Our guest for Episode 67 is Dan Geer, a legendary computer security commentator and current CISO for In-Q-Tel. We review Dan’s recommendations for improving computer security, including mandatory reporting of intrusions, liability for proprietary software, striking back at hackers, at least in some ways, and getting the government to purchase and fix vulnerabilities. We agree on the inherent foolishness of the Internet voting movement, but I disagree with Dan on the right to be forgotten, and I predict that net neutrality will lead to the opposite of what he wants – both more regulation of operators and more limits on what the operators are allowed to carry.
As with Bruce Schneier, I accuse Dan of a kind of digital Romanticism for advocating improbable personal defenses like using Tor for no reason, having multiple online identities, swapping affinity cards, and paying your therapist under an assumed name. But Dan makes me eat my words.
In the news roundup, we introduce Alan Cohn, yet another recent alumnus of the DHS Policy office now at Steptoe. We also revive This Week in NSA , pooling our collective inability to predict what the week will hold for the 215 metadata program. We muse about border laptop searches, questioning both DOJ’s choice of battleground and the ability of judges to withstand a PR campaign by the privacy lobby. We cover a FOIA case to find out if the FTC actually has security standards – a case filed by Phil Reitinger and Steptoe. The roundup ends with the plane-hacking case, the FBI’s Stingray guidance, and the first anniversary of the EU’s misbegotten Right to Be Forgotten.
The Cyberlaw Podcast is now open to feedback. Send your questions, suggestions for interview candidates, or topics to CyberlawPodcast@steptoe.com. If you’d like to leave a message by phone, contact us at +1 202 862 5785.