Slashdot Mirror

The US has never asked anyone to arrest him with the intention of extraditing him. We have nothing we can extradite him for. ... There is literally nothing we can extradite him for. He did not violate any US law that he is subject to.

Not entirely true. Assange has, in fact, been offically charged with aiding Manning in cracking passwords on classified government computers, not simply publishing the documents provided to wikileaks. Assuming the facts as presented by the prosecutor are correct, this hacking is the sort of crime which can be laid against anyone, regardless of nationality.

You wouldn't like people who used fan fiction paid for by your political opponent as the basis for turning the entire US intelligence gathering powers against you either.

Because that's what the fantasy-based ("uncorroborated" and "unconfirmed") Steele dossier is - Hillary-paid-for fan fiction.

And the FBI used it as the basis of at least four FISA warrants, and deliberately used it to brief Trump so they could then leak it to the press.

Much of the Steele Dossier has been proven true by subsequent investigation. None of it has been proven false, AFAIK.

The basis of the complaint seems to be:

HSBC is obligated to follow US sanctions policy. If it facilitates transactions with Iran, it's subject to fines and prosecution. It is also obligated to perform a certain amount of due diligence with its clients to ensure that it does not violate US law.

Huawei does business with Iran through Skycom.

When HSBC asked Huawei about the ownership and control of Skycom, Meng Wanzhou characterized Skycom as an independent company-- when in fact, it was a subsidiary. This can be characterized as bank fraud. It might well have exposed HSBC to serious criminal liability.

First of all, according to the affidavit described at Meng’s Vancouver bail hearing, Meng is being charged with bank fraud, rather than violating U.S. sanctions on Iran. It is likely that Meng will be charged by the U.S. with violating the bank fraud statute, 18 U.S.C. 1344, which criminalizes any attempt “to defraud a financial institution,” or obtain funds from a “financial institution, by means of false or fraudulent pretenses, representations, or promises.” According to reports describing the U.S. affidavit, Meng is alleged to have personally made a presentation to HSBC claiming that a company doing business with Iran was not controlled by Huawei in violation of U.S. sanctions. If Meng knowingly misled HSBC in order to get some financial benefit or support, this would likely violate the statute—a breach that carries a possible 30-year jail sentence or $1 million fine.

The Detention of Huawei’s CFO is Legally Justified. Why Doesn’t the U.S. Say So?

Sure you can. Last time I checked, 2/3 branches of the federal government are not a part of the president's administration.

Someone needs to explain that to Trump, then, because he seems to have no concept of what the Constitutional scope of his powers actually are.

The reality is, the DOJ etc are independent of the Executive branch, no matter what Trump the Idiot thinks.

Unfortunately, Trump seems to think he's been given unlimited powers over all aspects of government.

Wow that summary is a giant load of crap. Doesn't even indicate what the bill is about.

The Cloud act is about establishing a process which approved foreign governments may follow when requesting information about non-US persons (neither citizen nor resident) from US companies. For example, if there were a bombing in the UK, by a UK citizen, and the the UK police wanted to get the perpetrator's Apple Maps history, they could follow this process to request that data from Apple, a US company storing the data in the US.

To be eligible, the foreign government law must "afford robust substantive and procedural protections for privacy and civil liberties", as agreed to by both the Attorney General, and the Secretary of State, with Congress able to overrule approvals.

Requests must be based on "articulable and credible facts" and subject to "review or oversight by a court, judge, or magistrate or other independent authority".

Any information revealed about US persons may not be shared with the US government.

That's the general gist of the bill. You can read it for further details. You'll likely find some good and some bad in it.

Here's one opinion piece about it:
https://www.lawfareblog.com/wh...

Just signed 702 Bill to authorize foreign intelligence collection," Trump tweeted. "This is NOT the same FISA law that was so wrongly abused during the election.

Are people really dumb enough to believe this? It’s just as bad as it ever was and still allows warrantless surveillance with pretty much non-existent oversight.

Of course it isn't the same. It may be not quite as bad, though according to this summary... But if you are against warrant-less intelligence collection in general, well, it's nothing new in that area, so from that point of view, it is basically the same.

Judge James A. Wynn Jr. was nominated by Clinton and renominated by Obama. He has been the democrat's 4th Circuit court go-to for political activism since 2011 and he personally has been accused of playing politics in law since 2001.

