Jim Risen writes a long and interesting article about his battles with the US government and the New York Times to report government secrets. Powered by WPeMatico
Category: nationalsecuritypolicy
Auto Added by WPeMatico
Commentaries on the 2017 US national security strategy by Michael Sulmeyer and Ben Buchanan. Powered by WPeMatico
The Washington Post is reporting that poor morale at the NSA is causing a significant talent shortage. A November New York Times article said much the same thing. The articles point to many factors: the recent reorganization, low pay, and the various leaks. I have been saying for a while that the Shadow Brokers leaks … Read More “NSA Morale” »
Estonia recently suffered a major flaw in the security of their national ID card. This article discusses the fix and the lessons learned from the incident: In the future, the infrastructure dependency on one digital identity platform must be decreased, the use of several alternatives must be encouraged and promoted. In addition, the update and … Read More “Lessons Learned from the Estonian National ID Security Flaw” »
Matt Blaze’s House testimony on the security of voting machines is an excellent read. (Details on the entire hearing is here.) I have not watched the video. Powered by WPeMatico
Amazon has a cloud for US classified data. The physical and computer requirements for handling classified information are considerable, both in terms of technology and procedure. I am surprised that a company with no experience dealing with classified data was able to do it. Powered by WPeMatico
The White House has released a new version of the Vulnerabilities Equities Process (VEP). This is the inter-agency process by which the US government decides whether to inform the software vendor of a vulnerability it finds, or keep it secret and use it to eavesdrop on or attack other systems. You can read the new … Read More “New White House Announcement on the Vulnerability Equities Process” »
Last week, I testified before the House Energy and Commerce committee on the Equifax hack. You can watch the video here. And you can read my written testimony below. Testimony and Statement for the Record of Bruce Schneier Fellow and Lecturer, Belfer Center for Science and International Affairs, Harvard Kennedy School Fellow, Berkman Center for … Read More “Me on the Equifax Breach” »
Earlier this month, Deputy Attorney General Rod Rosenstein gave a speech warning that a world with encryption is a world without law — or something like that. The EFF’s Kurt Opsahl takes it apart pretty thoroughly. Last week, FBI Director Christopher Wray said much the same thing. This is an idea that will not die. … Read More “FBI Increases Its Anti-Encryption Rhetoric” »
In August, four US Senators introduced a bill designed to improve Internet of Things (IoT) security. The IoT Cybersecurity Improvement Act of 2017 is a modest piece of legislation. It doesn’t regulate the IoT market. It doesn’t single out any industries for particular attention, or force any companies to do anything. It doesn’t even modify … Read More “IoT Cybersecurity: What’s Plan B?” »