Author Archives: Hannibal Travis

Deposing Larry

The fascinating report out of the Android-Java patent struggle is from the Sydney Morning Herald:

Google is fighting what it calls Oracle’s “harassing demand” for a deposition of chief executive officer Larry Page….

Google’s opposition to Page’s deposition is “manifestly inconsistent” with its own notice to depose Oracle CEO Larry Ellison, Oracle said in the letter.

 

Tagged , , , , ,

Do Sony PlayStation Network Subscribers Have Legal Claims for Violations of Their Privacy Arising Out of the Data Breach?

The California federal courts may have an opportunity to resolve this question in ruling on a class action complaint alleging claims of negligence, unjust enrichment, unfair competition, and other claims against Sony.  The negligence count states:

50. Defendants breached their duty when they failed to properly protect their data systems from unauthorized access by third parties.

51. Defendants reasonably should have known about the security defect to their data systems before Plaintiffs’ and the other members of the Class’ personal and financial information was obtained by an unauthorized third party. Had Sony properly designed, inspected, and tested their data security system, it would have discovered and remedied the security defect.

The complaint was filed on behalf of Christopher McKewon and Christoper Wilson by the law firms of Wolf Haldenstein Adler Freeman & Herz LLP, in San Diego and Chicago, Doyle Lowther LLP in San Diego, and Goldfarb Branham LLP, in Dallas, Texas.

A similar class action involving a data breach on a much smaller scale, but similar legal theories, was allowed to go forward in Maine in 2009.  Another was rejected by the Seventh Circuit in 2007.  The Mass. Supreme Judicial Court rejected another one against BJ’s Wholesale Club in 2010.

Tagged ,

Is Our Children Learning?

This study says in about half of cases, they isn’t, at least not in the first couple of years:

[At 24 institutions of higher learning,] 45 percent of the[] students demonstrate no significant improvement in a range of skills—including critical thinking, complex reasoning, and writing—during their first two years of college.

The publisher quotes US News and World Report as commenting:

The time, money, and effort that’s required to educate college students helps explain why the findings are so shocking …—many students aren’t learning anything.

One report of the study blames the assumption that all information is on the Internet so analysis and study aren’t important:

Sociologists Richard Arum and Josipa Roksa published the book “Academically Adrift: Limited Learning on College Campuses,” which claimed business majors had the least amount of educational gains after their first two years of college….

The study also showed today’s business students are less engaged with the material than in past years. One reason for student disengagement is the Internet — students know they can always look up information when they need it, so they don’t take the time to study and memorize it.

Jonathan Keane of Drexel University writes of “Generation Laz-Y” and quotes another study suggesting that  college students spend 36 percent of their time “communicating and networking across social networks, blogs, personal e-mail and instant messaging.”

Tagged ,

Lawrence Lessig’s Speech “A Republic Lost, – Declaration of Independence”

The speech is up on iTunesU at the Florida International University College of Law account, or click on the image for alternate link (fixed):

Tagged ,

Sony Implicates “Anonymous”, Which Says It Was Framed

As the Wired blog Game | Life summarizes, the Chairman of Sony’s board of directors blames Anonymous for the hack, pointing to a calling card:

[He] revealed that the hacker left a smug digital calling card on the Sony Online Entertainment servers, which were hacked days after PlayStation Network. The file was called “Anonymous,” and simply read “We Are Legion.”

Anonymous says the calling card may have been planted:

The group is ballsy, but not stupid, it claims. A press release from the group says, “No one who is actually associated with our movement would do something that would prompt a massive law enforcement response.” On the other hand, Anonymous writes, “a group of standard online thieves would have every reason to frame [us] in order to put law enforcement off the track.”

Tagged

Sony PlayStation Network Hack Sponsored by a State?

An attack on Sony PlayStation Network servers has resulted in the exposure to hackers of Sony gamers’ “name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID.”  Sony believes that it may also be possible that “profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained.”  More than 100 million accounts may have been breached.

A spokesperson for Sony announced that the hackers “used very sophisticated means to access the data, and they used sophisticated means to cover their tracks.”

As Sky News has reported regarding, hacks emanating from Chinese territory and targeting Western firms have grown incredibly common, and appear to constitute a systematic pillaging of non-Chinese firms:

Last year, cyber attacks cost Britain £27bn. The global hub for targeted attacks is China. An estimated 1.6 billion attacks are launched from the country each month.

In 2007, the director of British intelligence warned 300 British businesses that they were victims of cyber-attack emanating from Chinese territory.

Google is the most prominent victim of cyber-attacks launched from China but not known to be sponsored by the Chinese state::

 Numerous sites including YouTube, The Guardian, Facebook, Twitter, Blogger and Wikipedia have been blocked, some of them indefinitely. In addition, last June the Chinese government announced that all personal computers sold in China would need to be pre-loaded with software that could be used to censor online content. After a public outcry and pressure from companies, the proposal was later withdrawn.

Most recently, in mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China. What at first appeared to be an isolated security incident–albeit a significant one–turned out upon investigation to be something quite different.

First of all, at least twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors–were similarly targeted.

Second, we believe that a primary, albeit unsuccessful, goal of the attack was to access Gmail accounts surreptitiously.

