NEWS FROM THE LAB - Thursday, January 8, 2015

One Definitive Prediction For 2015 Posted by Sean @ 18:51 GMT

As Carl Sagan used to say, extraordinary claims require extraordinary evidence. And recently, the public has been asked to believe one particularly extraordinary claim: that North Korea attacked Sony Pictures Entertainment and destroyed an incredible amount of its data. Thus far, there hasn't yet been any extraordinary evidence offered.

Much of the "evidence" that has been offered has mainly come from anonymous senior US officials most of whom are reportedly not actively involved in the FBI's investigation.

And the FBI itself? Well, Director James Comey's position can be summed up rather simply as… trust us. But many in the information security industry don't trust Comey's position, an attitude that he has reportedly attributed to "post-Snowden mistrust". He apparently fails to realize that in many circles mistrusting US government conclusions long pre-dates Edward Snowden.

Whomever hacked Sony Pictures Entertainment may never be known. But no matter, whomever is responsible, what's especially enlightening about this case is the US government's "trust us" stance. It demonstrates a continued lack of respect for the intelligence of US citizens and other people around the world.

Trust is an act of faith. But trust in government shouldn't require a leap of faith. Trust in extraordinary claims in the face of murky and what appears to be contradictory information… is simply a leap too far. And so, the Obama administration's rush to judge North Korea despite the lack of any real evidence brings us to our unfortunate prediction for 2015.

Prediction: Section 215 and Section 206 of the USA PATRIOT Act and Section 6001 of the Intelligence Reform and Terrorism Prevention Act will be reauthorized before their June 1, 2015 expiration date.

Post-Snowden, it appeared as though the controversial provisions might lack the political support needed to avoid sunset. But now, we are confident that Washington D.C. will act to protect itself from "nation state cyber-terrorism" and will renew them after all.

Don't expect reform in 2015. The violation of your digital freedom will continue. Within 144 days from now. Mark your calendars.


P.S. Bonus speculation!

You can track "cyber" related legislation at congress.gov. Keep an eye out for new Clipper chips and/or other backdoor mandates.