The Business of Secrets: Adventures in Selling Encryption Around the World by Fred Kinch (May 24, 2004)

From the vantage point of today, it’s surreal reading about the commercial cryptography business in the 1970s. Nobody knew anything. The manufacturers didn’t know whether the cryptography they sold was any good. The customers didn’t know whether the crypto they bought was any good. Everyone pretended to know, thought they knew, or knew better than to even try to know.

The Business of Secrets is the self-published memoirs of Fred Kinch. He was founder and vice president of—mostly sales—at a US cryptographic hardware company called Datotek, from company’s founding in 1969 until 1982. It’s mostly a disjointed collection of stories about the difficulties of selling to governments worldwide, along with descriptions of the highs and (mostly) lows of foreign airlines, foreign hotels, and foreign travel in general. But it’s also about encryption...

The most aggressive goal of the Paris Agreement is out of reach, according to a new analysis by the Global Carbon Project.

Gov. Josh Shapiro (D) signed the deal Wednesday to leave the regional cap-and-trade system, ending a four-month budget impasse with Republicans.

The International Energy Agency pointed to President Donald Trump’s fossil fuel policies as one reason for an extended run for oil, gas and coal.

The administration has drawn criticism for shuffling personnel and equipment at Goddard Space Flight Center, which does much of the agency's earth science work.

Severe thunderstorms cause more damage than any other weather event. Insurance industry-funded research aims to understand why.

Chevron and other oil majors are fighting against legal claims that they should pay up for their role in damaging the Bayou State's coastline.

California Gov. Gavin Newsom is returning to a time-tested technique to exercise soft power at U.N. climate talks.

Ahead of COP30 in Belém, Brazil, this week, most countries that filed emissions plans with net-zero goals are relying on carbon removals to reach their target, according to an analysis.

Using high-resolution data on rainfall, sea tides and death records, researchers estimated the mortality costs of rain in Mumbai — representing the total economic value attributed to each life lost — at $12 billion for the entire decade they examined.

“We believe it would send a signal to the market and encourage more potential suppliers, especially in the Global South countries," said a company executive.

To help soften the impact of the bloc’s green transition, governments and lawmakers want to postpone rollout of Emissions Trading System 2.

In recent months, Russia has frequently flown drones into NATO territory, where NATO countries typically try to shoot them down. By contrast, when three Russian fighter jets made an incursion into Estonian airspace in September, they were intercepted and no attempt was made to shoot them down — although the incident did make headlines and led to a Russian diplomat being expelled from Estonia.

Those incidents follow a global pattern of recent years. Drone operations, to this point, seem to provoke different responses compared to other kinds of military action, especially the use of piloted warplanes. Drone warfare is expanding but not necessarily provoking major military responses, either by the countries being attacked or by the aggressor countries that have drones shot down.

“There was a conventional wisdom that drones were a slippery slope that would enable leaders to use force in all kinds of situations, with a massively destabilizing effect,” says MIT political scientist Erik Lin-Greenberg. “People thought if drones were used all over the place, this would lead to more escalation. But in many cases where drones are being used, we don’t see that escalation.”

On the other hand, drones have made military action more pervasive. It is at least possible that in the future, drone-oriented combat will be both more common and more self-contained.

“There is a revolutionary effect of these systems, in that countries are essentially increasing the range of situations in which leaders are willing to deploy military force,” Lin-Greenberg says. To this point, though, he adds, “these confrontations are not necessarily escalating.”

Now Lin-Greenberg examines these dynamics in a new book, “The Remote Revolution: Drones and Modern Statecraft,” published by Cornell University Press. Lin-Greenberg is an associate professor in MIT’s Department of Political Science.

Lin-Greenberg brings a distinctive professional background to the subject of drone warfare. Before returning to graduate school, he served as a U.S. Air Force officer; today he commands a U.S. Air Force reserve squadron. His thinking is informed by his experiences as both a scholar and practitioner.

“The Remote Revolution” also has a distinctive methodology that draws on multiple ways of studying the topic. In writing the book, Lin-Greenberg conducted experiments based on war games played by national security professionals; conducted surveys of expert and public thinking about drones; developed in-depth case studies from history; and dug into archives broadly to fully understand the history of drone use, which in fact goes back several decades.

The book’s focus is drone use during the 2000s, as the technology has become more readily available; today about 100 countries have access to military drones. Many have used them during tensions and skirmishes with other countries.

