Edward Felten

Edward Felten

Infobox Scientist
name = Edward William Felten


image_width = 200px
caption = Edward Felten
birth_date = Birth date and age|1963|3|25
birth_place =
death_date =
death_place =
residence = Princeton, New Jersey
citizenship = American
field = Computer Science public affairs
work_institutions = Princeton University
alma_mater = California Institute of Technology University of Washington
doctoral_advisor = Edward D. Lazowska and John Zahorjan
doctoral_students =
known_for = Secure Digital Music Initiative
prizes = EFF Pioneer Award
religion =
footnotes =

Edward William Felten (born March 25, 1963) is a professor of computer science and public affairs at Princeton University.

Felten has done a variety of computer security research, including groundbreaking work on proof-carrying authentication and work on security related to the Java programming language, but he is perhaps best known for his paper on the Secure Digital Music Initiative (SDMI) challenge.

Biography

Felten attended the California Institute of Technology and graduated with a degree in Physics in 1985. He worked as a staff programmer at Caltech from 1986 to 1989 on a parallel supercomputer project at Caltech. He then enrolled as a graduate student in Computer Science at the University of Washington. He was awarded an M.S. degree in 1991 and a Ph.D in 1993. His Ph.D. thesis was on developing an automated protocol for communication between parallel processors.

In 1993, he joined the faculty of Princeton University in the Department of Computer Science as an Assistant Professor. He was promoted to Associate Professor in 1999 and to Professor in 2003. In 2006, he joined the Woodrow Wilson School of Public and International Affairs, though computer science remains his home department. In 2005, he became the Director of the Center for Information and Technology Policy at Princeton. He has served as a consultant to law firms, corporations, private foundations, and government agencies. His research involves computer security, and technology policy. [cite web
url = http://www.cs.princeton.edu/~felten/FeltenCV.pdf
title = Edward Felten's Curriculum Vitae
accessdate = 2008-05-19
last = Felten
first = Edward
authorlink = Edward Felten
]

He lives in Princeton, New Jersey with his family. Since 2006, he has been a member of the board of the Electronic Frontier Foundation.In 2007 he was inducted as a Fellow of the Association for Computing Machinery.

US v. Microsoft

Felten was a witness for the United States government in United States v. Microsoft, where the softwarecompany was charged with committing a variety of antitrust crimes. During the trial, Microsoft's attorneys denied that it was possible to remove the Internet Explorer web browser from a Windows 98 equipped computer without significantly impairing the operation of Windows.

Citing research he had undertaken with Christian Hicks and Peter Creath, two of his former students,cite web
url = http://www.thestandard.com/article/0,1902,24020,00.html
title = Security Code-Cracking Professor Pulls 'How-To' Paper
accessdate = 2007-05-07
last = Wasserman
first = Elizabeth
date = April 26, 2001
publisher = The Industry Standard
] Felten testified that it was possible to remove Internet Explorer functionality from Windows without causing problems with the operating system. He demonstrated his team's tool in court, showing nineteen ways in which it is normally possible to access the web browser from the Windows platform that his team's tool rendered inaccessible.

Microsoft argued that Felten's changes did not truly remove Internet Explorer, but only made its functionality inaccessible to the end user by removing icons, shortcuts and the iexplore.exe executable file, and making changes to the system registry. This led to a debate as to what exactly constitutes the "web browser," since much of the core functionality of Internet Explorer is stored in shared DLLs, accessible to any program running under Windows.

Microsoft also argued that Felten's tool did not even completely remove web-browsing capability from the system, since it was still possible to access the web through other Windows executables besides iexplore.exe, such as the Windows help system.

The SDMI challenge

As part of a contest in 2000, SDMI (Secure Digital Music Initiative) invited researchers and others to try to break the digital audio watermark technologies that they had devised. In a series of individual challenges, the participants were given a sample audio piece, with one of the watermarks embedded. If the participants sent back the sample with the watermark removed (and with less than an acceptable amount of signal loss, though this condition was not stated by SDMI), they would win that particular challenge.

Felten was an initial participant of the contest. He chose to opt out of confidentiality agreements that would make his team eligible for the cash prize. Despite being given very little or no information about the watermarking technologies other than the audio samples, and having only three weeks to work with them, Felten and his team managed to modify the files sufficiently that SDMI's automated judging system declared the watermark removed.

