Welcome to My Blog

Chintan Pathak is a popular cyberlawyer and operates from Surat in India. He is specializing in cyberlaws and Intellectual property laws.
Chintan Pathak is a popular cyberlawyer and operates from Surat in India. He is specializing in cyberlaws and Intellectual property laws.

Smiley face

Tuesday 20 January 2015

Child Online Protection in India: Need of the Hour/Second

No comments:

 Child Online Protection in India: Need of the Hour Second

A new media was given birth to the technological advert called as Cyber Media commonly known as Cyber Space. Cyber Space is a complex environment consisting of interaction between people, software and services, supported by the worldwide distribution of information and communication technology devices and networks. Children and younger generation, in particular, are actively indulging themselves in the Cyber Space the purpose of entertainment, e-mails, e-shopping, web-TV, home-work, research, education, online gaming, downloading music, videos, movies and social interaction; at the same time, they are susceptible to fall prey to online predatory criminals. This often happens in the form of Cyber Stalking, Cyber Bullying, Child Pornography, Online Harassment, Morphing, Hacking of E-mail or Social Networking Profile, Identity Theft, Unwanted Exposure to Sexually Explicit Material etc. These risks are not confined to their local area but occur from people all around the world. Educating the children about practicing safe online behaviour in order to enjoy the gifts of web world and safeguard from the potential danger of online criminals is of pivotal importance. At the same time, it is important that the government, together with the epistemic community, school teachers, parents and children should actively work to build a safe environment for the innocent minors as well as mitigate and combat the cyber paedophiles.  It is a need of the hour for a multi-layer approach to address the online risks, which carries different challenges and require broader international collaboration to find innovative solutions. The new challenges arise to protect children and young generation due to the rapid growth of Information and communication technology in India.       
Continue Reading...

Friday 30 May 2014

Data Security

No comments:
Data means information which is being processed by means of equipment operating automatically in response to instructions given for that purpose, recorded with the intention that it should be processed by means of such equipment, recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system, forms part of an accessible record, or recorded information held by a public authority. 

Data Security means protecting a database from destructive forces and the unwanted actions of unauthorized users. It can also be defined as protective measures for digital privacy which are applied to prevent unauthorized access to computers, databases, websites and other confidential documents. It also protects data from corruption. In today’s world, security of data is the first priority for all organizations irrespective of size and genre. It is also known as information security (IS) or computer security. 

The focus behind data security is to ensure privacy while protecting personal or corporate data. Data can be considered as the information stored in form of rows and columns in database, network servers and personal computers. Data can include any damn thing from personal file to property papers, business secrets or market analysis. It could be anything of interest. Some of these are not intended to leave the system as it could lead to numerous problems for the organization. Having your bank account details stolen or system administrator with a lost database of client’s information are in the same condition. So, the database manager should determine different access privileges for different users. All users will be able to access only some part of the data and not the confidential one. Some users can only read the database while some who are qualified can also edit the database. The purpose of determining who has access, as well as the degree of access, is to protect the data from unauthorized use

Security of data includes physical and technological security along with management and organizational security measures. For physical security, Data must be protected physically from harm or accident.  For technical security, one can use different hardware and software mechanisms or password protection schemes for security of data on a personal computer or organizations. Organizational security measures like limiting access, etc are also equally important in addition to physical and technological security.

There is huge emphasis on data security in the age of internet. If you don’t follow essential guidelines for security of data, sensitive data is at risk.
Continue Reading...

Data Protection

No comments:
Data protection is the relationship between collection and dissemination of data, technology, the public expectation of privacy, and the legal and political issues surrounding them. The challenge in data privacy is to share data while protecting personally identifiable information. 

Laws for protection of data exist to balance between the rights of individuals to privacy and the ability of organizations to use data for the purposes of business. The Data Protection Act (DPA) protects the privacy and integrity of data held on individuals by businesses and other organizations. The act ensures that individuals have access to their data and can correct it, if necessary. 

Here are few tips for Protection of data in organizations according to the Data Protection Act:

Data processing means obtaining, recording or holding the data or carrying out any operation on the data like - Organization, adaptation or alteration of the data, Retrieval, consultation or use of the data, Disclosure of the information or data by transmission, dissemination or otherwise making available, or Alignment, combination, blocking, erasure or destruction of the data.

