nationalsecuritypolicy – Page 16

NSA Document Outlining Russian Attempts to Hack Voter Rolls

Posted on June 9, 2017 by Bruce Schneier

This week brought new public evidence about Russian interference in the 2016 election. On Monday, the Intercept published a top-secret National Security Agency document describing Russian hacking attempts against the US election system. While the attacks seem more exploratory than operational – and there’s no evidence that they had any actual effect – they further illustrate the real threats and… Continue reading NSA Document Outlining Russian Attempts to Hack Voter Rolls→

Surveillance Intermediaries

Posted on June 7, 2017 by Bruce Schneier

Interesting law-journal article: "Surveillance Intermediaries," by Alan Z. Rozenshtein. Abstract:Apple’s 2016 fight against a court order commanding it to help the FBI unlock the iPhone of one of the San Bernardino terrorists exemplifies how central the question of regulating government surveillance has become in American politics and law. But scholarly attempts to answer this question have suffered from a serious… Continue reading Surveillance Intermediaries→

NSA Abandons "About" Searches

Posted on May 19, 2017 by Bruce Schneier

Earlier this month, the NSA said that it would no longer conduct "about" searches of bulk communications data. This was the practice of collecting the communications of Americans based on keywords and phrases in the contents of the messages, not based on who they were from or to. The NSA’s own words: After considerable evaluation of the program and available… Continue reading NSA Abandons "About" Searches→

The US Senate Is Using Signal

Posted on May 17, 2017 by Bruce Schneier

The US Senate just approved Signal for staff use. Signal is a secure messaging app with no backdoor, and no large corporate owner who can be pressured to install a backdoor. Susan Landau comments. Maybe I’m being optimistic, but I think we just won the Crypto War. A very important part of the US government is prioritizing security over surveillance…. Continue reading The US Senate Is Using Signal→

Securing Elections

Posted on May 10, 2017 by Bruce Schneier

Technology can do a lot more to make our elections more secure and reliable, and to ensure that participation in the democratic process is available to all. There are three parts to this process. First, the voter registration process can be improved. The whole process can be streamlined. People should be able to register online, just as they can register… Continue reading Securing Elections→

Attack vs. Defense in Nation-State Cyber Operations

Posted on April 13, 2017 by Bruce Schneier

I regularly say that, on the Internet, attack is easier than defense. There are a bunch of reasons for this, but primarily it’s 1) the complexity of modern networked computer systems and 2) the attacker’s ability to choose the time and method of the attack versus the defender’s necessity to secure against every type of attack. This is true, but… Continue reading Attack vs. Defense in Nation-State Cyber Operations→

Attack vs. Defense in Nation-State Cyber Operations

Posted on April 13, 2017 by Bruce Schneier

Incident Response as "Hand-to-Hand Combat"

Posted on April 7, 2017 by Bruce Schneier

NSA Deputy Director Richard Ledgett described a 2014 Russian cyberattack against the US State Department as "hand-to-hand" combat: "It was hand-to-hand combat," said NSA Deputy Director Richard Ledgett, who described the incident at a recent cyber forum, but did not name the nation behind it. The culprit was identified by other current and former officials. Ledgett said the attackers’ thrust-and-parry… Continue reading Incident Response as "Hand-to-Hand Combat"→

Encryption Policy and Freedom of the Press

Posted on April 4, 2017 by Bruce Schneier

Interesting law journal article: "Encryption and the Press Clause," by D. Victoria Barantetsky. Abstract: Almost twenty years ago, a hostile debate over whether government could regulate encryption — later named the Crypto Wars — seized the country. At the center of this debate stirred one simple question: is encryption protected speech? This issue touched all branches of government percolating from… Continue reading Encryption Policy and Freedom of the Press→

Congress Removes FCC Privacy Protections on Your Internet Usage

Posted on March 31, 2017 by Bruce Schneier

Think about all of the websites you visit every day. Now imagine if the likes of Time Warner, AT&T, and Verizon collected all of your browsing history and sold it on to the highest bidder. That’s what will probably happen if Congress has its way. This week, lawmakers voted to allow Internet service providers to violate your privacy for their… Continue reading Congress Removes FCC Privacy Protections on Your Internet Usage→