SECURITY EXPERTS
Security People
THE EXPERTS
legendary experts ♫★♪♥♫★♪
-
spacerogue.net @spacerog, L0pht, Hacker News Network @Stake
- Mudge In 1999 Cult of the Dead Cow (cDc) released Back Orifice 2000 (Bo2k) at DEFCON 7.Peiter C. Zatko, better known as Mudge in February 2000, cDc member Mudge briefed President Bill Clinton on Internet security.
- Gregg Housh one of the founders of Annonymous
- Marcus Ranum - Tenable Marcus Ranum @Tennable
Marcus J. Ranum, is a computer and network security researcher. He is credited with a number of innovations in firewalls, including building the first Internet email server for the whitehouse.gov domain, and intrusion detection systems. He has held technical and leadership positions with a number of computer security companies, and is a Faculty member of the Institute for Applied Network Security. - The List includes @hdmoore @dakami @thedarktangent
- The Risks Digest - Peter G. Nwumann http://catless.ncl.ac.uk/Risks/
- WooWoo a computer security think tank inside the billion dollar hacker club founded in 1996 and still active until the early 2000s Although this group was not well known outside Information security circles, its participants have spawned more than a dozen IT companies. The two most famous examples are WhatsApp, the messaging service, and Napster, the pioneering file-sharing company. Everyone talks about the PayPal mafia, but nobody talks about the w00w00 mafia. Founding w00w00 member Jonathan Bowie (“jobe”) started the “#!dweebs” channel on EFNet and invited other like-minded hackers to join. “I believe at one point in the late 90s/early 2000s we had representative membership with ties to every major security consulting firm, hacker think tank, and security team on Wall Street,” says Bowie. Another aspect of w00w00's implicit mission was to be more open than other hacker groups and the “somewhat closed-off world of black hat research.”
- Presidential
candidate and Cult of the Dead Cow member Beto O'Rourke in the 80's as a teen. Reuters
Why They Held onto Story for over a Year
O'Rourke's membership in the group - notorious for releasing tools that allowed ordinary people to hack computers running Microsoft's Windows, and also known for inventing the word “hacktivism” to describe human-rights-driven security work - could explain his approach to politics better than anything on his resume. His background in hacking circles has repeatedly informed his strategy as he explored and subverted established procedures in technology, the media and government. - I'm pretty sure there was footage in the documentary "0wned" which I have a rip of somewhere. The clip of #cDc releasing BO2K at @defcon 10. (cc @thedarktangent @BetoORourke ;-)
- CDC In 1994, cDc member Omega coined the term "hacktivism."[28] The group has been active in hacktivist causes since that time.
White Hats "SCIF,"
or
Sensitive Compartmented Information Facility. Internet-enabled devices are forbidden there, which, as it
turns out, isn't a bad thing. Rob Bagnall CEO of Maverick-Security, LLC
1-855-648-7925
LAWYERS FAIL!
LAW FIRMS NEED TO HIRE TECHNOLOGISTS AT THE SAME SALARY AS A PARTNER TO BE THERE IN HOUSE EXPERT ON CASES - DO NOT EXPECT THE LAWYER TO DO THIS! THAT WOULD BE A TOTAL FAIL.
When it comes to technology, justice is increasingly out of reach!
No one who is practicing today had a cybersecurity class in law school.
Cyber, Data and Privacy questions lie at the core of numerous corporate and government cases, and there aren't anywhere near enough practicing lawyers who can adequately understand the complex issues involved, let alone who can sufficiently explain them in court or advise investigators on how to build a successful case. Few of the 93 U.S. attorney's offices around the nation have federal prosecutors who specialize in cyber-cases, even though cybercrime now touches every corner of the country. “Most lawyers are pretty deathly afraid of code. They don't even have a working knowledge — what an algorithm is, what a DDOS attack does, how a botnet operates.
Government attorneys frequently confuse content and metadata, even though the two types of information face very different legal standards. One possible reason: The Justice Department's decade-old Electronic Surveillance Manual is incorrect about the basic mechanics of how email works, according to a forthcoming article in the Harvard Journal of Law & Technology.
Senate Judiciary Committee's subcommittee on privacy, technology and the law, doesn't have a pipeline of lawyers who can read code. The knowledge base of the government's lawyers is still badly lacking, particularly when it comes to marrying legal and technological tools,
Lawyers do not have technical backgrounds. This situation is stymieing criminal investigations, upending
innocents' lives and making it harder to set legal boundaries around mass-surveillance programs.
The judge concluded, either the FBI or the prosecutors hadn't understood exactly how their own “network
investigative technique” worked, or they'd failed to explain it correctly in the courtroom. What's more, the judge who issued
the original warrant didn't have the jurisdiction to do so, because the “network investigative technique,”
a
piece of FBI-designed malware that sniffed out people trading illegal files, collected evidence far beyond
the bounds of the Virginia district where the warrant was authorized.
