[Orin Kerr] How to Read a Legal Opinion ←

[Orin Kerr] How to Read a Legal Opinion:

A guide for new law students — and others.

With law schools set to open their doors in a few weeks to a new 1L class, it’s time for my annual posting of my 2007 essay, How to Read a Legal Opinion: A Guide for New Law Students. As the abstract explains:

This essay is designed to help new law students prepare for the first few weeks of class. It explains what judicial opinions are, how they are structured, and what law students should look for when reading them.

I’m told that some non-lawyers also have found the essay valuable as an introduction to reading cases.

(Via The Volokh Conspiracy)

This is a free to download PDF.

As more and more cybersecurity case law is established and while more and more existing case law is pressed into cybersecurity service, being able to read and understand the basics of legal opinions isn’t just the realm of compliance team any more.

Also on:

The Synonym Finder

The Synonym Finder:

This is the best thesaurus there is. It supplies more synonyms, analogs, parallels, equivalents and comparable words in English than any other source, online or off. No other thesaurus comes near to it for completeness or breadth. Compiled in dictionary form, like the one in your word processors, there’s no index or cross-referencing. Just look up a word, any word, and it proceeds to overwhelm you with alternative choices (a total of 1.5 million synonyms are presented in 1,361 pages), including short phrases and only mildly related words. Rather than being a problem of imprecision, the Finder’s broad inclusiveness prods your imagination and prompts your recall.

(Via Cool Tools)

My good friend Tracy, the @InfoSecSherpa, is helping me acquire the best English language resources. I do a lot of editing here and often need to explain why English is the way it is.

Also on:


People like to look at my Every Day Carry (EDC), the stuff I keep with me on a regular basis in certain contexts.

Sure, I’m a tasty treat. We all know that. This isn’t about me.

My kit, my EDC, is too expansive and varied for a single post. I’ll document it in several posts.

My colleagues and I just returned from another day touring Amsterdam. I’m in the hotel restaurant. I have (all photos post inventory; all links refer to revenue generating links unless they don’t):

Also on:

ISC Diary | Tools for reviewing infected websites

At the ISC we had a report today from Greg about obfuscated Javascript on the site hxxp://fishieldcorp.com/. A little research revealed that this site has been infected in the past. Nothing extraordinary, just another run of the mill website infection.

What did strike me is how the nature of this research has changed in recent years. Not so long ago checking out a potentially infected website would have involved VMs or goat machines and a lot of patience and trial and error. Today there are so many sites that will do the basics for you. Greg sent us a link to URLQuery which displays a lot of information about a website including the fact that this one is infected.

via ISC Diary | Tools for reviewing infected websites.

Cisco launches open-source tool for penetration testers | ZDNet

Cisco has opened up access to Kvasir, which helps penetration testers worldwide assess the security levels of computer systems at a glance.

In a blog post, Kurt Grutzmacher, solutions architect at Cisco’s Security Practice Advanced Services team, said that the tool was initially created for the Cisco Systems Advanced Services Security Posture Assessment (SPA) team to keep track of the tests and data collected by the firm’s penetration testers.

A pen test is a way to test a system’s security standard by simulating a cyberattack.

During typical assessments of network security, pen testers may analyze between 2,000 and 10,000 hosts for vulnerabilities, perform various exploitation methods such as account enumeration and password attempts, and then they have to collect, sift through and document the results.

via Cisco launches open-source tool for penetration testers | ZDNet.

ISC Diary | How do you spell “PSK”?

So, what to do? In the past, I’ve used an excel spreadsheet to generate a random string of “n” characters, selected from a set of characters that do not include the “confusing” ones (Oo01lIiL and so on). The “randomness” was defined by how long I felt like leaning on the F9 key that day. After creating the string, I would then try to get my client to NOT write down the string – this almost never works, but it’s worth a try.

For today’s story, I decided to improve on this a bit, and re-coded it in python. This was a 5 minute script (as most of mine are), so if you see a way to improve or neaten this up in any way, please – don’t be shy – use our comment form.

via ISC Diary | How do you spell “PSK”?.

3 Steps To Keep Down Security’s False-Positive Workload — Dark

Security needs to be better automated, but while detecting attackers is great, all too often automation means that security teams are left with chasing down a list of security events that turn out not to be an attack but unexpected system, network, or user behavior.

These “false positives” are the bane of most machine-learning systems: Valid e-mail messages blocked by anti-spam systems, unexploitable software defects flagged by software analysis systems, and normal application traffic identified as potentially malicious by an intrusion detection system. First-generation security information and event management (SIEM) systems, for example, would often deliver lists of potential “offenses” to security teams, leading to a lot of work in wild goose chases, says Jay Bretzmann, market segment manager for security intelligence at IBM Security Systems.

via 3 Steps To Keep Down Security’s False-Positive Workload — Dark.