“2017/12/22
“Federal Circuit brings lock patent row back to life”
“The US Court of Appeals for the Federal Court has vacated a lower court’s entry of summary judgment in a clash over locks that airport security workers can open.”
“Joint infringement: “The common thread between the cases [Travel Sentry v. Tropp, Akamai V, Eli Lilly v. Teva] is that there is evidence that a third party hoping to obtain access to certain benefits can only obtain those benefits if it performs certain steps identified by the defendant, under terms described by the defendant.”
2017/12/22
“Divided Infringement: Expanding the Scope of”
“TravelSentry v. Tropp (Fed. Cir. 2017) Today’s opinion is the Federal Circuit’s third in this dispute between Travel Sentry and Tropp…”
“Joint enterprise” prong of Akamai (2015)
2017/12/21
“Dozens of Companies Are Using Facebook to Exclude Older Workers From Job Ads – ProPublica”
“Among the companies we found doing it: Amazon, Verizon, UPS and Facebook itself. “It’s blatantly unlawful,” said one employment law expert.”
“The ability of advertisers to deliver their message to the precise audience most likely to respond is the cornerstone of Facebook’s business model. But using the system to expose job opportunities only to certain age groups has raised concerns about fairness to older workers.”
2017/12/21
“New York City’s Bold, Flawed Attempt to Make Algorithms Accountable”
“Automated systems guide the allocation of everything from firehouses to food stamps. Why don’t we know more about them?”
“One of the main stumbling blocks in the first draft, according to testimony at the October hearing and a number of sources involved in the negotiations, was the requirement to make source code fully public. This invited strong resistance from some policy experts, who warned that such openness might create security risks and give bad actors an easy way to game the public-benefits system, and from tech companies, which argued that it would force them to disclose proprietary information, supposedly harming their competitive advantage.”
2017/12/21
“Designing Against Misinformation – Facebook Design – Medium”
“The research and design thinking behind the latest treatments for Misinformation on Facebook”
“Facebook & “fake news”: “After a year of testing and learning, we’re making a change to how we alert people when they see false news on Facebook.”
2017/12/21
“Did Kim Jong Un really release the WannaCry virus?”
“Did North Korea violate international law?”
“Attribution: “When asked in the press briefing about the basis for the U.S. accusation, Bossert said, “What we did was, rely on – and some of it I can’t share, unfortunately – technical links to previously identified North Korean cyber tools, tradecraft, operational infrastructure.” This may be sufficient given the accusations against North Korea by the private sector, and even the UK government, over the last few months. But it does little to set an example or establish an evidentiary best practice for states to follow in attributing future cyberattacks to states or state-sponsored actors.”
2017/12/20
“Reverse Engineering to Confirm Infringement”
“One of the major challenges faced by a patent licensing manager is to find and prove evidence of infringement. The lack of evidence of the use chart,”
“The task involved identifying the thickness of the substrate a semiconductor device. In such a case, limited product literature is a common problem…. The task was to tear down a semiconductor chip in the connector of an Active Optical Cable. The chip had both optical structures, such as waveguides, and electronic structures, such as transistors, fabricated on the same wafer substrate….”
2017/12/20
“U.S. declares North Korea carried out massive WannaCry cyberattack”
“The Trump administration will call on states to implement all U.N. sanctions.”
“In June, The Washington Post reported that the National Security Agency had linked North Korea to the creation of the worm. In October, the British government declared that it believed North Korea was the culprit. The following month, the CIA issued a similar classified assessment, which has not been previously reported…. The U.S. government has released technical details of North Korean cyber tools and operational infrastructure…”
2017/12/20
“Third-Party Preissuance Submissions: A Useful Tool When Used Selectively – Intellectual Property – United States”
“TAKEAWAY: Third-Party Preissuance Submissions, when used selectively, can be an effective method to disrupt competitor patent prosecution.”
“about 40 percent of preissuance submissions cause competitors to ultimately narrow the application claims, or abandon the application entirely. Of this 40 percent of “successful” preissuance submissions, more than half caused the eventual abandonment of the application. This disruptive effect is even more pronounced when the preissuance submissions use claim charts. While the overall “success rate” of preissuance submissions is 40 percent, the success rate is 65 percent when a claim chart is used.”
2017/12/20
“New York will tackle unfair biases in automated city services”
“Algorithmic biases in city services could be affecting the lives of millions.”
