Is your online identity protected?

The less you reveal about your location such as your IP address the more secure your connection. Take control over the information you allow to be visible on the internet.

A virtual private network (VPN) extends your private network across the Internet. It enables you to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. This means you can protect your data and IP address. You can also “tunnel” around blocked sites and censorship by having a virtual presence in another country.  A Virtual Private Network (VPN) is your first line of defense on the internet.

*all VPN’s include:  Secure VPN Account – Encrypted WiFi – P2P Support – 5 devices simultaneously – Block ad-trackers, and malware – Multiple VPN Gateways – Unlimited Bandwidth – SOCKS5 Proxy Included – No traffic logs – Instant Setup – Easy to use.

Current Security News

Considering Electronic Document Signing? Try OneSpan Sign Free For 30 Days

Considering Electronic Document Signing? Try OneSpan Sign Free For 30 Days

Graham Cluley Security News is sponsored this week by the folks at OneSpan. Thanks to the great team there for their support!

More than 10,000 customers in 100 countries rely on OneSpan to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems.

In today’s digital era, more and more organizations choose e-Signature technology as part of their digitization process.

OneSpan Sign is the white-labeled solution behind some of the most trusted brands and security-conscious organizations in the world. The last ten industry reports show that OneSpan Sign received the highest overall customer satisfaction score among e-signature products. 99% of users rated it four or five stars.

Try sending and e-signing documents now, free of charge, and discover how to:

  • Enhance user experience across all channels
  • Increase operational efficiency
  • Meet compliance challenges

Start e-signing in minutes on web and mobile, by signing-up for an Unlimited 30-Day Trial now!


If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Graham Cluley

Apple Tells Congress ‘Nothing Was Ever Found’ to Suggest Alleged Supply Chain-Based Hack

Apple’s top security chief told the U.S. Congress on Sunday that it had found no indication of suspicious transmissions or other evidence that its China supply chain was ever compromised (via Reuters) …
mac hacker – read more

September 2018’s Most Wanted Malware: Cryptomining Attacks Against Apple Devices Increase Sharply

  1. September 2018’s Most Wanted Malware: Cryptomining Attacks Against Apple Devices Increase Sharply  GlobeNewswire (press release)
  2. New wave of crypto-mining attacks on iPhones raises eyebrows  Siliconrepublic.com
  3. Full coverage

malware news – read more

Apple Tells Congress ‘Nothing Was Ever Found’ to Suggest Alleged Supply Chain-Based Hack

Apple’s top security chief told the U.S. Congress on Sunday that it had found no indication of suspicious transmissions or other evidence that its China supply chain was ever compromised (via Reuters) …
mac hacker – read more

Assassin’s Creed Odyssey suffers DDoS attack at launch

Assassins creed odyssey thumb

Assassin’s Creed Odyssey, the action role-playing video game set in Ancient Greece, had its launch on Friday disrupted by crippling distributed denial-of-service attacks.

Graham Cluley

Apple Tells Congress ‘Nothing Was Ever Found’ to Suggest Alleged Supply Chain-Based Hack

Apple’s top security chief told the U.S. Congress on Sunday that it had found no indication of suspicious transmissions or other evidence that its China supply chain was ever compromised (via Reuters) …
mac hacker – read more

Can’t Wish Away The Mistakes In The Original ‘Stairway To Heaven’ Verdict

Yesterday we published the first part of an analysis by copyright lawyer Rick Sanders who wrote up a thorough analysis of the recent 9th Circuit decision to overturn the jury verdict in a case involving whether or not the Led Zeppelin song “Stairway to Heaven” infringed on another song. The first part described how the 9th Circuit might be correct a problematic “test” for infringement, and this part analyzes the problems with the jury instructions.

Last time, I explained why I thought the Ninth Circuit’s recent vacating and remanding of the jury verdict in Led Zeppelin’s favor was, long-term, a good thing for copyright law (even if I kind of liked the verdict and am genuinely sorry for Led Zeppelin). The reason is that the reversal gave one panel of the Ninth Circuit an opportunity to try to fix the Ninth Circuit’s unhelpful legal framework for determining copyright infringement.

But that isn’t why the panel reversed. While the panel did make some suggestions about how to present the “inverse-ratio” rule to the jury, the way it was presented to the original jury isn’t what merited reversal. What merited reversal was the lack of another jury instruction about a basic and uncontroversial principle of copyright law that the parties agreed should have been there in some form. In short, the case is being reversed — and the Ninth Circuit is getting a chance to fix its own weird copyright law — because of what appears to have been a brain fart.

