Friday, February 12, 2016

Upgrade from 14.04 32 bit Ubuntu to 14.04 64 bit ubuntu

I recently received a notification from Google Chrome that updates would be ending in March, 2016 for the 32 bit version of Chrome.  Running a 32 bit version of Ubuntu 14.04, I had to switch to a 64 bit version of Ubuntu.

I had an Encrypted Home Directory In Ubuntu, but I had another 119 Gig partition available and empty on my 256 Samsung SSD.

Login to old 14.04 32 Bit Ubuntu OS partition:

dpkg --get-selections > ~/Package.list
sudo cp -R /etc/apt/sources.list* ~/
sudo apt-key exportall > ~/Repo.keys

Install 64 bit Ubuntu to Other Partition

Login to 14.04 64 bit Ubuntu on Other Partition

(I want to Preserve my playonlinux settings to run windows programs and preserve play(Acrobat 10, Word 2010) so I install it.)
sudo apt-get install playonlinux  
Open Playonlinux - Let it completely finish setting up.
Close Playonlinux

Make sure the other drive with your old files is mounted.  Click on the drive icon in Ubuntu to Mount and then open terminal and type:

sudo ecryptfs-recover-private

Either enter 32bit user password or, if unavailable passphrase generated from 32 bit command ecryptfs-unwrap-passphrase
I tried using Ubuntu Backup and it would break X and make it crash while overwriting the home directory.  I tried looking into ways to make deja-dup not crash and while I did find a method using gksu, I eventually resorted to using screen.
sudo apt-get install screen
sudo cp -r -a -v /tmp/ecryptfs.XXXXXXXX/. /home/user/ 
Ubuntu automagically logs you out when some particular file is overwritten in your home directory.   Log back in and open terminal

screen -r 

Once complete, install old packages:

sudo apt-key add ~/Repo.keys sudo cp -R ~/sources.list* /etc/apt/ sudo apt-get update
sudo apt-get install dselect
sudo dselect access
sudo dselect update
sudo dpkg --set-selections < ~/Package.list
sudo apt-get dselect-upgrade -y

Open PlayOnLinux

Reboot the computer

This got me back pretty close to my old installation.  I'm fairly certain that the majority of my packages are back, but also there is an issue.

Thursday, July 30, 2015

Florida Revenge Porn Lawsuits - Sue the bastards


Frankly, there are not many situations where I would use the phrase "Sue the bastards," however when it comes to pornography of your sons or daughters posted online.... Sue the bastards.

Criminal Prosecution

Criminal prosecution is generally what people think of when they want to right a wrong, or imagine a trial on the matter.  Criminal prosecution involves the police, and the State Attorney's office, and generally punish offenses against the state and the individuals which prescribe the state.

Beginning October 1st, Florida will be under the control of 784.049, Florida Statutes which makes it a misdemeanor to commit sexual cyberharassment, and a felony for repeat offenders.   The proper avenue for getting criminal actions begun is to contact your local police department.  Generally, they will work with local prosecutors to get these cases to the point where the offender will be brought before a judge and punished.  Misdemeanors are punishable by up to a year in jail.

Civil Prosecution

Civil prosecution of this kind of case is also governed by 784.049.
(5)  An aggrieved person may initiate a civil action against a person who violates this section to obtain all appropriate relief in order to prevent or remedy a violation of this section, including the following:
(a)  Injunctive relief.
(b) Monetary damages to include $5,000.00 or actual damages incurred as a result of a violation of this section, whichever is greater.
(c) Reasonable attorney fees and costs.
Section (a) regarding injunctive relief is seeking a court order forcing the person to remove the image from the website, to delete the images wherever they may exist, and to prevent any future posting or use of the image.

Section (b) is the civil penalty associated with the act of harassment.  The $5,000 number represents a minimum penalty in the absence of genuine damages.  Damages to reputation, business, or other such damages are difficult to calculate and therefore difficult to ascertain.  However, if the nude picture somehow damaged someone financially in excess of $5,000.00, those damages could also be recoverable.

