This is a good rundown of the new tech regulation bills by @CaseyNewton. There are some good ideas here, but I think the anti-acquisition law is too broad. For ex: could have blocked Zoom's acquisition of Keybase, which brought E2EE and other security enhancements to millions.
There are tons of small acquisitions of companies with specific skillsets or features that can't get the impact they want, and large companies that want to improve existing products. This would decimate a key way talent and capital flow up and down the stack.
California gets 13% of a lot of those deals (leading to a record surplus) so I expect the California delegation might have ideas for something more targeted.
The evil genius of ransomware is that it is almost always the logical choice for a CEO to pay once they are ransomed. Senators tsk tsking on the Sunday shows doesn't really matter when you are looking down the barrel of massive disruptions followed by shareholder lawsuits.
That being said, I do think a lot of the cryptocurrency community (and especially the VCs) are whistling past the graveyard on the existential risk posed by abuse. The idea that these blockchains are so distributed as to be beyond regulation is laughable.
I am so very proud of what our @stanfordio team has accomplished in only two years, especially the teaching of 479 students and the supervision of 75 research assistants while also launching the @2020Partnership and @ViralityProject.
A special shout-out to my partner-in-crime and associate director, Elena Cryst. It turns out that large research universities aren't always set up to facilitate rapid, policy-impacting research or cross-disciplinary projects😲but Elena figured out a way!
An important lesson from the DOJ attempts to go after communications records of reporters at the Times and the Post: tech companies will fight for your rights in court, telcos will comply, even for journalists, immediately.
It’s a good thing Europe has their own thing going because if the US could compete Biden would call Beyoncé and Lil Nas X back from their well earned retirements to HALO jump out of a C-5 with 100 backup dancers and a drumline straight onto the stage and it would be over.
A horse pasture framed by rugged snow-capped peaks, likely Wyoming. Beyoncé brushes the mane of a huge Clydesdale. An assistant breathlessly runs up with a satellite phone.
“Ma’am, it’s the President. He says he knows you have done your duty but that the country needs you!”
She looks at the setting sun wearily. We can see the memories of a thousand sacrifices from a lifetime of war play behind her eyes.
A long pause. A regretful sigh.
“Tell him I will suit up once more, but that there is a man I need…”
KSG is building a diverse team interested in solving hard security problems for important organizations. We are looking for everybody from new grads to ex-CISOs, and can offer flexible locations, the opportunity for growth and huge impact.
Are you an expert on modern enterprise IT? Do you dream in Intune configs and wake with nightmares of Azure conditional access failures? We need people who can help companies rebuild on the modern Microsoft stack to secure their futures:
People discussing the relationship between ransomware teams and the Russian government should probably keep @Jason_Healey's "Spectrum of National Responsibility" in mind.
Right now, it looks like the Darkside group that attacked Colonial is at least "State-Encouraged".
One way you can think about how to respond to these attacks is by adding a dimension of "importance of impact". You could imagine the response for a "state-encouraged" attack that has massive economic impact (not there yet) to lead to serious retribution.
Zero-marginal-cost communications to millions of people wasn’t exactly foreseeable in 1791.
2nd Amendment arguments often revolve around the fact that firearms are vastly more dangerous now, but at least modern rifles can exist within the conceptual frame of 18th century science (with amazing materials).
Modern communication technologies are effectively witchcraft.
I'm looking at a wall of con badges and realizing that most of them have a @dakami story attached. He wasn't only brilliant, but an incredibly generous colleague and friend. No matter what news he was making, he would have an encouraging word for and talk up other researchers.
"Larger than life" is a term that is thrown around too much, but the guy had a massive impact on others and it's difficult to imagine the last twenty years of infosec without him.
Thanks to the way he treated others, it was hard not to love Dan. In summer 2008, everybody wanted a picture (no selfies yet) with Fake Dan Kaminsky. The next summer, he faced incredible adversity but still stood tall and got a hug from half of Vegas.
Instead we get hours of trying to score imaginary C-Span points by tripping up a CEO on decisions made three levels down.
To make it really spicy, ask those eight witnesses to come with prevalence, precision and recall numbers on their efforts to stop four major types of abuse.
My fantasy hearing: "I'm looking at the confusion matrix for your COVID misinfo classifier and it feels like you made a politically motivated decision to back off of recall to not anger certain political groups. Did I get that right?"