Preview for Broad Range of Criminal Activity Finds Child Pornography- 6th Cir Reverses Trial Court on Suppression

In US v Schlingloff, the 6th District reversed the trial court's denial of a motion to suppress. The digital forensic examiner was executing a search warrant to look for evidence of passport fraud. He used a feature of the digital forensics software FTK (which is the same sort of software tool as EnCase) to look for a broad range of files indicative of criminal activity, including child exploitation images. The search yielded files containing suspected child pornography and the defendant sought to suppress that evidence, arguing that the search exceeded the scope of the warrant. The trial court denied the motion to suppress, but the Circuit Court reversed, citing the agent’s purposeful choice to search for the child exploitation material despite it not being specifically enumerated in the warrant. The feature the agent used required that he select search criteria that included seeking files likely to contain child pornography in addition to files that would likely contain evidence of passport fraud.

Here’s the case. http://www.ilcd.uscourts.gov/sites/ilcd/files/opinions/11-40073_schlingloff.pdf

A couple of really good recent e-discovery articles

ABA E-Discovery Expert Says Emerging Standards Are Premature

By Evan Koblentz

WRAPPING YOUR ARMS AROUND e-DISCOVERY

By John G. Horn and Michael McCartney

Judge Scheindlin Issues Strong Opinion on Custodian Self-Collection

Government agencies are expected to protest vociferously arguing it is overburdensome.

By Ralph Losey

and download this White Paper:

2012 E-Discovery Early Case Assessment Software Buyer's Guide 

By Joshua L. Konkle and Charles Skamser 

DCIG is a company that analyzes software, hardware and services companies within the enterprise data storage and electronically stored information (ESI) industries. Available from DCIG with registration at http://www.dcig.com/2012/07/dcig-announces-the-industrys-first-most-compr.html and for free from Guidance Software at http://www.guidancesoftware.com/dcig-2012.htm

DNSChanger Surprise!

DNSChanger hit and the Internet survived. As with most scares fueled by media hype and top government sources, the virus turned out to be much ado about pretty much not much.


Did anybody go to the FBI website to check their PC to see if it was infected? If they did, was it? Just curious.  

Digital devices and miscarriages of justice

         

Courtesy of The DailyCaller.com

By Roger Koppl & Monique M. Ferraro 12:58 PM 06/15/2012

    

We carry our lives on digital devices. For most of us, the information they contain is perfectly innocent. But digital forensics as it’s practiced today can make innocent information look incriminating. That means we may be putting innocent people in jail and letting criminals off. While other forensic science disciplines have come under harsh scrutiny lately, the problems with digital forensics have not received enough attention
.
A 2009 study by the National Academy of Sciences sounded the alarm on faulty forensics. The report said most methods of analysis have not been “rigorously shown to have the capacity to consistently, and with a high degree of certainty, demonstrate a connection between evidence and a specific individual or source.” The report challenged the reliability of ballistics (“toolmark and firearms identification”), bite mark comparisons, blood spatter analysis, handwriting analysis and even fingerprint examination. The report said little about digital forensics, however, because it is still an “emerging” discipline.

It’s time for a critical look.

There is solid science behind much of digital forensics. We know, for example, that computer hard drives must be copied without altering the contents of the disk. Best practices in digital forensics also are solid. But digital forensic analysts don’t always follow best practice.

Consider some of the following examples, which we have witnessed in Connecticut and nearby jurisdictions.

A police officer “expert” found images from “unallocated space,” the part of a hard drive the computer isn’t using, which may contain deleted files. The officer asserted in an examination report that images retrieved from unallocated space were downloaded by the defendant and deleted.

But such an assertion is not supported by fact. Data can get into unallocated space on a hard drive in a number of ways. In this case, the only appearance of the data was in unallocated space. There was no basis for the examiner to assert that the images had ever been “files” that were subsequently “deleted.”

Here’s another example: A computer’s operating system creates hundreds of copies of the same images, which are called “restore points.” A police officer “expert” recently recovered restore points on a defendant’s hard drive that contained the same two child-porn pictures. The officer duplicated the pictures so many times that he recommended charging the defendant with possession of more than 600 images, nearly all of them the same.

Another police officer “expert” violated a court order when he searched for privileged attorney-client documents on a defendant’s computer, and then handed them over to the prosecutor.

Examination reports often include conclusions from examiners that items were “intentionally downloaded” by the defendant. But it is impossible to arrive at such a conclusion without being present when the defendant actually downloaded the material, or without a videotape of the event.
Poor training is a big part of the problem. Thousands of police officers have been trained to perform digital forensics under federal grant programs. But these police officer examiners are not required to possess any special training or education beyond a minimum level. The 40 hours or so of training they receive in the forensic software they use is typically the extent of their computer science background prior to their first case assignment.

Despite the minimal training of many digital forensics examiners, their findings are often unquestioningly accepted as fact.

Digital evidence can be compelling and it is often unambiguous. In too many cases, however, digital forensics experts make assertions about a defendant’s actions that are not supported by fact. Such errors create the risk of false conviction of the innocent and a free pass for the guilty.

We need higher standards and more professionalism in digital forensics. And we need to give digital forensics the sort of close scrutiny that all the other forensic science disciplines have been getting in recent years.

Roger Koppl, a research fellow at the Independent Institute, Oakland, Calif., is a professor of economics and finance at Fairleigh Dickinson University and director of the university’s Institute for Forensic Science Administration. Monique M. Ferraro is a lawyer and information security and digital forensics consultant at Technology Forensics, LLC, Waterbury, CT.

Read more: http://dailycaller.com/2012/06/15/digital-devices-and-miscarriages-of-justice/#ixzz1xzmYtuG4

ISC2 Hacked? Batten down your hatches

Ok, I cannot be the only person in the world who thinks this is ironic and amusing. The International Information Systems Security Certification Consortium, Inc. (ISC2) has had some of its websites go down recently. One can only presume they were hacked, since both of the websites were set up to be portals -- one for registering to teach internet safety to kids and another to vote for an awards program. 


The ISC2 issues the most prestigious certifications offered in the field of information security- the Certified Information Systems Security Professional (CISSP, which has specializations in architecture, engineering and management), a certification which I hold, the Systems Security Certified Practitioner (SSCP), Certified Authorization Professional (CAP), Certified Secure Software Lifecycle Professional (CSSLP).


If the ISC2 people can get hacked ANYBODY can get hacked. If they aren't secure, NOBODY is secure. If you have important information, back it up and encrypt it. Just sayin. 

