Articles Posted in E-commerce

Published on:

Now, aside from Bitcoin and other digital currencies spawning from video games and consumer-oriented companies, it’s important to be aware that there are other types of digital currencies or so-called “cryptocurrencies.” These operate more similarly to Bitcoin in how they generally lack a centralized system that assigns value (compared to other digital currencies like virtual item trading where the items are managed by a company) and has a similar mining protocol allowing individuals to mine the currency.  Indeed, even Bitcoin had a “split” changing from one cryptocurrency to two. Why are there even alternatives? What features does one cryptocurrency have on the other? How should one evaluate the choice to enter a cryptocurrency market?

Bitcoin’s Split

In order to make Bitcoin more accessible, the system administrators for Bitcoin and other individuals prominent in the community underwent a “split” of the currency, as well as other changes to increase the speed of transaction verification. Due to the limits put in place to make Bitcoins scarce and limit the supply, the effective limit had placed a curb on growth. In response, some users chose to take a split after starting in August of this year to create a new cryptocurrency working mainly on the same system as Bitcoin, but with the ability to convert it to “bitcoin cash” and a faster mining and verification process. This would mean that Bitcoin cash would have a lower face value than Bitcoins, as they would be more plentiful. However, this would also make it potentially less secure as the blocks would grow in maximum size, and it would have a shorter history compared to Bitcoin.

Published on:

The legality of certain virtual currencies can be murky.  While some currencies, like Bitcoin, can be readily traded for goods and services, however, other virtual currencies remain where regulation is more questionable. To that point, the curators of digital economies have hired economists to better model the value of these digital commodities, creating a sort of virtual currency by accident.  However, the ecosystem behind these virtual currencies has exploded and led to new questions regarding their use and potentially illicit activities. So, what are these virtual commodities? How did they gain value? What is being done to curtail the murkier aspects?

What are these virtual currencies?

A good example of these virtual currencies comes courtesy of Valve, a company that both creates and distributes video games. For the purpose of creating more income for some of their “free-to-play” games, random prizes are given out, and can be earned in-game, and later resold via its platform. These items generally have no in-game function, and merely provide an aesthetic value. For a select few Valve games, these items can then be exchanged between players, or for currency in Valve’s store. In essence, the items can function much like tickets in an arcade, or more concerning, poker chips in a casino. Other games have similarly created digital currencies that can be shifted easily from a “real” currency to something that can be used (though not necessarily benefit) the person in game.

Published on:

Bitcoin is a cryptocurrency that has been in the news and in conversations recently for various reasons. While not all retailers will take Bitcoin, and there are fairly good reasons not to, but the cryptocurrency has really taken off.  However, despite how much the word “Bitcoin” is used, the nature of the virtual currency provokes a sort of air of mystery. Unless one researches how to find or buy it, it remains a type of investment that is more exotic than what is commonly available to consumers. Why is Bitcoin so expensive? How does one find and buy a Bitcoin?

Why is Bitcoin expensive?

To properly explain Bitcoin, it’s important to restate one of the fundamentals of economics. The value of a commodity is determined by supply and demand. When it comes to currency specifically, this translates to “the more common and easily- obtainable the currency is in the market, the price will become less in the market.” This is what’s referred to as “inflation.” The purchasing power of a currency goes down because there is more of that currency.

Published on:

Net Neutrality is the principle that Internet Service Providers (ISP) and the government should treat all web-related traffic equally regardless of the source. If there was no net neutrality, companies would have the ability to purchase priority access to the ISP customers. Larger and wealthier companies (e.g., Google) would be able to pay the ISPs to provide customers more reliable access to their websites instead of to competitors’ websites. This would negatively impact any new start-up service that would not be able to purchase a priority access.

