And with that, Groklaw is gone…

On Tuesday, August 20, 2013, Pamela Jones posted an article on Groklaw.net announcing that she’s shuttering the site. Her reason is due to what the U.S. Government is doing to sites like lavabit (which stored emails in an encrypted format, and was used by Edward Snowden to leak NSA documents). Essentially the Government served lavabit with a FISA warrant and gag order. The warrant put the person who runs lavabit into a conundrum–either comply or shut the site down. He chose the latter. The gag order prevents him from discussing certain parts of the FISA letter at all. He can’t even tell his lawyer about them–which means he can’t assist his lawyer in building an effective defense against them.

Ms. Jones decided that since email is the main communication that she has between her and contributors (and readers), and that since she has contributors from all over the world, it wasn’t worth the risk of having to deal with the same issues as lavabit did. So she decided to shut the site down (although it’s still up, and you can still comment on other articles there). Her last post is an eloquent discussion on how “total surveillance” makes you lose your humanity.

It places me in a conundrum of sorts also. I have nothing to hide, as far as the emails I send or receive. But I realize that others do have something to hide, and they have a good reason TO hide those things (and no, I’m not talking about terrorists or people who are committing other crimes). And while commenters on Ms. Jones’ site are speculating that she may have received the same type of FISA letter/gag order that the owners of lavabit did, I don’t think that’s the case. What I think is happening is two-fold. First is exactly what she said in her final post. That she feels violated knowing that the Government will read her emails, and keep them for up to five years to try and decrypt them (if they are encrypted). Secondly, I think she realizes that if there is a law on the books, it can be abused. Who’s to say that some corporation that she’s been writing about, won’t “convince” someone in power to serve her with a FISA letter to get everything that she has on them?

So from my standpoint, what to do… What to do… I’m not shutting the site down, as I’m not in the same position as she (or others are). If I’m served with a lawful (read as legal and properly executed) warrant, I will comply. If the warrant is not lawful, I will fight it to whatever extent that I can. One of the recommendations that Ms. Jones is doing is using a site like kolab for her email. It’s located in Switzerland, so it falls under a different set of laws than the U.S. I won’t do this, because as she pointed out earlier in her post “They tell us that if you send or receive an email from outside the US, it will be read. If it’s encrypted, they keep it for five years, presumably in the hopes of tech advancing to be able to decrypt it against your will and without your knowledge. Groklaw has readers all over the world.” By using a service from Switzerland, you’re guaranteeing that the emails will be read and held on to.

At the end of the day, Groklaw is gone. And the Internet is not a better place for it. The site was one of the most well-known defenses of our legal rights and of Open Source in general. While I don’t necessarily agree with everything she’s posted there (or people’s attitudes about certain corporations), I felt that it was an important site to have around. It kept shining a light in the dark recesses of corporate ethics (whether anyone, including Ms. Jones, realized it or not).

It’s a sad day indeed.. Just sad…

Disclaimer about tips from the US-CERT Website

I’m posting this in one place because of the fact that I already have some older Cyber Security Tips. Rather than going back through all of my posts, I decided to put one disclaimer up. If I’m required by law to put the disclaimer on each tip, then I will.

Any tips that are used from the US-CERT website are subject to the following statement:  “This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS).”

 

Your Lawyer May Be Using Linux, Shouldn’t You?

I just finished reading this article “Lawyers Can Leave Windows For Linux OS (Ubuntu)” and thought it would be good to post.

Essentially the author lists the reasons why lawyers could (and possibly should) switch to Linux–especially Ubuntu. They list the facts that older versions of WordPerfect (commonly used by law firms) work, the cost is non-existent (at least not the calculated cost of learning a new OS), and the need for antimalware is non-existent also. Then the author points out the various apps that are available to you.

Ubuntu is the preferred operating system, mainly because of it’s use of Sudo (“su” do) which makes logging out of your basic user and into the root account almost unnecessary. This is a good point, since it’s a bad idea to allow users to log in as root (mainly because they’ll stay logged in as root).

So, if Linux is good enough for your lawyer, then it’s definitely good enough for you. All of the benefits that are presented to the lawyers are applicable to you (with the possible exception of the case management benefits). And because you’ll be using it for more than just law-related items, there are more benefits to you.

So, you can check out Ubuntu at http://www.ubuntu.com or it’s alternative versions Kubuntu, Edubuntu (for students), or Mythbuntu (Media Center alternative). There are others, but these are the main versions.

