The fight over Section 702 reauthorization

Section 702 of the Foreign Intelligence Surveillance Act permits U.S. intelligence agencies (including the CIA, NSA, and FBI) to conduct surveillance of people who are: 1) not United States persons (a term of art including U.S. citizens, lawful permanent residents, U.S. corporations, and some unincorporated associations); and 2) not located in the United States. Those agencies can compel U.S.-based providers of electronic communications to turn over records and communications without individualized court orders. The law expires at the end of 2023, and the debate is on in Congress as to whether it should be reauthorized. The intelligence agencies say that Section 702 is critical to gathering intelligence that allows the U.S. security apparatus to counter spies, terrorists, and cyber actors. Civil liberties advocates argue that the law is too broad because it permits the collection and analysis of Americans' communications without a court order.

Read me in →

Tagged , ,

Why the Afghan security forces collapsed

The Special Inspector General for Afghanistan Reconstruction (SIGAR) published a report this month examining why the Afghan National Defense and Security Forces (ANDSF) collapsed so quickly when the United States withdrew from the country in 2021. The report places much of the blame with the U.S.-Taliban Agreement signed by the Trump Administration in 2020:

Read me in →

Tagged ,

Timothy Snyder on Ukrainian history

In the fall of 2022, Timothy Snyder, a historian at Yale, taught a course called "The Making of Modern Ukraine." The class traces Ukraine's history and explains how the stories and mythology of the country's past have developed. It's especially crucial given Russia's war on Ukraine and some of the stated reasons for that conflict. Thankfully, Yale has made the lectures from the course available to everyone for free. You can watch the lectures on YouTube, and the course is also available as a podcast that you can find in your favorite podcast app.

Read me in →

Tagged , ,

Data brokers create privacy concerns; still get millions from the federal government

Login.gov sounds like a great idea: a single way to access services provided by numerous federal agencies, like passports and small-business loans. But its creation was stymied by a simple problem: "the government" isn't a monolithic institution. It's a complex web of independent agencies that often can't share personal information thanks to the Privacy Act of 1974. So when the State Department wants to verify your identity to issue you a new passport, verifying your identity through the Social Security Administration can be quite a challenge. Politico has a fascinating article on how this dynamic forces the federal government to buy back its own information from shady private data brokers.

Read me in →

Tagged , ,

Foreign interference in 2022 elections “limited to moderate”

Cybersecurity firm Mandiant reports that foreign powers including Russia, China, and Iran conducted operations to influence the 2022 midterm elections in the United States. The operations Mandiant identified were "limited to moderate in scale." The firm spotted efforts to "troll" researchers and defenders, possibly in an attempt to appear to have influenced the elections while expending limited resources. Mandiant also discovered efforts to exploit controversial issues and existing political divisions. Information security expert Matt Tait has a Mastodon thread with his reactions.

Read me in →

Tagged ,

No, the FBI didn’t bribe Twitter

There's been a lot of irresponsible faux journalism surrounding the "Twitter Files," a batch of internal company documents that Elon Musk released to a couple of handpicked friendly bloggers. But a Twitter thread earlier today claimed that the FBI paid Twitter to influence the social media company's content moderation decisions. It's one of the more preposterous claims in this space (though it has a lot of competition), and it evinces a total misunderstanding of the interactions between technology companies and law enforcement.

Read me in →

Tagged , ,

Damage to Soyuz spacecraft risks stranding astronauts on space station

A coolant leak from the Russian Soyuz spacecraft currently docked to the International Space Station may mean the vessel is damaged beyond repair, according to one expert. The malfunction occurs at a critical time; if the Soyuz capsule is indeed inoperable, the ISS would lack the capacity to evacuate all of the astronauts on board for the first time in the station's history. Seven astronauts are currently aboard the ISS, but with the Soyuz damaged, there would only be sufficient capacity to evacuate four in the event of an emergency.

Read me in →

Tagged ,

Russia exploits Telegram security flaw to surveil Ukrainian operative

Information security expert Matt Tait has a fascinating piece on Russia's exploitation of a security flaw in the chat app Telegram to surveil an operative working with Ukraine's special forces. Tait analyzes the details in a Washington Post story to evaluate Russia's access and capabilities. Here's the bottom line:

Telegram is not safe to use as a chat or call app. It nearly cost [the Ukrainian operative] his life. Ukrainians—and frankly everyone else too—should find another encrypted application for chats and calls.

Matt Tait

Read me in →

Tagged , , , , ,