In its Reply to Broadcom Corporation’s Response to Objections of Responding Attorneys to Sanctions Order of Magistrate Judge filed on February 20, 2008, Qualcomm states that it acccepts the sanctions imposed by Magistrate Judge Barbara Lynn Major and is not appealing or filing any objections to the January 7, 2008 Sanctions Order. Qualcomm further advises that it has now paid to Broadcom the full $8,568,633.24 monetary sanction ordered by the Magistrate Judge, and notes that it is participating in good faith in the CREDO program.
Qualcomm goes on to point out that Broadcom never requested that sanctions be imposed on the individual outside counsel who had formerly represented Qualcomm in the litigation. “Accordingly, Broadcom has no basis for (a) complaining about Qualcomm’s compliance with the Sanctions Order since Qualcomm has in good faith done everything ordered by the Magistrate Judge; or (b) ‘responding’ to any objections to the Sanctions Order since those objections were filed only by the individual attorneys – not Qualcomm – and Broadcom did not even seek sanctions against the individual attorneys.” Qualcomm rejected Broadcom’s suggestion that the district court might refer certain issues back to the Magistrate Judge so that she could consider additional sanctions against Qualcomm. It stated that there had been no suggestion that the Magistrate Judge lacked authority to issue sanctions against Qualcomm, and now that Qualcomm had complied fully with the Sanctions Order, and had not objected to or appealed the sanctions, there is simply no need to re-open it.
Other developments in the case include a new (telephonic) status conference hearing set for March 13, 2008 at 8:30 a.m., at which time the attorneys will report on progress being made on the CREDO program.
To Continue Reading: Click Here
---------------------------------------
Source: eDiscoveryLaw
Friday, February 29, 2008
Computer Forensics Study: Selling More Than You Bargained For
Computer Forensics Study: Selling More Than You Bargained For
Computer forensic examiners find a treasure-trove of information on used hard drives. While the message about the need to destroy electronic data contained on computer disks and other electronic devices when they are disposed of has been out for some time, Fulcrum Inquiry's Steve Peskaitis and Jared Schultz thought they would test how well the public is responding to the message. The sad result of their investigation: most users are at risk of having their personal information read by others. Here is what they discovered, and what the public can do about it.
Fulcrum Inquiry analyzed 70 used hard drives purchased from 14 different sources. Most of the drives purchased were supposedly cleansed of all information. Peskaitis and Schultz also asked for the process that was used to clean the drives and were usually told that the drives had been low-level formatted.
Using computer forensics, Fulcrum Inquiry attempted to recover information from these hard drives. Admittedly, the tools used by the duo are complex and technical but electronic-knowledgeable thieves can - easily - do what they did.
From the disks that actually worked, Fulcrum Inquiry recovered private data from almost two-thirds (62 percent) of the disks. Specifically:
- 37 drives (53 percent) contained recoverable information
- 23 drives (33 percent) had been properly wiped/cleaned
- 10 drives (14 percent) were non-operational
The properly cleaned drives were either (i) low-level formatted or (ii) wiped using special software that overwrites data.
A Goldmine of Personal Information
Of the 37 drives containing recoverable data, all but four were formatted in an attempt to remove data. Despite the formatting, here is the type of information which was obtained:
To Continue Reading: Click Here
---------------------------------------
Source: www.expertclick.com
Computer forensic examiners find a treasure-trove of information on used hard drives. While the message about the need to destroy electronic data contained on computer disks and other electronic devices when they are disposed of has been out for some time, Fulcrum Inquiry's Steve Peskaitis and Jared Schultz thought they would test how well the public is responding to the message. The sad result of their investigation: most users are at risk of having their personal information read by others. Here is what they discovered, and what the public can do about it.
Fulcrum Inquiry analyzed 70 used hard drives purchased from 14 different sources. Most of the drives purchased were supposedly cleansed of all information. Peskaitis and Schultz also asked for the process that was used to clean the drives and were usually told that the drives had been low-level formatted.
Using computer forensics, Fulcrum Inquiry attempted to recover information from these hard drives. Admittedly, the tools used by the duo are complex and technical but electronic-knowledgeable thieves can - easily - do what they did.
From the disks that actually worked, Fulcrum Inquiry recovered private data from almost two-thirds (62 percent) of the disks. Specifically:
- 37 drives (53 percent) contained recoverable information
- 23 drives (33 percent) had been properly wiped/cleaned
- 10 drives (14 percent) were non-operational
The properly cleaned drives were either (i) low-level formatted or (ii) wiped using special software that overwrites data.
A Goldmine of Personal Information
Of the 37 drives containing recoverable data, all but four were formatted in an attempt to remove data. Despite the formatting, here is the type of information which was obtained:
To Continue Reading: Click Here
---------------------------------------
Source: www.expertclick.com
Archiving Moves Front and Center
Archiving is a prerequisite for compliance, e-discovery, and storage savings
A flurry of announcements this week highlights the crucial role of archiving in data management.
It's not surprising to see vendors pitching new wares in this space. Archiving, particularly of email, is now a crucial piece of any e-discovery plan. It's also de rigeur for storage managers looking to reduce the burden that saving all that unstructured data like email has on primary storage, particularly in the world of small- to medium-sized businesses.
So here's a recent rundown of recent news, in alpha order by vendor name:
C2C has enhanced its Archive One software with a Federated Search Connector, which combines search results from other applications with those of Archive One -- and posts the consolidated report in a Web page for e-discovery use. The enhanced Archive One works with searches conducted in Sharepoint, Microsoft Search Server, and Internet Explorer.
"This gives customers a more consolidated view and lets them use one product where they'd otherwise need two or more," says analyst Eric Burgener of the Taneja Group. Other, larger vendors combine archiving, search, and e-discovery, but typically only via the purchase of multiple modules.
Archive One also allows multiple email records to be tagged for automatic movement to various types of files, depending on the stage of e-discovery. Emails can also be put on legal hold, even if a single email is associated with multiple case files.
At least one analyst thinks that's a key differentiator: "It's not uncommon for a firm to have hundreds of legal issues going on at one time, and often there can be multiple holds on the same document," states Laura DuBois of IDC. "This feature of tagging allows C2C to track and apply multiple holds to a single record. Not all suppliers can do this."
To Continue Reading: Click Here
---------------------------------------
Source: Byteandswitch
By: Mary Jander
A flurry of announcements this week highlights the crucial role of archiving in data management.
It's not surprising to see vendors pitching new wares in this space. Archiving, particularly of email, is now a crucial piece of any e-discovery plan. It's also de rigeur for storage managers looking to reduce the burden that saving all that unstructured data like email has on primary storage, particularly in the world of small- to medium-sized businesses.
So here's a recent rundown of recent news, in alpha order by vendor name:
C2C has enhanced its Archive One software with a Federated Search Connector, which combines search results from other applications with those of Archive One -- and posts the consolidated report in a Web page for e-discovery use. The enhanced Archive One works with searches conducted in Sharepoint, Microsoft Search Server, and Internet Explorer.
"This gives customers a more consolidated view and lets them use one product where they'd otherwise need two or more," says analyst Eric Burgener of the Taneja Group. Other, larger vendors combine archiving, search, and e-discovery, but typically only via the purchase of multiple modules.
Archive One also allows multiple email records to be tagged for automatic movement to various types of files, depending on the stage of e-discovery. Emails can also be put on legal hold, even if a single email is associated with multiple case files.
At least one analyst thinks that's a key differentiator: "It's not uncommon for a firm to have hundreds of legal issues going on at one time, and often there can be multiple holds on the same document," states Laura DuBois of IDC. "This feature of tagging allows C2C to track and apply multiple holds to a single record. Not all suppliers can do this."
To Continue Reading: Click Here
---------------------------------------
Source: Byteandswitch
By: Mary Jander
Amended FRCP rocks the data center
Dave Hunt explains why changes made in 2006 are evolving into a real business risk that must be addressed.
On December 1, 2006, the Federal Rules of Civil Procedure was amended to provide expanded definition and structure to the newest class of legally discoverable business data: electronically stored information (ESI). Data management will never be the same. In a nation where litigation is a continuing threat, companies cannot afford to ignore the new rules; although many are. Neglecting the rules will send litigation costs soaring in the form of ad-hoc electronic discovery procedures and meaningful court sanctions. A real business risk that must be addressed.
With this in mind, having a system in place is colossally important. The dangers of litigation in Federal and State courts are not confined to multi-million dollar corporations. The smallest company can face financial and market devastation from litigation, legal fees, court costs and settlements. It makes no sense to assume the risks of additional court sanctions dependent on rules violations.
The new rules
The new rules are evolutionary, rather than revolutionary. In simplest terms, they are designed to clarify that e-discovery is now a part of traditional discovery. The amendments provide for roughly equivalent treatment of electronic documents and paper documents. It is the implementation of these rules that potential litigants need to consider. Organizations that fail to comply with these rules face a variety of sanctions, including adverse instructions, default judgments and even monetary fines. Even worse, they risk losing cases that otherwise would have been won or favorably settled.
To Continue Reading: Click Here
---------------------------------------
Source: ContinuityCentral
On December 1, 2006, the Federal Rules of Civil Procedure was amended to provide expanded definition and structure to the newest class of legally discoverable business data: electronically stored information (ESI). Data management will never be the same. In a nation where litigation is a continuing threat, companies cannot afford to ignore the new rules; although many are. Neglecting the rules will send litigation costs soaring in the form of ad-hoc electronic discovery procedures and meaningful court sanctions. A real business risk that must be addressed.
With this in mind, having a system in place is colossally important. The dangers of litigation in Federal and State courts are not confined to multi-million dollar corporations. The smallest company can face financial and market devastation from litigation, legal fees, court costs and settlements. It makes no sense to assume the risks of additional court sanctions dependent on rules violations.
The new rules
The new rules are evolutionary, rather than revolutionary. In simplest terms, they are designed to clarify that e-discovery is now a part of traditional discovery. The amendments provide for roughly equivalent treatment of electronic documents and paper documents. It is the implementation of these rules that potential litigants need to consider. Organizations that fail to comply with these rules face a variety of sanctions, including adverse instructions, default judgments and even monetary fines. Even worse, they risk losing cases that otherwise would have been won or favorably settled.
To Continue Reading: Click Here
---------------------------------------
Source: ContinuityCentral
Thursday, February 28, 2008
Finjan uncovers database storing more than 8,700 stolen FTP credentials
Data enables cybercriminals to upload malware to compromised systems more easily
A fresh discovery by security vendor Finjan Inc. provides yet another example of how easy it is becoming for almost anyone to find the tools needed to break into, infect or steal data from corporate Web sites.
The San Jose-based vendor announced today that it has uncovered an illegal database containing more than 8,700 stolen File Transfer Protocol server credentials including usernames, passwords and server addresses. Anyone can purchase those credentials and use them to launch malicious attacks against the compromised systems.
The stolen credentials belong to companies from around the world and include more than 2,500 North American companies, some of whose Web sites are among the world's top 100 domains, according to Yuval Ben-Itzhak, Finjan's chief technology officer.
The FTP credentials would allow malicious hackers to break into and upload malware of their choice to compromised servers literally with a click or two, he said. "You could pick any server you wanted in the list, pay for it" and launch an attack with very little effort, Ben-Itzhak said.
A trading interface on the server hosting the illegal database allows purchasers to buy FTP server credentials based on the countries in which the servers are located or even by the Google ranking of the Web sites, Ben-Itzhak said. It also appears to be designed to give criminals looking to resell FTP credentials a better basis for pricing the stolen data, he said.
A newly updated version of a tool kit called NeoSploit, which allows a cybercrook to automatically inject iFrame tags to Web pages on a compromised server, is also available. These tags are used in turn to surreptitiously pull in malicious code from other Web sites, Ben-Itzhak said.
All of the FTP credentials on the database uncovered by Finjan seem to have been harvested previously using Trojan horses and other forms of malware, he said.
"Software as a service has been evolving for some time, but until now, it has been applied only to legitimate applications," Ben-Itzhak said. The recently uncovered database and associated trading applications show that the model is being applied in the cyber-underworld as well, he said.
To Continue Reading: Click Here
---------------------------------------
Source: ComputerWorld
By: Jaikumar Vijayan
A fresh discovery by security vendor Finjan Inc. provides yet another example of how easy it is becoming for almost anyone to find the tools needed to break into, infect or steal data from corporate Web sites.
The San Jose-based vendor announced today that it has uncovered an illegal database containing more than 8,700 stolen File Transfer Protocol server credentials including usernames, passwords and server addresses. Anyone can purchase those credentials and use them to launch malicious attacks against the compromised systems.
The stolen credentials belong to companies from around the world and include more than 2,500 North American companies, some of whose Web sites are among the world's top 100 domains, according to Yuval Ben-Itzhak, Finjan's chief technology officer.
