If they would not have
been allowed to force her to reveal the password protecting the data,
are they allowed to “break into” the data? Sounds to me like we
still have a constitutional question.
Constitutional
Showdown Voided: Feds Decrypt Laptop Without Defendant’s Help
Colorado federal authorities have
decrypted a laptop seized from a bank-fraud defendant, mooting a
judge’s order that the defendant unlock the hard drive so the
government could use its contents as evidence against her.
The development ends a contentious
legal showdown over whether forcing a defendant to decrypt a
laptop is a breach of the Fifth Amendment right against compelled
self incrimination.
… “They must have used or found
successful one of the passwords the co-defendant provided them,”
Fricosu’s attorney, Philip Dubois, said in a telephone interview
Wednesday. [Does that suggest that he encrypted the
data rather than her? Bob]
He said the authorities delivered to
him Wednesday a copy of the information they discovered on the drive.
Dubois said he has not examined it.
The development comes a week after a
federal appeals court ruled in a separate case that forcing a
criminal suspect to decrypt hard drives so their contents can be used
by prosecutors is a breach
of the Fifth Amendment right against compelled
self-incrimination.
… The decision by the 11th U.S.
Circuit Court of Appeals said that an encrypted hard
drive is akin to a combination to a safe, and is off
limits, because compelling the unlocking of either of
them is the equivalent of forcing testimony.
...and I'm renaming it.
Henceforth it shall be called “Bob”
Space
station control codes on stolen NASA laptop
A laptop stolen from NASA last year
contained command codes used to control the International Space
Station, an internal investigation has found.
The laptop, which was not encrypted,
was among dozens of mobile devices lost or stolen in recent years
that contained sensitive information, the space agency's inspector
general told Congress today in testimony highlighting NASA's security
challenges.
A study we can use...
Data
Breach Case Research Paper Sheds Light
March 1, 2012 by admin
Kristin J. Mathews writes:
In a draft
research paper titled “Empirical Analysis of Data Breach
Litigation”, three prominent scholars have collected and
analyzed a sample of over 230 federal data breach lawsuits in order
to deduce just what makes them tick.
Romanosky, Hoffman
and Acquisti examined, for example, what factual and
legal characteristics made a company more likely to be sued for a
breach of personal data, and what made a data breach lawsuit more
likely to settle.
Read more on Proskauer’s Privacy
Law Blog.
I propose that we change
the term “default password” to “extremely insecure password
because everyone knows what it is and you'll look like a fool if you
don't change it NOW!”
Outsider
Hacks Dominated 2011 Security Breaches
March 1, 2012 by admin
Kelly Jackson Higgins reports from RSA:
More than 85%
of the data breach incident response cases investigated by Verizon
Business last year originated from a hack,
and more than 90% of them came from the outside
rather than via a malicious insider or business partner.
Tuesday, Verizon
published a snapshot of data from its upcoming 2012 Data Breach
Investigations Report, using data from its own caseload of some 90 of
its 855 breach cases for last year.
“This
is the first year that we worked more cases outside the U.S. than
inside. That ratio has been building and it makes the
case that this is not a U.S.-specific problem. All regions are
having data breaches,” said Wade Baker, director of research and
intelligence at Verizon Enterprise Solutions.
Read more on Dark
Reading.
No surprises there if you’ve been
following this blog or DataLossDB.org. It would be nice to
consolidate their database with DLDB’s, though, to provide one more
complete database. I suspect each database has breaches the other
one doesn’t have.
[From the article:
The
most commonly used venue for breaches was exploiting default or
easily guessed passwords, with 29% of the cases last year,
followed by backdoor malware (26%), use of stolen credentials (24%),
exploiting backdoor or command and control channels (23%), and
keyloggers and spyware (18%). SQL injection attacks accounted for 13%
of the breaches.
This isn't new.
