Internet, Information Technology & e-Discovery Blog

Internet, Information Technology & e-Discovery Blog

Social changes brought about by the Internet & Technology

US Supreme Court Hears Argument that Might Hurt Cloud Storage

Posted in eCommerce

During a hearing in a copyright infringement case about TV programs the alleged infringer’s attorney argued that the “cloud computing industry is freaked out about this case” and that a ruling against Aereo would expose the “the cloud industry” to “potentially ruinous liability” as reported by the New York Times.

However can the Supreme Court really understand the cloud?  “The Aereo case is being decided by people who call iCloud ‘the iCloud.’ Yes, really” was a Washington Post blog which poked fun at the Supreme Court Justices that they did not really have a clue about the technology in dispute.

Computerworld reported that Aereo’s position before the Supreme Court that:

Aereo does not trigger the so-called public performance clause in U.S. copyright law, and should not have to pay royalties, because it gives subscribers access only to TV stations that are available over the air for free.

While copyright law requires royalties for public performances, defined as a performance “at a place open to the public or at any place where a substantial number of persons outside of a normal circle of a family and its social acquaintances is gathered,” Aereo provides a personalized service to each subscriber.

However Computerworld described the TV networks response that:

…the Supreme Court doesn’t need to deal with cloud storage services in the case. A cloud storage service is different from Aereo because users are providing content they’ve obtained, while Aereo gives subscribers access to content…

The New York Times also reported that:

Malcolm L. Stewart, a deputy solicitor general, argued in support of the broadcasters on behalf of the federal government. He acknowledged that cloud services that store and perhaps aggregate content were in some ways similar and posed difficult questions under the copyright laws.

Based on comments during the argument from the Justices they said they understood the far-reaching implications of the ruling in Aereo case, but really do they understand?

Now the cloud community awaits the ruling

Internet of Things (IoT) is Transforming Internet Security

Posted in eCommerce, Internet Privacy, IT Industry

IoT  means “potentially billions of devices will report data about themselves, making it possible to create new applications in areas as diverse as factory optimization, car maintenance, or simply keeping track of your stuff online” as reported in MIT Technology Review.  The IoT allows Internet communications with unique objects using Radio-frequency identification (RFID), QR codes, barcodes, and GPS in cells and tablets.

Computerworld identified the following 6 ways IoT will transform enterprise security:

1. The IoT will create billions of new (insecure) end points. Analyst firms have differing takes on the number of devices or “things” that will connect to the Internet by 2020. Estimates range from Gartner’s 26 billion devices to IDC’s somewhat dystopian projection of 212 billion installed devices. Regardless of which is right, the one thing that is certain is that a lot of IP-enabled devices will one day find a home inside enterprises. Examples include smart heating and lighting systems, intelligent meters, equipment monitoring and maintenance sensors, industrial robots, asset tracking systems, smart retail shelves, plant control systems and personal devices such as smart watches, digital glasses and fitness monitoring products.

2. The IoT will inevitably intersect with the enterprise network. Just as there are no truly standalone industrial control networks and air traffic control networks anymore, there won’t be a truly standalone enterprise network in an IoT world, says Amit Yoran, general manager at RSA and former director of the National Cyber Security Division at the U.S. Department of Homeland Security.

3. The IoT will be a world of heterogeneous, embedded devices. Most “things” in an IoT world will be appliances or devices with applications embedded in the operating system and wrapped tightly around the hardware, said John Pescatore, director of research at the SANS Institute in Bethesda, Md.

4. The IoT will enable physical and physiological damage. While online threats mainly affect data, in an IoT world there will be physical and physiological risks as well, said Michael Sutton, vice president of security research at Zscaler.

5. The IoT will create a new supply chain. In a majority of cases, enterprises will have to either rely on device manufacturers for patching, firmware and operating system support or find a way to support the technologies on their own. Many of the devices that connect to the enterprise network in the not-too-distant future will be from companies that traditional IT security organizations are not familiar with.

6. The IoT will exacerbate the volume, stealth and persistence of online attacks. In theory at least, the threats posed by a completely interconnected world are not very different from the threats faced by most IT organizations today. Many companies are already intimately familiar with the challenges posed by smartphones, tablets and other wireless-enabled devices. What is different with the IoT is the sheer scale and scope of the challenge.

IoT has been discussed since about 1991, particularly with the use of RFID, but as the Internet grows IoT will become more important to security for all business and individuals.

