In this episode, I debate Michael Schmitt, a prime mover in two Talinn Manuals on international law and cyber operations. We are joined by an expert on the topic and a new Steptoe partner, Brian Egan, who was formerly the State Department legal adviser, among other accomplishments. And among the hypotheticals is indeed a DDOS attack on the United States by internet-enabled vibrators with unchangeable default passwords. Because, as the news roundup covers, the FTC may soon be wrestling with the question of how to regulate such security violations.

Meanwhile, Michael Vatis and I clash over the meaning of the NSA’s decision to abandon productive intelligence collection. I think it’s risk aversion and a return to September 10. Michael thinks it’s too early to make that judgment.

Stephanie Roy gives an overview of Ajit Pai’s plan to undo the last two Federal Communications Commissions’ net neutrality strategies.

Michael reports on two Silicon Valley giants who fell prey to $100 million (each) cyberscams. I wonder if this means that technologists will stop gloating that Snowden and Shadowbrokers show that only private companies can be trusted to do security right.

This week in news that isn’t news at all: The Russians who hacked Clinton are going after Emmanuel Macron in France, says Trend Micro.  

Finally, vigilante justice seems to be sweeping the internet, as the spousal spyware firm, Flexispy, is doxed, and Brickerbot starts securing insecure IOT devices the hard way—by bricking them.

As always, the Cyberlaw Podcast welcomes feedback. Send an email to CyberlawPodcast@steptoe.com or leave a message at +1 202 862 5785.