Steptoe Cyberlaw Podcast

Our interview this week is with Rob Reid, author of “After On” and “Year Zero,” two books that manage to translate serious technology nightmares into science fiction romps. We cover a lot of ground: synbio and giving eighth graders the tools for mass human extinction, the possibility that artificial intelligence (AI) will achieve takeoff and begin to act counter to humanity’s interests in a matter of hours. Along the way, we consider the possibility that the first AI will arise from a social media behemoth and will devote its exponential power to maximizing human hookups.

In the news, we explore the massive public relations disaster that is the Uber data breach and reach the surprising conclusion that the whole thing may turn out worse in the media than in the courts. Except in the EU, Maury Shenk reminds me. Europe just hates Uber viscerally. So much so that Jim Lewis suggests the company’s EU subsidiary will soon have to be renamed Unter.

Actually, it’s not just Uber that the EU hates. It’s all things technological, at least to judge by the European Parliament’s latest plan to use export controls to cripple technology companies whose products can be misused by authoritarian governments.

I note the release of the ODNI’s report on the intelligence community’s "masking" of U.S. identities in intel reports. We talk about the temptation to weaponized unmasking during transitions, and I ask why the “Gates procedures” that provide special protection for unmasking of Congressional identities shouldn’t also be used to protect Presidential transition teams.

Jim and I discuss Russia’s imposition of constraints on Radio Free Europe that match the new restrictions on RT in the United States. Jim and I struggle toward a Universal Theory of Putin as Overrated Global Troll.

Remember those Chinese "security" cameras deployed by US agencies that we covered in the last episode? Yeah, it's worse than you thought: the Chinese are getting close to identifying everyone caught on camera using gait and facial recognition.

I note that Sen. Ron Wyden (D-OR) has another campaign underway to imply that the Justice Department is imposing decryption assistance requirements under FISA without judicial review. In fact, if there is such an effort, the company on the receiving end already has a judicial remedy. And Maury explains that the head of Germany's new cybersecurity agency is joining the German government chorus arguing for "hack back," but only by the German government.

My candidate for “Dumbest Public Policy Battle of the Season”: The complaint that someone faked a bunch of meaningless, content-free comments on net neutrality. The problem is really the idea that the policy debate should be influenced by counting votes in the World’s Skeeviest Online Poll, an idea that seems to have sparked a kind of bot arms race between supporters and opponents of the FCC’s policy.

And my candidate for Coolest Technology Story of the Season: Feeding graphene to spiders and discovering that it greatly strengthens their webs. Every fifteen-year-old science fair participant should take heart: It turns out that with great quantities of graphene comes great responsibility.

As always, The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 194th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunesPocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Direct download: TheCyberlawPodcast-194.mp3
Category:general -- posted at: 7:27pm EDT

We celebrate the holiday season by interviewing David Ignatius, Columnist and Associate Editor at The Washington Post and the author of multiple spy thrillers, including his most recent, "The Quantum Spy." David and I discuss themes from the book, from quantum computing to ethnic and gender tensions at the Agency, while managing to avoid spoilers. It’s a fun and insightful work.

 

Steptoe partner Stewart Baker with David Ignatius.

In the news, I flag Twitter’s weird journey from the free speech wing of the free speech party to the censorship wing of the Censor’s Party. Twitter is now revoking the verification checks for people whose speech it disapproves of. It’s even de-checking people based on its assessment of their off-line conduct. So maybe that should be the Stasi wing of the Censor’s Party. And, not surprisingly, given Silicon Valley’s steep leftward-tilt, the censorship seems to fall far more harshly on the right than on less PC targets.

Markham Erickson and I treat Twitter’s wobbly stance as a symptom of the breakdown of the Magaziner Consensus, as both left and right for their own reasons come to view Big Tech with suspicion. Markham has shrewd observations about what it all means for the (questionable) future of social media’s section 230 immunity.

We dive into a surprising new analysis of China’s “50c Army.” Turns out that the Chinese government strategy for flooding the internet is 180 degrees off from Russia’s. Instead of a Trollfest, Chinese government-funded social media is saccharine sweet. Cheerleading and changing the subject are what its army does best.

Markham, Brian Egan, and I give broadly positive reviews to the US government’s recently announced Vulnerability Equities Process. And, in a correction to those who’ve said that other countries don’t have such a process, I point to evidence that China has one–in which all the equities seem to point to exploit, exploit, exploit.

All of which ought to turn the story of US agencies using Chinese “security” cameras from disquieting to positively frightening. Speaking of which, the Chinese company that made your drone has provided a case study on how not to do a bug bounty program. Read it and weep.

