You are here: Home / 2010 / Archives for July 2010

Citi Discloses Security Flaw in Its iPhone App – WSJ.com

July 27, 2010 By Leave a Comment

Citigroup Inc. said its free U.S. mobile-banking application for Apple Inc.’s iPhone contained a security flaw and advised its customers to upgrade to a newer version that corrects the problem.

In an incident that highlights the growing security challenges around wireless apps, Citi said its iPhone app accidentally saved information—including account numbers, bill payments and security access codes—in a hidden file on users’ iPhones. The information may also have been saved to a user’s computer if it had been synched with an iPhone.

The issue affected the approximately 117,600 customers who had registered the iPhone app with Citi since its launch in March 2009, a person familiar with the matter said. The bank doesn’t believe any personal data was exposed by the flaw.

via Citi Discloses Security Flaw in Its iPhone App – WSJ.com.

LinkedInPinterestEvernoteWordPressBlogger PostEmailShare
Filed Under: From The News Tagged With: , , , , , , ,

U.S. Government Says Jailbreaking iPhone Is Legal – ABC News

July 27, 2010 By Leave a Comment

Federal regulators lifted a cloud of uncertainty when they announced it was lawful to hack or “jailbreak” an iPhone, declaring Monday there was “no basis for copyright law to assist Apple in protecting its restrictive business model.”

Jailbreaking is hacking the phone’s OS to allow consumers to run any app on the phone they choose, including applications not authorized by Apple.

The Electronic Frontier Foundation asked regulators 19 months ago to add jailbreaking to a list of explicit exemptions to the Digital Millennium Copyright Act’s anti-circumvention provisions.

via U.S. Government Says Jailbreaking iPhone Is Legal – ABC News.

LinkedInPinterestEvernoteWordPressBlogger PostEmailShare
Filed Under: Tech Bytes Tagged With: , , , , , , , ,

Researcher finds Safari reveals personal information – Computerworld

July 26, 2010 By Leave a Comment

A feature in Apple’s Safari browser designed to make it easier to fill out forms could be abused by hackers to harvest personal information, according to a security researcher.

Safari’s AutoFill feature is enabled by default and will fill in information such as first and last name, work place, city, state, and e-mail address when it recognizes a form, wrote Jeremiah Grossman, CTO for WhiteHat Security, on his blog.

The information comes from Safari’s local operating system address book.

The feature dumps the data into the form even if a person has entered no data on a particular Web site, which opens up an opportunity for a hacker.

“All a malicious website would have to do to surreptitiously extract Address Book card data from Safari is dynamically create form text fields with the aforementioned names, probably invisibly, and then simulate A-Z keystroke events using JavaScript,” Grossman wrote. “When data is populated, that is AutoFill’ed, it can be accessed and sent to the attacker.’

via Researcher finds Safari reveals personal information – Computerworld.

LinkedInPinterestEvernoteWordPressBlogger PostEmailShare
Filed Under: Tech Bytes Tagged With: , , , , , , , ,

Researcher finds Safari reveals personal information – Computerworld

July 26, 2010 By Leave a Comment

A feature in Apple’s Safari browser designed to make it easier to fill out forms could be abused by hackers to harvest personal information, according to a security researcher.

Safari’s AutoFill feature is enabled by default and will fill in information such as first and last name, work place, city, state, and e-mail address when it recognizes a form, wrote Jeremiah Grossman, CTO for WhiteHat Security, on his blog.

The information comes from Safari’s local operating system address book.

The feature dumps the data into the form even if a person has entered no data on a particular Web site, which opens up an opportunity for a hacker.

“All a malicious website would have to do to surreptitiously extract Address Book card data from Safari is dynamically create form text fields with the aforementioned names, probably invisibly, and then simulate A-Z keystroke events using JavaScript,” Grossman wrote. “When data is populated, that is AutoFill’ed, it can be accessed and sent to the attacker.’

via Researcher finds Safari reveals personal information – Computerworld.

LinkedInPinterestEvernoteWordPressBlogger PostEmailShare
Filed Under: Tech Bytes Tagged With: , , , , , , , ,

Piloting E-Discovery Rules in the 7th Circuit | Law.com

July 26, 2010 By Leave a Comment

Magistrate Judge Nan Nolan of the U.S. District Court for the Northern District of Illinois had a long background as a criminal defense attorney before becoming a judge. She says that her background left her unprepared for the battles over discovery of electronic evidence she has encountered in the world of civil litigation. “I was not able to get my arms around all of the fighting over discovery,” she says. “I know that some people have snickered about this idea that you can get lawyers to make nice and cooperate on discovery. But I believe it is possible.”

Under the leadership of Chief Judge James F. Holderman, Nolan has helped launch a pilot program to address electronic discovery issues: 7th Circuit E-Discovery Pilot Program. Taking their cues from, among other sources, the Sedona Conference Cooperation Proclamation, the 7th Circuit E-Discovery Committee is attempting to fix some of the most intractable discovery problems in litigation.

via Law.com – Piloting E-Discovery Rules in the 7th Circuit.

LinkedInPinterestEvernoteWordPressBlogger PostEmailShare
Filed Under: From The News Tagged With: , , , , , , , , ,

In Antitrust Blitz, FTC Targets Consummated Mergers | National Law Journal

July 26, 2010 By Leave a Comment

There’s no such thing as a done deal. That’s the message from federal antitrust enforcers, who in recent months have ramped up attacks against consummated mergers, aggressively breaking up already combined companies.

In the past two weeks alone, the Federal Trade Commission announced two consent orders requiring companies to sell off assets from past mergers deemed anti-competitive. Court cases are pending as well. The FTC in May filed suit against The Dun & Bradstreet Corp., targeting its purchase of a competing education data provider 15 months after the fact, while the U.S. Department of Justice has challenged Dean Foods Co.’s acquisition of Foremost Farms last year. “If evidence of an anti-competitive effect emerges, we’ll take a look at that,” said Richard Feinstein, director of the FTC’s Bureau of Competition. “Our track record makes that clear.”

via Law.com – In Antitrust Blitz, FTC Targets Consummated Mergers.

LinkedInPinterestEvernoteWordPressBlogger PostEmailShare
Filed Under: From The News Tagged With: , , , , ,

Court Orders Retention of Third Party Vendor to Assist with Document Review and Production, Appoints Special Master to Resolve Future Disputes : Electronic Discovery Law

July 26, 2010 By Leave a Comment

Multiven, Inc. v. Cisco Sys., Inc., 2010 WL 2813618 (N.D. Cal. July 9, 2010)

Observing that plaintiff and counterdefendants had insisted upon “a review process that guarantees that they will not finish this extensive project in any reasonable amount of time”, namely reviewing large volumes of information without first narrowing the material using search terms, the court acknowledged the need to expedite production and directed plaintiff and counterdedendants to retain a third party vendor to assist in their discovery efforts.  Accepting defendant’s offer, the court further ordered that Cisco would bear half the cost.

via Court Orders Retention of Third Party Vendor to Assist with Document Review and Production, Appoints Special Master to Resolve Future Disputes : Electronic Discovery Law.

LinkedInPinterestEvernoteWordPressBlogger PostEmailShare
Filed Under: From The News Tagged With: , , , , , ,

Post europe – benchmark bribery legislation for europe – Postonline

July 26, 2010 By Leave a Comment

European organisations breathed a sigh of relief on 20 July 2010 when the British Ministry of Justice announced a delay in the implementation of the UK Bribery Act. The act was due to come into force in October 2010, but will now be delayed until April 2011. Although it is tempting to view it this way, these extra few months should not offer a welcome rest bite period for businesses that are unsure how they will comply with the act.

The Bribery Act has struck fear into the hearts of many organisations that see financial incentives as an integral part of their work since it received Royal Assent in April 2010. The act replaces much, and codifies the remainder, of the various fragments of the UK’s existing anti-corruption legislation, dating back to 1889 with the Public Bodies Corrupt Practices Act. It heralds a new era in the UK’s fight against corruption by establishing distinct general criminal offences for those “offering” and those “accepting” bribes, a new offence for the failure of commercial organisations to prevent bribery by persons acting on their behalf and a discreet offence for those who bribe foreign public officials.

via Post europe – benchmark bribery legislation for europe – Postonline.

LinkedInPinterestEvernoteWordPressBlogger PostEmailShare
Filed Under: From The News Tagged With: , , , , , , ,

X1 Professional Client, Version 6.7 ( – Software – Hardware Systems )

July 26, 2010 By Leave a Comment

X1 Professional Client ($49.95), layers a lot of capabilities on top of the gratis offerings – more than enough to justify an investment. The software supports more than 500 file types, lets you sort and refine your results, and searches e-mail in a multitude of e-mail systems, including Microsoft Outlook, Lotus Notes, and Mozilla Thunderbird.

Additionally, X1 offers two separate enterprise solutions that use the Professional Client. Therefore, users get a single, consistent way to search and view results of content that sits beyond their desktop, without any new desktop software.

X1 eDiscovery Search employs a dedicated server to crawl enterprise applications as it looks for documents related to litigation. X1 Search for Microsoft SharePoint (content connector software running on your SharePoint server) provides a convenient way to find data residing in SharePoint repositories.

via X1 Professional Client, Version 6.7 ( – Software – Hardware Systems ).

LinkedInPinterestEvernoteWordPressBlogger PostEmailShare
Filed Under: Tech Bytes Tagged With: , , , , ,

Web Security in the Cloud: More Secure! Compliant! Less Expensive!

July 26, 2010 By Leave a Comment

Drawing on the findings from multiple benchmark studies on best practices in content security and security software as a service, Aberdeen’s analysis shows that users of cloud-based web security had substantially better results than users of on-premise web security implementations in the critical areas of security, compliance, reliability and cost. Compared to companies using on premise web security solutions, users of cloud-based web security solutions had 58% fewer malware incidents over the last 12 months, 93% fewer audit deficiencies, 45% less security-related downtime, and 45% fewer incidents of data loss or data exposure.

via Web Security in the Cloud: More Secure! Compliant! Less Expensive!.

LinkedInPinterestEvernoteWordPressBlogger PostEmailShare
Filed Under: From The News Tagged With: , , , ,
« Older Posts
Newer Posts »