Please take into consideration that I am a politically independent academic researcher. If anything I should be pro democrat, but critical thinking comes first.

https://en.wikipedia.org/wiki/....
http://www.ncpolicywatch.com/2...
http://www.baltimoresun.com/ne...
https://www.nccivitas.org/2016...
http://www.charlotteobserver.c...
http://www.nationalreview.com/...
http://www.nytimes.com/2001/05...
http://womblencappellate.blogs...
https://www.washingtonpost.com...
https://www.lawfareblog.com/ju...

When the democratic party wants something political done by the judicial branch. His name and opinions come up. He puts aside the law in favor of party. Lawyers and jurisprudence experts have been talking about it for a long time. This is merely the most recent and high-profile. Either he feels emboldened to ignore his duty (Why did he not go after the equally Gerrymandered democratic states while citing the equal protections clause?) or feels that he is at risk of being replaced.

It DOES matter. A hacked phone allows the hacker to access everything in the phone, like the camera, the microphone, the GPS. Trump is known to be using an out of date, hackable phone for his Twitter nonesense. Nevermind that Twitter-time should be over... you won, damn-it, now get on with doing the job instead of bitching about Hillary, who likely has already gotten rip-roaring drunk, yelled, screamed, ranted, fallen down, puked all over Bill and herself, slept it off for about a week, and moved on. Trump's still chasing invisible enemies with his Tweet phone. He needs to get down to the incredibly boring, tedious business of keeping the machinery of the country running smoothly and reliably. Instead, he's Tweeting on an old Android phone like he's still running for office, signing orders as vague as campaign slogans, and people charged with getting the job done don't know what the fuck. And all the time, Putin's listening and watching through his unsecure Tweet phone? Four years of this shit! Pray to Christ he doesn't start a war just so he can blame someone and throw all the mean people calling him names into camps!

The IT people are the one who understand the issues and can put things in place.

The C-suites must give the IT people the budget and the power - including telling C-suites that they cannot run their favourite games on corporate equipment.

In the event of a problem the C-suites must be the ones who are blamed, even if the IT people screw up (as they should have checked what they were being told by IT). This is the only way that there is a hope in hell that we might get close to getting this nailed.

This is one thing that Trump appears to be getting right. The latest draft of his Cyber security Executive Order puts the chief exec's butt on the line [ S1 (c) (i) ]. Let us hope that this is what he orders.

What happens if he doesn't adhere to the above? I get the feeling we're about to find out.

It's already become clear that the White House explicitly overrode a DHS determination that contended the ban didn't apply to Green Card holders and other valid, vetted residents. The ACLU is reporting that some officials are not abiding by a number of stay order issued at courts in at least three locations.

As a legal instrument, at least one scholar sees these particular orders as so incredibly flawed that they won't stand up to a sustained legal attack by the ACLU, CAIR and others.

Most worrying though are the reports circulating that the drafting process bypassed the normal interdepartmental and legal review stages, and that DHS was only briefed on the content of the Executive Orders as they were being signed. This doesn't sound like an administration that's particularly worried about adhering to the letter of the law, or bringing a lot of people into the conversation. Not sure how that will stand up over time. Politics is often petty and vengeful, and the White House is already leaking like a sieve. It might be that their incompetence is what does them in. It may be that their unwillingness to share power will do it.

My personal feeling is that neither one will stop them. I think people severely underestimate the lengths that this administration will go to to see this through. When Donald Trump promised the people of America that he would never back down, that he would do everything to advance the cause... I think he was speaking literally. When Steve Bannon says that we're at war with Islam, I think he believes it fervently. When Flynn and others portray their work as an existential fight, I think they're sincere in that.

Left-leaning people and other opponents have mobilised quickly, but they're expecting the administration to react the way they would react. They think that public shaming, legal action and political activism will drive Donald Trump's administration back. I fear they're wrong. They will be seen as traitors and subversives, and they'll be treated accordingly, through formal and informal means. They don't realise that their resistance will ultimately have to be physical. They should be reading up on their Thoreau right about now....

This has a pretty good case for Manning: https://lawfareblog.com/obama-...

Nope.
Still not a treaty.

https://www.lawfareblog.com/pa...