Child Porn Decision Turns On Downloading Intent

New York ruling highlights gray area of Connecticut law


James Kent, a public administration professor at Marist College in Poughkeepsie, N.Y., was convicted of hundreds of counts of procuring and possessing child pornography via the Internet on his work computer. Last week, New York’s highest court reversed the convictions that were based on images located in temporary Internet or “cache” folders on his computer hard drive. The national headlines shouted that the New York Court of Appeals ruled that looking at child porn is not a crime. But neither the decision, nor the technology that guided the justices toward it, is quite that simple.

What the Court of Appeals ruled is that the prosecution must show that a defendant did more than simply view images on a computer screen. According to the majority decision, “some affirmative act is required (printing, saving, downloading, etc.) to show that defendant in fact exercised dominion and control over the images that were on his screen.” But in this case, the justices ruled that the images and videos were apparently downloaded from web sites through the automatic functions of the operating system of the defendant’s computer, and thus there was no proof that the defendant knowingly committed a crime. This holding is consistent with those in some other states and federal circuits, but has not been addressed in Connecticut as yet. This is an important issue because prosecutions are regularly moving forward in the state based on images located in temporary Internet storage and a number of defendants have been convicted.


Accidental Access Generally speaking, when you go to a web site, images are downloaded to temporary storage on your computer — whether it’s a personal computer, pad, laptop or certain smartphones. This temporary storage is called “cache.” The pictures and video are temporarily stored to make it easier for your computer to display those images from the web site if you go back. It makes the processing time faster. This is an automatic process conducted by your computer’s operating system.

Yes, that means you or a client can accidentally access child pornography unknowingly. There may be pictures or videos that depict child pornography that you haven’t viewed that get automatically downloaded and stored in temporary Internet storage or cache. Yes, that means that even if you or a client accidentally access child pornography and try to delete it, if the police find out about it, they will make an arrest, push to prosecute and the resultant conviction will garner a mandatory minimum sentence of incarceration. In Connecticut, for fewer than 20 images, the mandatory minimum term is a year; for 20 to 49 images, two years; for more than 50, three years. One sentenced for a child pornography offense must register as a sex offender upon release from prison.
Compare images located in cache to files intentionally saved by the user. Files saved by a user will be found in folders like “My Documents” or “My Pictures.” Forensic software like EnCase and Forensic Tool Kit can help prosecutors, defense attorneys and their experts figure out whether files have been accessed, modified or deleted and when these actions occurred. Files located in temporary Internet storage most often are never accessed after they have been initially downloaded. That can be interpreted to mean that that the user either didn’t know the files were there or that they couldn’t access the files, or both.

Collectors of child pornography usually have many pictures and videos — they number in the hundreds, thousands, and hundreds of thousands, and serious collectors categorize their collections into folders. It doesn’t take many cases before one can discern the serious offenders.


Unallocated Space
In addition to data in temporary storage and purposefully saved files, there is unallocated space on digital media. Unallocated space may be empty. It may contain complete files, or it may contain incomplete files or data. Sometimes deleted data can be “carved” from unallocated space by forensic software. The software guesses what type of file the data once was and attempts to reconstitute it. Speculating as to the meaning of data in unallocated space is more alchemy than science or law. How the trial court in People v. Kent came to its conclusion that the defendant was guilty of possessing images located in unallocated space but not in temporary Internet is fact specific and should not be applied to data found in unallocated space in general, because unallocated space is a much different animal than temporary Internet storage.

Still, that shouldn’t diminish the impact or import of the court’s holding regarding data held in temporary storage. There are several cases holding that data in unallocated space is not knowingly possessed for the same reasons the court held that files located in temporary Internet storage are not possessed in the Kent case — because the user did not know that the files were being saved and the user could not access the files without specialized software.

In the New York case, Justice Victoria Graffeo wrote in a concurring opinion that, according to the majority opinion in the case, “it is [now] legal in New York to knowingly access and view child pornography.” But it’s not easy to prove that someone viewed something. A person can accidentally access a web site and their computer will download hundreds of pictures or videos. While it is possible to prove that a web site was visited for a certain period of time, it isn’t possible to determine what pictures on that web site someone looked at, or even if the person was looking at the web site the whole time.

Still, police and prosecutors in Connecticut have in the past and today continue to push these cases, even as New York, other states and some federal jurisdictions abandon the practice.

This isn’t a matter of advocating for child pornographers or sex fiends. Everyone agrees that child pornography is odious. The child sex assault and exploitation that the pornography chronicles is, without question, an insult to our humanity and an unrelenting victimization of the minors depicted. No one would ever marginalize those souls or minimize their anguish. Yet, to effectively deal with this issue, we must recognize that there is more to it than the pictures themselves.

Child pornography cases should interest us all because they are at the cutting edge of electronic evidence cases. We will see the most salient legal issues tested in those cases first before the principles are applied to other areas of the law. People v. Kent demonstrates the necessity of analyzing the legal issues rather than focusing on the visceral recoil we experience at the offense. It is a good case to look at because the defendant was guilty in part and not guilty in part. The court held that some of the child pornography on his hard drive was possessed knowingly — the images in unallocated space — but the images stored in cache — in temporary Internet storage — were there without his knowledge and therefore not unlawful. •

Thanks to the Connecticut Law Tribune, where this appeared in the Monday May 14, 2012 issue at http://www.ctlawtribune.com/getarticle.aspx?id=42167 online. 

HP Pavilion DV7 Review- It's Not Good

All I wanted was a basic functional laptop. I wasn't looking for anything fancy. After lots of research, I chose the HP Pavilion DV7. I had an HP before and I liked it. It was better than the Dells I've had that have gone through power cords and mother boards and hard drives. For the money, it looked like a good deal. It also has a 17" screen, which I figured would be good because I spend a lot of time at the computer (probably 10 hours a day) and I can use as much assistance as I can get with making the display readable. I've had the laptop for about a month, maybe two. 


Two keys have fallen off the keyboard. I hesitate to call customer service. As I recall from my last HP, they require you to send the laptop in for service. I may as well save my time and just buy a keyboard because that is never going to happen. There is an odd thing that happens with the mouse or the keystrokes. It is either a combination of keystrokes or a super-sensitivity of the mouse, but at times the cursor flies up to a section of my document while I'm typing and will highlight a section and delete it, or insert the text that I'm typing at the point where it's landed. It can be a big productivity waster, because I find I spend unnecessary time tracking down and correcting errant cursor flitting about in my documents.

Blackberry P 9981 - $2k for a Phone? Not Happening

Blackberry announced a new phone designed by Porche- the P 9981. Meh. Same keyboard design. Chromey and a bit thinner than my bold. New apps? Can it do all the stuff a Droid or an iPhone can? Does it have the new Microsoft OS? No.

