Commentaries and Analyses – Page 768

Glitch imperils swath of encrypted records

Posted on December 25, 2012 by Dissent

Shaun Waterman reports: A widely used method of computer encryption has a little-noticed problem that could allow confidential data stored by almost all Fortune 500 companies and everything stored on U.S. government classified computers to be “fairly easily” stolen or destroyed. The warning comes from the inventor of the encryption method, known as Secure Shell or SSH. “In…

Verizon DBIR Researchers’ Predictions for 2013 Threats

Posted on December 20, 2012 by Dissent

BASKING RIDGE, N.J. – Although many security experts predict that the most likely data breach threats organizations will face in 2013 include cloud exploits, mobile device attacks and all-out cyber war, “Verizon Data Breach Investigations Report” (DBIR) researchers have reached a far different conclusion: The most likely threats involve authentication attacks and failures, continued espionage and…

Cheng v. Romo and Applying Unauthorized Access Statutes to Use of Shared Passwords

Posted on December 10, 2012 by Dissent

Orin Kerr writes: The federal computer crime statutes punish unauthorized access to a computer. As regular readers know, courts are hopelessly divided on what this language means, and in particular what makes an access to a computer authorized versus unauthorized. In Cheng v. Romo, 2012 WL 6021369 (D. Mass. Nov. 28 2012), Judge Casper authored an…

Update and commentary on SCDOR breach: Where would they be without media coverage?

Posted on December 9, 2012 by Dissent

I’ve been pretty critical of the South Carolina Department of Revenue breach and the state’s incident response. Some will think my criticism is well-deserved, while others may feel I’ve been too harsh. But it is now six weeks since we first learned of the breach and here is what hasn’t happened so far: Notification letters…

Yes, sometimes it’s as bad as we fear

Posted on December 7, 2012 by Dissent

In the process of researching something else, I stumbled across an audit of a NYS agency with the grim title, “Mobile Devices with Sensitive Information are not Secure.” By the time I got done reading and browsing other audits, I totally forgot what I was looking for in the first place, but here’s what I…

For PC Virus Victims, Pay or Else

Posted on December 6, 2012 by Dissent

Nicole Perlroth writes: Kidnappers used to make ransom notes with letters cut out of magazines. Now, notes simply pop up on your computer screen, except the hostage is your PC. Read more on The New York Times. I was interested to read that some researchers estimate that 2.9% of compromised computer owners pay out and…