On February 26, 2015, the Federal Communications Commission (FCC) voted to enact the “strongest net neutrality rules in history.”  Millions of Americans contacted the FCC, called their Congress members, and wrote to the White House to express their support.  Although, this decision was a bold move in favor of net neutrality, but more changes may be coming soon. This 2015 Rule meant that ISPs cannot block access to any websites and they cannot interfere with website loading speeds. This rule also banned paid prioritization, which means that ISPs are not able to give preferential treatment to websites that pay an additional fee.

On January 23, 2017, President Trump selected Ajit Pai to lead the FCC as the new Chairman. This Chairman has a record of previously promising to undo the 2015 landmark decision. Then on May 18, 2017, the FCC, led by Chairman Ajit Pai, voted to propose a review of the 2015 rules.  Mr. Pai holds the opinion that the 2015 FCC rules are a “bureaucratic straitjacket” on the ISPs.  The new FCC proposal, which is called “Restoring Internet Freedom” contemplates whether to undo the legal approach that enforced those rules and whether there was anything that warranted the rules in the first place.

Published on:

After this month’s discussion on the statutes that prohibit the unauthorized access of email accounts and digital assets, one might wonder how these statutes may apply in a case. However, in the lengthy saga of Facebook v. Power Ventures, the Ninth Circuit issued a determination giving a bright line example of what would not be permissible under the law. So, how did Power Ventures violate these unlawful access laws? How did they attempt to move around the laws? What was Facebook’s argument, that has thus-far prevailed in the courts?

Case History

This case focuses on Power’s use of Facebook through the actions of other users.  Power, a type of social media aggregator, would allow users to “link” Facebook, Twitter, and other social media accounts to permit control from a single website.  From there, Power would “scrape” data under the permission of the Facebook users.  However, this was against Facebook’s terms and conditions.  Power would also invite users to invite others in spam-like messages, as well as deploying bots.  This ultimately resulted in an IP-based ban against Power. Yet, Power evaded those bans and defied a cease and desist letter, prompting Facebook to sue based on CAN-SPAM, Penal Code 502, and CFAA.

Published on:

In our last blog post, we mentioned eBay, Inc. v. Bidder’s Edge, Inc. While the case wasn’t related directly to ransomware, it creates an important precedent for tort liability. Specifically, it supports the idea that common law torts can be carried out and applied in the digital world.  So, what does eBay give us as a legal theory? How might it get applied to ransomware in a hypothetical case? What is the likelihood of succeeding on such a case?

Case Analysis: eBay, Inc. v. Bidder’s Edge, Inc.

In this case, eBay sued Bidder’s Edge for the use of a type of program known as a “spider” or “bot.” These programs would automatically go to eBay, search for information, and repost it on Bidder’s Edge. The purpose of this was to allow others to get better ideas of what to bid on items by searching multiple auction sites. While there were negotiations to allow Bidder’s Edge to access eBay, however, the negotiations broke down, and ultimately prompted the lawsuit.

Published on:

So, where do we go from here? After the Internet of Things was effectively used as a way to crash various online stores and services, it leaves us with the question of how can we fix this gaping hole in our security that would allow this new technology to continue to exist without causing further risk? As mentioned last week, the most likely solutions are either in the private sector, through consumer choice and manufacturer investment, or through government action. What actions should individuals take? What is the government doing now? What might the government do in the future?

What is the private sector currently doing?

The private sector is not doing much at this time. While consumers could demand more secure smart devices, the focus of the demand for these devices tends to be towards their functioning.  In general, less sophisticated consumers buy smart devices for the sake of convenience, with security being a distant thought when compared to the more sophisticated consumers.  These smart devices, like any other internet-connected device, occasionally need security updates to remain resistant to online bugs (i.e., malware).  So, as the world becomes smarter, this technology will need to adapt and advance, accordingly, in order to mitigate the risks. Yet, without some motive to do so, it’s less likely that resistance to the botnet will emerge, and it may be due to the government’s intervention.

