Interesting that the FBI told the University. If there was no clear connection (I assume the email addresses were all “@IU.EDU”) would they have notified individuals? Must they? (Why do they send computer illiterates to cover these stories? )

http://www.pogowasright.org/article.php?story=20070602165137901

IU scrambles 664 passwords of IU users found on seized computer

Sunday, June 03 2007 @ 06:40 AM CDT Saturday, June 02 2007 @ 04:51 PM CDT - Contributed by: PrivacyNews - Breaches

Indiana University said the passwords of 664 computer users _ most of them students _ were scrambled [I assume the mean 'reset' Bob] by IU technicians after the school learned that their user names and passwords were found on a computer seized in an FBI investigation.

.... The user names and passwords were apparently stolen using a so-called Trojan horse program that can appear benign but, once installed on a computer, can perform harmful functions. [i.e. A keylogger Bob]

IU officials don't know where the FBI seized the suspect computer, who was using it or what was involved in the investigation, Lavagnino said. They do know that the IU user names and passwords were collected between December 2004 and September 2006, she said.

Source - http://www.southbendtribune.com/apps/pbcs.dll/article?AID=/20070603/News01/70603029

It depends on what the definition of “Deleted” is... 1) Not in the active folders. 2) Available to be written over... 3) Written over. (If the Record Rretention policy required IT to write over all files that had reached their “expiration date” would the court see that as reasonable?)

http://ralphlosey.wordpress.com/2007/06/02/when-should-you-search-for-deleted-files/

When Should You Search for Deleted Files?

The District Court in Tampa recently issued a discovery Order involving deleted email. Wells v. Xpedx, 2007 WL 1200955 (M.D.Fla. April 23, 2007). The case raises the interesting issue of when you should search for deleted files, and when you should not because they are “not reasonably accessible” under Rule 20(b)(6). In my view this often hinges on whether or not the files were “double-deleted.” The order in question granted plaintiff’s motion to compel a 30(b)(6) deposition of defendant’s IT representative, but deferred ruling on the companion motion to compel production of deleted emails. The court did not rule on the motion to compel production because there was an inadequate factual record to decide the issues, and for that reason the deposition was allowed.

The dispute began after defendant Xpedx produced its written records retention policy manual. The manual showed that Xpedx had introduced a new email retention policy in 2003 wherein emails were automatically deleted after 90 days, unless they were specifically designated for retention. The manual explained that if an email was not designated for retention, then after 90 days the automatically deleted email could not be restored, without consent of the company’s legal or tax department.

Not surprisingly, plaintiff sought a deposition to learn what this policy meant, and specifically to explain the procedures for retrieval. Further, plaintiff hoped to discover in that deposition if any emails were destroyed relating to his claims. Plaintiff also sought to compel production of all Xpedx emails related to his claims. During the hearing on the motion to compel the plaintiff narrowed the scope of production request to any emails containing his name, Joseph Wells, in certain time periods in 2002 and 2003 by seven Xpedx employees.

The defendant opposed the deposition arguing that it was unnecessary because it had already produced its records retention manual. This argument was not persuasive in view of the vagaries of the wording of the policy, especially as to the approval of restoration of deleted emails by the law or tax department. Further, a plaintiff in this position is normally permitted to inquire whether the actual practices of the company comply with the policy directives. Defendant opposed the motion to compel because it argued that all relevant emails had already been produced. This is a very dangerous argument, as many defendants in the past have discovered, such as UBS Warburg or Morgan Stanley. After you make that kind of representation to a court, it tends to look bad relevant emails are later discovered, no matter how innocent and understandable the mistake. Finally, defendant argued that if there had been any other emails that were not specifically preserved, then they would have already been deleted under its 90 day policy.

Magistrate Judge Elizabeth Jenkins, who is well known in Central Florida for her good analysis and pragmatic results, begins her discussion of the email discovery dispute by noting that:

Deleted emails are, in most cases, not irretrievably lost. Discoverability of Electronic Data Under the Proposed Amendments to the Federal Rules of Civil Procedure: How Effective Are Proposed Protections for “Not Reasonably Accessible” Data? 83 N.C.L.Rev. 984, 988 (2005). Deleted emails may remain on a computer hard drive, servers or retained on back-up tapes. Id. at 988-90.

So far, so good, but then Magistrate Jenkins goes on to hold that: “The producing party has the obligation to search available electronic systems for deleted emails and files. Peskoff v. Faber, No. 04-526 (HHK/JMF), 2007 U.S. Dist. LEXIS 11623, at *13 (D.D.C. Feb. 21, 2007).” There I think the opinion goes too far, or should have been better qualified and clarified to apply only to “once-deleted” emails and files, and to exclude “double-deleted” files.

First let me explain what I mean by these terms. As everyone knows, if an email in Outlook is deleted, it is not erased; it is just moved into another Outlook folder for deleted files. It is still readily accessible. Any user can change their mind and restore the email. But if an email in the Deleted Folder is deleted again, in other words “double-deleted,” then it is no longer indexed in Outlook, and no longer readily accessible. Of course, it is not truly deleted yet on the hard drive, but the file markers pointing to it and identifying it have been erased. These double-deleted files still exist, they have not been erased, but they are no longer easy to find and retrieve. It requires some level of forensic examination to locate and try to retrieve them. In fact, in some circumstances, double-deleted emails may be impossible to retrieve from the hard drive (be it server or PC) because they have been written over by other files. The same process applies to “once-deleted” files in the Windows operating system environment. They are not removed from an index of files when fist deleted, they are simply moved to a new location, the Trash directory. But if the Trash is emptied, the pointers for that file are removed, and the space is considered to be available for writing new data.