Section (c) provides that you should be entitled under the law to recover fees and costs associated with the lawsuit that you file to take down the offending material.  This means that if you file a lawsuit, and are successful in the prosecution of the suit, you will be entitled to get every penny back that you reasonably paid to an attorney to get your results achieved.

Graham is Ready to Take Your Case

Finding an attorney to take on a new type of case under a new law is sometimes difficult.  You have to call up offices, wait for a call back, then get a quote, etc. etc. etc.  Graham loves new cases, and is specially positioned to take these cases immediately.

The law office of Graham W. Syfert at 904-383-7448, will be taking on civil cases regarding online pornography, and will pursue them passionately.  Graham has a background in technology, IP networking, and was previously a system administrator for a research firm.   Our goal is to find the bastard, terrorize the bastard, and sue the bastard.

The flat fee associated with removing of pornographic images from website will be $1500.00 with about $500.00 of that used for the costs of suit.  Graham W. Syfert, P.A. will make every effort to recover every penny you pay in fees or costs, and return your life to where it was before this ever happened.

Saturday, June 20, 2015

PDF Metadata in the Practice of Law

Clerk Seeks Indemnification for Metadata Disclosures

The Florida Bar has released an article which states:

 "Florida Court E-Filing Authority, which manages the statewide e-filing portal, that it include a warning on the page where filers designate the type of document they are filing. That notice will read: “Warning: Removal of document metadata is the responsibility of the filer. Any document metadata remaining may become part of the public record.”
The idea is that an identity thief, fraudster, et cetra may obtain metadata from a filer failing to scrub PDF documents after redactions, and obtain SSN's, credit card numbers.
Is the Florida Court E-Filing Authority a clerk of court?  They seem to fill the role.  Or are they as "Pacer" is to the Federal Clerk?

The article goes on to note that only 37% of online filers create searchable PDF's.  Wow.
I'm curious as to how many untold gigs of storage is wasted by clerks of court.

Metadata's potential usefulness, apparently, caught the clerk, and by inferrence some judges by surprise:

Mary Cay Blanks, clerk for the Third District Court of Appeal stated: 
“All kinds of information was in that document, who the judge was, who the secretary was; everything is in there,” she said. “We realized we had to strip all of that information, which, now we do.”
While it may be a prudent practice to strip such metadata and information from an opinion or an order, shouldn't we be allowed to know these things anyway?  If I were a Plaintiff or a Defendant receiving an order, I might like to know what judge worked on it, or what secretary worked on it.  But

I bet you dollars to donuts that the Clerk of the many DCA's can tell you the exact date and time when a Appellant's lawyer got notice of Oral Argument through the logs of their webserver and unique URL's.  It's a metadata of sorts, as it is not exactly plain on the surface that this information is recorded.   I digress- if you are in a law firm, it is obvious that you should not allow metadata to be shared with opposing counsel, or the public at large.

Redaction of PDF metadata in regards to editing out personal information is a no brainer.  If you draw a box over some text in a PDF, the text remains.  If you redact, do so properly.

Apparently in Linux, if you are not running Acrobat in Wine., there is not much of a good way to redact, except Inkscape Vector Editor:

If I told you how often I looked at PDF metadata to get ideas about a case, confirm a fact, confirm a filing time, you'd probably get the wrong idea about me.  I have had two cases where I used PDF metadata to figure out what attorney or firm was responsible for the filing or the drafting of the documents.  One of the cases was widely publicized.  The other case was an attorney who continued to file documents on behalf of his client when they substituted in new counsel after a motion to disqualify.

In addition, there have been at least three other cases where I have used PDF metadata to identify a John Doe defendant, or a metadata remnant of a non-attorney created PDF was key in opening up a new strategy.  

The truth is, that advising attorneys to scrub all metadata from a PDF before filing is a little overbroad.  Is it a good practice?  Sure.  But essentially, scrubbing PDF data is kind of destroying the evidence.

