Collaborate Disseminate
The Crypto Wars have been waging off-and-on for a quarter-century. On one side is law enforcement, which wants to be able to break encryption, to access devices and communications of terrorists and criminals. On the other are almost every cryptographer and computer security expert, repeatedly explaining that there’s no way to provide this capability without also weakening the security of… Continue reading Cybersecurity for the Public Interest
Really interesting article by and interview with Paul M. Nakasone (Commander of US Cyber Command, Director of the National Security Agency, and Chief of the Central Security Service) in the current issue of Joint Forces Quarterly. He talks about the evolving role of US Cyber Command, and its new posture of "persistent engagement" using a "cyber-persistant force." From the article:… Continue reading Gen. Nakasone on US Cyber Command
Gregory C. Allen at the Center for a New American Security has a new report with some interesting analysis and insights into China’s AI strategy, commercial, government, and military. There are numerous security — and national security — implications…. Continue reading China’s AI Strategy and its Security Implications
Our work in cybersecurity is inexorably intertwined with public policy and — more generally — the public interest. It’s obvious in the debates on encryption and vulnerability disclosure, but it’s also part of the policy discussions about the Intern… Continue reading Public-Interest Tech at the RSA Conference
Our work in cybersecurity is inexorably intertwined with public policy and — more generally — the public interest. It’s obvious in the debates on encryption and vulnerability disclosure, but it’s also part of the policy discussions about the Internet of Things, cryptocurrencies, artificial intelligence, social media platforms, and pretty much everything else related to IT. This societal dimension to our… Continue reading Public-Interest Tech at the RSA Conference
Our work in cybersecurity is inexorably intertwined with public policy and — more generally — the public interest. It’s obvious in the debates on encryption and vulnerability disclosure, but it’s also part of the policy discussions about the Internet of Things, cryptocurrencies, artificial intelligence, social media platforms, and pretty much everything else related to IT. This societal dimension to our… Continue reading Public-Interest Tech at the RSA Conference
Good essay on the inherent vulnerabilities in the cell phone standards and the market barriers to fixing them. So far, industry and policymakers have largely dragged their feet when it comes to blocking cell-site simulators and SS7 attacks. Senator Ron Wyden, one of the few lawmakers vocal about this issue, sent a letter in August encouraging the Department of Justice… Continue reading Security Vulnerabilities in Cell Phone Systems
Good essay on the inherent vulnerabilities in the cell phone standards and the market barriers to fixing them. So far, industry and policymakers have largely dragged their feet when it comes to blocking cell-site simulators and SS7 attacks. Senator Ron… Continue reading Security Vulnerabilities in Cell Phone Systems
The US House of Representatives Committee on Oversight and Government Reform has just released a comprehensive report on the 2017 Equifax hack. It’s a great piece of writing, with a detailed timeline, root cause analysis, and lessons learned. Lance Spitzner also commented on this. Here is my testimony before before the House Subcommittee on Digital Commerce and Consumer Protection last… Continue reading Congressional Report on the 2017 Equifax Data Breach
Good essay on the security risks — to democratic discourse — of chatbots…. Continue reading Security Risks of Chatbots