Dropbox is still the most popular cloud-based file sharing and storage system, so its success and failures will inevitably signal how quickly the legal community warms up to the cloud.

Dropbox has recently come under scrutiny for a number of security failures. In response to breaches discovered earlier this summer, they have just introduced a new two-step verification on their accounts.

The two-step verification will be optional for users, and allows them to impose a new security code on top of passwords. The code is sent directly to a cell phone, and can be used whenever the account . . . [more]

Last week I was asked why my library wasn’t physically smaller.

“Isn’t everything online?” No. “Did we really need all these old books?” Yes. “Wouldn’t it be more convenient for lawyers to be able to access library materials regardless of their physical location?” Definitely.

Although we are moving towards the reality of a digital library, we have not arrived there yet.

What is available?
The most considerable barrier to the fully digital library is that many legal resources do not exist online. Legal publishers have digitized and made available online many Canadian primary legal resources such as case law and . . . [more]

Last week LinkedIn suffered a major security breach where millions of “hashed” passwords were leaked. Dan Pinnington wrote an excellent post last week outlining how you can tell if your LinkedIn password has been compromised.

This security breach has prompted many to reset their password at LinkedIn and other sites. However, as Dan points out, you shouldn’t reset your password to a password you use at other sites. Why? The LinkedIn password leak gives us a perfect case study.

What was leaked at LinkedIn was not your exact password, but rather a hash of your password. A hash is . . . [more]

Further to the post earlier today about passwords at LinkedIn being hacked, LinkedIn has issued the following update:

Our security team continues to investigate this morning’s reports of stolen passwords. At this time, we’re still unable to confirm that any security breach has occurred. You can stay informed of our progress by following us on Twitter @LinkedIn and @LinkedInNews.

While our investigation continues, we thought it would be a good idea to remind our members that one of the best ways to protect your privacy and security online is to craft a strong password, to change it frequently (at . . . [more]

A post on the TheNextWeb site indicates that a Norweigan IT webite, Dagens IT, reported the breach. That site indicates that 6.5 million encrypted LinkedIn passwords have been posted to a Russian hacker site.
LinkedIn has responded that they are looking into the breach.
To be safe, LinkedIn users should change their passwords immediately.
For more passwords tips, see this article from Law Practice Magazine: Don’t Be Passé With Passwords: Best Practices for Staying Safe.

[Updated 3:30 pm Eastern]

Not a lot of info from LinkedIn on this so far today. Two earlier tweets indicating they are investigating . . . [more]

I’m not a big gamer. I had a blast with Angry Birds for a bit and then lost the lust for launching the anti-pig petards. So when I’m trying to kill time in the absence of wifi, I’ll turn to good old solitaire — Klondike by threes, if it’s of any interest. I’ve noticed something odd about the game, whether on my desktop, smart phone or tablet. At least, I think I have. The cards the computer serves up don’t seem to be random. I’ll have a four face up at the bottom of one of the columns and . . . [more]

We have discussed on Slaw the mandatory disclosure of information from Facebook pages in civil litigation, and the disclosure of FB passwords to prospective employers. I do not believe that we have discussed the disclosure of information from FB in the course of a criminal investigation.

A German court has recently ordered disclosure of the content of private messages and pictures from a suspect’s FB pages. A write-up of the case appears in International Law Office.

Is this just another search warrant for a computer? Would courts where you are have any difficulty with an application for such a warrant? . . . [more]

An Oakville lawyer advised us of a new scam that appears to be a brazen attempt to gain access to a law firm’s computers.

Someone identifying himself as Mason Saunders called the firm this morning and asked to speak directly to the lawyer by name. He indicated to the lawyer that he was calling further to a discussion with a clerk at the firm 3 weeks ago. The caller referenced the clerk by name and indicated he had been authorized to create a website for the firm. The caller then asked if the clerk had spoken to the lawyer. “No” . . . [more]

Do the wills you are drafting for your clients deal with their digital assets? Does your will deal with your digital assets (personally and for your practice)? I’m guessing that your answers to both these questions is “No.”

My good friend Sharon Nelson did an excellent post on this hot topic on the Ride The Lightning blog. Until recently, lawyers just didn’t think about digital assets. This needs to change as lawyers and clients alike all have significant and growing online presences. It can be very difficult and time consuming for family members and estate trustees to deal with digital . . . [more]

This column is already dated. Why? Because privacy – or the lack thereof – is daily news. Facebook just announced their privacy policy would be called a “data use policy”. Before that it was Google’s announcement that they would be combining all the data collected by their individual web properties (YouTube, Gmail, Blogger, Google, etc.) about you into one single place, covered by one single “privacy” policy. Security has always been in opposition with ease of use. The conflict between wanting the convenience and interaction of the free web and trading privacy for the privilege is . . . [more]

Site news for those who read Slaw only via RSS or email

1. Comment Watch:

In the last week there were 50 comments. You might be particularly interested in these:

• the six comments on David Canton’s post “Demanding Social Media Passwords From Job Seekers Is Wrong”
• the thoughtful comments on Jack Newton’s post “Addressing the High Cost of Cloud Computing Due Diligence”
• the five comments on David Canton’s post “Using QR Codes.”

You can subscribe to the comments on Slaw either as a separate matter (RSS, email) or as part of a subscription combining posts and comments . . . [more]

No one lives in cyberspace, they say. A lot of people spend a lot of time visiting, though. They leave a lot of traces there, and they interact with the non-cyberspace (some prefer the term ‘real’) world from there. The border is more porous than most national borders, these days.

What happens when people with a presence in cyberspace (really) die? Does the presence continue indefinitely, but unrefreshed? What do their survivors do about their activities in cyberspace? How do they deal with online assets, or even discover real-world assets that may be locatable only online? How do estate . . . [more]