@tqbf @holmesworcester Here's former NSA lawyer saying it's a risk, but one govt will take.
https://www.lawfareblog.com/cisa-context-voluntary-sharing-model-and-other-portal …pic.twitter.com/GrF78QTfc1
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
@tqbf Not true, eg, in car hacks. They learned from press. If GM had gone under CISA, no recall. @holmesworcester
@emptywheel @holmesworcester Is your argument here that GM was required by law to recall cars?
@tqbf Well, Chrysler was made to. I raise GM bc only backed CISA when they realized hackers wouldn't sit on disclosures @holmesworcester
@emptywheel @holmesworcester … can you take me from “Charlie Miller discovers vuln” to “GM is immunized under CISA and can avoid recall”?
@tqbf Miller tells GM. That's not just vuln, but DMCA violation. GM tells DHS, not NHTSA. NTHSA can't force recall. @holmesworcester
@emptywheel @holmesworcester How about “Miller tells GM, then tells CNN”, which is what will actually happen?
@tqbf @holmesworcester If that happens--if he goes to CNN & NHTSA can show they learned there, before GM goes to CISA--no reg immunity.
@emptywheel @holmesworcester Also: DMCA has an exception for security research, which I’m sure you know, so how is it relevant?
@tqbf Right--as Matt said--not until October. Plus GM could still report a defensive measure. @holmesworcester
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.