Monthly Archives: October 2019

Dig We Must: Get It in Writing

24 Thursday Oct 2019

Posted by in E-Discovery, Personal

5 Comments

This isn’t a post about e-discovery per se, but it bears on process and integrity issues we face in cooperating to craft e-discovery expectations.  Still, it’s more parable than parallel.

My home in New Orleans sits at the intersection of two narrow streets built for horse and mule traffic.  It’s held its corner ground since 1881, serving as abattoir, ancestral home of a friend and now, my foot on the ground in the Big Easy.  New Orleanians are the friendliest folks.  You can strike up a spirited tête-à-tête with anyone since everyone has something to say about food, festivals, Saints football, Mardi Gras, the Sewage and Water Board and the gross ineptitude of local government in its abject failure to deliver streets and sidewalks that don’t swallow you whole or otherwise conspire to kill or maim the populace.

That’s not to say the City does nothing in the way of maintaining infrastructure.  Right now, New Orleans is replacing its low-pressure gas lines with high pressure lines.  Gas is a big deal where everyone eats red beans on Mondays, but it’s also useful for heating and, even now—still—for lighting.  So, every street must have new subterranean lines installed and new risers brought to gas meters.  I knew nothing of this until I awoke to find a crew with an excavator on my property destroying the curbs and antique brick sidewalks I’d lately installed at considerable expense. Continue reading

Apple Card: Heavy Metal

03 Thursday Oct 2019

Posted by in General Technology Posts, Personal, Uncategorized

3 Comments

IMG_4773I just got my Apple Card and, while I hardly need another credit card, I thought readers might be curious what the fuss is about. After all, it’s just a credit card, right?

Right, but it has some fancy features that set it apart from the other plastic in your wallet or purse.  First, it’s scarily easy to obtain.  On my iPhone, it took under a minute to be issued the electronic card with a $9,000 spending limit available in Wallet.  That was Tuesday.  Thursday morning, a courier dropped off the physical card packaged in the sleek style of all Apple’s premium products.  The fun began even before it was out of the box!

IMG_4777Although my Apple Pay credit account went live in a minute, as with all physical credit cards, the Apple Card must be activated before use.  For most cards, this requires time online or a phone call where you dial or speak a lot of digits.  With the Apple Card, you just hold the colorful sleeve it comes in against your iPhone and the NFC contactless communication capability embedded in the card does the rest.  

The next surprise is that the card is crafted from laser-etched titanium, giving it a striking heft and rigidity.  Hone the edge of this baby and you’re MacGyver (or Oddjob, hat in hand).  Investing so much in the aesthetics of a credit card may seem silly; but, I confess that the, well, the beauty of the card impressed me.  Is it so wrong that something we touch several times daily be pleasing?

The next surprise is what’s not on the Apple Card versus every other card: There are no numbers.  No card number.  No CID security identifier.  No expiration date.  No signature block.  Just your name, three corporate logos, a chip and a swipe strip.  Here are photos of both sides of my Apple Card, something I’d never post for a conventional card:

IMG_4774If you want to know the card number and CID for the Apple Card, you must retrieve them in Wallet.  That’s a genuine layer of security.  By the same token, heaven help anyone who comes across a neanderthal with a carbon charge slip (anyone remember those?) who tries to rub transfer the card number.

There are some nifty usage management features, but the major marketing hook for the Apple Card is daily cash back on purchases.  How much cash back?  I’m not entirely sure because it varies.  It seems you get three percent back for purchases made from Apple and a handful of other merchants like Walgreens and Uber.  But for the most part, the cash back percentage looks to be two percent if you pay with Apple Pay.  If a merchant isn’t set up for Apple Pay, then it appears you must use the Apple Card as a conventional MasterCard, and get just one percent cash back.  That’s about the same benefit I now get with my AmEx Membership Rewards program with (in my mind) less exposure to a whopping interest charge if I’m ever late with a payment.  Too, the AmEx offers many perks to protect my purchases and travel.  Now and then, those behind-the-scenes benefits have proven really worthwhile.   I wonder whether Apple will stand behinds its card users as reliably as AmEx?