•    Personal data of employees shall be processed fairly and lawfully.
•    Personal data should be obtained only for specified and lawful purpose, and shall not be further processed in any manner incompatible with that purpose.
•    Personal data should be adequate, relevant and not in excess in relation to the purpose for which they are processed.
•    Personal data should be accurate and, where necessary, kept up to date.
•    Personal data processed for any purpose should not be kept longer than is necessary after that purpose is fulfilled.
•    Personal data should be processed in accordance with the rights of data subjects under Data Protection Act.
•    Appropriate technical and organizational measures should be taken against unauthorized or unlawful processing of personal data and against physical loss of data like accidental loss, destruction, or damage to personal data.
•    Personal data should not be transferred overseas unless that country ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

The increasing use of information technology and the internet ensures that data protection remains one of the most important and relevant laws that online businesses are required to comply with. The internet is all about the transfer of information. Internet is also used for collection of information. Organizations must care about collection, storage and usage of personal data. This involves amending employment and marketing practices in addition to internal training.
Continue Reading...

Secure Delete

No comments:
Secure Delete is a way to make sure that when you delete a file it cannot be recovered. Understanding it is important to protect sensitive data properly. Deleting a file in Windows doesn't actually delete the data. When you delete a file in Windows explorer, the file is just moved to recycle bin instead of permanent deletion. Hence your deleted files are saved in the recycle bin till the recycle bin is too full or you delete it yourself. Even after deleting the recycle bin there is no guarantee that the file is deleted forever. Instead, the computer just made the file invisible to the user, and marked the part of the disk drive that it is stored on as "empty," meaning that it can be overwritten with new data. The deleted file can be overwritten within weeks, months or years. It is like moving out of an apartment by only taking name off of the door. Until someone moves in and replaces their own, all your stuff is still inside and available to anyone who knows how to look for it. 

Here comes the concept of Secure Delete. Deleting the file securely will just overwrite the deleted file on the spot and is not visible to the observer. It’s like emptying your apartment completely before someone stays in it. If someone comes finding you in the apartment, he will not be able to know that earlier you stayed in it. Deleting securely takes more time than normal deletion but it assures that the content can’t be recovered. 

Just overwriting the file also doesn’t help because where the operating system writes the data is not under your control. Overwriting can be done by creating a new file on hard disk, delete the old file or rename the new file to old file. This process is not under user’s control.  This is completely in hands of the operating system. Hence if you are planning to store confidential and highly secret things on your computer, you need the utility that deletes the data securely. It guarantees that the space the original file occupied on the hard disk is overwritten with other data.

There is one more factor to take into consideration. Hard disks are made up of magnetic material. And due to the property of magnetic material it might be possible to recover the overwritten data. Recovering data in this way is trivial which requires special tools and techniques, lot of money but it can be done. The solution to this is to ensure that your Secure Delete utility allows overwriting data multiple times.
Continue Reading...

Hard Disk Recovery

No comments:
Data recovery is the process of salvaging data from damaged, failed, corrupted, or inaccessible secondary storage media when it cannot be accessed normally. Many a times the data are being salvaged from storage media such as internal or external hard disk drives, solid-state drives (SSD), USB flash drive, storage tapes, CDs, DVDs, RAID, and other electronics. So we need Hard Disk Recovery

The question is why we lose data. There are four reasons basically for the lose data:

•    Logical Failure:

In this case, there is actually no physical damage to the hard drive or its components. Logical failure occurs when some data in hard disk is inaccessible due to some error or computer virus. In some cases, accidental reformatting, lost partition and corrupted file can also cause logical failure.

•    Mechanical Failure:

When a component or any device of hard disk fails, mechanical failure occurs. When this happens, huge data or partial data of the hard drive becomes in accessible.

•    Electronics Failure:

Electronic failure occurs when the component fails or the hard disk is supplied with wrong voltage or when there is power fluctuation nearby. In this case, hard disk becomes undetectable or sometimes in accessible.

•    Media Degradation:

This situation generally occurs when the hard disk is too old and it develops bad sector or unreadable platters. Media degradation can occur due to physical damage caused by mishandling or virus interference. In this case you need a professional to deal with the damage. 

Hard disk recovery is necessary when we lose data due to any of the upper mentioned reasons.

Following are few steps for dead Hard disk recovery:
•    Basic Steps
  • Inspect the hard drive for damage.
  • Replace the cable
  • If you have a PATA (IDE/EIDE) drive, switch drive pin settings.
  • Try other IDs and/or another PCI controller and try again.
  • Plug it into an external drive adapter or external drive case
  • Connect the drive into another computer and try again
  • Try to dislodge the actuators.
•    Replace the Drive’s controller board
  • Inspect the drive's controller board carefully to see if it can be removed without exposing the drive's platters.
  • Find a sacrificial drive
  • Remove the controller board of the failing drive.
  • Remove the controller board from the working drive.
  • Attach the working board to the failing drive.
  • Connect the drive to your computer or device and test
  • Rub aluminum foil on the four connectors on the bottom of the failed hard disk near the center
•    Use Linux to recover your data.
Continue Reading...

