Hasta La Gadget!

If there’s one thing the internet has taught the business universe over its relatively short lifetime, it’s that information is valuable – so valuable, in fact, that there’s an industry built around securing digital information of all types. This week we’ve had the opportunity to speak with a company with a 16-year history in this market: IntraLinks. They’ve let us know what they do to provide a forward-thinking model for file and information sharing and collaboration in the future, complete with the ability to kick out what they call the “oops moment” when you’ve shared something by mistake – or if a file goes rogue.

IntraLinks was founded by security specialists in the banking world and created for the security of investment banking, strategic transactions, and large multi-million deals. The Company’s platform was created to secure – and continue to secure – the sharing of non-public information. IntraLinks’s SVP of Product Marketing Wade Callison let us know the extent of their business in basic terms: “$19 trillion dollars in financial transactions and services have floated across our cloud over the course of the existence of the company.” 

That’s one whole heck of a lot of cash.

The company makes it their business to be the trusted third party between companies that want to connect securely. They do this with a scalable technology that has handled everything from Life Sciences clinical trials to investor reports. They’ve done so well that Gartner has rated IntraLinks as the leading vendor in the Team Platforms and Social Software Suites category based on revenue for the 6th year in a row.

“How does one “UNshare” a file?”

The Company’s newest product, IntraLinks VIA, launched last month and includes two major features that’ll allow it to be future ready and secure for the next generation. One of these features is a “Snapchat for the Enterprise”, the other – the ability to “UNshare” Your Files.

The “Snapchat for the Enterprise” function will allow you to set a self-destruct expiration date for your files, thus allowing you to keep a close eye on what’s visible to who and for how long. This as well as the UNshare feature work hand-in-hand to keep your files under your control.

UNshare is a feature that’s relatively new to the digital universe, appearing at first to be impossible due to the extremely fluid nature of the web and computers in general. However, IntraLinks VIA employs Information Rights Management with every document you share, allowing you to remotely revoke access to files at any time. 

““If it’s something I’d rather you not forward, I’ll make it more difficult for you to forward.””

As Callison made clear: “The key is that the amount of control you need to put in place should reflect the sensitivity of the transaction. If it’s something I’d rather you not forward, I’ll make it more difficult for you to forward.” Digital watermarks in files shared with IntraLinks VIA apply themselves based on the location of the file, the name of the computer, the name of the person downloading the file, the time, the date, and more.

You’ll be able to set multiple passwords for the same file that only work on single machines. You’ll be able to block printing, block screen capture, block copy and paste – with many more controls on the way soon. 

IntraLinks is currently looking at integration with a few vendors and a few key partners right this minute, aiming in the end to erase that crucial step between product availability and customers actually using the product. Taking away barriers for adoption for new users is a key point in getting them to proactively use the product’s features. Callison let us know that VIA’s mix of intuitive user interfaces and the deep security features under the hood are tackling this challenge. He said, “If you try to be another service that people need to think about to use, they’re not going to. Making the product an organic part of a user’s workflow is important.”

IntraLinks also aims to be a vendor that’s able to work with any company, pushing past the struggles that technology and security compliance present across the globe (and even inside companies themselves). With IntraLinks VIA, professional groups will be able to work with an extra layer of guidance and expertise that enterprise companies wouldn’t otherwise have. And with that, we’ll be share-friendly safe once more – and sooner rather than later!

IntraLinks VIA introduces the “UNshare” for information security is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Anonymous has released 14GB of data it acquired about Bank of America, Thomson Reuters, ClearForest, Bloomberg, and TEKSystems, an intelligence firm. It did this via a press release on the website Par-AnoIA, including a link to the hacked data and a rundown of the relevant details for those who don’t have the time to look at 14 gigs of info. The data concerns the spying habits of Bank of America and other corporations, which are said to include a log of data on hundreds of thousands of employees and executives at various corporations around the world.

According to Anonymous, it considered this information to be newsworthy for several reasons, including the insecure way it is stored and the rather disconcerting fact that it contains information about “hundred [sic] of thousands” of both employees and executives of many corporations globally, with that information including data about the individuals’ salaries. The data on individuals was named “Bloomberg” and tagged as “reuterscompanycontent,” and comprised a total of 4.8 gigabytes.

The point about the data being stored insecurely is underscored not just by the fact that the hackers accessed it, but also by how they did it – without hacking. The amassed data is reportedly stored in Tel Aviv, where ClearForest is based, on an open server that is misconfigured, meaning that just about anyone can get it with a little bit of elbow grease.

Says the hackers, the information gathered is of a poorly researched nature, meaning that portions of it may not even be correct. The information being gathered is coming from IRC channels, social media, forums, and other such Internet locations, and has a focus on targeting activist movements and Anonymous. The spying utilizes an apparent keyword list with in excess of 10,000 entries used to find content on Twitter, IRC, and other Internet locations. Most of the entries are Wikipedia references, with 1,125 believed to be actual, relevant keywords.

Says Anonymous, it has released the data it found to raise awareness and make a point.

[via Paranoia]

Anonymous releases 14GB of data on the spying habits of Bank of America and more is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Adobe has announced that two vulnerabilities with its Acrobat and Reader applications are being exploited in the wild via a malicious PDF file attached to an email. If a user attempts to open the PDF file, their system will be attacked via the critical vulnerabilities, as well as the potential for the application to crash. Adobe is working on a rolling out a fix for the vulnerabilities, but until then users should exercise caution when downloading attachments.

The PDF attack targets Windows users, but all three major operating system – Windows, Mac OS X, and Linux – are affected by the vulnerabilities CVE-2013-0640 and CVE-2013-0641. Until the company gets a patch pushed out, it recommends that users update their anti-malware software to the latest definitions, and ensures that it is running at all times when using the applications.

Adobe Reader and Adobe Acrobat XI versions 11.0.0.1 and earlier for Windows and OS X, Reader X 10.1.5 and earlier for Windows and OS X, and Reader 9.5.3 and earlier 9.x versions for all Windows, Mac OS X, and Linux are all affected by the two vulnerabilities. Windows users running Reader XI and Acrobat XI can both take steps to protect themselves until the fix is released, however.

Within the applications, Windows users running the above mentioned versions of either XI application should enable “Protected View,” which can be found under Edit > Preferences > Security (Enhanced). From that menu, select “Files from potentially unsafe locations,” which will help guard against malicious PDF files. Admins can enable Protected View in the registry for enterprises with security concerns.

[via Adobe]

Adobe says Acrobat and Reader vulnerabilities exploited with malicious PDF is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Today is Data Privacy Day 2013 and Google has decided to make it official with a set of clarifications on how they deal with government requests for data. This is a topic that Google has made a point to be as clear as possible about in the past, just recently having released a new report on how many requests for data they’d received (and how many they’d filled) in 2012. Google is also letting the world know today that they’re continuing efforts to uphold such laws as the U.S. Electronic Communications Privacy Act in their deeds and through their membership in the Digital Due Process coalition as well.

In their celebratory news burst today, Google has listed several points on how they make it their mission to have a strict process for working with all government agency requests for the personal information of users that work, on, and around Google. It’s more than a few times a year that the U.S. government sends a request to Google for the information you’ve provided to Google for a variety of reasons. When this happens, Google goes through a set of steps that starts with checks, checks, and more checks.

Google makes sure first that what they’re about to do – or refrain from doing – abides by both the law and their own set of strict policies. The Google team requires that all requests for information by “in writing” as well as signed by an authorized official of the requesting agency. They also check that the agency making the request is abiding by the law and that the request they’re making is issued under the appropriate law – no willy-nilly action here!

When a request is made and is found to be legal, Google evaluates the scope of the request. If the request is too broad, Google notes that they’ll ask that the information request be narrowed – Google says that they do this sort of thing “frequently.” After the request is made, if Google is able to notify the users whose information is being requested of that request, they’ll notify them of the situation. If Google is not able to notify the parties in question (if they’re legally prohibited, that is), they’ll try to “lift gag orders or unseal search warrants” to move forward in notifying all parties involved.

Google also makes clear here today that they require a search warrant for all government agencies conducting criminal investigations if they’re seeking to “provide a user’s search query information private content stored in a Google Account.” This information includes, but is not limited to, Gmail messages, photos and documents in your Google Drive account, and YouTube videos (public and private).

This week Google has also added a new section to their Transparency Report that’ll answer any other questions you might have – or so they hope: Transparency Report Legal Process (Q and A). Make sure you’re aware of your rights and keep in mind the golden rule of the internet: if you post it, someone has it. Assume nothing when it comes to privacy on the world wide web, and if you want to keep something a secret, just don’t say it!

[via Google]

Google celebrates Data Privacy Day with Government data clarity is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Data security is important to every mobile user, but some need a bit of extra encryption on top of normal security measures. For those users, Silent Circle has launched the Silence Phone app, which allows Android users to call and message each other with full encryption over talk and text. The app can be nabbed from the Google Play store, and requires a corresponding Silent Circle account.

The app utilizes TLS and ZRTP to encrypt packets, and requires both users to swap device keys when calling each other. The keys are not stored on a server, adding to the level of security, providing complete end-to-end encryption. Secure calls can be placed to both other Silent Circle users and non-members, depending on the subscription package used.

For those only interested in calling other Silent Circle members (the “Inside the Circle” plan), the monthly subscription runs $20, and includes a silent phone number. For those who need to place encrypted calls to non-Silent Circle members, the subscription plan is slightly more expensive at $29 per month. The encryption is only provided for calls placed in the U.S., Canada, and Puerto Rico, however.

The app is currently at version 1.1.2, and requires Android 2.3.3 or higher, meaning that it will run on most Android handsets. The app is a mere 2.5MB in size. New users have to subscribe at SilentCircle.com, and will score a 30-day free trial for another user to try out the service upon enrolling.

[via Android Community]

Silent Circle launches Android app offering full call and text encryption is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.