Seung Lee Tech Reporter Newsweek talked to Josh about Crypto War 2.0, PGP and why everyone and everyone on the Internet should practice good hygiene cyber on this week's episode of secure sessions. Seung Lee, a longtime contributor to Newsweek weighed on the controversy surrounding compliance with court orders Act; its opinion on California Senator Feinstein, being a local Silicon Valley; and some of the largest government hospitals and hacks of the year. Listen to the full episode to hear Josh and Seung discuss their views on the future of encryption laws, the relationship between the army and the Silicon Valley in the face of DIUX starting the Pentagon, and the power of computers against human brains. Listen to the podcast now, or read the full transcript below.
Transcript
Josh Welcome back to the Secure Sessions Podcast. This is Josh Gagliardi, CTO of IPVanish. I'm joined today by Newsweek on Seung Lee, who covers technology and privacy for the magazine. . Thank you very much for joining us, Seung
Seung It is good to be here
Josh :. we are of course interested in all things security.
It was a pretty wild news cycle for a few weeks. You covered a number of interesting things; Apple iPhone, and of course both the pro and anti-crypto legislation that has been introduced. Where do you see this kind of crazy train headed privacy and security
Seung is essentially Crypto War 2.0. The first crypto war really happened in the 190s, and it is even questionable that he ever stopped. In the 190s, there was much discussion about this new thing called 'Internet', which comes more and more to this explosive pace.
Now, in 2015, the Internet has evolved significantly compared to the 190s, but even today, the same principles, the same discussion points on encryption and privacy are being tested both by government and by private companies
Josh :. So when you covered the Feinstein-Bill Burr - I think his old name is compliance with court orders Act , one of the things that you mentioned was somehow the rumblings in the [Silicon] Valley on the way it was ironic that it came from a senator from California when much of the industry has no support. So, what have you heard of the local population
Seung Many people are very angry and pissed on the bill that Senator Feinstein pushed forward with Republican Senator Burr of North Carolina.
It basically eliminates any encryption advanced. So basically undoing almost 25 years of work happened in cryptography. It really came to the ordinary for with Pretty Good Privacy PGP in the mid 190s
And now the Bill is widely lampooned by both the left and the right who believe that this is a bad idea for privacy in general. There must be some rumblings by some of Silicon Valley that maybe Feinstein is not it more in the Senate, representing the interests of Californians, given that the entire state is now truly become a home for technology and innovation. But it is still probably the most important politician in this state we have, and it is incredibly powerful, especially in the region. And I do not really see his winning influence anytime soon, unless it decides to resign and retire
Josh :. I think when we saw the debate on SOPA and PIPA invoices ago some years there was a very interesting line in the press during these debates, because we saw a member of parade really misinformed Congress stand up and say things like, "I'm not nerd, but I heard there's this thing called DNS and it is important. and we saw some comments after the fact, saying " Hey, there are 2013-2014 - it probably should not be cool to not understand the Internet
Seung :. I think the theme of the sort, misunderstanding, ignorance emerged during the congressional hearing to debate the Apple FBI in March. There are several members of Congress who were actually very knowledgeable and really questioned valid both FBI Director James Comey and Attorney General of Apple, Bruce Sewell.
But there was a lot of ignorant things said that raised a lot of eyebrows and rolled many eyes. But it was, I think there is a generation gap, understanding of how the Internet works. I think for the privacy of the young generation and the protection of communication is a very high priority to convenience and compliance, I think that follows with the older generation, which did not grow with the Internet and experience all the growing pains that this new technology has gone through
Josh :. Yeah, I really noticed especially with my own children, they beautifully tuned BS filters have grown fully connected from the beginning. There are actually a bunch of big data related to age which was just released by the Office of the United Kingdom of communication.
They released their major annual study, and it has some of the tell problems, a Nielsen TV newspaper where if you ask people if they take vitamins, many more of them will say yes if the vitamins are good than do actually; but they broke many questions about what you often, regularly, sometimes made on the Internet, broken by age, including such things as the use of passwords and lock your phone.
So we can see the compromise safety / comfort to bright light there, because things that are easy, like putting a PIN code on your phone, everyone seems to do. But things are a bit more work, as the correct configuration, wiping after repeated password failures, or have potential disadvantages as the same characteristic, much less adoption. But the password of numbers, as always, were really terrifying. Sometimes we think of this outreach effort, if we can get people to use different passwords on different sites, it would be such a home run for personal safety it will really improve things.