"Domain seizures are nothing
new, but this particular case is interesting. The Department of
Homeland Security has seized
a domain name registered outside of the U.S., by individuals who
are not American citizens, and who registered with a Canadian
registrar. From the article: 'The ramifications of this are no less
than chilling and every single organization branded or operating
under .com, .net, .org, .biz etc needs to ask themselves about their
vulnerability to the whims of US federal and state lawmakers (not
exactly known their cluefulness nor even-handedness, especially with
regard to matters of the internet).'"
[From the article:
The indictment focuses on the movement
of funds from accounts outside the U.S., in Switzerland, England,
Malta, and Canada, and the hiring of media resellers and advertisers
to promote Internet gambling.
“Sports betting is illegal in
Maryland, and federal law prohibits bookmakers from flouting that law
simply because they are located outside the country,” Rosenstein
said in a statement. “Many of the harms that underlie gambling
prohibitions are exacerbated when the enterprises operate over the
Internet without regulation.”
… But at the end of the day what
has happened is that US law (in fact, Maryland state law) as been
imposed on a .com domain operating outside the USA, which is the
subtext we were very worried about when
we commented on SOPA. Even though SOPA is currently in limbo,
the reality that US law can now be asserted over all domains
registered under .com, .net, org, .biz and maybe .info (Afilias is
headquartered in Ireland by operates out of the US).
This is no longer a doom-and-gloom
theory by some guy in a tin foil hat. It just happened.
Certainly nothing new here
either. Will we see “electronics denial” weapons?
Darpa
Warns: Your iPhone Is a Military Threat
“Commercial consumer electronics has
created vulnerabilities by enabling sensors, computing, imaging, and
communications capabilities that as recently as 15 years ago, were
the exclusive domain of military systems,” Darpa deputy director
Kaigham “Ken” Gabriel tells the House Armed Services Committee’s
panel
on emerging threats. “These capabilities now are in the hands
of hundreds of millions of people around the world and in use every
day.”
… Another way to defend against
enemy gadgets is to fry them with microwaves.
[Microwave the users along with the electronics? Bob]
That’s the goal of the Air Force’s “Counter-Electronics
High Power Microwave Advanced Missile Project,” or CHAMP.
So much for “learning”
what the user intended...
Blown
text auto-correct locks down school
A Georgia student texts: "Gunna be
at West Hall this afternoon." Auto-correct, however changes the
first word to "gunman." Pandemonium ensues.
Looks like they were
getting “background checks” on a few (200 since 2003)
individuals, which raises an interesting question: If this is a
standard service, available from several French companies, where is
the liability? The security service must leak like a sieve!
Ikea
‘stole secret French police reports’ – claim
March 1, 2012 by Dissent
Swedish furniture
giant IKEA has responded to accusations it illegally accessed secret
police files in France as part of its security operation.
Reports in weekly
newspaper Le Canard Enchaîné and investigative website Rue89 say
the company used French security companies
to gain access to documents held in the STIC system.
Read more on The
Local. They allegedly used police files not just to screen
potential employees but also to get information on some customers.
(Related) Probably not how they would
describe it, but the illustration is a screenshot of a “Background
Check” website...
In
the world of Big Data, privacy invasion is the business model
… Privacy invasion is the best
business model in the information economy. Companies will
increasingly stop at nothing to get your information and sell it to
whomever is buying. And some of the worst offenders--data brokers
you've never even heard of--seem to be inspiring the companies and
apps we use every day to emulate their shadowy data-gathering
behaviors.
I had assumed that if I could be
watched by a person I could also be videotaped. This seems to say
that the videotape should have been tossed out (it wasn't) but makes
no mention of the person watching.
Does
Jones
Create A Right Not to Be Videotaped in Public Without A Warrant?
March 1, 2012 by Dissent
Orin Kerr always provides foods for
thought. In another blog post yesterday, he writes:
Two Justices of
the Montana Supreme Court think so, based on a special concurrence in
Montana State Fund v. Simms
(February 1, 2012). Justice Nelson (joined by Justice Wheat)
suggests that under United
States v. Jones, the Fourth Amendment limits
the government’s ability to videotape people in public to
determine if they are engaged in worker’s compensation fraud.