A close read of the Paris Agreement demonstrates that the U.S. delegation was entirely successful in navigating the line delineating the President’s legitimate exercise of his existing authority. If anything, the American negotiators were excessively conservative, in insisting on hortatory language when legally binding obligations were arguably entirely appropriate.

The President’s authority to enter into internationally legally binding agreements without Congressional participation or Senate advice and consent dates to the earliest years of the Republic. More than 90% of binding international agreements governed by international law are concluded by the United States without Senate advice and consent, known as “executive agreements.” As the President must act consistently with the Constitution and laws of the United States, every executive agreement must find legal support in the form of one or more of the following: (1) Congressional legislation; (2) an article II, section 2 treaty; or (3) the President’s own Constitutional powers. A process for determining the legal basis for an anticipated international agreement, known as “Circular 175,” has been in place since 1955 and applied by every Republican and Democratic President since.

Many of the binding obligations in the Paris Agreement are procedural in nature, involving reporting of emissions, progress in implementation, accounting for emissions, and the like. Exchanging information with other states is a Constitutional power of the President as Chief Executive and the U.S.’s top diplomat, the “sole organ” of the Nation in dealing with foreign governments. Even in the absence of express statutory or treaty authority, the President may engage in information exchange and cooperation with foreign government in the environmental field, as demonstrated by a 1980 executive agreement with Canada on acid rain.

Moreover, the 1992 Framework Convention, an article II, section 2 treaty expressly referenced in the Paris Agreement, specifically articulates an extensive range of procedural obligations, including emissions reporting, exchange of information, technology transfer, and cooperation in implementation. The Framework Convention also lays a legal foundation for substantive matters addressed in a binding mode in the Paris Agreement, most notably financial support for developing countries’ programs of mitigation (emissions reductions) and adaptation. Domestic statutory authority, such as the Clean Air, further buttresses the U.S.’s capacity to implement these commitments. Consequently, the individual obligations in the Paris Agreement find legal support in one, two, or all three of the requisite domestic sources.

If anything, U.S. negotiators overcompensated on the side of caution in the negotiation of the Paris Agreement, even to the title of the instrument. The Convention specifically addresses the relationship between that instrument and ancillary protocols. But as long ago as 2009 governments had widely understood that the new agreement could not be called a “protocol” without complicating U.S. participation after the highly charged domestic debate over the earlier Kyoto Protocol. More to the point, the many undertakings employing the hortatory “should” can be examined one by one to determine whether they might have been supported by U.S. domestic law. This preference for a non-binding mode is part of a pattern in negotiations undertaken by the Obama Administration, which has the effect of avoiding the creation of internationally legally binding obligations altogether.

Read:

http://observer.com/2016/08/ns...

https://www.lawfareblog.com/ve...

1. "The government actually had this capability all along; they just wanted the precedent."

No...just, no. Facts not in evidence. Also makes no sense, because if "the government" had the capability, and was able to use it in secret, the whole discussion is moot.

2. "But they need the precedent so they can force companies to weaken/break products that they really can't break in the future."

Again, no. As I can't guarantee the sun won't explode tomorrow, I similarly can't "guarantee" anything with regard to precedent, but it does not follow at all that any government victory in this narrow case somehow translates into the government being able to "force" vendors to do any such thing.

3. "The government was afraid it was going to lose, so it had to slink back into the corner with its tail between its legs."

No. If the government did lose on this specific case, it would change nothing, because the phone would still be locked, and the questions still need to be answered.

4. Further, you couldn't really ask for a better case to use if all they were really going for was "precedent": an older, breakable phone made by a US company, used in an international terrorist attack on US soil, owned by a US county government agency, which has given full permission to search the device. So it's not like "the government" is now going to "wait for a better case".

5. If the government does drop the request, people get exactly what they wanted: the status quo.

But all of these questions still need answers:

https://www.lawfareblog.com/co...

If you read the sequence of briefs from Apple (and the Assistant US Attorney) since the middle of February (when Apple brought on former Solicitor General Ted Olson, heavy firepower), the gap in legal analysis and writing capabilities is painfully obvious.