Seung In doing our research for this other story I'm about ransomware, which was really afflict many public institutions such as schools and hospitals across the country, people might have heard of Hollywood Presbyterian Hospital being locked for two weeks because of a virus.
A common term among experts in cybersecurity keeps popping out, which is cyber hygiene . Basically treatment, protection of passwords, do not click on phishing emails, the backup data is extremely important, as basic as washing hands before eating, before serving food, before you go operating a surgery on a patient.
I think a lot of cyber security experts now use cyber hygiene terms of raising the importance of data protection and the protection of the identity or privacy and all the information that people store on. their computers now, as equivalent to basic health needs that must be met on a daily basis
Josh This makes sense. If you think about cell phones, it took nearly 10 years to understand what the rules should be just for voice calls. By this point, everyone understands that they can answer the phone in a restaurant to make it stop ringing, whispering into the phone, "Just a minute, I have to go out," dispense with the table and go for the 'call. And we all see as normal, if sometimes aggravating, but it is cleverly manipulated.
And with AMC movie theater thing about texting in movies, then back, okay, we can see that we are actively trying to determine what the rules for texting are. So it seems that just as our phones become the most personal record of things, and an indispensable tool, we must understand what the rules are. And it will take some time
Seung :. I think I read a story, probably from Atlantic or output very common, basically wrote honestly, the mobile phone is probably a much more reliable deposition of memories that the human brain is. Because the human brain forgets events, forget what happened in January 1 st or Christmas there 5 years, but on a cell phone, everything is kept in memory, everything is organized, everything is cataloged with photos, videos, text messages, and so on that could be revisited an infinite amount of time.
If people use smartphones and computers on a daily basis to say, more than 4 hours a day, so they should see that as a fifth wing. As the equivalent of a second right arm, and like all the arms and fingers and palms, it must be washed, it should be supported, hence the term cyber hygiene that has been popping up so much.
Josh Absolutely, we see people adapt to it. There are two or three years, the IOC Starbuck mentioned that he was in the middle of a meeting, decide on mobile payments or just after a meeting to decide on the mobile payment strategy, and when they decided there was no clear winner, it's just aggravating, we'll just postpone the project. And then he was looking at some data from cash registers, and saw a forgotten wallet to a Starbuck is generally recovered within 45 minutes; but a forgotten cell phone is generally recovered in 10.
And at that time, he called the meeting participants for mobile payments back and said this is the thing important that we will do - we do not care if it is aggravating, find a way to get this done. And they began to launch their application with a gift card and pre-payment that we all came to use.
So, I hope, the human brain is adapting to this idea that it is a piece of the body, and it extends to, as you say, hygiene and courtesy that you should be treated. One of the other things we are considering here is the different role between citizens and business and government -. The different roles that are played over who has the right to have information and who is allowed to keep therefore, certainly health data as you covered in history the hospital is a somewhat special case of business data, and we spoke at length about the users are compromised, giving away free information service. I am interested in your story about DIUX starting the Pentagon . How do we think that the involvement of enterprises and direct government will work, as we look kind of sharing of information and sharing of technical
Seung I think the Pentagon was the first arm of the federal government to understand that they must adapt or die in a sense. I know that the industry is very extreme a word to say, because the passes of government as will be around forever, but ...
Josh They would probably say "Maintaining tactical advantage
Seung :. Yes, exactly. So I think the Pentagon's perspective, the main engine to try something new is that many new enemies that the United States faces a defensive level changed tactics in their offensive tactics, or disturb the army United States, and the Navy and Airforce, which is the launch of race scattered, pretty good attacks, even on the digital front on cybersecurity where they just - it should not be perfect, coordinated massive attack with chains of command. It has just enough damage.
And the Pentagon is still in this old mentality of the cold war where everything needs to have a chain of command, competence matter greatly. The DIUX is the next step for experimental. It is supposed to be something new to try if they could not only find new ways for the Pentagon to be more agile, but also trying to figure out how can we ensure that the Silicon Valley just his origins geographical and cultural might be anti-military rather, how can they warm to the Pentagon so the Pentagon could import some of their technology and the speed at which they work in
Josh We have certainly seen some oppressive governments around the world are rapidly adopting the technology. In RightsCon we spoke with Access Now people who specialize in helping people difficult geographies with oppressive governments remain online so they can get information on. And one of the things we heard from some other conference participants is that, generally, to protest now, they realized that the police are about to wait. Because all of the coverage of the cell phone down just before, forcing people to leave the stage to post videos rather than any livestream.
and oppressive governments and enforcement officials are aware that the advantage of tactical communication of citizens must be disrupted before it can effectively be crushed. Therefore, it is clear that not always the right people get the message quickly, but maybe something interesting will come out of this partnership that allows the military to adapt in a way that will be helpful.
