Overnight Cybersecurity: Apple, FBI not backing down

Overnight Cybersecurity: Apple, FBI not backing down
© Getty Images

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you...


--THE BATTLE RAGES ON: The debate over whether Apple should be forced to help authorities break into the iPhone of one of the San Bernardino shooters is heating up, with Apple on Monday calling on the government to withdraw its court order. The tech giant says the government should instead form a commission to study the problem of encryption, an apparent reference to a long-awaited measure from House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark WarnerMark Robert WarnerNSA spying program overcomes key Senate hurdle Dem lawmaker wants briefing on major chip vulnerabilities Week ahead: Tech giants to testify on extremist content MORE (D-Va.). "Apple would gladly participate in such an effort," the company wrote in an open Q&A posted on its site. The proposal would establish a national commission to figure out how police can get at encrypted data without endangering Americans' privacy. On the other side of the debate, FBI director James Comey over the weekend defended the agency's position, arguing that, "We don't want to break anyone's encryption or set a master key loose on the land." Apple picked up another powerful supporter on Monday: Facebook CEO Mark Zuckerberg told a high-profile tech conference, "We're sympathetic with Apple. We believe in encryption, we think that that's an important tool." To read about Apple's call for a commission, click here. To read about the FBI director's comments, click here. To read about Zuckerberg's comments, click here.

--MIC DROP: It all happened so quickly. Just hours after the House Oversight Committee said the Office of Personnel Management's top technology official, Donna Seymour, would be testifying on Wednesday, Seymour resigned. Oversight Chairman Jason ChaffetzJason ChaffetzHouse Oversight slams TSA after report says officials 'interfered' in disciplinary case Gowdy steps down from Ethics Committee, citing 'challenging workload' Criminal referrals by members of Congress raise procedural questions MORE (R-Utah) has been pounding the drum for Seymour's firing for months and the hearing would not have been a cordial affair for Seymour. "Leaving OPM at this time was a very tough decision for me, but I feel it is in the agency's best interest that my presence does not distract from the great work this team does every single day for this agency and the American people," Seymour wrote in an email to her OPM colleagues. Chaffetz has been leading the charge to oust Seymour since last June. On at least five occasions, he called for Seymour's axing in letters to the OPM and White House. The Oversight panel canceled its hearing after Seymour's decision. "While I am disappointed Ms. Seymour will no longer appear before our committee this week to answer to the American people, her retirement is necessary and long overdue," Chaffetz said. Not everyone was so happy about Seymour's move. Rep. Elijah Cummings (D-Md.), the Oversight committee's ranking member, blasted Republicans for scapegoating Seymour in the wake of the data breach. "During the Oversight committee's work over the past year, we have heard from numerous experts inside and outside the agency who have commended Ms. Seymour for her professionalism, her competence, and her aggressive response to the OPM data breach," he said. To read our full piece, click here. To read about the now-cancelled hearing, click here.



--SAVE IT FOR A RAINY DAY. In its 2017 budget proposal, the Treasury Department is seeking "a central cashbox to draw from for security fixes that could lessen the blow of anticipated hack attacks," NextGov writes.

The agency wants to create a Cybersecurity Enhancement Account, according to department officials.

Good idea? Bad idea? Read on, here.



--INFOGRAPHICS AREN'T NEW. The Internet Archives has put up the Scientific American Reference book from 1913, which includes some amusingly dated infographics such as, "Jaw Leverage Required For Various Meats."

Slate has gone through and pulled out some of the more interesting ones.

Check it out, here.



--SOUNDS COMPLICATED. The encryption battle has largely been portrayed as a dispute between government and the technology industry, but in fact, at least five government agencies are developing encryption tools, The Wall Street Journal reports.

Those tools are intended to help military officers or pro-democracy activists avoid detection overseas.

Even the development of Tor, which allows users to connect to the Internet anonymously, was federally funded.

Read on, here.



--THE AMERICAN PUBLIC. There's a new issue that divides the nation -- the Apple-FBI standoff.

Two recent surveys found that the American population is largely split over whether Apple should comply with a court order to unlock an iPhone used by one of the San Bernardino shooters. Roughly half of Americans believe Apple should help authorities bypass a security feature to get at the phone's data.

But significant portions of those surveyed were also wary about the FBI forcing Apple to unlock their personal phones. They also showed high levels of distrust about the government's ability to responsibly handle their data.

The split likely reflects the complicated and novel nature of the standoff.

"We are heading into a time of enormous conflict spurred by how technology is reshaping our culture and laws," said Tom Galvin, a partner at Vrge Strategies, which conducted one of the surveys.

SurveyMonkey was behind the second poll. Both firms conducted their studies on Thursday and Friday of last week.

Read on, here.




--The Atlantic Council will host a discussion on the cybersecurity of medical devices at 4:00 p.m.

--The Bipartisan Policy Center will hold an event at 12 p.m. on solutions to the "going dark" phenomenon. House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark Warner (D-Va.) will offer more details about a their upcoming bill that would establish a national commission to figure out how police can get at encrypted data without endangering Americans' privacy.

--The Council on Foreign Relations (CFR) will hold an event at 6 p.m. to discuss the new book, "The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age," by Adam Segal, a Chinese cyber policy expert and senior fellow at CFR.


--The House Homeland Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies will hold a hearing at 2 p.m. on emerging cyber threats from China, Russia, North Korea and Iran.



Links from our blog, The Hill, and around the Web.

Apple and the Justice Department don't even agree on the basic technical issues in the case over Syed Farook's iPhone. (The Wall Street Journal)

The technology considerations are straightforward and shine a light on the policy questions, security blogger Bruce Schneier writers.

Linux Mint forum users and anyone who downloaded and installed a copy of the 17.3 Cinnamon edition on Saturday have probably been compromised by hackers. (Ars Technica)

China has issued broad new rules for online publishing that formalize the government's already strict control of the Internet. (The Wall Street Journal)

Utah State computer systems are experiencing up to 300 million hacking attempts per day due to the National Security Agency's data center in the state. (The Hacker News)

If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A