The Curious Case of Stuxnet and North Korea: Why the News-Dumped Confession?
In news dump territory — 2:59 p.m. on a Friday afternoon following this last Memorial Day, to be exact — Reuters published an EXCLUSIVE story in which anonymous sources claimed the U.S. launched a cyber attack on North Korea using a…
No, There Is No Relative Human Value Status In Tragic Shootings
The BREAKING NEWS tonight is nine people being shot to death in Charleston South Carolina. From ABC News:
Nine people were killed when a gunman opened fire in a historic Charleston, South Carolina church Wednesday evening and police were…
Paradigm Change in Science and Economics
In this post, I discussed normal science, a term used by Thomas Kuhn in The Structure of Scientific Revolutions to describe the day to day work of scientists, focusing on the example of my brother’s work on transmission of pain in the…
Vaporous Voids: Questions Remain About Duqu 2.0 Malware
The use of stolen Foxconn digital certificates in Duqu 2.0 gnaws at me, but I can't put my finger on what exactly disturbs me. As detailed as reporting has been, there's not enough information about this malware's creation. Nor is there enough…
Paradigms in Economics
I am fascinated by the fact that economists do not seem fazed by the failure of their almost unanimous policy recommendations of deregulation and tax cuts, as I discuss here and here. Almost in unison, they chanted for decades that reducing…
DOJ Is Back On The Baseball Beat; Is Their Past Prologue?
While it is not quite as exciting as Trump!-mania, the other news this morning is that DOJ is getting back into the baseball game. Having brought responsibility to the financial sector, sent the Wall Street scourges all to prison, and accountability…
The Two Prongs of the Neoliberal Project
It may seem odd that a site focused on national security, domestic spying, and US foreign policy should have a secondary focus on the economy and on neoliberal economic theory. As I see it, these are the two prongs of the overall neoliberal…
emptywheel Takes a Vacation!
This is just a quick post to note that I'll be on vacation, with limited access to the Toobz, for the next two weeks. If something major hits, I may sneak back on and post, but I hope to instead spend quality time with my mom.
bmaz claims…
Amazon's Transparency Report: "Certain Purchase History"
Last week, precisely 10 days after USA F-Redux -- with its different formulas allowing for provider transparency --passed, Amazon released its first transparency report. In general, the report shows that Amazon either doesn't retain -- or successfully…
The Appropriations Battle over Funding "Moderate" Terrorists
Two weeks ago, John Brennan admitted on a Sunday show that sometimes when we "push the envelope ... to protect this country" it "stimulates and spurs additional threats to our national security interests." In a post on his comments, I suggested…
NYT Buries the Ineffective CyberSecurity Lede
The NYT has a story today headlined,
Senate Rejects Measure to Strengthen Cybersecurity
In paragraph 12 of the story -- after portraying the horse race details of Mitch McConnell and Richard Burr's attempt to push through CISA yesterday…
Big Data: An Alternate Reason for Hacks Past and Future?
On Monday, MIT's Technology Review published an interesting read: Big Data Will Keep the Shale Boom Rolling.
Big Data. Industry players are relying on large sets of data collected across the field to make decisions. They're not looking at…
DOJ IG: FBI's Secret Applications of PRTT Are Even More Secret than Its Secret Applications of Section 215
DOJ's Inspector General just released its unclassified summary of its classified report on FBI's use of Pen Register/Trap and Trace authority.
It is rather thin, just 5 pages long. It explains what it is in the secret report.
We described…
The Timing of the Contemplated Upstream Cyber-Grab
There's an aspect missing thus far from the discussion of NSA's possible bid for a cyber certification under Section 702 for primary use in the collection of attack signatures that could not be attributed to a foreign government.
The timing.
The…
Cyber-spawn Duqu 2.0: Was Malware Infection 'Patient Zero' Mapped?
Kaspersky Lab reported this morning a next-generation version of Duqu malware infected the information security company's network.
Duqu is a known reconnaissance malware. Its complexity suggests it was written by a nation-state. The malware…
Because Government Employees Have Been Spied On, Richard Burr Wants All of Us To Be
Predictably, Richard Burr has used the news of the Office of Personnel Management hack to renew his efforts to pass CISA. Burr added it as an amendment to the National Defense Authorization Act yesterday, stating,
The recent cyber breach…
Is John Brennan Confessing His (Petraeus') Covert Ops in Syria Backfired?
Both Michah Zenko and Jon Schwarz noted John Brennan making a remarkable admission on Face the Nation back on May 31: that sometimes US involvement in events exacerbates things.
But both seem to interpret Brennan's comment as a general comment…
DOJ Doesn't Care What the Text of the Law or the 2nd Circuit Says, Dragnet Edition
Since USA F-ReDux passed JustSecurity has published two posts about how the lapse of Section 215 might create problems for the dragnet. Megan Graham argued that technically USA F-ReDux would have amended Section 215 as it existed in 2001, meaning…
In Advance of FISA Amendments Act Reauthorization, DOJ Did Not Tell Congress about Cyber Signature Collection
As I noted here, I'm working on a post that puts last week's report on NSA's use of upstream Section 702 collection in context.
But first, there's one more detail that deserves its own post.
By March 23, 2012, NSA had drafted a certificate…
NSA Reported a Section 702 Upstream Overcollection Incident in 2012
I'm working on a longer post on the timing of the NSA's bid to get a cyber Section 702 certificate in 2012. But I wanted to point to a detail about upstream 702 collection that may be relevant to the issue.
According to the 4Q FY2012 Intelligence…