Technology

What Is Ransomware?

Published on: February 6, 2017 | by Law Offices of Salar Atrizadeh

A business’s computer network, which may comprise of network and database servers, is the operation’s lifeline. A successful business should require its computer network to be secure and protected. There are many ways that these measures can go wrong. Yes, sometimes hackers can get in and access sensitive information (e.g., trade secrets, intellectual property) without authority. There are countless ways for a hacker to obtain unauthorized access to a private network. However, what happens when the hacker has gained unauthorized access? In the hacker’s tool belt is a special kind of malware known as “ransomware.” What can ransomware accomplish? How can you spot it? How dangerous can it be to your business?

What is Ransomware?

As the name might suggest, ransomware is a program that holds (or claims to hold) data hostage. It then encrypts data, and renders it inaccessible until the data owner pays off the hacker. Generally, the hacker will place the malware on the host computer through an email attachment, special program, unverified email, or malware that accesses a computer through pivoting, and then releasing the “payload” which consists of the malware. After ransomware is activated, it sends an alert on the electronic device, usually demanding payment to an account, in the form of cryptocurrency (e.g., Bitcoin) or credit card payment.

Doxing: Is It A Violation of Privacy Laws?

Published on: January 30, 2017 | by Law Offices of Salar Atrizadeh

In the last article, we ended our comments with anonymous online speech and the related complications. However, unmentioned before is an act that’s generally prohibited on websites, and indeed, it will probably be prohibited pursuant to state, federal, or international laws. This is “doxing” which is a practice of taking another individual’s personal information – e.g., name, address, telephone, photographs or other confidential information and publishing it online without authorization. So, how do doxers do it? How can you protect yourself? What are the remedies, if any?

What is doxing?

Doxing (a/k/a “doxxing”) is a common aspect of activism and vigilantism that occurs online. Frighteningly, this action does not require an individual to necessarily perform an illegal act to “dox” a person. Rather, it relies on perseverance and the type of information is available to the general public.

Reverse Engineering: Fair Use and Other Rights

Published on: January 9, 2017 | by Law Offices of Salar Atrizadeh

Among the rights people have, many are unknown or unsung until there is a dispute and the courts get involved in the process. Rarely recognized is the right to reverse engineer under the Fair Use Doctrine and Digital Millennium Copyright Act. However, this is not an absolute right. Rather, it can be waived under certain circumstances. So, how can the right to reverse engineer be used? How might an individual hope to reverse engineer anything? Can you prevent others from reverse engineering your products?

What does the reverse engineering law apply to?

Reverse engineering is a method of taking a device or program and taking it apart to determine how it works, occasionally in attempts to duplicate or improve it. Generally, this would be applied to devices or physical products that are protected by patents. However, in the realm of copyright, reverse engineering is allowed in some situations. Specifically, this applies to computer programs to allow interoperability of devices or systems. Since computer programs may be designed to only work with a few devices or systems, to allow a consumer to use them on another operating system, reverse engineering would be a necessity. This would allow individuals to ensure programs operate without interference or to add integration features.

Digital Assistants

Published on: December 26, 2016 | by Law Offices of Salar Atrizadeh

As we close out the year and enjoy the new technology from the holiday season, one piece of technology stands out as a forerunner. It is something that we’ve dreamed and written about to the point it is a staple in science fiction. An artificial intelligence that anticipates and responds to a person’s desires and questions. This is the new technology, the “digital assistant,” such as Alexa, Siri, Cortana, and Google Home. These digital assistants manage to carry on conversations and answer questions. How can these digital assistants think? How can they change and learn how to respond properly? Does the way these digital assistants work put data at risk?

How do digital assistants work?

Much like wearable technology, the digital assistant relies on “chatter” between itself and another computer hooked up through the internet. However, the chatter tends to be slightly more reliant. Digital assistants, while they may have a few pre-programmed responses, are mostly reliant upon internet access to perform their duties. Alexa cannot work without WiFi, and Siri cannot work without a decent connection to data. When a person asks a digital assistant a question, the question is essentially pushed from the receiving device to the Cloud where it is answered, or some of the instructions are put out for the phone to follow. However, this may also entail, akin to a search history, a sort of assistant database where a person’s recorded voice may be kept, and in the case of the Amazon Echo at least, a user’s feedback on how Alexa did her job to allow it to grow and become more efficient, learning slang, or picking up on verbal tricks that are more similar towards human activities.

Wearable Devices: Privacy and Security

Published on: December 19, 2016 | by Law Offices of Salar Atrizadeh

Wearable devices become more popular as the holiday season approaches. Among various new technologies, there’s a focus on the idea of wearable devices, which include items like smartwatches, fitness trackers, and other electronic accessories that can help make life easier. However, with that comes the risk of privacy and security. What would you need to know about your wearable device? What are the limitations of wearable devices? How secured are they, who has access to or owns the stored data?

What type of data do wearable devices collect?

When it comes to wearable devices, it is important to realize that the most prevalent data it stores tends to be personal, health, and fitness-related information. For instance, the wearable device may track steps, take a pulse, measure heart rate, and in the case of the newer Apple Watch 2.0, they could record your geographic position. However, when it comes to other data, the wearable device’s ability is limited for the time being.

Technology and Patent Lawsuits

Published on: December 12, 2016 | by Law Offices of Salar Atrizadeh

For the uninitiated, motion sensors work on either the idea of cameras capturing motions, infrared light waves, or gyroscopes. Yet, even with this simple trio, this subject has led to a large scale of lawsuits based on patent violations. There are two major lawsuits to look at, one in the past, giving insight into what would fail, and one more current, involving Apple. What do these motion controls do? What would be patentable? What arguments could be made to fight these patents?