But it has augmented reality abilities and a touch screen. And RIM says it can browse the web faster. All for a mere $2,000.

Did I say $2,000 for a Blackberry? Yes. And how many people are going to buy it? Four, maybe five people so they can keep them in the original box and try to sell them twenty years from now for millions because they'll be 'rare.'

I try not to let myself waste too much time speculating about things like this, but I wonder what the meetings were like that led to the pricing decision on a 2 thousand dollar cell phone. I might pay two thousand dollars for a phone if I could call the spirit world (and someone would answer) or God, maybe for a five minute conversation with the president or Dali Lama. But for a Blackberry? Seriously. I would LOVE to meet the people responsible for the pricing decision and learn from how that lapse of collective reasoning was made.

The Cybercrime Wave that the Op-Ed Authors Didn't Address

Today’s NYT published an Op-Ed by Microsoft researcher Cormac Herley and Dinei Florêncio that informed us that reports of cybercrime have been greatly over exaggerated. Their article suffers two major flaws. First, they never define cybercrime. Second, their premise is both naïve and irrelevant.

Take a look at the article. Cybercrime isn’t defined. The authors apparently assume we know what they’re talking about. No, we don’t. Is cybercrime Internet facilitated crime that results in financial loss? Is it any activity defined by law as a crime facilitated by the Internet? What, exactly, are they talking about?

By every account, 2011 saw more data breaches than have ever. The first quarter of 2012 is on track to break that record. Online trafficking in child abuse images and infringement of intellectual property is not subsiding as more people enter the Internet community. It increases. We lack the ability to measure the rate at which these activities occur.

Their premise is that cybercriminals don’t make a lot of money from their crimes. Individual losses are small. But the thesis isn’t why we’re all concerned about cybercrime, is it? The loss in terms of dollars actually stolen is not what matters. What is important is the cost of mitigation, and that cost is very large.

Anyone who has suffered a virus infection on their home pc knows that the down time required to wipe a hard drive and reinstall your operating system is significant. Many people don’t bother. They buy a new computer. Identity theft on the smallest scale requires a great deal of time to contact credit agencies, banks and creditors, get new cards issued, and check credit reports.

Businesses spend a lot of money guarding against cybercrime because the threat of data breach is great. Data breaches require assembly of a team of experts, response and mitigation. Clean up following a breach can be costly, requiring identification of account holders whose information may have been compromised. The cost to reputation and good will for businesses charged with protecting client data when they fail to protect it is incalculable.

When government databases are breached and private data exposed, the direct individual cost may be small. However, it is irrelevant, isn’t it? Who can place a value on your social security number combined with your name, birthdate and address? It isn’t the small financial gain per
person per incident, if that was what the authors of the op-ed article were talking about.

The important consequence of data breaches, at least, are the exposure of private personal data that makes people vulnerable to financial and personal attack. Do not negate the inherent value of privacy. Many countries protect personal privacy as something that is as valuable as property. It has value and the authors completely ignore the host of violent crimes and other crimes against persons facilitated by the Internet. Most prominent among those crimes is the trafficking in child abuse images. We certainly have not seen any abatement in the flow of child pornography on the web, nor have we seen a drop in the rate of arrests or prosecutions for the crimes.

Thankfully, we have seen a reduction in online auction fraud due to improvements in security and practices at the major auction sites. We have seen a drastic reduction in the number of minors lured by predators as well. Today, it is fairly safe to say that the only 13 year olds who are on chat rooms being enticed into sexual relationships are more than likely police officers.

One is left to wonder what the authors' were really saying, then. What's the motivation? Being a skeptic, I look to who wrote the article and what they didn't talk about. I also look at what has been going on lately. One of the authors works at Microsoft. They didn't define 'cybercrime.' They focused on the costs to individual victims of small events like identity theft and didn't calculate the remediation costs. In the past eighteen months there have been hacks of government networks and major corporations unparalleled. My conclusion is that the article is an attempt to salve our legitimate concerns about a very real threat.

Electronic Discovery Publication Must Read- Gartner's Magic Quadrant

This white paper is absolutely mandatory reading for everyone involved in e-discovery. Gartner reviews 24 e-discovery vendors. They've done the research for you and provided accurate and succint evaluations.

Eleventh Circuit Weighs in -- Encryption Key IS Protected by 5th Amendment

Out of a sense of obligation, I'm posting this update on 5th Amendment protection of encryption passwords. Ho hum. In United States v John Doe, the 11th Circuit ruled that yes, the 5th Amendment does protect one's encryption password as it is testimonial in nature. Right.

As I've stated before. Big deal. Who cares? If the 11th Circuit had held the opposite, and had ordered the defendant to produce the key, what would have been the practical result? Tick tock. The defendant would have 'forgotten' the password. Hello?

I'm as game as the next lawyer for 'angels dancing on the head of a pin' sorts of arguments, but in this economy, it seems. . . well. . . not only excessive but insulting to us as taxpayers to address such obviously idiotic issues. Really. I'm not going to waste my valuable time researching how much the exercise over at the 11th Circuit cost. I'm willing to bet it was more than $100 grand, though. I can buy a lot of paper clips with that. Just sayin.

Spam-Smishing-Cramming: Tips

Sunday’s New York Times Technology Section carried two articles that, together, provide some valuable information to cell phone users. First, you’ve probably noticed an increase in spam on your cell phone. If you’ve got texting, you’ve no doubt received at least a couple of spam messages. Apparently, there has been a large increase in phone spam in the past three years, and a spike in phishing spam- termed ‘smishing.’

As with email spam, there’s not much you can do about it. Delete it. Not much point in blocking individual numbers, because it’s unlikely that the same number will spam you more than once. You can sign up for a service that costs money to block the spam texts. You can change your phone number. Wait- no, not really, because if you discontinue your service before your contract expires, you’re subject to an early termination fee. OR, you can do what another article in the Times mentioned in the context of another topic- cramming.

Cramming is what happens when your cellphone bill gets bigger and bigger as your provider tacks on curious charges for things you didn’t ask for and don’t use. Cramming can work insidiously with smishing to make your cellphone bill unwieldy. Here’s how it works. You get an unsolicited text and respond. That gets you signed up for a service that charges your account ten bucks a month. The cellphone company gets a cut of the charge because it bills for it.

