In other words, the name is set by statute. And I reviewed all of the other relevant sections of the statute—none give the Board the power to change the name. In fact, there are other provisions that make sure that this stays as a memorial to Kennedy, e.g., §76j(b)(1): "no additional memorials or plaques in the nature of memorials shall be designated or installed in the public areas of the John F. Kennedy Center for the Performing Arts."
View on infosec.exchange
21
0
10
Thread context
2 posts in path
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
The thing to remember when Marjorie Taylor Greene says the occasional sensible or decent thing these days is that she's demonstrating that she's been capable of being sensible and decent all along, bu
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 15, 2025
@mattblaze@federate.social Broken (analog) clock syndrome.
View full thread on infosec.exchange
0
0
0
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 10, 2025
So this is insane even by his Orangeness Administration's standards. DoJ successfully extradited a Belarusian woman to prosecute her for smuggling aviation components into Russia. She's eligible to be released to home detention pending trial—but if she is, DHS wants to deport her for being in the US illegally.
https://www.washingtonpost.com/dc-md-va/2025/12/10/extradition-deportation-belarus-russia/
View on infosec.exchange
7
0
9
Thread context
2 posts in path
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
The late Tom Stoppard, in his play Hapgood, had some good advice for writers of scientific papers.
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 10, 2025
@mattblaze@federate.social And it's amazing how many people treat their abstracts as book blurbs, and try to avoid giving away the ending. Nope!
View full thread on infosec.exchange
0
0
0
Thread context
2 posts in path
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
Just got a letter from a place I haven’t worked at for eight years (UPenn) telling me that my personal data was leaked by a company I’ve never done business with (Oracle), and so they’re giving me two
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 10, 2025
@mattblaze@federate.social I got the same letter, and I haven't worked there in ~25 years, though I have received some travel reimbursements more recently.
View full thread on infosec.exchange
0
0
0
Thread context
2 posts in path
Parent
@jalefkowit@vmst.io
Open
on vmst.io
Open ancestor post
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 08, 2025
@jalefkowit@vmst.io @adamshostack@infosec.exchange That's right up there with "Can't send email more than 500 miles" (https://web.mit.edu/jemorris/humor/500-miles)
View full thread on infosec.exchange
6
0
2
Thread context
2 posts in path
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
I’m always amused when movies set in the present day have scene with a crowd of press photographers and use the whirring of 35mm film motor drives as a sound effect.
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 07, 2025
@mattblaze@federate.social I just finished a non-fiction book that described someone listening to a "transistor radio" in Pearl Harbor, December 7, 1941.
View full thread on infosec.exchange
0
0
0
Thread context
4 posts in path
Root
@mattblaze@federate.social
Open
@mattblaze@federate.social
@MatthewChat@mstdn.social It's possible that I'm just not a very good photographer.
Ancestor 2
@MatthewChat@mstdn.social
Open
@MatthewChat@mstdn.social
@mattblaze@federate.social I like your photographs. I spent a couple of hours looking at them on flicker. It's not the subject matter, it's the technology. I consider you a high end talented photograp
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@MatthewChat@mstdn.social I think part of what you may be seeing is that there are particular tonal qualities that were rendered by default with many of the classic B&W films (Tri-X and Plus-X particu
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 07, 2025
@mattblaze@federate.social @MatthewChat@mstdn.social A lot of it is the artistic choices we make. Apart from my bird photography, which is usually (though not always) in color because of the subjects, I generally opt for B&W under one of two circumstances: when the subject matter, due to lighting, is mostly monochrome, in which case the stray bits of color can be a distraction, or when I'm trying for a silhouette effect. Here's an example of the former situation: the focus of the picture is the lines of the train shed; the colored buildings in the foreground of the first picture detract from that. The latter can be see in the first two photos at https://urbanists.social/@urbandinosaurs/115652346037511286 I never tried printing color negatives on B&W paper, back in medieval times when I was doing my own darkroom work, but if I wanted high contrast (and I mostly shot B&W, often Tri-X) I'd select a high-contrast paper to print on. That is, I could use the same negative but get very different effects when printing, even with all other parameters held constant.
