The European Union's approach to online behavioural advertising: Protecting individuals or restricting business?

The European Union (EU) has firmly set its stall out to protect individuals' data and privacy and has demonstrated this through the rejection of the old opt-out regime and the introduction of the new opt-in rules. These require businesses to obtain individual's prior and informed consent before their data are collected, stored and used for the purposes of online behavioural advertising (OBA). Individuals in the EU are afforded protection from the apparent dangers relating to data privacy and misuse that is associated with OBA, which is beyond the expectation of most Internet users. However, there are some criticisms levelled at the law that the EU has produced. Is simply gaining informed consent sufficient for protecting all types of information? Do certain types of information require a higher level of consent than others? Does the law fulfil its aim of protecting data subject's privacy and data? Is the current law restrictive to business? Do individuals know or care that their information is being collected for the purposes of targeted advertising and is there a better way to ensure that they do? Finally, will proposed new law to be found in the EU Data Protection Regulation solve any of these problems? This article will assess whether, as a policy decision, the EU's current approach has been too cautious in its attempts to protect individuals or restrict business.     

Information assurance in a distributed forensic cluster

When digital forensics started in the mid-1980s most of the software used for analysis came from writing and debugging software. Amongst these tools was the UNIX utility ‘dd’ which was used to create an image of an entire storage device. In the next decade the practice of creating and using ‘an image’ became established as a fundamental base of what we call ‘sound forensic practice’. By virtue of its structure, every file within the media was an integrated part of the image and so we were assured that it was wholesome representation of the digital crime scene. In an age of terabyte media ‘the image’ is becoming increasingly cumbersome to process, simply because of its size. One solution to this lies in the use of distributed systems. However, the data assurance inherent in a single media image file is lost when data is stored in separate files distributed across a system. In this paper we assess current assurance practices and provide some solutions to the need to have assurance within a distributed system.     

WhatsApp network forensics: Decrypting and understanding the WhatsApp call signaling messages

WhatsApp is a widely adopted mobile messaging application with over 800 million users. Recently, a calling feature was added to the application and no comprehensive digital forensic analysis has been performed with regards to this feature at the time of writing this paper. In this work, we describe how we were able to decrypt the network traffic and obtain forensic artifacts that relate to this new calling feature which included the: a) WhatsApp phone numbers, b) WhatsApp server IPs, c) WhatsApp audio codec (Opus), d) WhatsApp call duration, and e) WhatsApp's call termination. We explain the methods and tools used to decrypt the traffic as well as thoroughly elaborate on our findings with respect to the WhatsApp signaling messages. Furthermore, we also provide the community with a tool that helps in the visualization of the WhatsApp protocol messages.     

刍议股权

股权问题是现代企业制度的核心问题,它对于理顺股东与公司之间的产权关系,无论在理论还是实际的运作当中都意义深远。随着国有企业改革事业的进展,我国公司立法及公司制度的兴起,关于如何界定国家与企业产权关系、股东权的法律保护等问题引起了广泛而长久的争论,而要正确解决这些问题的关键在于要弄清股权的性质,理清股权的法律属性。股权的法律属性表明它是一种与人身相关联、具有独立的权能形式、有其自身特征、内容和法律关系的完整而独立的权利形态,是一种新型的财产性民事权利。     

知识产权非理性扩张的一种认知模式

本文首先描述了在以美国等发达国家的极力鼓噪下知识产权非理性扩张的一般图像,在此基础上,笔者从知识产权制度与所有权制度哲学理念之差的视角切入,对知识产权制度的非正常发展进行了剖析和解读.文章认为,正是我们把所有权制度的基本理念错误地嫁接到知识产权制度上,才导致了今天知识产权制度的失范.基于前面的分析,文章还对中国究竟应制定物权法还是制定财产的基本法展开了探讨,文章的结论是我们应当制定财产的基本法,这有利于我们纯化知识产权制度和所有权制度这两套各别的制度系统,使二者在其自在自为的世界里获得健康和正常的发展.     

Reverse engineering a CCTV system,a case study

Given a disk image of a CCTV system with a non-standard file system, how is the data interpreted? Work has been done in the past detailing the reverse engineering of proprietary file systems and on the process of recovering data from CCTV systems. However, if given a disk image without the CCTV system itself, or if under time constraints, the task becomes much more difficult. This paper explains a different approach to recovering the data and how to make sense of data on a CCTV disk. The method does not require extensive reverse engineering of the CCTV system, or even to have access to the CCTV system itself.