 |
Wednesday, November 13, 2002 |
|
Even the country's leading anti-virus software developer cannot always protect its subscribers from viruses.
Hackers broke into Kaspersky Labs' server last week, making away with a list of e-mails of recipients of the company's news releases, Kaspersky Labs said in a statement. The hackers then sent a worm virus to those e-mail addresses.
Moscow Times Nov 13 2002 2:55AM ET [moreover Computersecurity]
11:14
#
G!
| |
Last week BigLaw announced the names of those few associates who were promoted to partner (the derivation of the phrase &147;made partner&148; has always eluded me). Each of these associates has spent seven to eight years grinding out routine legal work and racking up billable hours. Their upward career mobility revolves around a long probationary period resulting in an "up-or-out" promotional system which professors Marc Galanter and Thomas Palay call a "tournament" of lawyers. For the rules of the "promotion-to-partner tournament" see Galanter and Palay's more recent 1999 article entitled Large Law Firm Misery: It's the Tournament, Not the Money (from the symposium Attorney Well-Being in Large Firms: Choices Facing Young Lawyers).
When I read the firm-wide e-mail announcing the names of the eight partners-elect, I wondered and worried about those many senior level associates who would not be inducted into the upper echelons at BigLaw. Can it be that those who were passed over really are just a bunch of shlubs for whom law school was a big mistake in the first place? I don&146;t think so. But these highly competent and productive associates now face the difficult question of whether or not there is a place for them within the firm.
In Human Resource Strategy and Career Mobility in Professional Service Firms: A Test of an Options-based Model, Stanley B. Malos, Professor of Management/HRM at San Jose State University&146;s College of Business and Michael A. Campion, Professor of Management at Purdue&146;s Krannert Graduate School of Management, suggest that there is a place for non-promoted associates— in "project-based" firms:
"Project-based firms (i.e., firms that promote fewer associates and thereby maintain higher associate-to-partner ratios) may be willing to utilize less strict up-and-out practices, and to retain a number of non-promoted associates. These firms are interested primarily in associates&146; billable work product, and might well allow them to remain with the firm indefinitely even if they do not make partner. Particularly where associates do routine or specialized work and do not interact much with clients, the knowledge and experience of 'permanent' associates may be useful for the firm, but not useful enough to justify promotion. Associates in firms with less strict up-and-out rules thus may receive higher salaries, perhaps due to their greater experience and lesser need for supervision, or perhaps of necessity because extra compensation is not deferred pending possible promotion."
On the other hand, "options-based" firms tend to maintain a lower associate-to-partner ratio and tend to promote more associates to partners.
By studying 117 of the largest, highest grossing U.S. law firms, Malos and Campion categorize the firms as options-based or projects-based according to the relationships that exist among key human resources indicators and promotion to partnership. The authors conclude that although most U.S. law firms are "probably hybrids that appear somewhere along an options/projects continuum," the lower leveraged, options-based law firms tend to invest in their associates' futures, offering them more mentoring, training, development and overall support. The options-based firms utilize these HR developmental practices to establish associate bonding and loyalty to the firm.
Read these other articles for more about the "up-or-out" promotional rules in law firms:
(1) Up-or-Out Rules in the Market for Lawyers by Brendan O'Flaherty and Aloysius Siow
(2) The Economics of Law Firms: a Study in the Legal Organization of the Firm by Jack Carr and Frank Matthewson
(3) Coming Of Age in a Corporate Law Firm: the Economics of Associate Career Patterns by Ronald J. Gilson and Robert H. Mnookin, 41 Stanford Law Review 567 (1989) [excited utterances]
9:14
#
G!
| |
|
AP) A British man indicted in the United States for allegedly hacking into U.S. military and space agency computers will fight extradition, his lawyer said Wednesday.
Gary McKinnon, 36, of London, was indicted in Virginia and New Jersey on eight counts of computer-related crimes, including break-ins at 92 U.S. military and National Aeronautics and Space Administration (NASA) networks. McKinnon was also accused of hacking the networks of six private companies and organizations.