Digital photos offer a much wider range of choices, both when taking the picture and in how you do post-processing. In other words, it's generally not the technology (my gear, though not as high-end as Matt's, is still pretty fancy, because you generally can't get good bird photos with your phone), as opposed to the choices you make when processing it. (I know an excellent photographer who was happy to share his raw images but jealously guarded his final pictures—to him, most of the labor and creativity was in the post-processing. For that matter, I once showed a photo I took of an owl half-hidden behind a tree trunk with a chipmunk in its talons which awed my instructor—he told me I should spend hours post-processing it. I didn't—I don't have the skills, at least not yet—but it illustrates my point: it's the artistic choices (and the skill to make them scene) that matter far more than the equipment. My profile banner picture (unfortunately cropped to meet the aspect ratio requirements) is one of my all-time favorites, of Manhattan skyscrapers reflected in the Central Park Lake and framed (not shown here) by autumn leaves, and I took it with an iPhone 11, hardly a high-end device.)
View full thread on infosec.exchange
0
0
0
Thread context
3 posts in path
Root
@SteveBellovin@infosec.exchange
Open
on infosec.exchange
Open ancestor post
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@SteveBellovin@infosec.exchange Patel praised Trump for solving the bomber case? What was he doing, knocking on doors and interviewing witnesses? Or maybe he was down at the lab analyzing DNA samples.
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Dec 05, 2025
@mattblaze@federate.social It was his beneficent aura and intellectual emanations, plus of course his inspiration to everyone—well, everyone who is a True Believer and has been granted MAGA-grace—that solved it.
View full thread on infosec.exchange
0
0
0
Thread context
2 posts in path
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
FFS. For the first time, non-citizens will be charged a hefty surcharge to enter US national parks (an extra $100/person, and annual passes for noncitizens will cost $250 instead of $80). Our national
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Nov 26, 2025
@mattblaze@federate.social Ah—“America’s best idea”, but only for Americans. Idiots.
View full thread on infosec.exchange
0
0
0
Thread context
4 posts in path
Root
@mattblaze@federate.social
Open
@mattblaze@federate.social
@tknarr@mstdn.social That's what e2e verifiable does. But understanding why (and precisely what you're trusting) is non-trivial.
Ancestor 2
@tknarr@mstdn.social
Open
@tknarr@mstdn.social
@mattblaze@federate.social True. If it were simple, it wouldn't work. Doing the highly non-trivial, though, is kind of my day job. I have to trust that the math does what the mathematicians say it doe
Parent
@mattblaze@federate.social
Open
@mattblaze@federate.social
@tknarr@mstdn.social e2e voting is non-trivial even by the standards of non-trivial. They don't just use cryptography, they use ALL the cryptography. Its like they were designed to find a use for ever
Current reply
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Nov 23, 2025
@mattblaze@federate.social @tknarr@mstdn.social Well, they didn't use k-of-n secret-sharing, which is the heart of the current problem. They're going to from now on…
View full thread on infosec.exchange
0
0
0
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
Steve Bellovin
@SteveBellovin@infosec.exchange
I'm an affiliate scholar at Georgetown's Institute for Technology Law and Policy, and a computer science professor emeritus and former affiliate law prof at Columbia University. Author of "Thinking Security". Dinosaur photographer. Not ashamed to say that I’m still masking, because long Covid terrifies me.
infosec.exchange
@SteveBellovin@infosec.exchange
·
Nov 22, 2025
The Trump regime wants to start making a list of Jews (https://www.nytimes.com/2025/11/21/us/eeoc-university-pennsylvania-antisemitism-jewish.html) Now where have I heard that one before?
View on infosec.exchange
1
0
0