Accurate, Focused Research on Law, Technology and Knowledge Discovery With Daily Postings Since 2002
EFF: “Representative Zoe Lofgren has posted on Reddit a modified draft of Aaron’s Law, a proposal to update the Computer Fraud and Abuse Act and wire fraud law in honor of our friend Aaron Swartz and to make sure that the misguided prosecution that happened to him doesn’t happen to anyone else. We’re very pleased …
Federal Communications Commission Needs to Strengthen Controls over Enhanced Secured Network Project, GAO-13-155, Jan 25, 2013 “The Federal Communications Commission (FCC) did not effectively implement appropriate information security controls in the initial components of the Enhanced Secured Network (ESN) project. Although FCC took steps to enhance its ability to control and monitor its network for …
News release: “When writing or speaking, good grammar helps people make themselves be understood. But when used to concoct a long computer password, grammar good or bad provides crucial hints that can help someone crack that password, researchers at Carnegie Mellon University have demonstrated. A team led by Ashwini Rao, a software engineering …
Early warning analysis for social diffusion events – Richard Colbaugh1 and Kristin Glass, Sandia National Laboratories, Albuquerque, NM “There is considerable interest in developing predictive capabilities for social diffusion processes, for instance to permit early identification of emerging contentious situations, rapid detection of disease outbreaks, or accurate forecasting of the ultimate reach of potentially viral …
CRS – Internet Domain Names: Background and Policy Issues. Lennard G. Kruger, Specialist in Science and Technology Policy. January 3, 2013 “Navigating the Internet requires using addresses and corresponding names that identify the location of individual computers. The Domain Name System (DNS) is the distributed set of databases residing in computers around the world that …
Security Whitepaper: Google Apps Messaging and Collaboration Products “Google Apps (comprising Gmail, Google Calendar, Google Docs, and other web applications) provide familiar, easy to use products and services for business settings. These services, characterized by redundant computing environments and dynamic resource allocation, enable customers to access their data virtually anytime and anywhere from Internet-capable devices. …
Nart Villeneuve (Senior Threat Researcher): “Throughout 2012, we investigated a variety of targeted attacks including several APT campaigns such as LuckyCat and Ixeshe, as well as updates on some long running campaigns such as Lurid/Enfal and Taidoor. There was a lot of great research within the community related to targeted attacks published this year, and …
Aliya Sternstein reporting in NextGov: “The Defense authorization bill approved by Congress last week would require contractors to tell the Pentagon about penetrations of company-owned networks that handle military data. If President Obama signs the legislation into law, it would make permanent part of a Pentagon test program under which participating contractors report computer breaches …
Declan McCullagh/CNET: “Newly released files show a secret National Security Agency program is targeting the computerized systems that control utilities to discover security vulnerabilities, which can be used to defend the United States or disrupt the infrastructure of other nations. The NSA’s so-called Perfect Citizen program conducts “vulnerability exploration and research” against the computerized controllers …
Fred Gutierrez: “Almost a year ago we added detection for a low prevalence Trojan found on servers belonging to financial institutions, including banking firms and credit unions. The Trojan also compromised home computer users and computers at security firms. For easier identification and tracking we recently renamed this threat to Trojan.Stabuniq. Approximately half of unique …
Via EPIC: “NASA has announced that the theft of an unencrypted laptop has compromised the personal information of a “large number” of NASA employees and contractors. A similar theft earlier this year exposed the data of thousands of Kennedy Space Center employees. The federal agency said that by the end of the year all NASA …
CRS – Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions. Eric A. Fischer, Senior Specialist in Science and Technology, November 9, 2012 “For more than a decade, various experts have expressed increasing concerns about cybersecurity, in light of the growing frequency, impact, and sophistication of attacks on information systems in the United States and …
