Podcasts about wassenaar arrangement

Dr. Jim Lewis, the director of the Strategic Technologies Program at the Center for Strategic and International Studies, and Mark Montgomery, a retired US Navy rear admiral who is the senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies and Cyber Solarium 2.0 executive director, joins Defense & Aerospace Report Editor Vago Muradian to discuss the implications of the R1 Model by Chinese AI firm DeepSeek that sparked a market sell off on Wall Street; what makes it different from other AI models; how China used talent, technology and savvy thinking to compensate for technology restriction imposed on Beijing by Washington and its allies; why Chinese technology or military developments continue to surprise Western experts and what it says about US overconfidence; how better to control the flow of technology to China and whether there are lessons in the Cold War mechanisms like the Wassenaar Arrangement; whether President Trump's $500 billion “Stargate” public private AI partnership is the right approach to better compete against China and advance American capabilities; the impact of Elon Musk's drive to reorganize the US government at home and whether Trump's muscular international rhetoric; and how the “grand bargain” Trump seeks with China could include handing Taiwan to Beijing.

1.    Explaining the legal challenges faced by an organization during an investigation while pursuing cyber attackers. Framed my answer based on the following points: o   Authorization needed to gather evidence o   Identifying evidence o   Admissible evidence o   Evidence handling o   Maintaining chain of custody 2.    Explaining the working of the International Multilateral Partnership against Cyber Threats organization (IMPACT). How does IMPACT affect what we do in the US and abroad? 3.    How does the Wassenaar Arrangement affect information security? 4.     If an employee is found guilty of disclosing a company's confidential data. What national laws are applicable to him? What are the laws applicable to him if this is a case of cross-border disclosure of information? Do I think security awareness trainings would have helped in this case? --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/angel-joel-mejia/message Support this podcast: https://anchor.fm/angel-joel-mejia/support

It is said that China has been blocked by the Western world in the high-tech field. Among them, the largest blockade of China is undoubtedly by the United States on the other side of the Pacific.The Batumi organization, led by the United States and established in 1949, embargoed high technology on China basically throughout the entire Cold War period.It is very outrageous that the Batumi organization has set up a special organization and list to block China! Among them, the China Committee established in 1952 is the enforcement agency for the embargo imposed on China. It set up a special ban on Chinese trade, the number of banned projects is more than 500 types than those in the Soviet Union and Eastern European countries.From an objective assessment, the strength of the Batumi blockade against China even surpassed that of the Soviet Union, the main opponent of the Cold War.After the disintegration of the Soviet Union, the Cold War ended. The Batumi organization, which aimed to blockade the socialist camp in the name of the Cold War, lost its reason for existence and disintegrated in 1994.In 1996, the United States took the lead in establishing a new technology blockade organization against China, the "Wassenaar Arrangement."China Explained will show you that because of China's continued success in industrial upgrading, technological innovation and realizing its huge potential, it is an unstoppable process. The inevitable rise of China may feel intimidating and some simply reject it. Don't be. China's rise is part of the new global trend unlike what we have seen in the past one hundred years. Embrace the change and seize the opportunity.Creating original content is hard work, your support is what keeps me going. Please donate to this channel: paypal.me/ChinaExplained

The Wassenaar Arrangement was created to promote regional and international security and stability by adding export controls on conventional arms and dual-use goods and technologies. We discuss its functions with Ambassador Philipp Griffiths, Head of the Secretariat of The Wassenaar Arrangement. And as decisions by global leaders have the potential to leave us questioning legal dimensions, we discuss the role of a legal adviser with former Judge Advocate General of the Candian Armed Forces, Maj General (retired) Blaise Cathcart.

Nederland moet zich houden aan het Wassenaar Arrangement, dat zegt de Amerikaanse ambassadeur Pete Hoekstra in De Ochtendspits. De VS wil niet dat de Nederlandse Chipmachinemaker ASML machines aan China gaat leveren, toch weigert Hoekstra te zeggen dat er druk wordt uitgeoefend. Hij spreekt liever van een vriendschappelijke discussie. 'This is not a pressure campaign, this is a discussion among friends', zegt Hoekstra.

Should software be regulated like a military weapon? That's the direction in which most Western nations seem to be moving, under the guidance of the international Wassenaar Arrangement governing international export controls. During its 2013 plenary session, the Wassenaar member nations agreed to implement export controls for (1) software, hardware, and technology that generate, operate, deliver or communicate with "intrusion software"; and (2) "carrier class" IP network communications surveillance items. The purpose of these controls was to protect activists and opposition figures from monitoring by authoritarian governments and to keep software and technology out of the hands of malicious hackers.But the agreed-to controls control not only malicious "intrusion" software items, but virtually any type of software, hardware, and technology designed to counter "intrusion" software. The controls have also been ineffective in actually reaching their intended targets—barring specific companies from exporting specific tools to specific end-users for specific purposes—and international implementation has been widely divergent. Featuring:- Alan Cohn, Counsel, Steptoe & Johnson LLP- Stewart Baker, Partner, Steptoe & Johnson LLP- [Moderator] Matthew Heiman, Vice President, Corporate Secretary & Associate General Counsel, Johnson ControlsVisit our website – https://RegProject.org – to learn more, view all of our content, and connect with us on social media.