“Where I argue this is actually revolutionary is during periods of crises, which fall below the threshold of war, in that these new technologies take human operators out of harm’s way and enable states to do things they wouldn’t otherwise do,” Lin-Greenberg says.

Indeed, a key point is that drones lower the costs of military action for countries — and not just financial costs, but human and political costs, too. Incidents and problems that might plague leaders if they involved military personnel, forcing major responses, seem to lessen when drones are involved.

“Because these systems don’t have a human on board, they’re inherently cheaper and different in the minds of decision-makers,” Lin-Greenberg says. “That means they’re willing to use these systems during disputes, and if other states are shooting them down, the side sending them is less likely to retaliate, because they’re losing a machine but not a man or woman on board.”

In this sense, the uses of drones “create new rungs on the escalation ladder,” as Lin-Greenberg writes in the book. Drone incidents don’t necessarily lead to wider military action, and may not even lead to the same kinds of international relations issues as incidents involving piloted aircraft.

Consider a counterfactual that Lin-Greenberg raises in the book. One of the most notorious episodes of Cold War tension between the U.S. and U.S.S.R. occurred in 1960, when U.S. pilot Gary Powers was shot down and captured in the Soviet Union, leading to a diplomatic standoff and a canceled summit between U.S. President Dwight Eisenhower and Soviet leader Nikita Khrushchev.

“Had that been a drone, it’s very likely the summit would have continued,” Lin-Greenberg says. “No one would have said anything. The Soviet Union would have been embarrassed to admit their airspace was violated and the U.S. would have just [publicly] ignored what was going on, because there would not have been anyone sitting in a prison. There are a lot of exercises where you can ask how history could have been different.”

None of this is to say that drones present straightforward solutions to international relations problems. They may present the appearance of low-cost military engagement, but as Lin-Greenberg underlines in the book, the effects are more complicated.

“To be clear, the remote revolution does not suggest that drones prevent war,” Lin-Greenberg writes. Indeed, one of the problems they raise, he emphasizes, is the “moral hazard” that arises from leaders viewing drones as less costly, which can lead to even more military confrontations.

Moreover, the trends in drone warfare so far yield predictions for the future that are “probabilistic rather than deterministic,” as Lin-Greenberg writes. Perhaps some political or military leaders will start to use drones to attack new targets that will inevitably generate major responses and quickly escalate into broad wars. Current trends do not guarantee future outcomes.

“There are a lot of unanswered questions in this area,” Lin-Greenberg says. “So much is changing. What does it look like when more drones are more autonomous? I still hope this book lays a foundation for future dicussions, even as drones are used in different ways.”

Other scholars have praised “The Remote Revolution.” Joshua Kertzer, a professor of international studies and government at Harvard University, has hailed Lin-Greenberg’s “rich expertise, methodological rigor, and creative insight,” while Michael Horowitz, a political scientist and professor of international relations at the University of Pennsylvania, has called it “an incredible book about the impact of drones on the international security environment.”

For his part, Lin-Greenberg says, “My hope is the book will be read by academics and practitioners and people who choose to focus on parts of it they’re interested in. I tried to write the book in way that’s approachable.”

Publication of the book was supported by funding from MIT’s Security Studies Program. 

Nature Climate Change, Published online: 13 November 2025; doi:10.1038/s41558-025-02495-8

The Pacific Decadal Oscillation describes the most important pattern of low-frequency climate variability in the North Pacific. An analysis of sea surface temperatures reveals that, since 2014, the Pacific Decadal Oscillation’s influence has been superseded by that of basin-wide warming, producing novel expressions of ocean variability and unexpected ecological impacts.

Cozy up next to the fireplace and we'll catch you up on the latest digital rights news with EFF's EFFector newsletter.

In our latest issue, we’re exposing surveillance logs that reveal racist policing; explaining the harms of Google’s plan for Android app gatekeeping; and continuing our new series, Gate Crashing, exploring how the internet empowers people to take nontraditional paths into the traditional worlds of journalism, creativity, and criticism.

Prefer to listen in? Check out our audio companion, where EFF Staff Attorney Mario Trujillo explains why Ring's upcoming facial recognition tool could violate the privacy rights of millions of people. Catch the conversation on YouTube or the Internet Archive.