Computer Security

No comments:
Computer security is information security as applied to computers and networks. These cover all the processes and mechanisms by which computer-based equipment, information and services are protected from unintended or unauthorized access, change or destruction, unplanned events and natural disasters. You must run quality security software on your computers to protect your work and private data from viruses, spyware, and other security threats. Antivirus software helps protect your computer from malicious software and can be downloaded or installed inexpensively or at no charge. When it comes to security, there is no substitute for quality.

Here are some tips for Computer Security:
  • Use antivirus software and keep it updated. Antivirus software is specially designed software used to protect your computer against viruses that are known. But with the existence of new virus every day, you need software update regularly. 
  • Be suspicious about the unknown source from where unexpected e-mail and attachments arrived. When you receive this type of mail, the best thing you can do is to delete the mail completely with attachments or save the attachment in your computer and check the file for virus. 
  • You need to protect your computer from the virus intruded by internet by using firewalls. Firewall is designed to create a wall between your computer and the outside world
  • Download security updates regularly. Many companies nowadays release updates for their software to make the software better and bug free.
  • You should use password for the security of your computer. Password should be tough to guess and a combination of uppercase, lowercase, symbols and minimum eight characters long. You should not share password with anyone, change it regularly and should be as meaningless as possible.
  • You should have the backup of your computer data regularly on a CD or external memory. You can also store data of your computer on some other computer when you work on a network. It’s a good practice to have weekly backups.
  • You should learn about risk involved in sharing files and hence don’t share access to your computer with strangers. Networks usually have ability to share files from your computer to another and this can make your computer virus infected.
  • You should disconnect the internet when not in use. This lessens the chances of someone accessing your computer.
  • Security of your computer should be checked on regular basis. The operating system on computer facilitates you with many features but leaves you vulnerable when there is loss of data due to virus or hackers. Security of your computer should be evaluated at least twice a year.
  • You should train your family members and employees should know the treatment to virus infected computer. It's important that everyone who uses a computer be aware of proper security practices.
Thus, following these tips you can save your computer from infection of virus or other such problems. And as it is said that prevention is better than cure so you better work on computer security instead of panicking on the virus infection to your computer. 
Continue Reading...

Encryption

No comments:
Encryption is the process of encoding messages in an unreadable form or difficult to understand form so that no one can have unauthorized details of the message. In an encryption scheme, the message or information is turned into an unreadable cipher text using an encryption algorithm. Usually in this process the message or information is encoded according to encryption key. At the decoder side, the cipher text is again converted into a message using the decryption algorithm. Here the cipher text is decoded in message using the decryption key. In this process only the authorized receiver that is the receiver having decoding key can only decode the message and hence understands the message or information. Even if the hackers or unauthorized users receive the cipher text, it’s of no use for them until they have a decryption key.

The use of encoding and decoding is as old as the art of communication. Simple ciphers include the substitution of letters for numbers, the rotation of letters in the alphabet, and the "scrambling" of voice signals by inverting the sideband frequencies. For more secured encoding, there are certain computer based encoding algorithms. In this type of communication, decryption is easy if you have a decryption key but when there is more complex encryption algorithm, the more difficult it becomes to eavesdrop on the communications without access to the key.  This process is usually much needed on wireless network as they can be tapped easily. But for sake of security and extra precaution, you need to do this process while transferring highly confidential information like online transactions, Credit-card information, Social Security numbers, Private correspondence, Personal details, Sensitive company information, Bank-account information and many such others. ¬

There are two basic types of encryption schemes: Symmetric-key and public-key. In symmetric-key, the encryption key and decryption key are the same. So the communicating parties must share a common secret key before communication. In public-key, the encryption key is published for anyone to use and encrypt messages but only the intended receiver party has the decryption key and is able to read the encoded messages. Traditionally only symmetric key scheme was used for communication as public key scheme was a later invention.

This process is used by militarizes and governments to facilitate secret communication from a long period of time. But nowadays in addition to militarizes, it is commonly used at many organizations, institutes and other civilian system for data protection against the rivals and other such unauthorized users.
Continue Reading...