SDMI did not accept that Felten had successfully broken the watermark according to the rules of the contest, noting that there was a requirement that the files lose no sound quality. They claimed that the automated judging result was inconclusive as a submission which simply wiped all the sounds off the file would have successfully removed the watermark, but would not meet the quality requirement.

DMI Lawsuits

Felten's team developed a scientific paper explaining the methods used by his team in defeating the SDMI watermarks. Planning to present the paper at the Fourth International Information Hiding Workshop of 2001 in Pittsburgh, Felten was threatened with legal action by SDMI,cite web
url = http://www.eff.org/IP/DMCA/Felten_v_RIAA/20010409_riaa_sdmi_letter.html
title = RIAA/SDMI Legal Threat Letter
accessdate = 2007-05-07
last = Oppenheim
first = Matthew J.
date = April 9, 2001
publisher = Electronic Frontier Foundation
] the Recording Industry Association of America, and [http://verance.com Verance Corporation] , under the terms of the DMCA, on the argument that one of the technologies his team had broken was currently in use in the market. Felten withdrew the presentation from the workshop, reading a brief statement about the threats instead. SDMI and other copyright holders denied that they had ever threatened to sue Felten. However, SDMI appears to have threatened legal action when spokesman Matthew Jan Oppenheim warned Felten in a letter that "any disclosure of information gained from participating in the Public Challenge....could subject you and your research team to actions under the Digital Millennium Copyright Act.". [cite web
url = http://www.theregister.co.uk/2001/04/23/sdmi_cracks_revealed/
title = SDMI cracks revealed
accessdate = 2007-05-07
last = Greene
first = Thomas C.
date = April 23, 2001
work = Security
publisher = The Register
]

Felten (with help from the Electronic Frontier Foundation) sued the groups, requesting a declaratory judgement ruling that their publication of the paper would be legal. The case was dismissed for a lack of standing cite web
url = http://www.eff.org/IP/DMCA/Felten_v_RIAA/20011128_hearing_transcript.html
title = Final Hearing Transcript, Felten v. RIAA
accessdate = 2007-05-07
date = November 28, 2001
publisher = Electronic Frontier Foundation
]

Felten presented his paper at the USENIX security conference in 2001. The Justice Department has offered Felten and other researchers assurances that the DMCA does not threaten their work, and stated that the legal threats against them were invalid.

Diebold analysis

On September 13, 2006, Felten and two graduate students were able to hack into a Diebold Election Systems (now Premier Election Solutions) voting machine. Their findings claimed, "Malicious software running on a single voting machine can steal votes with little if any risk of detection. The malicious software can modify all of the records, audit logs, and counters kept by the voting machine, so that even careful forensic examination of these records will find nothing amiss." [cite paper
author = Ariel J. Feldman, Alex Halderman, and Edward W. Felten
title = Security Analysis of the Diebold AccuVote-TS Voting Machine
version =
publisher = Princeton University
date = September 13, 2006
url = http://itpolicy.princeton.edu/voting/ts-paper.pdf
format = PDF
accessdate = 2007-05-07
]

Current activities

Today, Felten is an active voice in the area of technology policy, having started the Freedom to Tinker weblog and testifying before Congress on copyright issues.

The 2005 Sony BMG CD copy protection scandal started when it was discovered on October 31, 2005 that Sony's XCP copy protection software on the CD "Get Right With The Man" by Van Zant contained hidden files that could damage the operating system, install spyware and make the user's computer vulnerable to attack when the CD was played on a Microsoft Windows-based PC. Sony then released a software patch to remove XCP. On November 15, 2005, it was discovered that Sony's method for removing XCP copy protection software from the computer makes it more vulnerable to attack, as it essentially installed a rootkit in the form of an Active X control used by the uninstaller, left on the user's machine and set so as to allow any web page to execute arbitrary code without any need to authenticate to the machine or request the user's permission. Felten and graduate student Alex Halderman, who explored the removal program, said