LISTEN TO EFFECTOR

EFFECTOR 37.16 - 🔔 RING'S FACE SCAN PLAN

Since 1990 EFF has published EFFector to help keep readers on the bleeding edge of their digital rights. We know that the intersection of technology, civil liberties, human rights, and the law can be complicated, so EFFector is a great way to stay on top of things. The newsletter is chock full of links to updates, announcements, blog posts, and other stories to help keep readers—and listeners—up to date on the movement to protect online privacy and free expression. 

Thank you to the supporters around the world who make our work possible! If you're not a member yet, join EFF today to help us fight for a brighter digital future.

A Washington state trial court has shot down local municipalities’ effort to keep automated license plate reader (ALPR) data secret.

The Skagit County Superior Court in Washington rejected the attempt to block the public’s right to access data gathered by Flock Safety cameras, protecting access to information under the Washington Public Records Act (PRA). Importantly, the ruling from the court makes it clear that this access is protected even when a Washington city uses Flock Safety, a third-party vendor, to conduct surveillance and store personal data on behalf of a government agency.

"The Flock images generated by the Flock cameras...are public records," the court wrote in its ruling. "Flock camera images are created and used to further a governmental purpose. The Flock images created by the cameras located in Stanwood and Sedro-Woolley were paid for by Stanwood and Sedro Wooley [sic] and were generated for the benefit of Stanwood and Sedro-Woolley."

The cities’ move to exempt the records from disclosure was a dangerous attempt to deny transparency and reflects another problem with the massive amount of data that police departments collect through Flock cameras and store on Flock servers: the wiggle room cities seek when public data is hosted on a private company’s server.

Flock Safety's main product is ALPRs, camera systems installed throughout communities to track all drivers all the time. Privacy activists and journalists across the country recently have used public records requests to obtain data from the system, revealing a variety of controversial uses. This has included agencies accessing data for immigration enforcement and to investigate an abortion, the latter of which may have violated Washington law. A recent report from the University of Washington found that some cities in the state are also sharing the ALPR data from their Flock Safety systems with federal immigration agents. 

In this case, a member of the public in April filed a records request with a Flock customer, the City of Stanwood, for all footage recorded during a one-hour period in March. Shortly afterward, Stanwood and another Flock user, the City of Sedro-Woolley requested the local court rule that this data is not a public record, asserting that “data generated by Flock [automated license plate reader cameras (ALPRs)] and stored in the Flock cloud system are not public records unless and until a public agency extracts and downloads that data." 

If a government agency is conducting mass surveillance, EFF supports individuals’ access to data collected specifically on them, at the very least. And to address legitimate privacy concerns, governments can and should redact personal information in these records while still disclosing information about how the systems work and the data that they capture. 

This isn’t what these Washington cities offered, though. They tried a few different arguments against releasing any information at all. 

The contract between the City of Sedron-Woolley and Flock Safety clearly states that "As between Flock and Customer, all right, title and interest in the Customer Data, belong to and are retained solely by Customer,” and “Customer Data” is defined as "the data, media, and content provided by Customer through the Services. For the avoidance of doubt, the Customer Data will include the Footage." Other Flock-using police departments across the country have also relied on similar contract language to insist that footage captured by Flock cameras belongs to the jurisdiction in question. 

The contract language notwithstanding, officials in Washington attempted to restrict public access by claiming that video footage stored on Flock’s servers and requests for that information would constitute the generation of a new record. This part of the argument claimed that any information that was gathered but not otherwise accessed by law enforcement, including thousands of images taken every day by the agency’s 14 Flock ALPR cameras, had nothing to do with government business, would generate a new record, and should not be subject to records requests. The cities shut off their Flock cameras while the litigation was ongoing.

If the court had ruled in favor of the cities’ claim, police could move to store all their data — from their surveillance equipment and otherwise — on private company servers and claim that it's no longer accessible to the public. 

The cities threw another reason for withholding information at the wall to see if it would stick, claiming that even if the court found that data collected on Flock cameras are in fact public record, the cities should still be able to block the release of the requested one hour of footage either because all of the images captured by Flock cameras are sensitive investigation material or because they should be treated the same way as automated traffic safety cameras. 

EFF is particularly opposed to this line of reasoning. In 2017, the California Supreme Court sided with EFF and ACLU in a case arguing that “the license plate data of millions of law-abiding drivers, collected indiscriminately by police across the state, are not ‘investigative records’ that law enforcement can keep secret.” 