The Times blogger brought up an excellent point. Why is it that the default isn’t that all phones don’t block unrequested services unless requested? Instead, what happens is that the companies charge customers and customers pay the charges until they notice that their bills are costing them as much as their mortgages do and they take a look at the itemized bill. When cornered, AT&T and Verizon assured the Times reporter that they will block unrequested services if requested by the subscriber. Note, though, that the customer must request that the services be blocked, so don’t assume it’s happening if you haven’t made the call.

Is Your Password Protected by the Constitution?

Whether the Fifth Amendment right against self-incrimination is implicated when a defendant is asked to reveal a password was, until now, a theoretical question. The topic was the subject of heated geek-debates which were akin to the early Christians slugfests about how many angels could dance on the head of a pin. Two recent federal cases have finally brought the matter into the legal limelight. The arguments are academic. The practicalities are marginally meaningful. Let me tell you why.

First, the cases. In USA v Ramona Fricosu, the defendant was ordered to decrypt her encrypted hard drive. Fricosu was accused of bank fraud and the government believed there was evidence on her laptop. She fought the order on the grounds that the government cannot force her to testify against herself, arguing that revealing her password is testimonial. The government responded that a password is not testimonial. Much like ordering a blood test from a suspected drunk driver or swab of the cheek from a suspected sex offender, a password is more like a key to a lock than an admission of guilt or testimony, prosecutors theorized.

The judge in the case issued an early decision, completely weaseling around the Fifth Amendment issue. Instead of dealing with whether or not a password is testimonial and whether or not it invokes the protection of the Fifth Amendment, the court ordered the defendant to provide the government with a non-encrypted version of the computer drive. That’s basically the same thing as providing the password, but the court avoided the big-time constitutional ramifications and the inevitable scrutiny that would ensue.

A 2009 case, U.S. v Boucher, was similar. The U.S. District Court in Vermont ordered the defendant to produce an unencrypted version of the media, avoiding the password issue.

Another recent case held that yes, indeed, a password is testimonial and does implicate the Fifth Amendment protection against self-incrimination. The U.S. Court of Appeals for the 11th Circuit thought more deeply than the common analogies to providing blood or a key to a lock. Here is what the court ruled in In re Grand Jury Duces Tecum, released March 11, 2011.

“We hold that the act of Doe’s decryption and production of the contents of the hard drives would sufficiently implicate the Fifth Amendment privilege. We reach this holding by concluding that (1) Doe’s decryption and production of the contents of the drives would be testimonial, not merely a physical act; and (2) the explicit and implicit factual communications associated with the decryption and production are not foregone conclusions.

First, the decryption and production of the hard drives would require the use of the contents of Doe’s mind and could not be fairly characterized as a physical act that would be nontestimonial in nature. We conclude that the decryption and production would be tantamount to testimony by Doe of his knowledge of the existence and location of potentially incriminating files; of his possession, control, and access to the encrypted portions of the drives; and of his capability to decrypt the files.”

Form Over Substance

The court seemed to recognize that the mind is a more complex device than a lock. In so doing, it recognized that there is more going on with regard to information technology and securing it than securing a locker. While this recognition is important and gratifying to the information technology sector, it is academic, really a matter of form over substance.

The more important question than, “Is a password testimonial, thus implicating the Fifth Amendment protection against self-incrimination?” is, “Does it make any difference whatsoever”? The answer to that second question is twofold and can save the government and defendants lots of money and time. Here’s why.

On a technical note, the government has all sorts of programs that defeat passwords. They don’t really need the defendant to reveal his or her password. If they are demanding the password, it’s the one time in a million that they have run into a situation in which they do not have the software or decryption capability to defeat it.

If encryption is employed, a password is required to decrypt the contents. Just as with your BlackBerry or other smartphone, if you don’t provide the correct password given a certain number of attempts, the contents of the media are “wiped.” By “wiped,” I mean the contents are completely scrubbed. The contents are deleted and overwritten by a neutral character, such as an “x” or “0” or “1.”

Besides (and this may sound cynical), but as a practical matter, who’s going to remember their password after all that litigation? Seriously. I had to reset the password to my blog three times last week because I forgot the password. I have to use GPS to get home from places I’ve been a million times. And the government is going to order people to remember stuff when they’ve been under stress and it’s been a year or two since they’ve even accessed the system?

The probability of the defendants remembering the passwords are slim. So why bother with all the litigation for a moot point? Is it to bankrupt the defendant (because that’s what usually happens)? Is it to make a point? (Really, what is the point?) Is it because the government can do it? (We do it because we can!) What happens, if at the end of the day, the defendant really has forgotten the password and the disk gets wiped of its contents? Does the government prosecute the defendant for destroying evidence? (Well, the defendant didn’t destroy the evidence, the government did, didn’t it?) Does the government prosecute the defendant for obstruction of justice? (Why? Because the defendant can’t remember something?)

Of course, I don’t have any answers. I don’t proclaim to. I just have questions. Lots of them. The philosophical discussions we had in law school about password production and the Fifth Amendment were for fun. The litigation taking place now is for big money. Just walking through the door of a federal courthouse costs a defendant tens of thousands of dollars. Not chump change. Not these days. And the reverberations run deep.•

By the way. . . news is that the defendant in the Fricosu case has forgotten her password. Shocking!

Courtesy of the Connecticut Law Tribune, March 26, 2012

Sabu Snatch- Will it Instill "Terror" in the Hearts of Anonymous?

Ahhhhh. It was just a matter of time, wasn’t it? The FBI announced that LulSec leader, Hector Xavier Monsegur, aka “Sabu,” helped them to take down the organization (organization in the loosest possible use of that term). A coop for the FBI. But, of course, they’ve gone too far. One senior official is quoted by Fox News as saying, “When people in the hacking community realize their God has actually been cooperation with the government, it’ll be sheer terror.” That quote is certain to evoke a response from the hacker community.

But is the message a dare? A taunt? I mean, the whole interception of the telephone conversation a month or so ago between the FBI and Scotland Yard appeared to be so incompetent on the part of the law enforcement agencies as to be phantasmagorical.

They have LulSec’s main guy. He’s a genius. They say he’s a hacker-rockstar. But there are others. LulSec is only a teeny, tiny portion of the conglomeration of hacktivists that make up Anonymous. I worry that the FBI taunts tease those geniuses who sympathize with the group and haven’t taken the plunge into deviant acts into wholesale hacking. The government has thrown down the glove, haven’t they? Seems sort of stupid, given that they’ve been compromised so many times in so many ways so much.

The hype that the FBI released attending the Sabu snatch is intended, no doubt, for us to question whether all of those hacks were “real” or if they were conducted with the supervision and under the auspices of FBI operations. Pisshah. As if. The flounderings of desperation.