“New York is taking steps to address potential algorithmic biases in services provided by municipal agencies. City council has passed a bill that would — if signed by Mayor de Blasio — create a task force to examine if and how service algorithms are biased, how citizens can appeal decisions made by algorithms if they feel they’re unfair, and if agency source code could be made publicly available. “Automated decision systems” are responsible for determining outcomes on a wide range of city/citizen matters. Take eligibility for bail, for example. Training data used to produce algorithms for this system…”
2017/12/18
“Kaspersky Lab Sues Trump Administration Over Software Ban”
“Moscow-based anti-virus company Kaspersky Lab sued the Trump administration in U.S. federal court on Monday, arguing that the American government has deprived it of due process rights by banning its software from U.S. government agencies. From a…”
“Kaspersky Lab Sues Trump Administration Over Software Ban @slashdot”
2017/12/15
“The Hackers Behind Some of the Biggest DDoS Attacks in History Plea Guilty”
“Three men plead guilty to being the creators and operators of the Mirai botnet.”
2017/12/14
“Patent Infringement Archives – Bejin Bieneman PLC”
“The written description requirement does not extend to equivalents asserted under the doctrine of equivalents, according to a recent order in the District of Delaware. The district judge in Sprint v. Cox resolved dueling summary…”
2017/12/14
“Patenting intellectual property for artificial intelligence as complex as some AI code”
“What do you protect, the source code, the data set, test data sets or something else?”
“A second and intriguing challenge is that machine learning by its nature constantly writes its own code to improve itself. So who is the owner or inventor and how do you know if that code infringes on someone else’s IP? The third conundrum is, what exactly do you protect, whether through copyright, patent or classifying it as a trade secret? Is it the source code, data set, test data sets, or other component of the process?”
2017/12/14
“Avast Launches Open-Source Decompiler For Machine Code – Slashdot”
“Greg Synek reports via TechSpot: To help with the reverse engineering of malware, Avast has released an open-source version of its machine-code decompiler, RetDec, that has been under development for over seven years. RetDec supports a variety of…”
I haven’t seen great results from it so far, but interesting anyway…
2017/11/29
“The Impenetrable Program Transforming How Courts Treat DNA Evidence | Backchannel”
“A legal battle is trying to expose the inner workings of TrueAllele, game-changing software that attempts to identify criminals based on subtle traces of DNA.”
“But now legal experts, along with Johnson’s advocates, are joining forces to argue to a California court that TrueAllele-the seemingly magic software that helped law enforcement analyze the evidence that tied Johnson to the crimes-should be forced to reveal the code that sent Johnson to prison. This code, they say, is necessary in order to properly evaluate the technology. In fact, they say, justice from an unknown algorithm is no justice at all.”
2017/11/27
“FBI didn’t tell US targets as Russian hackers hunted emails”
“WASHINGTON (AP) – The FBI failed to notify scores of U.S. officials that Russian hackers were trying to break into their personal Gmail accounts despite having evidence for at leak…”
“The Secureworks list comprises 19,000 lines of targeting data . Going through it, the AP identified more than 500 U.S.-based people or groups and reached out to more than 190 of them, interviewing nearly 80 about their experiences. Many were long-retired, but about one-quarter were still in government or held security clearances at the time they were targeted. Only two told the AP they learned of the hacking attempts on their personal Gmail accounts from the FBI. A few more were contacted by the FBI after their emails were published in the torrent of leaks that coursed through last year’s electoral contest. But to this day, some leak victims have not heard from the bureau at all.”
2017/11/27
“Don’t Feed Them After Midnight: Reverse-Engineering the Furby Connect”
2017/11/27
“Pentagon’s move toward open source software isn’t going to enhance security”
“The Pentagon must adapt, but not reduce, its defenses to meet modern realities.”
“Even the most popular open source projects, which get a disproportionate amount of usage and attention, can have severe security flaws. Shellshock, a severe vulnerability in the popular open source bash utility, existed in the project since 1989, but was only disclosed in 2014. Heartbleed, a flaw in a popular encryption library which exposed the secrets of roughly 25 percent of “https” (supposedly secure) websites, existed for two years before being discovered. And the latest Equifax breach was caused by a vulnerability in a popular open source Apache Struts library, which took four years…”
2017/11/24
“CIPA seminar: Standard Essential Patents (SEPs) Licensing and Litigation | Lexology”
“IPcopy watched CIPA’s seminar on Standard Essential Patents (SEPs) and FRAND (fair, reasonable and non discriminatory terms) recently which was presented by Kevin Scott and Richard Vary. The seminar covered a…”
2017/11/21
“DJI Rewarded Bug Bounty Discovery With Legal Threats, Developer Claims”
“Bug bounty programs are indispensable tools for finding security vulnerabilities, and are used by major tech companies such as Google and Microsoft….”