Third, we discovered in our investigation that the accounts of dozens of U.S.-, China- and European-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. I want to make clear that this happened independent of the security breach to Google, most likely via phishing scams or malware placed on the users. computers.

The attack on our corporate infrastructure and the surveillance it uncovered–as well as attempts over the past year to limit free speech on the Web even further–led us to conclude that we were no longer willing to censor our search results in China. This decision was in keeping with our pledge when we launched Google.cn that we would carefully monitor conditions in China, including new laws and other restrictions on our services.

I want to stress that while we know these attacks came from China, we are not prepared to say who carried out these attacks. We do know such attacks are violations of China’s own laws and we would hope that the Chinese authorities will work with US officials to investigate this matter.

Earlier this week we stopped censoring our search services–Google Search, Google News, and Google Images–on Google.cn. Users visiting Google.cn are now being redirected to Google.com.hk, where we are offering uncensored search in simplified Chinese, specifically designed for users in mainland China and delivered via our servers in Hong Kong.

The Hong Kong-based Asia Times reported in 2009 that a suspicious convergence of hacks into Western technology firms and Chinese national security interests had emerged in the investigation into the mysterious Ghostnet network of zombie computers:

The operation, which the investigators named “GhostNet”, used a Trojan hidden in e-mail attachments to compromise a computer’s security and download a piece of malware called gh0st RAT (RAT standing for Remote Access Tool). Gh0stRAT allowed a remote operator both to examine files on the computer and to upload them to a gh0st RAT server. Keystrokes could also be logged – a key hacking tool for acquiring passwords – and, purportedly, the computer’s microphones and webcam could be activated and the audio and video sent to the gh0st RAT server. …

In October 2008, Citizen Lab issued a report revealing that TOM-Skype, a joint venture by Skype and an arm of Hong Kong tycoon Li Ka-shing’s empire offering encrypted voice and text messaging services inside of China, saved copies of text messages on a network of eight servers. …

The TOM-Skype affair highlights the central role played in the battle between the Chinese state and those who wish to navigate the Internet beyond its control by a unique technical feature of Internet communication: 128-bit encryption.

The Sony PlayStation Network also permits communication over the Internet using 128-bit encryption.  A coincidence?  Maybe.

Amnesty International May Sue Attorney General Holder and Other Officials, US Appeals Court Says

The Second Circuit has ruled that Amnesty International, Human Rights Watch, the Global Fund for Women, The International Criminal Defence Attorneys Association, SEIU, the Pen America Center, The Nation magazine, and a couple of individuals have standing to assert First Amendment, Fourth Amendment, and Articles I-III of the Constitution violations by the federal government, when engaged in unregulated monitoring of Internet speech.  The court concluded, among other things:

[A new law] does not require the government to submit an individualized application to the FISC identifying the particular targets or facilities to be monitored. Instead, the Attorney General (“AG”) and Director of National Intelligence (“DNI”) apply for a mass surveillance authorization by submitting to the FISC a written certification and supporting affidavits attesting generally that “a significant purpose of the acquisition is to obtain foreign intelligence information” and that that information will be obtained “from or with the assistance of an electronic communication service provider.” ….

Here, the fact that the government has authorized the potentially harmful conduct means that the plaintiffs can reasonably assume that government officials will actually engage in that conduct by carrying out the authorized surveillance.  It is fanciful, moreover, to question whether the government will ever undertake broad-based surveillance of the type authorized by the statute.  The FAA was passed specifically to permit surveillance that was not permitted by FISA but that was believed necessary to protect the national security.  See, e.g., 154 Cong. Rec. S227, 227-28 (daily ed. Jan. 24, 9 2008) (statement of Sen. Rockefeller) (explaining “why it is necessary for us to update” FISA); id. at 235 (statement of Sen. Hutchison) (explaining why surveillance authorization  procedures must be updated).  That both the Executive and the Legislative branches of government believe that the FAA authorizes new types of surveillance, and have justified that new authorization as necessary to protecting the nation against attack, makes it extremely likely that such surveillance will occur….

Journalist Naomi Klein reports on a wide variety of international topics, and in order to do so she communicates with sources abroad, including Mexican individuals regarding military activity in Chiapas, Argentinian advocates for indigenous rights, and indigenous Colombian groups who oppose U.S. trade policies.  Likewise, journalist Chris Hedges, whose writing focuses on American and Middle Eastern politics and society, maintains regular contact with academics, journalists, politicians, and activists in places such as Iran, Syria, Libya, Kosovo, Bosnia, and Sudan….

Furthermore, the plaintiffs have good reason to believe that their communications, in particular, will fall within the scope of the broad urveillance that they can assume the government will conduct.  The plaintiffs testify that in order to carry out their jobs they must regularly communicate by telephone and e-mail with precisely the sorts of individuals that the government will most likely seek to monitor – i.e., individuals “the U.S. government believes or believed to be associated with terrorist organizations,” “political and human rights activists who oppose governments that are supported economically or militarily by the U.S. government,” and “people located in geographic areas that are a special focus of the U.S. government’s counterterrorism or diplomatic efforts.”

Tagged , ,