Showing posts with label Security (Computer Network). Show all posts
Showing posts with label Security (Computer Network). Show all posts
Tuesday, October 15, 2013
Information Systems Security Primer - Parts I & II
Thursday, August 1, 2013
This and That in Court Technology, August 2013 Edition
News and updates from around the court tech world.
Wednesday, July 17, 2013
Texas Modifies Mandatory E-Filing Rules
On June 24, the Supreme Court of Texas issued an amended order requiring electronic filing by attorneys in the appellate courts, district courts, statutory county courts, constitutional county courts and statutory probate courts.
Friday, May 31, 2013
This and That Notes in Court Technology - End of May, 2013 Edition
News from CTC-2013, Florida, Bell Labs, NASCIO, Ars Technica, and Ohio…
Friday, May 10, 2013
Washington State Courts Announce Data Breach
Via Press Release, May 9, 2013
OLYMPIA, WA -- The Washington State Administrative Office of the Courts (AOC) announced today that a data breach occurred recently on its public website. No court records were altered and no financial data was maintained on the site. However, it has been confirmed that 94 social security numbers were obtained. There is also the potential that up to 160,000 social security numbers and 1 million driver license numbers may have been accessed as well.
Friday, March 8, 2013
This and That in Court Technology - March 2013
News we have heard from the world of court technology.
Wednesday, June 13, 2012
This and That in Court Tech - June, 2012
Monday, May 23, 2011
Wireless Device Guidelines for Federal Courts
The April, 2011 edition of the Federal Courts Third Branch newsletter contains a timely article: Wireless Device Access Guidelines Strike Balance. The article begins:
“The American public loves the convenience of their wireless communication devices—PDAs and laptops, smart phones and earpiece devices, among others. It’s estimated there are 285 million cell phone users in the United States.
However, the same devices that provide convenience in communications may raise security concerns in federal courts and possibly disrupt proceedings. Courts have responded with a variety of access policies.
To help strike the right balance between security concerns and convenience, the Judicial Conference Committee on Court Administration and Case Management, in consultation with the Information Technology Committee and the Judicial Security Committee, has issued revised guidance for courts to consider that updates how new technologies could be used and what this may mean for courts.”
“The American public loves the convenience of their wireless communication devices—PDAs and laptops, smart phones and earpiece devices, among others. It’s estimated there are 285 million cell phone users in the United States.
However, the same devices that provide convenience in communications may raise security concerns in federal courts and possibly disrupt proceedings. Courts have responded with a variety of access policies.
To help strike the right balance between security concerns and convenience, the Judicial Conference Committee on Court Administration and Case Management, in consultation with the Information Technology Committee and the Judicial Security Committee, has issued revised guidance for courts to consider that updates how new technologies could be used and what this may mean for courts.”
Saturday, May 7, 2011
Trust and E-Filing
An article by former Public Broadcasting System “pen-named” columnist, Robert X. Cringley. "The T Word" discussed the concept of trust. He wrote:
“(T)rust is … based on one of two methodologies — empiricism or transparency” The essence of empirical trust in this instance is “I trust because I don’t need to trust because I am (or soon will be in the rube scenario) immune to harm.” This immunity comes from a mathematical proof, whether that proof is provided by a strongly encrypted password on a computer file or by the hedging of counter-parties in some complex financial derivatives play. Empirical trust is a zero-sum game.”
“Trust through transparency is a completely different creature based on the novel idea that people say what they mean, do what they say they will, and make things that work because you can see how they work inside.”
E-filing systems that are based using Electronic Filing Service Providers (EFSP - see note 1 below) are essentially empirical trust systems. The courts have “hedged” their risk by allowing the EFSP to validate the filer and handle payments. In turn if the EFSP charges their fees via credit card that later default, well they have hedged that risk/trust via the credit card service company who absorb the loss (as would the courts if charged the credit card directly).
Also an EFSP could be another government agency that the court implicitly trusts and vouches for their user community. A prosecutor, social service agency, or law enforcement department would maintain their authorized user access that in turn would provide identification verification for e-filing.
Finally the court themselves could develop their own “circle of trust”(2) as have the US Federal Courts who validate their e-filing users via a sign-up and training procedure. For example, the US Bankruptcy Court in San Diego explains on their web page that “to become a CM/ECF Registered User that one must register and complete the assigned training”
But what about E-filers, such as the self-represented, who do not use an Electronic Filing Service Provider to vouch for them? They will have to be initially viewed as un-trusted E-filers. There is a very old but true saying that came from a New Yorker magazine cartoon “On the Internet, nobody knows you are a dog”. The fact of anonymity has been a boon and curse to the users of the Internet. In our case it is a curse because we must have reasonable assurance that the person submitting the electronic is in fact that person (or authorized person). The risk of “spam” filings and other type of network attacks is real. Thus since the goal is to make e-filing as accessible and convenient to use for as many persons as possible, these issues and limitations must be addressed by technology, rules, and procedures.
Some of these problems may be addressed by initiatives in many countries to create secure online identity. For example, in April, 2011 the USA President, Barak Obama issued a "blueprint" for creating a system of digital identity. When such systems are developed they will be of great help to the courts in adopting and implementing E-filing.
Notes:
1) EFSP - Texas ( eFiling for Courts ) and others have developed e-filing systems based upon the concept of statewide portal with the end users being serviced by private corporations known as Electronic Filing Service Providers or EFSP.