As a part of my practice includes criminal defense, I suppose I could advise everyone out there to scrub their metadata.

Saturday, January 18, 2014

Ethics of Facebook, Twitter, and Blogs. Oh, and LinkedIn - For attorneys.

In Florida, among attorneys, there is a crisis of ethics.  No, no, not like that.  Not at all like that.  Well, that's another discussion but I can not necessarily have it on this blog.  Instead, it is the ethics of being able to use websites that normal ordinary people use everyday.

Newly filed is a case that is pending against the Florida Bar of Searcy v. Florida Bar (complaint).  The law firm of Searcy Denny Scarola Barnhardt & Shipley published on their blog comments regarding opinions that were not "objectively verifiable."  Such comments were that the days "when we could trust big corporations . . . are over," and that "[g]overnment regulation of Corporate America's disregard of consumer safety has been lackadaisical at best," and that "when it comes to 'tort reform' there is a single winner: the insurance industry."

The ABA asks, "is Florida too tough on lawyers using linkedin and twitter?"

So, what we have is a new form of media, the internet, that we are trying to form into old restrictions on the ability to publish and advertise and communicate that are now being eradicated by the ease of use and openness of the internet.  See Florida Bar Revokes advisory opinion.  It is obvious that the attorneys of Florida are at a crossroads in how exactly to handle the freedom that is provided through ease of rapid communication which is unparalleled in our history and will grow exponentially.

The simple fact is that the internet can be abused by attorneys.  The internet can be abused by anyone.


Now I don't handle many personal injury cases, but ambulance chasing is an old lawyer joke.  The image of a lawyer chasing an ambulance is practically unheard of, at least I never hear it.  Instead, they must interrupt Jeopardy and late night Perry Mason episodes to inform us to the sound of boring background music that they are compassionate people who will work hard on your case.  But if one of them decided to ambulance chase on the internet, they could follow individuals in their target area, say, the entire State of Florida, and look for people announcing major life events on twitter.

A search of #CarWreck on twitter, just one of many possible searches, at 10:16 AM on 1/18/2014, yielded evidence of at least four people who had been in car accidents in the last week  An auto responder under could be setup to tweet back at that person, "Hey, I know a great attorney! Call 904-383-7448."

And to blatantly advertise, yes I do handle a small number of select personal injury cases in Florida and Georgia.

Surprisingly, or maybe not surprisingly, two law firms also appear in the search for #carwreck

Now, a lawyer or a law firm simply using a hashtag "#carwreck" is not ambulance chasing, but it is blatant free advertising.  One statement is a boring "objectively verifiable" statement, which if said in the midst of a normal "conversation" would be quite a non-sequitur.  However, searching for a hashtag is a request for information, the same as a website.

If the law firm had tweeted at a Georgia car wreck victim say, "@carwreckvictim Hey, I heard you were in a wreck.  Visit!" It would be a different story.

Twitter is a place for open conversation.  An attorney should regulate himself on twitter the same as they would over a message board, irc chat room, in a restaurant, on a beach, or walking to the courthouse.  Twitter can exist in two basic ethical states.  Twitter can be information on demand, such as the use of the "#" hashtag.  Or Twitter can be a shouting match, a place to watch the random thoughts of the world fly by, and give you an opportunity to engage in conversation.

This duality is the core of the problem in determining the ethics of twitter.  Another duality that was created, mostly because of Facebook, was a suggestion and/or requirement that there be a clear divide between, well, what is best described as lawyer Graham and citizen Graham.  Despite the fact that I am a solo practitioner and it's very difficult for me to confuse anyone, I still have a second Facebook page for my law firm, separate from my personal Facebook.   Now, what's really bizzare about the split in the firm page and the Facebook page, is that essentially it doesn't matter.  My personal account is linked as the owner of the firm, just as any other member could be linked to the firm.  Essentially, the formation of my corporate structure, and the creation of a separate Facebook page, has done nothing to truly separate myself from this corporate Facebook account.

