Matt Tait

mtait's picture

Matt Tait is the Chief Operating Officer of Corellium. Previously he was CEO of Capital Alpha Security, a consultancy in the UK, worked at Google Project Zero, was a principal security consultant for iSEC Partners, and NGS Secure, and worked as an information security specialist for GCHQ.

Subscribe to this Lawfare contributor via RSS.


Avoiding the Dangers Ahead in Review of Foreign Interference in U.S. Presidential Elections

Last Wednesday, after increasing public and political pressure to declassify more information about Russian interference in the 2016 election, the Office of the Director of National Intelligence announced that it was now conducting a formal review into foreign interference in U.S. presidential elections at the request of the President. This is the ODNI statement it in its entirety:


Russia May Be Done with the U.S. Election, But We Aren’t Done With Them

This morning, counterterrorism and homeland security adviser Lisa Monaco announced that President Obama has ordered a “full review” of “hacking-related activity aimed at disrupting” the 2016 presidential election.

And the President is not alone in calling for continued scrutiny of Russian interference in the election; his announcement follows bipartisan calls from Congress for investigations into the matter.


Apple's Cloud Key Vault and Secure Law Enforcement Access

Michael Specter and the “Keys Under Doormats” (KUD) group have an interesting post, entitled “Apple's Cloud Key Vault, Exceptional Access, and False Equivalences” responding to my earlier post on Apple’s Cloud Key Vault.

The conversation so far has meandered somewhat over different sites, so if you’ve not been following along, the conversation thus far is:


Everything You Know About the Vulnerability Equities Process Is Wrong

The vulnerability equities process (VEP) is broken. While it is designed to ensure the satisfaction of many equities, in reality it satisfies none—or at least, none visible to those beyond the participants of the insular process. Instead of meaningfully shaping best outcomes, the VEP provides thin public relations cover when the US government is questioned on its strategy around vulnerabilities.