Hats off to the French! (I don't say that often.)

Episode 323 of the Cyberlaw Podcast


In the News Roundup, Dave Aitel (@daveaitel), Mark MacCarthy (@Mark_MacCarthy), and Nick Weaver (@ncweaver) and I discuss how French and Dutch investigators pulled off the coup of the year this April, when they totally pwned a shady "secure phone" system used by large numbers of European criminals. Nick Weaver explains that hacking the phones of Entrochat users gave the police access to big troves of remarkably candid criminal text conversations. And, I argue, it shows a flaw in the argument of encryption defenders who say that restricting Silicon Valley encryption will send criminals to less savory companies. That's true, but sleazeball companies are inherently more prone to compromise, as happened here.

This week the EARN IT Act went from Washington-controversial to Washington consensus in the usual way.  It was amended into mush. Indeed, there's an argument that, by guaranteeing that nothing bad will happen to social platforms who adopt end-to-end encryption, the successful Leahy amendment actually makes e2e crypto more attractive than it already is under current law. That's my view, but Mark MacCarthy still thinks the twitching corpse of EARN IT might cause harm by allowing states to adopt stricter liability for child sex abuse material. He also thinks that it won't pass.  I have ten bucks that says it will, and by the end of the year.

Dave Aitel, new to the news roundup, discusses the bad week TikTok had in its second biggest market.  India has banned the app. And judging from some of the teardowns of the code, its days may be numbered elsewhere as well.   Dave points to reports that Angry Birds was used to collect user information as well when it was at the height of its popularity. We wax philosophic about why advertising and not national security agencies are breaking new ground in building our Brave New World.

Mark once worked for a credit card association, so he's the perfect person to comment on the next story, in which the founder of gab discovers that being labeled a "hate speech" platform won't just get you boycotted by Silicon Valley but by the credit card associations as well. Once we're in this vein, we mine it, covering Silicon Valley's concerted campaign to make sure Donald Trump can't possibly repeat 2016 in 2020. He's been deplatformed at Twitch this week for something he said in 2016.  And Reddit dumped his enormous subreddit for failure to observe its censorship rules – which I point out are designed to censor only people in "the majority." I argue it's time to defund the speech police.

Nick takes us to a remarkable Washington story. He thinks it's about a questionable Trump administration effort to redirect $10 million in "freedom tools" funding from cryptolibertarians to Falun Gong coders. I point out that US government funds going to the cryptolibertarians were paying the salary of the notorious Jake Applebaum and buying tools like TAILS that have protected appalling sextortionist criminals. Really, taking the money away from those projects would be a good idea if all we did with it was to burn the bills on cold days to warm the homeless on the Mall.

Returning to This Week in Hacked Phones, Nick explains the latest "man in the middle" attack that works as soon as the phone user visits a website. Any website.  Dave sets out the strikingly sophisticated and massive international surveillance system China is now aiming at Uighers all around the world.  And Nick warns of two bugs that, if you haven't spent the weekend fixing, may already be compromising your network.

In quick hits, I mock MIT for thinking that "pedophile" is a racial or ethnic slur but confess that its researchers must know more bad words than I do.  What, I ask, is a c****e, anyway? If MIT was cheating on the number of asterisks, we have an idea, but that really is cheating.  If you know, please don't tweet the answer; send it to our email.

Download the 323rd Episode (mp3)

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.

NEXT: Federal Court Rejects Jewish Overnight Children's Camps Challenge to Closure Orders

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. “That’s true, but sleazeball companies are inherently more prone to compromise, as happened here.”

    How has that worked out with Silk Road? One of the reports I get from a security firm estimates that 46 “professional” replacements are currently operational.

    But I’m not sure the MPAA and RIAA (frequent commercial partners of the little-people-don’t-have-private-affairs efforts) have figured out the flaws in this plan in 25-odd years of playing whack-a-mole, either.

  2. It is interesting that Twitch (owned by Amazon) deplatforms the Trump campaign, while Amazon ships fraudulent knockoff products from its own warehouses. The first is a curiosity of the internet age, the second is quite illegal and actionable.

  3. “If MIT was cheating on the number of asterisks, we have an idea, but that really is cheating.”

    I’ve seen two “e”s used (incorrectly) at the end of a word to make it more feminine or more young.

  4. Hey! No hats off to the Dutch? I thought you would appreciate that the Netherlands is the World Champion at wire tapping even at the best of times, at least among democracies.

  5. I’m pretty sure “c****e” is “Chinee.” It fits the asterisks but really doesn’t need any.

  6. > We wax philosophic about why advertising and not national security agencies are breaking new ground in building our Brave New World.

    Porque no los dos?

Please to post comments