The consequences of the flaw are severe, it allows any Web page you visit to download, install, and run any code it likes on your computer. Any Web page can seize control of your computer; then it can do anything it likes. That's about as serious as a security flaw can get. [cite web
url = http://www.freedom-to-tinker.com/?p=927
title = Sony’s Web-Based Uninstaller Opens a Big Security Hole; Sony to Recall Discs
accessdate = 2007-05-07
last = Felten
first = Edward
authorlink = Edward Felten
coauthors = Alex Halderman
date = November 15, 2005
publisher = Freedom to Tinker
]

In February 2008, Felten was involved in research into the cold boot attack.cite paper|url=http://citp.princeton.edu/memory/|title=Lest We Remember: Cold Boot Attacks on Encryption Keys|author=J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten|publisher=Princeton University|date=2008-02-21|accessdate=2008-02-22]

ee also

*RIAA
*SDMI
*EFF
*DMCA
*Java security

References

External links

* [http://www.cs.princeton.edu/~felten/ Edward W. Felten homepage]
* [http://www.freedom-to-tinker.com/ Freedom to Tinker weblog]
* [http://www.eff.org/IP/DMCA/Felten_v_RIAA/ Felten, et al v. RIAA case archive] (EFF)
* [http://www.verance.com Verance Corporation]
* [http://cyber.law.harvard.edu/msdoj/ Harvard Law School's collection of documents relating to Microsoft antitrust lawsuit]
* [http://itpolicy.princeton.edu/pub/sonydrm-ext.pdf Lessons from the Sony CD DRM Episode, by J. Alex Halderman and Edward W. Felten]


Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Edward Felten — Edward W. Felten Edward William Felten (* 25. März 1963) ist Professor für Informatik und Öffentliche Angelegenheiten an der Princeton University. Felten hat eine Vielzahl an Forschungsarbeiten im Bereich Computersicherheit geleistet, unter… …   Deutsch Wikipedia

  • Felten — ist der Name folgender Personen: Edward Felten (* 1963), US amerikanischer Informatiker Florens Felten (* 1941), deutscher Klassischer Archäologe Franz Josef Felten (* 1946), deutscher Historiker Margrith von Felten (* 1944), Schweizer… …   Deutsch Wikipedia

  • Felten — is the surname of: *Edward Felten, a professor of computer science and public affairs at Princeton University *Yury Felten, a court architect to Catherine the Great, Empress of Russiaee also*Felton *Fulton …   Wikipedia

  • Liste der Biografien/Fe — Biografien: A B C D E F G H I J K L M N O P Q …   Deutsch Wikipedia

  • SDMI — Die Neutralität dieses Artikels oder Abschnitts ist umstritten. Eine Begründung steht auf der Diskussionsseite. Die Secure Digital Music Initiative (SDMI) ist im Dezember 1998 aus einem Zusammenschluss der RIAA mit ihrem japanischen Pendant RIAJ… …   Deutsch Wikipedia

  • Secure Digital Music Initiative — Die Secure Digital Music Initiative (SDMI) ist im Dezember 1998 aus einem Zusammenschluss der RIAA mit ihrem japanischen Pendant RIAJ und der IFPI entstanden. Der Industrieverband umfasst heute auch Computer , HiFi sowie Hard und Software… …   Deutsch Wikipedia

  • Electronic Frontier Foundation — Infobox Company name = Electronic Frontier Foundation type = non profit organization foundation = 1990, U.S. location = San Francisco, California key people = industry = Law num employees = products = revenue = net income = homepage = [http://www …   Wikipedia

  • Sequoia Voting Systems — is a California based company that isone of the largest providers of electronic voting systems in the U.S. Some of its major competitors are Premier Election Solutions (formerly Diebold Election Systems) and Election Systems Software.Company… …   Wikipedia

  • Jim Allchin — Infobox person name = Jim Allchin image size = 250px birth date = 1951 birth place = Grand Rapids, Michigan death date = death place = nationality = American alma mater = University of Florida Stanford University known for = His work at Microsoft …   Wikipedia

  • Extended Copy Protection — XCP redirects here. For other uses, see XCP (disambiguation). Extended Copy Protection (XCP) is a software package developed by the British company First 4 Internet, (which on 20 November 2006, changed its name to Fortium Technologies Ltd see… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”