I have great respect for the feds and for all of law enforcement. It’s really great that they were able to bring Sabu and others to justice. However, bear in mind that these are a couple of uneducated guys with broken computers. The FBI is using the same tactics they use in every successful venture they’ve ever launched. Find one guy- usually when they pinch his girlfriend or buddy on an unrelated matter, and get him or her to squeal and offer a deal. That’s unquestionably what led them to Sabu, which is what led them to the other members of LulSec and what will lead them to other miscreants. I’d hold off on the ticker tape parades lauding and magnifying the intellectual and investigatory prowess of our federal government agents and their minions. Extortion is their means. It works. It’s been the tool that has worked for about a hundred years and it will be the tool they continue to use.

However, it’s not going to get them very far with the real geniuses, who are much more dangerous than the guys like Sabu, who are not formally educated and are missing the left shift key on his computer. Push the MIT Ph.D. too far and you’ve got trouble. Piss off the Rochester Institute of Technology woman who’s had just about enough and see what happens. You are playing freshman ball, my friends. These guys dazzle you, but they are only the people in Spring training.

The capabilities- the potential out there- is far more dangerous than anything that Sabu or the Anonymous folks have so far done or contemplated. Two questions for the feds- 1. Why tempt them? 2- Given the obvious- that you are dealing with freshman players and not first string, shouldn’t you start upping your game?

A side note- A search for the definition of “Sabu” yielded some interesting results from the urbandictionary.com. Apparently, there was a wrestler named Sabu circa 2000, it may refer to putting your friend’s mom through a coffee table, and it can also stand for, ‘smack a bitch up.’ Nice.

Time to Look at Computer Search Process?

Courtesy of CT Law Tribune

March 5, 2012

Last week, a Manchester Superior Court judge vacated the one remaining charge against former Granby karate instructor Patrick Lenarz, who had served nearly four years in prison on a charge of risk of injury to a minor. The reversal of his 2005 conviction was the groundbreaking remedy fashioned by Connecticut’s Supreme Court. It decided nothing less than exoneration would suffice, because an unconstitutional search of Lenarz’s home computer by the Connecticut State Crime Lab improperly divulged attorney-client trial strategy.

After Lenarz was freed, his defense lawyer, Kevin Ferry, was exultant, but he also said he had hoped the high court would also enunciate a new standard for computer searches. “In my opinion, since electronic data is such an important part of peoples’ lives now, and people keep their private thoughts and papers and lawyer communications on their iPhones and laptops, there’s got to be a fundamental change in the procedures that apply when a search warrant is issued and those things are searched. I was kind of hoping that the Supreme Court would have come up with one in Lenarz, but they didn’t.”

Watertown lawyer and computer forensics expert Monique Mattei Ferraro is thinking the same way. She left the state crime lab in 2004, just before Lenarz’s computer was brought in for examination. She’s concerned that the lab’s internal systems are not designed to focus on a search warrant, or to properly utilize specialized computer-searching software to exclude evidence for which no probable cause has been found. A new opportunity presents itself for the lab and its technicians to start doing so now, as it upgrades its procedures in the wake of last year’s temporary loss of accreditation due to its DNA lab shortcomings. At the crime lab, Major William Podgorski said that new procedures are underway to have an independent prosecutor oversee attorney-client document searches. Ferraro spoke with Senior Writer Thomas B. Scheffey.

LAW TRIBUNE: Remind me what happened to Patrick Lenarz’s computer after police began to investigate him.

MONIQUE MATTEI FERRARO: He was accused of sexual assault by a couple of his karate students, and the police who were investigating made some nexus between the sexual assault charges and child pornography. They did a search warrant for his home computer and submitted it to the computer crimes forensic unit for a digital forensic examination.n to investigate him.

Forensic technology expert Monique Mattei Ferraro said it is up to state crime lab examiners, and not just police detectives or prosecutors, to comply with terms of search warrants.

After the police got a warrant to seize the guy’s computer, within 24 hours, Lenarz’s attorney got an order from the court saying you can’t look at certain documents, because they are privileged documents intended for my lawyer. So what’s the first thing the lab does? They go in and rifle through his documents, print them out and give them to the police, who give them to the prosecution. Therein is the prosecutorial misconduct. Nobody [had previously faulted] the lab or the police. Finally, [last week], Kevin Ferry mentioned that it was the fault of the computer crimes lab. And it is unquestionably their fault. They ran roughshod over this guy’s rights. Once they became aware of these privileged documents, they went right in and looked for them, printed them out, and gave them to the police. The lab, as a government entity, is covered by the Constitution. Their position is, they don’t ask anybody for a copy of the search warrant or consent to search because “the police officers tell us what to look for, and we trust that they’re going to tell us the truth.” That’s not right — the examiner is ultimately responsible.

LAW TRIBUNE: Why is a warrant so important for a computer search?

FERRARO: [A computer] contains an enormous amount of information — more than your house does, more than the Library of Congress, potentially. If the average murder scene is a bedroom, imagine that a computer hard drive is the equivalent of the Town of Wilton or the City of Hartford — filled with all of the owner’s private thoughts and activities that may have accrued over the course of several years. When the police have access to it, they have lots of time and resources at their disposal, to look through it.

LAW TRIBUNE: There were several steps before the improper material reached the prosecutor. What went wrong here?

FERRARO: Within 24 hours of the seizure of the computer, Lenarz and his attorney obtained a court order that prohibited the examiners from looking at documents prepared for trial, that were privileged. This court order was in effect when the computer was submitted to the crime lab. Notwithstanding the order, the lab searched through the computer, they looked at the documents, printed them out and gave them over to the police. The search warrant was quite clear that the computer crimes lab was to look for child pornography. Child pornography is nothing like documents, and digital forensic software is quite able to distinguish between pictures and documents.

LAW TRIBUNE: Even computer novices know they’re completely different types of files.

FERRARO: And digital forensic software quite easily filters out any documents in a search — that’s one of the beauties of it. It’s very, very easy. You look at the search warrant, you go by the search warrant and you gather the data the search warrant tells you to look for.

LAW TRIBUNE: So what should come out of this?

FERRARO: At the very least, the Department of Public Safety and the computer crimes lab should learn some lessons from it. Certainly Mr. Lenarz’s life was damaged — he spent three years, nine months in prison because of this. I think that what happened is an indicator of the poor supervision and the bias that existed at the lab and within the Department of Public Safety at the time. I think right now there’s an excellent opportunity for the department to change their ways. And I sincerely hope they take advantage of this opportunity.

LAW TRIBUNE: What would you like to see?