Published on:

In recent years, we have all heard the expression before, but how does someone really “break the Internet?” Recently, an incident arose where a large network of electronic devices joined together resulting in a major interference with online businesses and services. Amazon, Netflix, and Yahoo, were hobbled temporarily due to various flaws in the Internet of Things. This flaw allowed individuals to create what’s known as a botnet, to launch a massive DDoS attack to effectively shut down services.  So, how would we prevent a similar incident from occurring? Should you be concerned about your smart devices? What about your websites and online services?

How did the Internet of Things become weaponized?

As it stands, the Internet of Things, which comprises of smart devices that connect online for the convenience of individuals, became weaponized against service providers, and created a “botnet.”  Effectively, some type of malware was downloaded onto these smart devices prompting them to send requests to certain websites. When these websites become overwhelmed by the requests, it resulted in websites crashing, or becoming generally unavailable to the users.  Here, one might wonder how, but the real answer was due to a lack of knowledge, training, and security. Unlike regular computers, tablets, and cellphones, smart devices do not always have the capability for security updates. With this, even for those devices that might be on a more secure network, the Internet of Things still entails those devices being connected online. This makes them vulnerable to more pinpointed attacks.  From there, the controller of the botnet can use the Internet of Things to launch the DDoS attack and crash a network.

Published on:

As it stands, the Internet of Things can be a dangerous proposition. Due to various hacking techniques, like rubber ducks, pineapples, and pivoting, one must wonder, if it can be hacked into, and if so, then what can we do about it? What about cars, planes, trains, and power plants? To this point, the U.S. Government has launched the Cybersecurity National Action Plan or CNAP. The idea is to add more information and resources into the system, increasing the amount of resources to help build up cybersecurity and investing resources into security measures. So, what is the government doing with CNAP? How might this help a business? How might this help individuals?

What does CNAP do?

It’s a set of guidelines and goals that the Obama Administration has implemented to help build the cybersecurity network, protect against attacks on the Internet of Things, and the general national network as a whole. The first, and easiest way it plans to do this is through the 2017 budget, allocating approximately 19 billion dollars for cybersecurity, up by 35% from the previous year’s budget.  It also incorporates and promotes other existing goals and changes, such as the BuySecure Initiative requiring credit cards to incorporate smartchips, and making large businesses use the smartchip option rather than the traditional magnetic strip.  CNAP also incorporates other ideas, such as multifactor authentication, identity for Federal Government digital services, training for small businesses, and relaunching identitytheft.gov.  Therefore, it is less of a new initiative, but rather a continuation of previous actions.

Published on:

Nowadays, we’re using the web for numerous purposes, including, but not limited to, online banking.  So, we should be able to protect our financial information. There are many options for hackers to gain access to financial information, and without the prerequisite security, financial information can be accessed by hackers.  The law outlines the rules for financial institutions, such as data protection, data sharing, data preservation, security breach notification, or insurance requirements.  Also, there are different standards when it comes to consumer and business bank accounts.  For example, businesses face different prerequisites that must be fulfilled prior to submitting a claim towards a financial institution.

How might hackers commit banking fraud?

Looking at how hackers may even access your financial information, there are a few tools that need to be highlighted. Among them are Pivoting, Rubber ducks, and Pineapples. While this perhaps sounds odd, the way they can work is terrifying. Pivoting is a process hackers can use to break into a computer system by accessing it through an already-compromised device. For example, a hacker may access a web server by gaining access to an email server within the same network.  These discrepancies can also occur between smart devices, which indicate a downside to the Internet of Things. Rubber ducks are special USB drives with small processors. They act as a “Trojan Horse” by downloading and re-uploading information quickly and autonomously without causing alerts. Pineapples, in comparison, are more likely to come across, but more difficult to avoid.  These are devices that “clone” Wi-Fi networks. They will function in the same way, allowing individuals to connect and access the web, but can also be used to access and hack data after someone is connected. Pineapples and Rubber ducks are dangerous because they can download “keyloggers” onto computers, which would record and transfer confidential information (e.g., passwords, financial data) to the hacker’s computer.