{"id":1021,"date":"2010-06-20T14:00:01","date_gmt":"2010-06-20T12:00:01","guid":{"rendered":"http:\/\/www.ofcourseimright.com\/?p=1021"},"modified":"2010-06-20T14:00:01","modified_gmt":"2010-06-20T12:00:01","slug":"wrap-up-of-this-years-weis","status":"publish","type":"post","link":"https:\/\/ofcourseimright.com\/?p=1021","title":{"rendered":"Wrap-up of this year&#8217;s WEIS"},"content":{"rendered":"<p><a href=\"http:\/\/www.ofcourseimright.com\/blog\/wp-content\/uploads\/2008\/06\/cybercrime.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-26\" title=\"Cybercrime\" src=\"http:\/\/www.ofcourseimright.com\/blog\/wp-content\/uploads\/2008\/06\/cybercrime.jpg\" alt=\"\" width=\"96\" height=\"132\" \/><\/a>Every year I attend a conference called the Workshop on Economics of Information Security (<a href=\"http:\/\/weis2010.econinfosec.org\/\">WEIS<\/a>), and every year I learn quite a bit from the experience.\u00a0 This year was no exception.\u00a0 The conference represents an interdisciplinary approach to Cybersecurity that includes economists, government researchers, industry, and of course computer scientists.\u00a0 Run by friend and luminary Bruce Schneier, Professor Ross Anderson from Cambridge University, and this year with chairs Drs. Tyler Moore and Allan Friedman, the conference includes an eclectic mix of work on topics such as the cyber-insurance (usually including papers from field leader Professor Rainer B\u00f6hme, soon of University of M\u00fcnster), privacy protection, user behavior, and understanding of the underground economy, this year&#8217;s conference had a number of interesting pieces of work.\u00a0 Here are a few samples:<\/p>\n<ul>\n<li><em>Guns,  Privacy, and Crime, <\/em>by Allesandro Acquisti (CMU) and Catherine Tucker (MIT), provides an insight into how addresses of gun permit applicants posted on a  Tennessee website does not really impact their security one way or another, contrary to arguments made by politicians.<\/li>\n<li><em>Is  the Internet for Porn? An Insight Into the Online Adult Industry<\/em> &#8211; Gilbert Wondracek, Thorsten Holz, Christian Platzer, Engin Kirda and  Christopher Kruegel provides a detailed explanation of the technology used to support the Internet Porn industry, in which it claims provides over $3,000 a second in revenue.<\/li>\n<li><em>The  password thicket: technical and market failures in human authentication  on the web<\/em> &#8211; Joseph Bonneau and S\u00f6ren Preibusch (Cambridge) talks about just how poorly many websites manage all of those passwords we reuse.<\/li>\n<li>A panel on the credit card payment system, together with a presentation that demonstrated that even credit cards with chips and pins are not secure.\u00a0 One of the key messages from the presentation was that open standards are critically important to security.<\/li>\n<li> <em>On  the Security Economics of Electricity Metering<\/em> &#8211; Ross Anderson  and Shailendra Fuloria (Cambridge) discussed the various actors in the Smart Grid, their motivations, and some recommendations on the regulatory front.<\/li>\n<\/ul>\n<p>The papers are mostly available at the web site, as are the presentations.\u00a0 This stuff is important.\u00a0 It informs industry as to what behaviors are both rewarding and provide for the social good, as well as where we see gaps or need of improvement in our public policies, especially where technology is well ahead of policy makers&#8217; thinking.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This year&#8217;s Workshop on the Economics of Information Security (WEIS2010) enlightened us about Identity, privacy, and the insecurity of the financial payment system, just to name a few presentaitons.<\/p>\n","protected":false},"author":172,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17,87,11,9],"tags":[34,32,497,222,31,38,271,348,8,493,37],"class_list":["post-1021","post","type-post","status-publish","format-standard","hentry","category-economics","category-internet","category-internet-consumer-identity","category-security","tag-banks","tag-cybercrime","tag-economics","tag-facebook","tag-guns","tag-identity","tag-passwords","tag-payment-system","tag-phishing","tag-politics","tag-privacy"],"_links":{"self":[{"href":"https:\/\/ofcourseimright.com\/index.php?rest_route=\/wp\/v2\/posts\/1021","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ofcourseimright.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ofcourseimright.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ofcourseimright.com\/index.php?rest_route=\/wp\/v2\/users\/172"}],"replies":[{"embeddable":true,"href":"https:\/\/ofcourseimright.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1021"}],"version-history":[{"count":4,"href":"https:\/\/ofcourseimright.com\/index.php?rest_route=\/wp\/v2\/posts\/1021\/revisions"}],"predecessor-version":[{"id":1026,"href":"https:\/\/ofcourseimright.com\/index.php?rest_route=\/wp\/v2\/posts\/1021\/revisions\/1026"}],"wp:attachment":[{"href":"https:\/\/ofcourseimright.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1021"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ofcourseimright.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1021"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ofcourseimright.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1021"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}