The fallout from Edward Snowden's revelations exposed numerous instances in which agency lawyers miscommunicated to courts about what the government was doing. There are two possible explanations: Either they willfully exploited judges' lack of technical knowledge, or the lawyers themselves couldn't fathom the programs they were trying to explain. In a 2009 case that became public in 2013, NSA Director Keith Alexander admitted that none of the lawyers overseeing one surveillance program grasped what it was doing when it queried a particular agency database: “It appears there was never a complete understanding among the key personnel . . . regarding what each individual meant by the terminology used.” In a 2011 suit, Judge John Bates of the secret Foreign Intelligence Surveillance Court wrote an angry (and heavily redacted) 85-page decision saying he was “troubled” that the case marked “the third instance in less than three years in which the government has disclosed a substantial misrepresentation regarding the scope of a major collection program.” And in yet another case, Solicitor General Donald B. Verrilli Jr. found in 2013 that he'd misled the Supreme Court about how the Justice Department was using evidence derived from warrantless surveillance programs targeting foreigners, an error that led to a months-long internal debate as Verrilli questioned the department's interpretation of the law.
LAWSUITS ARE COMING 9 out of 10 people have no idea what companies do with the personal inforamtion the firms hold about them.
- When the State
Department's legal team realized what happened, it sent a second email from
another mobile device containing the government records. The second email was sent at 7:45 a.m., nearly
eight hours after the midnight deadline. “Counsel for State also contacted counsel for plaintiffs via
phone, explained what had occurred, and apologized for the error,” the department said. Screenshots
submitted to the federal court show that the lawyer received but apparently did not notice a
notification
that the email was “too large” to send. The delay is an embarrassing one for the State Department, which
has struggled under the weight of dozens of open-records lawsuits and thousands of document
requests.
- Big Data Is Immoral: Rogue Algorithms' and the Dark Side of Big Data
- IT'S JUST THE BEGINNING Largest DDoS attack ever delivered by botnet of hijacked IoT devices
- Senators say it is 'unacceptable' Yahoo user data was compromised for two years and only disclosed last week.
- Did Google's NHS patient data deal need ethical approval? A New Scientist investigation raises questions about the basis under which an NHS Trust is sharing patient data with Google's AI firm
- Google given access to healthcare data of up to 1.6 million patients Artificial intelligence firm DeepMind provided with patient information as part of agreement with Royal Free NHS trust
- Data Crisis: Who Owns Your Medical Records? NOT YOU!!!
- College student arrested for allegedly hacking system to change grades. It was for an IT Security class, I'd give them an A+.
- Criminal Kleptocracy: Under the Vienna Conventions the head of the state may have head-of-state immunity. With Kleptocrats Untouchable, America Goes Big on Another Strategy: Taking Their Stuff Instead.
- Hagens Berman's whistleblower practice
EFF Farewell From Shari Steele 3/30/15
https://www.eff.org/deeplinks/2015/03/farewell-shari-steele
Today is the start of my last week as an employee of the Electronic Frontier Foundation. I will be
leaving
after nearly 15 years as EFF's President and Executive Director, having started as a Staff Attorney back
in
1992. As I wrap up things here, I've been thinking a lot about where we've been and where we are now, and
I
thought it would be fun to share some of my reflections in a final blog post. EFF was founded in July of
1990 in response to a series of raids on small bulletin board systems (BBSs) that were believed to have
received a stolen electronic document. John Perry Barlow does a fantastic job of explaining that early
history, so I won't go into that here. But EFF is turning 25 this summer, so keep your eyes open for lots
of upcoming celebrations.
Brian Martin, a computer security professional who, under his handle "Jericho" is a founding member of Attrition.org, a popular computer security web site that has as its mission (he calls it a "crusade") "to expose industry frauds and inform the public about incorrect information in computer security articles."
Anonymous the Hero of the American People.
Jim Christy dod cyber crime response team.
Dr. Jean Camp will join the faculty of the Kennedy School of Government as Assistant Professor of Public Policy for Information Technology on November. She is currently a Senior Member of the Technical Staff at Sandia National Laboratories. She completed her Ph.D. in Engineering & Public Policy (EPP) at Carnegie Mellon University in August of 1996, where her work focused on electronic commerce. She has worked to develop policies in the areas of cryptography, speech, and computer crime with the Institute of Electrical and Electronics Engineers - United States Activities (IEEE-USA) and USACM since 1992 and 1996, respectively.
Title: U.S. Report Weighs Impact of E-Commerce
Source: New York Times (CyberTimes) 4/16/98
http://www.nytimes.com/library/tech/98/04/cyber/articles/16encrypt-side.html
Issue: Electronic Commerce
Description: Information technology is growing twice as fast as the overall economy according to a new
study
from the Department of Commerce. The study also finds: Internet traffic has doubled every 100 days;
Internet
commerce among business will likely surpass $300 billion by 2002; in just 4 years, the Internet has
surpassed 50 million users -- for radio it took 38 years, for TV 13 years; in 1994, 3 million people were
connected to the Internet -- by the end of 1997, 100 million were using it; inflation would have ben 3.1%
in
1997 without information technology (total inflation in '97 was 2%); and information technology
industry
workers earn an average of $46,000 compared to an average of $28,000 for the private sector overall. The
report recommends that governments stay out of the growing industry.