Showing posts with label ken. Show all posts
Showing posts with label ken. Show all posts

Saturday, November 24, 2012

This Week in Links: The Computer Fraud and Abuse Act as Explained by Errata Security, and More Fun With the Federales

In a missive to the estimable Jean-Baptiste Leroy, portly Founding Father Benjamin Franklin once wrote, speaking of the longevity of America's fledgling constitution, "[...] in this world nothing can be said to be certain, except death and taxes." It is with the utmost respect then, that I would slightly plagiarize that hackneyed turn of phrase for use by the engineers, owners and managers of the data center: for us, the only two certainties are spam and visits from Federal law enforcement.

This noble profession of ours sits at the crossroads of just about every human activity worth snooping; banking, business big medium and small, healthcare. Criminals both notable and otherwise post their exploits and those posts find their way routed to our n+1 powered, humming homes away from home. Confessions vary from the moronic - as a videotaped confession with a stolen camera surely was - to the barbarous - as the flurry of terrorist attack and recruiting tapes surely are. It is what they say that is of interest, and when it comes to what people say - in the words of Leslie Stevens - "We will control the horizontal; we will control the vertical."

The point is, if you work with networks, the time has come to crack open a case book, and to understand the methods and needs of law enforcement. Whether you wish to self-deputize yourself Internet Police, or you wish simply to do your work and stay out of trouble, governments' interest in IT is only going to increase with time. Its in this frame of mind we post this week's links.

Another excellent piece of work by Robert David Graham of Errata Security (whose work is consistently excellent) went up before the holiday and I highly suggest giving it a read. Telecommunications laws governing the internet are frequently out-dated, ill begotten pieces of junk that criminalize trivial behavior. Fair warning - reading Robert's blog posting violates Federal law (there are no spamming phishing or copyright violations at the site. And at least for the moment I wouldn't worry about being carted off in shackles. Part of the point is that technically, by reading this blog post you are violating Federal law also).

While we are on the topic of the law and its foibles, add Radley Balko's upcoming book to your Amazon wish list, Rise of the Warrior Cop: The Militarization of America's Police Forces. Radley's work has extended from the CATO institute to his latest position with the Huffington Post. His focus is tactical - how and why policing in the US has transformed itself from a job for citizens of the community to protect the community to an exercise more resembling a military occupation - complete with no-knock raids, collateral shootings in the middle of the night, police wearing balaclavas and ghillie suits and driving armored personal carriers to calls. Balko's work has resulted in at least one man being released from death row, and despite my lack luster description, is non-partisan and more astute than any social commentary I can offer.

Finally Ken of Popehat has a great post regarding the use of threatening political communication online. Ken is a former Federal prosecutor gone downright libertarian in private practice. His writing is lucid, concise, and much funnier than anything dealing with Federal laws ought to be. This article scratches its noggin' and ponders, at what point does ill-advised and poorly composed hyperbole become a crime? Implicit to the article that I find interesting is noting the distinctions between what is considered illegal political speech - threats toward government representatives - and what constitutes illegal speech toward average citizens. Non political threats are typically handled under 18 USC Section 875:

(c) Whoever transmits in interstate or foreign commerce any communication containing any threat to kidnap any person or any threat to injure the person of another [...] shall be fined under this title or imprisoned not more than five years, or both.

United States v Kelner (2nd Circuit, 1976) established an "objective threat" test - in essence one cannot make a clear and objective threat only to say it was excusable in context of a personal relationship, or was intended as a joke, etc if the threat is self evident to a third party. At least this is my layman's reading of the decision and related summaries.

What this seems to mean is that the restrictions on violent speech are stricter when the target is a private citizen as opposed to a member of the government. In keeping with the historical significance of the 1st and 2nd amendments as understood within an "insurrectionist" context, this distinction begins to make sense. And I would also go so far as, god help me, agreeing with this distinction - if not necessarily for that insurrectionist reading, but rather for the fact that what we would consider 'normal' if not somewhat heated political debate, for example "oh that Obama is such and such" or "oh that Romney is one real such and such", we would consider to be downright crazy and just the least bit terrifying when applied toward some stranger not in public life. In plain English - the standard for restricted speech ought to be higher when politics are involved because the subject denotes that the full power of the state is involved and brought to bear. 

Let me know what you think! Good ideas? Bad? Writing incomprehensible? Email me or >gasp< leave a comment.

NSA Leak Bust Points to State Surveillance Deal with Printing Firms

Earlier this week a young government contractor named Reality Winner was accused by police of leaking an internal NSA document to news outle...