Mr. Daniel J Weitzner

Principal Research Scientist
Director, MIT Internet Policy Research Initiative

Primary DLC

Computer Science and Artificial Intelligence Laboratory

MIT Room: 32-G526

Areas of Interest and Expertise

Electronic Commerce (E-Commerce) and Marketing
eBusiness
World Wide Web Consortium (W3C) -- Management, Technology and Society
Internet Policy
Computer Science
Big Data
Cybersecurity

Recent Work

  • Video

    Daniel Weitzner - RD2017

    November 22, 2017Conference Video Duration: 37:17

    Data Ownership Impact on Privacy and Security

     

    2017 MIT Research and Development Conference

    Daniel Weitzner

    October 19, 2017MIT Faculty Feature Duration: 28:24

    MIT

    Daniel Weitzner - 2016-ICT-Conference

    April 27, 2016Conference Video Duration: 22:18

    Data Ownership Impact on Privacy and Security

    Encryption as a means of data control (privacy and security):

    For a long time, interaction on Web has been less private or secure than many end-users expect and prefer. Now, however, the widespread
    deployment of encryption helps us to change that.

    * Making encryption widespread. For years we have known how to do encryption, but it wasn't widely used, because it wasn't part of overall
    system design. In response, particularly as we've become aware of capabilities for network-scale monitoring, standards groups including
    IETF and W3C have worked to encrypt more of those network connections at the protocol and API-design phase, and to make it easier to deploy and use encrypted protocols such as HTTPS. Encryption won't necessarily stop a targeted attack (attackers can often break end-user systems where they can't brute-force break the encryption), but it raises the effort required for surveillance and forces transparency on other network participants who want to see or shape traffic.

    * Secure authentication. Too many of our "secure" communications are protected by weak password mechanisms, leaving users open to password database breaches and phishing attacks. Strong new authentication mechanisms, being worked on for web-wide standards, can replace the password; helping users and applications to secure accounts more effectively. Strong secure authentication will enable users to manage their personal interactions and data privacy, as well as securing commercial data exchange.

    2016 MIT Information and Communication Technologies Conference

    Data Ownership Panel - 2016-ICT-Conference

    April 27, 2016Conference Video Duration: 71:10

    Data Ownership Impact on Privacy and Security

    Encryption as a means of data control (privacy and security):

    For a long time, interaction on Web has been less private or secure than many end-users expect and prefer. Now, however, the widespread
    deployment of encryption helps us to change that.

    * Making encryption widespread. For years we have known how to do encryption, but it wasn't widely used, because it wasn't part of overall
    system design. In response, particularly as we've become aware of capabilities for network-scale monitoring, standards groups including
    IETF and W3C have worked to encrypt more of those network connections at the protocol and API-design phase, and to make it easier to deploy and use encrypted protocols such as HTTPS. Encryption won't necessarily stop a targeted attack (attackers can often break end-user systems where they can't brute-force break the encryption), but it raises the effort required for surveillance and forces transparency on other network participants who want to see or shape traffic.

    * Secure authentication. Too many of our "secure" communications are protected by weak password mechanisms, leaving users open to password database breaches and phishing attacks. Strong new authentication mechanisms, being worked on for web-wide standards, can replace the password; helping users and applications to secure accounts more effectively. Strong secure authentication will enable users to manage their personal interactions and data privacy, as well as securing commercial data exchange.

    2016 MIT Information and Communication Technologies Conference