This week the CIA released its still-classified National Intelligence Estimate (NIE) regarding the threat of cyber warfare to US economic, infrastructure and military assets at home and abroad.
China is singled out as the source of an enormous and non-stop sequence of industrial espionage - compromising systems and stealing valuable trade secrets.
Heads of large corporate security interests, while representing a variety of unique approaches, all seem to at least agree that federal regulation should play a larger role in online life. User's real identities should remain authenticated, core infrastructure easily available for lawful intercept, etc. Others argue that corporate attack victims should begin systematically seeking retribution when systems are compromised, terming the approach "active defense" centered often around pro-actively collecting information crucial to a successful investigation and conviction prior to filing a complaint.
What are your thoughts about the role that the federal government should play in IT regulatory enforcement? Where should limited and expensive legal resources best be allotted? As always I look forward to your thoughts on what I find to be a challenging topic.
Earlier this week a young government contractor named Reality Winner was accused by police of leaking an internal NSA document to news outle...
UPDATE March 1st, 2017 : I'm glad to see that people are finding this helpful, and thanks to everyone that has contacted me here or via ...
Those following Cryptome on Twitter saw some messages that were a little nerve-wracking yesterday. The flood of torrents attributed to Cr...
So it turns out that setting your AWS EC2 server's hostname to be persistent across reboots is a surprising pain in the ass, at least wi...