The theme this week is China’s growing confidence in using cyberweapons in new and sophisticated ways, as the US struggles to find an answer to China’s growing ambition to dominate technology. Our interview guest, Chris Bing of Reuters, talks about his deep dive story on Chinese penetration of managed service providers like HP Enterprise – penetration that allowed them access to hundreds of other companies that rely on managed service providers for most of their IT. Most chilling for the customers are strong suggestions that the providers often didn’t provide notice of the intrusions to their customers – or that the providers’ contracts may have prevented their customers from launching quick and thorough investigations when their own security systems detected anomalous behavior originating with the providers. Chris also tells the story of an apparent “Five Eyes” intrusion into Yandex, the big Russian search engine.


Continue Reading

Our News Roundup is hip deep in China stories. The inconclusive EU – China summit gives Matthew Heiman and me a chance to explain why France understands – and hates – China’s geopolitical trade strategy more than most.

Maury Shenk notes that the Pentagon’s reported plan to put a bunch of Chinese suppliers on a blacklist is a bit of a tribute to China’s own list of sectors not open to Western companies. In other China news, Matthew discloses that there’s reason to believe that China has finally begun to use all the US personnel data it stole from OPM. I’m so worried it may yet turn my hair pink, at least for SF-86 purposes.

And in a sign that it really is better to be lucky than to be good, Matthew and I muse on how the Trump Administration’s China policy is coinciding with broader economic trends to force US companies to reconsider their reliance on Chinese manufacturing.


Continue Reading

On July 28, Senator Ron Wyden objected to the Senate’s passage of the Intelligence Authorization Bill for Fiscal Year 2016. He objected not because he opposes the funding decisions included in the legislation but rather because of just 29 lines of text among the 41 pages of proposed legislation that have nothing to do with

With all the controversy surrounding the leaks regarding the PRISM program, there is at least one constituency that is likely rejoicing — Europe-based cloud computing companies.

For the past few years, cloud providers in Europe have tried to gain a competitive advantage over US-based providers in the European market by arguing that the Patriot Act

This is part of a multi-blog series to demonstrate that product design may have—and in many areas of Internet law and regulation, will have—a determining factor for how a product or service is regulated. This first part relates the treatment of cloud services.

Breathing a Little Easier in the Cloud

Recently, the Second Circuit handed