Jury Instructions: An Introduction

We all gasped when we heard about the reversal. Jury verdicts are hardly ever reversed. One of the few ways a jury verdict can be thrown out is if the jury was badly instructed in the law. Juries, naturally, don’t bring any knowledge about the law with them when they serve. That’s not their job, really. Their job is to weigh evidence, make credibility determinations, and so forth. But at some point, they need to be told what the law is, so they can take all that evidence they weighed and apply it to the law and render a verdict. How this is accomplished might surprise you.

There are several ways for jury instructions to be prepared and delivered to a jury, but the main way is this. First, the parties’ attorneys confer about what jury instructions they can agree on and jointly submit those instructions to the court. In this, they are aided by pattern jury instructions prepared at the circuit court’s direction. But pattern jury instructions don’t cover every aspect of every area of the law. You’d need ever-updating volumes to do that. Also, the pattern jury instructions aren’t unassailable: a party might disagree with one and explain how it should be and why.

For all other jury instructions, the parties submit their own versions of instructions they think address all of the legal issues being raised at trial, together with a short explanation of the legal authorities for their versions. The judge decides which version to use, or the judge might even craft his or her own version based on their own research.

Are the instructions then typed up, collated and distributed to the jurors in a neat binder? No! The judge reads them to the jurors, at the very end of the case, during what is called the “jury charge.” The jurors have to memorize the instructions (though they can ask to re-hear specific ones later during their deliberations).

“Selection and Arrangement”: An Introduction

In this case, the parties agreed that they needed an instruction about what to do with a work that is made up of unprotectable elements. Just because your work is made up of lots of unprotectable elements, that doesn’t mean your work as a whole can’t be protected by copyright. If you put those unprotectable elements together in an original way, then the way you put those elements together is protectable, though not the individual elements themselves. After all, you can theoretically dissect any creative work down into non-protectable elements: individual notes, individual words and phrases, individual brushstrokes, etc. It’s what you do with those non-protectable elements that counts. Courts call this “selection and arrangement,” which makes it seem more abstract than it is.

In this case, the plaintiffs hold the copyright in the song “Taurus,” which has for years been rumored as the inspiration for Led Zeppelin’s “Stairway to Heaven.” (But inspiration isn’t infringement! Well, at least, not necessarily.) When the plaintiffs finally got around to suing, Led Zeppelin argued (among other things) that any similarities between the songs were only for non-protectable elements, like the use of the chromatic scale. Plaintiffs argued that, even if that were true, the “selection and arrangement” of those elements were original (and, by implication, that “Stairway to Heaven” took that selection and arrangement).

Both parties recognized the need for an instruction on this issue. They disagreed on what it should say. They submitted competing instructions for the judge to consider. Then came the jury charge, at the very end of the case, just before the jury began deliberations. The judge began to read the instructions. Now, normally, a party would have an opportunity to object on the record to an instruction. This is a prerequisite to complaining about it on appeal. But the judge here didn’t want to hear any objections. He reasoned that, if the parties disagreed about an instruction in their submissions, it was reasonable to assume that they would object to an instruction that didn’t match what they’d submitted.

The parties waited for the instruction about what to do with works made up of unprotectable elements. It never came. This was good for Led Zeppelin, though not ideal. On the one hand, since Led Zeppelin had presented evidence that all they’d taken (if anything) from “Taurus” was not protectable, such an instruction couldn’t help their argument, no matter how it was crafted. On the other hand, it was foreseeable at the time that the missing jury instruction could imperil a jury verdict in Led Zeppelin’s favor (assuming they could focus on it with 500 other things going on at that moment.

On appeal, the strongest argument — that trial court was correct not to give the instruction — wasn’t really available to Led Zeppelin because even it had suggested an instruction. (Led Zeppelin tried anyway.) Instead, it had to argue that the missing instruction made no difference to the jury’s deliberations. That’s where another major goof with the jury instructions came in.

Copyright’s Broad Scope

Nearly all copyright cases will need an instruction about originality. Without “originality,” there is no copyright. Originality, however, is pretty easy to achieve. All that’s really required is that the work be expressive (i.e., not just ideas) and the product of a human mind. This last requirement not only excludes things like the “monkey selfie,” but also things like underlying facts, which exist independent of human thought; and stock “tools of the trade” commonly available to everyone in the creative field, like stock characters, computer code that everyone uses, certain three chord progressions, and so forth (what lawyers call “scènes à faire”). It also excludes material the author copied from other works (including those in the public domain), but only if the author actually copied them. Originality doesn’t mean novelty, just that it’s the author’s independent expression.

