John Carlin leaves Justice: We give him the good news and the bad news.

Episode 134 features John Carlin’s swan song as assistant attorney general for national security. We review the highs and lows of his tenure from a cybersecurity point of view and then look to the future, including how the US should respond to Russia’s increasingly uninhibited use of cyberpower. I introduce John to Baker’s Law of Post-Government Policy Advice: “The good news about leaving government is that you can say want you think. The bad news is that you can say what you think because nobody cares.”

In the news roundup, we explore the Geofeedia flap, in which large Silicon Valley companies are claiming the right to deny law enforcement access to public postings, even when that access is limited to particular geographic areas, such as the location of an ongoing riot. Remarkably, they seem to think we ought to be praising them for this antisocial stand.

Maury Shenk updates us on the UK’s new privacy guidelines – and China’s effort to make its internet more protective of children, and the state.

Michael Vatis and I mull over the troubling news that Carbanak is targeting SWIFT endpoints. The G7 has financial cybersecurity guidelines, but it seems unlikely that they’ll turn the tide of an increasingly at-risk banking system.

Michael and I also touch on an Akamai report confirming that the Internet of things isn’t exclusively used to launch DDOS attacks on Brian Krebs; sometimes it’s used to launch mass credential theft attacks as well. Maybe, I suggest, this is a problem that lawsuits can address.

Download the 134th episode (mp3).