Cybersecurity
Lessons (So Far) From WhatsApp v. NSO
Nicholas Weaver Tue, Nov 5, 2019, 1:29 PM
What are the key takeaways from the emerging battle between Facebook and NSO group?
Nicholas Weaver is a senior staff researcher focusing on computer security at the International Computer Science Institute in Berkeley, California, and a lecturer in the Computer Science department at the University of California at Berkeley. All opinions are his own.
Subscribe to this Lawfare contributor via RSS.
Encryption
Encryption and Combating Child Exploitation Imagery
Nicholas Weaver Wed, Oct 23, 2019, 9:00 AM
Child exploitation images are a horrific problem. Even the most clinical descriptions (such as the 23 sites described in the Freedom Hosting NIT warrant application) turn the stomach and chill the soul. Many individuals and companies, such as Facebook, go to extraordinary efforts to fight this menace.
Cyber & Technology
Facebook’s Cryptocurrency: Stop It Before It Starts
Nicholas Weaver Wed, Jun 19, 2019, 5:05 PM
On June 18, Facebook announced its forthcoming cryptocurrency, Libra. The company says it intends to integrate it into Facebook’s Messenger and WhatsApp products. Although Facebook says it has created an “independent” subsidiary, Calibra, and purports that the currency itself will be controlled by an independent Libra Foundation, the coin is really a Facebook project.
Secrecy & Leaks
Thoughts on the Assange Indictment: Where’s Vault 7?
Nicholas Weaver Mon, Jun 17, 2019, 3:29 PM
I am not a fan of Julian Assange. In fact, I’ve even managed to get the WikiLeaks official Twitter account to block me. But now that the U.S.
Cybersecurity
The GCHQ’s Vulnerabilities Equities Process
Nicholas Weaver Mon, Jun 3, 2019, 2:53 PM
In the U.S. there has been a long debate about “vulnerability equities”—that is, whether the government should disclose a vulnerability it discovers to the vendor, which will then allow users to apply a patch and be defended against exploitation, or keep the vulnerability secret to enable the government’s exploitation of targets. There is little data on how the process works. But the U.S. has the potential to learn how the British handle the same problem.
China
The Technical Consequences of Trump’s Telecom Supply Chain Emergency
Nicholas Weaver Wed, May 22, 2019, 2:16 PM
On May 15, President Trump once again declared a national emergency to invoke legal authority to make sweeping changes to U.S. policy, this time to secure the telecommunications supply chain. I’ve already made my views clear on Huawei’s suitability for U.S. markets and the need for a blanket ban on Chinese-sourced telecommunications equipment in U.S. infrastructure.
Cyber & Technology
A Risk Analysis of Huawei 5G
Nicholas Weaver Wed, Apr 17, 2019, 1:35 PM
Telecommunications networks are special—they are designed to enable wiretapping. Mandates such as the Communications Assistance for Law Enforcement Act (CALEA) in the U.S. and similar requirements elsewhere effectively require that the network operator use equipment that contains surveillance hooks to answer government requests.