• The New York Times breaks a story alleging that the Drug Enforcement Agency has been working very closely with AT&T to access a database of phone records going as far back as 1987. According to the story, the DEA pays AT&T to station several of the company’s employees inside DEA investigative units to facilitate and assist with access to records.
  • The New York Times also breaks a story alleging (per the Snowden documents) that the NSA has successfully broken, circumvented, and inserted weaknesses into encryption technologies designed to protect information as it crosses public networks encapsulated in SSL, TLS, and proprietary VPNs. The article quotes an internal memo stating: “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.” The article also says that the agency’s guidelines sharply distinguish between encrypted and unencrypted data, allowing for nearly unlimited retention of encrypted information. [See also Ars Technica]
  • According to the Washington Post, Google says it is improving the security of its datacenter-to-datacenter traffic in response to activities of government intelligence agencies, including the NSA.
  • Arizona College of Law professor Derek Bambauer proposes an extension of copyright law to protect participants in consensually created ‘intimate media’ subsequently used as revenge porn. [H/T Info/Law]
  • Patent defense company PatentFreedom claims that non-practicing entities (NPEs, sometimes called patent trolls) are increasingly asserting business method patents against businesses. [H/T Ars Technica]
  • A technology firm begins taking orders for a new type of biometric device, a wristband that authenticates its wearer based on heartwave. [H/T David Navetta]
  • Botnets, collections of infected computers that secretly respond to attackers’ commands, may be increasing their reliance on anonymity service TOR.
  • A New York court enforces a settlement agreement under its UETA statute after finding that the party’s attorney, who sent the settlement agreement via email, “purposely” included her name (instead of or in addition to automatically generated email signature). This satisfied the “subscription” requirement for settlement documents. [H/T Eric Goldman]

    [Ed.: I question whether discounting the intent attached to automatically generated email signatures is good policy or supports the purpose of the law, which the legislature had said "is intended to support and encourage electronic commerce and electronic government by allowing people to use electronic signatures and electronic records in lieu of handwritten signatures and paper documents[.]” What do you think?]

  • Former UNC Tar Heels football player Greg Little admits to receiving a $2200-a-month allowance from sports agent Terry Watson.
  • The Federal Trade Commission’s information security efforts continue. The FTC settled a lawsuit with TRENDnet, a maker of security cameras (or webcams) that are viewable with a browser over the internet. The company’s inadequate security controls and testing processes allowed attackers without authorization to view live video feeds from the cameras. The company will be prohibited from “misrepresenting” the security of its products, must inform customers who bought the flawed products and help them secure their cameras, and must undergo independent security audits every two years until 2033. [H/T SANS]
  • A jury found that Motorola’s $4 billion patent demand violated its FRAND contract obligations. The Google-owned company owes Microsoft $11 million in damages and $3 million in legal fees.
  • Newegg destroys the “shopping cart” patent assertion entity once and for all once again. We previously wrote about Soverain’s fight with the online retailing giant here.
  • A Lojack-like service for stolen computers, which can log the user’s keystrokes, leads to the arrest and conviction of a criminal defendant–for possession of cocaine with intent to distribute (plus the possession of stolen property charge). State v. Galemore, 2013 WL 4679982, 2013 Tenn. Crim. App. LEXIS 732 (Tenn. Ct. Crim. App. 2013).

    [Ed.: This case turned on whether the warrant was based on sufficient probable cause. I thought the inclusion of an apparently anonymous person's statement that the computer was in the home should have been given essentially no weight at all, and I was puzzled by the apparent decision not to try to link the stolen device's IP address to the defendant by contacting the relevant internet service provider. What do you think?]

  • Verizon and the FCC have oral arguments at the D.C. Circuit on Monday in a dispute over the FCC’s adoption of net neutrality rules for internet service providers. Verizon claims that the rules are unlawful for many reasons, including violation of its First Amendment free speech and Fifth Amendment takings clause rights, while the FCC says Congress has given it the necessary authority and that the rule is necessary to protect consumers. [H/T Ars Technica]

–Brad Edmondson

Image Source

Comments are closed.