Alex StamosVerified account

I'm going to step away from this one. I really care about privacy and security, as well as platform openness, freedom from censorship and stopping authoritarians who use the internet as a weapon. I just wish I was better about talking about these things in the reality of 2018.

There are a lot of good discussions, here on Twitter and elsewhere, about how tech needs to change. I wish everybody I engaged with was like a @zeynep, @MikeIsaac, @can or @pinboard.

I have always felt that the individuals who actually work on these problems should be engaged publicly. Doing so means balancing one's personal beliefs with their responsibility to their co-workers and employers. I don't know how to do that in this media environment.

There are a lot of big problems that the big tech companies need to be better at fixing. We have collectively been too optimistic about what we build and our impact on the world. Believe it or not, a lot of the people at these companies, from the interns to the CEOs, agree.

I have deleted my Tweets on Cambridge Analytica, not because they were factually incorrect but because I should have done a better job weighing in.

Here are some more thoughts on API privacy decisions in response to The Guardian.https://twitter.com/alexstamos/status/975049688847024128 …

This conversation will start with anger, blame, and casting aspersions on motivations. In the long run, the optimization we want for each society and/or tech platform is the conversation we need to have.

Some laudable goals: -Pseudoanonymity -Minimized data collection -Viewpoint neutral moderation -Near-real-time communication -Communication privacy -Censorship resistance -Resistance to abuse (including fake news, info ops) You can’t have all of these.

I’ve been thinking about this issue a lot, and I believe it falls into the same category of optimization problems as “Fast, good, cheap; pick two” and @zooko’s triangle. Except more complicated than optimizing on three dimensions.

I’ve been trying to warn folks about this. In private, it’s a useful conversation. The public commentary immediately tends towards snark and accusations of “tech bro whining”.

There is going to be a lot of strum und drang as activist and academic circles come to grips with the fundamental trade-offs inherent in solving the modern information integrity problem.https://twitter.com/lawyerpants/status/973686644636254213 …

Every public company CIO and CISO and their direct reports should only sell stock on 10b5-1 plans. I can't believe this isn't standard, like it is for CFOs and staff.https://twitter.com/WSJ/status/973939586584936450 …

In the battle between security researchers who think they can nerd their way through the law, and the ambitious AUSAs of the SDNY, I know where I would put my money.

I don't think these guys should go to prison. If this becomes a trend, then I'm predicting that there will be researchers who run afoul of exceedingly broad securities laws.https://twitter.com/chronic/status/973718151442690053 …

Short-seller driven vulnerability research is going to end in tears. Hopefully due to lost money, and not because naive researchers go to prison.