Wednesday, March 10, 2021

Perspective.

https://www.cpomagazine.com/cyber-security/beneath-the-surface-monitoring-the-deep-and-dark-web/

Beneath the Surface: Monitoring the Deep and Dark Web

We are all familiar with the web that Google shows us – the “visible” surface web that is indexed by search engines. When you search for your own name on Google, you’re likely met with results that are familiar to you, including social media profiles, your bio on your employer’s website, and maybe a few local media clippings if you’ve been interviewed by the press. As vast as it may seem, with millions of results for even just a simple search of your name, the surface web actually only makes up about 4% of the entire web. Just like an iceberg, there is a much larger part of the web, the deep web, that is beneath the surface and not indexed. This means search engines cannot “crawl” this information (think: paywalled content, bank account information, medical records, etc.). You cannot locate it with a simple Google search. Enterprises focus much of their attention on the surface web, and rightfully so, because these results make up your company’s public presence. However, monitoring the hidden corners of the internet is just as if not more important for risk professionals.





Learn from the failures of others. How not to gather electronic evidence?

https://www.bespacific.com/you-know-its-bad-when-the-court-decision-has-a-table-of-contents-part-deux/

You Know It’s Bad When The Court Decision Has A Table Of Contents: Part Deux

Above The Law - “…In DR Distributors, LLC v. 21 Century Smoking, Inc., originally filed in 2012, two companies that sell electronic cigarettes brought suit and counterclaims alleging, among other things, trademark violations under the Lanham Act. The court’s decision is 256 pages long. Like the Smalls decision 18 months ago, this decision was at times painful to read. Not because it was long but because it seems that everything that could go wrong did go wrong. In truth, though, most of the damage was entirely self-inflicted and could have been avoided. Much of the blame here is on the defendant because they had repeatedly told former defense counsel that all relevant ESI [electronically stored information] was on four computer hard drives and that they “had all the data,” which was false — and they knew it was false. The defendant here did nothing to educate counsel otherwise, even after it became apparent that defense counsel was under a distinct misunderstanding. In the end, the defendant failed to reasonably search for and produce ESI even after it had been instructed to do so by the court. Former counsel for the defendant is not without blame, though. His errors were fundamental. And “because those fundamental errors occurred at the outset of the case, they permeated the entire case from then on,” the court wrote. Defense counsel failed to understand his client’s ESI, failed to conduct custodian interviews, and failed to issue a written legal hold. In fact, the client here was left to perform the “self-collection of ESI without any instruction, monitoring, or documentation.” In the end, the defendant failed to preserve and timely disclose relevant ESI. Relevant information was spoliated and even after the spoliation was discovered defendant lied about it and counsel failed to inform the court…”





Heads-up (literally). Another theater for war.

https://thenextweb.com/space/2021/03/09/star-wars-france-conducts-first-military-drills-in-space/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheNextWeb+%28The+Next+Web+All+Stories%29

Star wars: France conducts first military drills in space

France today began the first-ever military training drills conducted in space. Begun, the star wars era has.

Working with US Space Force and German space command, the French training drills were designed in response to the shifting global attitude towards space.

According to French news outlet AFP, via Phys.Org, France’s Space Command was announced in 2019. Defense minister Florence Parly told reporters at the time that France needed to act because its “allies and adversaries” were “militarizing space.”





Could be interesting if the court agrees… I suspect they will not agree.

https://www.pogowasright.org/epic-to-supreme-court-congress-allows-people-to-sue-when-their-privacy-rights-are-violated/

EPIC to Supreme Court: Congress Allows People to Sue when their Privacy Rights are Violated

From EPIC.org:

EPIC has filed an amicus brief in TransUnion LLC v. Ramirez, urging the U.S. Supreme Court to hold that people can sue when their privacy rights are violated, regardless of whether they allege that the violation led to other harms. The case concerns a suit brought under the Fair Credit Reporting Act (FCRA), one of many laws that create privacy rights for individuals to help them maintain control over their personal information. Ramirez and many others sued after TransUnion violated the FCRA, but the company argued that they don’t have “standing” to sue. Other tech companies also filed a brief arguing that the Supreme Court should limit standing in privacy lawsuits. Standing is a constitutional doctrine that dictates when federal courts have authority to resolve cases. EPIC argued that privacy plaintiffs have standing to sue and that “standing was never meant to be a complicated inquiry or a substantial barrier to the vindication of legal rights.” EPIC warned that “[c]ourts that require proof of consequential harm are usurping the legislative role and rewriting these privacy laws” because “it is not the business of courts to tell Congress which rights are enforceable, and which are not.” EPIC previously filed an amicus brief in Spokeo and frequently files amicus briefs in cases interpreting standing under a variety of privacy laws.





