1-800-Hackers: Why cyber crime is no longer a dark art | Marketplace.org.
Marketplace has aired an interesting piece on the growing trend of using “white hat” hackers as a part of corporate IT strategy as a means of testing and improving IT security.
It is well worth a listen, and is an excellent starting point for consideration of your businesses security and privacy measures. If some form of auditing of your security and privacy measures (not just hardware and software, but policies, procedures, and practices, as well) then your company may needlessly be laying itself open to significant liability, expenses, and damage to business reputation.
As F.B.I. Pursued Snowden, an E-Mail Service Stood Firm – NYTimes.com.
This is an interesting piece on the IT company Lavabit, which, before its shutdown, provided secure e-mail services to its customers. The story details the steps taken by the FBI to force Lavabit to turn over encryption keys and take other steps which would not only provide the FBI with access to Edward Snowden’s e-mail account on the service, but would render vulnerable the accounts of any individual or company making use of the service, without warrant and without court oversight.
In pressuring Lavabit to capitulate to its requests for “technical assistance” including divulging the private encryption keys used by the service, the owner of the company was pursued for contempt of court, fined $10,000.00, and then threatened with arrest when he publicly announced his intention to shutter the company.
The tale of Lavabit is something of a cautionary tail for companies that provide IT services. But even more, it should be a wake-up call to both users and providers of IT services regarding the boundaries of privacy and the lengths to which the government is willing to steamroll even legitimate businesses which seek to guard their customer’s privacy.
Patent troll Lodsys demands $5,000 from Martha Stewart. That was a bad idea — Tech News and Analysis.
It appears that Martha is ready to throw down with notorious patent troll Lodsys. Martha Stewart Living Omnimedia has filed for declaratory judgment against the troll, seeking a ruling which not only finds MSLO’s electronic magazines to not infringe upon Lodsys’ patents, but that the patents themselves are invalid.
On hearing about this, I immediately thought of the line from the cult classic film “The Princess Bride”, in which the villain declares: “You just made the second classic blunder! This first, of course, is never become involved in a land war in Asia. But only slightly less well know: ‘Never go head to head with [Martha Stewart]…’ “
Senator Al Franken voices privacy concerns over Apple’s Touch ID in letter to Tim Cook | The Verge.
With the recent release of the iPhone 5s, a new privacy concern comes hand-in-hand with the new device. One of the features being debuted with the iPhone 5s is Apple’s Touch ID, which allows the iPhone user to, among other things, unlock their phone with their finger print, using an embedded fingerprint reader in the phone.
Although fingerprint readers in electronic devices is not a new thing, by any means, Touch ID appears to be among the first (if not the first) incorporation of this technology into an always connected mobile device. The concern with this new combination of technologies is over how the individual’s biometric data will be saved, who will have access to it, and how this may affect user’s privacy. These are questions which, based on the limited information which Apple has released about precisely how Touch ID works, remain unanswered.
FDA Says Some Medical Apps A Kind Of Medical Device | The Security Ledger.
The U.S. Food and Drug Administration has released final guidance dealing with medical applications running on mobile devices, including consumer smartphones and tablets. Under the new guidance, the FDA indicates that it intends to treat some apps with the same scrutiny which is applies to traditional medical devices.
This guidance has profound (although not entirely unexpected) impact on app developers exploring and exploiting the use of consumer electronic devices to empower people in medical and healthcare related ares. Under the new guidance, developers must look to the functionality of their software, and where appropriate, submit it to the FDA for review and approval. Typically the line of demarcation depends on whether the application interfaces with a regulated medical device, such as blood-pressure monitoring device, or if the app turns the mobile device into a device for assessing the health of an individual. Unfortunately, these lines are somewhat indistinct thus leaving app developers with open questions about whether apps that may skirt these lines are subject to FDA review or not.
This is an area where the law and regulations will continue to evolve over time. In the meantime, app developers who are venturing into products applications which could potentially fall within the jurisdiction of the FDA need to carefully consider their offering and implications of potential regulation by the FDA.
Startups can now ask for your money, but you can’t give it to them | The Verge.
The Verge has put out an interesting piece on the recent changes to Rule 506 of “Reg. D”, the section of federal securities regulations dealing with “private placements” of investment, such a angel investment and seed-round funding. Generally the changes, implemented as part of the JOBS Act, are intended to loosen some of the prohibitions on advertising investment opportunities in companies seeking private investment. There still, however, remain a lot of stings attached not only to the process of seeking such investment, but also in the process of actually receiving that investment (or determining if you can receive a particular investment). This is still an enormously complicated subject, fraught with potential peril for both potential investors and for the companies seeking outside investment.
The good news is, there are actual efforts underway to rationalize at least some of the existing restrictions on these types of “private placement” investments, and it it likely that further easing of restrictions will continue to come about. There is unlikely to ever be a “free and open market” for private placement investments, due to overriding concerns regarding fraud. That having been said, any steps creating a more rational marketplace for private investment is potentially a good thing for our entrepreneurial economy.
(For a bit more analysis on the changes to Reg. D, check out the excellent piece by my associate, David Freda, on our companion Business Law Blog” http://bcslaw.wordpress.com/2013/09/23/facebook-friend-seeks-funds-part-1/ )