Cash back is a splendid benefit, and beats the pants off cards that don’t offer rewards and perks.  So many cards do offer mileage benefits, club access and other rewards that it’s not easy to know which one is best.  The Apple Card carries no annual fee, making it worth a try, and if you buy a lot of Apple merchandise, that instant three percent back is a no-brainer.  Maybe the Apple Card will become my principal card; maybe not.  But, I’ll tell you one thing:  that titanium card is going to be hell to cut in half should I decide to close the account.

One last thing if it’s not already clear: Only iPhone users need apply.  An Android user might be able to finagle getting the Apple Card, but the real benefits only flow from using Apple Pay.

Cryptographic Hashing: “Exceptionally” Deep in the Weeds

02 Wednesday Oct 2019

Posted by in Computer Forensics, E-Discovery, General Technology Posts

Comments Off on Cryptographic Hashing: “Exceptionally” Deep in the Weeds

We all need certainty in our lives; we need to trust that two and two is four today and will be tomorrow.  But the more we learn about any subject, the more we’re exposed to the qualifiers and exceptions that belie perfect certainty.  It’s a conundrum for me when someone writes about cryptographic hashing, the magical math that allows an infinite range of numbers to match to a finite complement of digital fingerprints. Trying to simplify matters, well-meaning authors say things about hashing that just aren’t so.  Their mistakes are inconsequential for the most part—what they say is true enough–but it’s also misleading enough to warrant caveats useful in cross-examination.

I’m speaking of the following two assertions:

  1. Hash values are unique; i.e., two different files never share a hash value.
  2. Hash values are irreversible, i.e., you can’t deduce the original message using its hash value.

Both statements are wrong. Continue reading

Cryptographic Hashing: A Deeper Dive

01 Tuesday Oct 2019

Posted by in Computer Forensics, E-Discovery, General Technology Posts

1 Comment

It’s October (already?!?!) and–YIKES–I haven’t posted for two weeks.  I’m tapping away on a primer about e-discovery processing, a topic that’s received scant attention…ever.  One could be forgiven for thinking the legal profession doesn’t care what happens to all that lovely data when it goes off to be processed!  Yet, I know some readers share my passion for ESI and adore delving deeply into the depths of data processing.  So, here are a few paragraphs pulled from my draft addressing the well-worn topic of hashing in e-discovery where I attempt a foolhardy tilt at the competence windmill and seek to explain how hashing works and what those nutty numbers mean.  Be warned, me hearties, there be math ahead!  It’s still a draft, so feel free to push back and all criticism (constructive/destructive/dismissive) warmly welcomed.

My students at the  University of Texas School of Law and the Georgetown E-Discovery Training Academy spend considerable time learning that all ESI is just a bunch of numbers.  They muddle through readings and exercises about Base2 (binary), Base10 (decimal), Base16 (hexadecimal) and Base64; as well as about the difference between single-byte encoding schemes (ASCIII) and double-byte encoding schemes (Unicode).  It may seem like a wonky walk in the weeds; but the time is well spent when the students snap to the crucial connection between numeric encoding and our ability to use math to cull, filter and cluster data.  It’s a necessary precursor to their gaining Proustian “new eyes” for ESI.

Because ESI is just a bunch of numbers, we can use algorithms (mathematical formulas) to distill and compare those numbers.  Every student of electronic discovery learns about cryptographic hash functions and their usefulness as tools to digitally fingerprint files in support of identification, authentication, exclusion and deduplication.  When I teach law students about hashing, I tell them that hash functions are published, standard mathematical algorithms into which we input digital data of arbitrary size and the hash algorithm spits out a bit string (again, just a sequence of numbers) of fixed length called a “hash value.”  Hash values almost exclusively correspond to the digital data fed into the algorithm (termed “the message”) such that the chance of two different messages sharing the same hash value (called a “hash collision”) is exceptionally remote.  But because it’s possible, we can’t say each hash value is truly “unique.”

Using hash algorithms, any volume of data—from the tiniest file to the contents of entire hard drives and beyond—can be almost uniquely expressed as an alphanumeric sequence; in the case of the MD5 hash function, distilled to a value written as 32 hexadecimal characters (0-9 and A-F).  It’s hard to understand until you’ve figured out Base16; but, those 32 characters represent 340 trillion, trillion, trillion different possible values (2128 or 1632). Continue reading