Eric Rescorla

Eric is CTO of the Firefox team at Mozilla.
Privacy & Security

Privacy analysis of FLoC

In a previous post, I wrote about a new set of technologies “Privacy Preserving Advertising”, which are intended to allow...

Read More
Mozilla

The future of ads and privacy

The modern web is funded by advertisements. Advertisements pay for all those “free” services you love, as well as many...

Read More
Internet Policy

Notes on Implementing Vaccine Passports

Now that we’re starting to get widespread COVID vaccination “vaccine passports” have started to become more relevant. The idea behind...

Read More
Leadership

Notes on Addressing Supply Chain Vulnerabilities

Addressing Supply Chain Vulnerabilities One of the unsung achievements of modern software development is the degree to which it has...

Read More
Leadership

What WebRTC means for you

If I told you that two weeks ago IETF and W3C finally published the standards for WebRTC, your response would...

Read More
Leadership

Why getting voting right is hard, Part V: DREs (spoiler: they’re bad)

This is the fifth post in my series on voting systems (catch up on parts I, II, III and IV),...

Read More
Leadership

Why getting voting right is hard, Part IV: Absentee Voting and Vote By Mail

This is the fourth post in my series on voting systems. Part I covered requirements and then Part II and...

Read More
Leadership

Why getting voting right is hard, Part III: Optical Scan

This is the third post in my series on voting systems. For background see part I. As described in part...

Read More
Leadership

Why getting voting right is hard, Part II: Hand-Counted Paper Ballots

In Part I we looked at desirable properties for voting system. In this post, I want to look at the...

Read More
Leadership

Why getting voting right is hard, Part I: Introduction and Requirements

Every two years around this time, the US has an election and the rest of the world marvels and asks...

Read More
Leadership

A look at password security, Part V: Disk Encryption

The previous posts ( I, II, III, IV) focused primarily on remote login, either to multiuser systems or Web sites...

Read More
Leadership

A look at password security, Part IV: WebAuthn

As discussed in part III, public key authentication is great in principle but in practice has been hard to integrate...

Read More