Risky Business #274 -- Is "active defence" legal?

Stanford law's Jennifer Granick joins the show...
22 Mar 2013 » Risky Business

In this week's feature interview we chat with Jennifer Granick, the Head of Civil Liberties at Stanford University's Centre for Internet and Society. Jennifer has extensive experience with cyberlaw -- she has acted for clients as diverse as Aaron Swartz and HBGary! She's done it all! And she joins the show to talk about a few things -- is active defence ever legal? And what the hell is going on with the Computer Abuse and Fraud Act over there in the USA?

This week's show is brought to you by Senetas, makers of fine, fine crypto hardware. If you need some crypto in your second layer, I'd suggest you get in touch with these guys. Awesome gear and as you'll hear in this week's sponsor interview with Senetas co-founder and CTO Julian Fay, these guys really know their stuff.

Julian joins the show a bit later on to talk about what happens when his customers ask them to roll with custom algos because some of them don't trust those published crypto techniques.

Show notes

You can find this week's episode here.

South Korea: Chinese address source of attack
http://bigstory.ap.org/article/south-korean-banks-media-report-network-c...

South Korea traces cyberattack to IP address in China | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57575494-83/south-korea-traces-cyberatt...

Theories Abound on Wiper Malware Attack Against South Korea | threatpost
http://threatpost.com/en_us/blogs/theories-abound-wiper-malware-attack-a...

Twitter / LukeCleary: @W7VOA http://t.co/EGMq34ssk6
https://twitter.com/LukeCleary/status/314268284029661186

CCD COE - The Tallinn Manual
http://www.ccdcoe.org/249.html

NATO cyberwar directive declares hackers military targets - RT USA
http://rt.com/usa/nato-publishes-cyberwar-guidelines-502/

What 420,000 insecure devices reveal about Web security | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57574919-83/what-420000-insecure-device...

Internet Census 2012
http://internetcensus2012.bitbucket.org/paper.html

Decade-old espionage malware found targeting government computers | Ars Technica
http://arstechnica.com/security/2013/03/decade-old-espionage-malware-fou...

CIA $600 Million Deal For Amazon's Cloud - Business Insider
http://www.businessinsider.com/cia-600-million-deal-for-amazons-cloud-20...

Firm faces scrutiny over hacked ABC website
http://www.smh.com.au/it-pro/security-it/firm-faces-scrutiny-over-hacked...

Experts Tell Congress Serious Deterrence Needed to Impede Foreign Cyber Attacks | threatpost
http://threatpost.com/en_us/blogs/experts-tell-congress-serious-deterren...

AT&T Hacker 'Weev' Sentenced to 3.5 Years in Prison | Threat Level | Wired.com
http://www.wired.com/threatlevel/2013/03/att-hacker-gets-3-years/

Keys denies giving Tribune log-in credentials to Anonymous | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57575499-83/keys-denies-giving-tribune-...

Cautious Optimism over Google DNSSEC Deployment | threatpost
http://threatpost.com/en_us/blogs/cautious-optimism-over-google-dnssec-d...

Java Code, Details Released for Potential Sandbox Bypass Issue | threatpost
http://threatpost.com/en_us/blogs/java-bug-code-details-released-allowed...

Vulnerabilities Continue to Weigh Down Samsung Android Phones | threatpost
http://threatpost.com/en_us/blogs/vulnerabilities-continue-weigh-down-sa...

www.revuln.com/files/ReVuln_EA_Origin_Insecurity.pdf
http://www.revuln.com/files/ReVuln_EA_Origin_Insecurity.pdf

Cisco switches to weaker hashing scheme, passwords cracked wide open | Ars Technica
http://arstechnica.com/security/2013/03/cisco-switches-to-weaker-hashing...

Apple adds two-step verification option for Apple IDs | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57575655-83/apple-adds-two-step-verific...

Crown casino made no formal complaint to police after $32 million scam | News.com.au
http://www.news.com.au/national-news/victoria/crown-casino-made-no-forma...

Crown casino hi-tech scam nets $32 million | News.com.au
http://www.news.com.au/breaking-news/crown-casino-hi-tech-scam-nets-32-m...

'Chameleon Botnet' takes $6-million-a-month in ad money | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57575320-83/chameleon-botnet-takes-$6-million-a-month-in-ad-money/

Security reporter hit by 'swatting' attack | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57574677-83/security-reporter-hit-by-sw...

Jennifer Granick | Center for Internet and Society
http://cyberlaw.stanford.edu/about/people/jennifer-granick

Senetas grants master distribution status to SafeNet - SafeNet, Senetas, distribution deals - ARN
http://www.arnnet.com.au/article/455608/senetas_grants_master_distributi...

Ash Grunwald - Longtime - YouTube
https://www.youtube.com/watch?v=n2jI1xlzjCo&playnext=1&list=PL64A7F7A1AC...

,

The source of attack will be very good. They need to get the whole thing very good. - James Cullem