Friday 07/17/09

RIM settles Visto suit for $267 million

IDG News Service - Research In Motion has agreed to pay rival Visto US$267.5 million to license and buy patents, settling a long-running legal battle. As part of the deal, RIM received a perpetual and fully paid license on all Visto patents and acquired some Visto intellectual property. The companies also dropped all outstanding lawsuits.

The deal closes a legal battle that started just after RIM settled a disagreement in 2006 with NTP that threatened to shut down BlackBerry phones. RIM agreed to pay NTP $612 million after NTP asked the court for an injunction that would have halted e-mail delivery to the phones.

Visto, which recently bought mobile e-mail provider Good Technology from Motorola...

----------

Obama administration defends Bush wiretapping
Lawyers from the U.S. Department of Justice and the Electronic Frontier Foundation squared off in a San Francisco courtroom Wednesday over a warrantless wiretapping program instituted by the Bush administration.

----------

CEOs underestimate security risks, survey finds

Compared to other key corporate executives, CEOs appear to underestimate the IT security risks faced by their own organizations, according to a survey of C-level executives released today by the Ponemon Institute.

The Ponemon survey (download PDF) of 213 CEOs, CIOs, COOs and other senior executives reveals what appears to be a perception gap between CEOs and other senior managers concerning information security issues. For instance, 48% of CEOs surveyed said they believe hackers rarely try to access corporate data. On the other hand, some 53% of other C-level executives believe that their company's data is under attack on a daily or even hourly basis.

----------

Chinese Company Sues American Retailers For Selling 'Knockoffs'

from the yes,-read-that-again dept

Jake points us to a story that (as Jake notes) makes you read the headline twice to make sure you got it right: Chinese Company Sues in U.S. to Block "Knockoff". It's not really "knockoffs" that they're suing over. It's a patent infringement claim from Changzhou Asian Endergonic Electronic Technology Co., which is upset that Best Buy, Wal-Mart and some other retailers are selling a competitors' dashboard mount that it claims is covered by its own patent.

Now, there are a bunch of points worth discussing here. First, apparently this is the first such case of a Chinese company (based in China) suing in the US over a patent infringement claim (a claim that really surprises me). Considering the long history of China copying (blatantly) American products and then reselling them, it's really quite fascinating to see a Chinese company now complain about the "reverse." Of course, as we've been highlighting recently, there's been a big push in China to build up a belief in patents. It seems this firm has already learned the basics of the American patent system: it's suing in Texas, of course!

The other odd thing about this case is filing the lawsuit against the retailers. The company is also suing the manufacturer (another Chinese company) which makes sense, but I've never understood why going after the retailer makes sense. Best Buy, Wal-Mart and others shouldn't need to investigate every product they sell to determine whether it violates someone else's patents. Let that be handled between vendors. Dragging the retailers into the lawsuit is just a waste of resources.

----------

Cosmetic Surgery Company 'Fesses Up To Widespread Campaign Of Fake Reviews; Pays Fine
The NY Times has an article about how LifeStyle Lift, a company that does cosmetic surgery (facelifts) has reached a settlement with NY Attorney General Andrew Cuomo over posting fake reviews on its site. It wasn't just a case of some "rogue" employees posting some fake positive reviews, either. The company apparently sent out emails to employees telling them to "devote the day to doing more postings on the Web as a satisfied client." It also created its own fake facelift review websites that (of course) reflected positively on themselves. The company has apologized and agreed to pay $300,000.

----------

Belgium Fines Yahoo For Protecting User Privacy On Its US Servers
For many years, we've discussed the many challenges faced by countries in trying to recognize that "jurisdiction" on the internet isn't what they probably think it is. Many countries want to interpret internet jurisdiction as "if it's accessible here via the internet, it's covered by our laws." But it doesn't take much scenario planning to recognizing what a disaster would result from such an interpretation. Effectively that means that the most restrictive legislation anywhere in the world (think: China, Iran, Saudi Arabia, etc.) would apply everywhere else.

That's why it's quite worrisome to find out that Belgium is trying to fine Yahoo for protecting its users' privacy and refusing to hand over user data to Belgian officials. Yahoo noted, accurately, that it does not have any operation in Belgium, and the data in question was held on US servers, not subject to Belgian law. On top of that, the US and Belgium have a good diplomatic relationship, such that such a data request could have gone through established diplomatic channels to make sure that US laws were properly obeyed as well. But, instead, Belgian officials just demanded the info from Yahoo's US headquarters directly, and then took the company to criminal court where the judge issued the fine.

----------

Michigan Supreme Court Issues New Stop Twittering Rule For Juries
There have been a few recent stories about jury members using Twitter, and courts have been trying to figure out how to deal with it. Well, over in Michigan, the Supreme Court has issued new rules for judges to tell jurors concerning their use of text messaging and other communication services. While it doesn't name Twitter specifically, it seems like the new rules are pretty clearly directed at jurors who might Twitter or use some other similar communication tool to explain what's happening in the case.

----------

PCI clarifies procedures to secure Wi-Fi
Angela Moscaritolo July 17, 2009
With a new guidance document, the Payment Card Industry Security Standards Council aims to clarify what retailers must do to secure their Wi-Fi networks.

----------

Microsoft sues to stop Windows Live Messenger spam
Dan Kaplan July 17, 2009
Microsoft has filed a lawsuit against a company that allegedly delivered spam over instant messenger, known as "spim," to thousands of its 320 million Windows Live Messenger users.

----------

4 Years After TJX Hack, Payment Industry Sets Security Standards

http://media.haymarketmedia.com/Documents/9/PCI_DSS_Wireless_Guidance_July_09_FINAL_071309_2221.pdf

----------

China: 338 Million internet users, 13 million websites
China Daily reporting the new numbers from CNNIC on internet growth in China:
- 338 million internet users, 13.4% increase since end of 2008
- 12.96 million websites holding .cn domain
- 155 million people access the internet via their mobile phone
- 87.88 million people shopping online, an increase of 14 million
- 320 million users have broadband

----------

HTC issues hotfix for Bluetooth vulnerability in smartphones
HTC released a software update on Thursday that fixes a Bluetooth vulnerability disclosed earlier...

The vulnerability, found in an HTC Bluetooth driver, obexfile.dll, could allow an attacker to gain access to all files on a phone by connecting to it via Bluetooth, according to Alberto Moreno Tablado, the researcher who discovered the bug in the OBEX FTP service and first reported it earlier this year.

The OBEX FTP directory traversal attack requires that a victim's phone has Bluetooth switched on and Bluetooth file sharing is activated. The vulnerability allows an attacker to move from the phone's Bluetooth shared folder into other folders. This gives the attacker access to contact details, e-mails, pictures or other data stored on the phone. They can also upload software to the phone, including malicious code.

----------

Former County Council Member Jailed for Installing Spyware
Tony Trout, a former Greenville County Council member, has been sentenced to 366 days in prison for installing a spyware program on the computer of County Administrator Joe Kernell, and intercepting his personal emails. Trout claimed that he did it in order to prove that Kernell, his employee, was involved in illegal activities.

[ more >> ]

"Don't take the law into your own hands. If you believe that someone is behaving illegally it's not your job to gather evidence yourself by breaking the law. If you really feel a crime is being committed, inform the authorities and ask them to look into it," advises Graham Cluley, senior technology consultant at Sophos.

----------

Microsoft bets big on a new platform subscription license
Microsoft quietly started rolling out a new subscription licensing option, known as Application Platform Agreement (APA) at the start of this year. But it is in the coming Microsoft fiscal year, which kicks off on July 1, that the APA will start gaining some serious traction, the Softies predict.

Microsoft execs will be talking up the new APA license at the company’s upcoming Worldwide Partner Conference in New Orleans in mid-July, hoping to get its partners onboard with selling Microsoft’s core enterprise products via the APA.

The APA — which is somewhat like the company’s existing Software Assurance (SA) license — is an add-on to Microsoft’s Enterprise Agreement license, which it offers to business users who buy in volume. It is a subscription license, meaning that users who pay for it are entitled to upgrades to the covered set of products for three years. (Microsoft receives recurring revenues even if it doesn’t release updates to the covered wares in that period.) The Directions on Microsoft research firm has described APA as an “all you can eat” license for Microsoft’s server products.

----------

Google Apps Security Questioned After Twitter Leak
Analysis: Twitter suffers a significant security breach, brought on by a Twitter employee's Google Apps account being hacked.

----------

Seven Ways to Secure Windows 7
Windows 7 comes with important safeguards out of the box, but it isn't hard to make it even more secure.

----------