Skip to content Skip to navigation

Friday Cyber News, March 9 2018

Cyber technology-related news and links from around the web, for the week of 3/3 - 3/9:

1. The encryption debate is beginning to rope in banks, as FBI Director Wray points to financial-industry messaging tool Symphony as a key escrow model that allows law enforcement access to encrypted data, and the technology policy division of the Financial Services Roundtable (a group of 100 top US financial institutions) is pushing for a version of TLS 1.3--the fundamental internet security protocol--that would allow them to decrypt data traveling within their enterprise networks. Critics and security researchers argue there are ways for banks to retain this capability without weakening TLS, by re-architecting their networks, but banks may be unwilling to undertake such a large-scale infrastructure project. [; Cyberscoop]

2. American startup Grayshift, run by ex-US intelligence agency staffers and an ex-Apple engineer, wants to sell police a subscription to an iPhone unlocking tool called GrayKey: $15,000 for 300 unlocked devices, and $30,000 for unlimited unlocking. Cellebrite charges around $1,500 per device, and Apple has promised a bug bounty of up to $200,000 for revealing the tricks that Grayshift or Cellebrite use. The Indiana State Police have already bought a GrayKey subscription. [Forbes; Motherboard] 

3. It's been a year since the Shadow Brokers documents were released, and on that anniversary Kim Zetter highlights an overlooked corner of the trove: the evidence for tools the NSA uses to detect the presence of other nations' intelligence agencies operating on its compromised targets' machines. [The Intercept]

4. Cybersecurity due diligence is becoming an important step in M&A evaluations, particularly for deals where intellectual property provides a large proportion of the value of the acquisition. [WSJ]

5. Ahead of Cyber Command's conference on cyber operations in legal gray zones, some recent scholarship on directionality, proportionality, and sovereignty in relation to cyber attacks (both military and civilian-focused). [Lawfare] 

6.​ Sierra Leone used a private, permissioned blockchain to oversee and communicate the results of its national election. The technological back-end was invisible to voters, who used paper ballots; representatives of Agora, the company providing the blockchain, analyzed ballots and wrote each vote into the blockchain. [Coindesk]

7. Russian operative set up fake business directories on Facebook to trick American small-business owners into providing names, email addresses, and phone numbers that were ultimately used to organize and target influence operations online. [WSJ]

8. One factor supporting the growth of DDoS attacks is the increasing concentration in the DNS system since 2011 (domains are more frequently using only one DNS provider rather than a diverse assortment), and another factor is the memcached vulnerability (for which a 'killswitch' has been found that removes maliciously cached files) used in the 1.6 Tbps attack against Github last week, and in the newly record-breaking 1.7 Tbps DDoS attack described this week by Netscout. [HBS; Security Week; Arbor Networks]

9. In an updated John Henry-style contest between man and machine, human bricklayers handily outpaced an automated brick-laying robot, but a shortage of bricklayers nationwide and the robot's ability to work around the clock without stopping point to a future that's more Minecraft than manpower. Meanwhile, researchers have found that voice commands to Cortana can bypass Windows machines' locks, and that Alexa will sometimes spontaneously laugh at you. [NY Times; Motherboard; NY Times]

10. The Vatican is hosting a hackathon (VHacks!) to develop technical solutions to problems of social inclusion, interfaith dialogue, and assistance for migrants and refugees. (All things are possible to him that hacketh). [Wired]

Thanks for reading,

Stanford Cyber Initiative

(To suggest an item for this list, please email You can view news from past weeks, subscribe, and unsubscribe at