Read more on The
Volokh Conspiracy.
[Quoted in Volokh:
Montanans do retain expectations of
privacy while in public. And Montanans do not reasonably expect that
state government, in its unfettered discretion and without a warrant,
is recording and aggregating their everyday activities and public
movements in a manner which enables the State to
ascertain and catalog their political and religious beliefs, their
sexual habits, and other private aspects of identity.
So how do we ensure more good than bad?
February 29, 2012
Pew
- Millennials will benefit and suffer due to their hyperconnected
lives
Millennials
will benefit and suffer due to their hyperconnected lives - by
Janna Anderson, Lee Rainie, February 29, 2012
- "Teens and young adults brought up from childhood with a continuous connection to each other and to information will be nimble, quick-acting multitaskers who count on the Internet as their external brain and who approach problems in a different way from their elders, according to a new survey of technology experts. Many of the experts surveyed by Elon University’s Imagining the Internet Center and the Pew Internet Project said the effects of hyperconnectivity and the always-on lifestyles of young people will be mostly positive between now and 2020. But the experts in this survey also predicted this generation will exhibit a thirst for instant gratification and quick fixes, a loss of patience, and a lack of deep-thinking ability due to what one referred to as “fast-twitch wiring.”
Is this likely to become a significant
category of e-Books? After all, an online “Pocket Guide” can now
contain more information that the Library of Congress. Imagine a
collaborative book of math formulas or (oxymoron alert) legal wisdom?
http://www.wired.com/wiredscience/2012/03/microbe-field-guide/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+wired%2Findex+%28Wired%3A+Index+3+%28Top+Stories+2%29%29
Book
of Germs: The Quest for a Field Guide to Microbes
Every nature lover knows field guides,
those handy compendia of the natural world. There are thousands of
titles for birds alone, but microbes have been largely overlooked,
even though their total biomass is equivalent to all the plants and
animals on Earth. And the field guides that do exist are far from
comprehensive.
For the Criminal Justice students.
Might be a fun to create a local “scavenger hunt”
U.S.
Wants You to Hunt Fugitives With Twitter
A worldwide manhunt kicks off at the
end of March — a search across America and Europe for five
fugitives, identifiable only by their mugshots. The successful team
of trackers not only gets a $5,000 bounty from the U.S. State
Department. They demonstrate to the planet’s law enforcement and
intelligence agencies that they can hunt down fleeting suspects using
nothing but their wits and social media connections.
The “Tag
Challenge” isn’t the first contest designed to show how a
networked crowd can unearth seemingly obscure information in a hurry.
But this simulation may be the one with the widest scope — and the
most relevance to government agencies.
Five jewel thieves are at large in New
York, London, Washington, Stockholm, and Bratislava: That’s the
(rather thin) conceit behind the Tag Challenge. At 8 a.m. local time
in each city on March 31, contest organizers will release a picture
of the local burglar. Contestants will then have 12 hours to scour
their cities, find each of the volunteer crooks, and upload photos of
them to the Challenge’s website.
Perspective
Tipping
Point: Smartphone Owners Now Outnumber Other Mobile Users In The U.S.
… As of February 2012, 46 percent
of the 2,253 adults surveyed said they are now smartphone owners —
growing 11 percent in the last nine months, while 41 percent of
adults own a device that is not a smartphone.
What’s interesting is that these are
averages, meaning that we really are seeing a critical mass affecting
different demographics. The numbers are actually significantly
higher in certain age groups like young adults: among college
graduates, 18-35 year olds and the well off, those who said they used
a smartphone was at 60 percent and up.
Dr. Michelle Post showed me this one.
Great tool for anyone who writes! And it's FREE!
Paper
Rater
PaperRater.com is a free resource,
developed and maintained by linguistics professionals and graduate
students. PaperRater.com is used by schools and universities in over
46 countries to help students improve their writing.
Free
Online Proofreading
Grammar
& Spelling Check
Plagiarism
Detection
Writing
Suggestions
No comments:
Post a Comment