In this attorney's personal opinion, it is more genuine and ethical for an attorney using social media to be themselves.  Now I don't often hang out in bars unless I'm watching a concert, but if any attorney came forward into a barroom conversation and started saying "Get the recovery that you need and deserve.  Hashtag Website. Hashtag Georgia.  Hashtag Painlaw," it is obvious that the person would get up and walk away.  To forward the cause of what it is to be an attorney, it is again my opinion that the use of firm twitter accounts should be discouraged.  However, it is practically necessary for the purposes of advertisement.

If I were to make a bright line rule, for Facebook, Twitter, and Linkedin, or the internet as a whole, it is simply the same as rules governing an attorney, in public.  A virtual public, to be sure, but public nonetheless.

Facebook, Twitter, Advertising

Social media allows you to be anti-social.  Likewise, social media allows you to be overly-social.

Hiring twelve men with megaphones to shout your name and number from the street corner near the courthouse, would be advertising.

Guerrilla Marketing

Guerrilla marketing can take place either live or automated.  This is essentially ambulance chasing.  Various methods of exploitation of this form of marketing can exist.

Automated marketing could require the hiring of a company, however an attorney with the proper technical knowledge could easily build a server that would script automated responses.  From this one computer, and some clever word manipulation, it could appear that hundreds of people are discussing your law firm or the prowess of your attorneys.  Now, why hundreds of people are discussing your law firm, may become an issue if the story is not believable.  It's obvious that this form of marketing, or direct contact looking for people who were involved in an accident, is an issue.  "Sorry to hear about your accident, #GrahamisTheBestAttorneyEver #GiveHimACall?"

And what if such searching and responding were not robots, but instead people, would they not also be subject to attorney regulation?

There is a problem at this juncture, with search optimization companies, or SEO.  SEO companies have already engaged in both automated and non-automated entries on websites, to boost page rankings of attorneys.  Big money is paid for these links.  I think this is all unethical.

Paid Advertising

Twitter has a character limitation.  However, what is generally desired from a lawyers tweet is a call to action.  "Click this link!"  "Look at me!"  "Pay attention!"  "Over here!"  Its 140 character limitation means that if I include my address and my phone number, like a skeleton ad, I only have 82 more characters left.

The differentiating point of the speech on the internet that should be approved is when the advertising is paid.  If the advertising is paid advertising on another website, whose content is beyond the control of the firm, then such advertising should be scrutinized.  The bar should scrutnize both the "tweet" which would be paid to be a sponsored advertisement, and the webpage that is in the call to action in the tweet.

LinkedIn categories, Customer Reviews

As soon as I saw the LinkedIn categories where people put down that they have specialties, I knew that this was a problem.  When they allowed people to endorse other people for specific categories, I cringed.  However, there is nothing I can do about this.  Like the majority of people, I have a LinkedIn profile, but I do not use it.  Unlike most people, I don't generally use Facebook either.  

I've said it before, it is my opinion that the use of these specialties are unethical.   The endorsements, well, I have little control over that.

Customer reviews are a completely different matter entirely.   I love getting positive feedback from a client.  For all the positive feedback I get from my clients, I sincerely expect more feedback on the Internet.  But that's probably just my ego.  Still, it surprises me quite often to see some, often solo attorneys, with so many positive client reviews.   It doesn't surprise me that the linkedin profiles and the avvo profiles of some of the best attorneys contain no client reviews, no picture, and sometimes incorrect information.

Customer reviews are the first amendment right of a customer.  Endorsements on linkedin are the first amendment right of the customer.  Unless they were solicited or requested, or paid for, they are not content that is subject to attorney regulation.

I think that assigning an attorney a number on a scale of 1-10 is ridiculous.  But I'm also a little nutty on this, because I don't believe the Martindale Hubble system of ranking should be used.  I don't believe it should be allowed to be used in attorney advertising, and I don't believe it should be allowed in general.

