Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: PC Security

Financial Institutions Directed to Respond to Hearbleed Attacks

Via American Banker: “The Federal Financial Institutions Examination Council said Thursday that it expects “financial institutions to incorporate patches on systems and services, applications, and appliances using OpenSSL and upgrade systems as soon as possible to address the vulnerability.” OpenSSL is open-source software that lets web sites encrypt communications with visitors. A vulnerability has been foundContinue Reading

FTC- Heartbleed May Cause You Some Heartache

News release: “If you’re thinking “Heartbleed” sounds serious, you’re right. But it’s not a health condition. It’s a critical flaw in OpenSSL, a popular software program that’s used to secure websites and other services (like VPN and email). If your company relies on OpenSSL to encrypt data, take steps to fix the problem and limitContinue Reading

IRS misses XP deadline, pays Microsoft millions for patches

ComputerWorld: “The U.S. Internal Revenue Service (IRS) acknowledged this week that it missed the April 8 cut-off for Windows XP support, and will be paying Microsoft millions for an extra year of security patches. Microsoft terminated Windows XP support on Tuesday when it shipped the final public patches for the nearly-13-year-old operating system. Without patches for vulnerabilitiesContinue Reading

EFF- Why the Web Needs Perfect Forward Secrecy More Than Ever

“EFF has long advocated for websites to support HTTPS instead of plain HTTP to encrypt and authenticate data transmitted on the Internet. However, we learned yesterday of a catastrophic bug, nicknamed “Heartbleed,” that has critically threatened the security of some HTTPS sites since 2011. By some estimates, Heartbleed affects 2 out of 3 web servers on the Internet. Heartbleed isn’t aContinue Reading

EFF – Websites Must Use HSTS in Order to Be Secure

EFF: “You would think that by now the Internet would have grown up enough that things like online banking, email, or government websites would rely on thoroughly engineered security to make sure your data isn’t intercepted by attackers. Unfortunately when it comes to the vast majority of websites on the Internet, that assumption would beContinue Reading

Fourth Annual Benchmark Study on Patient Privacy and Data Security

Ponemon Institute: “…we are releasing our Fourth Annual Benchmark Study on Patient Privacy and Data Security. We hope you will read the report sponsored by ID Experts that reveals some fascinating trends. Specifically, criminal attacks on healthcare systems have risen a startling 100 percent since we first conducted the study in 2010. This year, we found theContinue Reading

New on LLRX – $38 Datawind UbiSlate 7Ci tablet as an e-reader

Via LLRX.com - $38 Datawind UbiSlate 7Ci tablet as an e-reader: Avoid this adware trap despite its many positives! David Rothman is spearheading chronicling the progress of expanding low cost access to e-readers as libraries engage in mission critical outreach efforts to reach underserved communities. In this article, Rothman asks: Suppose you could buy an iPad for $38, readContinue Reading

Report – Encryption Would Have Stopped Snowden From Using Secrets

Chris Strohm, Bloomberg: “Edward Snowden could have been thwarted from leaking classified U.S. documents if the National Security Agency encrypted the information to make it unreadable, two former senior cybersecurity officials said. Snowden would have needed a digital key to decipher the secrets after gaining access to them if the data was scrambled, Ira “Gus” Hunt, formerContinue Reading

Leaked Documents Reveal Government Cyber Attacks on Hactivists

NBC News – MARK SCHONE, RICHARD ESPOSITO, MATTHEW COLE AND GLENN GREENWALD: “Secret British spy unit created to mount cyber attacks on Britain’s enemies has waged war on the hacktivists of Anonymous and LulzSec, according to documents taken from the National Security Agency by Edward Snowden and obtained by NBC News. The blunt instrument the spy unitContinue Reading

New Report Focuses on Disaster Unpreparedness

Meritalk report [snipped]: •”Federal IT professionals give themselves high DR2 grades: •One in four give their agency an “A” in DR2 preparedness and nearly all give a passing grade •Despite the high marks, many agencies fail to test their data recovery capabilities: •In the last 12 months, only 54% of agencies have tested their abilityContinue Reading

The Cost of Surveillance

Via Ashkan Soltani: “The Yale Law Journal Online (YLJO) just published an article that Ashkan Soltani co-authored with Kevin Bankston (first workshopped at the Privacy Law Scholars Conference last year) entitled Tiny Constables and the Cost of Surveillance: Making Cents Out of United States v. Jones. In it, we discuss the drastic reduction in the cost of tracking an individual’s location and show how technology has greatlyContinue Reading

Review Group on Intelligence and Communications Technologies Presents Report to President Obama

Transmittal Letter from Richard A. Clarke; Michael J. Morell; Geoffrey R. Stone; Cass R. Sunstein; Peter Swire - “Dear Mr. President: We are honored to present you with the Final Report of the Review Group on Intelligence and Communications Technologies – Liberty and Security in a Changing World. Consistent with your memorandum of August 27, 2013, our recommendationsContinue Reading