LOL. I am by no means caught up. I’ve got to-do lists and piles of
sorted business cards. Plenty of follow-up yet to go. How about you?
If you were there, wasn’t ILTACON fantastic this year?
A View from a Booth
2019 was the first year of Joy. Not only do I mean the first year of
ILTA’s vibrant new CEO, Joy Heath Rush, but the first year that ILTA
felt truly back on-track.
ILTACON 2019 broke all attendance
records, at over 3,500 legal techies comprised of over 1,800 members and
1,700 business partners. Over 800 members were first-timers, which is
fantastic. I can imagine that some of the booth locations were poor at
the Dolphin. We were fortunate to have good traffic and terrific
interest in our LINK app.
By Seth Hallem, Moble Helix CEO, Co-founder, & Chief Architect
Secure email using S/MIME and OpenPGP is fundamentally broken. Our CEO explains the EFAIL vulnerability and why our LINK Email is not susceptible to EFAIL. What do we do next to protect email?
On Sunday night, a team of researchers from Germany and Belgium dropped a major bomb on the world of encrypted email by describing a simple, widely applicable, and wildly effective technique for coercing email clients to release encrypted email contents through “Exfiltration channels.” The concept is simple – by using a combination of known manipulation techniques against the encryption algorithms specified in the S/MIME and OpenPGP standards and lax security choices in a wide variety of email clients, the research team was able to intercept and manipulate encrypted emails such that large blocks of the encrypted text are revealed to a malicious server.
What is most brilliant (and most dangerous) about this attack, is that the attack does not require decrypting the email messages or stealing encryption keys. Hence, the attack can be deployed as a man-in-the-middle attack on the infrastructure of the internet itself, rather than requiring that a specific email server or email client is compromised.
The essential idea behind this attack is simple – HTML emails expose a variety of reasons to query remote servers to load parts of those emails. The simplest (and most common) example of this concept is displaying embedded images. Many marketing emails use tiny embedded images to monitor who has opened an email. This technique is so pervasive that many of us have become desensitized to clicking the “Allow images from this sender” prompt in Outlook. It is common practice for marketing emails to contain embedded images with essential content, which encourages users to allow the client to load all images in that message. However, doing so loads both visible images and tiny, single pixel images that marketing tools use to uniquely determine that we have opened the email message in question.
Our CEO, Seth Hallem, spoke at the NetDocuments executive summit, ndElevate 2017, on May 23rd.
Seth’s presentation focused on three actionable ways for law firms, and any enterprise, to protect client-side data. We are sharing his slides from ndElevate below. If you have any comments or questions, we’d welcome hearing from you. Please write to contact at mobilehelix.com.
Thank you to NetDocuments for an excellent summit!
Last year was the first year of iManage® ConnectLive and it exceeded all expectations. This year ConnectLive promises to be bigger and better, with deep dive technical tracks and new product briefings. It’s a terrific place to network.
San Francisco, here we come. This is the second year of Intapp’s user conference, held near their home town, in San Francisco. It’s our first year to be at Inception. With our Stanford roots, which we share with Intapp, it feels like home to us.
Join this ILTA Product Briefing on Monday, March 13, focused on a demo of new document workflows with the LINK encrypted app for iPhones and iPads.
This webinar highlights new workflows with the LINK app, which lawyers have specifically asked us for, e.g., features to edit docs, compare docs, then send redlines, clean copies and PDFs. Continue reading →