Should software be regulated like a military weapon? That's the direction in which most Western nations seem to be moving, under the guidance of the international Wassenaar Arrangement governing international export controls. During its 2013 plenary session, the Wassenaar member nations agreed to implement export controls for (1) software, hardware, and technology that generate, operate, deliver or communicate with "intrusion software"; and (2) "carrier class" IP network communications surveillance items. The purpose of these controls was to protect activists and opposition figures from monitoring by authoritarian governments and to keep software and technology out of the hands of malicious hackers.But the agreed-to controls control not only malicious "intrusion" software items, but virtually any type of software, hardware, and technology designed to counter "intrusion" software. The controls have also been ineffective in actually reaching their intended targets—barring specific companies from exporting specific tools to specific end-users for specific purposes—and international implementation has been widely divergent. Featuring:- Alan Cohn, Counsel, Steptoe & Johnson LLP- Stewart Baker, Partner, Steptoe & Johnson LLP- [Moderator] Matthew Heiman, Vice President, Corporate Secretary & Associate General Counsel, Johnson ControlsVisit our website – https://RegProject.org – to learn more, view all of our content, and connect with us on social media.

In questa puntata Filippo ci porta in un viaggio alla scoperta del "Wassenaar Arrangement", e delle implicazioni sul software di sorveglianza e - di riflesso - sulla sicurezza informatica.

In our 144th episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Maury Shenk, Meredith Rathbone, and Jennifer Quinn-Barabanov discuss: European Court of Justice decision that further limits data retention; Russian sanctions and the FBI/DHS Joint Analysis Report; The Vermont Yankee hacking flap; Listing of Russian Federal Security Service (FSB) has raised significant issues for US companies that get encryption import approvals from FSB; Wassenaar Arrangement effort to control exports of "intrusion software"; Class action fairness advocacy organization is challenging the Google settlement. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