Notably, when Stanwood Police Chief Jason Toner made his pitch to the City Council to procure the Flock cameras in April 2024, he was adamant that the ALPRs would not be the same as traffic cameras. “Flock Safety Cameras are not ‘red light’ traffic cameras nor are they facial recognition cameras,” Chief Toner wrote at the time, adding that the system would be a “force multiplier” for the department. 

If the court had gone along with this part of the argument, cities could have been able to claim that the mass surveillance conducted using ALPRs is part of undefined mass investigations, pulling back from the public huge amounts of information being gathered without warrants or reason.

The cities seemed to be setting up contradictory arguments. Maybe the footage captured by the cities’ Flock cameras belongs to the city — or maybe it doesn’t until the city accesses it. Maybe the data collected by the cities’ taxpayer-funded cameras are unrelated to government business and should be inaccessible to the public — or maybe it’s all related to government business and, specifically, to sensitive investigations, presumably of every single vehicle that goes by the cameras. 

The requester, Jose Rodriguez, still won’t be getting his records, despite the court’s positive ruling. 

“The cities both allowed the records to be automatically deleted after I submitted my records requests and while they decided to have their legal council review my request. So they no longer have the records and can not provide them to me even though they were declared to be public records,” Rodriguez told 404 Media — another possible violation of that state’s public records laws. 

Flock Safety and its ALPR system have come under increased scrutiny in the last few months, as the public has become aware of illegal and widespread sharing of information. 

The system was used by the Johnson County Sheriff’s Office to track someone across the country who’d self-administered an abortion in Texas. Flock repeatedly claimed that this was inaccurate reporting, but materials recently obtained by EFF have affirmed that Johnson County was investigating that individual as part of a fetal death investigation, conducted at the request of her former abusive partner. They were not looking for her as part of a missing person search, as Flock said. 

In Illinois, the Secretary of State conducted an audit of Flock use within the state and found that the Flock Safety system was facilitating Customs and Border Protection access, in violation of state law. And in California, the Attorney General recently sued the City of El Cajon for using Flock to illegally share information across state lines.

Police departments are increasingly relying on third-party vendors for surveillance equipment and storage for the terabytes of information they’re gathering. Refusing the public access to this information undermines public records laws and the assurances the public has received when police departments set these powerful spying tools loose in their streets. While it’s great that these records remain public in Washington, communities around the country must be swift to reject similar attempts at blocking public access.

Sometimes the answers to seemingly intractable environmental problems are found in nature itself.
 
Take the growing challenge of plastic waste. Jacqueline Prawira, an MIT senior in the Department of Materials Science and Engineering (DMSE), has developed biodegradable, plastic-like materials from fish offal, as featured in a recent segment on the CBS show “The Visioneers with Zay Harding.”
 
“We basically made plastics to be too good at their job. That also means the environment doesn’t know what to do with this, because they simply won’t degrade,” Prawira told Harding. “And now we’re literally drowning in plastic. By 2050, plastics are expected to outweigh fish in the ocean.”
 
“The Visioneers” regularly highlights environmental innovators. The episode featuring Prawira premiered during a special screening at Climate Week NYC on Sept. 24.

Her inspiration came from the Asian fish market her family visits. Once the fish they buy are butchered, the scales are typically discarded.
 
“But I also started noticing they’re actually fairly strong. They’re thin, somewhat flexible, and pretty lightweight, too, for their strength,” Prawira says. “And that got me thinking: Well, what other material has these properties? Plastics.”
 
She transformed this waste product into a transparent, thin-film material that can be used for disposable products such as grocery bags, packaging, and utensils.
 
Both her fish-scale material and a composite she developed don’t just mimic plastic — they address one of its biggest flaws. “If you put them in composting environments, [they] will degrade on their own naturally without needing much, if any, external help,” Prawira says.
 
This isn’t Prawira’s first environmental innovation. Working in DMSE Professor Yet-Ming Chiang’s lab, she helped develop a low-carbon process for making cement — the world’s most widely used construction material, and a major emitter of carbon dioxide. The process, called silicate subtraction, enables compounds to form at lower temperatures, cutting fossil fuel use.
 
Prawira and her co-inventors in the Chiang lab are also using the method to extract valuable lithium with zero waste. The process is patented and is being commercialized through the startup Rock Zero.
 
For her achievements, Prawira recently received the Barry Goldwater Scholarship, awarded to undergraduates pursuing careers in science, mathematics, or engineering.
 
