Three Things: Oracle's 299, Flashback, Longreads and 4/20
Software company Oracle issued its biggest patch ever; Shadow Brokers spawned a flashback; lots to read on 4/20. And Chaffetz! What the heck?!
Annual FISC Report Suggests the Court Did Not Approve ANY Section 702 Certificate in 2016
The FISC annual report today appears to state that the FISC did not approve any 702 certificates in 2016, which would mean the government presumably worked on extensions from November 6 until the turn of the year.
The Think Tank Story Actually Suggests the Think Tank Wasn't That Important
Reuters has a story suggesting a think tank provided the rationale in June for an operation that was already three months old by then. A better reading, at least given the public facts, is that the think tank wasn't that important.
I Con the Record's "Generally" Useful Section 702 Q&A;
ODNI released a "generally" good document, in that, it's good except in its egregious use of the word "generally" to hide one of the most important details.
The Doxing of Equation Group Hackers Raises Questions about the Legal Role of Nation-State Hackers
Along with exposing a bunch of NSA tools and a record of the NSA's attack on SWIFT, Shadow Brokers exposed the identities of a number of NSA's own hackers. That has important repercussions for the norms and laws surrounding state-sponsored hacking.
Dana Boente Still Has a Job and Why That's of Interest for WikiLeaks
Until Rod Rosenstein gets confirmed as Deputy Attorney General, Dana Boente will be both US Attorney overseeing the investigation into WikiLeaks and acting AG for the investigation into the hack of DNC emails and their leak to and publication by Wikileaks.
Three Things: Day 1 - Tax Day, Ballmer's Gift, Microsoft
It's D-Day — federal income tax filings are due; retired CEO Steve Ballmer's hobby pays off big for Americans; and Microsoft bollocked security fix announcements.
Three Things: Not-So-Neutral, Day 2 and Reading
Internet biggies step up for net neutrality, lots of longreads to start the week, and less than 36 hours to income tax filing deadline.
Author of USA Freedom Act Says "Nobody's Got to Use the Internet"
Many outlets have reported Jim Sensenbrenner's ridiculous claim that "no one's got to use the Internet," given in response to a constituent complaining about his vote to overturn Obama's broadband privacy rules. None I've seen has reminded that, posing as a champion of privacy, Sensenbrenner authored the USA Freedom Act.
The Shadow Brokers Vulnerability Equities Process: NSA Has Had at Least 96 Days to Warn Microsoft about These Files
The Windows exploits released today were all among those listed in Shadow Brokers' Windows Warez post on January 8. That means NSA has had at least 96 days to warn Microsoft they might be released. So why does Microsoft seem so unprepared today?
NSA Continued Double Dipping at SWIFT Even After It Was Exposed
In its latest dump of NSA files, Shadow Brokers revealed that NSA continued to double dip at SWIFT even after that double dipping was exposed by the Snowden leaks.
Pompeo Likens Wikileaks' Release of CIA's Hacking Tools to Philip Agee
Mike Pompeo's speech was interesting for several reasons, including why he compared Philip Agee with Wikileaks.
Three Things: Day 6, Bombs Away, Get Carter 2
Open thread featuring countdown to income tax filing deadline continues; MOAB (Monster of All Bullshit) dropped; not-so-cunning Carter Page.
A Different Kind Of Modeling Tool
Maybe the Game of Life can lead to better models of the economy.
Ruslan Stoyanov and Two Degrees of Separation from Protected Criminal Hackers
The former Kaspersky head of cyber investigations now facing treason charges in Russia, Ruslan Stoyanov, made a splash yesterday accusing Russia of protecting criminal hackers in exchange for state-related hacking. There's just one problem with that: the US has accused Dmitry Dokuchaev, whose arrest is believed to be tied to Stoyanov's, of doing just that.
Trump Is a Market Disaster
As Trump makes a wild course correction, it's important to remember that Trump is more governed by an interest in protecting his brand than any measures of efficacy.
Three Things: Day 7, Get Carter, SLAPP-ish Defense
Income tax deadline looms, Carter Page in the news again, Anthem pulls a nasty one.
The Kelihos Pen Register: Codifying an Expansive Definition of DRAS?
The pen register used to disrupt the Kelihos botnet may be an attempt to codify an expansive definition of metadata for use with pen registers in hacking cases.
Another Russian Hacker (Probably) Not Affiliated with the DNC Hack
Pyotr Levashov, a Russian hacker arrested in Barcelona on Friday, appears to have been arrested for his long-standing spam services, and not any role in the election hacking.
Last Fall's Efforts against Russia: Influence versus Tamper
Democrats blame Mitch McConnell for not taking a stronger stand against Russia last fall. But on the issue of protecting voting systems, his reluctance to name Russia was actually consistent with the public intelligence at the time.