Lots of Stuff



CIPAV – docs 1, 2, 3 — Because suspects are increasingly using tools to mask their IP address the FBI now uses a “computer and internet protocol address verifier” to identify a suspect’s IP (as well as additional info) . It appears to work be levergaing various “drive-by” exploits. On a worrying note, the first few lines of the document obtained by Wired via FOIA note “we are seeing indications that it is being used needlessly by some agencies, unnecessarily raising difficult legal questions”.

Joint Strike Fighter — The same WaPo reporter behind the “electricity grid hack” story strikes again. This time with at least a few interesting details. What I found interesting is the mention of the fact that the attacks were reportedly on allies, such as Turkey, that are part of the development and on contractors such as Lockheed Martin, Northrop Grumman Corp. and BAE Systems PLC. (more here).

Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities” — I haven’t read it in detail yet, but it looks very interesting. the best line so far: “Today‚Äôs policy and legal framework for guiding and regulating the U.S. use of cyberattack is ill-formed, undeveloped, and highly uncertain.”

Insider Threat — This is something I’ve been focusing on recently, but here is a report which suggests that “37% of employees would become insiders given the right incentive”.

Post a comment.