Juris Doctor 120 of 161 – AKA Beer Breach

I have a natural passion for keeping people safe and secure as many of you know. I also have a real passion for technology law which might be evidenced by the doctoral pursuit in law. I also follow the news looking for cases that have been adjudicated and what the verdict or in most cases,… Read More

Juris Doctor 118-119 of 161

While I was doing some research on consumer protections in my Cyberspace Law class, I encountered the following policy that is certainly on the horizon for consumer protections. You can find the original press release here: Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework, The Department of Commerce internet policy… Read More

Congratulations Your New Expinfo Account is Approved.

I received a confirmation message this morning though email from a company called Expinfo. Dear MICHAEL D, You have successfully registered with Expinfo Inc. Following are your Login details. I’ve never done business with, contacted, or knew these scoundrels existed but apparently, my alter impersonated expinfo-ego created an account and emailed me the credentials. This… Read More

Mobility Madness: Securely Extending Commerce to Mobile Users

With any emerging information technology, particularly those that interweave financial transactions, such as commerce and banking, one of the first concerns should be security. With an exponentially increasing number of consumers using mobile payment technologies, there is increased scrutiny of the precautions retailers are taking to guard these transactions. For retailers with mobile commerce sites… Read More

The Weakest Link

I recently ran across a memorandum by the U.S. Citizen and Immigration Services (USCIS) that states: “Narcissistic tendencies in many people fuels a need to have a large group of ‘friends’ link to their pages and many of these people accept cyber-friends that they don’t even know. This provides an excellent vantage point for the… Read More

Juris Doctor 117 of 161

I am definitely having fun with my Cyberspace Law class this term. The course concludes this December so I have the rest of the year to immerse myself into a synergistic subject area. It is widely held that in general, lawyer’s knowledge about computers, and predictions they make about new technology, are highly likely to… Read More

Domestic Terrorism

According to a recent analysis conducted by Akamai, out of the all the cyber-attacks observed originating from the 209 unique countries around the world identified, the United States was the top attack traffic source, accounting for 12% of observed attack traffic in total. Russia and China held the second and third place spots respectively, accounting… Read More

B.S. in Best Practices

Have you ever sat in a meeting with auditors or other third party professionals who will include the phrase “best practices” in their argument or report? I have no idea how many times security practitioners have tossed this phrase about to bolster their position. I’ve read that phrase countess times in articles published by reputable… Read More

How E-Commerce Apps Are Putting Your Site at Risk

Article Reprint: http://www.ecommercetimes.com/story/How-E-Commerce-Apps-Are-Putting-Your-Site-at-Risk-70964.html?wlc=1286281687&wlc=1286300892 Many developers do not overlook security on purpose; it’s just that the focus is usually on feature and functionality, not the nuts and bolts of building a secure software application. These technical oversights can leave a relatively easy opening for attackers to leverage. Cross-site scripting or data source injection are the most… Read More

Gearing Up for the Holidays? So Are Cyber-Criminals

Article Reprint: http://risnews.edgl.com/retail-best-practices/Gearing-Up-for-the-Holidays–So-Are-Cyber-Criminals40304 The holidays typically are the peak season for merchants. Yet at such a critical time of year many retailers still leave themselves vulnerable to significant e-commerce fraud – and the corresponding lost revenue and damaged brand reputation — because they don’t enforce or implement information security best practices throughout the year. While… Read More