Author Archives: Michael Froomkin

Box.com requires TLS 1.0, 1.1 & 1.2

In order to get box.com to work on my computer, I had to enable TLS 1.0, 1.1, and 1.2 in Internet Explorer, even though I almost never use IE.

I had turned off all three versions of TLS on security grounds. As a result, I kept getting an error message when I tried to log into Box Sync on my computer (“Cannot connect”).

Box.com help desk’s explanation for the requirement — amazingly — is that SSL 3.0 is not secure so they don’t use it. It’s true there have been issues with SSL 3.0, but TLS, as I understand it, has the same issues plus much worse.

On the positive side, I only figured out the source of the problem thanks to efficient and friendly work from ‘Ashley’ at the box.com help desk, so they are doing something right.

Posted in Internet | 1 Comment

Link to Firefox 38 Without DRM

no-drmKeep DRM off your computer. Firefox updated to version 38 today, and it comes with DRM built in (without which, I’m told, you can’t watch Neflix).

The link above is to the US-English version of Firefox. Here’s the multi-lingual index to other language DRM-free versions of Firefox.

You can install this instead of the ver 38 update, or on top of it. In my experience it remembers all your customizations, such as plugins.

(Image from L[P]SI Blog)

Posted in Law: Copyright and DMCA, Software | 1 Comment

A New Online Dating Scam

Bentham’s Gaze:

We identified three types of scams happening on [Chinese dating site] Jiayuan. … Another interesting type of scams that we identified are what we call dates for profit. In this scheme, attractive young ladies are hired by the owners of fancy restaurants. The scam then consists in having the ladies contact people on the dating site, taking them on a date at the restaurant, having the victim pay for the meal, and never arranging a second date. This scam is particularly interesting, because there are good chances that the victim will never realize that he’s been scammed — in fact, he probably had a good time.

Would be a nice tort problem if I taught fraud (and I should).

Spotted via via Schneier on Security: Online Dating Scams.

Posted in Internet, Tort | 2 Comments

Self-Licking Ice Cream Cones

Naked Capitalism brings you the debate. Is a SLICC better understood as

A military doctrine or political process that appears to exist in order to justify its own existence, often producing irrelevant indicators of its own success.

or

“Solutions” that amplify, to a rentier’s profit, the very “problem” they claim to solve.

Or, I might add, is the main distinction between these definitions the stance of the analyst, either as a neo-liberal theorizer of bureaucracy vs. a Continental with a philosophic bent towards self-reflexivity and systems theory?

Posted in Politics | 2 Comments

Best Use Case for Apple Watch?

My phone was confiscated, but it was being held nearby. I was wearing an Apple Watch for product testing, and was able to send Lian a text message over the watch (the whole time we were held I was not allowed a phone call or any contact otherwise). I somehow doubt that this particular use case is one that Apple will promote, but it was the most compelling one I’ve found so far…

What happens after you’re arrested at a protest in New York. — Medium

Posted in Civil Liberties, Sufficiently Advanced Technology | 2 Comments

Link to My Paper

I neglected to link to Lessons Learned Too Well: Anonymity in a Time of Surveillance, the paper I’m presenting at #yalefesc. A very very small number of people will recognize this as a partial redraft of a paper I started a few years ago, but never published because it didn’t seem quite right. My plan is to get it as right as I can in the next few months, which is why I’m workshopping it.

Posted in Talks & Conferences, Writings | Leave a comment

Important Memo to Self

Next time you stay in a hotel that has a notice like this one on the bedside table… IMAG0095use the earplugs.

Posted in Talks & Conferences | Leave a comment