2017/11/20
“U.S. patent review board becomes conservative target”
“In August, a dozen inventors gathered around a fire pit outside the headquarters of the U.S. Patent and Trademark Office in Alexandria, Virginia, and set alight patents they said had been rendered worthless by an overreaching federal government.”
“The conservative backlash in part reflects how the right views tech giants like Apple and Google, which thanks to the tribunal have prevailed in hundreds of disputes with patent owners seeking hefty compensation. “Google, Amazon, and Apple and other big tech companies – you look at their power and it is really astounding. And they are generally left-leaning companies,” …”
2017/11/20
“It looks like Microsoft might have lost a source code of an Office Component”
“Microsoft recently released an update to patch a security bug which has raised some eyebrows. The latest vulnerability tracked as CVE-2017-11882 that…”
2017/11/14
“Diagrams Not Considered Source Code Under Modified Protective Order | Lexology”
“In a recent Order, ALJ McNamara clarified that while diagrams drawn by an expert depicting the interplay and hierarchy of relevant code modules.”
“While ALJ McNamara agreed that the diagrams were CBI [confidential business information] under the protective order, she concluded that they were not subject to the heightened protection afforded by the Source Code Addendum.”
2017/11/13
“Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core”
“A serial leak of the agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide.”
2017/11/10
“Synopsys Buys Black Duck, Which Checks Open Source Code for Gaffes”
2017/11/10
“WikiLeaks Starts Releasing Source Code For Alleged CIA Spying Tools”
“The secret-spilling organization launches a new series where it will release the source code of alleged CIA tools from the Vault 7 series.”
2017/10/26
“PTAB says 58% of Patents Survive Post-grant Proceedings Unchanged – PTABWatch”
“On October 24, 2017, the PTAB held its inaugural “Chat with the Chief” webinar. The main topic of the webinar was to discuss multiple petitions filed again”
“The most striking result reported was that 58% of patents survive post-grant proceedings unchanged, meaning that all challenges to patent claims raised in the proceeding failed. For 7% of patents, some challenged claims were found unpatentable and for 29% of patents all challenged claims were found unpatentable. The Chief Judge definitely seemed to feel that this is an important data point in the Board’s constant battle to overcome its initial reputation as a Patent Death Panel.”
2017/10/26
“Kaspersky says it obtained suspected NSA hacking source code from personal computer in U.S. in 2014 | The Japan Times”
“Moscow-based anti-virus software maker Kaspersky Lab said on Wednesday that its security software had taken source code for a secret American hacking tool”
“Kaspersky reports it was quickly deleted; “…The new 2014 date of the incident is of interest because Kaspersky only announced its discovery of an espionage campaign by the Equation Group in February 2015. At that time, Reuters cited former NSA employees who said that Equation Group was an NSA project….”
2017/10/26
“Researchers Unveil Tool to Debug ‘Black Box’ Deep Learning Algorithms”
“New approach brings transparency to self-driving cars and other self-taught systems.”
“… Deep learning systems do not explain how they make their decisions, and that makes them hard to trust. In a new approach to the problem, researchers at Columbia and Lehigh universities have come up with a way to automatically error-check the thousands to millions of neurons in a deep learning neural network. Their tool, DeepXplore, feeds confusing, real-world inputs into the network to expose rare instances of flawed reasoning by clusters of neurons…. One limitation of DeepXplore is that it can’t certify that a neural network is bug-free…. A new tool called ReluPlex uses proofs…”
2017/10/23
“Keeping Trade Secrets Out of Patents”
“Trade secret and patent laws both provide intellectual property protection but have conflicting requirements that can impose challenges for a company seeking to maximize its protection under each right.”
“… inventors that are focused on their company’s product implementation often provide detailed product or manufacturing documentation. Outside counsel, seeking to obtain a strong patent, may be motivated to include such details as a basis to claim such subject matter, but may be unaware of a company’s desire to maintain such information as a trade secret…. ”
2017/10/23
“‘We’ve nothing to hide’: Kaspersky Lab offers to open up source code”
“Response to US fretting over alleged ties to Russian snoops”
“… Kaspersky Lab further plans to open up three Transparency Centres worldwide (in Asia, Europe and the US) by 2020. In the meantime, the company has increased the value of its bug bounty awards to up to $100,000 for the most severe vulnerabilities…. ”
2017/10/21
“Automated Analysis of 101 Eligibility”
“This is something I hadn’t seen. You go to this web page, and it allows you to enter a claim and….”