In the previous govt brief (all of the briefs history on this site as well), it is outright embarrassing how the govt's legal team (or maybe summer intern) has sunk to having to accuse Apple of marketing tactics, unpatriotic behavior, and reductio ad absurdum examples to support its position. Honestly, if I were the judge, I'd be calling the govt into chambers to rebuke them for such shoddy arguments and telling them to put more skilled people on the task, given the importance.

For those who didn't read the previous Apple one or this one (which are both quite similar), in reply to the govt Apple cleanly and convincingly dissects each of the govt's arguments point by point, and an outsider reading this for the first time would be easily convinced about the merits.

-----------

By the way, I add a few points here for other commenters/readers so that some baseline facts are easily available. Just for your reference, the reason the encryption keys are so important / secret is that:

-- All recent Apple iPhones have built-in encryption-dedicated processing hardware
-- This hardware has firmware burned-in with Apple public encryption keys that validate that any code has come directly from Apple without modification, on startup
-- This key validation structure is designed to ensure that only code signed by Apple's private key can run on the phone
-- Every iPhone has the same public keys burned on it, because that's how public keys work.

So if Apple is forced to give its private keys to the FBI (assuming the remote likelihood they even knew what to do with it), the FBI would have the ability to encrypt and sign software for any of these iPhones. The idea (legal argument-wise or technically) that "this is about one phone" is laughable.

Forcing someone to disclose encryption keys would be a huge violation of the First Amendment. If there is anything that qualifies as speech and knowledge, it is an encryption key / industry trade secret. Then on top of this, there is the question of whether the people at Apple who are in charge of the encryption keys (yes, individuals) would even voluntarily turn it over if given such a blatantly unconstitutional order.

"...The compromised operating system that the government demands would require significant resources and effort to develop. Although it is difficult to estimate, because it has never been done before, the design, creation, validation, and deployment of the software likely would necessitate six to ten Apple engineers and employees dedicating a very substantial portion of their time for a minimum of two weeks, and likely as many as four weeks. Members of the team would include engineers from Apple’s core operating system group, a quality assurance engineer, a project manager, and either a document writer or a tool writer..."

"...The first step in the process would be for Apple to design and create an operating system that can accomplish what the government wants. No such operating system currently exists with this combination of features. Moreover, Apple cannot simply remove a few lines of code from existing operating systems. Rather, Apple will need to design and implement untested functionality in order to allow the capability to enter passcodes into the device electronically in the manner that the government describes..."

(from https://www.lawfareblog.com/ap...)

If you give up freedom in the name of security you get neither .(butchered from Ben franklin)

FTFY. I happen to agree with the rest of what you said, but that particular misuse of the Ben Franklin misquote needs to be retired.

here.

https://www.lawfareblog.com/wh...

"Franklin was thus complaining of the choice facing the legislature between being able to make funds available for frontier defense and maintaining its right of self-governance--and he was criticizing the governor for suggesting it should be willing to give up the latter to ensure the former."

A Response to the âoeDrone Papersâ: AUMF Targeting is a Deliberate Process with Robust Political Accountability

By Adam Klein Thursday, October 15, 2015, 5:40 PM

The Interceptâ(TM)s âoeDrone Papersâ leaker âoebelieves the public has a right to know how the U.S. government decides to assassinate people.â Maybe soâ"or maybe public safety and the need for secrecy trump the publicâ(TM)s curiosity. Unfortunately, the leaker has unilaterally decided for all of us. One person with a thumb drive again trumps the democratic process.

Tant pis; the âoeDrone Papersâ are out there (the name suggests a massive archive; in fact, there are only four documents, one of which is a shorter version of another). So what do they tell us about how the U.S. Government is targeting terrorist leaders in Somalia and Yemen for drone strikesâ"or, as The Intercept would have it, âoedecid[ing] how to assassinate peopleâ? Unsurprisingly, The Intercept is out to convict; its focus is on the âoeshortcomings and flawsâ of the program, as supposedly exemplified by its ingenuous account of the life and death of al Qaeda commander Bilal el-Berjawi.

But the documents themselves are hardly as damning as the breathless tone of the reporting suggests. In fact, for those concerned about oversight and accountability in the targeting process for AUMF-based strikes, the documents should reassure rather than unsettle. The overall impression is of thorough, individualized review, at the highest levels of government, that meaningfully constrains those developing and carrying out these operations.

