The Volokh Conspiracy
Mostly law professors | Sometimes contrarian | Often libertarian | Always independent
Cybersecurity – A British Perspective
Episode 347 of the Cyberlaw Podcast
The US has never really had a "cyberczar." Arguably, though, the U.K. has. The head of the National Cyber Security Center combines the security roles of NSA and DHS's CISA. To find out how cybersecurity issues look from that perspective, we interview Ciaran Martin, the first director of the NCSC.
In the news roundup, Paul Rosenzweig sums up recent successes in taking down the NetWalker and Emotet hacking networks: It's a win, and that's good, but we will need more than this to change the overall security status of the country.
Jordan Schneider explains the remarkable trove of leaked Chinese police records and the extraordinary surveillance now being imposed on the Uyghur minority in China.
Enthusiasts for end-to-end encryption should be worried, Mark MacCarthy and I conclude. First, the EU – once a firm advocate of unbreakable encryption – is now touting "security through encryption and security despite encryption." You can only get the second with some sort of lawful access, an idea that has now achieved respectability inside Brussels government circles, despite lobbying by e2e messaging firms based in Europe. On top of that, there's a growing fifth column of encryption skeptics inside the firms, whose sentiments can be summarized as, "I'm all for cop-proof encryption as long as it isn't used by lawbreakers who voted for Trump."
Paul brings us up to speed on the Office 36 – I mean the SolarWinds – attack. Turns out lots of companies were compromised without any connection to SolarWinds. The episode shows that information sharing about exploits still has a ways to go. And if you're a lawyer who's been paying ten cents a page for downloads from the federal courts' electronic filing system, whatever you've been paying for, it isn't security. The attackers got in there, and as a result, we'll be making sensitive filings on paper. First voting, then suing – more and more of our lives are heading off line.
Does China want your DNA, and why? I have a truly scary suggestion, and Jordan tries to talk me down.
The Facebook Oversight Board has issued its first decisions. Paul and Mark touch on the highlights. I predict that the board will overrule Trump's deplatforming, to surprisingly little dissent.
Jordan and I dig into two overviews of U.S. tech and military competition. It starts to feel a little incestuous when it turns out we all know the authors – and that Jordan has invited them all to be on his excellent podcast, ChinaTalk.
In short hits,
- I predict that Beijing will fight CFIUS to the last dollar of TikTok revenue. And could easily win.
- I question YouTube's demonetization of the Epoch Times, but Jordan has less sympathy for the paper.
- I'm less flexible about Google's hard-to-justify decision to block the ads of a group that (like most Americans) opposes Democratic proposals to pack the Supreme Court.
- And if you're wondering how dumb stuff like this happens, the L.A.Times gives an object lesson. Faced with a campaign to recall California governor Newsom, the Times dug into the online organizations supporting recall. Remarkably, it found that the groups included a lot of the same kinds of folks who came to Washington in January to protest President Biden's victory. Shortly after that drive-by festival of guilt by association, Facebook banned ads supporting the recall movement.
And more!
Download the 347th Episode (mp3)
Special announcement: We are thinking about hiring a part-time producer/sound engineer/intern for the Cyberlaw Podcast. That decision hasn't been made, but consider this a head start. If you or someone you know would want such a position, send their resume to us at CyberlawPodcast@Steptoe.com.
You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!
The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.
To get the Volokh Conspiracy Daily e-mail, please sign up here.
Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.
Please
to post comments
“On top of that, there’s a growing fifth column of encryption skeptics inside the firms, whose sentiments can be summarized as, “I’m all for cop-proof encryption as long as it isn’t used by lawbreakers who voted for Trump.””
Or didn’t actually vote for Trump, as it turns out. (They support him, just couldn’t be bothered I guess.)
I was thinking it’s just like free speech.
Grievance-consumed, whining right-wing partisans are among my favorite culture war casualties.
But why their authoritarian Republican content is published so regularly by an ‘often libertarian’ blog at an ostensibly libertarian website is a puzzler.
If the Russian Orthodox Church re-instates the monarchy in Russia (as some Russians hope it will), and if the POTUS creates a special diplomatic post dedicated to tracking, and studying, and advising the president about how to deal with, the Czar, will that advisor be called the “Czar Tsar”? And if his name is Binx, will he be “Czar Tsar Binx”?
These are difficult questions.
On occasion it happens when the player plays the beguilement and amazingly they play some unacceptable portland printers then they faced the epic issue for themselves so in this post, you tell around two sort shirts and those need to buy they fortify the one individual must.
So your this day passing the especially stunning and enchanting you have a not all that horrendous time its unfathomable the light or clean and wonderfully wind make the day to a remarkable degree nostalgic and overpowering I like this public speaking coach condition and find in this sort air so you do the creature that you made on air.
Cybersecurity in the UK is a big question mark. Hackers can use it to their advantage and steal your business-sensitive data. That is why it is important to know how to backup office 365 to the cloud.
Converter pdf online allows you to turn any picture into pdf. This free software helps you convert your picture of places, pets, nature and anything else in one click. Create a website document of your scanned photos, use them with Writer or Word and share on facebook.
The entire process was seamless and efficient. Connect-i’s team conducted a comprehensive assessment of my systems, identifying potential vulnerabilities and weaknesses. They then proceeded to simulate real-world attacks, testing the resilience of my defenses. Throughout the testing phase, they provided regular updates and reports, keeping me informed every step of the way, for more read https://www.connect-i.ch/en/penetration-testing-service . Furthermore, the Connect-i team was incredibly responsive and supportive throughout the entire process. They were always available to answer any questions or concerns I had, and their promptness in addressing any issues that arose was truly commendable. Their dedication to customer satisfaction was evident, and it made the entire experience all the more enjoyable. I was also impressed by the comprehensive nature of the reports provided by Connect-i. They not only highlighted the vulnerabilities discovered during the testing phase but also offered practical recommendations and solutions to address them. This level of detail and guidance was invaluable, as it allowed me to take immediate action to strengthen my systems and enhance their security.