2) The “circle of trust” quote is from the film – “Meet the Parents”: http://www.imdb.com/title/tt0212338/
3) The graphic accompanying this post is based upon the excellent graphics illustrating collaboration concepts published at: http://emergentbydesign.com/2010/07/01/guidelines-for-group-collaboration-and-emergence/
Monday, April 4, 2011
Advice for Keeping Judges (and the rest of us) Safe Online
An interview of Stacia A. Hylton, Director of the U.S. Marshals Service in the March, 2011 edition of the U.S. Federal Court's Third Branch Newsletter contained some advice for judge's online safety.
"The explosion of the use of social media on the Internet has created a number of security challenges for the judiciary. Social media, along with the availability of personal information and public records on the Internet, create an environment of additional security risks. One such risk is the potential for the release of sensitive information. This could be as simple as a family member inadvertently posting information about the family’s home. These items can jeopardize the security of a federal judge.
Public information continues to pose challenges to the court family. For many years, the Marshals Service has advised the people we protect to have unlisted phone numbers and use the courthouse address instead of the home address whenever possible. Technology has provided greater access to information. Through computers, individuals can plug a little information into a public record search engine and receive a lot of information. For that reason, we strongly urge judges and other officials to complete “opt-out” forms for individual information providers. We have coordinated with the Administrative Office so that the opt-out information is available for judges to follow. Judges also need to be very conscious about who they give information to, and even where purchases are made. This is because data aggregators are constantly compiling and selling updated personal information to public record sites, for example, matching credit card numbers with home mailing addresses.
We have also recently begun briefing judicial officers and staff on the risk posed by “geo-tagging” of photographs posted to the Internet. GPS-enabled cameras, as well as iPhones, embed the longitude and latitude of the location a picture was taken. If, for example, a photo of a judge and his or her family is posted on certain Internet sites, someone can grab the geo-tag and identify the location of a private residence.
Just as with e-mail or phone calls, if a judge becomes aware of a threat or inappropriate communication on the Web, he or she should immediately notify the Marshals."
"The explosion of the use of social media on the Internet has created a number of security challenges for the judiciary. Social media, along with the availability of personal information and public records on the Internet, create an environment of additional security risks. One such risk is the potential for the release of sensitive information. This could be as simple as a family member inadvertently posting information about the family’s home. These items can jeopardize the security of a federal judge.
Public information continues to pose challenges to the court family. For many years, the Marshals Service has advised the people we protect to have unlisted phone numbers and use the courthouse address instead of the home address whenever possible. Technology has provided greater access to information. Through computers, individuals can plug a little information into a public record search engine and receive a lot of information. For that reason, we strongly urge judges and other officials to complete “opt-out” forms for individual information providers. We have coordinated with the Administrative Office so that the opt-out information is available for judges to follow. Judges also need to be very conscious about who they give information to, and even where purchases are made. This is because data aggregators are constantly compiling and selling updated personal information to public record sites, for example, matching credit card numbers with home mailing addresses.
We have also recently begun briefing judicial officers and staff on the risk posed by “geo-tagging” of photographs posted to the Internet. GPS-enabled cameras, as well as iPhones, embed the longitude and latitude of the location a picture was taken. If, for example, a photo of a judge and his or her family is posted on certain Internet sites, someone can grab the geo-tag and identify the location of a private residence.
Just as with e-mail or phone calls, if a judge becomes aware of a threat or inappropriate communication on the Web, he or she should immediately notify the Marshals."
Friday, April 9, 2010
More PDF Security Problems
On top of previous warnings, Adobe and FoxIt have announced actions that users should implement to prevent malicious programs from being automatically launched when opening an infected PDF file. An excellent article on the subject was posted on the ZDNet blog Zero Day by Ryan Naraine and Dancho Danchev at:
http://blogs.zdnet.com/security/?p=6028&tag=nl.e550
Program security updates are expected to be released during the week of April 12, 2010.
http://blogs.zdnet.com/security/?p=6028&tag=nl.e550
Program security updates are expected to be released during the week of April 12, 2010.
Tuesday, December 16, 2008
IE Browser Security Vulnerability
There is important news that has recently surfaced regarding attacks on the Microsoft Internet Explorer web browser versions 5.01, 6, and 7. An article I received reports a huge increase in computer attacks exploiting this vulnerability. Unfortunately, there is not a corrective patch available yet from Microsoft. So you might consider using an alternative browser for general surfing for the near future and yes for you Mac folks you are safe. Please also make sure that your Windows Update either set for automatic update or enable the update notice. Generally at this time I would suggest only using IE for sites that have your full confidence such as your bank and well-known store websites. In other words, be careful out there.
Here is the link to the ComputerWorld magazine article: http://tinyurl.com/6nercd
Here is the link to the ComputerWorld magazine article: http://tinyurl.com/6nercd
Tuesday, February 27, 2007
Free Public Wi-Fi Scam Article
During my travels in recent weeks I have seen the "Free Public Wi-Fi" scam show up at four different airports when looking for a wireless Internet connection. I have seen it in Chicago, Washington Dulles, and both Tampa and Richmond where there are actually free connections available. If you are interested, here is an excellent ComputerWorld article about the problem.
Tuesday, October 5, 2004
To Do List - Disaster Planning and Inventory Control
It has been awhile since I read this article, but it is a good one to think about. The article is an opinion piece by Eric Lundquist published in eWeek magazine on the need to do those bothersome but important system administration duties such as disaster planning, equipment and software inventories, and other "Fall Cleaning" chores. For more click here.
Thursday, August 5, 2004
Real World Digital Security
John Udell of InfoWorld magazine has posted an interesting report from a security conference on how the use of digital security works and doesn't work in the real world. Click here to read the article.
Subscribe to:
Posts (Atom)