Want to know how you can directly save costs without sacrifice? I am just going to say it, stop “TIFFing” out all of the documents that you review for your client. When you finish drafting your complaint or motion for summary judgment, do you convert it to a TIFF before you perform the final review? Then why are you converting all of your client’s documents to an image before you review them? The document conversion aspect of processing is one of the biggest wastes of money in eDiscovery. Many feel that this processing phase of eDiscovery is the most expense, TIFFing every document before you review it is a large portion of that expense.

You’d think sysadmins wouldn’t need to be told not to do a whole lot of work they don’t have to do, but perhaps the stress of litigation throws the natural laziness out the window.

As you can see, using a basic unified eDiscovery platform for the processing phase can save your client 75% when compared to TIFF conversions and 66% when compared to early case assessment platforms. For simplicity, I have not provided estimates for native processing and then the use of another review platform. That scenario would be in the same price range as the ECA option. I have also not included the costs of production. One last note is the price used for the unified eDiscovery platform is the pricing model that we provide to our clients and pricing of other unified eDiscovery platforms may vary.

I need the option for an Exchange shop where management won’t allow any expenses for unified messaging.  However, I like both Google Apps’ Postini and McAfee’s MX Logic for unifying messaging and eDiscovery.

via eDiscovery – Someone Has to Say It | Sword & Shield Enterprise Security, Inc..

1. Understand why what you’re offering to do for other people is interesting, important, meaningful etc then start telling people about it.

Think about this one. Hard. If you don’t know, then how will other people know? Exactly. They won’t.

Everyone is a salesman. Ever bump into the guy who can’t describe what he does for a living, and isn’t in a top secret government agency?  Ever hear his wife try to describe what he does?

It’s not exactly a convincing sell that he does something important, interesting, or meaningful.

Number 4 reflects exactly why I converted NerdHerd.com into a blog:

4. Start a blog.

Blogs are funny things. Say something smart, people pay attention. Say something dumb, you’re ignored. We big media folk just can’t seem to get our heads around that concept, for some reason. Regular blogging can help train you to better discern between smart and dumb. Makes it easier to extend this to the rest of one’s business.

Currently, I’m focusing on posting smart things others have said, while warming up to the idea of writing smart material myself.

Here’s to the future!

via thoughts on “smarter conversations” | gapingvoid.

I start by identifying what will be required of the desktops, what sort of hardware (client and server) will be required to support the requirements, and then I dive into the murky, swirling world of licensing:

1. License costs

In addition to the “three C’s” one of the most important testing criteria is licensing costs. None of the competing vendors make it easy to do an apples-to-apples comparison, so you’ll need to do some noodling to get a price per-desktop, per-year figure. It makes a difference how many years you include in your calculations. I suggest looking at a minimum of three and a maximum of five years, depending on your current physical desktop or laptop formula. Speaking of physical systems, you should factor in the costs of the user devices on which the remote virtual desktops will be hosted.

via Critical Testing Criteria: Virtual Desktop Infrastructure – Virtualization from eWeek.

According to the researchers, quantum key distribution (QKD) implementations rely on the detectors to measure the quantum property of single photons. Using bright illumination, the team demonstrated how two commercially available QKD systems—id3110 Clavis2 and QPN 5505, developed by vendors ID Quantique and MagiQ Technologies, respectively—can be fully remote-controlled.

“This makes it possible to tracelessly acquire the full secret key; we propose an eavesdropping apparatus built from off-the-shelf components,” the team wrote. “The loophole is likely to be present in most QKD systems using avalanche photodiodes to detect single photons.”

via Researchers Find Quantum Encryption Hack – Security from eWeek.

View 4.5 addressed all four of the above shortcomings, and the breadth of their feature improvements were deeply scrutinized with hands-on assessments in our lab. To VMware’s credit, they didn’t try to address customer management requirements with band aids. Instead, they literally scrapped their previous management console and replaced with a far improved Adobe Flex-based console. In addition, they unveiled a Microsoft System Center Operations Manager (SCOM) management pack for View 4.5 management. That was another common request I’ve heard from early VMware View adopters. On the scalability side, View 4.5 is now capable of scaling to 10,000 managed desktops per management domain, which is currently double the maximum scalability supported by Citrix.

via VMware View 4.5: Ready for the Large Enterprise.