Improve Your LinkedIn Profile

Posted in Social Media

Since LinkedIn accounts for 64% of all visits to corporate websites from Social Media, it is critical that all LinkedIn users improve their LinkedIn profiles.  A recent article in InformationWeek entitled “LinkedIn Tips: 10 Steps To A Stronger Profile” has some great advice for LinkedIn users, even if all 10 do not apply to everyone.  The 10 Steps are:

1. Update your profile picture. Upload a profile picture to increase the chances that others click on your profile. According to the professional social network, people are seven times more likely to view your profile if you include one.

2. Add media to your profile.  Make your profile more engaging by showing off your work: LinkedIn lets you upload images, videos, presentations, and documents. To add these to your profile, click Edit Profile from the menu at the top. Under your Summary, Experience, and Education profile sections is an icon: a square with a (+) symbol. Click this button to upload a file or add a link to something you want to share.

3. Find job leads with LinkedIn’s Alumni Tool. LinkedIn’s Alumni Tool helps you discover where your alma mater’s alumni work, which could lead to new connections and job leads, according to LinkedIn’s Nicole Williams.

4. Search and apply for jobs on the go. Take advantage of in-between moments — at the doctor’s office or during the commute to work, for example — to search for, save, and apply for jobs that interest you.

5. Publish a blog post. LinkedIn’s newest addition to its suite of products and features is a blogging platform that lets users share their expertise and views on industry news. This feature is still rolling out to users.

6. Add volunteer work to your profile. Forty-two percent of hiring managers agree that volunteer work is just as valuable as paid work experience, according to a LinkedIn survey. Twenty percent said they would hire someone because of his or her volunteer experience.

7. Participate in Groups. LinkedIn Groups are one of the site’s most undervalued features, says Nicole Williams. “Search for groups where you can find active, inspiring people — and they don’t need to be related to your career, either. Belonging to groups outside your profession, like location-based networking groups or hobbies, gives others a fuller picture of who you are when they visit your profile.”

8. Use Advanced Search to find jobs. LinkedIn’s Advanced Search feature lets you search for people and jobs based on specific criteria that you input and is especially useful in your job search, says Williams.

9. Save a job search. You can save any job search you perform on LinkedIn, which makes it easier to revisit later to browse recent positions that companies add.

10. Request recommendations. While Endorsements, which let you vote up a connection’s skill with a quick click, are easy to dole out and accumulate, they’re not as valuable as a written recommendation, according to Nicole Williams. Send a message to a few of your closest former and current colleagues and request a recommendation.

The LinkedIn networking is an important part of my “Pool Ball Theory” is that if pool balls are not moving on a pool table the probability that a ball will fall in a pocket is ZERO, and my business opportunities will be ZERO if I don’t continually network.

NSA Exploited Heartbleed Bug for Years

Posted in Internet Privacy

A report that the NSA regularly used the Heartbleed bug for years “to gather critical intelligence” but kept “the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government’s top computer experts” according to Bloomberg News.  Bloomberg went on to report:

The NSA and other elite intelligence agencies devote millions of dollars to hunt for common software flaws that are critical to stealing data from secure computers. Open-source protocols like OpenSSL, where the flaw was found, are primary targets.

The Heartbleed flaw, introduced in early 2012 in a minor adjustment to the OpenSSL protocol, highlights one of the failings of open source software development.

Computerworld reported how ironic it was about the Bloomberg report came the same day as the US Department of Homeland Security issued a warning about the Heartbleed bug:

While there have not been any reported attacks or malicious incidents involving this particular vulnerability confirmed at this time, it is still possible that malicious actors in cyberspace could exploit un-patched systems.

Only time will tell about how devastating the Heartbleed bug will be to Internet users, but the impact on national security will be interesting to analyze.

9 Problems with Big Data

Posted in eCommerce, Social Media

There may be too many headlines about “combining the power of modern computing with the plentiful data of the digital era, it promises to solve virtually any problem — crime, public health, the evolution of grammar, the perils of dating — just by crunching the numbers” as opined in the New York Times.  This opinion was written by New York University professor of psychology Gary Marcus who is an editor of the forthcoming book “The Future of the Brain” and professor of computer science Ernest Davis, and they offer this advice:

Big data is here to stay, as it should be. But let’s be realistic: It’s an important resource for anyone analyzing data, not a silver bullet.

Professors Marcus and Davis suggest the following problems with Big Data:

The first thing to note is that although big data is very good at detecting correlations, especially subtle correlations that an analysis of smaller data sets might miss, it never tells us which correlations are meaningful. A big data analysis might reveal, for instance, that from 2006 to 2011 the United States murder rate was well correlated with the market share of Internet Explorer: Both went down sharply. But it’s hard to imagine there is any causal relationship between the two. Likewise, from 1998 to 2007 the number of new cases of autism diagnosed was extremely well correlated with sales of organic food (both went up sharply), but identifying the correlation won’t by itself tell us whether diet has anything to do with autism.