Patent lawsuits on motion-sensor technology

First, it’s important to note that motion controls, and indeed much of the technology that roots current motion controls are not new, but rather opens up to new avenues. There has been an advent in motion control with the Nintendo Wii System. While it is rudimentary, initially consisting of a motion-controller device and a sensor bar, it allows individuals to control games (e.g., classic example being swinging around the remote to swing a bat). However, with this came patent disputes, primarily between Koninkl Philips Electronics NV v. Nintendo of Europe GmbH, which ultimately succeeded in the UK, as the court deemed that the idea of a camera and sensor was specialized knowledge in the industry. Comparatively, there is a newer litigation involving Apple and Fitbit. On or about January 2016, the litigation began over the technology used to track health and fitness for individuals, such as motion and steps taken, among other patents.

Augmented Reality v. Virtual Reality

Published on: December 5, 2016 | by Law Offices of Salar Atrizadeh

In general, December is the month that yields a high volume of consumer activity, and the purchase of new technology devices. One of these is Virtual Reality (“VR”) technology, slowly trickling down from a niche market. However, it is not the only new reality-altering technology coming into the market, as Augmented Reality (“AR”) has had its growing pains in the world after its adoption. So, what are these new technologies? What are the current risks? Do they have any practical use?

What is Augmented Reality? What is Virtual Reality?

They are technologies meant to immerse a user into a different world by substituting or enhancing the reality. AR has the largest number of examples, such as Google Glass and Pokemon GO. They take data and overlay it into preexisting reality, allowing us to pull up contacts or catch imaginary creatures. While still in its infancy stage, AR has the potential to work as an overlay, where a camera can read and translate signs and books with the new text viewable, or a device can allow a person to follow arrows overlaid onto a road, or see parts of devices highlighted for repairs on the display.

What is Content ID?

Published on: November 7, 2016 | by Law Offices of Salar Atrizadeh

Given the internet is a multi-faceted environment, how can someone monitor his or her copyrighted content on the web? The internet has been called the “wild west” and yields limited regulations requiring lots of research, practice, and guidance to properly navigate its pathways. While self-tracking mechanisms can work in limited circumstances, however they may be imperfect solutions in the long run. Ultimately, Google may have figured out the answer, but the implementation tends to go above and beyond what is asked of it through the Digital Millennium Copyright Act, and falls short of what society could hope for monitoring copyright infringements. So, what is a content identification system? How does it work? What is it applied to and can it help protect your copyrights?

What is YouTube’s Content ID?

It appears that Google is the entity that has figured out how to solve the issue of identifying and flagging copyrighted content for the original owners. Yet, it comes with a caveat. What YouTube does is with clips of copyrighted content. So, in reality it determines certain patterns and aspects. This makes it incredibly useful in flagging songs, music, and film footage, which are items that YouTube deals with on a regular basis. This means that in any flagging online, a company can automatically issue some action, take downs, placing advertising on it, or otherwise dealing with an infringing party. Yet, this requires that any entity taking part in this program has submitted the work to Google for YouTube’s Content ID system. Noticeably, the Content ID system does not consider any fair use defenses that carve out exceptions to copyright infringement. Instead, it just looks to see if there is a match before taking one of the pre-determined actions. This limits the utility of the system, dependent on the Lenz ruling, and any future developments regarding fair use principles and the duties of online service providers under the Digital Millennium Copyright Act.

Capital Records, LLC v. Vimeo

Published on: October 31, 2016 | by Law Offices of Salar Atrizadeh

Now, that we know that Content ID exists, shouldn’t all online companies be held to that standard? As it currently stands, the law posits “not quite.” So, what standards are they held to? Surely, online content providers must take some reasonable measure to protect the copyrights of others. If not, certainly, a company must have some knowledge of copyright laws? At least enough to know that uploading the original works of third parties without consent constitutes copyright infringement. Or, at least the company must have knowledgeable employees who appreciate the Digital Millennium Copyright Act’s guidelines?

What is required under the Digital Millennium Copyright Act?

The Digital Millennium Copyright Act (DMCA) comes with a safe harbor provision that protects online service providers from liability. To avoid liability for any copyright infringement, online service providers are required to take down content as soon as they have knowledge of the alleged infringing activity. This last part is important, as it effectively gives purpose to the safe harbor. If an entity can be charged for the violation of its users without any actual knowledge, then it has the potential to stymie the general purpose of the internet. However, what is not clear is how a company should gain knowledge of the allegedly infringing materials, and that was the heart of the dispute between Capitol Records, LLC and Vimeo.

What Is the Future of Internet of Things?

Published on: October 24, 2016 | by Law Offices of Salar Atrizadeh

So, where do we go from here? After the Internet of Things was effectively used as a way to crash various online stores and services, it leaves us with the question of how can we fix this gaping hole in our security that would allow this new technology to continue to exist without causing further risk? As mentioned last week, the most likely solutions are either in the private sector, through consumer choice and manufacturer investment, or through government action. What actions should individuals take? What is the government doing now? What might the government do in the future?

What is the private sector currently doing?

The private sector is not doing much at this time. While consumers could demand more secure smart devices, the focus of the demand for these devices tends to be towards their functioning. In general, less sophisticated consumers buy smart devices for the sake of convenience, with security being a distant thought when compared to the more sophisticated consumers. These smart devices, like any other internet-connected device, occasionally need security updates to remain resistant to online bugs (i.e., malware). So, as the world becomes smarter, this technology will need to adapt and advance, accordingly, in order to mitigate the risks. Yet, without some motive to do so, it’s less likely that resistance to the botnet will emerge, and it may be due to the government’s intervention.