Originality is so basic to copyright law that there’s actually one of those “pattern jury instructions” about it. Pattern jury instructions aren’t law and aren’t always appropriate in every instance, but departure from them demands explanation. The court took the model instruction and added the stuff in bold and took out the stuff that’s been struck through:

An original work may include or incorporate elements taken from works owned by others, with the owner’s permission. However, any elements from prior works or the public domain are not considered original parts and not protected by copyright. Instead, [t]he original parts of the plaintiff’s work are the parts created:

1. independently by the work’s author, that is, the author did not copy it from another work; and
2. by use of at least some minimal creativity.

In copyright law, the “original” part of a work need not be new or novel.

You might detect a pattern here (as it were). The instruction about how to treat works consisting of non-protectable elements was left out. Now the instruction about originality includes a new sentence that emphasizes how non-protectable elements aren’t protectable, without telling the jury that those non-protectable elements can be selected and arranged in a protectable way.

What it Means to Create

I don’t know if copyright has a single “heart.” Perhaps, like an octopus, it has several hearts. But surely one of copyright law’s hearts is that creativity can and often does build on the work of others. This idea is echoed in fair use. And it is echoed in the non-controversial idea that not every element of a work must be protectable for the work to be entitled to copyright protection. “Selection and arrangement” is just a stilted and abstract way of saying: if you give 100 kids the same collection of 100 lego bricks, you will have 100 different original works in about 30 minutes, even though no single lego brick is protectable and even though the 100 different original works will naturally share certain techniques in common.

These two errors in the jury instructions aren’t just about technicalities of a highly technical law. Goodness knows there’s a lot of those in copyright law. No, they go to one of the basic tenets of copyright law: what it means to create.

My charitable interpretation of all this is that the court had a major brain fart that Led Zeppelin’s lawyers didn’t see coming or didn’t fully understand how perilous the consequences would be. The other interpretation is that this was a legal strategy that worked too well and backfired badly. It’s too bad. I strongly suspect that a correctly instructed jury would have come to the same verdict, but the scale of this mistake is such that we can’t safely assume that. I also strongly suspect Led Zeppelin will prevail on remand—after incurring more expense, lost time and anxiety.

Rick Sanders is a trademark, trade secrets and copyright litigator and a founding partner of Aaron & Sanders, PLLC. From 2012 to 2014, he was an adjunct professor at Vanderbilt University Law School, where he was teaching Copyright Law. He blogs at IPBreakdown and tweets at @RickSandersLaw.

Permalink | Comments | Email This Story

Techdirt.

Anthem to pay $16M in record data breach settlement

  1. Anthem to pay $ 16M in record data breach settlement  ModernHealthcare.com
  2. Insurer Anthem will pay record $ 16M for massive data breach  The Seattle Times
  3. Anthem agrees to pay $ 16 million in data breach privacy settlement  ZDNet
  4. Full coverage

data breach – read more

The Many Faces of Necurs: How the Botnet Spewed Millions of Spam Emails for Cyber Extortion

  1. The Many Faces of Necurs: How the Botnet Spewed Millions of Spam Emails for Cyber Extortion  Security Intelligence (blog)
  2. Full coverage

botnet – read more

Cyberwarfare is ‘Dangerous As It’s Put Us On Path of New Cold War’ – Activist

  1. Cyberwarfare is ‘Dangerous As It’s Put Us On Path of New Cold War’ – Activist  Sputnik International
  2. The netherlands are in “cyber warfare” with Russia, said the minister of Defence  The Koz Post (blog)
  3. Netherlands in a ‘cyberwar’ with Russia: defence minister  eNCA
  4. Full coverage

cyber warfare news – read more

Facebook’s data breach shows us how the internet is broken – and we’re making it worse

  1. Facebook’s data breach shows us how the internet is broken – and we’re making it worse  New Statesman
  2. FBI, Global Regulators Investigating Facebook’s Largest-Ever Data Breach  Insurance Journal
  3. Between the lines on Facebook’s latest data breach  Axios
  4. An Update on the Security Issue | Facebook Newsroom  Facebook Newsroom
  5. Full coverage

data breach – read more

Funniest/Most Insightful Comments Of The Week At Techdirt

This week, our first place winner on the insightful side is Gary with a response to the Texas cops who seized an anti-GOP sign from a homeowner’s lawn:

Makes sense

Because the people who shout “Snowflake” the loudest are the most easily offended.