2017/10/20
“Federal Judge Unseals New York Crime Lab’s Software for Analyzing DNA Evidence – ProPublica”
“We asked the judge to make the source code public after scientists and defense attorneys raised concerns that flaws in its design may have resulted in innocent people going to prison.”
“… lifted a protective order in response to a motion by ProPublica, which argued that there was a public interest in disclosing the code. ProPublica has obtained the source code, known as the Forensic Statistical Tool, or FST, and published it on GitHub; two newly unredacted defense expert affidavits are also available…
2017/10/19
“DOJ sees a path to legal hacking — FCW”
“A legal framework for information security research is gaining traction, said a senior Justice Department official, but the guidance is broad, with specific policies emerging from the private sector.”
“… an update on the vulnerabilities disclosure program for online systems that was unveiled in July 2017… DOJ is considering a recent bill to allow private companies to “hack back” when their networks are breached. The Active Cyber Defense Certainty Act…. potential harms could take the form of companies misidentifying their attacker and causing collateral damage. The current version of the bill requires companies to notify the FBI and receive confirmation before engaging offensive cyber measures…. “If you get the attribution wrong and you end up hacking back on a nation state, …”
2017/10/19
“Firms Join to Support Protection of Source Code Act”
“ISDA, FIA, FIA PTG, Modern Markets Initiative, and the U.S. Chamber of Commerce, have filed a joint letter expressing their collective support for Congressman Sean Duffy’s proposed “Protection of Source Code Act” HR 3948.”
“… the Act requires a subpoena in order for the SEC to compel a person to produce or furnish algorithmic trading source code …”
2017/10/19
“Pentagon pressed on source code disclosures to Russia”
“Democratic senator writes to Pentagon on risks to military systems after reports a tech vendor allowed Russia to review source code.”
“… The ArcSight review was conducted at sites controlled by HPE, the company said, and “no backdoor vulnerabilities were detected” in the software. Echelon, a Moscow-based company that conducts such reviews for Russia’s FSB intelligence service, oversaw the testing. …”
2017/10/14
“North Korea behind WannaCry attack which crippled the NHS after stealing US cyber weapons, Microsoft chief claims”
“North Korea was behind the WannaCry attack which crippled the NHS after stealing US cyber weapons,the head of Microsoft has claimed.”
“Brad Smith said he believed “with great confidence” that Pyongyang was behind the hack…”
2017/10/14
“Guide to the U.S. Patent Office’s Materials on Subject Matter Eligibility | Lexology”
“Since 2014, the USPTO has periodically issued examination guidance, analysis examples, and other insights to guide evaluation of patent subject matter.”
2017/10/13
“Twitter deleted data potentially crucial to Russia probes”
“Social-media platform’s strict privacy policy led to deletions of Russian information of interest to investigators.”
“… the company has had to walk a tightrope in balancing the interests of privacy activists who are “very concerned about any suggestions that a tech company would hold their data for any period after its deleted,” and law enforcement agencies that want access to potential evidence of wrongdoing. As such, “it’s a little more complicated than giving an X is gone forever by Y date” answer, one Twitter official cautioned.”
2017/10/07
“Cybersecurity firm finds ‘90% crud’ rule rings true among 100 billion DNS records”
“With more attacks coming, and the domain name system being at the center of it all, hospitals should be careful about handling web and email domains, FarSight Security says.”