The FTP credentials would allow malicious hackers to break into and upload malware of their choice to compromised servers literally with a click or two, he said. "You could pick any server you wanted in the list, pay for it" and launch an attack with very little effort, Ben-Itzhak said.
A trading interface on the server hosting the illegal database allows purchasers to buy FTP server credentials based on the countries in which the servers are located or even by the Google ranking of the Web sites, Ben-Itzhak said. It also appears to be designed to give criminals looking to resell FTP credentials a better basis for pricing the stolen data, he said.
A newly updated version of a tool kit called NeoSploit, which allows a cybercrook to automatically inject iFrame tags to Web pages on a compromised server, is also available. These tags are used in turn to surreptitiously pull in malicious code from other Web sites, Ben-Itzhak said.
All of the FTP credentials on the database uncovered by Finjan seem to have been harvested previously using Trojan horses and other forms of malware, he said.
"Software as a service has been evolving for some time, but until now, it has been applied only to legitimate applications," Ben-Itzhak said. The recently uncovered database and associated trading applications show that the model is being applied in the cyber-underworld as well, he said.
To Continue Reading: Click Here
---------------------------------------
Source: ComputerWorld
By: Jaikumar Vijayan
Data Recovery Completes Disaster Recovery
We all know, computers have taken over the main stage in our digital lifestyles — professional and personal. We use computers for so many tasks — from business to finance to storing family memories — that the amount of data we are storing is growing exponentially. According to research firms IDC and Gartner, this trend will continue to grow since PC shipments are up 13 percent over last year. This is a clear indication that people are using computers to perform more tasks than ever before, creating a greater need to store their increasingly important data.
As a matter of fact, according to a survey conducted by Harris Interactive and sponsored by storage company Maxtor, nearly one third of computer users admitted their content was “priceless.” At the same time, nearly half of all adult computer users in the United States are at risk of losing their data because they fail to make backup copies — approximately 46 percent of the respondents to the survey do not back up their data, according to the survey.
As such, with more data being stored, there is an increased likelihood for data loss. Thus, implementing a solid and secure data backup procedure is a necessary part of any disaster recovery plan. Such a plan will better ensure access to data when a disaster strikes and businesses need to be able to recover and press on.
Unfortunately, due to the expense, remote data back-up services or expensive storage solutions is out of reach for many small businesses, leaving them in a difficult position. In a disaster or data loss situation, some companies face the possibility of losing all of their critical data — client contacts, billing accounts, financial spreadsheets, proprietary documents — and a future without the information necessary to keep them operating because they don’t practice stringent backup methods. A recent Gartner study found that half of all small and midsize businesses that experience a major data failure lasting more than 24 hours will go under. To boot, depending on the scope of disaster, some companies that think they are well protected are not immune to data loss problems. When backups fail, an all too common problem, or natural disasters hit, such as the extreme case of hurricane Katrina, companies can lose their prime systems as well as their back-up facilities.
When situations like this occur, it is important for computer users to remember that deleted or destroyed doesn’t mean gone and that data recovery companies like Kroll Ontrack, headquartered in Eden Prairie, have many years of experience recovering data from seemingly impossible situations.
First, to clarify — the type of data recovery referenced here should not be confused with how “data recovery” has often been defined. Many understand data recovery as working with a backup company and restoring data from previously backed up media; however, many companies don’t have this type of relationship because of the expense. So, in this case, data recovery means working with a professional recovery service that specializes in rescuing the original (and most up-to-date) missing data directly from the damaged drives or media themselves after the damage occurs.
Data recovery often is the missing element of disaster recovery planning and can serve as a “Hail Mary” attempt when all other options have been exhausted. The following story — granted an extreme case — demonstrates the importance of having a well-rounded disaster recovery plan that includes true data recovery.
Seemann Composites, located in Gulfport, Miss., had a backup plan for their backups. As a custom fabricator of advanced composites and products, Seemann Composites has thousands of files with proprietary information that cannot be recreated. As Katrina approached, Office Manager Jan Niolon suspected their main office on the coast would be in danger, so she took the company’s backup tapes and stored them in an offsite location three cities away. “We do custom work for every job so original files are crucial to our business," said Niolon. Sure enough, Katrina flooded their main production facility with enough water to cover all of their computer equipment and files. Unfortunately, Katrina hit the offsite location as well, flooding the backup tapes in the process.
Rather than panicking, Niolon had an additional procedure to supplement her data back-up plan — data recovery services. "We were in danger of losing several years worth of unique data," said Niolon. "We needed access to our files since we do a lot of work for the government and are subject to defense contract audits. Utilizing data recovery eased those concerns by retrieving files we thought were unrecoverable and helping us get back to business as usual.” In only a few short days, Niolon had most of the lost data back, which helped Seemann continue with current projects and ensure they were protected for the future.
To Continue Reading: Click Here
---------------------------------------
Source: Computer Technology Review
By: Todd Johnson
As a matter of fact, according to a survey conducted by Harris Interactive and sponsored by storage company Maxtor, nearly one third of computer users admitted their content was “priceless.” At the same time, nearly half of all adult computer users in the United States are at risk of losing their data because they fail to make backup copies — approximately 46 percent of the respondents to the survey do not back up their data, according to the survey.
As such, with more data being stored, there is an increased likelihood for data loss. Thus, implementing a solid and secure data backup procedure is a necessary part of any disaster recovery plan. Such a plan will better ensure access to data when a disaster strikes and businesses need to be able to recover and press on.
Unfortunately, due to the expense, remote data back-up services or expensive storage solutions is out of reach for many small businesses, leaving them in a difficult position. In a disaster or data loss situation, some companies face the possibility of losing all of their critical data — client contacts, billing accounts, financial spreadsheets, proprietary documents — and a future without the information necessary to keep them operating because they don’t practice stringent backup methods. A recent Gartner study found that half of all small and midsize businesses that experience a major data failure lasting more than 24 hours will go under. To boot, depending on the scope of disaster, some companies that think they are well protected are not immune to data loss problems. When backups fail, an all too common problem, or natural disasters hit, such as the extreme case of hurricane Katrina, companies can lose their prime systems as well as their back-up facilities.
When situations like this occur, it is important for computer users to remember that deleted or destroyed doesn’t mean gone and that data recovery companies like Kroll Ontrack, headquartered in Eden Prairie, have many years of experience recovering data from seemingly impossible situations.
First, to clarify — the type of data recovery referenced here should not be confused with how “data recovery” has often been defined. Many understand data recovery as working with a backup company and restoring data from previously backed up media; however, many companies don’t have this type of relationship because of the expense. So, in this case, data recovery means working with a professional recovery service that specializes in rescuing the original (and most up-to-date) missing data directly from the damaged drives or media themselves after the damage occurs.
Data recovery often is the missing element of disaster recovery planning and can serve as a “Hail Mary” attempt when all other options have been exhausted. The following story — granted an extreme case — demonstrates the importance of having a well-rounded disaster recovery plan that includes true data recovery.
Seemann Composites, located in Gulfport, Miss., had a backup plan for their backups. As a custom fabricator of advanced composites and products, Seemann Composites has thousands of files with proprietary information that cannot be recreated. As Katrina approached, Office Manager Jan Niolon suspected their main office on the coast would be in danger, so she took the company’s backup tapes and stored them in an offsite location three cities away. “We do custom work for every job so original files are crucial to our business," said Niolon. Sure enough, Katrina flooded their main production facility with enough water to cover all of their computer equipment and files. Unfortunately, Katrina hit the offsite location as well, flooding the backup tapes in the process.
Rather than panicking, Niolon had an additional procedure to supplement her data back-up plan — data recovery services. "We were in danger of losing several years worth of unique data," said Niolon. "We needed access to our files since we do a lot of work for the government and are subject to defense contract audits. Utilizing data recovery eased those concerns by retrieving files we thought were unrecoverable and helping us get back to business as usual.” In only a few short days, Niolon had most of the lost data back, which helped Seemann continue with current projects and ensure they were protected for the future.
To Continue Reading: Click Here
---------------------------------------
Source: Computer Technology Review
By: Todd Johnson
'Google Hacking' on the Rise
It's called "Google hacking" -- a slick data-mining technique used by the Internet's cops and crooks alike to unearth sensitive material mistakenly posted to public Web sites.
And it's just gotten easier, thanks to a program that automates what has typically been painstaking manual labor. The program's authors say they hope it will "screw a large Internet search engine and make the Web a safer place."
Google hacking doesn't mean anyone's hacking Google's Web site. Rather, it refers to a sophisticated searching technique used to uncover flaws in the way Web sites handle confidential details, such as public files containing password and credit card numbers and clues about the vulnerability of the site's own servers.
It works by examining the hidden recesses of a Web site, areas that have been indexed by Google but don't pop up in traditional searches. Sometimes Web sites accidentally post revealing information about themselves, either because employees mistakenly put confidential documents online, or the site wasn't properly configured to obscure sensitive areas.
Security experts say Google hacking wouldn't be an issue if Web sites had proper security safeguards in place.
By looking through Google for evidence of specific types of files used by a Web site or telling responses from the Web site's servers, hackers can learn a lot about how the site was built -- and thus how to begin crafting their attacks.
Although Google hacking has been used for several years by good guys and bad guys to monitor security, experts caution that the new program, called Goolag, could tip the balance in favor of criminals.
"It just makes their job that much easier -- in a very short period of time they can do all these searches for sensitive information," said Ryan Barnett, director of application security at Breach Security Inc. and a SANS Institute faculty member.
Google hackers have typically had to enter in detailed Google search strings by hand, using specially crafted queries to unearth links buried deep in the list of a site's contents. Google has been able to clamp down on past attempts to automate the process.
To Continue Reading: Click Here
---------------------------------------
Source: www.law.com
And it's just gotten easier, thanks to a program that automates what has typically been painstaking manual labor. The program's authors say they hope it will "screw a large Internet search engine and make the Web a safer place."
Google hacking doesn't mean anyone's hacking Google's Web site. Rather, it refers to a sophisticated searching technique used to uncover flaws in the way Web sites handle confidential details, such as public files containing password and credit card numbers and clues about the vulnerability of the site's own servers.
It works by examining the hidden recesses of a Web site, areas that have been indexed by Google but don't pop up in traditional searches. Sometimes Web sites accidentally post revealing information about themselves, either because employees mistakenly put confidential documents online, or the site wasn't properly configured to obscure sensitive areas.
Security experts say Google hacking wouldn't be an issue if Web sites had proper security safeguards in place.
By looking through Google for evidence of specific types of files used by a Web site or telling responses from the Web site's servers, hackers can learn a lot about how the site was built -- and thus how to begin crafting their attacks.
Although Google hacking has been used for several years by good guys and bad guys to monitor security, experts caution that the new program, called Goolag, could tip the balance in favor of criminals.
"It just makes their job that much easier -- in a very short period of time they can do all these searches for sensitive information," said Ryan Barnett, director of application security at Breach Security Inc. and a SANS Institute faculty member.
Google hackers have typically had to enter in detailed Google search strings by hand, using specially crafted queries to unearth links buried deep in the list of a site's contents. Google has been able to clamp down on past attempts to automate the process.
To Continue Reading: Click Here
---------------------------------------
Source: www.law.com
Customers Cite E-Discovery Best Practices
SMEs are finally in a position to reflect on what makes for e-discovery success
Last year's changes to the U.S. Federal Rules of Civil Procedure (FRCP) launched a mass focus on e-discovery, or the electronic management of organizational data for compliance and litigation readiness. And after more than a year of implementation, at least a few customers are finally ready to reflect on what they've done.
While many firms, particularly SMBs, continue to struggle with the FRCP mandate, the ones who've managed to institute policies and procedures for the speedy and accurate retrieval of electronic information have a lot to say about what works -- and what doesn't.
Following is a list of suggestions culled from the experience of users in the field who are far along in their e-discovery implementations.
Make email archiving a priority When IT pros at Foxhollow Technologies Inc., a startup medical device supplier, looked to install email archiving three years ago, management forced the project to the back burner, despite a general lack of email control. "There were users who saved everything and had gigabytes -- or more -- of email messages,” noted Chuck Arconi, system administrator at the company. At the time, Foxhollow had about 600 employees, but its email system chewed up 400 Gbytes of storage.
Then the other shoe dropped when the company became involved in a lawsuit. Suddenly, funding for the email archiving project was no longer a contentious issue. "The legal department had no problem finding the capital needed to pay for the entire project. In fact, they gave us more than twice as much money as we needed.” Aconi's team put in a system from Mimosa, which eliminated the barriers to litigation readiness. (See the table on page two of this article for a list of other vendors offering e-discovery products and services.) “Before, a paralegal would have to spend two to four hours trying to find the right messages in each mail box. Now the work is done with a click of a button,” noted Arconi.