Second, big data can work well as an adjunct to scientific inquiry but rarely succeeds as a wholesale replacement. Molecular biologists, for example, would very much like to be able to infer the three-dimensional structure of proteins from their underlying DNA sequence, and scientists working on the problem use big data as one tool among many. But no scientist thinks you can solve this problem by crunching data alone, no matter how powerful the statistical analysis; you will always need to start with an analysis that relies on an understanding of physics and biochemistry.

Third, many tools that are based on big data can be easily gamed. For example, big data programs for grading student essays often rely on measures like sentence length and word sophistication, which are found to correlate well with the scores given by human graders. But once students figure out how such a program works, they start writing long sentences and using obscure words, rather than learning how to actually formulate and write clear, coherent text. Even Google’s celebrated search engine, rightly seen as a big data success story, is not immune to “Google bombing” and “spamdexing,” wily techniques for artificially elevating website search placement.

Fourth, even when the results of a big data analysis aren’t intentionally gamed, they often turn out to be less robust than they initially seem. Consider Google Flu Trends, once the poster child for big data. In 2009, Google reported — to considerable fanfare — that by analyzing flu-related search queries, it had been able to detect the spread of the flu as accurately and more quickly than the Centers for Disease Control and Prevention. A few years later, though, Google Flu Trends began to falter; for the last two years it has made more bad predictions than good ones.

A fifth concern might be called the echo-chamber effect, which also stems from the fact that much of big data comes from the web. Whenever the source of information for a big data analysis is itself a product of big data, opportunities for vicious cycles abound. Consider translation programs like Google Translate, which draw on many pairs of parallel texts from different languages — for example, the same Wikipedia entry in two different languages — to discern the patterns of translation between those languages. This is a perfectly reasonable strategy, except for the fact that with some of the less common languages, many of the Wikipedia articles themselves may have been written using Google Translate. In those cases, any initial errors in Google Translate infect Wikipedia, which is fed back into Google Translate, reinforcing the error.

A sixth worry is the risk of too many correlations. If you look 100 times for correlations between two variables, you risk finding, purely by chance, about five bogus correlations that appear statistically significant — even though there is no actual meaningful connection between the variables. Absent careful supervision, the magnitudes of big data can greatly amplify such errors.

Seventh, big data is prone to giving scientific-sounding solutions to hopelessly imprecise questions. In the past few months, for instance, there have been two separate attempts to rank people in terms of their “historical importance” or “cultural contributions,” based on data drawn from Wikipedia. One is the book “Who’s Bigger? Where Historical Figures Really Rank,” by the computer scientist Steven Skiena and the engineer Charles Ward. The other is an M.I.T. Media Lab project called Pantheon.

FINALLY, big data is at its best when analyzing things that are extremely common, but often falls short when analyzing things that are less common. For instance, programs that use big data to deal with text, such as search engines and translation programs, often rely heavily on something called trigrams: sequences of three words in a row (like “in a row”). Reliable statistical information can be compiled about common trigrams, precisely because they appear frequently. But no existing body of data will ever be large enough to include all the trigrams that people might use, because of the continuing inventiveness of language.

Wait, we almost forgot one last problem: the hype. Champions of big data promote it as a revolutionary advance. But even the examples that people give of the successes of big data, like Google Flu Trends, though useful, are small potatoes in the larger scheme of things. They are far less important than the great innovations of the 19th and 20th centuries, like antibiotics, automobiles and the airplane.

The more we know about Big Data the better we are able to value it.

New Federal Rules Require Banks to Fight DDoS

Posted in eCommerce

US Banks and financial institutions “must now monitor for”” DDoS (distributed denial-of-service) “attacks against their networks and have a plan in place to try and mitigate against such attacks” as reported by Infoweek.  The Federal Financial Institutions Examination Council (FFIEC) issued a “Joint Statement – Distributed Denial-of-Service (DDoS) Cyber-Attacks, Risk Mitigation, and Additional Resources” which includes these following 6 steps:

1. Maintain an ongoing program to assess information security risk that identifies, prioritizes, and assesses the risk to critical systems, including threats to external websites and online accounts;

2. Monitor Internet traffic to the institution’s website to detect attacks;

3. Activate incident response plans and notify service providers, including Internet service providers (ISPs), as appropriate, if the institution suspects that a DDoS attack is occurring. Response plans should include appropriate communication strategies with customers concerning the safety of their accounts;

4. Ensure sufficient staffing for the duration of the DDoS attack and consider hiring pre-contracted third-party servicers, as appropriate, that can assist in managing the Internet-based traffic flow. Identify how the institution’s ISP can assist in responding to and mitigating an attack;

5. Consider sharing information with organizations, such as the Financial Services Information Sharing and Analysis Center and law enforcement because attacks can change rapidly and sharing the information can help institutions to identify and mitigate new threats and tactics; and

6. Evaluate any gaps in the institution’s response following attacks and in its ongoing risk assessments, and adjust risk management controls accordingly.