Tuesday, June 4, 2013

Sharkmp4 PirateBay logs

| 7529073 |                              
        | 2012-08-13 17:28:41  | |
| 7529137 |        
        | 2012-08-13 17:40:33  | |
| 7529155 |             
        | 2012-08-13 17:47:34  | |
| 7552199 |       
        | 2012-08-21 00:54:51  |  |
| 7819909 | 
       | 2012-11-13 01:35:40  | |
| 7825185 |      
        | 2012-11-14 17:14:58  | |
| 7825203 |        
        | 2012-11-14 17:20:48  | |
| 7825260 |      
        | 2012-11-14 17:30:30  | |
| 7832814 |           
        | 2012-11-17 00:31:14  |  |
| 7844770 |      
        | 2012-11-20 19:51:42  |  |
| 7848258 |                     
        | 2012-11-21 19:46:21  |  |
| 7892402 |                                   
        | 2012-12-06 00:56:18  |  |
| 7912530 |                         
        | 2012-12-11 19:30:54  | |
| 7936734 |                           
        | 2012-12-19 00:31:27  | |
| 7940008 |   
        | 2012-12-19 23:03:32  |  |
| 7968216 |                                      
        | 2012-12-29 01:00:50  |  |
| 8119701 |                               
        | 2013-02-09 00:11:31  |  |
| 8144465 |  
        | 2013-02-14 21:44:33  | |

Thursday, April 4, 2013

CFAA: Fundamental Flaws in Application

The CFAA: Where to draw the line?

The imprisonment of Andrew Auernheimer (A.K.A. weev) and the death of Aaron Swartz have lead to many public discussions, as were both being prosecuted under the Computer Fraud and Abuse Act.  The CFAA is also being used civilly by nefarious groups like Prenda Law to attempt to find methods of attaching liability to IP addresses, essentially for "accessing computers without authorization."  While the EFF has focused their attention on the cases of Auernheimer and Swartz, a large protest has begun against the CFAA, or how it is now being used.

There is a clear divide in these suits and actions taken by prosecutors.  I believe that the CFAA as it is applied now, is unconstitutional as it leads to a position where there is no definite or certain "line" that needs to be crossed on a computer in order to have it be a criminal act.   Because there is no definite line, the CFAA is unconstitutionally vague and leads to a position of selective enforcement.

The CFAA and Weev's Case

Before I get into Weev's AT&T "hack" I must confess that I have known of Mr. Auernheimer for nearly 12 years, but I am not biased for or against him based on that relationship.  That part out of the way, his case is the perfect case to show where the line should be not drawn in the sand.  Weev's "hack" of AT&T came from requests to a public webserver, which allows public access.  They allowed this access to personal information to anyone who knew the address to type into a web browser.  This information was made PUBLIC by AT&T by their failure to secure their systems.

This is not to say that any entity in particular has a duty to prevent intrusion, but there is a difference between intrusion and opening a public web address.  If no password is required, the request should not be considered an intrusion.  If no security is in place, the request should not be considered an intrusion.  If a person is not seeking to gain different or higher ranking credentials on a computer within a web request, this should not be considered an intrusion.

How is this activity different than what SHOULD be a violation under the CFAA?   Let us hack my office and see.

CFAA and my Office

At my office, I have a webcam setup for security on a tiny linux box at the front of my office.   The page for the webcam gives me the status of certain servers and devices that I run using ping or curl.

The page for this webcam setup is a public webpage, and there is no password to access this particular page.  It is a secret known only to me, not available in any google search, but if you knew to type in the URL the public at large would be able to access it.    If someone was lucky enough to find the publicly accessible portion of this page, which is everything to the right of webcam picture, then they could have certain control over my office.  However, there is a password on the webcam stream, and so the image would not be accessible.

Over to the right hand side, there are also controls for the lobby music.  Again, these are publicly available controls.  You can turn the lobby volume up, turn it down, change the channel. stop it, start it, etc.  If you found this particular page, without a password, you would be able to create some havok in my lobby.  You would probably not be able to use this information in anyway, but it is a control of a device through the internet.