Some people, however, oddly presumed that the sign — which is uncomfortable to say the least, but intentionally so to make a point — must somehow violate some law, and our second place winner comes from Will B. in response to that idea:

Cite statute, please, bearing in mind that this cartoon was A) A cartoon, not an image of a real child, B) in no way explicit, and C) clearly protected political speech.

“Art depicting sexual acts with children” when defined broadly can include classics like Lolita, which to the best of my knowledge isn’t banned anywhere in the US. Explicit pornography involving real children is banned. (And of course, having sex with a real child is illegal – supposedly. Unless the person having sex with real children is a Republican politician. But no, this sign is clearly what’s wrong with America…)

For editor’s choice on the insightful side, we’ve got two more comments from that post. First up, it’s Stephen T. Stone with another response to the “this can’t be legal” argument:

By that logic, all the Christians who say “all LGBT people are pedophiles” would be breaking a few laws—but I have yet to see any of those Christians arrested, tried, and convicted of a crime for doing that.

Some people took a slightly different (but equally wrong) tack, arguing that the police were simply doing their job of keeping the peace by removing something likely to incite anger. Gary nicely outlined how misguided this is:

You understand that is the Exact Opposite of the job the police are supposed to perform, right?

They should be there to say, “We’ll keep an eye on your house because some people are grumbling.” Not, “Well it’d be a damn shame if your house gets vandalized.”

That sign was not any sort of illegal graphical content – otherwise the police department would have said so clearly, instead they denied any sort of legal force.

Over on the funny side, our first place winner is the fifth and final winning comment from that post, which in one thread unsurprisingly veered to specific conversation about Brett Kavanaugh’s unhinged senate performance. Stderric took the top spot though truly it was John Oliver doing the heavy lifting:

As John Oliver observed, “I hate to say it, but I’m starting to think that men might be too emotional for the supreme court.”

In second place, it’s Killercool taking on the question of whether hockey teams should prefer their players go to bars rather than play video games:

Look, if you aren’t drunk and getting in fights, why even play hockey?

For editor’s choice on the funny side, we start out with an anonymous thought about Verizon’s latest ridiculous commercial:

Missed opportunity to post this ad on Go90 and have their highest rated comedy ever.

And finally, we’ve got Agammamon with a response to the real-life “wicked witch” who is fighting back against Warner Media’s trademark bullying:

I’m going to assume that she’s doing this to get enough discovery to get together a list of names to be cursed.

Otherwise she’s not a very wicked witch.

That’s all for this week, folks!

Permalink | Comments | Email This Story

Techdirt.

Hackers hit Onslow County utility with ransomware attack

  1. Hackers hit Onslow County utility with ransomware attack  WWAY NewsChannel 3
  2. Ransomware hits computer networks of North Carolina water utility  CyberScoop
  3. Hackers attack NC water utility; authorities investigating the ‘sophisticated ransomware attack’  Greensboro News & Record
  4. Full coverage

Ransomware – read more

Google and Android security adds further protection for backups

  1. Google and Android security adds further protection for backups  Android Community
  2. Android 9 Pie Backup Server Secured With Titan Security Chip  Android Headlines
  3. Full coverage

android security news – read more

This is how much the WannaCry ransomware attack cost the NHS

  1. This is how much the WannaCry ransomware attack cost the NHS  ZDNet
  2. WannaCry Ransomware Cost The NHS £92m  Gizmodo UK
  3. WannaCry attack cost the NHS £92m  ITProPortal
  4. Full coverage

Ransomware – read more

Over 75% of Google Pixel users are on Android Pie

  1. Over 75% of Google Pixel users are on Android Pie  XDA Developers (blog)
  2. Pixel 3 XL vs. Galaxy Note 9 — the Best of Android Compared  Gadget Hacks
  3. Pixel 3, Pixel 3 XL updates will stop with Android S  SlashGear
  4. Google Pixel 3 Vs Pixel 3 XL: What’s The Difference?  Forbes
  5. Full coverage

android security news – read more

Global Mobile Security Market 2018-2025 Development Trends, Key Manufacturers and Competitive Analysis

  1. Global Mobile Security Market 2018-2025 Development Trends, Key Manufacturers and Competitive Analysis  Industry News Updates (press release) (blog)
  2. Global Consumer Mobile Security App Market 2018 Strategic Business Report : Symantec, Trend Micro, Dell, Trustgo …  Montana Ledger
  3. Research details developments in the Mobile Security market  MENAFN.COM
  4. Full coverage

mobile security news – read more