Thankfully, IT had done its homework and the funding was there when the company needed it. Some organizations won't be as lucky. Clearly, litigation can strike when least expected, and it pays to be ready.
To Continue Reading: Click Here
---------------------------------------
Source: www.byteandswitch.com
Last year's changes to the U.S. Federal Rules of Civil Procedure (FRCP) launched a mass focus on e-discovery, or the electronic management of organizational data for compliance and litigation readiness. And after more than a year of implementation, at least a few customers are finally ready to reflect on what they've done.
While many firms, particularly SMBs, continue to struggle with the FRCP mandate, the ones who've managed to institute policies and procedures for the speedy and accurate retrieval of electronic information have a lot to say about what works -- and what doesn't.
Following is a list of suggestions culled from the experience of users in the field who are far along in their e-discovery implementations.
Make email archiving a priority When IT pros at Foxhollow Technologies Inc., a startup medical device supplier, looked to install email archiving three years ago, management forced the project to the back burner, despite a general lack of email control. "There were users who saved everything and had gigabytes -- or more -- of email messages,” noted Chuck Arconi, system administrator at the company. At the time, Foxhollow had about 600 employees, but its email system chewed up 400 Gbytes of storage.
Then the other shoe dropped when the company became involved in a lawsuit. Suddenly, funding for the email archiving project was no longer a contentious issue. "The legal department had no problem finding the capital needed to pay for the entire project. In fact, they gave us more than twice as much money as we needed.” Aconi's team put in a system from Mimosa, which eliminated the barriers to litigation readiness. (See the table on page two of this article for a list of other vendors offering e-discovery products and services.) “Before, a paralegal would have to spend two to four hours trying to find the right messages in each mail box. Now the work is done with a click of a button,” noted Arconi.
Thankfully, IT had done its homework and the funding was there when the company needed it. Some organizations won't be as lucky. Clearly, litigation can strike when least expected, and it pays to be ready.
To Continue Reading: Click Here
---------------------------------------
Source: www.byteandswitch.com
Wednesday, February 27, 2008
Advanced EFS Data Recovery Breaks Vista and Windows Server 2008 Encryption
ElcomSoft Co.Ltd. has released the Professional version 4.0 of Advanced EFS Data Recovery (AEFSDR Pro) for Windows, a powerful data recovery application that makes it easy to recover (decrypt) files encrypted on NTFS (EFS) partitions created in Windows 2003, XP, 2000, Vista and 2008. In addition to all of the capabilities of the Standard version, AEFSDR Pro can perform low-level disk scanning at the sector level, enabling data recovery and forensics specialists to find encryption keys that have been deleted, even on drives that have been reformatted.
Microsoft EFS allows users to store confidential information on a computer when people who have physical access to a computer could otherwise compromise that information, intentionally or unintentionally. EFS is especially useful for securing sensitive data on portable computers or on computers shared by several users. Encrypting sensitive files by means of EFS adds another layer of security.
The popularity of EFS encryption has made it critical for forensics experts and anti-terrorism operatives to have tools like AEFSDR that can give them access to data files. Because the standard Windows logon password can be circumvented using widely-available software (such as Elcomsoft System Recovery), more and more people are using EFS encryption to protect their files. AEFSDR Pro is a must-have application for law enforcement officials, security specialists and military intelligence officers.
The Professional version of AEFSDR lets data experts recover files where users have set up multiple logical disks, for example. a 'C' Drive that contains Windows plus a 'D' Drive that holds data. When the system has serious problems, users will often reformat the 'C' Drive, and reinstall Windows, knowing that their data is safe on the 'D' partition. However, EFS encryption stores its encryption keys in certificates that are located on the system drive. After reinstalling Windows, encrypted data files on the D Drive are no longer accessible.
AEFSDR Pro can search all of the sectors on the 'C' Drive, one-by-one, and find the deleted certificates, even if the drive has been reformatted.
To Continue Reading: Click Here
---------------------------------------
Source: www.prweb.com
Microsoft EFS allows users to store confidential information on a computer when people who have physical access to a computer could otherwise compromise that information, intentionally or unintentionally. EFS is especially useful for securing sensitive data on portable computers or on computers shared by several users. Encrypting sensitive files by means of EFS adds another layer of security.
The popularity of EFS encryption has made it critical for forensics experts and anti-terrorism operatives to have tools like AEFSDR that can give them access to data files. Because the standard Windows logon password can be circumvented using widely-available software (such as Elcomsoft System Recovery), more and more people are using EFS encryption to protect their files. AEFSDR Pro is a must-have application for law enforcement officials, security specialists and military intelligence officers.
The Professional version of AEFSDR lets data experts recover files where users have set up multiple logical disks, for example. a 'C' Drive that contains Windows plus a 'D' Drive that holds data. When the system has serious problems, users will often reformat the 'C' Drive, and reinstall Windows, knowing that their data is safe on the 'D' partition. However, EFS encryption stores its encryption keys in certificates that are located on the system drive. After reinstalling Windows, encrypted data files on the D Drive are no longer accessible.
AEFSDR Pro can search all of the sectors on the 'C' Drive, one-by-one, and find the deleted certificates, even if the drive has been reformatted.
To Continue Reading: Click Here
---------------------------------------
Source: www.prweb.com
Keep your data safe by following the Password Commandments
Your first--and sometimes only--line of PC defense is your password. Even the most carefully crafted password can be rendered useless if you don't keep it secret. This is not such an easy thing to do, especially considering all the clever tricks data thieves have come up with to grab it, with or without your knowledge. More dangerous is the lackadaisical approach many people take to creating, using, and protecting their passwords. Here are 10 ways to use passwords to best effect.
1: Don't write it down. Ever. Either it will be so easy to find that you might as well not use any password at all, or you'll forget where you put it and somebody else will find it and use it to access your system. You may think your password is safe on that sticky note inside the third appendix of "Mastering OS/2, Second Edition," but that's the first place your larcenous pet walker will look (apologies in advance to all pet walkers for disparaging their noble profession).
2: Devise a password-creating system that's all yours. There are dozens, hundreds, maybe even thousands of Web pages and other resources offering advice on how to craft strong passwords. Of course, these are the first places the people in the business of cracking passwords look for tips. It's not difficult to come up with your own system that combines a variety of methods. One possibility is to start by reversing an inactive phone number from your past, then convert the numbers to letters, so "213-555-1212: would become "bm-eee-ll" (remove the hyphens, if you wish). Make it even stronger by adding the street name of your childhood home converted from letters to numbers, which would change "Maple" into "13-1-15-12-5". Now really mix things up by placing the numbers inside the letters: "bme13115125eell".
The benefits of having your own system over using a random password generator is memorability: If you remember your system, you'll look at the above sequence and see the phone number and street name, not just the actual letters and numbers. No, I won't tell you the password-creation system(s) I use, but they don't have anything to do with old phone numbers or street names. Honest.
To Continue Reading: Click Here
---------------------------------------
Source: www.news.com
By: Dennis O'Reilly
1: Don't write it down. Ever. Either it will be so easy to find that you might as well not use any password at all, or you'll forget where you put it and somebody else will find it and use it to access your system. You may think your password is safe on that sticky note inside the third appendix of "Mastering OS/2, Second Edition," but that's the first place your larcenous pet walker will look (apologies in advance to all pet walkers for disparaging their noble profession).
2: Devise a password-creating system that's all yours. There are dozens, hundreds, maybe even thousands of Web pages and other resources offering advice on how to craft strong passwords. Of course, these are the first places the people in the business of cracking passwords look for tips. It's not difficult to come up with your own system that combines a variety of methods. One possibility is to start by reversing an inactive phone number from your past, then convert the numbers to letters, so "213-555-1212: would become "bm-eee-ll" (remove the hyphens, if you wish). Make it even stronger by adding the street name of your childhood home converted from letters to numbers, which would change "Maple" into "13-1-15-12-5". Now really mix things up by placing the numbers inside the letters: "bme13115125eell".
The benefits of having your own system over using a random password generator is memorability: If you remember your system, you'll look at the above sequence and see the phone number and street name, not just the actual letters and numbers. No, I won't tell you the password-creation system(s) I use, but they don't have anything to do with old phone numbers or street names. Honest.
To Continue Reading: Click Here
---------------------------------------
Source: www.news.com
By: Dennis O'Reilly
Nip EDD Costs in the Bud
As is well known by now, the Federal Rules of Civil Procedure were amended, effective Dec. 1, 2006, to address certain issues relating to the discovery of electronically stored information, or ESI. These changes include, among other things:
(i) A new two-tier approach to discovery that permits litigants not to produce ESI in the first instance from sources identified as "not reasonably accessible because of undue burden or cost."
(ii) A uniform protocol for dealing with inadvertently produced privileged materials.
(iii) A limited "safe harbor" that, absent exceptional circumstances, prohibits a court from imposing sanctions under the Federal Rules due to the loss of ESI "as a result of the routine, good faith operation of an information system."
Among the most important amendments, however, is the requirement that litigants discuss ESI at their initial discovery planning conference. The Committee Note to Rule 26(f) explained that "discussion at the outset may avoid later difficulties or ease their resolution."
Specifically, Rule 26(f) was amended to require litigants to discuss three additional items during their initial conference.
First, in developing a discovery plan, litigants are required to discuss and incorporate the parties' views on "any issues relating to disclosure or discovery of electronically stored information, including the form or forms in which it should be produced."
Second, the parties are required to discuss "any issues relating to preserving discoverable information."
Third, the parties need to discuss and include in their discovery plan "any issues relating to claims of privilege or of protection as trial-preparation material, including -- if the parties agree on a procedure to assert such claims after production -- whether to ask the court to include their agreement in an order."
To Continue Reading: Click Here
---------------------------------------
Source: www.law.com
By: Craig Ball
(i) A new two-tier approach to discovery that permits litigants not to produce ESI in the first instance from sources identified as "not reasonably accessible because of undue burden or cost."
(ii) A uniform protocol for dealing with inadvertently produced privileged materials.
(iii) A limited "safe harbor" that, absent exceptional circumstances, prohibits a court from imposing sanctions under the Federal Rules due to the loss of ESI "as a result of the routine, good faith operation of an information system."
Among the most important amendments, however, is the requirement that litigants discuss ESI at their initial discovery planning conference. The Committee Note to Rule 26(f) explained that "discussion at the outset may avoid later difficulties or ease their resolution."
Specifically, Rule 26(f) was amended to require litigants to discuss three additional items during their initial conference.
First, in developing a discovery plan, litigants are required to discuss and incorporate the parties' views on "any issues relating to disclosure or discovery of electronically stored information, including the form or forms in which it should be produced."
Second, the parties are required to discuss "any issues relating to preserving discoverable information."
Third, the parties need to discuss and include in their discovery plan "any issues relating to claims of privilege or of protection as trial-preparation material, including -- if the parties agree on a procedure to assert such claims after production -- whether to ask the court to include their agreement in an order."
To Continue Reading: Click Here
---------------------------------------
Source: www.law.com
By: Craig Ball
Tuesday, February 26, 2008
Deleted Data Can Be Used Against You
When it comes to computers, nothing is really private.
From divorce to murder, computer forensic examiner Larry Daniel has seen it all working for the Raleigh-based YourTechnician.com.
"We recover e-mail," he said. "We recover tons of pornography that's on the computers – chat logs where you talk to other people."
Daniel says what people don't realize is that it is practically impossible to permanently get rid of anything you do on a computer, cell phone, digital music player– or any other electronic device that stores data, for that matter.
"Computers never actually delete anything. That's the first mistake most people make," he said. ""So basically, even though you think you've cleaned it, you haven't."
And if you're not careful, the information can be used against you.
Scouring computers for information is the latest tool in the courtroom; investigators use what they find to support their cases.
"In some cases, we've done things that have allowed attorneys to establish or destroy alibis in cases," Daniel said.
YourTechnician.com has provided expert witness testimony for a number of high-profile criminal cases – including child pornography, murder and kidnapping – over the past few years cases.
To Continue Reading: Click Here
---------------------------------------
Source: www.wral.com
From divorce to murder, computer forensic examiner Larry Daniel has seen it all working for the Raleigh-based YourTechnician.com.
"We recover e-mail," he said. "We recover tons of pornography that's on the computers – chat logs where you talk to other people."
Daniel says what people don't realize is that it is practically impossible to permanently get rid of anything you do on a computer, cell phone, digital music player– or any other electronic device that stores data, for that matter.
"Computers never actually delete anything. That's the first mistake most people make," he said. ""So basically, even though you think you've cleaned it, you haven't."
And if you're not careful, the information can be used against you.