A simpler decision?

https://www.pogowasright.org/epic-aclu-eff-push-court-to-limit-warrantless-forensic-searches-of-cell-phones/

EPIC, ACLU, & EFF Push Court to Limit Warrantless Forensic Searches of Cell Phones

From EPIC.org:

EPIC, together with the ACLU and EFF, recently filed an amicus brief in Wisconsin v. Burch, urging the Wisconsin Supreme Court to stop police from conducting warrantless forensic searches of cell phones and indefinitely retaining the data based on vague consent forms. The defendant in the case had verbally consented to a limited search of his text messages during a hit-and-run investigation. Police then asked him to sign a vague consent form that did not specify his phone would be forensically analyzed and the data stored indefinitely. Police used a forensic device to download the entire contents of the phone, retained a full copy, and disclosed data that was outside the scope of his limited verbal consent to another department for use in an unrelated investigation. In their brief, EPIC, ACLU, and EFF argued that someone who consents to a limited search does not reasonably expect police may access, copy, and store vast amounts of personal information held on their phone. These searches violate the Fourth Amendment by “enabl[ing] the State to rummage at will among a person’s most personal and private information whenever it wanted, for as long as it wanted” without a warrant. EPIC regularly files amicus briefs challenging unlawful access to cell phone data.





Is every user presumed guilty? I wonder who is behind companies like this… The police?

https://therecord.media/dutch-and-belgian-police-take-down-encrypted-criminal-chat-platform-sky-ecc/

Belgian and Dutch police take down encrypted criminal chat platform Sky ECC

Law enforcement agencies from the Netherlands and Belgium have shut down today Sky ECC, a company that provided a secure encrypted messaging platform to criminal organizations across the world.

Authorities said they infiltrated the platform in mid-February 2021 and have managed to intercept live messages exchanged through the company’s servers.

Officials said they used the access they gained last month to collect information on Sky ECC customers and help prevent violent crimes, such as kidnappings, shootings, and murders.

Dutch Police said Sky ECC launched last year after a similar police investigation shut down Encrochat, a company that provided a similar secure platform and encrypted phones to cybercriminals.





Research tools.

https://www.bespacific.com/search-scholarly-materials-preserved-in-the-internet-archive/

Search Scholarly Materials Preserved in the Internet Archive

Internet Archive Blogs – “Looking for a research paper but can’t find a copy in your library’s catalog or popular search engines? Give Internet Archive Scholar a try! We might have a PDF from a “vanished” Open Access publisher in our web archive, an author’s pre-publication manuscript from their archived faculty webpage, or a digitized microfilm version of an older publication. We hope Internet Archive Scholar will aid researchers and librarians looking for specific open access papers that may not be otherwise available to them. Judith van Stegeren (@jd7g on Twitter), a PhD candidate in the Netherlands, encountered just such a situation recently when sharing a workshop paper on procedural generation in computer games: “Towards Qualitative Procedural Generation” by Mark R. Johnson, originally presented at the Computational Creativity & Games Workshop in 2016. The papers for this particular year of the workshop are not indexed in the usual bibliographic catalogs, and the original workshop website hosting the Open Access papers is no longer accessible. Fortunately, copies of all the 2016 workshop papers were captured in the Wayback Machine, and can be found today by searching IA Scholar by title or conference name.…”





Tools for getting rid of students…

https://www.makeuseof.com/how-to-prepare-virtual-job-fair/

How to Prepare for a Virtual Job Fair

Virtual job fairs are convenient networking opportunities. If you plan on attending one, keep these tips in mind.



No comments: