LITIGATION SUPPORT TIP OF THE NIGHT

When scrutinizing new applications, or conducting a security audit of the programs on a PC, search for passwords stored in configuration files. Configuration files commonly use the file extensions - .ini and .cfg. Their purpose is to store the initial settings for applications. Programmers often make the mistake of using them to store passwords, which causes a cyber security vulnerability.

A configuration file used with a Java web based application may contain lines like these:

webapp.ldap.username=secretUsername webapp.ldap.password=secretPassword

If passwords are part of a configuration file they should be encrypted.

Email spoofing is the practice of sending a forged email that appears to be from a legitimate email domain, but is in fact from a different sender. Email protocols don't always verify that an address in the FROM field is one which the sending system is authorized to send from. A different (but similar) email address may be listed in the REPLY-TO field.

DKIM - DomainKeys Identified Email - is a method of authenticating the domain of an email sender.

Your Gmail account can run a DKIM authentication.

Follow these steps:

1. In a gmail message near the reply arrow, click on the drop arrow and select 'Show original'.

2. The resulting message will include a DKIM field indicating whether or not the particular message has passed the DKIM authentication test.

3. In the email header look for the line, "dkim=pass header", as official verification that the email has DKIM authentication.

China's new comprehensive cybersecurity law came into effect on June 1, 2017.

Under Article 43 of the law, individuals can request that 'network operators' delete their personal information when it has been obtained illegally, or direct that erroneous information be corrected. Article 76 defines personal information as, "all kinds of information, recorded electronically or through other means, that taken alone or together with other information, is sufficient to identify a natural person's identity, including, but not limited to, natural persons' full names, birth dates, identification numbers, personal biometric information, addresses, telephone numbers".

Article 37 imposes data localization requirements, directing that personal information and other important data generated in the People's Republic of China be stored within mainland China.

Article 27 prohibits "illegal entry of others' networks, disruption of the normal function of others' networks, theft of network data or other activities endangering network security", and under the law violators can be fined up to RMB 1,000,000.

The law also mandates protection of information information infrastructures important to national security, the economy, or the public interest.