The FFIEC is comprised of the principals of the following: The Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency, Consumer Financial Protection Bureau, and State Liaison Committee.

Only time will tell if the FFIEC’s rules help avoid banking disasters and related cyber fraud.

Judge Orders Bitcoin Mt. Gox CEO in Japan to Come to Texas

Posted in eCommerce

After filing for US bankruptcy protection in Texas based on a Japanese bankruptcy, the Judge ordered that Mt. Gox CEO Mark Karpeles to come to Dallas because if “he avails himself of this court, my God, he is going to get himself over here” as reported in Reuters. On April 1, 2014 US Bankruptcy Judge Stacey Jernigan (Northern District of Texas) ordered Mr. Karpeles “to answer questions related to its U.S. bankruptcy case, filed after the company lost $400 million of customers’ digital currency.”

Reuters reported that the Mt. Gox customers requested that Mr. Karpeles the “chief executive and majority owner” of Mt. Gox to testify in a 2004 deposition:

…to explain why the exchange shut down in February and what happened to their 750,000 bitcoins, which the company said were stolen in a computer hacking attack.

Given the scope of the failed Bitcoin exchange and the Mt. Gox bankruptcy, this lawsuit will continue to generate a lot of headlines.

“Google Glass” – 10 Myths Debunked

Posted in eCommerce, Internet Privacy

In order to set the record straight Google felt compelled to debunk myths which “can be fun, but they can also be confusing or unsettling” so on March 20, 2014 Google listed “The Top 10 Google Glass Myths.” eWeek reported concerns that have been raised including:

Glass devices have received some serious criticism while being used in public, including outright bans in some bars, restaurants and other businesses, as well as privacy concerns from some people who just don’t like the idea of Glass wearers recording them or viewing them using the devices.

Google’s debunked 10 Myths are as follows:

Myth 1 – Glass is the ultimate distraction from the real world
Instead of looking down at your computer, phone or tablet while life happens around you, Glass allows you to look up and engage with the world. Big moments in life — concerts, your kid’s performances, an amazing view — shouldn’t be experienced through the screen you’re trying to capture them on. That’s why Glass is off by default and only on when you want it to be. It’s designed to get you a bit of what you need just when you need it and then get you back to the people and things in life you care about.

Myth 2:  Glass is always on and recording everything
Just like your cell phone, the Glass screen is off by default. Video recording on Glass is set to last 10 seconds. People can record for longer, but Glass isn’t designed for or even capable of always-on recording (the battery won’t last longer than 45 minutes before it needs to be charged). So next time you’re tempted to ask an Explorer if he’s recording you, ask yourself if you’d be doing the same with your phone. Chances are your answers will be the same.

Myth 3 – Glass Explorers are technology-worshipping geeks
Our Explorers come from all walks of life. They include parents, firefighters, zookeepers, brewmasters, film students, reporters, and doctors. The one thing they have in common is that they see the potential for people to use technology in a way that helps them engage more with the world around them, rather than distract them from it. In fact, many Explorers say because of Glass they use technology less, because they’re using it much more efficiently. We know what you’re thinking: “I’m not distracted by technology”. But the next time you’re on the subway, or, sitting on a bench, or in a coffee shop, just look at the people around you. You might be surprised at what you see.

Myth 4 – Glass is ready for prime time
Glass is a prototype, and our Explorers and the broader public are playing a critical role in how it’s developed. In the last 11 months, we’ve had nine software updates and three hardware updates based, in part, on feedback from people like you. Ultimately, we hope even more feedback gets baked into a polished consumer product ahead of being released. And, in the future, today’s prototype may look as funny to us as that mobile phone from the mid 80s.

Myth 5: Glass does facial recognition (and other dodgy things) Nope. That’s not true. As we’ve said before, regardless of technological feasibility, we made the decision based on feedback not to release or even distribute facial recognition Glassware unless we could properly address the many issues raised by that kind of feature.  And just because a weird application is created, doesn’t mean it’ll get distributed in our MyGlass store. We manually approve all the apps that appear there and have several measures in place (from developer policies and screenlocks to warning interstitials) to help protect people’s security on the device.

Myth 6: Glass covers your eye(s)
“I can’t imagine having a screen over one eye…” one expert said in a recent article. Before jumping to conclusions about Glass, have you actually tried it? The Glass screen is deliberately above the right eye, not in front or over it. It was designed this way because we understand the importance of making eye contact and looking up and engaging with the world, rather than down at your phone.

Myth 7 – Glass is the perfect surveillance device
If a company sought to design a secret spy device, they could do a better job than Glass! Let’s be honest: if someone wants to secretly record you, there are much, much better cameras out there than one you wear conspicuously on your face and that lights up every time you give a voice command, or press a button.

Myth 8 – Glass is only for those privileged enough to afford it
The current prototype costs $1500 and we realize that is out of the range of many people. But that doesn’t mean the people who have it are wealthy and entitled. In some cases, their work has paid for it. Others have raised money on Kickstarter and Indiegogo. And for some, it’s been a gift.

Myth 9 – Glass is banned… EVERYWHERE
Since cell phones came onto the scene, folks have been pretty good at creating etiquette and the requisite (and often necessary) bans around where someone can record (locker rooms, casino floors, etc.). Since Glass functionality mirrors the cell phones (down to the screen being off by default), the same rules apply. Just bear in mind, would-be banners: Glass can be attached to prescription lenses, so requiring Glass to be turned off is probably a lot safer than insisting people stumble about blindly in a locker room.

Myth 10 – Glass marks the end of privacy
When cameras first hit the consumer market in the late 19th century, people declared an end to privacy. Cameras were banned in parks, at national monuments and on beaches.  People feared the same when the first cell phone cameras came out. Today, there are more cameras than ever before. In ten years there will be even more cameras, with or without Glass. 150+ years of cameras and eight years of YouTube are a good indicator of the kinds of photos and videos people capture–from our favorite cat videos to dramatic, perspective-changing looks at environmental destruction, government crackdowns, and everyday human miracles.

Since there is so much hype about Google Glass it will be interesting to look back at the 10 myths in years to come.

Privacy Protection for Cell Phones – No Warrantless Searches

Posted in eCommerce, Internet Privacy

A court ruled that a “person retains a legitimate expectation of privacy in the contents of his cell phone when that phone is being temporarily stored in a jail property room,” and rejected the prosecutor’s claim “that a modern-day cell phone is like a pair of pants or a bag of groceries, for which a person loses all privacy protection once it is checked into a jail property room.” The Texas Court of Criminal Appeals (court of last resort for criminal cases) ruled in Granville v State of Texas on February 26 2014 that “this is a case about rummaging through a citizen’s electronic private effects-a cell phone-without a warrant:”

The Fourth Amendment states that “[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures shall not be violated.”  

The term “papers and effects” obviously carried a different connotation in the late eighteenth century than it does today. No longer are they stored only in desks, cabinets, satchels, and folders.

Our most private information is now frequently stored in electronic devices such as computers, laptops, iPads, and cell phones, or in “the cloud” and accessible by those electronic devices.  

But the “central concern underlying the Fourth Amendment” has remained the same throughout the centuries; it is “the concern about giving police officers unbridled discretion to rummage at will among a person’s private effects.”  

Apparently courts continue to require warrants, which if issued will make available the contents of cell phones.  However we continue to see cases like this where warrants are not secured.

Google Wins! No Class Action Suit for Monetizing Gmail Content

Posted in eCommerce

A court ruled that Gmail users consented to Google’s monetization of Gmail content ended the class action lawsuit since “consent must be litigated on an individual, rather than class-wide basis.”  The class action suit filed in 2011 In Re Google Gmail Litigation was dismissed “with prejudice,” which means the plaintiffs cannot revise its complaint with new claims, as ordered on March 18, 2014 by US District Judge Lucy Koh (Northern District of California).

Bloomberg said that “the amount at stake could have reached into the trillions of dollars” for violation of the Federal Wiretap Act and called Google’s win:

…a major victory in its fight against claims it illegally scanned private e-mail messages to and from Gmail accounts, defeating a bid to unify lawsuits in a single group case on behalf of hundreds of millions of Internet users.

Judge Koh’s ruling will likely adversely affect the related Yahoo! class action webmail litigation for Yahoo!’s monetization of webmail content.  Stay tuned for the next battleground on this Gmail case in the appellate courts.