ODNI has annouced it is conducting a formal review into foreign interference in U.S. presidential elections. This is welcome, but we must bear in mind that a report on the reasons for responding is not a substitute for an actual response.
Matt Tait is the CEO and founder of Capital Alpha Security, a UK based security consultancy which focuses on research into software vulnerabilities, exploit mitigations and applied cryptography. Prior to founding Capital Alpha Security, Tait worked for Google Project Zero, was a principal security consultant for iSEC Partners, and NGS Secure, and worked as an information security specialist for GCHQ.
Subscribe to this Lawfare contributor via RSS.
It is critical that we revisit the question of Russia’s role now, not as a means to extract vengeance or to delegitimize the election result, but because there remains an urgent need for a response that establishes credible deterrence against future attacks on the United States and its allies which is currently lacking.
If we fear abuse of law-enforcement powers under a Trump administration, that is reason to move towards the technically constrainable and enforceable transparency of split-key exceptional access mechanisms rather than towards the alternative of unconstrained, non-transparent capabilities such as device hacking.
Continuing the conversation on Apple's Cloud Key Vault and its significance to the broader question of secure lawful access.
The vulnerability equities process (VEP) is broken. Because the VEP is a matter of Administration policy, the new administration should take the opportunity to devise a strategy that works.
Just over a week ago, at the BlackHat hacker convention in Las Vegas, Ivan Krstić, Head of Security Engineering and Architecture at Apple gave a talk entitled “Behind the scenes of iOS Security,” the slides of which are available here.
I played a role in the attribution of the DNC hack to Russia. Here's why that attribution, while strong, isn't good enough, and we need a formal statement by the U.S. government on the role of Russian intelligence in the attacks.