“This Is How They Tell Me the World Ends”
Our interview this week is with Nicole Perlroth, the New York Times reporter and author of This Is How They Tell Me the World Ends: The Cyberweapons Arms Race. It’s a wide-ranging, occasionally confrontational, interview and a great tour of the issues raised in the book about 0-day exploits, US responsibility for the global cyber arms race, and the colorful personalities whose hard choices helped shape the cybersecurity environment we all now live in.
In the news roundup, Nate Jones serves up a second helping of the SuperMicro story, a rerun of a much-maligned Bloomberg report from two years ago, claiming that SuperMicro gear had been elaborately compromised by China. This time, Nate reports, Bloomberg offers much more evidence, but probably not enough to completely satisfy the critics. Still, as we conclude, even giving the critics their due, this is a very bad story for SuperMicro – and for its customers.
It seemed like a classic cybersecurity horror story, with hackers using access to the industrial control system to nearly poison Oldsmar’s water supply. But Nate and I both suspect that it will turn out to be a much more mundane horror tale, one where the call is always coming from inside the house – and untraceable because all the employees use the same password and no firewall.
Paying for news links is suddenly all the rage among Western governments. I’d link to the Australian stories about their new law, but I’m afraid they’d want me to pay them. Mark MacCarthy says that risk is overrated, but the prospects for such payment schemes are pretty good. Not just Australia, but also the EU are moving in this direction. And Microsoft has expressed its willingness to let Google pay such a fee in the U.S.
I suggest that this is all part of restoring an Establishment of “authoritative narrative shapers,” for the internet age, noting that the critical question will be which publishers can attach themselves firmly to the flow of internet funding – a question already causing angst among French publishers.
Paul Rosenzweig summarizes the work done by a lot of smart people on the question of how to think about Chinese technology platforms operating in the United States. He also summarizes the current state of litigation over Chinese technology platforms operating in the United States. In a word, it’s mostly on hold, waiting for the Biden administration to run a laborious interagency review.
Nate says the process has already begun for a related topic – how to secure the US tech supply chain, particularly manufacturing semiconductor.
Meanwhile, the First Circuit has taken on the question of border searches of mobile phones, ru
Article from Latest – Reason.com