FERRARO: They are still not requesting consent or search warrants before examining a computer. They don’t use a search warrant as a guide when they do an examination of a computer. They go by the request for service. ...There is nothing at the lab now that would prevent a situation like Lenarz from happening again. Nothing. •

A Minnow Swims In The Giant Legal Tech Sea

Trade show is awesome, just not geared toward small firms

Editor’s Note: Earlier this month, ALM, the parent company of the Law Tribune, presented its annual LegalTech expo in New York City. Attorney Monique Ferraro, manager of Technology Forensics LLC in Waterbury, offered to attend the event and report on it from the perspective of someone running a small law firm.

By MONIQUE M. FERRARO

The pocket protector Star Trekky side of me secretly hoped LegalTech would be a gathering of my people. So, when I walked in and spotted a guy who was dressed head to toe in an outfit that looked like he just emerged straight out of The Matrix, I was psyched.

Wrong room. Drats.

Pointed in the right direction, I entered the exhibit hall where the blue suits and armies of similarly clad “teams” clamored. Two entire floors of the New York Hilton on 6th Avenue were filled with more than 200 vendors. Without question, this event was both impressive and over-stimulating.

Legal Tech is Gotham’s annual gargantuan gathering of geeks, lawyers and their support staff. It is daunting to take on the whole two floors of exhibits, but my mission was to find software to track time and bring it into billing for a small firm. Trying to find a turn-key solution has proven frustrating so far, and demos eat up our time and resources.

We’ve narrowed down the search to a few products, but I figured that if there was a place in the world that would have what I was looking for, Legal Tech would be it. So, with empty brief case ready to receive

my SWAG (Stuff We All Get), I went in search of software. It was good to have a focus, because one could easily spend days roaming from vendor to vendor learning about the different products they offer.

It didn’t take long to fill the SWAG bag —stress ball, computer mug, a bazillion pens, a light-up ball for my dog, a Nerf thing for my son. A lot of the vendors gave away iPads. It seemed to me that the attendees probably used iPads as coasters. If the vendors wanted to impress the attendees, they should have given away helicopters. That might have made an impression.

Lots Of E-Discovery

Unfortunately, I didn’t find many products for small firms. Maybe next year when I have more time and am more familiar with the layout I’ll find more technology for the little people. Just from eyeballing the vendors, it’s a pretty fair estimate that at least half or more of them were hawking e-discovery, information management or digital forensics.

There was a lot going on with e-discovery. The field seems to have taken on a life of its own with all sorts of confusing products and services provided that, upon my review, were either just fancy names for something that’s been done for a long time or something that really shouldn’t be done by software vendors.

For instance, “early case assessment” is simply the act of taking stock of the information technology resources a party has in hand prior to producing materials for electronic discovery in a particular case. One would think that every company with general counsel would have a good idea of the electronically stored data it possesses prior to litigation. Maybe I expect too much, but it seems to me that given a particular case “early case assessment” shouldn’t require a roomful of blue suits.

“Predictive coding” is a technology patented by Recommind that purportedly automates the review process and cuts costs by 45 percent to 70 percent. By all accounts, the other e-discovery vendors were peeved when Recommind obtained the patent. Document review is wildly expensive. If it works, it will be great. If it doesn’t work, how will the results be measured and how will we know? The parties and counsel who take the risk take a big risk.

Some of the e-discovery software seems promising. Some offer de-duplication — which reduces the number of duplicate documents. There are, of course, arguments for not de-duplicating. For one thing, it takes some important decisions out of the hands of the attorney that should probably remain with the litigator rather than the software engineer. Certainly, it’s a process that should be undertaken only after the attorney has all the information about e-discovery, the electronically stored information in the specific case, and how the specific software used for e-discovery in the specific case operates.

A very interesting group of products is offered by a Hartford company. TyMetrix offers corporate legal departments software that analyzes how well their outsourced firms are doing based on various performance measures. But general counsel aren’t the only beneficiaries. The company delivers metric software for law firms to track their productivity and compare themselves against competitors in the market.

Continuing legal education sessions echoed the vendor displays. There was a session on technology-assisted review in e-discovery, a session on international e-discovery … so many classes on e-discovery that a lawyer could immerse oneself in it and theoretically learn all the angles. Again, it seems from the material and various offerings to be very complicated. But e-discovery really isn’t.

For lawyers interested in technology other than e-discovery, there were some very interesting sessions on information management and productivity analytics. There were presentations on the effects of social media on trials and juries and quite a few sessions on cloud computing. Social media discovery was buzzing everywhere. There was a session on iPad apps for lawyers.

An emerging field that one of the sessions addressed was reputation management for law firms — upon researching that topic, I found that a subscription for reputation management can cost upwards of $15,000 to $20,000 a year.

Enlist An Army

Bottom line: LegalTech New York is stunning. For big law to hook up with big e-discovery, it was a perfect match. For mid-sized law to learn about its options for e-discovery, information management and other legal technology, it was awesome. For small law, it was an amazing display of technology, but not so helpful.

To take in all that Legal Tech has to offer, one would have to enlist an army whose members would attend various programs in addition to checking out the vendors. With my little narrow focus, I was a single, very small minnow seeking a teeny piece of algae in an ocean of sharks, piranha, and barracuda vying for the blue whales.

To get the most out of the event, check out the “virtual show” online this year at www.legaltechshow.com and, later on, see how you like the vendors that plan to participate next year. It is very inexpensive to attend the keynotes and exhibits. A full-day or full-event pass is expensive, so unless you work for a big firm or have money to burn, it’s prohibitive. However, there is excellent content that is worth the investment if you look through the itinerary ahead of time and plan your schedule for a day or two well in advance. If you team up with a colleague, you can share what you learn afterward.•

Reprinted from the Connecticut Law Tribune, Published Monday, February 13, 2012

I added the pictures.

Anonymous Update: Interception of FBI and Scotland Yard Communications

Since I wrote the article on Anonymous for the Connecticut Law Tribune, the group has perpetrated perhaps its most audacious act yet. It intercepted a telephone conference between FBI officials and Scotland Yard and posted the contents online. The conference call topic was how to deal with specific suspected members of the group. See a rough transcript of the conversation here: RAW DATA Anonymous Transcript and an audio recording here: Anonymous Intercept FBI & Scotland Yard Call

Of course the issue isn’t the contents of the conversation between the law enforcement agencies. The ISSUE is that a telephone conference was intercepted by a rogue group of nerdy bad boyz and girlz. Coverage of the incident didn’t seem to be as extensive in the United States as it was in the United Kingdom. I can’t figure if it’s because the media in the US is too afraid to cover it or that they just don’t understand the enormity of this threat. It is huge.