In her “Visioneers” interview, she shared her hope for more sustainable ways of living. 

“I’m hoping that we can have daily lives that can be more in sync with the environment,” Prawira said. “So you don’t always have to choose between the convenience of daily life and having to help protect the environment.”

Generative AI is like a Rorschach test for anxieties about technology–be they privacy, replacement of workers, bias and discrimination, surveillance, or intellectual property. Our panelists discuss how to address complex questions and risks in AI while protecting civil liberties and human rights online.

Join EFF Director of Policy and Advocacy Katharine Trendacosta, EFF Staff Attorney Tori Noble, Berkeley Center for Law & Technology Co-Director Pam Samuelson, and Icarus Salon Artist Şerife Wong for a live discussion with Q&A. 

EFFecting Change Livestream Series:
This Title Was Written by a Human
Thursday, November 13th (New Date!)
10:00 AM - 11:00 AM Pacific
This event is LIVE and FREE!

Accessibility

This event will be live-captioned and recorded. EFF is committed to improving accessibility for our events. If you have any accessibility questions regarding the event, please contact events@eff.org.

Event Expectations

EFF is dedicated to a harassment-free experience for everyone, and all participants are encouraged to view our full Event Expectations.

Upcoming Events

Want to make sure you don’t miss our next livestream? Here’s a link to sign up for updates about this series: eff.org/ECUpdates. If you have a friend or colleague that might be interested, please join the fight for your digital rights by forwarding this link: eff.org/EFFectingChange. Thank you for helping EFF spread the word about privacy and free expression online. 

Recording

We hope you and your friends can join us live! If you can't make it, we’ll post the recording afterward on YouTube and the Internet Archive!

MIT researchers have developed a lightweight polymer film that is nearly impenetrable to gas molecules, raising the possibility that it could be used as a protective coating to prevent solar cells and other infrastructure from corrosion, and to slow the aging of packaged food and medicines.

The polymer, which can be applied as a film mere nanometers thick, completely repels nitrogen and other gases, as far as can be detected by laboratory equipment, the researchers found. That degree of impermeability has never been seen before in any polymer, and rivals the impermeability of molecularly-thin crystalline materials such as graphene.

“Our polymer is quite unusual. It’s obviously produced from a solution-phase polymerization reaction, but the product behaves like graphene, which is gas-impermeable because it’s a perfect crystal. However, when you examine this material, one would never confuse it with a perfect crystal,” says Michael Strano, the Carbon P. Dubbs Professor of Chemical Engineering at MIT.

The polymer film, which the researchers describe today in Nature, is made using a process that can be scaled up to large quantities and applied to surfaces much more easily than graphene.

Strano and Scott Bunch, an associate professor of mechanical engineering at Boston University, are the senior authors of the new study. The paper’s lead authors are Cody Ritt, a former MIT postdoc who is now an assistant professor at the University of Colorado at Boulder; Michelle Quien, an MIT graduate student; and Zitang Wei, an MIT research scientist.

Bubbles that don’t collapse

Strano’s lab first reported the novel material — a two-dimensional polymer called a 2D polyaramid that self-assembles into molecular sheets using hydrogen bonds — in 2022. To create such 2D polymer sheets, which had never been done before, the researchers used a building block called melamine, which contains a ring of carbon and nitrogen atoms. Under the right conditions, these monomers can expand in two dimensions, forming nanometer-sized disks. These disks stack on top of each other, held together by hydrogen bonds between the layers, which make the structure very stable and strong.

That polymer, which the researchers call 2DPA-1, is stronger than steel but has only one-sixth the density of steel.

In their 2022 study, the researchers focused on testing the material’s strength, but they also did some preliminary studies of its gas permeability. For those studies, they created “bubbles” out of the films and filled them with gas. With most polymers, such as plastics, gas that is trapped inside will seep out through the material, causing the bubble to deflate quickly.

However, the researchers found that bubbles made of 2DPA-1 did not collapse — in fact, bubbles that they made in 2021 are still inflated. “I was quite surprised initially,” Ritt says. “The behavior of the bubbles didn’t follow what you’d expect for a typical, permeable polymer. This required us to rethink how to properly study and understand molecular transport across this new material.”  