Seung Absolutely. I think, speaking of protest and the convergence of such technology, we have seen that the Hong Kong protest last few years; they use this application called Cat Fire , which was not dependent on 3G and other networks. She was dependent on a different technology, simplest to communicate. I think it's almost like an arms race between governments trying to put roadblocks on absolutely free flow of communications , and more open-source communities trying to build tracks to ensure the continuous flow of
Josh :. Yes, it seems clear that we need Internet transport technologies that can jump across borders, it is not only the normal optical fiber cables operated by carriers.
I think in the Arab Spring in Egypt and Tunisia, there was some initial internet breaking attempts were effectively thwarted by network engineers who figured how to fill things by non-traditional means. I've never found a good write-up to find the details, but it seems that this kind of activism, especially in the face of government oppression going to be something that is important.
As a VPN provider, oppressive governments around the world, whether China or Turkey or one of those places that keep people under tight control, not are clearly not true friends corporate VPN. And it is important for us to ensure that people have access from these countries , because massively when we get the support of user notes, what we discover is that they are far less interested in the fight against government-wide communication than they are in access to simple pleasures of life, be it Facebook, YouTube, websites commodity that everyone wants be part of; Tumblr, Instagram, Pinterest, you know, without restriction or censorship is that people always ask about.
It is clear that any establishment of these basic usage patterns and security models is something he will have value for some time. So give me a sense, when you have worked on some of the great stories of privacy and security, there are some communication about meta, "We are ready to go on the record for this; hang on, we need a declaration for it. "In particular some of the new, irritating laws as Burr-Feinstein.
What was the tone of communication from outside the bill? These are just sterile press releases with nothing to back them up, or does it seem that these are important initiatives that they are clear about the message with
Seung is very scattered. On one hand, we see people like that really DIUX stressed that they want to be open and transparent in the mold of Silicon Valley, or the stereotypical mold of Silicon Valley. On the other hand, it is very elusive. Not a lot of communication, and everything is a bit in between. It really depends on who you talk to and what kind of issues you raise.
Bill Burr-Feinstein, I asked Senator Feinstein's office for comment, did not hear anything. But I could sort of sympathize a little because they have already been called in a huge wave of anger and disbelief by the technology community already. So I think I just jump on the pile probably did not help their cause at all
Josh :. But it's interesting, when the office of a senator does not have time to comment on Newsweek . This tells you that perhaps they recognized that their position will not be as well received as well as they thought
Seung :. I think this bill died. There is just no chance of this bill coming forward.
The White House has refused to publicly support this bill. There are representatives as Darrell Issa of San Diego; ago Senator Ron Wyden of Oregon, a Democrat who said that he will filibuster bill if it ever makes it to the floor Senate. This is already a huge opposition Congress and also the outcome of the White House. I think he's dead.
On the nicer side, even if I cry Senator Feinstein for it, even if it is a symbolic act against encryption to support the implementation of the law, people who are desperately trying to get information on these iPhones, it was a very poor attempt. But then, I think Senator Feinstein made amends in different areas, such as the bill on torture that she and Senator Burr had co-written together to push through, essentially disputing claims CIA assertions about what happened in the camps in the wars in Iraq and Afghanistan was not true, and it was much more horrible than the public knew
Josh :. this is true. It was absolutely representative of the district in terms of, particularly in social views; right
Seung Yeah, so it is something very good. Given the longevity and influence that Senator Feinstein, no wonder it can be ousted only by public outcry. But she did other things that appeal to his voters that lean very democratic, especially in the State of California
Josh :. This much sense. We, as a society, have a luxury to take care of one thing in particular. And for us, the only thing we care about is privacy and security . So that means we get to the paint with the brush wrong, at least on this issue, at least until the bill is withdrawn. But of course, apart from what we are here, we absolutely recognize that there were other good work.
Well, thank you very much for talking to us today. It is encouraging to see the level of coverage and the level of consciousness that the privacy and security issues are more, because we think it's so important. And it is absolutely something that is not always the sexiest topic and it could be brushed under the carpet or ignored. So, thank you for the work you do
Seung It was a pleasure talking to you. Thank you very much!
0 Komentar