As a technology matter, what they did wasn't a big deal. The conference call code was probably gained through monitoring someone's email via a Trojan or keylogger (just a guess) and then someone just called in and recorded the conversation.

Worse, and more likely, is that there's an internal security breach within the FBI and/or Scotland Yard that's sympathetic to the Anonymous cause. It doesn't have to be a law enforcement agent. Any disgruntled employee or ex-wife/husband will do. (Some very, very cynical folks say that law enforcement would never make any narcotics arrests if it weren't for women scorned by dealers and, of course, lucky patrol officers.) Actually intercepting a telephone or voice over IP call is much more difficult. That doesn't mean Anonymous operatives couldn't do that. They just didn't do that in this instance.

But don't let me minimize the magnitude of this event. No one has EVER done this. Intercepting law enforcement communications is a big deal. They’re supposed to be secure. It’s bad enough that the US Department of Justice website was taken down in January. Now the FBI has had its live communications intercepted. What does that mean?

It means that our government basically sucks at security and Anonymous is exploiting that fact. For all of their puffed up blow-hardery (I made that word up. . . do you like it?), the feds have got nothing. That’s the point. That’s what Anonymous is doing. They’re hacking the feds and laughing their asses off. They’re posting their exploits to show that not only did they do it, but they spanked the feds hard.

Unfortunately, the knee-jerk reaction of the feds will be to spend more money and expend more resources tracking down the impossible. As an example, CNN reported that the feds are getting more secure phones. They’ll want to ‘bring the Anonymous threat to justice.’ And, predictably, they will fail and Anonymous will respond with more and more outrageous exploits that will make the DOJ and Homeland Security look like absolute dopes. So, how best to deal with it?

My two cents? Partner with them. Ask their advice. Give them some sort of clemency under a shroud of privacy. Hitting this threat head on is only going to escalate it. And, the more it’s escalated, the better Anonymous looks and the worse the US government and all the collateral governments, corporations and institutions look.

No. I know what you’re thinking. This is definitely not the same thing as negotiating with terrorists. The reason is that terrorists are looking to break us down and replace the government with something else. Anonymous has a completely different motivation. Find the common interests and work from there. They like the Bill of Rights, the government (is supposed to) likes the Bill of Rights. You get the picture.

Hacktivists: Robin Hoods Of The New Millenia

As with most criminal activity, the government is basically impotent against cyber crime. As more people log on, there is more crime. The more applications and sophisticated the technologies, the more adept the offenders become at using them to facilitate their criminal acts or avoid detection.

We saw this played out last month when the group Anonymous took down the U.S. Department of Justice, Warner Music and the Recording Industry Association of America web sites on Jan. 19. The hacks were in retaliation for the shutdown of Megaupload, an Internet site used to facilitate sharing large files, such as movies and large caches of music. The owner of the site and three others were arrested. Several million dollars in assets were seized. The Justice Department alleges that Megaupload’s primary use was to unlawfully traffic copyrighted material.

The takedown of the DOJ and RIAA sites are the most recent in a slew of exploits Anonymous claims responsibility for. Should you be concerned? Hell yes. First, let’s talk about who Anonymous is. Second, let’s talk about what that means for us lawyers and, most importantly, how that might impact us in our pockets short and long term. Finally, I offer an observation on the future of Anonymous and our information and communications technology.

Barely known a year ago, Anonymous has emerged as a powerful hacktivist group. (Hacktivists are computer network hackers who claim that their cyber crimes are motivated by political activism.) The group uses the Guy Fawkes mask as its symbol. Probably the most notorious traitor in English history, Fawkes led the Gunpowder Plot of 1605 in England. The goal of the plot was to blow up the Houses of Parliament. Although nowhere near successful, the conspirators actually got gunpowder close to Parliament. Fawkes was arrested after one of his co-conspirators sent a note alerting one of the Lords. Fawkes was subsequently tortured and executed, but he maintained his anonymity for several months under questioning. The English celebrate Bonfire Night each year to commemorate his capture and the safety of the queen. Fawkes’ effigy is burned on the fires, and the mask has become his symbol. Today, the mask is an emblem of anonymity and audacious challenge to the government.

Facilitating Uprisings
It isn’t so much that Anonymous hackers don't like the government and big business. They don’t. It’s more that their allure is that they come off looking like the Robin Hoods of the new millennium. In a very short span of time, they have amassed an enormous following and garnered the support and respect of many. Anonymous was instrumental in facilitating the uprising in Tunisia and has been central to the Arab Spring. They have been very active in the Occupy Wall Street movement, referring to themselves as, “the 99%.”

Their overarching message in blogs, on YouTube videos and in media releases is that they advocate for truth, freedom, freedom of speech on the Internet, the right of the people to protest and assemble and to right wrongs. Who can argue with that?

They have no leadership, but there are many supporters and obviously participants in the collective have signifcant technical skill sets and knowledge. Their targets have ranged from the government of Tunisia to NATO. They claim responsibility for taking down Sony PlayStation service, the CIA web site and the San Fransisco Bay Area Rapid Transit system web site. In December of 2011, Anonymous hacked Straffor — a company in the business of information security and intelligence — and used client credit card information to make donations to charitable organizations.

After the technology security company HBGary claimed to have infiltrated Anonymous, the group retaliated by shutting down the company’s phone system, hacking its web site, and publishing e-mails and other documents taken from their servers. Other victims of Anonymous attacks include the CIA, Facebook and a rapidly growing list of governments, academic institutions and corporations.

Lost Confidence
Why should we care? Well, as with terrorist attacks, when institutions we trust are compromised, that threatens our security. Our economy still hasn’t recovered from the Sept. 11 attacks. Consider the travel industry. Airlines are forever changed. Our confidence is still shaken. The hacking and security compromises of government, academic and corporate information and communications technology by Anonymous have similar ramifications.
Although it is doubtful anyone will be dissuaded from making purchases online, I don’t think anyone who knows about the incidents has the same confidence that the Justice Department web site is secure or that the RIAA is safe from attack.

It doesn’t take much. That’s the theory and success behind terrorism and hacktivism.

One success reverberates to create a great sense of threat. That’s why we spent so much money on homeland security. That’s why we spent so much money on two wars. If you boil the impetus down behind all the billions of dollars spent on the security and all the billions lost in revenue by our economy, it all goes back to the events of 9/11 and the hijackers.

“Do you want to see Anonymous rise up? Try to shut down the message.” OK, we get the message that the group doesn’t want Internet censorship or oppression. But how does that jibe with law enforcement’s struggle to beat back the rising tide of cyber-wrongs — serious injustices such as online child exploitation, violent crimes, human trafficking, theft, fraud, and intellectual property infringement? If Anonymous really is the Robin Hood of the new millennium, right those wrongs for us.