AVG’s analysis is based on an examination of attacks during the last week of July. According to the company, AVG software detected attacks against one in 10 customers browsing the Web in Turkey during that period. Also near the top of the list were Russia one in 15, Armenia one in 24 and Azerbaijan one in 39.

The global average was one in 73 users. In the United States, one in 48 users were attacked, the same proportion as in Pakistan. Vietnam and Laos had a slightly worse percentage, coming in at one in 42 for both countries.

[...]

On the other side of the safety scale is Japan, where AVG software picked up attacks for one out of every 403 users. Sierra Leone had the fewest attacks, with just one out of every 696 Web users being hit. Other countries listed among the top 20 safest places are Taiwan 1 in 248 attacked, Argentina 1 in 241 attacked and France 1 in 224 attacked.

via AVG Lists Most Dangerous Countries for Web Surfers – Security from eWeek.

Government agents can sneak onto your property in the middle of the night, put a GPS device on the bottom of your car and keep track of everywhere you go. This doesn’t violate your Fourth Amendment rights, because you do not have any reasonable expectation of privacy in your own driveway – and no reasonable expectation that the government isn’t tracking your movements.

That is the bizarre – and scary – rule that now applies in California and eight other Western states. The U.S. Court of Appeals for the Ninth Circuit, which covers this vast jurisdiction, recently decided the government can monitor you in this way virtually anytime it wants – with no need for a search warrant. (See a TIME photoessay on Cannabis Culture.)

via The Government’s New Right to Track Your Every Move With GPS – Yahoo! News.

Privacy item 2:

As the privacy controversy around full-body security scans begins to simmer, it’s worth noting that courthouses and airport security checkpoints aren’t the only places where backscatter x-ray vision is being deployed. The same technology, capable of seeing through clothes and walls, has also been rolling out on U.S. streets.

American Science & Engineering, a company based in Billerica, Massachusetts, has sold U.S. and foreign government agencies more than 500 backscatter x-ray scanners mounted in vans that can be driven past neighboring vehicles to see their contents, Joe Reiss, a vice president of marketing at the company told me in an interview. While the biggest buyer of AS&E’s machines over the last seven years has been the Department of Defense operations in Afghanistan and Iraq, Reiss says law enforcement agencies have also deployed the vans to search for vehicle-based bombs in the U.S.

via Full-Body Scan Technology Deployed In Street-Roving Vans – Andy Greenberg – The Firewall – Forbes.

This is your Sequoia touch-screen voting machine with Pac-Man hacked onto it without disturbing any of the “tamper-evident” seals supposedly meant to protect it from hackers…

Any questions?…

Sequoia’s voting machines, used in some 20% of U.S. elections, employ Intellectual Property (IP) still owned by a Venezuelan firm tied to Hugo Chavez. Sequoia itself is now owned by a Canadian firm called Dominion. (Though Dominion, like Sequoia itself before it, lied about the continuing Venezuelan/Chavez ties in its recent announcement of the acquisition, as detailed exclusively by The BRAD BLOG, to little notice, in June.)

via The BRAD BLOG : Pac-Man Hacked Onto a Touch-Screen Voting Machine Without Breaking ‘Tamper-Evident’ Seals.

In an article for Foreign Affairs, Deputy Defense Secretary William J. Lynn III writes that in 2008, a flash drive believed to have been infected by a foreign intelligence agency uploaded malicious code onto a network run by the military’s Central Command.

“That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control,” Lynn writes. “It was a network administrator’s worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary.”

via Defense Department Confirms Critical Cyber Attack – Security from eWeek.

Everybody knows that PCI DSS 2.0 is coming! The Council released a summary of changes for version 2.0 [PDF] to be released in October 2010. Council folks have granted this brief interview to Security Warrior Blog; it is provided below in its entirety:

via Anton Chuvakin Blog – “Security Warrior”: Brief PCI Council Interview in Regards to PCI DSS 2.0.