On a lighter note, we talk backflipping robots and a surprising peril of traveling with your family this holiday season–thumbprint phone security failure followed by titanic spousal air rage. Where is Tim Cook’s privacy schtick when we really need it?

Download the 193rd Episode (mp3).

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Direct download: TheCyberlawPodcast-193.mp3
Category:general -- posted at: 5:23pm EDT

With the Texas church shooting having put encryption back on the front burner, I claim that Apple is becoming the FBI's crazy ex-girlfriend in Silicon Valley—and offer the tapes to prove it. When Nick Weaver rises to Apple's defense, I point out that Apple responded to a Chinese government man-in-the-middle attack on iCloud users with spineless obfuscation rather than a brave defense of user privacy. Nick asks for a citation. Here it is: https://support.apple.com/en-us/HT203126 (Careful:  don't click without a chiropractor standing by.)

Nick provides actual news to supplement the New York Times' largely news-free front page storyabout leak and mole fears at NSA.

I gloat, briefly, over hackback's new respectability, as the Active Cyber Defense Certainty Act acquires new cosponsors, including Trey Gowdy, and hacking back acquires new respectability. But not everywhere.

Michael Sulmeyer finally gets a word in edgewise as the conversation shifts to the National Defense Authorization Act. He discusses the Modernizing Government Technology Act, the growing Armed Services Committee oversight of cyberoperations, and the decision to lift—and perhaps separate—Cyber Command from National Security Agency. I take issue with any decision that requires that a three-star NSA director to argue intelligence equities with a four-star combatant commander

We end with Michael Sulmeyer and I walking through the challenges for the Pentagon in deterring cyberattacks. We both end up expressing skepticism about the current path. 

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 192nd Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunesPocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Direct download: TheCyberlawPodcast-192.mp3
Category:general -- posted at: 1:48pm EDT

Episode 191 is our long-awaited election security podcast before a live, and lively, audience. Our panel consists of Chris Krebs, formerly of Microsoft and now the top cybersecurity official at DHS (with the longest title in the federal government as proof), and Ed Felten, formerly the deputy chief technology officer of the federal government and currently Princeton professor focused on cybersecurity and policy. We walk through the many stages of election machinery and the many ways that digitizing those stages has introduced new insecurities into our election results.

When all is said and done, however, the entire panel ends up more or less in one place: Election security is not to be taken for granted; it will be hard to achieve, but it’s not impossible, or even unaffordable. With sufficient will and focus, and perhaps a touch of Ned Ludd, we may be able to overcome the risk of foreign hackers interfering in our elections. At least outside of New Jersey.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 191st Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Direct download: TheCyberlawPodcast-191.mp3
Category:general -- posted at: 9:51am EDT

In our 190th episode, Stewart Baker has a chance to interview Sen. Sheldon Whitehouse (D-RI), who has a long history of engagement with technology and security issues. In this episode, we spend a remarkably detailed half-hour with him, covering the cybersecurity waterfront, from the FBI’s problems accessing the Texas church shooter’s phone, and what Silicon Valley should do about that, to Vladimir Putin’s electoral adventurism and how to combat it. Along the way, we touch (skeptically) on the NIST Cybersecurity Framework and more enthusiastically on allowing private citizens to leave their networks to track the hackers who’ve attacked them.  Plus: botnet cures, praise for Microsoft, a cybersecurity inspector general (or, maybe, bug bounties), DHS’s role in civilian cybersecurity, and how much bigger Rhode Island really is at low tide!

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 190th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Direct download: TheCyberlawPodcast-190.mp3
Category:general -- posted at: 1:34pm EDT

In our 189th episode Stewart Baker has a chance to interview United States Representative Tom Graves, co-sponsor of the Active Cyber Defense Certainty (ACDC) Act, which allows those whose networks are under persistent attack to leave their network to conduct investigative action.  Representative Graves offers a measured but deeply felt defense of the proposal and is optimistic about its reception.  And, with the hard-hitting investigative approach The Cyberlaw Podcast is known for, I ask the tough question:  “Is this bill a tribute to AC/DC – and if so, which song?”  (Hint in the title of the blog post.)

Mark your calendars for November 7th when we will gather for a live taping of a special episode on Election Cybersecurity at our Dupont Circle offices here in DC. To register please visit the Events page of our website at steptoe.com.

As always The Cyberlaw Podcast is open to feedback. Send your questions, suggestions for interview candidates or topics to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.

Download the 189th Episode (mp3).

Subscribe to The Cyberlaw Podcast here. We are also on iTunes, Pocket Casts, and Google Play (available for Android and Google Chrome)!

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Direct download: TheCyberlawPodcast-189.mp3
Category:general -- posted at: 2:38pm EDT

1