Accurate, Focused Research on Law, Technology and Knowledge Discovery With Daily Postings Since 2002
Review of the Enterprise E-Mail System Acquisition, September 30, 2016. Reference Number: 2016-20-080. “The IRS purchased subscriptions for an enterprise e-mail system [Microsoft] that, as it turned out, it could not use. The purchase was made without first determining project infrastructure needs, integration requirements, business requirements, security and portal bandwidth, and whether the subscriptions were …
“It may be hard for the media to resist a big email dump, but there are long-term risks. Regular dumps of classified documents and other internal communications have become a fixture of modern life, thanks in part to stateless—and frequently lawless—entities like WikiLeaks. But is publishing those leaks always the right thing to do? That’s …
Security Fatigue, Issue No. 05 – Sept.-Oct. (2016 vol. 18) ISSN: 1520-9202 pp: 26-32 DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2016.84 “Security fatigue has been used to describe experiences with online security. This study identifies the affective manifestations resulting from decision fatigue and the role it plays in users’ security decisions. A semistructured interview protocol was used to collect …
UK Guardian: “Yahoo last year secretly built a custom software program to search all of its customers’ incoming emails for specific information provided by US intelligence officials, sources have told Reuters. The company complied with a classified US government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security …
Washington Post – This judge just released 200 secret government surveillance requests “U.S. District Chief Judge Beryl A. Howell, a former Senate aide who helped draft the Patriot Act, has defied easy labeling throughout a decades-long career spent charting the frontier of technology and law in the nation’s capital….In ordering the first-ever release by a …
Welcome to the Dark Net, A Wilderness Where Invisible World Wars Are Fought and Hackers Roam Free “…Definitions. A vulnerability is a weakness in a network’s defenses. An exploit is a piece of software that takes advantage of a vulnerability. A zero-day exploit is a piece of software that takes advantage of a vulnerability that …
Gone but not forgotten, email messages lost, not archived, disappeared – at the highest level of government – written by officials from both parties, and lest we forget, this reminder by Nina Burleigh in Newsweek – “For 18 months, Republican strategists, political pundits, reporters and Americans who follow them have been pursuing Hillary Clinton’s personal email …
“Hillary Rodham Clinton served as U.S. Secretary of State from January 21, 2009 to February 1, 2013. The FBI conducted an investigation into allegations that classified information was improperly stored or transmitted on a personal e-mail server she used during her tenure.” Via WSJ.com: “On Friday afternoon September 2, 2016], the Federal Bureau of Investigation …
PCWorld: “The hacker who claims to have breached the Democratic National Committee’s computers is now taking credit for hacking confidential files from a related campaign group. Guccifer 2.0 alleged on Friday that he also attacked the servers of the Democractic Congressional Campaign Committee (DCCC). He posted some of the purported files on his blog, and …
“NIST has recently expanded the flexibility and enhanced the security of Personal Identity Verification (PIV) credentials by updating the following guidelines: • Special Publication (SP) 800-156, Representation of PIV Chain-of-Trust for Import and Export, provides details regarding the use of chain -of -trust for import and export among PIV Card issuers. • SP 800-166, Derived …
EFF Surveillance Self Defense – “When an attacker sends an email or link that looks innocent, but is actually malicious, it’s called phishing. Phishing attacks are a common way that users get infected with malware—programs that hide on your computer and can be used to remotely control it, steal information, or spy on you. In …
Dan Goodin, arstechnica, August 3, 2016: “The HTTPS cryptographic scheme protecting millions of websites is vulnerable to a newly revived attack that exposes encrypted e-mail addresses, social security numbers, and other sensitive data even when attackers don’t have the ability to monitor a targeted end user’s Internet connection. The exploit is notable because it doesn’t …