The key documents, two DOD slide decks on âoeISR support to small footprint CT operationsâ in Somalia and Yemen (a full deck and an executive summary) include these details:

- The âoeaverage approval timeâ for a proposed strike under the AUMF process was 79 days. Even excluding the single longest approval, presumably an unrepresentative outlier, the average was 58 days. The fastest approval was 27 days.

- These approvals were preceded by lengthy periods of gathering and analyzing intelligence on the targetsâ"an average of six years.

- Four out of 24 proposed concepts of operations covered by the study were disapproved under the AUMF review process.

- Each proposed operation must be approved by a lengthy sequence of high-ranking officials, culminating in the President.

- The process for approving strikes under the AUMF âoerequires significant intel/ISR to justify (and maintain) approvals.â âoeRelatively few, high-level terrorists meet criteria for targetingâ under this process. (Note that this isnâ(TM)t a press release touting the programâ(TM)s robust oversight; itâ(TM)s an internal DOD assessment, written from the perspective of operators for whom a laborious approval process is an obstacle rather than a virtue.)

- These âoe[p]olitical constraintsâ make these operations âoechallengingâ and âoefundamentally different from what weâ(TM)ve experienced in Afghanistan and Iraq.â

These slides do not suggest operators run amok, âoeassassinat[ing]â targets with little forethought or oversight. To the contrary, the âoeDrone Papersâ suggest that these operations go forward only after a deliberate, individualized process. They confirm that senior political decisionmakers, including the President, review and approve each individual operation. And they reveal that operators view this review process as a significant constraintâ"a constraint that distinguishes these operations from the (presumably more liberal) operating environments in Iraq and Afghanistan.

There may be other flaws in the program, as the accompanying articles urgeâ"unintended victims, truncated intelligence collecti

Many of the same slashdotters who accept "experts" who claim NK didn't hack Sony will readily accept as truth that it was "obviously" the US that attacked NK, even though there is even less objective proof of that, and could just as easily be some Anonymous offshoot, or any number of other organizations, or even North Korea itself.

See the logical disconnect, here?

For those now jumping on the "North Korea didn't hack Sony" bandwagon that some security "experts" are leading for their own political or ideological reasons, including using rationales as puzzling and pedestrian as source IP addresses of the attacks being elsewhere, some comments:

Attribution in cyber is hard, and the general public is never going to know the classified intelligence that went into making an attribution determination, and experts -- actual and self-appointed -- will make claims about what they think occurred.

With cyber, you could have nation-states, terrorists organizations, or even activist hacking groups attacking other nation-states, companies, or organizations, for any number of motives, and making it appear, from a social and technical standpoint, that the attack originated from and/or was ordered by another entity entirely.

That's a HUGE problem, but there are ways to mitigate it. A Sony "insider" may indeed -- wittingly or unwittingly -- have been key in pulling off this hack. That doesn't mean that DPRK wasn't involved. I am not making a formal statement one way or the other; just saying that the public won't be privy to the specific attribution rationale.

Also, any offensive cyber action that isn't totally worthless is going to attempt to mask or completely divert attention from its true origins (unless part of the strategic intent is to make it clear who did it), or at a minimum maintain some semblance of deniability.

At some point you have to apply Occam's razor and ask who benefits.

And for those riding the kooky "This is all a big marketing scam by Sony" train:

So, you're saying that Sony leaked thousands of extremely embarrassing and in some cases damaging internal documents and emails that will probably result in the CEO of Sony Pictures Entertainment being ousted, including private and statutorily-protected personal health information of employees, and issued terroristic messages threatening 9/11-style attacks at US movie theaters, committing dozens to hundreds of federal felonies, while derailing any hopes for a mass release and instead having it end up on YouTube for rental, all to promote one of hundreds of second-rate movies?

Yeah...no.

What Happens When We Actually Catch Edward Snowden? http://www.lawfareblog.com/2013/07/what-happens-when-we-actually-catch-edward-snowden/

I think I saw a /.'er link to this just a few days ago ...
http://www.lawfareblog.com/2011/07/what-ben-franklin-really-said/

This is why Jefferson stated "Those willing to trade liberty for temporary security deserve neither liberty or security." You should know better, but you are brain washed into believing that it can't happen to you.

