Nick Weaver kicks off a wide-ranging episode by celebrating Treasury’s imposition of sanctions on a cryptocurrency mixer for facilitating the laundering of stolen cryptocurrency. David Kris calls on Justice to step up its game in the face of this competition, while Nick urges Treasury to next sanction Tornado Cash — and explains why this would incentivize better behavior more generally. Scott Shapiro weighs in to describe North Carolina’s effort to prohibit government entities from papaya ransom to ransomware gangs; he doubts it will work.
David and Scott also further our malware education by summarizing two chilling reports about successful long-term intrusion campaigns – one courtesy of Chinese state hackers and the other likely launched by Russian government agents. I can’t help wondering whether the Russian agencies haven’t prioritized cool hackings over effective ones – to Russia’s cost in the fight with Ukraine.
Nick provides a tutorial on why quantum cryptanalysis is worrying the Biden Administration and what it thinks we ought to do about it. I express some cynicism over how good U.S. physicists have gotten at selling expensive dreams to the government – and considerable relief that Chinese physicists are apparently at least as good at extracting funding from their government.
Here’s a story mainstream media is already burying because it doesn’t fit the “AI bias” narrative. It turns out that in a study by the Department of Homeland Security, most errors (75%) were introduced at the photo capture stage, not by the matching algorithms. What’s more, the bias we keep hearing about has disappeared for the best products. Error rates were reported for the best products by gender and skin color. Errors for women, for light-skinned subjects and dark-skinned subjects were all as low as it’s possible to be – zero. For men, the error rate was 0.8%. These tests were of authentication/identification face recognition, which is easier to do than 1:n “searches” for matching faces, but the results mean that it’s not unreasonable to expect the whole bias issue to disappear as soon as the public wises up to the ideologically driven journalism now on offer.
Nick and I spar over location data sales by software providers. I pour cold water on the notion that evil prosecutors will track women to abortion clinics in other states using their location data. Nick takes the affirmative on that topic, and we put some money on the outcome, though it may take five years for one of us to collect.
Scott unpacks the flap over Department of Homeland Security (DHS) Disinformation Governance Board, headed by Cyberlaw Podcast alumna Nina Jankowicz, who revealed on Tiktok that I should have asked her to sing the interview. Scott and I agree that DHS is retreating quickly from the board’s name and mission as negative reviews for the name, the leader, and the mission keep piling up.
This Week in Schadenfreude is covered by Nick, pointing out the irony of the Spanish prime minister’s phone being targeted with Pegasus spyware not long after the Spanish government was widely blamed for using Pegasus against Catalan separatists.
In quick hits,
- Scott explains why British Internet Service Providers (ISPs) are complaining about the order that they not give British citizens access to sanctioned websites.
- Scott and I take turns mocking the fashion for phony international law agreements. These now include Silicon Valley’s astroturfed Paris Call and the Biden Administration’s Declaration for the Future of the Internet, better known as the “Convention for International Unicorns and Fairy Dust.”
- David celebrates the one-year term extension for Gen. Nakasone, and we share views on dividing leadership of Cyber Command and NSA.
- Squeaking under the wire, I manage to bring Elon Musk into the podcast as the exit music mounts, noting that the Committee on Foreign Investment in the United States (CFIUS) is likely to complicate but not stall his acquisition of Twitter.
You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug!
The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.