Have a great weekend:)
Patrick.

From the NYTimes: The Defenders of Free Software

The Defenders Of Free Software (Subscription may be required but is free for accessing online articles. Update: If you view more than 20 articles in a single month, you’ll be required to sign up for a paid subscription.)

This article is about one person who works for the GPL-Violations.org site in encouraging companies that use Open Source software to follow the licensing agreements.

I wanted to point it out for two reasons:

    1. It discusses how deeply Open Source software really is becoming rooted into our society

 

  • It also discusses the fear that companies have of Open Source software developers coming after them for money

 

The reality is that the companies are basing their fear out of the tactics of the “Closed Source” companies–not the principles of Open Source. The developers and GPL-Violations.org are not trying to make a quick buck (although I would imagine that all of them would appreciate something in return for their efforts). They are trying to promote the use of Open Source (and trying to make sure that companies don’t steal the code).
As was mentioned in the article, while a “Closed Source” company will send lawyers after the violator (at the very least they will start with a Cease-and-Desist Letter), the Open Source community will first try to get the violator to correct the issues. ONLY If the violator refuses (or fails) to correct the issue, will they resort to Cease-And-Desist Letters or lawyers.
Kind of a better system, don’t you think?

Have a great day:)
Patrick.

Oracle vs. Google—What does this mean for you?

Yesterday, Oracle filed a lawsuit against Google concerning the use of Java in their Android operating system.  It wasn’t so much that you can use Java in web browsers or even Java applications per se.  It was more along the lines of Google took the syntax from Java and tweaked it a bit, so it wouldn’t compile on Java compilers.  At least this is my interpretation from the little that I’ve read.

So, what does this mean for you?  Well, if you’re a developer for Android (or a user of Android phones) it may mean a lot.  Depending on what the outcome of the lawsuit is, you may not be able to develop in Java anymore for Android.  And if you’re a user, then the applications that you’re running may disappear or change.

What if you’re a developer in general though?  Does this mean that Java is a hands-off language?  No.  You’ll still be able to develop applications that run on the Java Virtual Machine, and use Java Libraries.  What this means is that you can’t create your own Virtual Machine and Libraries that are basically Java wrapped up in another package.

Over the next few days and weeks, I’ll be reading more about this lawsuit. As I learn more about what it’s over, and what the ramifications are in general, I’ll post more about it.

Have a great daySmile
Patrick.

Disclosure Policy for my blog

This policy is valid from 02 January 2010

This blog is a personal blog written and edited by me. For questions about this blog, please contact Patrick Dickey (sales at patscomputerservices dot com).

This blog accepts forms of cash advertising, sponsorship, paid insertions or other forms of compensation.

This blog abides by word of mouth marketing standards. We believe in honesty of relationship, opinion and identity. The compensation received may influence the advertising content, topics or posts made in this blog. That content, advertising space or post will be clearly identified as paid or sponsored content.

The owner(s) of this blog is not compensated to provide opinion on products, services, websites and various other topics. The views and opinions expressed on this blog are purely the blog owners. If we claim or appear to be experts on a certain topic or product or service area, we will only endorse products or services that we believe, based on our expertise, are worthy of such endorsement. Any product claim, statistic, quote or other representation about a product or service should be verified with the manufacturer or provider.

This blog may contain content which might present a conflict of interest. This content will always be identified.

The companies whom I have affiliations are the following: Commission Junction (providing affiliations with certain companies), ClickBank (providing affiliation with certain companies), Chitika Ads, Panda Security (through Commission Junction), StopZilla (through Commission Junction), ZoneAlarm (through Commission Junction), ESET (through Commission Junction), AVG (through Commission Junction), Acronis (through Commission Junction), Amazon Associates, Carbonite (through Commission Junction), JourneyEd (through Commission Junction), and any company listed under my “Affiliations and Recommendations” section.

I am also a shareholder in Microsoft, Corporation, IGate, NetGear, Cisco, AMD, Activision, Nvidia, and other tech companies (however my total aggregated number of shares would be around 15). As I purchase stock in companies that I may post about, I will list them here.

Any other companies not listed here, that I have affiliations with, will be clearly identified as such.