2017/10/07
“ALJ Shaw: ITC is a Viable Forum for Enforcement of SEPs”
“The public version of ALJ Shaw’s Initial Determination (ID) in U.S. International Trade Commission (ITC) investigation Certain Magnetic Data Storage Tapes and Cartridges Containing the Same, Inv”
“Standard essential patents (SEP) at the ITC; burden of establishing essentiality; FRAND vs. injunction
2017/10/07
“Federal Circuit Clarifies Venue Requirements For Patent Cases”
“Until the U.S. Supreme Court’s May 22, 2017 ruling in TC Heartland v. Kraft Foods, the Court of Appeals for the Federal Circuit and the United States…”
“… three general requirements” for whether a corporation has a “regular and established place of business” in a judicial district. These requirements include: “(1) there must be a physical place in the district; (2) it must be a regular and established place of business; and (3) it must be the place of the defendant.The Federal Circuit further explained that while the “`place’ need not be a `fixed physical presence in the sense of a formal office or store,” “there must still be a physical, geographical location in the district from which the business of the defendant is carried out.” …” ”
2017/10/06
“Federal Circuit Clarifies Standard for Pleading Infringement in Lifetime v. Trim-Lok – IPWatchdog.com | Patents & Patent Law”
“The CAFC found Lifetime’s pleading adequate. To survive a motion to dismiss a complaint must contain sufficient factual matter to state a claim to relief…”
“… the Federal Circuit opinion in Lifetime is a good refresher on sufficiency of facts needed for filing a complaint alleging patent infringement. It is a refresher also on proving infringement resulting from assembly of components to make the claimed product when not all of the components are made by the same party.”
2017/10/06
“Patent Drafting 101: Going a Mile Wide and Deep with Variations in a Patent Application – IPWatchdog.com | Patents & Patent Law”
“You want to file a patent application with a description that is a mile wide, but you must also drill down more than one inch deep to teach the nuances…”
“… the best mode requirement is now a toothless tiger. Notwithstanding, generally speaking most inventors will undoubtedly want protection for what they perceive as the best mode (i.e., the best way to do things), which means you will need to disclose the best mode in order to claim the best mode.”
2017/10/06
“Court Cites Risk Of Competitive Misuse To Deny Modification Of Protective Order”
“Order Denying Motion to Modify Protective Order, PhishMe, Inc., v. Wombat Security Technologies, D. Del. (September 18, 2017) (Judge Christopher J….”
“Useful discussion of AEO (attorney eyes only) designation, whether in-house counsel is involved in “competitive decision making”.”
2017/10/04
“Key Document Is Unsealed in Waymo’s Trade Secrets Case Against Uber”
“The document, a due diligence report about Uber’s acquisition of an autonomous trucking start-up, contains details about whether Uber may have known it was getting stolen information.”
“On the one hand, “After leaving Google, Mr. Levandowski said he found a data storage container in his house containing “source code, design files, laser files, engineering documents, and software related to Google self-driving cars,” according to the report, information that Mr. Levandowski said he downloaded as a matter of “his departure from ordinary course of business.” On the other hand, “Even after 60 hours of inspection of our facilities, source code, documents and computers – no Google material has been found at Uber,” Matt Kallman, a spokesman for Uber, said in a statement.”
2017/09/29
“Zuckerberg’s Preposterous Defense of Facebook”
“If everyone is upset with you, as the platform’s chief says, are you really doing something right?”
“Zuckerberg’s Preposterous Defense of Facebook; excellent article by Zeynep Tufekci (author of Twitter and Teargas)”
2017/09/29
“The Inside Story of Equifax’s Massive Data Breach”
“The intruders broke in and then handed off to a more sophisticated team of hackers, the hallmarks of a state-sponsored operation.”
“One of the tools used by the hackers-China Chopper-has a Chinese-language interface, but is also in use outside China, people familiar with the malware said.”
2017/09/29
“Kaspersky US government ban – what are the reasons behind the decision?”
“What is the basis for the ban on Kaspersky products being used by US government authorities? Can we be told?”
2017/09/29
“The CCleaner Malware Fiasco Targeted at Least 18 Specific Tech Firms”
“The backdooring of security software CCleaner now appears to have been more of a targeted spying operation than a mere cybercrime scheme.”
2017/09/29
“Stolen password lets hackers into Deloitte’s systems – SecurEnvoy Blog”
“If proof were needed of the importance of multi-factor authentication, then the recent experience of global consultancy Deloitte certainly delivers it. As the Guardian newspaper revealed on September 24th, Deloitte has become the victim of a hacking…”
“No multi factor authentication…”
2017/09/29
“Deloitte Hacked: What We Know Now”
“As first reported by The Guardian, ‘big four’ consulting firm Deloitte is the newest victim of a security breach. Deloitte discovered the hack in March, but…”
2017/09/29
“What Is the Dark Web? Definition and Examples”
“Confusion over what the dark web is shouldn’t be a barrier to defenders realizing the benefits of information gathered from these anonymous communities.”
“There has been a tendency to label the dark web as “any website not indexed by Google,” this definition is far too broad.”