Scouring computers for information is the latest tool in the courtroom; investigators use what they find to support their cases.
"In some cases, we've done things that have allowed attorneys to establish or destroy alibis in cases," Daniel said.
YourTechnician.com has provided expert witness testimony for a number of high-profile criminal cases – including child pornography, murder and kidnapping – over the past few years cases.
To Continue Reading: Click Here
---------------------------------------
Source: www.wral.com
Congress continues probe into missing e-mails
Despite urging from House Democrats, the administration has yet to collect server backup tapes from the Republican National Committee for an investigation into whether government business was conducted from members' e-mail accounts and improperly preserved. Bipartisan lawmakers debated the merits of digging up such information at a hearing Tuesday.
The squabble between Democrats and Republicans occurred during a hearing before the House Oversight and Government Reform Committee about the preservation of electronic records by the White House, which has been under fire since a 2005 analysis identified more than 700 days during 2003 in which e-mail records were either unrealistically low in number, or nonexistent. Lawmakers also have raised questions about high-ranking administration officials using RNC e-mail accounts to potentially conduct government business. The 1978 Presidential Records Act requires that such electronic documents be archived, but the RNC reported that it did not preserve any e-mails for more than 50 officials, and saved few e-mails for 30 other officials before fall 2006.
Theresa Payton, chief information officer for the White House's Office of Administration, reiterated previous claims that backups for all e-mails missing from the White House systems should exist, but that she wouldn't know for sure until a full analysis was completed. Payton said that while a re-inventory is nearly finished, more than 17 million e-mails are not attributed to specific "components," such as individual e-mail accounts. She estimated the cost of the entire project will reach $15 million or more.
Payton said the investigation into missing RNC e-mails is not part of the analysis because it is outside the jurisdiction of the Executive Office of the President. The White House has made no effort to acquire any RNC backup tapes.
"The White House has the responsibility to preserve e-mails, and if some of those are at RNC, the White House has the responsibility to get them," Chairman Henry Waxman, D-Calif., said, pointing out that then-White House Deputy Chief of Staff Karl Rove used his RNC account to send more than 95 percent of e-mails between 2001 and 2003 -- during the same period that the administration was making a case for invading Iraq. "It looks like the White House has done nothing [to track down these e-mails]," Waxman said.
To Continue Reading: Click Here
---------------------------------------
Source: www.govexec.com
The squabble between Democrats and Republicans occurred during a hearing before the House Oversight and Government Reform Committee about the preservation of electronic records by the White House, which has been under fire since a 2005 analysis identified more than 700 days during 2003 in which e-mail records were either unrealistically low in number, or nonexistent. Lawmakers also have raised questions about high-ranking administration officials using RNC e-mail accounts to potentially conduct government business. The 1978 Presidential Records Act requires that such electronic documents be archived, but the RNC reported that it did not preserve any e-mails for more than 50 officials, and saved few e-mails for 30 other officials before fall 2006.
Theresa Payton, chief information officer for the White House's Office of Administration, reiterated previous claims that backups for all e-mails missing from the White House systems should exist, but that she wouldn't know for sure until a full analysis was completed. Payton said that while a re-inventory is nearly finished, more than 17 million e-mails are not attributed to specific "components," such as individual e-mail accounts. She estimated the cost of the entire project will reach $15 million or more.
Payton said the investigation into missing RNC e-mails is not part of the analysis because it is outside the jurisdiction of the Executive Office of the President. The White House has made no effort to acquire any RNC backup tapes.
"The White House has the responsibility to preserve e-mails, and if some of those are at RNC, the White House has the responsibility to get them," Chairman Henry Waxman, D-Calif., said, pointing out that then-White House Deputy Chief of Staff Karl Rove used his RNC account to send more than 95 percent of e-mails between 2001 and 2003 -- during the same period that the administration was making a case for invading Iraq. "It looks like the White House has done nothing [to track down these e-mails]," Waxman said.
To Continue Reading: Click Here
---------------------------------------
Source: www.govexec.com
FRCP Amendments Demonstrate Requirement for Email Archiving with eDiscovery
The first wave of live content archiving products came to market in 2002 in response to the compliance regulations in the dealer/broker and financial services sectors. This was followed by the second wave resulting from litigation readiness requirements for Electronically Stored Information (ESI) — hastened by the amended Federal Rules of Civil Procedure (FRCP) requirements. These amendments further strengthened the expectations that companies must follow in federal litigation, especially in relation to electronic records.
The amendments were applied to Rules 16, 26, 33, 34, 37 and 45 and targeted at ESI. The amendments defined a new reality in how email is stored, retained and produced when called for. The amended Federal Rules of Civil Procedure are available at http://www.uscourts.gov/rules/newrules4.html.
Since the FRCP changes, the discovery of email for litigation has become a critical component of legal inquiries. In the past, organizations had to rely on much riskier manual processes to sift through enormous amounts of enterprise data located on production servers, backup tapes, removable media and desktops spread throughout the company. This approach left companies vulnerable because of the sheer volume of emails and files that must be found and sifted through with no assurance the information needed could be uncovered to meet legal requirements. To address the enormous drain on corporate resources, companies are adopting content archiving solutions to automate eDiscovery and rapidly uncover responsive email, files and other data in a cost effective manner to reduce costs and ensure compliance.
Email archiving provides important benefits for companies required to satisfy data governance with respect to FRCP, but also supports regulatory governance, information management and optimization, knowledge management, data mining and data protection. Most information created by employees and other stakeholders today is stored in electronic files, largely in the email systems. Email archiving provides a mechanism for retaining, securing and producing that data when required.
Email archiving solutions should address critical customer requirements around email information archiving, eDiscovery, regulatory compliance, business continuity, and storage optimization. Enterprise-class solutions provide legal search workflow, immediate mailbox and message recovery, disaster recovery, email archiving, and self-service search and access in one solution. By leveraging cost-effective storage, these solutions also optimize email storage and reduce overall infrastructure costs.Next generation email archiving solutions deliver rapid, comprehensive search across millions of emails for litigation ready production and provide the following capabilities:
To Continue Reading: Click Here
---------------------------------------
Source: Computer Technology Review
By: William Tolson
The amendments were applied to Rules 16, 26, 33, 34, 37 and 45 and targeted at ESI. The amendments defined a new reality in how email is stored, retained and produced when called for. The amended Federal Rules of Civil Procedure are available at http://www.uscourts.gov/rules/newrules4.html.
Since the FRCP changes, the discovery of email for litigation has become a critical component of legal inquiries. In the past, organizations had to rely on much riskier manual processes to sift through enormous amounts of enterprise data located on production servers, backup tapes, removable media and desktops spread throughout the company. This approach left companies vulnerable because of the sheer volume of emails and files that must be found and sifted through with no assurance the information needed could be uncovered to meet legal requirements. To address the enormous drain on corporate resources, companies are adopting content archiving solutions to automate eDiscovery and rapidly uncover responsive email, files and other data in a cost effective manner to reduce costs and ensure compliance.
Email archiving provides important benefits for companies required to satisfy data governance with respect to FRCP, but also supports regulatory governance, information management and optimization, knowledge management, data mining and data protection. Most information created by employees and other stakeholders today is stored in electronic files, largely in the email systems. Email archiving provides a mechanism for retaining, securing and producing that data when required.
Email archiving solutions should address critical customer requirements around email information archiving, eDiscovery, regulatory compliance, business continuity, and storage optimization. Enterprise-class solutions provide legal search workflow, immediate mailbox and message recovery, disaster recovery, email archiving, and self-service search and access in one solution. By leveraging cost-effective storage, these solutions also optimize email storage and reduce overall infrastructure costs.Next generation email archiving solutions deliver rapid, comprehensive search across millions of emails for litigation ready production and provide the following capabilities:
To Continue Reading: Click Here
---------------------------------------
Source: Computer Technology Review
By: William Tolson
Monday, February 25, 2008
“Counselor, Why can’t You Google It?”
Live from Legal Tech NYC, a session on empirical research on e-discovery, specifically the reliability and value of using computers to review document.
The session: “The Electronic Discovery Institute is a 501©(3) non-profit corporation dedicated to resolving the legal community’s electronic discovery challenges. The Institute’s study compares the time, cost and accuracy of traditional, manual document review processes with computer assisted categorization tools.”
The panelists:
The Honorable David Waxse, Federal Magistrate Judge District of Kansas
Craig Ball,Esq. Attorney & Computer Forensic Examiner
Julia Brickell, Esq., Associate General Counsel, Altria
Peter Gronvall, Esq., Managing Director, AdamsGrayson
Anne Kershaw, Esq., EDI President & founder of A.Kershaw PC/Attorneys & Consultants
Laura Kibbe, Esq., Senior Corporate Counsel & Managing Director, Pfizer, Inc.
Jonathan Nystrom, EDI Study Participant & Vice President, Cataphora
Patrick Oot, Esq., EDI Vice President & Director of Electronic Discovery, Senior Counsel, Verizon [MODERATOR]
Herb Roitblat, Ph.D., EDI Chairman & Principal, OrcaTec LLC
Rich Tobey, CPA, EDI Study Participant & Managing Partner,Vmax Consulting
Oot opens by pointing out that the real goal in e-discovery is justice. Rule 1 of the FRCP references securing “the just, speedy, and inexpensive determination of every action and proceeding.”
Start with the notion that assessing relevancy is difficult. Oot references his involvement in Verizon acquisition of MCI. They used traditional 2nd request review process with much manual review. 83 custodians, 2.3 million documents, 2 law firms involved with one deploying 115 lawyers and the 2nd deploying 110 lawyers to conduct privilege and relevance review. It took four months of long days. The cost of document review was just shy of $13.5 million. Note that this matter was not big by today’s standards. FTC would not allow the parties to use key word searches to narrow the document review. “There’s got to a better way to do this than all the human review.”
Oot and Kershaw started the eDiscovery Institute (EDI) to study if there is a better way to conduct document review. Kershaw now summarizes the Institute: The idea started a few years ago with a private review Kershaw did comparing two approaches to document review. Judges and others wanted more data to compare approaches. Work today has just scratched the surface - much remains to be done. Institute is a not-for-profit and is set up to do additional studies to ease the pain of conducting litigation.
EDI’s first study compared traditional doc review with an electronically assisted process. EDI will publish a white paper in early 2008; it will be peer-reviewed and available freely. Views EDI as unique organization to provide factual information (Sedonna focuses on princicples). Pfizer and Verizon are current sponsors but EDI seeks additional sponsors. EDI will not be a vendor or process certification organization - it will report on factual findings.
QUESTIONS EDI WILL ADDRESS- Should a party consider alternative methods to brute force review?- Is computer assisted relevancy assessment reasonable under the Rules?- Is any process reasonable?
The study dataset: The MCI-Verizon acquisiton data for antitrust 2nd request - 83 custodians in 10 states, 13. terabytes, over 2 million documents.
Roitblatt describes study: Quantitative measurement is key. References the seminal Blair-Moran 1985 study that found that researchers are only 20% accurate in finding docs but thought they were 80% accurate. The way to measure accuracy is to measure actual performance against the “the truth.” You have to approximate the truth. [Editor: in medicine, this might be called the gold standdard.] How do you define the “baseline” of the objectively or widely accepted definition of relevance of each document. Must consider both false positives and false negatives. Precision is percent of docs selected that are truly relevant. Recall is percent of relevant docs actually retrieved. Elusion is percent of docs not retrieved that are relevant.
Key question is what we can actually measure? What are the appropriate “power tools” for e-discovery (versus manual review)? To answer, start by looking at ESI review process: training, case background, examples combined with experience lead to judgments of whether a document is responsive or not. In a 2nd tier review, typically reviewers only look at what first round designated as responsive. So two tier review has problem that relevance calls on first round are not necessarily carefully reviewed.
How does a computer get experience to separate responsive from non-responsive docs? It’s all just mathematics. The competition among vendors is who has the better math. The process with computers is based on rules, text, and math applied to docs. Computer approach may “recurse,” that is, adjust its process based on feedback from human reviewers. For study, “true” designation of document is based on original work of MCI-Verizon team.
Roitblatt describes the famous Turing test for artificial intelligence: can a human tell the difference between a computer and a human in a text interface, interactive conversation. By extension, a computer aided review should be comparable to a human review.
To Continue Reading: Click Here
-----------------------------------------
Source: Prism Legal
By: Ron Friedmann
The session: “The Electronic Discovery Institute is a 501©(3) non-profit corporation dedicated to resolving the legal community’s electronic discovery challenges. The Institute’s study compares the time, cost and accuracy of traditional, manual document review processes with computer assisted categorization tools.”
The panelists:
The Honorable David Waxse, Federal Magistrate Judge District of Kansas
Craig Ball,Esq. Attorney & Computer Forensic Examiner
Julia Brickell, Esq., Associate General Counsel, Altria
Peter Gronvall, Esq., Managing Director, AdamsGrayson
Anne Kershaw, Esq., EDI President & founder of A.Kershaw PC/Attorneys & Consultants
Laura Kibbe, Esq., Senior Corporate Counsel & Managing Director, Pfizer, Inc.
Jonathan Nystrom, EDI Study Participant & Vice President, Cataphora
Patrick Oot, Esq., EDI Vice President & Director of Electronic Discovery, Senior Counsel, Verizon [MODERATOR]
Herb Roitblat, Ph.D., EDI Chairman & Principal, OrcaTec LLC
Rich Tobey, CPA, EDI Study Participant & Managing Partner,Vmax Consulting
Oot opens by pointing out that the real goal in e-discovery is justice. Rule 1 of the FRCP references securing “the just, speedy, and inexpensive determination of every action and proceeding.”
Start with the notion that assessing relevancy is difficult. Oot references his involvement in Verizon acquisition of MCI. They used traditional 2nd request review process with much manual review. 83 custodians, 2.3 million documents, 2 law firms involved with one deploying 115 lawyers and the 2nd deploying 110 lawyers to conduct privilege and relevance review. It took four months of long days. The cost of document review was just shy of $13.5 million. Note that this matter was not big by today’s standards. FTC would not allow the parties to use key word searches to narrow the document review. “There’s got to a better way to do this than all the human review.”
Oot and Kershaw started the eDiscovery Institute (EDI) to study if there is a better way to conduct document review. Kershaw now summarizes the Institute: The idea started a few years ago with a private review Kershaw did comparing two approaches to document review. Judges and others wanted more data to compare approaches. Work today has just scratched the surface - much remains to be done. Institute is a not-for-profit and is set up to do additional studies to ease the pain of conducting litigation.
EDI’s first study compared traditional doc review with an electronically assisted process. EDI will publish a white paper in early 2008; it will be peer-reviewed and available freely. Views EDI as unique organization to provide factual information (Sedonna focuses on princicples). Pfizer and Verizon are current sponsors but EDI seeks additional sponsors. EDI will not be a vendor or process certification organization - it will report on factual findings.
QUESTIONS EDI WILL ADDRESS- Should a party consider alternative methods to brute force review?- Is computer assisted relevancy assessment reasonable under the Rules?- Is any process reasonable?
The study dataset: The MCI-Verizon acquisiton data for antitrust 2nd request - 83 custodians in 10 states, 13. terabytes, over 2 million documents.
Roitblatt describes study: Quantitative measurement is key. References the seminal Blair-Moran 1985 study that found that researchers are only 20% accurate in finding docs but thought they were 80% accurate. The way to measure accuracy is to measure actual performance against the “the truth.” You have to approximate the truth. [Editor: in medicine, this might be called the gold standdard.] How do you define the “baseline” of the objectively or widely accepted definition of relevance of each document. Must consider both false positives and false negatives. Precision is percent of docs selected that are truly relevant. Recall is percent of relevant docs actually retrieved. Elusion is percent of docs not retrieved that are relevant.
Key question is what we can actually measure? What are the appropriate “power tools” for e-discovery (versus manual review)? To answer, start by looking at ESI review process: training, case background, examples combined with experience lead to judgments of whether a document is responsive or not. In a 2nd tier review, typically reviewers only look at what first round designated as responsive. So two tier review has problem that relevance calls on first round are not necessarily carefully reviewed.
How does a computer get experience to separate responsive from non-responsive docs? It’s all just mathematics. The competition among vendors is who has the better math. The process with computers is based on rules, text, and math applied to docs. Computer approach may “recurse,” that is, adjust its process based on feedback from human reviewers. For study, “true” designation of document is based on original work of MCI-Verizon team.
Roitblatt describes the famous Turing test for artificial intelligence: can a human tell the difference between a computer and a human in a text interface, interactive conversation. By extension, a computer aided review should be comparable to a human review.
To Continue Reading: Click Here
-----------------------------------------
Source: Prism Legal
By: Ron Friedmann
Data Compliance: Guilty Until Proven Tamperproof
The answer to a barrage of laws and regulations requiring IT to store data for increasing periods of time? CAS and locked NAS.
How certain are you that the electronic data your team retrieves in response to discovery requests is complete and unaltered? Recent rulings have framed electronic records as on par with audio recordings and digital photos in terms of reliability, as judges recognize that a clever cheat could modify an e-mail to remove a critical "not" before submitting it into evidence. IT groups that have yet to implement systems that store data in nonmodifiable form are behind the curve.
Long-term data-retention mandates are a minefield as well. Organizations covered by OSHA regs must keep physical exam records for 30 years after an employee's termination, while HIPAA requires that medical facilities retain records for 20 years or more. Just keeping copies of end-of-month or end-of-year backup tapes doesn't cut it. Even if the tape hasn't degraded, it's unlikely you'll have a drive that can read it.
Hitachi's Content Archive Platform has a unique approach
Storage vendors such as Caringo, EMC (NYSE: EMC), Hitachi Data Systems, Permabit Technology, and Nexsan Technologies offer a variety of technologies to store fixed content data. These systems aren't cheap, but neither is litigation. And, as the space expands, IT will have more to choose from. We asked vendors about the latest in tamperproof content-addressable storage (CAS) and locked NAS gear, as well as services for those who don't want to maintain their own archives.
As for a business driver, if you can empower counsel to say, "This message was intercepted before the user had access to it by our e-mail archiving system, which saved it to a nonmodifiable archive at 4:02:03 p.m. on 13 February," you're a rock star. "This e-mail sat for nine months in the user's in-box, where he could have changed it at any time," not so much.
To Continue Reading: Click Here
-----------------------------------------
Source: Informationweek
By: Howard Marks
How certain are you that the electronic data your team retrieves in response to discovery requests is complete and unaltered? Recent rulings have framed electronic records as on par with audio recordings and digital photos in terms of reliability, as judges recognize that a clever cheat could modify an e-mail to remove a critical "not" before submitting it into evidence. IT groups that have yet to implement systems that store data in nonmodifiable form are behind the curve.
Long-term data-retention mandates are a minefield as well. Organizations covered by OSHA regs must keep physical exam records for 30 years after an employee's termination, while HIPAA requires that medical facilities retain records for 20 years or more. Just keeping copies of end-of-month or end-of-year backup tapes doesn't cut it. Even if the tape hasn't degraded, it's unlikely you'll have a drive that can read it.
Hitachi's Content Archive Platform has a unique approach
Storage vendors such as Caringo, EMC (NYSE: EMC), Hitachi Data Systems, Permabit Technology, and Nexsan Technologies offer a variety of technologies to store fixed content data. These systems aren't cheap, but neither is litigation. And, as the space expands, IT will have more to choose from. We asked vendors about the latest in tamperproof content-addressable storage (CAS) and locked NAS gear, as well as services for those who don't want to maintain their own archives.
As for a business driver, if you can empower counsel to say, "This message was intercepted before the user had access to it by our e-mail archiving system, which saved it to a nonmodifiable archive at 4:02:03 p.m. on 13 February," you're a rock star. "This e-mail sat for nine months in the user's in-box, where he could have changed it at any time," not so much.
To Continue Reading: Click Here
-----------------------------------------
Source: Informationweek
By: Howard Marks
Clumsy Redaction Can Spell Negligence
"The forceps of our minds are clumsy forceps," observed H.G. Wells, "and crush the truth a little in taking hold of it." Clumsier still is a method commonly used to redact information from electronically stored information -- one that so crushes truth, it's alarming anyone defends it, let alone promotes it as a "standard."
I speak of redacting electronic documents by converting them to TIFF images, blacking out privileged and confidential content, then clumsily attempting to recreate electronic searchability by optical character recognition. When applied to spreadsheets and databases, it simply doesn't work. Why, then, are we content to spin invisible cloth rather than acknowledge the emperor's privates are on parade?
Good sense and fair play dictate that redaction methods preserve the integrity of unredacted content and the searchability and usability of the document. Instead, expediency and anxiety drive use of TIFF and OCR for redaction, enabling counsel to cling to familiar, if shopworn, "black line" redaction methods out of fear that privileged contents lurk in some dark digital recess.
To appreciate the problem, consider a complex spreadsheet like those routinely encountered in e-discovery. Spreadsheets are data grids made up of "cells" formed at the intersection of rows and columns. Cells contain hidden formulae entered by the user that generate calculated values seen as numbers in the cell. Formulae are what distinguish a spreadsheet from a word processed table and may be important evidence in that they establish the origins, dependency and sensitivity of the calculated values. Put differently, formulae make the numbers dance. Without them, cell values are runes bereft of rhyme or reason.
With its embedded content, page-defying proportions and dynamic functionality, the exemplar spreadsheet fairly cries out for native production. Alas, it also harbors privileged or confidential content that must be excised.
If the requesting party isn't vigilant, here's how redaction goes wrong:
First, the producing party images the spreadsheet in TIFF format. It sprawls beyond the bounds of an 8 1/2 x 11-inch page, so the data spills confusingly across multiple pages of TIFF images, obscuring column and row relationships. It's a mess.
Second, converting the spreadsheet to TIFF strips away all the underlying formulae, destroying spreadsheet function and undermining a key advantage of native production.
Finally, converting to TIFF means the data is no longer intelligible as data -- i.e., it's not electronically searchable. A TIFF is just a picture -- static ink on a virtual page -- and no more electronically searchable than a Gutenberg Bible.
But it gets worse. To this point, the spreadsheet has been folded across unnatural dimensions, stripped of its usability and rendered electronically unsearchable. Now, the producing party redacts objectionable information like it was any 2D paper document -- by using a drawing utility to black it out or printing it to paper for obliteration by a trusty felt-tip marker!
The spreadsheet's on life support. Seeking to resuscitate its electronic searchability, the producing party administers OCR.
OCR is inherently error-prone, but when the optically recognized data is text, spell-checking corrects egregious recognition errors and restores some of the electronic searchability the federal rules require. When the data is numeric, however, there are no means to spell-check the inevitably myopic OCR. Wrong numbers replace right ones, and the data becomes wholly untrustworthy. By the time the spreadsheet reaches the requesting party, it's a goner:
To Continue Reading: Click Here
--------------------------------------
Source: Law.com
By: Craig Ball
I speak of redacting electronic documents by converting them to TIFF images, blacking out privileged and confidential content, then clumsily attempting to recreate electronic searchability by optical character recognition. When applied to spreadsheets and databases, it simply doesn't work. Why, then, are we content to spin invisible cloth rather than acknowledge the emperor's privates are on parade?
Good sense and fair play dictate that redaction methods preserve the integrity of unredacted content and the searchability and usability of the document. Instead, expediency and anxiety drive use of TIFF and OCR for redaction, enabling counsel to cling to familiar, if shopworn, "black line" redaction methods out of fear that privileged contents lurk in some dark digital recess.
To appreciate the problem, consider a complex spreadsheet like those routinely encountered in e-discovery. Spreadsheets are data grids made up of "cells" formed at the intersection of rows and columns. Cells contain hidden formulae entered by the user that generate calculated values seen as numbers in the cell. Formulae are what distinguish a spreadsheet from a word processed table and may be important evidence in that they establish the origins, dependency and sensitivity of the calculated values. Put differently, formulae make the numbers dance. Without them, cell values are runes bereft of rhyme or reason.
With its embedded content, page-defying proportions and dynamic functionality, the exemplar spreadsheet fairly cries out for native production. Alas, it also harbors privileged or confidential content that must be excised.
If the requesting party isn't vigilant, here's how redaction goes wrong:
First, the producing party images the spreadsheet in TIFF format. It sprawls beyond the bounds of an 8 1/2 x 11-inch page, so the data spills confusingly across multiple pages of TIFF images, obscuring column and row relationships. It's a mess.
Second, converting the spreadsheet to TIFF strips away all the underlying formulae, destroying spreadsheet function and undermining a key advantage of native production.
Finally, converting to TIFF means the data is no longer intelligible as data -- i.e., it's not electronically searchable. A TIFF is just a picture -- static ink on a virtual page -- and no more electronically searchable than a Gutenberg Bible.
But it gets worse. To this point, the spreadsheet has been folded across unnatural dimensions, stripped of its usability and rendered electronically unsearchable. Now, the producing party redacts objectionable information like it was any 2D paper document -- by using a drawing utility to black it out or printing it to paper for obliteration by a trusty felt-tip marker!
The spreadsheet's on life support. Seeking to resuscitate its electronic searchability, the producing party administers OCR.
OCR is inherently error-prone, but when the optically recognized data is text, spell-checking corrects egregious recognition errors and restores some of the electronic searchability the federal rules require. When the data is numeric, however, there are no means to spell-check the inevitably myopic OCR. Wrong numbers replace right ones, and the data becomes wholly untrustworthy. By the time the spreadsheet reaches the requesting party, it's a goner:
To Continue Reading: Click Here
--------------------------------------
Source: Law.com
By: Craig Ball
How a computer forensic investigation works
Many stories have come to light lately about people getting caught using their computer for nefarious purposes. Possession of confidential business secrets, child pornography or spreadsheets to track gambling activities have gotten a wide variety of folks in hot water.
How did these people get caught? By now, most lay people know that a specialized form of technical analysis, most often referred to as computer forensics, facilitated their capture. Forensic investigations also assist corporations and other organizations in their efforts to prevent theft or tampering of sensitive information.
It's not hard to see why forensic investigations are becoming more necessary. After all, it doesn't take a rocket scientist to figure out that virtually all business records are created electronically. Whether its a Bishop Street business or a Chinatown gambling house, computers are being used to to run the operation.
So what really happens during a forensic investigation?
Typically, the investigation starts with gathering the data to be investigated. Copies are made, and depending upon the type of investigation, different methods are used.
For example, in a criminal investigation, exact copies of the hardware or media involved are necessary. Typically, the information we look for is in files used for word processing, spreadsheets, e-mail, Internet usage, and databases. Such files are usually quite easy, from a geek's perspective, to identify. Partial files or files that have been deleted can also be recovered. Software to assist in this process has been around for years.
To Continue Reading: Click Here
-----------------------------------------
Source: starbulletin.com
How did these people get caught? By now, most lay people know that a specialized form of technical analysis, most often referred to as computer forensics, facilitated their capture. Forensic investigations also assist corporations and other organizations in their efforts to prevent theft or tampering of sensitive information.
It's not hard to see why forensic investigations are becoming more necessary. After all, it doesn't take a rocket scientist to figure out that virtually all business records are created electronically. Whether its a Bishop Street business or a Chinatown gambling house, computers are being used to to run the operation.
So what really happens during a forensic investigation?
Typically, the investigation starts with gathering the data to be investigated. Copies are made, and depending upon the type of investigation, different methods are used.
For example, in a criminal investigation, exact copies of the hardware or media involved are necessary. Typically, the information we look for is in files used for word processing, spreadsheets, e-mail, Internet usage, and databases. Such files are usually quite easy, from a geek's perspective, to identify. Partial files or files that have been deleted can also be recovered. Software to assist in this process has been around for years.
To Continue Reading: Click Here
-----------------------------------------
Source: starbulletin.com
Smart phones, big worries
You just bought a new smart phone, and it makes you feel so much smarter just for owning it that you can't stand yourself. It does everything, and does it so well, that the PDA your company gave you three years ago seems clunky. Your life would be so much more cool if you could use your smart phone for company business as well as for personal stuff, so you decide to talk to your supervisor first thing Monday morning and offer to return the PDA.
Not so fast, pilgrim.
If your supervisor allows you to conduct company business on your personal smart phone, she could open a Pandora's box of legal and technical issues.
For starters, there is the matter of security. To what extent could company e-mails on your smart phone be accessible to others?
"If you send an e-mail, you're really transmitting an electronic copy of what you type over the Internet," said Zach Hummel, an employment law attorney and partner in New York-based Bryan Cave LLP. "Usually there is a copy of what you type retained on the phone. There's also a copy that will be on the server of the employer, and then there's a copy that shows up in the inbox of whoever receives it."
There is room for mischief there.
"No system that allows access by a remote device is 100 percent secure, and never will be," said Kim Marcille, who spent 18 years doing IT work for the Miami Herald before forming Possibilities Amplified Inc., a business consulting firm.
The need for security makes Ms. Marcille prefer the BlackBerry to Apple's new iPhone. With the former, she said, "there are security policies that you can set," such as a password, and a timeout setting that will lock the device when it remains idle after a certain period of time. The iPhone, she said, is not "remotely as secure." But its huge popularity almost guarantees that at some point, some employee will ask for, and receive, permission to use it for company business.
"For small businesses, this is a big issue," she said, "because they don't have corporate IT departments" to help make remote devices more secure.
To Continue Reading: Click Here
-----------------------------------------
Source: post-gazette.com
By: Elwin Green
Not so fast, pilgrim.
If your supervisor allows you to conduct company business on your personal smart phone, she could open a Pandora's box of legal and technical issues.
For starters, there is the matter of security. To what extent could company e-mails on your smart phone be accessible to others?
"If you send an e-mail, you're really transmitting an electronic copy of what you type over the Internet," said Zach Hummel, an employment law attorney and partner in New York-based Bryan Cave LLP. "Usually there is a copy of what you type retained on the phone. There's also a copy that will be on the server of the employer, and then there's a copy that shows up in the inbox of whoever receives it."
There is room for mischief there.
"No system that allows access by a remote device is 100 percent secure, and never will be," said Kim Marcille, who spent 18 years doing IT work for the Miami Herald before forming Possibilities Amplified Inc., a business consulting firm.
The need for security makes Ms. Marcille prefer the BlackBerry to Apple's new iPhone. With the former, she said, "there are security policies that you can set," such as a password, and a timeout setting that will lock the device when it remains idle after a certain period of time. The iPhone, she said, is not "remotely as secure." But its huge popularity almost guarantees that at some point, some employee will ask for, and receive, permission to use it for company business.
"For small businesses, this is a big issue," she said, "because they don't have corporate IT departments" to help make remote devices more secure.
To Continue Reading: Click Here
-----------------------------------------
Source: post-gazette.com
By: Elwin Green
Friday, February 22, 2008
Reports say SaaS email archives not ready for prime time
Two new reports from Forrester Research said hosted services for email archiving aren't taking off in the enterprise, especially not as compared to on-premise software offerings.
The reports, The Forrester Wave: Message Archiving Hosted Services, Q1 2008 and The Forrester Wave: Message Archiving Software, Q1 2008, conclude that on-premise software is the most popular choice for archiving, while calling hosted offerings "not quite ready for prime time.
"Despite the fervor surrounding eDiscovery and the heat in the message archiving software market, interest in message archiving hosted services remains contained to financial services companies under regulation," the hosted services report said. "While some companies do some 'sniffing around' in terms of how hosted message archiving could benefit them, they stick to on-premise software."
One reason for this, according to the hosted services report, is latency in accessing off-site archived messages and searching them for e-discovery. The report said accessing archived messages can take hours or even days. Another thing slowing adoption is the fact that most of the hosted services are relatively new. "Only now are the message archiving hosted service providers beginning to shift their strategies to address broader archiving, e-discovery and retention management needs," the report said.
Vendors included in the message archiving software report were Autonomy Zantaz, CA Inc., EMC Corp., Hewlett-Packard Co., IBM, Open Text Corp., Quest Software Inc. and Symantec Corp. The hosted services report evaluated Autonomy Zantaz, Global Relay Communications Inc., Iron Mountain Inc., LiveOffice LLC and Microsoft.
To Continue Reading: Click Here
-----------------------------------------
Source: SearchStorage
By: Beth Pariseau
The reports, The Forrester Wave: Message Archiving Hosted Services, Q1 2008 and The Forrester Wave: Message Archiving Software, Q1 2008, conclude that on-premise software is the most popular choice for archiving, while calling hosted offerings "not quite ready for prime time.
"Despite the fervor surrounding eDiscovery and the heat in the message archiving software market, interest in message archiving hosted services remains contained to financial services companies under regulation," the hosted services report said. "While some companies do some 'sniffing around' in terms of how hosted message archiving could benefit them, they stick to on-premise software."
One reason for this, according to the hosted services report, is latency in accessing off-site archived messages and searching them for e-discovery. The report said accessing archived messages can take hours or even days. Another thing slowing adoption is the fact that most of the hosted services are relatively new. "Only now are the message archiving hosted service providers beginning to shift their strategies to address broader archiving, e-discovery and retention management needs," the report said.
Vendors included in the message archiving software report were Autonomy Zantaz, CA Inc., EMC Corp., Hewlett-Packard Co., IBM, Open Text Corp., Quest Software Inc. and Symantec Corp. The hosted services report evaluated Autonomy Zantaz, Global Relay Communications Inc., Iron Mountain Inc., LiveOffice LLC and Microsoft.
To Continue Reading: Click Here
-----------------------------------------
Source: SearchStorage
By: Beth Pariseau
Cold Boot Attack Defeats Disk Encryption Software
If the chips are kept at low temperatures, residual data can easily be recovered, researchers found.
Researchers from three groups on Thursday published research showing that disk-based encryption schemes across multiple operating systems can be circumvented to reveal protected data.
In the paper, "Lest We Remember: Cold Boot Attacks on Encryption Keys," the researchers from Princeton University, the Electronic Frontier Foundation, and Wind River Systems revealed that computer memory, contrary to popular belief, retains data for a brief period after a computer is turned off and that cooling memory chips can prolong the persistence of data in memory.
As a consequence, disc-based encryption products that store decryption keys in memory, like Apple's FileVault, Linux's dm-crypt, Microsoft's BitLocker, are vulnerable to attack.
"Most experts assume that a computer's memory is erased almost immediately when it loses power, or that whatever data remains is difficult to retrieve without specialized equipment," the paper says. "We show that these assumptions are incorrect. Ordinary DRAMs typically lose their contents gradually over a period of seconds, even at standard operating temperatures and even if the chips are removed from the motherboard, and data will persist for minutes or even hours if the chips are kept at low temperatures. Residual data can be recovered using simple, nondestructive techniques that require only momentary physical access to the machine."
In his blog post, Princeton computer science professor Edward W. Felten, one of the authors of the report, explains that cooling DRAM chips by spraying them with inverted cans of compressed air has the effect of freezing the data in memory for 10 minutes or more. If liquid nitrogen is used, the data can be preserved for hours without any power. During this period, a knowledgeable attacker could conduct a "cold boot" attack to access any encryption keys.
The findings raise serious questions about the ability of software-based disk encryption to protect against data theft. A FAQ document posted by the Center for Technology Policy at Princeton advises that computer users fully shut down their machines "several minutes before any situation in which the computers' physical security could be compromised."
In addition, the research paper warns that other data protection techniques, including DRM schemes and SSL sessions, could be vulnerable to this form of attack.
"There seems to be no easy fix for these problems," Felten said. "Fundamentally, disk encryption programs now have nowhere safe to store their keys. Today's Trusted Computing hardware does not seem to help; for example, we can defeat BitLocker despite its use of a Trusted Platform Module."
"We're seeing that software-based protection isn't great, and that isn't a surprise to anyone," said Steven Sprague, CEO of Wave Systems, a maker software for hardware-based encryption systems. He said that TPM, while it may be vulnerable in bulk-encryption scenarios, should still be safe for authentication.
To Continue Reading: Click Here
-----------------------------------------
Source: Informationweek
By: Thomas Claburn
Researchers from three groups on Thursday published research showing that disk-based encryption schemes across multiple operating systems can be circumvented to reveal protected data.
In the paper, "Lest We Remember: Cold Boot Attacks on Encryption Keys," the researchers from Princeton University, the Electronic Frontier Foundation, and Wind River Systems revealed that computer memory, contrary to popular belief, retains data for a brief period after a computer is turned off and that cooling memory chips can prolong the persistence of data in memory.
As a consequence, disc-based encryption products that store decryption keys in memory, like Apple's FileVault, Linux's dm-crypt, Microsoft's BitLocker, are vulnerable to attack.
"Most experts assume that a computer's memory is erased almost immediately when it loses power, or that whatever data remains is difficult to retrieve without specialized equipment," the paper says. "We show that these assumptions are incorrect. Ordinary DRAMs typically lose their contents gradually over a period of seconds, even at standard operating temperatures and even if the chips are removed from the motherboard, and data will persist for minutes or even hours if the chips are kept at low temperatures. Residual data can be recovered using simple, nondestructive techniques that require only momentary physical access to the machine."
In his blog post, Princeton computer science professor Edward W. Felten, one of the authors of the report, explains that cooling DRAM chips by spraying them with inverted cans of compressed air has the effect of freezing the data in memory for 10 minutes or more. If liquid nitrogen is used, the data can be preserved for hours without any power. During this period, a knowledgeable attacker could conduct a "cold boot" attack to access any encryption keys.
The findings raise serious questions about the ability of software-based disk encryption to protect against data theft. A FAQ document posted by the Center for Technology Policy at Princeton advises that computer users fully shut down their machines "several minutes before any situation in which the computers' physical security could be compromised."
In addition, the research paper warns that other data protection techniques, including DRM schemes and SSL sessions, could be vulnerable to this form of attack.
"There seems to be no easy fix for these problems," Felten said. "Fundamentally, disk encryption programs now have nowhere safe to store their keys. Today's Trusted Computing hardware does not seem to help; for example, we can defeat BitLocker despite its use of a Trusted Platform Module."
"We're seeing that software-based protection isn't great, and that isn't a surprise to anyone," said Steven Sprague, CEO of Wave Systems, a maker software for hardware-based encryption systems. He said that TPM, while it may be vulnerable in bulk-encryption scenarios, should still be safe for authentication.
To Continue Reading: Click Here
-----------------------------------------
Source: Informationweek
By: Thomas Claburn
Who Wins the Fight Over E-Mail Ownership?
"You've got mail." Three little words that everyone loves to hear. But in today's society, where more time is spent at work or working remotely than anywhere else, one has to wonder: "Whose mail is it anyway?" From online shopping to e-vites, almost every employee has used his or her corporate e-mail to send personal communications to friends and family -- despite the company's clear policy to the contrary. In the current litigious environment, what happens when an employee sends personal, allegedly confidential communications from work to his or her attorney or spouse? Can the employer lawfully access those e-mails, or do the attorney-client and marital privileges prohibit the employer from doing so? In answering this question, the key inquiry is always whether the employee had a reasonable expectation of privacy in the e-mails at issue.
The attorney-client privilege has long protected communications between an attorney and his or her client, provided that they are made in confidence and for the purpose of seeking legal advice. Fed. R. Evid. 501; see also Knepp v. United Stone Veneer, No. 4:06-CV-1018, 2007 U.S. Dist. Lexis 65423 (M.D. Pa. Sept. 5, 2007). The privilege was devised to ensure free and open communication between attorneys and clients. Likewise, the marital confidential communications privilege protects confidential communications made by one spouse to another during marriage and exists beyond divorce. Id. It promotes open and honest communication between spouses, which, in turn, aims to facilitate marital harmony. In 2006, the Federal Rules of Civil Procedure were amended to include the phrase "electronically stored information," and, since then, courts have made it clear that the mode of communication does not destroy privilege.
Scott v. Beth Israel Med. Center Inc., 17 Misc. 3d 934, (New York Co., N.Y., Sup. Ct. 2007). On the contrary, privilege extends to e-mails and other forms of electronic communication.
So when an employee uses the corporate server or an employer-provided computer to send communications to an attorney or spouse, how do courts determine whether privilege has been waived so that the employer can have free access to those communications? Does it matter if the employee uses a personal e-mail account or personal computer?
In determining the parties' respective rights to communications sent from work, the few courts to consider the issue have generally employed a balancing test, which primarily considers the following factors:
Does the employer have an e-mail policy?
How are employees made aware of the policy?
Is the policy uniformly applied?
What precautions, if any, did the employee take to protect the confidentiality of the communication?
Notably, whether the employer pays for the e-mail account is not dispositive, because an employer does not necessarily "own" e-mails merely because it pays for the account from which they were sent. Rozell v. Ross-Holst, No. 05 Civ. 2936, 2006 U.S. Dist. Lexis 2277 (S.D.N.Y. Jan. 20, 2006), summary judgment granted in part, denied in part and objection overruled by 2007 U.S. Dist. Lexis 46450 (S.D.N.Y. June 21, 2007).
To Continue Reading: Click Here
----------------------------------------
Source: Law.com
By: Elise Bloom
The attorney-client privilege has long protected communications between an attorney and his or her client, provided that they are made in confidence and for the purpose of seeking legal advice. Fed. R. Evid. 501; see also Knepp v. United Stone Veneer, No. 4:06-CV-1018, 2007 U.S. Dist. Lexis 65423 (M.D. Pa. Sept. 5, 2007). The privilege was devised to ensure free and open communication between attorneys and clients. Likewise, the marital confidential communications privilege protects confidential communications made by one spouse to another during marriage and exists beyond divorce. Id. It promotes open and honest communication between spouses, which, in turn, aims to facilitate marital harmony. In 2006, the Federal Rules of Civil Procedure were amended to include the phrase "electronically stored information," and, since then, courts have made it clear that the mode of communication does not destroy privilege.
Scott v. Beth Israel Med. Center Inc., 17 Misc. 3d 934, (New York Co., N.Y., Sup. Ct. 2007). On the contrary, privilege extends to e-mails and other forms of electronic communication.
So when an employee uses the corporate server or an employer-provided computer to send communications to an attorney or spouse, how do courts determine whether privilege has been waived so that the employer can have free access to those communications? Does it matter if the employee uses a personal e-mail account or personal computer?
In determining the parties' respective rights to communications sent from work, the few courts to consider the issue have generally employed a balancing test, which primarily considers the following factors:
Does the employer have an e-mail policy?
How are employees made aware of the policy?
Is the policy uniformly applied?
What precautions, if any, did the employee take to protect the confidentiality of the communication?
Notably, whether the employer pays for the e-mail account is not dispositive, because an employer does not necessarily "own" e-mails merely because it pays for the account from which they were sent. Rozell v. Ross-Holst, No. 05 Civ. 2936, 2006 U.S. Dist. Lexis 2277 (S.D.N.Y. Jan. 20, 2006), summary judgment granted in part, denied in part and objection overruled by 2007 U.S. Dist. Lexis 46450 (S.D.N.Y. June 21, 2007).
To Continue Reading: Click Here
----------------------------------------
Source: Law.com
By: Elise Bloom
Building a case for e-discovery
Email discovery saves construction firm money.
When your company is involved in nine or 10 lawsuits a year, the lack of an effective email discovery system can easily cost you thousands of dollars, John Buraczyk says, from personal experience.
A senior IT manager for Texas construction company C.F. Jordan, Buraczyk says litigation is just a fact of life in his industry. Sometimes, C.F. Jordan screws up, and other times clients misinterpret contracts, he says. No matter what the problem, the US Federal Rules of Civil Procedure require litigants to produce electronic documents including e-mails in their "native format", or original form.
C.F. Jordan is involved in one lawsuit with a school district that has stretched more than five years -- and Buraczyk believes it would have ended long ago if he could have just found a single email that may have exonerated the construction company.
So last August, Buraczyk led an e-discovery project involving new storage (compare storage
products) along with software from C2C that archives and searches email needed in litigation.
The software cost $25,000 (£12,800) plus ongoing maintenance fees, and C.F. Jordan paid another $4,000 for two Infrant network-attached storage devices, but the project will more than pay for itself, Buraczyk says.
"If we save 10 percent on attorneys' fees this will pay for itself very quickly. It probably already has," he says. "[Legal fees] can run into a million dollars a year."
Before last August, when C.F. Jordan needed to find emails for litigation it relied on PST files in Microsoft Exchange -- personal files that store an employee's messages.
To Continue Reading: Click Here
----------------------------------------
Source: TechWorld
By Jon Brodkin
When your company is involved in nine or 10 lawsuits a year, the lack of an effective email discovery system can easily cost you thousands of dollars, John Buraczyk says, from personal experience.
A senior IT manager for Texas construction company C.F. Jordan, Buraczyk says litigation is just a fact of life in his industry. Sometimes, C.F. Jordan screws up, and other times clients misinterpret contracts, he says. No matter what the problem, the US Federal Rules of Civil Procedure require litigants to produce electronic documents including e-mails in their "native format", or original form.
C.F. Jordan is involved in one lawsuit with a school district that has stretched more than five years -- and Buraczyk believes it would have ended long ago if he could have just found a single email that may have exonerated the construction company.
So last August, Buraczyk led an e-discovery project involving new storage (compare storage
products) along with software from C2C that archives and searches email needed in litigation.
The software cost $25,000 (£12,800) plus ongoing maintenance fees, and C.F. Jordan paid another $4,000 for two Infrant network-attached storage devices, but the project will more than pay for itself, Buraczyk says.
"If we save 10 percent on attorneys' fees this will pay for itself very quickly. It probably already has," he says. "[Legal fees] can run into a million dollars a year."
Before last August, when C.F. Jordan needed to find emails for litigation it relied on PST files in Microsoft Exchange -- personal files that store an employee's messages.
To Continue Reading: Click Here
----------------------------------------
Source: TechWorld
By Jon Brodkin
Thursday, February 21, 2008
University of Baltimore Law Review 2008 Symposium - Discovery of ESI
The University of Baltimore Law Review's 2nd Annual Symposium entitled "Advanced Issues in Electronic Discovery: The Impact of the First Year of the Federal Rules and the Adoption of the Maryland Rules"
Sponsored by the University of Baltimore Law Review and the Litigation Section of the Maryland State Bar Association as a part of the Stephen L. Snyder Center for Litigation's 5th Annual Litigation Week.
Time: Thursday, March 13, 2003, 1:00 - 4:00 PM with a reception to follow.
Location: Venable Baetjer Howard Moot Court Room, The University of Baltimore School of Law, 1415 Maryland Avenue, Baltimore, MD 21201 (Directions and Map ).
Description: This symposium will focus on the effect the federal e-discovery amendments have had on litigation during their first year, as well as the effect the newly adopted Maryland Rule e-discovery amendments will have on practice in Maryland courts.
Presentations:
Keynote speech: Professor Richard Marcus, University of California-Hastings College of Law, entitled "E-Discovery: Beyond the Federal Rules."
Panel: The Impact of the First Year of Federal E-Discovery Rules
Panelists: The Honorable Ronald J. Hedges (ret.), Counsel at Nixon Peabody, LLP; The Honorable John M. Facciola, United States Magistrate Judge; Courtney Ingraffia Barton, Esq., LexisNexis Applied Discovery.
Moderator: The Honorable Paul W. Grimm, United States Magistrate Judge.
Panel: An Introduction to Maryland's E-Discovery Solutions
Panelists: The Honorable Joseph F. Murphy, Jr., Court of Appeals of Maryland; Robert D. Klein, Esq., Wharton, Levin, Ehrmantraut & Klein, P.A.; The Honorable Dennis M. Sweeney (ret.), Circuit Court for Howard County.
Moderator: Michael Berman, Esq., Sr. Counsel, WSSC.
Attendance Information:Reservations are not required; however, seating is limited to 200 people. Seating will be first come, first served.
There will be no charge for the program.
Contact Information: Richard Berwanger, Symposium Editor, University of Baltimore Law
eMail: Reviewrichard.berwanger@ubalt.edu
Phone: 301-706-0014
Sponsored by the University of Baltimore Law Review and the Litigation Section of the Maryland State Bar Association as a part of the Stephen L. Snyder Center for Litigation's 5th Annual Litigation Week.
Time: Thursday, March 13, 2003, 1:00 - 4:00 PM with a reception to follow.
Location: Venable Baetjer Howard Moot Court Room, The University of Baltimore School of Law, 1415 Maryland Avenue, Baltimore, MD 21201 (Directions and Map ).
Description: This symposium will focus on the effect the federal e-discovery amendments have had on litigation during their first year, as well as the effect the newly adopted Maryland Rule e-discovery amendments will have on practice in Maryland courts.
Presentations:
Keynote speech: Professor Richard Marcus, University of California-Hastings College of Law, entitled "E-Discovery: Beyond the Federal Rules."
Panel: The Impact of the First Year of Federal E-Discovery Rules
Panelists: The Honorable Ronald J. Hedges (ret.), Counsel at Nixon Peabody, LLP; The Honorable John M. Facciola, United States Magistrate Judge; Courtney Ingraffia Barton, Esq., LexisNexis Applied Discovery.
Moderator: The Honorable Paul W. Grimm, United States Magistrate Judge.
Panel: An Introduction to Maryland's E-Discovery Solutions
Panelists: The Honorable Joseph F. Murphy, Jr., Court of Appeals of Maryland; Robert D. Klein, Esq., Wharton, Levin, Ehrmantraut & Klein, P.A.; The Honorable Dennis M. Sweeney (ret.), Circuit Court for Howard County.
Moderator: Michael Berman, Esq., Sr. Counsel, WSSC.
Attendance Information:Reservations are not required; however, seating is limited to 200 people. Seating will be first come, first served.
There will be no charge for the program.
Contact Information: Richard Berwanger, Symposium Editor, University of Baltimore Law
eMail: Reviewrichard.berwanger@ubalt.edu
Phone: 301-706-0014
Virtualization shakes up backup strategy
Which of three popular approaches is right for you?
Virtualization is causing customers to rethink their backup strategies, with technology that combines pieces of traditional and well-understood enterprise backup with some pieces that are unique in the virtualized world.
In the past, traditional enterprise backup in the vast majority of shops has included spinning disk for short-term and intermediate data use, archival tape for long-term storage, and software such as IBM Tivoli and HP StorageWorks.
But some say that's no longer enough in a virtualized world.
"You definitely can't take a wait-and-see approach with backup, especially now that more and more companies are using server virtualization in critical production environments," says Stephanie Balaouras, a senior analyst for virtualization strategies at Forrester Research Inc.
"Backup is going to become a major challenge if companies haven't explored their options."
Traditional backup systems have a one-to-one relationship with servers. These tried-and-true backup systems and associated software already support storage-area networks (SAN), fiber optics, and the latest operating system and server hardware updates. But they are not geared specifically for the complex world of virtualization, which involves multiple guest operating systems on the same box.
Dave Russell, Gartner Inc.'s vice president of research for servers and storage, outlined three
popular strategies for virtualization backups. The most common is putting software agents on each virtual machine (VM) and then using traditional enterprise backup software. A second approach is to create an image of the VM and either use a storage service hosted elsewhere or take daily snapshots of the logical unit number (LUN).
A third strategy is to use VMware consolidated backup (VCB) that incrementally archives the VM -- meaning it copies only what has changed since the last backup. In this way, companies can restore a single file, even from one of 30 guest operating systems that all reside on a single physical server.
"Most companies gravitate toward the backup agents and traditional backup software, which they are used to doing with a physical server, and it feels very natural and easy," says Russell.
"But this approach has proven to be cost prohibitive because of the number and scale of VMs and the licensing required."
Backup agents are included with VMware and other virtualization products to help administrators integrate VMs into the traditional backup process. The main advantage is cost:
The agents are free or add a relatively minimal fee. On the downside, agents force administrators to use a fairly simplistic approach: Admins can archive an entire virtualized server, but not pick and choose volumes or guest operating systems. Nor can server administrators restore specific portions of data, or substantiate (verify the data integrity) of VM volumes.
To Continue Reading: Click Here
----------------------------------------
Source: Computerworld
By: John Brandon
Virtualization is causing customers to rethink their backup strategies, with technology that combines pieces of traditional and well-understood enterprise backup with some pieces that are unique in the virtualized world.
In the past, traditional enterprise backup in the vast majority of shops has included spinning disk for short-term and intermediate data use, archival tape for long-term storage, and software such as IBM Tivoli and HP StorageWorks.
But some say that's no longer enough in a virtualized world.
"You definitely can't take a wait-and-see approach with backup, especially now that more and more companies are using server virtualization in critical production environments," says Stephanie Balaouras, a senior analyst for virtualization strategies at Forrester Research Inc.
"Backup is going to become a major challenge if companies haven't explored their options."
Traditional backup systems have a one-to-one relationship with servers. These tried-and-true backup systems and associated software already support storage-area networks (SAN), fiber optics, and the latest operating system and server hardware updates. But they are not geared specifically for the complex world of virtualization, which involves multiple guest operating systems on the same box.
Dave Russell, Gartner Inc.'s vice president of research for servers and storage, outlined three
popular strategies for virtualization backups. The most common is putting software agents on each virtual machine (VM) and then using traditional enterprise backup software. A second approach is to create an image of the VM and either use a storage service hosted elsewhere or take daily snapshots of the logical unit number (LUN).
A third strategy is to use VMware consolidated backup (VCB) that incrementally archives the VM -- meaning it copies only what has changed since the last backup. In this way, companies can restore a single file, even from one of 30 guest operating systems that all reside on a single physical server.
"Most companies gravitate toward the backup agents and traditional backup software, which they are used to doing with a physical server, and it feels very natural and easy," says Russell.
"But this approach has proven to be cost prohibitive because of the number and scale of VMs and the licensing required."
Backup agents are included with VMware and other virtualization products to help administrators integrate VMs into the traditional backup process. The main advantage is cost:
The agents are free or add a relatively minimal fee. On the downside, agents force administrators to use a fairly simplistic approach: Admins can archive an entire virtualized server, but not pick and choose volumes or guest operating systems. Nor can server administrators restore specific portions of data, or substantiate (verify the data integrity) of VM volumes.
To Continue Reading: Click Here
----------------------------------------
Source: Computerworld
By: John Brandon
Deconstructing PCI DSS Requirement #1
The Impact of Network Configuration Management on ComplianceWith a barrage of news headlines about credit card data theft, companies that store card information are scrambling to meet new rules for securing customer payment data. The cost of failure can be quite high, with estimates reaching $400 per customer name, based on hard and soft costs. Hard costs include notification and remediation, while soft costs include loss of reputation, brand equity, and customer goodwill.
While merchants who collect credit card payment information are already aware of the need to protect cardholder data, the efforts of the PCI Security Standards Council (a consortium of Visa International, MasterCard Worldwide, American Express, Discover Financial Services and JCB) increase merchants’ focus. The Payment Card Industry Data Security Standard (PCC DSS) is a set of published guidelines and procedures for securing payment card information. It represents the Council’s best effort to improve cardholder security by defining and enforcing protective and preventative controls concerning the collection, transmittal and storage of credit card information. Unlike other information-related regulations, PCI DSS actually provides considerable prescriptive detail; merchants have a fairly clear roadmap for enhancing security.
Every merchant is affected by and a potential victim of card data loss. The first phase of PCI DSS enforcement will focus on very large organizations known as Level 1 and Level 2 merchants that process the majority of credit card transactions. When these merchants are in compliance with PCI DSS, the next phase will focus attention on the many—millions—of Level 3 and Level 4 merchants. These smaller organizations are often ecommerce sites, restaurants and other organizations that accept payment cards, but for many fewer transactions. This broad set of smaller merchants is realizing that credit card data protection and PCI DSS compliance are not just a problem for the “big guys.” By the middle of this year even the “little guys” will face compliance penalties. These penalties can be severe; enforcement is now backed by fines and escalating transaction fees.
Which Box Are You Checking?As described above, the PCI DSS differs from other compliance initiatives by the level of detail it provides. The standard is significantly more prescriptive than regulations such as HIPAA and Sarbanes-Oxley in terms of what it requires of organizations that handle credit card information. At the top level, PCI DSS defines six major headings:
Build and Maintain a Secure Network
Protect Cardholder Data
Maintain a Vulnerability Management Program
Implement Strong Access Control Measures
Regularly Monitor and Test Networks
Maintain an Information Security Policy
In terms of actionable guidance, these points are too broad. Fortunately, the PCI DSS drills down into greater detail regarding requirements in each of these areas. Beneath these six headings are 12 sub-topics that provide significantly more implementation detail. Most vendors who claim to supply PCI solutions will focus on “checking the box” on one or more of these 12 areas. Further digging shows that each of the 12 sections has as many as 15 or 20 sub-sections containing detailed descriptions of the controls required to be compliant. It is therefore critical to dig through marketing claims to determine how much of the PCI DSS each vendor can actually address.
While each of the 12 requirements is important and adds to the protection of cardholder data, the first requirement, PCI DSS Requirement #1, “Install and Maintain a Firewall Configuration to Protect Cardholder Data,” focuses on the necessary condition of a secure network infrastructure. Specifically, this requirement addresses the configuration and management of key networking devices such as firewalls, switches and routers. Compared to the top-level directive, Requirement #1 is more detailed but still not definitive enough to drive specific actions. PCI DSS Requirement #1 outlines requirements in three key areas of implementation:
process, policy and technology. Simply put, it is difficult if not impossible to “check the box” at this level. Compliance requires a more detailed analysis of each of these three areas.
To Continue Reading: Click Here
----------------------------------------
Source: Computer Technology Review
By: Rick Caccia and Larry Lunetta
While merchants who collect credit card payment information are already aware of the need to protect cardholder data, the efforts of the PCI Security Standards Council (a consortium of Visa International, MasterCard Worldwide, American Express, Discover Financial Services and JCB) increase merchants’ focus. The Payment Card Industry Data Security Standard (PCC DSS) is a set of published guidelines and procedures for securing payment card information. It represents the Council’s best effort to improve cardholder security by defining and enforcing protective and preventative controls concerning the collection, transmittal and storage of credit card information. Unlike other information-related regulations, PCI DSS actually provides considerable prescriptive detail; merchants have a fairly clear roadmap for enhancing security.
Every merchant is affected by and a potential victim of card data loss. The first phase of PCI DSS enforcement will focus on very large organizations known as Level 1 and Level 2 merchants that process the majority of credit card transactions. When these merchants are in compliance with PCI DSS, the next phase will focus attention on the many—millions—of Level 3 and Level 4 merchants. These smaller organizations are often ecommerce sites, restaurants and other organizations that accept payment cards, but for many fewer transactions. This broad set of smaller merchants is realizing that credit card data protection and PCI DSS compliance are not just a problem for the “big guys.” By the middle of this year even the “little guys” will face compliance penalties. These penalties can be severe; enforcement is now backed by fines and escalating transaction fees.
Which Box Are You Checking?As described above, the PCI DSS differs from other compliance initiatives by the level of detail it provides. The standard is significantly more prescriptive than regulations such as HIPAA and Sarbanes-Oxley in terms of what it requires of organizations that handle credit card information. At the top level, PCI DSS defines six major headings:
Build and Maintain a Secure Network
Protect Cardholder Data
Maintain a Vulnerability Management Program
Implement Strong Access Control Measures
Regularly Monitor and Test Networks
Maintain an Information Security Policy
In terms of actionable guidance, these points are too broad. Fortunately, the PCI DSS drills down into greater detail regarding requirements in each of these areas. Beneath these six headings are 12 sub-topics that provide significantly more implementation detail. Most vendors who claim to supply PCI solutions will focus on “checking the box” on one or more of these 12 areas. Further digging shows that each of the 12 sections has as many as 15 or 20 sub-sections containing detailed descriptions of the controls required to be compliant. It is therefore critical to dig through marketing claims to determine how much of the PCI DSS each vendor can actually address.
While each of the 12 requirements is important and adds to the protection of cardholder data, the first requirement, PCI DSS Requirement #1, “Install and Maintain a Firewall Configuration to Protect Cardholder Data,” focuses on the necessary condition of a secure network infrastructure. Specifically, this requirement addresses the configuration and management of key networking devices such as firewalls, switches and routers. Compared to the top-level directive, Requirement #1 is more detailed but still not definitive enough to drive specific actions. PCI DSS Requirement #1 outlines requirements in three key areas of implementation:
process, policy and technology. Simply put, it is difficult if not impossible to “check the box” at this level. Compliance requires a more detailed analysis of each of these three areas.
To Continue Reading: Click Here
----------------------------------------
Source: Computer Technology Review
By: Rick Caccia and Larry Lunetta
Protect Yourself From Data Armageddon
As I walked through the halls of LegalTech New York recently, I was struck by the fact that with so much focus on data discovery, management and review, there was little discussion of disaster recovery. In fact, there was only one program at the conference directly on the topic, "The Role of Mobile Remote and Wireless Technologies In Disaster Recovery." There is so much confidence in the power of forensic technology and the CSI-like retrieval of every byte of information that there is a risk that data protection is being overlooked.
Jeffrey Brandt, chief information officer at Cozen O'Connor in Philadelphia, was a panelist at the LegalTech program addressing this issue and comments that, to some, disaster recovery is old news. It was a hot topic following the tragic events of September 11, 2001, and then again post-Hurricane Katrina in 2005. Now, e-discovery is the topic du jour. Brandt cautions, however, that "disaster recovery is one of those items that people understand very well after they go through it once."
In fact, Waterloo, Ontario-based Research in Motion Ltd. recently reported a
I hadn't really thought about data so personally until catastrophe struck in early November. I was in the midst of completing my first book, which had consumed me for months and was due to my publisher within days. My two year-old daughter was particularly excited to see me after a nap on a Friday afternoon. Running around my office, the cord to my laptop was obstructing her path. She tugged at it more than once, but for some reason I still set the computer down on the far corner of the table.
In a flash at around 4:30 p.m., my daughter won the tug of war and my notebook had literally crashed onto the painfully hard tile floor. I watched it fall in the surreal slow motion haze that accompanies any eyewitness experience, but could not imagine the potential damage. To my surprise, it worked for a minute and I thought nothing of the accident. I picked it up and breathed a sigh of relief.
When the colored pinwheel (rotating hourglass for PC users) locked up my computer, I tried to reboot. Alas, there was nothing. A gray screen. Game over. The support technician I called warned me that the drive was probably cracked and that I could have lost absolutely all of my data. Since I hadn't backed up in 4 months, I was noticeably bothered, but thought he had to be wrong. After all, it was 2007.
Two weeks and a refundable $700 fee later, it was still all gone. Not a single item was recovered. Much of my work was backed up in some decentralized fashion through various e-mail accounts, but I was sad to have lost those items, like my family photos (many of Little Miss Sunshine herself), that had no quantifiable value.
With no luck at
To Continue Reading: Click Here
-----------------------------------------
Source: Law.com
By: Ari Kaplan
Subscribe to:
Posts (Atom)
