Episode 81 features China in the Bull Shop, as the White House prepares for President Xi’s visit and what could be ugly talks on cyber issues. Our guest commentator, Margie Gilbert, is a network security professional with service at NSA, CIA, ODNI, Congress, and the NSC. Now at Team Cymru, she’s able to offer a career’s worth of perspective on how three Presidents have tried to remedy the country’s unpreparedness for network intrusions.
In the news roundup, there’s a high likelihood that President Obama will be accusing and Xi will be denying China’s role in cyberespionage. You might say it’s a “he said, Xi said” issue. Alan Cohn and I debate whether the US should settle for a “no first use” assurance to protect critical infrastructure in peacetime.
On encryption, the White House (and Silicon Valley) are certainly raising the issue’s visibility. But they aren’t necessarily persuading anyone who isn’t already persuaded. From MI5 to the NYDFS to the new Indian government (at least briefly), dissing strong encryption is a surprisingly popular pastime.
The never-ending saga of when email content can be obtained with something less than probably cause and a warrant seems to be winding down to a bizarre resolution. Agencies investigating terrorists and white collar fraud that costs consumers hundreds of millions will have to jump through the warrant hoop. Agencies looking to impose regulatory penalties or file civil claims will not. Michael Vatis, Jason Weinstein, and I wonder aloud whether this realpolitik accommodation between politicians who love civil liberties and politicians who hate banks will survive its internal contradictions.
After a decade of stutter-stepping, the EU is bailing on its own data retention law, leaving the issue, and the mess, to member states. Maury Shenk provides a definitive short analysis.
Elsewhere, Judge Leon gets the section 215 plaintiff he sought with everything short of a personal ad in Craigslist, practically guaranteeing another storm of exclamation points in F.Supp. – followed by a lengthy proceeding to have his opinion vacated as moot.
In good news, a Heartland hacker pleads guilty. Jason Weinstein celebrates – as much as is seemly for someone involved in the case. And in a rare moment of humility, I confess to having learned something from listener criticism, as Robert Horn schools me on some of the lesser-known risks associated with health data breaches.