Author: Allison Pedrazzi Helfrich
The Center for Internet and Society at Stanford Law School is a leader in the study of the law and policy around the Internet and other emerging technologies.
Author: Allison Pedrazzi Helfrich
I'm quoted in this story about cell phone companies efforts to keep their customers from switching services or buying unaffiliated hardware or ringtones. My quote sounds pretty awkward, but if you want to read more about this, you can check out our (successful) filing with the Copyright Office about cell phone unlocking.
Rep. Tom Graves (R-GA) and Rep. Kyrsten Sinema (D-AZ) introduced the Active Cyber Defense Certainty Act (H.R. 4036) in the House of Representatives on Oct. 13. The bill would amend the Computer Fraud and Abuse Act (CFAA)—the main federal statute that governs computer hacking—effectively to allow victims of certain cyber intrusions to take defensive measures that would otherwise violate the CFAA’s prohibitions on unauthorized access to computers.
The last two days have seen two major developments regarding Russian hacking. First, Russian President Vladimir Putin tacitly admitted that Russian hackers might have influenced the U.S. election, but claimed that any hackers were just patriots, acting independently of the Russian government. Then The Intercept published a leaked NSA report stating that Russian military intelligence had tried to penetrate U.S. voting systems.
A group of hackers called the Shadow Brokers has just released a new dump of data from the National Security Agency. This is plausibly the most extensive and important release of NSA hacking tools to date. It’s likely to prove awkward for the U.S. government, not only revealing top-secret information but also damaging the government’s relationships with U.S. allies and with big information technology firms. That is probably the motivation behind the leak: The Shadow Brokers are widely assumed to be connected with the Russian government.
As users of Twitter and many other services probably know, large parts of the Internet weren’t working Friday, thanks to a hacking attack on the Internet’s infrastructure. NBC reported that a senior intelligence official told the network that the hack “does not appear at this point to be any kind of state-sponsored or directed attack.” It may be that new evidence emerges that leads the U.S.
Obama administration security officials have formally accused Russia of interfering with the U.S. presidential election. The Director of National Intelligence and the Department of Homeland Security made a joint statement, saying that ““[t]he U.S. intelligence community is confident that the Russian government directed the recent compromises of e-mails from U.S. persons and institutions, including from U.S.
Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.
"Even Hutchins’s defenders say if he’s guilty some punishment is in order, but his prosecution also sends a mixed message. Hutchins had been a model of public-private cooperation at a time when the government was having difficulty recruiting cybersecurity talent. (James Comey irritated the community in 2014 when he said the FBI struggled to hire people because “some of those kids want to smoke weed on the way to the interview.”) Some security researchers said they would stop sharing information with the government in protest.
"The level of computer security is such that it would be “kind of shocking” if at least some government data weren’t accessible to hackers, said Brian Nussbaum, a former intelligence analyst and a professor at SUNY Albany."
"According to Andrea Matwyshyn, professor of law and computer science at Northeastern University, if companies help cyber criminals make money off hacks, they will only continue.
"Professor Brett Frischmann at Villanova University states, "the problem some companies face with self-dealing by IT professionals is complex because it is an area where contract and trade secrecy laws' protections may be inadequate. In some cases, other laws such as the Computer Fraud and Abuse Act can be helpful.”"
"When it comes to fighting cyber crimes in Hollywood, it’s a case of pay now or pay later. Matwyshyn said the entertainment industry is a prime target for hackers because the stakes are high, and those who work in the industry may not be paying close attention to internet security practices. It’s relatively easy to send a “phishing” email to a studio executive, advising them to click on a link. And just like that, hackers are in.
"In United States v. Jay Michaud the indictment will be dismissed without prejudice, meaning that the DoJ can pick the case up again within the statute of limitations (five yearsin this case) if it chooses.
"Riana Pfefferkorn -- who helped write an amicus brief on Apple's behalf (along with several other security researchers and professors) -- pointed out on Twitter that Cellebrite's hacking is exactly the sort of risk the government refused to seriously contemplate during its pursuit of an All Writs Order forcing Apple to open up the phone for the FBI."
"Just beware that putting something over your camera lens isn’t a complete solution, according to Marshall Erwin, head of trust and privacy at Mozilla, which makes the Firefox browser.
"Similarly, Scott Shackelford, an associate professor of business law and ethics at the Indiana University Kelley School of Business and senior fellow at the IU Center for Applied Cybersecurity Research, has spent his sabbatical from IU this semester working as a cybersecurity research fellow at the Harvard Kennedy School and researching voter fraud methods in the U.S. and around the world.
Shackelford’s fellowship research has focused on five major ways to manipulate the outcome of an election electronically.
On December 1, 2016, significant and controversial changes to Federal Rule of Criminal Procedure 41 are scheduled go into effect. Today, Rule 41 prohibits a federal judge from issuing a search warrant outside of the judge’s district, with some exceptions.Traditionally, federal judges may only issue warrants that will be executed within their own districts. The revised Rule 41 would permit judges to issue search and seizure warrants for computers outside their jurisdictions, in two circumstances: if the computer’s true location has been hidden through technological means (such as Tor), or, in a computer-hacking investigation under the CFAA, if the affected computers are located in five or more districts.
For more information and to purchase tickets visit: https://www.eventbrite.com/e/death-of-the-open-internet-a-black-hat-qa-w...
Welcome to Startup Policy Lab’s The Policy Series, hosted by Runway! For our first October session, we go one-on-one with Jennifer Granick, Director of Civil Liberties at Stanford Center for Internet and Society (CIS).
Daniel Nazer Staff Attorney, Electronic Frontier Foundation
Jonathan Blavin Partner at Munger, Tolles & Olson
• First Amendment and public figures in sports games
• Cheating and hacking in online game play
MCLE Registration: 5:00 - 5:30 p.m.
Program 5:30 - 6:30 p.m.
The House recently passed legislation that would update the Stored Communications Act, a measure that dictates how law enforcement can gain access to electronic communications stored remotely. Northeastern professor Andrea Matwyshyn joins us to explain some of the problems with the law. Next, we'll look at the intersection of fashion and tech with a new customized dress from Google and H&M based on your personal data. And finally, we'll talk about one nonprofit's event to help women who want to learn more about coding: Hackentine's Day.
In this week's feature interview we're chatting with Stanford's very own Jennifer Granick about a recent ruling in a Virginia court that appears to give the FBI permission to hack into any computer it wants, sans warrant. Well that's what the headlines are screaming, anyway. But as you'll hear, it's not quite that black and white.
CIS Affiliate Scholar David Levine interviews Jonathan Mayer, Stanford Ph.D. candidate in computer science, author of Terms of Abuse: An Empirical Assessment of the Federal Hacking Law, and How to Fix It.
Hacking generally has a pejorative meaning, namely, someone who accesses a computer by circumventing its security system. But, hacking may also refer to excellence in programming —the kind of innovation that built the Internet. Penn Professor Andrea Matwyshyn knows the difference and tells Jim Zirin how to stay away from the dark side of the Internet.