Contribuez à SecuObs en envoyant des bitcoins ou des dogecoins.
Nouveaux articles (fr): 1pwnthhW21zdnQ5WucjmnF3pk9puT5fDF
Amélioration du site: 1hckU85orcGCm8A9hk67391LCy4ECGJca

Contribute to SecuObs by sending bitcoins or dogecoins.

Chercher :
Newsletter :  


Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs





Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- USBsploit
- Commentaires


Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs


Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques


RSS/XML :
- Articles
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter


RSS SecuObs :
- sécurité
- exploit
- windows
- attaque
- outil
- microsoft


RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network


RSS Videos :
- curit
- security
- biomet
- metasploit
- biometric
- cking


RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco


RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques


RSS OPML :
- Français
- International











Revue de presse francophone :
- Appaloosa AppDome nouent un partenariat pour accompagner les entreprises dans le déploiement et la protection des applications mobiles
- D-Link offre une avec un routeur VPN sans fil AC
- 19 mai Paris Petit-Déjeuner Coreye Développer son business à l'abri des cyberattaques
- POYNTING PRESENTE LA NOUVELLE ANTENNE OMNI-291, SPECIALE MILIEU MARITIME, CÔTIER ET MILIEU HUMIDE
- Flexera Software Les utilisateurs français de PC progressent dans l'application de correctifs logiciels, mais des défis de tailles subsistent
- Riverbed lance SD-WAN basé sur le cloud
- Fujitsu multi-récompensé VMware lui décerne plusieurs Partner Innovation Awards à l'occasion du Partner Leadership Summit
- Zscaler Private Access sécuriser l'accès à distance en supprimant les risques inhérents aux réseaux privés virtuels
- QNAP annonce la sortie de QTS 4.2.1
- Une enquête réalisée par la société de cyber sécurité F-Secure a décelé des milliers de vulnérabilités graves, potentiellement utilisables par des cyber criminels pour infiltrer l'infrastru
- Trouver le juste équilibre entre une infrastructure dédiée et cloud le dilemme de la distribution numérique
- 3 juin - Fleurance - Cybersécurité Territoires
- Cyber-assurances Seules 40 pourcents des entreprises françaises sont couvertes contre les violations de sécurité et les pertes de données
- Des étudiants de l'ESIEA inventent CheckMyHTTPS un logiciel qui vérifie que vos connexions WEB sécurisées ne sont pas interceptées
- Les produits OmniSwitch d'Alcatel-Lucent Enterprise ALE gagnent en sécurité pour lutter contre les cyber-attaques modernes

Dernier articles de SecuObs :
- DIP, solution de partage d'informations automatisée
- Sqreen, protection applicative intelligente de nouvelle génération
- Renaud Bidou (Deny All): "L'innovation dans le domaine des WAFs s'oriente vers plus de bon sens et d'intelligence, plus de flexibilité et plus d'ergonomie"
- Mises à jour en perspective pour le système Vigik
- Les russes ont-ils pwn le système AEGIS ?
- Le ministère de l'intérieur censure une conférence au Canada
- Saut d'air gap, audit de firmware et (in)sécurité mobile au programme de Cansecwest 2014
- GCHQ: Le JTRIG torpille Anonymous qui torpille le JTRIG (ou pas)
- #FIC2014: Entrée en territoire inconnu
- Le Sénat investit dans les monnaies virtuelles

Revue de presse internationale :
- VEHICLE CYBERSECURITY DOT and Industry Have Efforts Under Way, but DOT Needs to Define Its Role in Responding to a Real-world Attack
- Demand letter served on poll body over disastrous Comeleak breach
- The Minimin Aims To Be The Simplest Theremin
- Hacking group PLATINUM used Windows own patching system against it
- Hacker With Victims in 100 Nations Gets 7 Years in Prison
- HPR2018 How to make Komboucha Tea
- Circuit Bender Artist bends Fresnel Lens for Art
- FBI Director Suggests iPhone Hacking Method May Remain Secret
- 2016 Hack Miami Conference May 13-15, 2016
- 8-bit Video Wall Made From 160 Gaming Keyboards
- In An Era Of Decline, News Sites Can t Afford Poor Web Performance
- BeautifulPeople.com experiences data breach 1m affected
- Swedish Air Space Infringed, Aircraft Not Required
- Why cybercriminals attack healthcare more than any other industry
- Setting the Benchmark in the Network Security Forensics Industry

Annuaire des videos
- FUZZING ON LINE PART THREE
- Official Maltego tutorial 5 Writing your own transforms
- Official Maltego tutorial 6 Integrating with SQL DBs
- Official Maltego tutorial 3 Importing CSVs spreadsheets
- install zeus botnet
- Eloy Magalhaes
- Official Maltego tutorial 1 Google s websites
- Official Maltego tutorial 4 Social Networks
- Blind String SQL Injection
- backdoor linux root from r57 php shell VPS khg crew redc00de
- How To Attaque Pc With Back Track 5 In Arabique
- RSA Todd Schomburg talks about Roundup Ready lines available in 2013
- Nessus Diagnostics Troubleshooting
- Panda Security Vidcast Panda GateDefender Performa Parte 2 de 2
- MultiPyInjector Shellcode Injection

Revue Twitter
- RT @fpalumbo: Cisco consistently leading the way ? buys vCider to boost its distributed cloud vision #CiscoONE
- @mckeay Looks odd... not much to go on (prob some slideshow/vid app under Linux)
- [SuggestedReading] Using the HTML5 Fullscreen API for Phishing Attacks
- RT @BrianHonan: Our problems are not technical but cultural. OWASP top 10 has not changed over the years @joshcorman #RSAC
- RT @mikko: Wow. Apple kernels actually have a function called PE_i_can_has_debugger:
- [Blog Spam] Metasploit and PowerShell payloads
- PinkiePie Strikes Again, Compromises Google Chrome in Pwnium Contest at Hack in the Box: For the second time thi...
- @mikko @fslabs y'all wldn't happen to have lat/long data sets for other botnets, wld you? Doing some research (free/open info rls when done)
- RT @nickhacks: Want to crash a remote host running Snow Leopard? Just use: nmap -P0 -6 --script=targets-ipv6-multicast-mld #wishiwaskidding
- An inexpensive proxy service called is actually a front for #malware distribution -

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse

Annuaires des videos : curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit

+ de mots clés pour les videos

Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter

Top bi-hebdo des articles de SecuObs
- [Ettercap – Partie 2] Ettercap par l'exemple - Man In the Middle et SSL sniffing
- [Infratech - release] version 0.6 de Bluetooth Stack Smasher
- [IDS Snort Windows – Partie 2] Installation et configuration
- [Infratech - vulnérabilité] Nouvelle version 0.8 de Bluetooth Stack Smasher
- Mises à jour en perspective pour le système Vigik
- USBDumper 2 nouvelle version nouvelles fonctions !
- EFIPW récupère automatiquement le mot de passe BIOS EFI des Macbook Pro avec processeurs Intel
- La sécurité des clés USB mise à mal par USBDUMPER
- Une faille critique de Firefox expose les utilisateurs de Tor Browser Bundle
- Installation sécurisée d'Apache Openssl, Php4, Mysql, Mod_ssl, Mod_rewrite, Mod_perl , Mod_security

Top bi-hebdo de la revue de presse
- StackScrambler and the Tale of a Packet Parsing Bug

Top bi-hebdo de l'annuaire des videos
- DC++ Botnet. How To DDos A Hub With Fake IPs.
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- Defcon 14 Hard Drive Recovery Part 3

Top bi-hebdo de la revue Twitter
- RT @secureideas: I believe that all the XSS flaws announced are fixed in CVS. Will test again tomorrow if so, release 1.4.3. #BASESnort
- Currently, we do not support 100% of the advanced PDF features found in Adobe Reader... At least that's a good idea.
- VPN (google): German Foreign Office Selects Orange Business for Terrestrial Wide: Full
- @DisK0nn3cT Not really, mostly permission issues/info leak...they've had a couple of XSS vulns but nothing direct.
- Swatting phreaker swatted and heading to jail: A 19-year-old American has been sentenced to eleven years in pris..
- RT @fjserna You are not a true hacker if the calc.exe payload is not the scientific one... infosuck.org/0x0035.png

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- [IDS Snort Windows – Partie 1] Introduction aux IDS et à SNORT
- Origami pour forger, analyser et manipuler des fichiers PDF malicieux

Email, Cloud, Privacy and the ECPA

Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]

S'abonner au fil RSS global de la revue de presse



Email, Cloud, Privacy and the ECPA

Par Very Very IP
Le [2010-09-24] à 16:59:22



Présentation : Congress passed the Electronic Communications Privacy Act ECPA in 1986. This federal law is comprised of three different Acts the Wiretap Act, amending Title III of the Omnibus Crime Control and Safe Street Act of 1968, the Stored Communication Act SCA , and the Pen Register Act. It is now time to reform the ECPA, and this reform is on Congress agenda. The House of Representative Committee on the Judiciary, Subcommittee on the Constitution, Civil Rights, and Civil Liberties, heard testimonies on September 23 regarding ECPA Reform and the Revolution in Cloud Computing. The Fourth Amendment of the United States Constitution guarantees the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures. The Supreme Court held in Katz v. United States, that the government cannot eavesdrop on telephone communications held in a place where one has an actual subjective expectation of privacy that society is prepared to recognize as reasonable J.Harlan, concurring .The Court noted that it had emphasized over and again that the mandate of the Fourth Amendment requires adherence to judicial processes, and that searches conducted outside the judicial process, without prior approval by judge or magistrate, are per se unreasonable under the Fourth Amendment subject only to a few specifically established and well-delineated exceptions Indeed, pursuant to the Fourth Amendment, warrants may only be issued upon probable cause, and must particularly describe the place to be searched, and the persons or things to be seized. In Berger v. New York, the Supreme Court emphasized that the need for particularity and evidence of reliability in the showing required when judicial authorization of a search is sought is especially great in the case of eavesdropping. By its very nature eavesdropping involves an intrusion on privacy that is broad in scope Enacted after Katz and Berger, Title III of the Omnibus Crime Control and Safe Streets Act of 1968 the Wiretap Act , as amended in 1986 by the ECPA, defines electronic communication as any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects interstate or foreign commerce, but does not include A any wire or oral communication. 18. U.S.C. 2510 12 Electronic storage is defined as A any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof and B any storage of such communication by an electronic communication service for purposes of backup protection of such communication. 18. U.S.C. 2510 17 The ECPA was enacted in 1986 to set a fair balance between the privacy expectations of American citizens and the legitimate needs of law enforcement agencies. Senate Report No. 99-541, 99th Cong., 2d Sess. 5 1986 . At this time, only a few Americans had heard about the Internet. Storing data was expensive. In his testimony, Richard Salgado, Google s Senior Counsel, Law Enforcement and Information Security, noted that it took 650 in 1986 to buy a 10 megabyte hard drive with room to store about two high resolutions photos , whereas today it will cost less than 100 to buy a 1.5 terabyte hard drive Data was not tucked in a cloud. A Gartner survey showed this month that cloud-computing services represents in 2010 10 percent of spending on external IT services. A Pew Research Center survey revealed in 2008 that 69pourcents of only Americans store data online or use a web-based software application. New technologies, new privacy challenges. In his testimony, Michael Hintze, Microsoft Associate General Counsel, argued that the ECPA, since having been enacted in to law in 1986, has failed to keep pace with technology. He took the example of the difference made by the ECPA between emails stored for less than 180 days and those stored for more than 180 days, and concluded that this distinction no longer makes any sense. Indeed, the SCA, as codified at 18. U.S.C. 2703 a , allows the government to require the disclosure by an electronic communication service provider of the contents of a wire or electronic communication that is in electronic storage in an electronic communications system for 180 days or less, but only if the government first obtains a federal or state court-issued warrant. If the data has been in storage for more than 180 days, the government can require the provider to disclose the data without prior notice to the subscriber or customer if it first obtains a federal or state court-issued warrant. If the government provides prior notice to the subscriber or customer, the government must still obtain i an administrative subpoena authorized by a Federal or State statute or a Federal or State grand jury or trial subpoena or ii obtain a court order for such disclosure. 18. U.S.C. 2703 b Therefore the ECPA provides more protection for emails stored for less than 180 days, than for emails stored for more than 180 days. That made sense in 1986, when storing data was extremely costly, but we are now living in a world where some of us keep emails for months, sometime years, tucked in the cloud. Should the privacy of these emails be less protected than when they were first arrived in our mailboxes The first version of Microsoft Exchange was released in 1996. The user was able to download emails from a server to a local machine. One could then conceive that an email which had not been downloaded after 180 days had been abandoned by the recipient, and thus had no expectation of privacy in the message. However, Hotmail, offered for the first time in 1997, stored emails in the cloud. The cloud retained the message even after its intended recipient had read it. Yet, data storing capacity was still limited in 1997, but it is no longer the case. Mr. Hintze concludes that users reasonably expect their data to be as private on day 181 as it is on day 179. It is hard to disagree with that statement. A coalition of companies and non-profit organizations, the Digital Due Process Coalition, has also been advocating SCA reform. Members of the coalition include among others, the American Civil Liberties Union, the Center for Democracy and Technology, the Electronic Frontier Foundation, Google, Microsoft, IBM, and AT T. The coalition recommends the Act to be reformed so that the government could only require electronic communications providers to give it access to the non-public content of communications if producing a search warrant based on probable cause, and this regardless of the age of the communication, the means or status of its storage or the provider s access to or use of the content in its business operations. see p. 5 of Becky Burr, ECPA PRINCIPLES FOR REFORM

Les mots clés de la revue de presse pour cet article : email privacy
Les videos sur SecuObs pour les mots clés : email privacy
Les éléments de la revue Twitter pour les mots clé : email privacy



AddThis Social Bookmark Widget



Les derniers articles du site "Very Very IP" :

- Towards Orphan Works Legislation in the EU
- Où l'on reparle de la protection internationale de la vie privée et des données personnelles...
- Emerging Privacy Issue Les Compteurs Intelligents
- Email, Cloud, Privacy and the ECPA
- New Blog Post on the Information Security Breaches the Law blog
- Second Circuit The FCC indecency policy is unconstitutionally vague
- Safe Harbor Blog Post
- Online Impersonation
- City of Ontario, California, v. Quon
- Are Communications Made through Social Networking Sites Readily Accessible to the Public




S'abonner au fil RSS global de la revue de presse

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]



Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail




SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :