Pirates Get a Taste of Microsoft COFEE
Ars Technica- Microsoft’s Computer Online Forensic Evidence Extractor (COFEE) software, which helps law enforcement officials grab data from password protected or encrypted sources, has leaked. Microsoft’s Computer Online Forensic Evidence Extractor (COFEE) has made it into the hands of pirates, and their virtual ships are distributing it quickly for everyone to get a taste. The COFEE application uses common digital forensics tools to help law enforcement officials at the scene of a crime gather volatile evidence of live computer activity that would otherwise be lost in a traditional offline forensic analysis. In other words, it lets officers grab data from password-protected or encrypted sources. That means you can now break the law twice over: download the software and then use it to steal information from other people’s computers. »Full story
Facebook Privacy Changes Draw Mixed Reviews
COMPUTERWORLD- IDG News Service - Facebook’s revamped privacy settings will push more user data onto the Internet and, in some cases, make privacy protection harder for Facebook users, digital civil liberties experts said. While acknowledging that many of the changes unveiled Wednesday will be good for privacy, Electronic Frontier Foundation (EFF) Attorney Kevin Bankston said the social networking site is also removing some important privacy controls that it should have kept. »Full story
Hackers pillage jailbroken iPhones
COMPUTERWORLD - Hackers are plundering personal data from jailbroken iPhones using the tactic demonstrated last week by an Australian programmer’s self-described “prank,” researchers said today.
The new malware, dubbed “iPhone/Privacy.A” by Austin, Tex.-based security vendor Intego, uses the same approach as last week’s “ikee” worm to silently snatch control of some iPhones. The attack code then steals a wide variety of personal information from the hijacked iPhone, including e-mail messages, names from the address book, text messages, music and video files, photos and calendar entries. »Full story
Social Networking Explodes and The Law Will Follow
FindLaw- Last week, I told you about how college admissions offices are considering the social networking pages of prospective applicants. I now am here to report that social networking is not a passing fancy; indeed, the time spent by Americans on social networking sites is increasing dramatically. And, of course, where people go, the law will follow. »Full story
According to a recent report from Nielsen Online, the time that Americans spend on social networking sites is up a staggering 83% from just one year ago. »Full story
Crafting a More Effective Keyword Search
Law.com, By Craig Ball- Hear that rumble? It’s the bench’s mounting frustration with the senseless, slipshod way lawyers approach keyword search. It started with federal Magistrate Judge John Facciola’s observation that keyword search entails a complicated interplay of sciences beyond a lawyer’s ken. He said lawyers selecting search terms without expert guidance were truly going “where angels fear to tread.”
Federal Magistrate Judge Paul Grimm called for “careful advance planning by persons qualified to design effective search methodology” and testing search methods for quality assurance. “The party selecting the methodology must be prepared to explain the rationale for the method chosen to the court, demonstrate that it is appropriate for the task, and show that it was properly implemented,” he declared. » Full story
Police say hacker stole phone time from AT&T, others
COMPUTERWORLD- IDG News Service - An Italian magistrate has issued an international arrest warrant for a Filipino hacker suspected of causing millions of dollars of losses to telecommunications multinationals, and Italian police have arrested five Pakistani nationals accused of exploiting the hacker’s work to defraud the telecom companies, officials in the northern city of Brescia said Friday.
The Filipino hacker allegedly penetrated the IT systems belonging to customers of major telephone companies, including AT&T, to steal access codes for international phone calls that he then sold to the group of Italy-based Pakistanis who ran a network of public phone centers. Police declined to identify the hacker by name, saying only that he was a 27-year-old male living in the Philippines. »Full story
Don’t Mess With System Metadata.
Law.com- Why do people who know better than to traipse through crime scenes blithely muck about with digital smoking guns? With computers, it seems we must trip over the corpus delecti and grab the knife before we realize we’re standing in a pool of blood!
Sometimes a computer holds evidence, and sometimes a computer is evidence. It’s a distinction with a difference when deciding whether to act in ways that will stomp on data essential to computer forensic examination.
In most e-discovery efforts, computers are just digital file cabinets, and the evidence is the e-mail and files stored within. Just as paper records require a modicum of care to avoid ripping and staining, digital documents require preservation of basic metadata akin to date stamps and margin notes on paper documents. But, we needn’t go to extraordinary lengths to protect this information. It’s either embedded in the files and e-mail messages as application metadata, or stored by the operating system as accessible system metadata — such as file names, folder locations and the dates files were created, modified and accessed. We use such stuff every day, so preserving it isn’t rocket science and needn’t be expensive or cumbersome. » Full story
How Facebook mucks up office life.
COMPUTERWORLD- Managing a workforce is already a challenging job; now Facebook and other social networks raise a host of sticky new situations. Imagine walking into a meeting and encountering not just your current co-workers, but all your colleagues and managers from jobs past, along with your spouse, your college drinking buddies, your Senior Prom date, and, off in a corner, your adolescent son, busy telling your boss how many hours he logs in every day playing Grand Theft Auto.
