There appear to be two new legal theories being tested in the indictment of the GRU military officers charged with hacking the DNC/DCCC. First there are allegations that the use of hacked DNC email accounts amounts to aggravated identity theft. This is interesting because it’s a clear departure from what we normally think of in […]
Archive | July, 2018
It’s 10pm, do you know where your API keys are?
UncategorizedYesterday, the social media archival service Timehop announced that they had suffered a breach. The service allows users to look back through their social media feeds to see what was happening last year for instance. In order to facilitate this, Timehop stores API keys for users’ social media accounts. Timehop did a great job disabling […]
ICE Subpoenas Information About Infosec Researcher
UncategorizedYesterday, Zack Whittaker from ZDNet published a story about ICE attempting to gain information about a Twitter user who publishes information about data left exposed on the Internet. This is likely about export control regulations, but even if so, it is precedent setting. In this post, I share some thoughts on how this may change […]