McKinnon's lawyer, Karen Todner, said the Crown Prosecution Service could charge and try McKinnon in his own country.
"However, they have chosen not to pursue this course of action and are allowing the American authorities to apply for the extradition of a British citizen," Todner said.
"We can only presume that the motivation is political and that it is proposed to make an example of Mr. McKinnon.
"We shall oppose any extradition application in connection with our client.
"We also wish to emphasize on behalf of Mr. McKinnon that he has no terrorist links whatsoever."
McKinnon, an unemployed computer administrator, was arrested by officers from the National Crime Squad's Hi-Tech Crime Unit in March after NASA identified him as a suspected hacker.
He was released on bail, questioned in August and released again.
"As the investigation progressed, a decision was made that the U.S. authorities would bring any prosecution," Todner said.
There was no sign of McKinnon Wednesday at his home in north London.
CBS News Nov 14 2002 4:57AM ET [moreover Computersecurity]
0:00
#
G!
| |
|
An unemployed British sysadmin was yesterday indicted for what US authorities describe as the "biggest hack of military computers ever detected".
Gary McKinnon, 36, of London, was charged in absentia with one count of causing intentional damage and seven counts of computer fraud relating to alleged attacks on scores of US government computers in a period spanning over a year.
From February 2001 until March 2002, McKinnon allegedly exploited poorly-secured Windows systems to attack 92 networks run by NASA, the Pentagon and 12 other military installation scattered over 14 states. Private sector businesses were also affected by the alleged attacks, which caused an estimated $900,000 in damage overall.
According to court papers filed in New Jersey and Virginia yesterday, McKinnon mounted an attack in attack in February this year that shut down Internet access to 2,000 military computers in the Washington area for three days.
Prosecutors told Reuters that McKinnon "stole passwords, deleted files, monitored traffic and shut down computer networks on military bases from Pearl Harbour to Connecticut". He is accused of scanning networks for vulnerabilities prior to using a software program called RemotelyAnywhere to snoop on network traffic and erase files.
"This is an incredibly sophisticated cyber criminal," Newark U.S. Attorney Christopher Christie told Reuters. "He was a very busy guy."
Despite the seriousness of the alleged attacks, US authorities are keen to stress no classified information was obtained through the year long assaults.
Authorities believe that McKinnon (whose handle is Solo) acted alone and are not attributing his alleged crimes to any terrorist motive.
US authorities are seeking to extradite McKinnon, who faces charges punishable by fines of up to $1.75 million in fines and 80 years in jail (each count in his indictment carries a maximum prison term of 10 years).
Reuters reports that McKinnon's lawyers in London yesterday issued a statement yesterday admitting that he was arrested in March for computer-related offences. His present whereabouts, and even if he is currently held in custody, remain unclear. [moreover Computersecurity]
0:00
#
G!
| |
|
In April, 2002, hackers broke into the payroll database for the state of California. For more than a month, cybercriminals rooted around in the personal information of 265,000 Golden State employees, ranging from Governor Gray Davis to maintenance workers and clerks.
Worse, the California Controller's Office, which ran the database, failed to notify state employees for more than two weeks after the breach was discovered. Although officials with the Controller's office insisted the break-in probably hadn't resulted in any significant harm, the incident enraged Golden State pols and employees, whose Social Security numbers, bank account information, and home addresses were fair game for the hackers.
This lapse sparked what may mark a dramatic shift in legal policy toward cybersecurity. Over strenuous objections from the business lobby, on Sept. 26 California enacted a sweeping measure that mandates public disclosure of computer-security breaches in which confidential information may have been compromised. The law covers not just state agencies but private enterprises doing business in California. Come July 1, 2003, those who fail to disclose that a breach has occurred could be liable for civil damages or face class actions.[LinuxSecurity.com]
0:00
#
G!
| |
Maximillian Dornseif, 2002.
|
|
|
