August 2012
I'm Going to Washington... (3 August 2012
State-Sponsored Banking Trojan? (9 August 2012

I'm Going to Washington...

3 August 2012

I'm delighted to announce that I'm going to Washington: I'll be succeeding Ed Felten as Chief Technologist of the Federal Trade Commission. I'll return to academe in a year.

The FTC has many roles; among them is making sure that companies keep their promises about security and privacy. These are areas I've been working on for many, many years.

I should note: I'll be posting a lot less to this blog over the coming year (not that I've been that prolific of late anyway); in particular, I won't post anything that comes even vaguely near the FTC's roles. If it appears here, it's a personal opinion (and I'll add a disclaimer anyway). Maybe I'll restrict my commenting to musings about the New York Mets; I don't think a manager or a player promising a win falls under FTC jurisdiction if they lose… (Hey — they took three out of four from the Giants, a first place team. Maybe they're waking up.)

State-Sponsored Banking Trojan?

9 August 2012

Kaspersky Lab reports discovering state-sponsored banking malware. Some news reports claim that "It is not believed that the hackers stole money from the bank accounts, but were primarily interested in tracking and monitoring payments." Maybe—but a few years ago, the NY Times reported that "In 2003, the Pentagon and American intelligence agencies made plans for a cyberattack to freeze billions of dollars in the bank accounts of Saddam Hussein and cripple his government's financial system before the United States invaded Iraq. He would have no money for war supplies. No money to pay troops."

We now know of Stuxnet, Flame, Duqu, and this one, Gauss. We haven't begun to scratch the surface of what can be done.

Tags: security