Tag Archive for: Context

Security Implications In Context Of Kashmir Region – Eurasia Review

/in


The union territory of Jammu and Kashmir has been subjected to many internet shutdowns in recent years, including the longest ever enforced in a democracy, lasting 145 days due to the repeal of Article 370,i which granted the state special status. However, instead of entirely shutting down the internet, the government frequently slows it down while also restricting the number of sites that an individual may visit.ii 

The government’s main objective has been social media, which has been put to sleep throughout the lockdowns. During this period, the Virtual Private Network (VPN) comes in handy for residents, allowing them to access government-banned websites, notably social media. This has become a major security concern since the government believes that the VPN is mostly used to spread incorrect and fabricated facts, causing societal instability while also providing information to secessionist groups, compromising national security. So, in order to prevent all of this from happening, the state has prohibited the usage of VPN services, and any person discovered engaging in this behaviour will suffer legal consequences.iii

Introduction

VPN (Virtual Private Network) refers to the ability to establish a secure network connection when utilising public networks. VPNs encrypt your internet traffic and conceal your identity online. This makes it more difficult for third parties to follow your internet activities and steal information. The encryption happens in real time. A VPN conceals your IP address by routing it through a specially configured distant server maintained by a VPN host. iv

This implies that if you use a VPN to access the web, the VPN server becomes the source of your data. This means that your ISP and other third parties cannot know which websites you visit or what data you transmit and receive online. A VPN acts as a filter, converting all of your data into “gibberish.v” Even if someone were to obtain your data, it would be worthless. The VPN boom in Kashmir finds its genesis in various lockdowns which puts a haul in normalcy of day-to-day activities. The exponential rise in use of VPN was seen after the abrogation of article 370 of the Indian constitution when…

Source…

Narrowing the Disclaimer Doctrine: Federal Circuit Cabins the Reach of Disclaimers in the IPR Context | Haug Partners LLP

/in


OVERVIEW

The United States Court of Appeals for the Federal Circuit recently affirmed three Inter Partes Review (IPR) final written decisions of the U.S. Patent Trial and Appeal Board (“the Board”) where the Board concluded that petitioner, Trend Micro. Inc. (“Trend”), had shown the challenged patent claims in patentee, Cupp Computing AS’s (“Cupp”), U.S. Patents Nos. 8,631,488 (“’488 patent”), 9,106,683 (“’683 patent”), and 9,843,595 (“’595 patent”), unpatentable as obvious over two prior art references.1 Setting a new precedent with respect to claim construction, the Federal Circuit held that although a patentee’s clear and unmistakable disavowals of claim scope during an IPR proceeding can narrow the scope of the claims, such a statement serves to narrow the claims only in subsequent proceedings—not in the IPR proceeding during which the statement is made.2

Cupp contended that the PTAB erred when it rejected Cupp’s disclaimers in the IPR.3 The Board did not find this argument persuasive and concluded that it could ignore the patentee’s disavowal in construing the claims.4 The Federal Circuit agreed with the Board.5

I. Introduction

Each of the three patents at issue share a common name and priority date and address the problem of malicious attacks aimed at mobile devices.6 The patents concern methods for waking a mobile device from a power-saving mode and then performing security operations on the device, “such as scanning a storage medium for malware, or updating security applications.”7

The issue on appeal to the Board’s determination related to the precedential decision is one of claim construction.8 Specifically, each independent claim in the three patents includes the limitation “the mobile device having a mobile device processor different than the mobile security system processor.”9

II. Background

In March 2019 Trend petitioned the Board for an IPR of several claims in each of the ’488, ’683, and ’595 patents arguing that the claims were unpatentable as obvious.10 Trend presented two pieces of prior art contending that either could be individually relied upon to show the challenged claims would have been…

Source…

VirusTotal Adds Collections Feature for Better Collaboration and Context

/in


VirusTotal, a key repository of malware samples and suspicious files for security researchers and defenders, is introducing a new service that enables users to collaborate and share data and indicators of compromise in real time.

The Collections feature allows any user to create a new collection for a file or malware sample that includes a variety of different IOCs, such as file hashes, domains or URLs or other information. The collection can also include a description and VirusTotal will add other information to the collection, such as tags and metadata.

Researchers and security teams often use informal methods such as Twitter, Pastebin, or Dropbox for sharing IOCs, threat intelligence, hashes of malware samples, and lists of suspicious domains. There are also a number of private forums in which that information is shared, but those tend to be small and so data is not disseminated widely. Those methods work for specific use cases, but getting threat information out to the widest possible audience of defenders and researchers can make a significant difference in heading off attacks.

The VirusTotal Collections feature is designed to enable researchers and defenders to update their contributions as needed and allow others to consume them.

“Collection owners can update these by adding or removing IoCs. They are public via our UI and API, and they can be shared using their permalink. This makes it a very convenient way of linking to listings of IoCs in blog posts, research reports and the like,” Juan Infantes of VirusTotal said in a post.

VirusTotal has been the default platform for checking potentially malicious files and URLs for many years, and has evolved into a resource for community sharing and discussion, as well.

“Time evolves and now most investigations go beyond one observable, quickly adding up several indicators of compromise (IOCs) for one single incident . With many security researchers sharing their findings in blog posts and tweets, it’s getting hard to keep track of all these data inputs. Moreover, these investigations change over time bringing more difficulty into reporting the new findings,” Infantes said.

Source…

Securing the Apple mobile enterprise takes context

/in


Apple’s prescence has expanded from being the brand behind a few Macs in the creative department; it is now a key mobile and productivity provider across every top enterprise. But even Apple’s platforms face security challenges as people work remotely. I caught up with Truce Software CEO Joe Boyle to discuss Apple in the workplace and his company’s approach to managing the mobile enterprise.

Apple goes to work

“It feels like Apple and the enterprise are practically synonymous today,” Boyle said.

Even those companies that don’t issue Macs and iPhones themselves are likely to support their use by employees. “With a growing ecosystem of enterprise partners available, it has become possible to completely outsource and automate the entire lifecycle of Apple devices,” he said.

“The consumerization of IT has caused a seismic shift in favor of Apple’s growing presence in the enterprise. From an enterprise mobility standpoint, we’ve seen growth and expansion of Apple devices across various industries and use cases. Companies want to leverage the power of the iOS platform to enable a more connected and better-equipped workforce.“

There are other trends, too:

  • Employees increasingly use their own devices and computers for work.
  • They are more engaged than ever in the tech they use.
  • Businesses are adopting a mobile-first approach.

This trend has also driven a change in business processes, said Boyle. “Businesses have transformed workflow processes to be mobile friendly (if not mobile first) to make workers, and operations overall, more efficient,” he said.

Source…