-
Blogs
-
News
-
Industry
-
Community
-
Topics
Professor of Computer Science at Columbia University
Joined on December 2, 2008 – United States
Total Post Views: 12,504
| About |
Steven M. Bellovin is a professor of computer science at Columbia University, where he does research on networks, security, and especially why the two don't get along. He joined the faculty in 2005 after many years at Bell Labs and AT&T Labs Research, where he was an AT&T Fellow. He received a BA degree from Columbia University, and an MS and PhD in Computer Science from the University of North Carolina at Chapel Hill. While a graduate student, he helped create Netnews; for this, he and the other perpetrators were given the 1995 Usenix Lifetime Achievement Award. He is a member of the National Academy of Engineering and is serving on the Department of Homeland Security's Science and Technology Advisory Board; he has also received the 2007 NIST/NSA National Computer Systems Security Award.
Bellovin is the co-author of Firewalls and Internet Security: Repelling the Wily Hacker, and holds several patents on cryptographic and network protocols. He has served on many National Research Council study committees, including those on information systems trustworthiness, the privacy implications of authentication technologies, and cybersecurity research needs; he was also a member of the information technology subcommittee of an NRC study group on science versus terrorism. He was a member of the Internet Architecture Board from 1996-2002; he was co-director of the Security Area of the IETF from 2002 through 2004.
Except where otherwise noted, all postings by Steven Bellovin on CircleID are licensed under a Creative Commons License.
Four senators (Rockefeller, Bayh, Nelson, and Snowe) have recently introduced S.773, the Cybersecurity Act of 2009. While there are some good parts to the bill, many of the substantive provisions are poorly thought out at best. The bill attempts to solve non-problems, and to assume that research results can be commanded into being by virtue of an act of Congress. Beyond that, there are parts of the bill whose purpose is mysterious, or whose content bears no relation to its title. more»
A lot of pixels have been spilled lately over an Internet records retention bill recently introduced in both the House and the Senate. The goal is to fight child pornography. That's a worthwhile goal; however, I think these bills will do little to further it. Worse yet, I think that at least two of the provisions of the bill are likely to have bad side effects... more»
It was just announced that every member of Congress will be able to create his or her own channel on YouTube. Viewers can go to the House or Senate home pages and navigate via a map to find the videos they're interested in. While it is good that citizens will have more insight into what their Senators and Representatives think, the way this is being done poses a serious privacy risk. more»
While doing research for a paper on telegraph codebooks, I was reminded of something I had long known: one could have short addresses for telegrams. A short article in The New Yorker described how it worked in New York City. Briefly, one could pick more or less any name that wasn't in use, and list it with the Central Bureau for Registered Addresses... more»
A report "Securing Cyberspace for the 44th Presidency" has just been released. While I don't agree with everything it says (and in fact I strongly disagree with some parts of it), I regard it as required reading for anyone interested in cybersecurity and public policy. The analysis of the threat environment is, in my opinion, superb; I don't think I've seen it explicated better. Briefly, the US is facing threats at all levels, from individual cybercriminals to actions perpetrated by nation-states. The report pulls no punches... more»
According to news reports, part of the EU's cybercrime strategy is "remote search" of suspects' computers. I'm not 100% certain what that means, but likely guesses are alarming. The most obvious interpretation is also the most alarming: that some police officer will have the right and the ability to peruse people's computers from his or her desktop. How, precisely, is this to be done? Will Microsoft and Apple – and Ubuntu and Red Hat and all the BSDs and everyone else who ships systems – have to build back doors into all operating systems? more»
Copyright © 2002-2009 CircleID.
Iomemo Inc.
All rights reserved unless where otherwise noted.
