nationalsecuritypolicy – Page 13 – SSL and internet security news

President Obama Talks About AI Risk, Cybersecurity, and More

October 20, 2016 infossl

cybersecurity, epidemiology, nationalsecuritypolicy, Security technology

Interesting interview: Obama: Traditionally, when we think about security and protecting ourselves, we think in terms of armor or walls. Increasingly, I find myself looking to medicine and thinking about viruses, antibodies. Part of the reason why cybersecurity continues to be so hard is because the threat is not a bunch of tanks rolling at … Read More “President Obama Talks About AI Risk, Cybersecurity, and More” »

Intelligence Oversight and How It Can Fail

October 18, 2016 infossl

fisa, intelligence, nationalsecuritypolicy, nsa, secrecy, Security technology

Former NSA attorneys John DeLong and Susan Hennessay have written a fascinating article describing a particular incident of oversight failure inside the NSA. Technically, the story hinges on a definitional difference between the NSA and the FISA court meaning of the word “archived.” (For the record, I would have defaulted to the NSA’s interpretation, which … Read More “Intelligence Oversight and How It Can Fail” »

Cybersecurity Issues for the Next Administration

October 14, 2016 infossl

censorship, cybersecurity, nationalsecuritypolicy, power, privacy, propaganda, Security technology, surveillance

On today’s Internet, too much power is concentrated in too few hands. In the early days of the Internet, individuals were empowered. Now governments and corporations hold the balance of power. If we are to leave a better Internet for the next generations, governments need to rebalance Internet power more towards the individual. This means … Read More “Cybersecurity Issues for the Next Administration” »

Security Economics of the Internet of Things

October 10, 2016 infossl

denialofservice, economicsofsecurity, embeddedsystems, incentives, internetofthings, nationalsecuritypolicy, patching, Security technology

Brian Krebs is a popular reporter on the cybersecurity beat. He regularly exposes cybercriminals and their tactics, and consequently is regularly a target of their ire. Last month, he wrote about an online attack-for-hire service that resulted in the arrest of the two proprietors. In the aftermath, his site was taken down by a massive … Read More “Security Economics of the Internet of Things” »

NSA Contractor Arrested for Stealing Classified Information

October 7, 2016 infossl

databreaches, homelandsecurity, intelligence, leaks, nationalsecuritypolicy, nsa, Security technology

The NSA has another contractor who stole classified documents. It’s a weird story: “But more than a month later, the authorities cannot say with certainty whether Mr. Martin leaked the information, passed them on to a third party or whether he simply downloaded them.” So maybe a potential leaker. Or a spy. Or just a … Read More “NSA Contractor Arrested for Stealing Classified Information” »

US and China in Cyberspace

October 4, 2016 infossl

china, cooperation, nationalsecuritypolicy, Security technology

This article on US/China cooperation and competition in cyberspace is an interesting lens through which to examine security policy. Powered by WPeMatico

The Cost of Cyberattacks Is Less than You Might Think

September 29, 2016 infossl

academicpapers, costbenefitanalysis, cyberattack, cybersecurity, databreaches, externalities, nationalsecuritypolicy, nist, reputation, Security technology, securityengineering, securitystandards

Interesting research from Sasha Romanosky at RAND: Abstract: In 2013, the US President signed an executive order designed to help secure the nation’s critical infrastructure from cyberattacks. As part of that order, he directed the National Institute for Standards and Technology (NIST) to develop a framework that would become an authoritative source for information security … Read More “The Cost of Cyberattacks Is Less than You Might Think” »

Two Good Essays on the NSA's "Upstream" Data Collection under Section 702

September 20, 2016 infossl

datacollection, fisa, nationalsecuritypolicy, nsa, privacy, Security technology, surveillance

Both are worth reading. Powered by WPeMatico

More on the Equities Debate

September 20, 2016 infossl

disclosure, nationalsecuritypolicy, Security technology, vulnerabilities

This is an interesting back-and-forth: initial post by Dave Aitel and Matt Tait, a reply by Mailyn Filder, a short reply by Aitel, and a reply to the reply by Filder. Powered by WPeMatico

The NSA Is Hoarding Vulnerabilities

August 26, 2016 infossl

cisco, dhs, edwardsnowden, essays, exploits, lies, nationalsecuritypolicy, nsa, Security technology, vulnerabilities, zeroday

The National Security Agency is lying to us. We know that because of data stolen from an NSA server was dumped on the Internet. The agency is hoarding information about security vulnerabilities in the products you use, because it wants to use it to hack others’ computers. Those vulnerabilities aren’t being reported, and aren’t getting … Read More “The NSA Is Hoarding Vulnerabilities” »