Today, Michelle Price shared inspiring remarks about her experience and vision for cybersecurity at the Indiana University Maurer School of Law. Price is currently a Senior Adviser for Cyber Security at the Australian National University’s National Security College. She is on secondment from the Department of the Prime Minister and Cabinet. You can follow Michelle Price on Twitter @Mich1175. Here are some highlights from remarks earlier today.
Today, the Federal Communications Commission adopted new rules that apply to Internet Service Providers, but not “edge” providers such as Twitter or Facebook. (The Federal Trade Commission has jurisdiction over edge providers.) The 3-2 vote divided along party lines. The rules seek to protect consumer privacy and security. Here are some highlights.
It’s been quite a while since my last post, but this past week has been just brimming with legal news surrounding computer laws, so I felt compelled to comment. The Ninth Circuit issued two highly controversial opinions interpreting the CFAA, (one seems to criminalize password sharing; the other criminalizes visiting a website once they specifically tell you not to), and the Second Circuit issued a win for Microsoft in the Microsoft-Ireland case. Although all of these rulings are very interesting, and I have plenty to say, I’ll be limiting my commentary to the Microsoft ruling. As you may recall, I covered this case in a previous post, and the Second Circuit has apparently completely disregarded my very sound legal advice! So let’s try again. Continue reading
For every user who has wondered “did someone backdoor this?”, there should be a developer ensuring that the code they released can be verified, and tampering detected. Package maintainers and users must also exercise diligence in order to avoid running untrusted code. This article walks through each step in the chain of custody between a hypothetical open source software project’s developers and users, covering vulnerabilities that can occur at each step, as well as some ways to mitigate them. Targeted at moderate to experienced Linux users who may never have been deeply involved in distributing code or binary packages through experienced developers and package maintainers.
Apple CEO Tim Cook is in the news again for publicly protesting a court order requesting Apple to assist the FBI in unlocking an iPhone used by one of the San Bernardino terrorists. Tim Cook has made several strong statements against compromising the security of Apple products to facilitate law enforcement, and when taken at face value this seems to be another iteration of the ongoing encryption backdoor debate. Indeed the timing seems almost suspiciously appropriate, as FBI Director James Comey is also in the news regarding his comments to the Senate on encryption’s impact on law enforcement. I’ve discussed the encryption debate previously, but I’m highlighting this particular scenario because it strikes me as quite a different question than Tim Cook is letting on, and warrants some discussion. Continue reading