So, back to the opinion, which states a party has an “obligation to search available electronic systems for deleted emails and files.” If the phrase “deleted emails and files” is construed to mean “once-deleted,” than I agree completely. These files are readily accessible. But, in most circumstances, it would be wrong to try and stretch the meaning of this holding to also include files that have been “double-deleted,” and thus require forensics to locate and restore, or resort to a search of back-up tapes.

In my opinion, and that of most commentators and courts that have squarely faced the issue, the obligation to search for “double deleted” files should not arise in all circumstances. This duty should only arise in certain special circumstances, where, for instance, there is evidence that highly relevant emails have been double-deleted, and therefore that there is good cause to go to the extra time and expense inherent in a forensic examination for such files. Most courts do not require an extraordinary search for deleted files, unless and until special circumstances are shown to warrant such extraordinary efforts. See for example, Hedenburg v. Aramark American Food Services, 2007 U.S. Dist. LEXIS 3443 (W.D. Wash. Jan. 17, 2007) discussed in my blog entry of February 25, 2007.

The facts alleged by Xpedx to oppose the deposition of its 30(b)(6) IT representative suggest that the emails sought were all “double deleted.” But it is not clear, and in fact, that was the plaintiff’s whole point. His motion to compel the deposition sought discovery of the facts surrounding these emails and deletion. The deposition should reveal whether or not the emails in question were once deleted, and thus reasonably accessible under Rule 26(b)(2)(B). If they are twice-deleted, and further, if under Zpedx’s computer system that means that they are not readily accessible, as I suspect, then an entirely different legal analysis applies to determine whether the plaintiff is entitled to compel production of these emails. If they are not reasonably accessible under Rule 26(b)(2)(B), then the plaintiff would be required to make a showing of good cause sufficient to justify the extra expense of location and recovery of the double-deleted emails.

For these reasons Judge Jenkins order compelling the deposition makes good sense, especially when you consider she limited the deposition to four hours and permitted it to occur by phone. It also makes sense to defer ruling on the motion to compel. This motion cannot be properly determined without evidence as to whether the deleted emails are reasonably accessible, and if not, whether the facts and circumstances show good cause for them to be produced anyway, perhaps with cost sharing as suggested by Rule 26(b)(2)(B).

I suppose it's one more indicator women can use. (Do you suppose young males will be found pulling on their finger?)

http://science.slashdot.org/article.pl?sid=07/06/02/1339206&from=rss

Boys with Longer Ring Fingers are Better at Math

Posted by CowboyNeal on Saturday June 02, @10:55AM from the don't-ask-how-we-know dept. Math It's funny. Laugh.

slashthedot writes "While it is well known that boys have longer ring fingers as compared to index fingers, now some researchers say that the longer the ring finger ratio to index finger, the better boys are at math. In girls, the shorter the ring finger to index finger ratio, the better is their verbal skills. 'The link, according to the researchers, is that testosterone levels in the womb influence both finger length and brain development.'"

This does not surprise me. I suspect it will be cheaper and more likely to comply with all laws and regulations.

http://www.santacruzsentinel.com/archive/2007/June/02/local/stories/05local.htm

UCSC looks at outsourcing campus e-mail to Google

By ROGER SIDEMAN SENTINEL STAFF WRITER June 2, 2007

UC Santa Cruz is tossing around the idea of outsourcing its e-mail services to Google and replacing the university's CruzMail system with the popular Gmail, which would include a variety of glitzy new features already familiar to many college students.

... The move to Google could resolve recurring e-mail issues UCSC has faced under its current system, including server overcapacity, non-delivery and slow response time.

... "Some have voiced concerns about privacy and about retaining control of backup storage for messages," he said, adding that these issues may never be resolved when the deal is re-examined in this fall.

But they like the price: it's free.

Is this a failure of the Journals?

http://science.slashdot.org/article.pl?sid=07/06/02/2119253&from=rss

Some Journals Rejecting Office 2007 Format

Posted by kdawson on Saturday June 02, @08:15PM from the embrace-extend-extinguish-yourself dept. Microsoft Science

hormiga writes "Some scholarly journals are rejecting submissions made using new Office 2007 formats. Science and Nature are among publishers unwilling to deal with incompatibilities in the new formats, and recommend using older versions of Office or converting to older formats before submission. The new equation editor is cited as a specific problem. Rob Wier recommends that those publishers consider using ODF instead."

If true, we may yet find Jimmy Hoffa... (be skeptical.)

http://science.slashdot.org/article.pl?sid=07/06/03/0018216&from=rss

Wreck of Australian Warship HMAS Sydney Found?

Posted by kdawson on Sunday June 03, @12:09AM from the frieght-and-salvage dept. Space Software

Mendy writes "Tim Ankers, a British archaeologist, claims to have found the wreck of the HMAS Sydney, lost with all hands in the Indian Ocean during World War II. He says that he's done this from the comfort of his home using software he wrote called Merlindown, which can analyze satellite photographs at different wavelengths to 'peer 75 meters into the earth and 16,000 meters beneath the seas.'"