Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: PC Security

Judicial Conference Committee seeks to implement wider law enforcement surveillance

Follow up to Supreme Court expands surveillance powers of intelligence agency via EFF – With Rule 41, Little-Known Committee Proposes to Grant New Hacking Powers to the Government – The government hacking into phones and seizing computers remotely? It’s not the plot of a dystopian blockbuster summer movie. It’s a proposal from an obscure committee that proposes changes to court procedures—and if we do nothing, it will go into effect in December. The proposal comes from the advisory committee on criminal rules for the Judicial Conference of the United States. The amendment would update Rule 41 of the Federal Rules of Criminal Procedure, creating a sweeping expansion of law enforcement’s ability to engage in hacking and surveillance. The Supreme Court just passed the proposal to Congress, which has until December 1 to disavow the change or it becomes the rule governing every federal court across the country.  This is part of a statutory process through which federal courts may create new procedural rules, after giving public notice and allowing time for comment, under a “rules enabling act.” The Federal Rules of Criminal Procedure set the ground rules for federal criminal prosecutions. The rules cover everything from correcting clerical errors in a judgment to which holidays a court will be closed on—all the day-to-day procedural details that come with running a judicial system. The key word here is “procedural.”  By law, the rules and proposals are supposed to be procedural and must not change substantive rights. But the amendment to Rule 41 isn’t procedural at all. It creates new avenues for government hacking that were never approved by Congress…”

Supreme Court expands surveillance powers of intelligence agency

Via The Intercept: “The Supreme Court on approved [April 28, 2016] changes that would make it easier for the FBI to hack into computers, including those belonging to victims of cybercrime. The changes will take effect in December, unless Congress adopts competing legislation. Previously, under the federal rules on criminal procedures, a magistrate judge couldn’tContinue Reading

DoD tests public key infrastructure for DTIC secure website access

SecureIDNews:  “The federal government’s use of user IDs and passwords for access to its applications could soon give way to more secure PKI-based credentials if more government entities follow the lead of the U.S. Department of Defense. The Defense Department is leveraging PKI to better protect its information systems, with the intent of making accessContinue Reading

Reminder – no more IE support for versions prior to 11

Via Microsoft for Business – “What is end of support? Beginning January 12, 2016, only the most current version of Internet Explorer available for a supported operating system will receive technical supports and security updates. Internet Explorer 11 is the last version of Internet Explorer, and will continue to receive security updates, compatibility fixes, andContinue Reading

Operationalizing Cybersecurity Due Diligence: A Transatlantic Comparative Case Study

Shackelford, Scott and Russell, Scott, Operationalizing Cybersecurity Due Diligence: A Transatlantic Comparative Case Study (January 12, 2016). South Carolina Law Review, 2016. Available for download at SSRN: http://ssrn.com/abstract=2714529 “Although much work has been done on applying the law of warfare to cyber attacks, far less attention has been paid to defining a law of cyberContinue Reading

CRS – The Federal Cybersecurity Workforce

The Federal Cybersecurity Workforce: Background and Congressional Oversight Issues for the Departments of Defense and Homeland Security. Kathryn A. Francis, Analyst in Government Organization and Management; Wendy Ginsberg Analyst in American National Government. January 8, 2016. “The federal cybersecurity workforce is responsible for protecting U.S. government systems and networks against cyber threats and attacks. FederalContinue Reading

Search Engine Backed by Internet-Wide Scanning

“Censys is a search engine that enables researchers to ask questions about the hosts and networks that compose the Internet. Censys collects data on hosts and websites through daily ZMap and ZGrab scans of the IPv4 address space, in turn maintaining a database of how hosts and websites are configured. Researchers can interact with thisContinue Reading

Google – An Empirical Analysis of Email Delivery Security

Neither Snow Nor Rain Nor MITM…An Empirical Analysis of Email Delivery Security “The SMTP protocol is responsible for carrying some of users’ most intimate communication, but like other Internet protocols, authentication and confidentiality were added only as an afterthought. In this work, we present the first report on global adoption rates of SMTP security extensions,Continue Reading

Emerging Cyber Threats Report 2016 – Impact of The Internet of Things

Georgia Institute of Technology Cybersecurity Summit 2015– “The intersection of the physical and digital world continued to deepen in 2015. The adoption of network- connected devices and sensors — the Internet of Things — accelerated and was expected to reach nearly 5 billion devices by the end of the year. The collection and analysis ofContinue Reading

White House – Cybersecurity Strategy and Implementation Plan

Tony Scott – Federal CIO – Modernizing Federal Sybersecurity – [October 30, 2015] “the Administration directed a series of actions to continue strengthening Federal cybersecurity & modernizing the government’s technology infrastructure. Strengthening the cybersecurity of Federal networks, systems, and data is one of the most important challenges we face as a Nation. Every day, publicContinue Reading

Adblock Browser, Do Not Track and Acceptable Ads

“Adblock Plus has launched the Adblock Browser, and we’re excited to announce that DuckDuckGo is the default search engine in Adblock Browser on iOS and Android! We’ve been working with the EFF to promote a new “Do Not Track” (DNT) standard for web browsing. We hope this new DNT policy will better protect people fromContinue Reading

WSJ – Level 3 Tries to Waylay Hackers

Drew Fitzgerald – WSJ.com – “Earlier this month, Brett Wentworth took Level 3 Communications Inc. into territory that most rivals have been reluctant to enter. The director of global security at the largest carrier of Internet traffic cut off data from reaching a group of servers in China that his company believed was involved inContinue Reading