“We set up a series of careful experiments to first prove that the material is molecularly impermeable to nitrogen,” Strano says. “It could be considered tedious work. We had to make micro-bubbles of the polymer and fill them with a pure gas like nitrogen, and then wait. We had to repeatedly check over an exceedingly long period of time that they weren’t collapsed, in order to report the record impermeability value.”

Traditional polymers allow gases through because they consist of a tangle of spaghetti-like molecules that are loosely joined together. This leaves tiny gaps between the strands. Gas molecules can seep through these gaps, which is why polymers always have at least some degree of gas permeability.

However, the new 2D polymer is essentially impermeable because of the way that the layers of disks stick to each other.

“The fact that they can pack flat means there’s no volume between the two-dimensional disks, and that’s unusual. With other polymers, there’s still space between the one-dimensional chains, so most polymer films allow at least a little bit of gas to get through,” Strano says.

George Schatz, a professor of chemistry and chemical and biological engineering at Northwestern University, described the results as “remarkable.”

“Normally polymers are reasonably permeable to gases, but the polyaramids reported in this paper are orders of magnitude less permeable to most gases under conditions with industrial relevance,” says Schatz, who was not involved in the study.

A protective coating

In addition to nitrogen, the researchers also exposed the polymer to helium, argon, oxygen, methane, and sulfur hexafluoride. They found that 2DPA-1’s permeability to those gases was at least 1/10,000 that of any other existing polymer. That makes it nearly as impermeable as graphene, which is completely impermeable to gases because of its defect-free crystalline structure.

Scientists have been working on developing graphene coatings as a barrier to prevent corrosion in solar cells and other devices. However, scaling up the creation of graphene films is difficult, in large part because they can’t be simply painted onto surfaces.

“We can only make crystal graphene in very small patches,” Strano says. “A little patch of graphene is molecularly impermeable, but it doesn’t scale. People have tried to paint it on, but graphene does not stick to itself but slides when sheared. Graphene sheets moving past each other are considered almost frictionless.”

On the other hand, the 2DPA-1 polymer sticks easily because of the strong hydrogen bonds between the layered disks. In this paper, the researchers showed that a layer just 60 nanometers thick could extend the lifetime of a perovskite crystal by weeks. Perovskites are materials that hold promise as cheap and lightweight solar cells, but they tend to break down much faster than the silicon solar panels that are now widely used.

A 60-nanometer coating extended the perovskite’s lifetime to about three weeks, but a thicker coating would offer longer protection, the researchers say. The films could also be applied to a variety of other structures.

“Using an impermeable coating such as this one, you could protect infrastructure such as bridges, buildings, rail lines — basically anything outside exposed to the elements. Automotive vehicles, aircraft and ocean vessels could also benefit. Anything that needs to be sheltered from corrosion. The shelf life of food and medications can also be extended using such materials,” Strano says.

The other application demonstrated in this paper is a nanoscale resonator — essentially a tiny drum that vibrates at a particular frequency. Larger resonators, with sizes around 1 millimeter or less, are found in cell phones, where they allow the phone to pick up the frequency bands it uses to transmit and receive signals.

“In this paper, we made the first polymer 2D resonator, which you can do with our material because it’s impermeable and quite strong, like graphene,” Strano says. “Right now, the resonators in your phone and other communications devices are large, but there’s an effort to shrink them using nanotechnology. To make them less than a micron in size would be revolutionary. Cell phones and other devices could be smaller and reduce the power expenditures needed for signal processing.”

Resonators can also be used as sensors to detect very tiny molecules, including gas molecules. 

The research was funded, in part, by the Center for Enhanced Nanofluidic Transport-Phase 2, an Energy Frontier Research Center funded by the U.S. Department of Energy Office of Science, as well as the National Science Foundation.

This research was carried out, in part, using MIT.nano’s facilities.

Former DoJ attorney John Carlin writes about hackback, which he defines thus: “A hack back is a type of cyber response that incorporates a counterattack designed to proactively engage with, disable, or collect evidence about an attacker. Although hack backs can take on various forms, they are—­by definition­—not passive defensive measures.”

His conclusion:

As the law currently stands, specific forms of purely defense measures are authorized so long as they affect only the victim’s system or data.

At the other end of the spectrum, offensive measures that involve accessing or otherwise causing damage or loss to the hacker’s systems are likely prohibited, absent government oversight or authorization. And even then parties should proceed with caution in light of the heightened risks of misattribution, collateral damage, and retaliation...