Our interview is with Bruce Schneier, who has coauthored a paper about how to push security back up the Internet-of-things supply chain: The reverse cascade: Enforcing security on the global IoT supply chain.  His solution is hard on IOT affordability and hard on big retailers and other middlemen, who will face new

In the News Roundup, Dave Aitel (@daveaitel), Mark MacCarthy (@Mark_MacCarthy), and Nick Weaver (@ncweaver) and I discuss how French and Dutch investigators pulled off the coup of the year this April, when they totally pwned a shady “secure phone” system used by massive numbers of European criminals. Nick Weaver explains that hacking the phones

191: Election security may be better than you think.  Unless you live in New Jersey.

Episode 191 is our long-awaited election security podcast before a live, and lively, audience.  Our panel consists of Chris Krebs, formerly of Microsoft and now the top cybersecurity official at DHS (with the longest title in the federal government

In episode 132, our threepeat guest is Ellen Nakashima, star cyber reporter for the Washington PostMarkham Erickson and I talk to her about Vladimir Putin’s endless appetite for identifying ‒ and crossing ‒ American red lines, the costs and benefits of separating NSA from Cyber Command, and the chances of

Was Iran’s cyberattack that bricked vast numbers of Saudi Aramco computers justified by a similar attack on the National Iranian Oil Company a few months’ earlier?  Does NSA have the ability to “replay” and attribute North Korean attacks on companies like Sony? And how do the last six NSA directors stack up against each other? 

Live from RSA, it’s episode 104, with special guest Jim Lewis, CSIS’s renowned cybersecurity expert and Steptoe’s own Alan Cohn.  We do an extended news roundup before an RSA audience that yields several good questions for the panel.  We had invited Bruce Sewell, Apple’s General Counsel, to participate, but he didn’t show.  So we felt no constraint as we alternately criticized and mocked Apple’s legal arguments for not providing assistance to the FBI in gaining access to the San Bernardino terrorist’s phone.  We review the bidding on encryption on Capitol Hill and observe that the anti-regulatory forces have lost ground as a result of the fight Apple has picked. That leads into a discussion of China’s backdoors into the iPhone and Baidu’s role in compromising users of its products. 
Continue Reading Steptoe Cyberlaw Podcast – Interview with Jim Lewis

Anyone who has tried to explain bitcoin around their kitchen table knows that it is not easy to put your finger on what exactly the technology is.  Because of their innovative nature, digital currencies don’t have obvious analogs or fit easily into existing categories.  Bitcoin is part currency, part digital payment system, and part immutable ledger.
Continue Reading FinTech Bits: Are Bitcoin and Other Digital Currencies Securities?

Following the attacks in Paris and San Bernardino, polls show that Americans identify terrorism—more than any other issue—as the most important problem facing the US.  In this environment, some media outlets have predicted a pending “crackdown” on digital currencies, particularly by European governments, because of the risk that the technology could be used to fund

Over the past few years, the US government has invested heavily in trying to create international norms for cyberspace. We’ve endlessly cajoled other nations to agree on broad principles about internet freedom and how the law of war applies to cyberconflicts. Progress has been slow, especially with countries that might actually face us in a