2017/09/29
“No Easy Solutions: Facebook’s Response To Russian Hacking May Determine Tech’s Regulatory Future”
“This is the third article in a series that explores the public affairs challenges facing technology companies in a daunting new world filled with hostile foreign powers, unsettling labor, employment, and intellectual property issues, and unprecedented…”
“If Zuckerberg doesn’t figure out a way to contain [e.g. Troll Factory, Fancy Bear ] he runs the risk of watching his company and other tech giants get devoured by federal regulation – the scenario that Silicon Valley has managed to avert all these years.”
2017/09/28
“Russian-bought Facebook ads sought to amplify political divisions”
“New descriptions of the infamous Russian-bought politically themed ads on Facebook shared with CNN suggest at least some of the ads were working at cross purposes on a range of issues.”
“The apparent goal of the ads, the sources who spoke with CNN said, was to amplify political discord and fuel an atmosphere of incivility and chaos around the 2016 presidential campaign, not necessarily to promote one candidate or cause over another.”
2017/09/28
“Update: Russian Interference in 2016 US Election, Bots, & Misinformation”
2017/09/28
“S.E.C. Hacking Response Provides Road Map for Compromised Companies”
“The Securities and Exchange Commission, which has chastised companies over digital security before, may have its words come back to haunt it.”
2017/09/28
“Source Code Expert Disqualified In StubHub Trade Secret War – Law360”
“An expert witness for StubHub Inc. was recently disqualified after a California federal judge found that she had previously conducted a confidential analysis as a neutral third-party during discussions aimed at settling the trade secrets dispute…”
2017/09/27
“NSA Invites Students to ‘Hack Us!'”
“Undergraduate and grad students who compete to master six tasks receive small token of appreciation for being among first 50 finishers”
“Registration is open for the 2017 Codebreaker Challenge. The contest asks college students to use reverse engineering or the ability to take apart code and fix from scratch a fictional break-in of a government data system.”
2017/09/26
“We’re in the Age of Fake Photos and Videos-Here’s How to Spot Them”
“After Hurricane Harvey hit in August, images and video of the storm’s destruction began to emerge online. The world saw photos of stricken residents surveying their flooded homes, rescuers canoeing down suburban streets, and families camped out in…”
“our visual systems didn’t evolve to look at flat images. As a result, we’re “remarkably inept” at detecting relatively simple geometric inconsistencies in shadows, reflections, and image distortion… There are some relatively simple tricks for determining the geometric accuracy of images. Since light travels in a straight line, for example, shadows and the object that produced them should also lie on a straight line, which can be traced back to the source. But Farid cautions against “armchair forensics.” Determining image authenticity is an extremely difficult process, he notes, akin to DNA fingerprinting.”
2017/09/26
“Scanning the Dutch navy”
“Keeping its vessels in top condition is a critical aspect of a naval force’s readiness, but to do so each part, little or big, needs full attention. Claire Apthorp looks at a project to scan the entire Dutch Navy in 3D.”
“In order to speed up its servicing, Marinebedrijf Koninklijke Marine turned to Artec 3D, a company that produces 3D scanners that allow maintenance personnel to reverse engineer parts for vessels.”
2017/09/26
“Cyberattack at Deloitte Reveals Clients’ Secret Emails”
“One of the world’s “big four” accountancy firms has been targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients.”
“In addition to emails, the Guardian understands the hackers had potential access to usernames, passwords, IP addresses, architectural diagrams for businesses and health information. Some emails had attachments with sensitive security and design details.”
2017/09/26
“Mobile stock trading apps ignore critical flaw warnings”
“IOActive discovered vulnerabilities in today’s 21 most popular trading apps — but the vendors couldn’t care less.”
“While IOActive would not name the apps or vendors involved, after reaching out to 13 of the brokers with the worst vulnerabilities, only two bothered to respond.”
2017/09/26
“Reverse Engineering Guitar Hero”
“What do you do when a ten-year-old video game has a bug in it? If you are [ExileLord] you fix it, even if you don’t have the source code. Want to know how? Luckily, he produced a video showing all the details of how he tracked the bug down and fixed it…. You may or may not care about Guitar Hero, but the exercise of reverse engineering and patching the game is a great example of the tools and logic required to reverse engineer any binary software, especially a Windows binary.”
2017/09/26
“ProPublica Seeks Source Code for New York City’s Disputed DNA Software – ProPublica”
“We’re asking a federal court for the code behind a technique that critics say may have put innocent people in prison.”