Over the last month, on our New Republic: Security States newsfeed, we rolled out a series designed to explain why fairly allocating the costs of software deficiencies between software makers and users is so critical to addressing the growing problem of vulnerability-ridden code---and how such a regime will require questioning some of our deep-seated beliefs about the very nature of software security.
Latest in Security States
Does holding software providers accountable for the insecurity of their code amount to going nuclear on the industry---the equivalent of pushing the big red button? I argue that this is the way critics see it, in the fifth and final installment of our Security States cyberliability series. Meanwhile proponents see liability as a far subtler weapon, along the lines of a many-levered machine.
If you believe software providers should be held more accountable for insecure code or coding practices, you might be tempted to point an accusing finger at the contract law framework that courts use to parse software license agreements.
We're a long ways way off from a trial in United States v. Mohammed et. al.
That's the essence of my Security States piece, which went up today. It begins:
So when will the 9/11 case go to trial, anyway?
As part of our work on a chapter for an upcoming book on Madisonian thought and contemporary public policy, Ben and I wrote this piece for Security States about James Madison's vacillations on executive power and security issues---first as Founder, then as opposition leader, and then as President. Lawfare readers might remember that last year, we wrote a book chapter entitled "
What do software users have in common with Mary Mallon, better known today as Typhoid Mary? A lot---and that's why we shouldn't be leaving the quality of code in the hands of the market. Confused?
Over at The New Republic’s Security States blog, I have a new essay up entitled, “Courts Influence National Security Without Doing a Single Thing.” It begins:
One of the most persistent fights in the national security arena since the September 11 attacks has been about the proper allocation of power between two branches of government: the Executive and the courts.
Over at TNR's Security States, Matt and I have a new piece about international calls to ban autonomous weapon systems. It begins like this:
What if armed drones were not just piloted remotely by humans in far-away bunkers, but they were programmed under certain circumstances to select and fire at some targets entirely on their own? This may sound like science fiction, and deployment of such systems is, indeed, far off.
Via the New Republic's Security States blog, I have a new essay up on last week's Ninth Circuit decision in Hamad, and how it's part of the larger pattern of judicial hostility to damages suits in counterterrorism cases--not on the merits, but on an ever-increasing range of non-substantive g
What does the government's demand for Lavabit's encryption keys have to do with its justification for its bulk data collection under FISA Section 215? Basic logic.