Anonymous has hacked many child pornography sites and taken down large criminal enterprises in the past. If its members would concentrate more on righting those wrongs — maybe by developing technology to identify and obliterate images that depict child sex abuse or that infringe on intellectual property rights — that would free up a lot of law enforcement resources. It would also reduce our tax burden substantially. It may relieve me of a great deal of my workload, but it would be a reduction I’d be happy to take.

Reprinted from the Connecticut Law Tribune February 6, 2012

Oxymorons: Google Privacy v Microsoft Uber Alles

People seem to be up in arms about Google’s new privacy policy.They’ve taken all their sixty something policies and now they have one. That’s how they’re selling it to customers. But critics are paranoid that the new policy heralds the dawn of Google Big Brother tracking us from our Gmail to our Google searches to our phones to our iPads. Woopee. As if that’s a revelation.

What the critics are griping about is the potential for Google to use targeted marketing across its many platforms. Google may amass our searches and send ads to our smartphone or to our gmail banner. Most of us won’t notice.

There have been calls for Congress to ‘do something.’ Um, like what? I hesitate to show my impatience, but, do folks realize that Google is actually a corporation that is out to make money and not a government entity? If you want to dictate Google policy, buy stock and get on the Board of Directors. OR, maybe you can just use . . . the. . . other Google. Hmmmm.

To that end, Microsoft has pitched its own bitch. The corporation launched a print ad campaign decrying the Google privacy policy, implying that we no longer have any protection from the prying eyes of the leering corporation and its minions. Sour grapes. Microsoft wishes it was Google. And, it wishes it could come up with both a single policy to govern all of its many concerns and track all of us as effectively and profitably as Google uber alles.

Anonymous Struck USDOJ.gov HARD

Hey- Remember how I said that Anonymous was taking us to school? Well, it looks like they're taking the feds to school, too. As I write this, the United States Department of Justice website is down. Down. That is unacceptable, folks. It was bad enough that NATO and the CIA sites were hacked, but they didn't learn from that? How could the DOJ allow their site to be compromised? That is a failure of our government in a big way. How will we recover our confidence in Internet security if the GOVERNMENT isn't secure?

(Note- The picture above is a screenshot of the usdoj.gov website taken at about 9 pm eastern time on 1/19/2012)

Zappos and Other Hacks

Zappos was one of several online vendors hacked this week. The company claims that only personal information, like names and addresses of its 24 million customers were accessed, but not credit card data. Right.

6pm, another online retailer that happens to have my account information was also hacked and claims that ‘only’ the personally identifying information, like names, addresses, last four digits of the credit cards and passwords of its customers. The company assured us that our credit card information had not been accessed.

Well woop-de-do. . . Individuals don’t seem to care much about their data or where it’s stored or whether it is compromised. After all, they’re on all sorts of mailing lists and they get spammed from all directions, they’re called constantly- barraged by an endless stream of advertising. We rightly assume that the law protects us from credit card fraud and individual data breaches. The fact that our credit card information hasn’t been compromised really isn’t a big issue, is it. After all, our liability as individual consumers amounts to $50, and that’s usually waived by the credit card company in these situations. The real issue is much, much more serious.

While vendors are going around touting cloud computing, every day we hear of large scale hacks of e-commerce providers, government, cloud computing vendors and academia. What could Zappos or 6pm have done differently? How is it possible that the CIA and NATO and Straffor have been hacked?

The crux is that security is mostly a reactive endeavor. There’s only so much that can be done prophylactically. The grand plans that many security vendors market may sound sexy, but they will always be a step behind the conspiracies of the bad guys looking to breach your system and steal your data. That’s just the way law enforcement and security works. The best you can hope for is to have a good structure in place for responding to threats when they happen and a team that can assemble to both quash the security breach and anticipate future threats.

Anonymous Coverage on CNN and the History Behind the Mask

If you missed the piece Saturday on Anonymous, CNN posted it online at:

Part 1 http://www.cnn.com/video/#/video/us/2012/01/15/lyon-anonymous-pt1.cnn

Part 2 http://www.cnn.com/video/#/video/us/2012/01/15/lyon-anonymous-pt2.cnn?iref=allsearch

You can order a Guy Fawkes mask from Amazon for as little as $4.00 (before shipping) here:

http://www.amazon.com/s/?ie=UTF8&keywords=guy+fawkes+masks&tag=googhydr-20&index=aps&hvadid=4308600137&ref=pd_sl_5yqqdt97qc_b

Guy Fawkes lived in the 1500's in England. He's famous for leading a group of rebels who tried to blow up the House of Lords. His plot was discovered when a coconspirator revealed it to a member of the House of Lords by allegedly sending a note saying to stay away on November 5. The country celebrates a holiday called 'Bonfire Night,' during which they set off fireworks and light bonfires. Manic The holiday is officially intended to celebrate the safety of the monarch. People make dummies to symbolize Guy Fawkes, and throw them on the fires.

The mask that has come to be associated with Guy Fawkes is the one adopted by Anonymous as the symbol of its group. The association between the Guy Fawkes mask and Anonymous is that Fawkes struck at government- he attempted to blow up the House of Lords. And, he maintained his anonymity. Of course, he did so unsuccessfully, but go with it. . . It's cool and it's symbolic and so far they're on a roll.

Consumer Electronics Show and Anonymous on TV this Week- YAY!

The CES is going to be covered on starting Tuesday afternoon on Spike.

And, although the CNN website sucks and the information is not posted there, it’s reported on the network that on Sunday Jan 14 at 8 p.m. there’s going to be a program on Anonymous.

They’re the hacking group that claims responsibility for the biggest exploits of 2011. Sure, I’ll admit that buying into media coverage of a hacking group like Anonymous is the same thing as sopping up the clap trap fed to us by terrorists. But, ignoring Anonymous is something we do at our peril, apparently. They’ve hacked the CIA and NATO and Straffor. Anonymous is really scary and important because they are, no kidding, smarter than we are in lots of ways. And, we’re doing a crappy job of protect ourselves against the threats they pose.

For one thing, they’re making pretty easy work of showing up our top flight security and intelligence resources- like NATO and Straffor and the CIA. You’d think those sources would be locked down pretty tight- you know, there’d be solid access controls, encryption, if the sites were compromised they wouldn’t be back up unless they were hack-proof. NOT. Although I definitely do not subscribe to feeding the beast, I do admit we’re being taken to school. I, for one, am going to be watching.