Wednesday, December 11, 2019


Try not to become collateral damage.
Covert Military Information Operations and the New NDAA: The Law of the Gray Zone Evolves
In recent years, Congress has been building a domestic legal framework for gray zone competition (that is, the spectrum of unfriendly actions that states may undertake against one another, surreptitiously, that are below the threshold of actual hostilities yet more serious and disruptive than the ordinary jostling of international affairs) for military operations conducted in the cyber domain. That project has gone rather well, compared to most things Congress undertakes. Last year, it culminated in National Defense Authorization Act (NDAA) provisions that clarified CYBERCOM’s authority in this area while also ensuring a sound degree of oversight of the resulting activities. So far, so good. But the gray zone challenges that define our times of course are not limited to cyber operations as such.
Read on for an explanation of the nuts-and-bolts. Or, if you prefer, you can read the full text of the gigantic bill, or just the “joint explanatory statement issued Dec. 9 after the House and Senate conferees reached agreement at last.


(Related)
The Year 2019 in Review: Same Threats, More Targets
In 2019, almost ten years after the discovery of Stuxnet, the United States fell victim to the first cyberattack that disrupted operations in the electrical grid. Cyberattacks on critical infrastructure are becoming increasingly dangerous, yet little has been done to address them. With the modernization of old systems and the introduction of IoT devices and smart city technology, adversaries have a growing list of potential targets to attack. In 2020, governments need to adopt concrete measures to address these threats.




For the Hacker toolkit.
A technical look at Phone Extraction




Hard to reconcile.
Iran says it foiled "very big" foreign cyber attack
Iran has foiled a major cyber attack on its infrastructure that was launched by a foreign government, the Iranian telecoms minister said on Wednesday, two months after reports of a U.S. cyber operation against the country.


(Related)
Iran Banks Burned, Then Customer Accounts Were Exposed Online
After demonstrators in Iran set fire to hundreds of bank branches last month in antigovernment protests, the authorities dealt with another less visible banking threat that is only now coming to fuller light: a security breach that exposed the information of millions of Iranian customer accounts.
As of Tuesday, details of 15 million bank debit cards in Iran had been published on social media in the aftermath of the protests, unnerving customers and forcing the government to acknowledge a problem. The exposure represented the most serious banking security breach in Iran, according to Iranian media and a law firm representing some of the victims.




Data for the asking. Not the best security technique.
Web-hosting firm 1&1 hit by almost €10 million GDPR fine over poor security at call centre
1&1 has been fined €9.55 million (US $10.6 million) by Germany’s Federal Commissioner for Data Protection and Freedom of Information (BFDI), after the telecoms company was found to have not taken sufficient measures in its call centre to prevent unauthorised parties from accessing customer data.
The BfDI says that it became aware that anyone could obtain extensive personal information on 1&1’s customers simply by calling the customer care department and giving a name and date of birth.
The BfDI ruled that 1&1 was, therefore, in violation of article 32 of the GDPR legislation, by failing to take appropriate technical and organisational measures to protect the handling of personal data.




Probably not the solutions we will choose.
How to avoid a dystopian future of facial recognition in law enforcement
Civil liberties activists warn that the powerful technology, which identifies people by matching a picture or video of a person’s face to databases of photos, can be used to passively spy on people without any reasonable suspicion or their consent. Many of these leaders don’t just want to regulate facial recognition tech — they want to ban or pause its use completely.
Republican and Democratic lawmakers, who so rarely agree on anything, have recently joined forces to attempt to limit law enforcement agencies’ ability to surveil Americans with this technology, citing concerns that the unchecked use of facial recognition could lead to the creation of an Orwellian surveillance state.
Several cities, such as San Francisco, Oakland, and Somerville, Massachusetts have banned police use of the technology in the past year. A new federal bill was introduced earlier this month that would severely restrict its use by federal law enforcement, requiring a court order to track people for longer than three days. And some senators have discussed a far-reaching bill that would completely halt government use of the technology.
But the reality is that this technology already exists — it’s used to unlock people’s iPhones, scan flight passengers faces instead of their tickets, screen people attending Taylor Swift concerts, and monitor crowds like at Brazil’s famous Carnival festival in Rio de Janeiro.
Here are some of the leading ways that the US government is using facial recognition today, and where experts say there’s a need for more transparency, and for it to be more strongly regulated.




Some good and some bad.
What technology will courts be using in 5 years’ time?
National Center for State Courts – Court Technology Bulletin, December 5, 2019 – “We are pleased to share the following post from our friend, the Hon. Judge Andrea Tsalamandris from Melbourne, Australia on “how technology can be used by judges and court administration to create efficiencies in our courts, and enhance access to justice. As a judge who was appointed to the County Court of Victoria (CCV) a few years before my 50th birthday, I was very pragmatic in embracing technology in my new role. I thought it was safe to presume that when I retired in twenty years’ time, I would not be working with paper court books or handwriting my signature on court orders. My initial interest in technology was simply to see how it could make my life as a judge easier. However, after attending an E-Courts Conference in the United States in 2018, my eyes were opened to the manner in which technology could be used within courts, to benefit court users, as well as judges and court staff. Shortly after attending that conference, I was asked to chair a newly created IT committee at the CCV, to guide the court in our digital transformation. My teenage children thought this was hysterical, as they did not consider me to be in any way “tech-savvy”; and that was indeed true. But I was willing to learn and was keen to see, in practical terms, how technology could assist all areas of our court, from registry, to the courtroom and in chambers. Whenever I talk to people about our plans for the future, I invariably pose the question – what will we be doing in 5 years’ time? Most of us accept that change is coming, and that it is probably coming more quickly than any of us expect. Having spoken with other judges and court IT managers in Australia, USA, UK and UAE, here is a list of where I think we are heading…”
[Good: 2. Paperless jury trials
Over the last 18 months, the Victorian Supreme Court has conducted a number of criminal trials electronically. In such cases, each juror has been given a iPad on which exhibits are uploaded throughout the course of the trial. Each juror is able to make their own notes and mark up the documents, just as the judge is doing on their own device.
[Bad: 3. PowerPoints for jury charges
In the CCV, some judges are beginning to use PowerPoints, both for opening remarks and for the charge.




Unfortunately, we may need these…
The Constitution Annotated—Impeachment Clauses
In Custodia Legis – “The Library of Congress has updated the Constitution Annotated essays pertaining to impeachment and incorporated them in the annotations to Article I, Article II, and Article III of the Constitution. In addition, the updated impeachment essays are consolidated in Resources about Impeachment. Additional information on impeachment is available on the website’s Beyond the Constitution Annotated: Table of Additional Resources under Resources.
The Library of Congress launched the Constitution Annotated on Constitution Day, September 17, 2019. The website provides online access to the “Constitution of the United States of America: Analysis and Interpretation,” which has served as Congress’s official record of the Constitution for over a century and explains in layman’s terms the Constitution’s origins, how the nation’s most important law was crafted and ratified, and how every provision in the Constitution has been interpreted. With advanced search tools and a modern, user-friendly interface, the new website makes the 3,000 pages of the Constitution Annotated fully searchable and accessible for the first time to online audiences—including Congress, legal scholars, law students, and anyone interested in U.S. constitutional law…”




Anything to get rid of my students.



No comments: