Listen to Karl Schieneman, Director of Analytics and Review with JurInnov, talk with noted electronic discovery expert and former Magistrate Judge from New Jersey, Ron Hedges in what has become an annual E-Discovery recap show. Listen to Ron discuss his top 10 list of the most influential electronic discovery related cases from 2010 with a few key events thrown in as well. This is always an informative show for anyone trying to keep up with developing case law.
Mozilla to offer new feature for improved online privacy – Computerworld
January 24, 2011 By Leave a Comment
Mozilla, the developer of the Firefox browser, is working a feature that will allow users to opt-out of online behavioral advertising.
The goal is to give users “a deeper understanding of and control over personal information online,” Mozilla’s head of privacy said in a blog posted on Sunday.
The feature will allow users to configure their Firefox browser to tell websites and advertisers that they would like to opt-out of any advertising based on their behavior, Alex Fowler [cq] wrote in his blog post. The user’s preference is communicated to websites and third party ad servers using a new “Do Not Track HTTP header”, which is sent with every click or page view in Firefox.
The feature wouldn’t block advertising altogether, only personalized ads. If the user has enabled the feature, the advertiser would have to exchange the personalized ad for a standard ad, according to a diagram included in the blog post.
Mozilla believes the header-based approach will be better for the Web in the long run, compared to cookies or blacklists. Using a header is less complex, more persistent than cookie-based solutions and at the same time simple to locate and use. It doesn’t rely on a user’s finding and loading lists of ad networks and advertisers to work, Fowler wrote.
via Mozilla to offer new feature for improved online privacy – Computerworld.
How Stuxnet works: what the forensic evidence reveals – Telegraph
January 22, 2011 By Leave a Comment
Payload
The Stuxnet payload, the part of the attack that makes and disguises alterations to nuclear centrifuges, sets a new standard for precision targeting of malicious software.
Once it is inside a Windows computer the payload checks to see whether it is connected to a Siemens Step7 industrial control system. It then checks whether that system controls at least 33 “frequency converter drives” made by one of two manufacturers (one of which is Iranian), which control the speed of centrifuges.
Before it siezes power the payload performs a final test on whether the centrifuges are programmed to spin at the very high speeds used in uranium enrichment.
The damaging speed increases Stuxnet then orders are only in force for for short periods, weeks apart. It also disguises its modifications by switching off warning systems.
In summary, the Stuxnet payload is a highly sophisticated, precise sabateur, that only a team of advanced programmers could have created, with access to expensive and restricted equipment.
“There are a lot of skills needed to write Stuxnet,” explains Tom Parker. “Whoever did this needed to know [Windows] programming, Step 7, they needed platform process knowledge, the ability to reverse engineer a number of file formats, kernel rootkit development and exploit development.”
via How Stuxnet works: what the forensic evidence reveals – Telegraph.
Is 2011 the Year of a Digital Privacy Revolution?
January 22, 2011 By Leave a Comment
You’re being watched when you’re online. If that makes you uneasy, you’re not alone. Online privacy—especially in the social-media sphere—is becoming an increasingly contentious issue, but it’s one that largely is left to companies like Google and Facebook to decide. As sites and service-providers struggle to balance the interests of their users against the interests of their business, the question emerges: Is it time for the government to step up and enforce stricter regulation?
Experts say 2011 might just be the year where digital privacy will come to the forefront in Washington. For example, the Boucher-Stearns bill, drafted by Rick Boucher, a Democrat from Virginia, and Cliff Stearns, a Republican from Florida, would require all websites to inform users how they collect and use personally identifiable information, like phone numbers or addresses. Last month, the Federal Trade Commission proposed “Do Not Track” technology that would be added to websites in order to allow users to “opt out,” making their actions on the site unrecorded.
It’s unclear so far which websites would be required to include the technology, or if the button would be built directly into the browser. But according to some, even if do-not-track and opt-out policies were to be adopted, the United States would still have a relatively laissez-faire attitude toward online privacy compared to much of the rest of the developed world.
LogicalDOC 6.0 Benefits From Redesigned Interface, Microsoft Office Integration
January 22, 2011 By Leave a Comment
Open source document management vendor, Logical Objects (news, site), has announced an upgrade to both the community and commercial addition of its LogicalDOC software, which comes with a completely redesigned interface and a new Drop Spot feature for pulling content into the system.
Logical Objects already includes capabilities like document import from remote folders, WebDAV, a search engine that is one of the software’s strongest points and versioning. However, this new version — version 6.0 — the company says is a milestone in the evolution of LogicalDOC, with the interface based on Google Web ToolKit (GWT). The Google Web Toolkit is an open source development framework for building browser-based applications.
via LogicalDOC 6.0 Benefits From Redesigned Interface, Microsoft Office Integration.
Hacker Sells Access To Military, University Websites | News & Opinion | PCMag.com
January 22, 2011 By Leave a Comment
Ever dreamt of controlling a dot-gov or dot-edu? A hacker is selling access to dozens of military, government, and university Websites for $55-499 a piece.
Discovered by security firm Imperva, the hacker advertises varying fees, services, and proofs for cracking into .mil, .gov, and .edu sites around the world.
The priciest, access to the homepage of the U.S. Army, National Guard, and Army Forces, goes for $499 each, followed by access of university and governmental Websites. You’ll also find passes to the Italian Official Government Website for $99 or a Taiwanese educational center for $88.
According to Imperva, the hacker is also selling personal data at the going price of $20 for 1,000 names, addresses, and telephone numbers. For example, Imperva lists a censored screenshot of University of Connecticut staff members’ information.
The hacker probably performed the hack through an SQL injection, Imperva says.
Brian Krebs of Krebson Security said he saw the back-end evidence of the hacks and found them legit.
via Hacker Sells Access To Military, University Websites | News & Opinion | PCMag.com.
Android OS bombshell: Did Google illegally lift copyrighted code? | ZDNet
January 21, 2011 By Leave a Comment
Last summer, Oracle announced it had filed a complaint against Google, Inc. for patent and copyright infringement. In the lawsuit, Oracle claims that Google “knowingly, directly and repeatedly infringed Oracle’s Java-related intellectual property” in the development and distribution of the Android operating system.
Today, in a bombshell post on his FOSS Patents blog, Florian Mueller, an expert on intellectual property law and open source code, reports that “evidence is mounting that different components of the Android mobile operating system may indeed violate copyrights of Sun Microsystems, a company Oracle acquired a year ago.”
Oracle provided one example in its original complaint showing line-by-line copying of its code. Mueller’s new work looks at a completely different set of files that were not previously disclosed. He found examples of at least six files in one directory that show a “pattern of direct copying.” Those files are part of Froyo (Android 2.2) and Gingerbread (Android 2.3). In addition, he found a significant number of files in the Android codebase that are clearly marked as belonging to Sun:
I have identified 37 files marked as “PROPRIETARY/CONFIDENTIAL” by Sun and a copyright notice file that says: “DO NOT DISTRIBUTE!” Those files appear to relate to the Mobile Media API of the Sun Java Wireless Toolkit. Unless Google obtained a license to that code (which is unlikely given the content and tone of those warnings), this constitutes another breach. [Emphasis in original]
via Android OS bombshell: Did Google illegally lift copyrighted code? | ZDNet.
Twitter Goo.gl Worm Pushes Fake Antivirus Protection | News & Opinion | PCMag.com
January 21, 2011 By Leave a Comment
Another worm is making the rounds on Twitter via the goo.gl URL shortening service, often directing users to fake anti-virus software.
Affected users might notice mysterious tweets that they did not write showing up on their feeds, many of which include goo.gl links that end with “m28sx.html.”
“Although most affected Twitter users appear to be oblivious to what has occured, a few have noticed the messages, and suspected a security breach,” Sophos’s Graham Cluley wrote in a blog post.
If you click on these links, you are taken to a Web site that suggests your computer has been infected by a virus. The site encourages you to download what it says is anti-virus protection but is actually malicious code.
Del Harvey, head of Twitter’s trust and safety efforts, tweeted yesterday that the company was “working to remove the malware links and reset passwords on compromised accounts.”
via Twitter Goo.gl Worm Pushes Fake Antivirus Protection | News & Opinion | PCMag.com.
UK Regulatory Watch: EU Proposal to Simplify UK Mergers
January 21, 2011 By Leave a Comment
(Westlaw Business) Striving to unify business law throughout the EU and simplify the process of mergers and reorganisations of public companies in the UK, the Department for Business Innovation & Skills (BIS) has set out new draft regulations to comply with the latest EU business law directive.
The Draft Companies (Reporting Requirements in Mergers and Divisions) Regulations 2011 sets out to implement EU Directive 2009/109/EC and make various amendments to company law to simplify the process of mergers and reorganisations by making two broad categories of changes:
1. Enabling companies to take advantage of new technology; and,
2. Removing over-regulation.
Under the regulations the process of a merger or division will be shortened by removing (in certain circumstances); the requirement to provide an expert’s report on the restructuring, the statement by the directors justifying the restructuring, the update on the company’s accounts, the approval by general meeting, and updates of any changes since the restructuring.
via UK Regulatory Watch: EU Proposal to Simplify UK Mergers.
Sync Your Often Accessed Business Files in the Cloud With ShareFile
January 21, 2011 By Leave a Comment
Workflow and multiple users are the cause of much misery for those trying to keep files up to date in the cloud, but ShareFile offers a way for SMBs to handle this tricky juggling act.
Differentiating in the Cloud File World
Not all cloud-based file sharing services are created equal, and making a noise about its Enterprise 2.0 business-friendliness is ShareFile, with its latest product, Sync. Aimed at business users, it offers continuous synchronization for files and folders. It offers both one- and two-way syncing to ensure data validity and is part of the SyncFile’s growing platform.
In addition to its ability to sync to mobiles and tablets, ShareFile also lets user’s work with their existing folder structure, rather then demanding everything goes into one drop folder. The two-way functionality works via an Adobe Air 2.0 app, while Sync itself is part of ShareFile’s Power Tools suite that comes with desktop and mobile apps, Outlook plug-ins and other goodies.
via Sync Your Often Accessed Business Files in the Cloud With ShareFile.
