Header graphic for print
Steptoe Cyberblog

Episode 257: How we know the North Korean Embassy break-in wasn’t the work of the CIA

Posted in Data Breach, International, Privacy Regulation

 

In today’s News Roundup, Klon Kitchen adds to the North Korean Embassy invasion by an unknown group. Turns out some of the participants fled to the US and lawyered up, but the real tipoff about attribution is that they’ve given some of the data they stole to the FBI. That rules out CIA involvement right there.

Nick Weaver talks about Hal Martin pleading guilty to unlawfully retaining massive amounts of classified NSA hacking data. It’s looking more and more as though Martin was just a packrat, making his sentence of nine years in prison about right. But as Nick points out, that leaves unexplained how the Russians got hold of so much NSA data themselves.

Paul Hughes explains the seamy Europolitics behind the new foreign investment regulations that will take effect this month.

Nick explains the deeply troubling compromise of update certs at ASUS and the company’s equally troubling response. I ask why the only agency with clear authority over an incident with important national security implications is the FTC.

Nick and I comment on the FTC’s pending investigation of the privacy practices of seven Internet service providers.

Speaking of sensitive data practices, Klon talks about the Committee on Foreign Investment in the United States’ belated recognition that maybe the Chinese shouldn’t have access to the most intimate desires of the US LGBTQ community. I try to explain the difference between Tik Tok and Yik Yak and mostly fail.

Meanwhile, in splinternet news, the EU Parliament has approved the controversial Copyright Directive. A bunch of MEPs, soon to be running for reelection, claim they meant to vote against it, really, but somehow ended up voting for it.

The Department of Housing and Urban Development is suing Facebook for violating the Fair Housing Act. I ask listeners for help in finding guests who can talk about whether it’s a good idea to bar ad targeting that lets companies look for more customers like the ones they already have, even if their customers already skew toward particular genders and ethnicities.

Finally, Nick and I break down Gavin de Becker’s claim that the real killer in the Bezos sexting flap was Saudi Arabia. Plenty of smoke there, but the lack of a reference to any forensic evidence raises doubts about de Becker’s version of events.


 

Download the 257th Episode (mp3).

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed!

As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!

 

The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.