@emptywheel @holmesworcester … but without CISA, in that scenario, they wouldn’t have learned about it anyways!
@tqbf @holmesworcester Here's former NSA lawyer saying it's a risk, but one govt will take.
https://www.lawfareblog.com/cisa-context-voluntary-sharing-model-and-other-portal …pic.twitter.com/GrF78QTfc1
-
-
-
@tqbf Not true, eg, in car hacks. They learned from press. If GM had gone under CISA, no recall.@holmesworcester -
@emptywheel@holmesworcester Is your argument here that GM was required by law to recall cars? -
@tqbf Well, Chrysler was made to. I raise GM bc only backed CISA when they realized hackers wouldn't sit on disclosures@holmesworcester -
@emptywheel@holmesworcester … can you take me from “Charlie Miller discovers vuln” to “GM is immunized under CISA and can avoid recall”? -
@tqbf Miller tells GM. That's not just vuln, but DMCA violation. GM tells DHS, not NHTSA. NTHSA can't force recall.@holmesworcester -
@emptywheel@holmesworcester How about “Miller tells GM, then tells CNN”, which is what will actually happen? -
@tqbf@holmesworcester If that happens--if he goes to CNN & NHTSA can show they learned there, before GM goes to CISA--no reg immunity. - 6 more replies
New conversation -
-
-
@emptywheel@holmesworcester If the USG LEARNS about a deficiency from a shared indicator, it is limited in reacting…Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.