Either that, or you are paid to spread propaganda like you just did.

And you should know better than to attribute a quote by Benjamin Franklin to Thomas Jefferson. You should also note that there is some question about the meaning and context of Franklin's actual words...see this article about the quotation.

Having fun denying facts?

http://www.lawfareblog.com/2013/02/of-course-president-obama-has-authority-under-some-circumstances-to-order-lethal-force-against-a-u-s-citizen-on-u-s-soil-and-a-free-draft-response-to-senator-paul-for-john-brennan/

Agreed that security (or lack of it) is an issue. What makes security a difficult problem to "solve" is trying to balance two extremes:

convenience/freedom < - - - > authentication/authority

Too much freedom and you lack security. Too much security and you make it a PITA to actually get anything done!

That axis is related to these two extremes:

authority < - - - > accountability

The often quoted mis-interpreted* "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety" would lead us believe that Freedom should be valued over Security. There are cases where it can be argued for one or the other.

As a relatively new country we're still trying to figure out the right balance (as it swings from one extreme to the other extreme) especially with respect to Social Engineering and "White" Hats vs Gray Hats.

* See for details: http://www.lawfareblog.com/2011/07/what-ben-franklin-really-said/

senior operational leader of al-Qa'ida or an associated force

This distinction is kind-of important as AQAP is not an organization designated by the AUMF(that was for 9/11 participants,) and the U.S. citizens we know were murdered, al-Aulaqi and son(so unless your going to argue that a 16 year old boy from Denver is a senior operational leader with AQ we already know that killings occur when even the low bar set by this whitepaper is not met), was part of a co-belligerent force, not AQ. Problem here is associated forces is pretty vague. A link to the circuit court decision about associated forces can be found here. The conclusion of the ruling talks about how determining who is and isn't a member when they are not actively armed is something that needs to be adjudicated on a case by case basis, something those who are assassinated will never get. This is where it comes down to your a member of AQ because we say you are.

I will point out that this document contains

As stated earlier, this paper does not attempt to determine the minimum requirements necessary to render such an operation lawful

so basically as long as you meet these requirements your all set to go killing(at least until a court says you can't at which point, much like the torture memos, this document will be used a legal shield.)

The GPP is incorrect. The NDAA does allow indefinite detention of US citizens. I verified the language in the NDAA. And also confirmed with various explanations. Please mod the parent up and the grandparent post down.

I know this is probably to late to post this, but hopefully this will enlighten some people.

http://www.lawfareblog.com/2011/12/the-ndaa-the-good-the-bad-and-the-laws-of-war-part-i/

Only a terrorist would spy on police with a toy UAV. And thanks to the National Defense Authorization Act for Fiscal Year 2012, any such terrorist can be detained by the military indefinitely and without trial, even if a US citizen arrested on US soil. That should teach them, right?

The NDAA says nothing about whether its detention provisions apply to U.S. citizens. And by that, I mean it explicitly says nothing:

Section 1021(e). AUTHORITIES.—Nothing in this section shall be construed to affect existing law or authorities relating to the detention of United States citizens, lawful resident aliens of the United States, or any other persons who are captured or arrested in the United States.

Note there may be some ambiguity about whether this provision applies to all U.S. citizens or only U.S. citizens captured or arrested in the U.S. Link. I tend to think it covers all U.S. citizens, all lawful resident aliens of the U.S., and all people captured or arrested in the U.S. Regardless, though, it's clear that any power the government has to detain U.S. citizens arrested on U.S. soil is NOT "thanks to the National Defense Authorization Act for Fiscal Year 2012." If such power exists, it existed before the NDAA.

The Supreme Court has not definitively settled the issue. In Hamdi it ruled that authorization to use military force grants power to detain citizens captured on a foreign battlefield. Padilla, which dealt with a U.S. citizen captured in the U.S., was resolved by his indictment and conviction before the Supreme Court can rule on the issue. Thus, whether the government can detain a U.S. citizen captured on U.S. soil is unsettled as a national question.

There are plenty of reasons to think the NDAA bad. When attacking the law, we should focus on what it does, not what it explicitly states it does not do. Expanding the detention power with respect to tcitizens captured on U.S. soil is one of the things it does not do.