In our ninety-seventh episode of the Steptoe Cyberlaw Podcast, Stewart Baker, Alan Cohn, Maury Shenk, and Meredith Rathbone discuss: Tech and Terror: Twitter’s liability for terrorist group activity; Apple lashes out on encryption debate; cyber may result in a redo for the Wassenaar Arrangement; European Court of Human Rights brings good news for corporate security programs; FTC fines dental software firm over encryption claims; first EU-wide cybersecurity rules backed by Internal Market Committee; NSA’s report on 215 implementation; Yahoo’s settlement of an email surveillance suit; and ODNI is hacked by same teen who hacked CIA director. In our second half Jim Lewis, CSIS, joins our interview with John Lynch, head of the Justice Department’s computer crime section. The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Licensed to Pwn: The Weaponization and Regulation of Security Research Jim Denaro Dave Aitel Matt Blaze Nate Cardozo Mara Tam Catherine “Randy” Wheeler Security research is under attack. Updates to the Wassenaar Arrangement in 2013 established among its 41 member nations an agreement to place a variety of previously undesignated “cybersecurity items” under export control. After 18 months and a half-dozen open advisory meetings, the U.S. has taken the entire security research community by surprise with its proposed rule; we are confronted by a sweeping implementation with profound consequences for academia, independent research, commercial cybersecurity, human rights, and national security. While the outcome of this round of regulatory intervention is still uncertain, the fact that there will be more is not. This panel of experts will discuss the context, history, and general process of regulation, as well the related question of “weaponized” research in regulatory discourse. There is significant daylight between the relatively lax text of the Wassenaar Arrangement itself and the extraordinarily broad implementation proposed in the U.S. What will the practical effects of those differences be, and why did the U.S. diverge from the Wassenaar text? Regulators are, even now, still struggling to comprehend what the consequences of this new “cyber rule” might be. So, how are we to understand this regulatory process? What are its objectives? Its impacts? Its limits? How can we influence its outcomes? Eleventh-hour interventions are quickly becoming a hallmark of regulatory activities with implications for the wider world of information security; the fight here is almost exclusively a rearguard action. Without resorting to the usual polemics, what failures of analysis and advice are contributing to these missteps – on both sides? What interests might encourage them? How are security researchers being caught so off-balance? Come victory or despair in the present case, this panel aims to answer the question of whether there is a solution that prevents technology transfer to hostile nations while still enabling free markets, freedom of expression, and freedom of research. Dave Aitel (@daveaitel) is an offensive security expert whose company, Immunity, Inc., consults for major financial institutions, Fortune/Global 500s, etc. At the age of 18, he was recruited by the National Security Agency where he served six years as a “security scientist” at the agency’s headquarters at Fort Meade, Maryland. He then served as a security consultant for @stake before founding Immunity in 2002. Today, Dave’s firm is hired by major companies to try to hack their computer networks - in order to find and fix vulnerabilities that criminal hackers, organized crime and nation-state adversaries could use. Immunity is also a past contractor on DARPA’s cyber weapons project, known as Cyber Fast Track. The company is well-known for developing several advanced hacking tools used by the security industry, such as Swarm, Canvas, Silica, Stalker, Accomplice, Spike, Spike Proxy, Unmask - and, most recently Innuendo, the first US-made nation-grade cyber implant with Flame/Stuxnet-like malware capabilities. Immunity has offices in Florida, D.C., Canada, Italy and Argentina. eWeek Magazine named Dave one of “The 15 Most Influential People in Security.” He is a past keynote speaker at BlackHat and DEF CON. He is a co-author of “The Hacker’s Handbook,” The Shellcoder’s Handbook” and “Beginning Python.” He is also the founder of the prestigious Infiltrate offensive security conference (Businessweek article) and the widely read “Daily Dave Mailing List,” which covers the latest cybersecurity news, research and exploit developments. Twitter: @daveaitel Matt Blaze (@mattblaze) is a professor in the computer science department at the University of Pennsylvania. From 1992 until he joined Penn in 2004, he was a research scientist at AT&T Bell Laboratories. His research focuses on the architecture and design of secure systems based on cryptographic techniques, analysis of secure systems against practical attack models, and on finding new cryptographic primitives and techniques. In 1994, he discovered a serious flaw in the US Government's "Clipper" encryption system, which had been proposed as a mechanism for the public to encrypt their data in a way that would still allow access by law enforcement. He has testified before various committees of the US Congress and European Parliament several times, providing technical perspective on the problems surrounding law enforcement and intelligence access to communications traffic and computer data. He is especially interested in the use of encryption to protect insecure systems such as the Internet. Recently, he has applied cryptologic techniques to other areas, including the analysis of physical security systems; this work yielded a powerful and practical attack against virtually all commonly used master-keyed mechanical locks. Twitter: @mattblaze Nate Cardozo (@ncardozo) is a Staff Attorney with the Electronic Frontier Foundation. He focuses on the intersection of technology, privacy, and free expression. He has defended the rights of anonymous bloggers, sued the United States government for access to improperly classified documents, and lobbied Congress for sensible reform of American surveillance laws. In addition, he works on EFF's Coders’ Rights Project, counseling hackers, academics, and security professionals at all stages of their research. Additionally, Nate manages EFF’s Who Has Your Back? report, which evaluates service providers' protection of user data. Nate has projects involving automotive privacy, speech in schools, government transparency, hardware hacking rights, anonymous speech, public records litigation, and resisting the expansion of the surveillance state. Nate has a B.A. in Anthropology and Politics from the University of California, Santa Cruz and a J.D. from the University of California, Hastings where he has taught legal writing and moot court. Twitter: @ncardozo Jim Denaro (@CipherLaw; moderator) is the founder of CipherLaw, a Washington, D.C.-based intellectual property law firm and focuses his practice on legal and technical issues faced by innovators in information security. He is a frequent speaker and writer on the subject and works in a wide range of technologies, including cryptography, intrusion detection, botnet investigation, and incident response. Jim advises clients on legal issues of particular concern to the information security community, including active defense technologies, government-mandated access (backdoors), export control, exploit development and sales, bug bounty programs, and confidential vulnerability disclosure (Disclosure as a Service). He has a degree in computer engineering and has completed various professional and technical certifications in information security and is engaged in graduate studies in national security at Georgetown University. Before becoming an attorney, Jim spent obscene amounts of time looking at PPC assembly in MacsBug. Twitter: @CipherLaw Mara Tam (@marasawr) is a semi-feral researcher and historian of policy, justice, culture, and security. She has authored, co-authored, and contributed research for technical policy papers in the fields of international security and arms control. After earning a first class degree in art history, Mara’s work supported bilateral negotiations towards peaceful nuclear cooperation between the United States and India. She has been a participant, speaker, and panellist for academic conferences in cultural studies, languages, and history, as well as for strategic programmes like ‘The Intangibles of Security’ initiative convened by NATO and the European Science Foundation. She is currently a doctoral candidate and freelance thinkfluencer. Twitter: @marasawr Catherine “Randy” Wheeler has served as the Director of the Information Technology Controls Division in the Bureau of Industry and Security’s (BIS) Office of National Security and Technology Transfer Controls since June 2006. From July 2011 – July 2012, Ms. Wheeler was detailed to serve as the Acting Chair of the Operating Committee in the Office of the Assistant Secretary for Export Administration, the interagency body that resolves disagreements among reviewing agencies on export license applications. From 1995 through May 2006, Ms. Wheeler was an attorney with the Office of the Chief Counsel for Industry and Security, and served as Senior Counsel for Regulation from 2003 through 2005, advising BIS on regulatory and licensing issues. She previously served as a policy analyst with the Bureau of Export Administration’s Office of Foreign Availability from 1984-1991, and as a policy analyst with the National Telecommunications and Information Administration’s Office of International Affairs from 1981-1983. Ms. Wheeler received a B.A.in International Relations from Carleton College in 1979, an M.S. in Foreign Service from Georgetown University in 1981, and a J.D. from the Georgetown University Law Center in 1993.

Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Collin-Anderson-Tom-Cross-Export-Controls-on-Intrusion-Software.pdf Do Export Controls on “Intrusion Software” Threaten Vulnerability Research? Tom Cross aka Decius CTO, Drawbridge Networks Collin Anderson Independent Researcher At the end of 2013, an international export control regime known as the Wassenaar Arrangement was updated to include controls on technology related to “Intrusion Software" and “IP Network Surveillance Systems." Earlier this year, the US Government announced a draft interpretation of these new controls, which has kicked off a firestorm of controversy within the information security community. Questions abound regarding what the exact scope of the proposed rules is, and what impact the rules might have on security researchers. Is it now illegal to share exploit code across borders, or to disclose a vulnerability to a software vendor in another country? Can export controls really keep surveillance technology developed in the west out of the hands of repressive regimes? This presentation will provide a deep dive on the text of the new controls and discuss what they are meant to cover, how the US Government has indicated that it may interpret them, and what those interpretations potentially mean for computer security researchers, and for the Internet as a whole. Tom Cross is the CTO of Drawbridge Networks. He is credited with discovering a number of critical security vulnerabilities in enterprise class software and has written papers on collateral damage in cyber conflict, vulnerability disclosure ethics, security issues in internet routers, encrypting open wireless networks, and protecting Wikipedia from vandalism. Tom was previously Director of Security Research at Lancope, and Manager of the IBM Internet Security Systems X-Force Advanced Research team. He has spoken at numerous security conferences, including DEF CON, Blackhat Briefings, CyCon, HOPE, Source Boston, FIRST, and Security B-Sides. Twitter: @_decius_ Collin Anderson is a Washington D.C.-based researcher focused on measurement and control of the Internet, including network ownership and access restrictions, with an emphasis on countries that restrict the free flow of information. Through open research and cross-organizational collaboration, these efforts have included monitoring the international sale of surveillance equipment, identifying consumer harm in disputes between core network operators, exploring alternative means of communications that bypass normal channels of control, and applying big data to shed new light on increasingly sophisticated restrictions by repressive governments. These involvements extend into the role of public policy toward promoting online expression and accountability, including regulation of the sale of surveillance technologies and reduction of online barriers to the public of countries under sanctions restrictions. Twitter: @cda

Katie Moussouris, chief policy officer for HackerOne, joins New America's Peter Singer and Passcode's Sara Sorcher to talk about bug bounty programs and how to incentivize hackers to help the private sector solve cybersecurity problems. They also chat about controversial proposed changes to the Wassenaar Arrangement, an arms export agreement, which have incensed major cybersecurity companies, researchers, and digital rights groups. Siobhan Gorman from global communications consultancy company Brunswick Group joins the panel discussion about how cyberattacks could hurt businesses' reputations, the "golden rule" for companies to disclose when they've been breached, and how government agencies might improve their cybersecurity in the wake of the Office of Personnel Management breach. This podcast is sponsored by Arizona State University.

Co-Host: Chris Hangartner News of the Bogus: 0:40 – After Five Years, Dodd-Frank Is a Failure http://www.wsj.com/articles/after-five-years-dodd-frank-is-a-failure-1437342607 11:46 – Experian Hit With Class Action Over ID Theft Service — Krebs on Security http://krebsonsecurity.com/2015/07/experian-hit-with-class-action-over-id-theft-service/ 19:45 – Researcher Receives Copyright Threat After Exposing Security Hole https://torrentfreak.com/researcher-receives-copyright-threat-after-exposing-security-hole-150715/ 27:50 – Errata Security: My BIS/Wassenaar comment http://blog.erratasec.com/2015/07/my-biswassenaar-comment.html Wassenaar Arrangement https://en.wikipedia.org/wiki/Wassenaar_Arrangement […]