If someone found this webpage, and spent all day turning the music in my lobby up and down, and switching stations, I would be very annoyed and angry, but this would be my fault.

CFAA is not a license to be insecure

Now, imagine that weev found my webcam control page, and started spending a lot of time changing my lobby music at random (which is not all too far fetched).   I would and should have no recourse against his actions.  While it was not expressly permitted by me, by putting this control on the World Wide Web, unpassworded, I have opened it up for the world.  I do not need to list it with google, I do not need to share the URL.  If it happens that the URL is hit, then the URL is hit.  Again, I should have no recourse.

Now imagine that weev started saying things to me like, "Hey man, nice suit.  Jerk face." and started saying that he could see me walking into my office.  Well, to access that particular part of the webcam, the video stream, he would need to get around the password screen that pops up when the page is opened.  This is a line that shouldn't be crossed.  For the bar exam, one of the things we always had to remember for Burglary was that at common law, it was "Entering the dwelling house of another" and "at night" and "with the intent to commit a felony" but we have no such straight principles within the CFAA.

This lack of bright-line rules within the CFAA and a lack of understanding of technology (or a lack desire to understand) on behalf of some members of the judiciary, leads to a position where the knowledgeable prosecutor can pull the wool over the courts eyes.

Part of the lack of bright-line rules comes from the inherent problem of accurate language required by statutory construction paired with a lack of understanding and fear of technology.  And, lets face facts, the common law does not exactly seem to apply nor basically even shed light on the issues presented by technology.  The law of trespass has been used to describe entry upon land for centuries.   States have instituted laws regarding the posting of signs regarding trespass.  There is no "Signpost" on a webserver where such trespass warnings can be instituted.  There are only password prompts or denials of access.  It is not the "World Wide Web" of secrets, it is a world wide web of publicly accessible information with nests of secrets all around.  If you want your information to be secure, and for a potential intruder to be criminally or civilly culpable, then it is your duty to put up sign posts or passwords, no matter how simple.  Access to this information should be restricted, and secured, so that actual intrusion becomes necessary to get at the information.

If I place upon my server a public directory, lets say, it is a good chance that this would never be guessed.  But if I start throwing information into that folder without placing passwords on the information and someone accesses it, it is my fault.  I put the information on the web.  But, if I went to a judge or a prosecutor and claimed that you accessed that directory without permission and gained valuable information, I might be able to get them to run with it.  If the Prosecutor or Law Enforcement had some particular reason to hate you (i.e. you are very vocal in a political party or movement or just being a general jerk like Weev) then they would spin the story into a security breach and seek punishment.  The lack of direction within the CFAA and the lack of understanding of technology have lead to the perfect storm of selective enforcement of the law.


Tuesday, March 26, 2013

Bait Productions Pty. Ltd. v Does 1-XXX - IP Enforcement Law Group

Attorney Richard Fee of the IP Enforcement Law Group PA has initiated many multiple individual suits in the Middle District of Florida.

Bait Productions Pty Ltd. v. Doe 3 - Filed 2/11/2013
Bait Productions Pty Ltd. v. Doe 24 - Filed 2/8/2013
Bait Productions Pty Ltd. v. Doe 24
Bait Productions Pty Ltd. v. Doe 12
Bait Productions Pty Ltd. v. Doe 12
Bait Productions Pty Ltd. v. Doe 33
Bait Productions Pty Ltd. v. Doe 37
Bait Productions Pty Ltd. v. Doe 52

No client I have ever talked to about this movie ever remembers anything about it.

The IP Enforcement Law Group is tightly integrated and an alter ego of Fee & Jeffries, P.A.

IP Enforcement Law Group -

IP Enforcement Law Group, P.A.
1227 N. Franklin Street Tampa, FL 33602
Phone: 813-490-6050
Fax: 813-490-6051

Fee & Jeffries, P.A.
1227 N. Franklin Street  Tampa, FL 33602

David Jeffries is a partner in both firms.