You get 1 free point for submitting Quiz #2. 

<h1>Problem #1: Public Anonymity (25 Points)</h1>

Read <a href="2004-10-MorganNewton-ProtectingPublicAnonymity.pdf">
Protecting Public Anonymity</a> by M. Granger Morgan and Elaine Newton of CMU. 
(PDF file doesn't read with MacOS Preview. You can also download 
<a href="http://www.vie-privee.be/download/bibliographie/protecting-public-anonymity.html">[text]</a>.)

<p>1. Write a 1-paragraph summary of the argument in this paper. (5 points)</p>

<p>2. Following the process described in the article, design an
Electronic Toll Collection System the performs the same overall
function as the E-ZPass or FastLane system, but which provides for
Public Anonymity. (20 points)</p>

<p>Do not take more than a single page.</p>


<h1>Problem #2: Reid on Computer Break-Ins (24 points)</h1>

Read <a href="p103-reid.pdf">Reflections on Some Recent Widespread Computer Break-Ins</a>, by Brian Reid. 

<p>Find three recommendations that Reid made for changes to improve
security in 1987 that are still relevant today. (8 points each). For each recommendation you should:</p>
<ul><li>Restate Reid's recommendation.
    <li>Explain why this recommendation is current today.
    <li>Explain why the recommendation hasn't been acted upon.
    <li>Explain how you would work to have this the recommendation acted upon today.
</ul></p>


<h1>Problem #3: Your Blog or Mine? (25 Points)</h1>

Read <a href="rosen_YourBlogOrMine.pdf">Your Blog or Mine?</a>,
by Jeffrey Rosen, published in the December 19, 2004 issue of <i>The New York Times Magazine</i>

<p>1. In a paragraph, summarize Rosen's argument and his conclusion. (5 points)</p>

<p>2. This article is presumably about privacy. Give a definition of
privacy that you think that Rosen would be comfortable with, in light
of what he has written in this article. (5 points)</p>

<p>3. Rosen briefly discusses and then dismisses LiveJournal's
security mechanisms, stating that most of the dating bloggers that he
has spoken with prefer to vent anonymously. Leaving aside Rosen's
methological problems, evaluate three of the security and privacy
mechanisms that are present on LiveJournal that are relevant to
Rosen's argument. For each evaluate its
goals, the usability of its implementation, and discuss whether the
mechanism supports or detracts from Rosen's argument. (5 points each)</p>




<h1>Problem #4: Usability and trust in information systems (25 points)</h1>

Read <a href="sasse.pdf">Usability and trust in information
systems</a>, by M. Angela Sasse. This is a chapter from a book and ---
be advised --- it is <i>very long</i>.

<p>The majority of this paper discusses authentication
issues. Referring to section 2.1, discuss Sasse's discussion of
passwords, tokens and biometrics. Do you think that Sasse successfully
hides which of the three technologies she likes best, or is their a
clear winner? Discuss. (10 points)</p>

<p>Referring to section 2.3.3, do you think that Sasse is arguing that user design depends on putting good
interfaces on otherwise well-written and secure programs, or something
else?  (5 points)</p>

<p>According to Sasse, what is the funadmental problem with most of
the research and published literature that has been done on the
"privacy" problem to date? What does Sasse mean by her statement that "most
people's attitudes to privacy is pragmatic, rather than dogmatic" ?
Do you agree or disagree with her? Give an example from your own
experience. (10 points).