To get your own policy, go to http://www.disclosurepolicy.org

Virginia Won’t Pay Hacker’s Ransom Demand – InsideTech.com

Virginia Won’t Pay Hacker’s Ransom Demand – InsideTech.com

Recently a “cyber-criminal” (please note that I’m not using the overhyped and irresponsibly used term “hacker”) broke into the Virginia Department of Health’s database and stole a bunch of records.  The criminal claimed that they also deleted the backups of the records (which was false) and demanded a ransom of $10 million.

Instead of paying, Virginia is working with the FBI to apprehend the criminals.  Are they doing the right thing here?  I would say “yes” and “no”.  Understand that I am basing this upon the same information that you have—I don’t have any secret information about the case.

Yes they are doing the right thing by refusing to pay the ransom, and by working with the appropriate law enforcement agencies to track down the criminal(s) responsible.  It would be foolish and useless to give into the demands, as the criminal will either a) not give you the records or b) give you something more like a virus with them.

Based on the articles that I’ve read, there is a possibility that the information that was stolen includes identifiable information such as your Social Security number (this is only in the case of Virginia residents who have had prescriptions filled).  The articles do not specify if the state is working with Credit reporting agencies to prevent Identity theft.

This would be where I have to say “No.”  If your bank is breached, or a store that you’ve used  a credit card at is breached (or the credit card processing agency), they typically offer those infected with a years’ worth of credit monitoring.  And they typically bear the burden of the cost of the monitoring.  It’s a small price for them to pay, in order to regain your trust.

The articles don’t specify if Virginia is doing any of this.  If they are then I say they’re doing everything right (as far as things I’ve looked at). But if they aren’t doing anything to prevent the Identity theft, then they are putting their residences at an unnecessary risk.

These articles also emphasize the need for stronger security and the need to maintain backups off-site.  The criminal claims that the backups were still attached to the system, and that he/she deleted them.  If that’s the case, then the state failed right there.

This is an issue that everyone can monitor and take some learning examples from. Especially when it comes to maintaining backups and protecting your information.  You may not be able to control it once you put it on someone’s server, but you definitely can control it on your computer.

If you’re a resident of Virginia and were affected by this (or know someone who is), please drop me a note and let me know if the state is doing anything to help you safeguard your personal information in this matter.

Have a great day:)

Patrick.

Malicious software and why would you want it anyhow?

Regardless of the title of this, I’m mainly aiming this at the copies of Windows 7 RC that are being distributed via .torrent files.  Yes I know there have been “leaked” copies of Windows 7 out, but the Release Candidate is available from Microsoft now.  So, my question is what do you have to gain by downloading it via .torrent files?

Do you get an extended license key? I doubt that highly.  The keys that you get from the public download are good until June 2010 (at one report).  And the Release Candidate is going to be essentially the same thing as the RTM version (unless there are “show-stopper bugs” in it).  Since Microsoft is allowing you to use the keys for 13 months, they’ll update the release candidate along with the RTM versions that you’ll buy.

Do you get an advanced copy that “no one else has”?  Um…  NO. You may have gotten an advanced copy that people who are willing to wait for didn’t have.  But, unless you were the FIRST person to receive a copy of the file, you aren’t getting something that “no one else has”.  You’re getting something that your friends may not have.  But truthfully, if your friends weren’t already running the beta version, they probably don’t care.

Are you getting a hacked copy that will run on anything?  Well now, we’re getting closer to the mark here.  But sadly, no.  You’re getting the same copy that everyone else has (with a little more).  You aren’t getting something with the “Blue Badge” (which unlocked features in the pre-Beta 1 versions).

So, what are you gaining by downloading Windows 7 RC from a .torrent file?  You’re gaining a system that will be PwN3d from the moment that you hook it to the Internet.  See one version of the .torrent file has two files in it.  One is a  setup.exe file, and the other is a virus.  The setup.exe file has been “hacked” to automatically call (and install) the virus as part of the Windows 7 installation.

What does this mean?  It means that if you’re upgrading from your Vista or XP computer, then there’s a good chance that all of your passwords and other information are being given out.  And if you’re doing a clean install, then your passwords and other information are SLOWLY being given out (slowly because you’ll have to reenter them one at a time).

And you’re not “Sticking it to the man” either.  Why?  Because there’s a really good chance that whatever “key” you installed with is going to expire in June, 2010 along with everyone else’s.  Not counting that if you get caught seeding the file,  Microsoft can sue you for a lot of money.  And given the legal status with Copyrights, you could end up in jail.  It’s doubtful, but really now, is it worth the risk?  For something that you can get at Windows 7 anyhow…

Have a great day:)
Patrick.