It’s not a nightmare, it’s Facebook.
If you’re anything like the 200 million users on the burgeoning social network, you probably didn’t give enough thought when you first signed on to which friend requests you accepted, or whom you invited via the Friend Finder. Now you’ve got a dangerously random group of friends and friends-of-friends sharing — and over-sharing — information, sometimes without your even being aware of it. »Full story
Linux group seeks to discredit Microsoft patents in TomTom case.
COMPUTERWORLD- A Linux group is hoping to discredit three Microsoft Corp. patents that were at the heart of the software vendor’s recent lawsuit against GPS device maker TomTom NV.
The Open Innovation Network is asking people to examine three patents and submit any so-called “prior art” that might call into question the validity of the patents. Prior art is information that describes similar technology and was published before the patent was issued.
The patents were at the heart of a lawsuit Microsoft filed against Amsterdam-based TomTom. As part of a settlement, TomTom agreed to pay Microsoft to license the patents for technologies in its car navigation and file management system. »Full story
Laid-off workers as data thieves?
COMPUTERWORLD- The latest example is a newly released report from security vendor Symantec Corp. and the Ponemon Institute suggesting a growing crime wave where laid-off workers exact vengeance on their former employers by walking out the door with sensitive customer data and other proprietary information.
The Ponemon Institute conducted the Web-based survey last month — polling nearly 1,000 Americans who had left an employer within the past year — and found, according to the press release, that “59% of ex-employees admit to stealing confidential company information, such as customer contact lists. The results also show that if respondents’ companies had implemented better data loss prevention policies and technologies, many of those instances of data theft could have been prevented.”
“The survey’s findings should sound the alarm across all industries: your sensitive data is walking out the door with your employees. Even if layoffs are not imminent, companies need to be more aware of who has access to sensitive business information,” Ponemon Institute founder and Chairman Larry Ponemon said in the press release. “Our research suggests that a great deal of data loss is preventable through the use of clear policies, better communication with employees, and adequate controls on data access.” » Full story
..
As Jurors Turn to Web, Mistrials Are Popping Up
New York Times- It might be called a Google mistrial. The use of BlackBerrys and iPhones by jurors gathering and sending out information about cases is wreaking havoc on trials around the country, upending deliberations and infuriating judges.
Last week, a juror in a big federal drug trial in Florida admitted to the judge that he had been doing research on the case on the Internet, directly violating the judge’s instructions and centuries of legal rules. But when the judge questioned the rest of the jury, he got an even bigger shock.
Eight other jurors had been doing the same thing. The federal judge, William J. Zloch, had no choice but to declare a mistrial, a waste of eight weeks of work by federal prosecutors and defense lawyers.
“We were stunned,” said a defense lawyer, Peter Raben, who was told by the jury that he had been on the verge of winning the case. “It’s the first time modern technology struck us in that fashion, and it hit us right over the head.”
It might be called a Google mistrial. The use of BlackBerrys and iPhones by jurors gathering and sending out information about cases is wreaking havoc on trials around the country, upending deliberations and infuriating judges.
Last week, a building products company asked an Arkansas court to overturn a $12.6 million judgment, claiming that a juror used Twitter to send updates during the civil trial.
And on Monday, defense lawyers in the federal corruption trial of a former Pennsylvania state senator, Vincent J. Fumo, demanded before the verdict that the judge declare a mistrial because a juror posted updates on the case on Twitter and Facebook. The juror had even told his readers that a “big announcement” was coming on Monday. But the judge decided to let the deliberations continue, and the jury found Mr. Fumo guilty. His lawyers plan to use the Internet postings as grounds for appeal. » Full Story
..
As e-Discovery Rules - Interpreting ESI from Federal to State Courts By Eric Sedwick, Fios Inc
FindLaw- Following the two-year anniversary of the amendments to the Federal Rules of Civil Procedure (FRCP) approaching, the federal courts are still getting their feet wet in developing a basic understanding of what constitutes electronically stored information (ESI). Is it email? Certainly, but what about the email stored on inaccessible backup tapes or legacy systems from 15 years ago? What about voicemail, instant messages or random access memory (RAM)? Determining what constitutes ESI has direct implications for the overall costs of accessing, collecting, reviewing and producing ESI.
Now, to complicate things further, consider state courts. Each state has its own unique rules of civil procedure. Those rules are often based, to a certain degree, on the FRCP and the federal courts’ applications of them. Why is this important? Put simply, most cases are litigated in state court. While some may argue jurisdiction and other issues make it unlikely that many “bet-the-company” cases will be decided in state courts, smart companies are seriously considering state court rules and working quickly to develop a more complete understanding of them.
And they should. High-profile states, like Texas and New Jersey are leading the way in developing rules that emulate their best understanding of the FRCP amendments, or at least the perceived intent of the amendments. This article reviews some of the states that are playing a critical and influential role in determining how to better account for ESI during discovery, as well as inconsistencies that can be encountered from state to state. » Full Story
