While remanding Mohammed Zubair to four-day police custody on Tuesday, the chief metropolitan magistrate Snigdha Sarvaria noted that the journalist has not cooperated with the investigation agencies and ordered the police to retrieve the electronic devices a mobile and a laptop he had used to post a purportedly offensive tweet.

The tweet for which Zubair was arrested by the Delhi Police on Monday is from 2018. It contained a still from a 1983 Hindi movie of a signboard that once read Honeymoon Hotel repainted to read Hanuman Hotel. An anonymous Twitter user with the handle @balajikijaiin alleged the tweet hurt Hindu sentiments. (The account has since disappeared).

Vrinda Grover, Zubairs lawyer, had objected to the police seizing the journalists devices. She argued that the police already had Zubairs current phone. Further, she said that a journalists laptop, like a lawyers, has sensitive material related to their work along with personal information. This, she said, was an attempt to conduct a fishing inquiry beyond the scope of the present case.

However, the court ordered the police to take custody of Zubairs electronic devices without explicitly commenting on this argument.

Zubairs case highlights a legal paradox: even though the Indian Constitution recognises the right against self-incrimination as well as the right to privacy as fundamental rights, in several instances, courts have allowed law enforcement agencies to take custody of a persons electronic devices.

While the law shields certain communications from being forcibly disclosed, such as communication between spouses and those between lawyers and clients, this protection does not extend to journalists and their sources.

The police have been given powers under the Code of Criminal Procedure, 1973, to seize and search devices, such as mobile phones and laptops, that are necessary for an investigation.

At the same time, Article 20(3) of the Indian Constitution says that no person accused of any offence can be compelled to be a witness against themselves. The Supreme Court has interpreted this provision to mean that while a person cannot be forced to either give testimony against themselves or take polygraph tests, they can be forced to give physical evidence, such as fingerprints or handwriting samples. The restrictions aim at limiting the extraction of personal knowledge.

The rationale is that physical evidence is neutral and needs to be compared with some other material to impute culpability. However, testimonies are incriminating by themselves.

Relying on this logic, two High Courts have recently allowed investigating agencies to take the custody of an accused persons electronic devices.

In March of 2021, the Karnataka High Court held that compelling someone to give the mobile password or their biometrics to unlock a device would not infringe Article 20(3) since it is the nature of a direction to produce a document. Merely providing access to smartphones or emails would not amount to self-incrimination as the investigating agency will have to prove the allegations using other evidence.

In January, relying on this judgment, the Kerala High Court also upheld an investigating agencys right to forcibly access an accused persons phone.

The Karnataka High Court also said that in case the accused does not co-operate, an adverse inference could be drawn against them. It also said that an investigating agency is at the liberty to get backdoor access in case of non-cooperation by the accused.

It also reiterated the legal position that if a search is done without following the procedure, it might be illegal. However, such illegality would not make any seizures made during these searches inadmissible. But courts must be cautious while dealing with evidence collected from illegal searches, it added.

The right to privacy has been held to be a fundamental right by the Supreme Court. Thus any infringement of that right requires a few conditions to be met. The restriction must be lawful and have a legitimate state interest. It should not be disproportionate to the purpose of the law and must have a rational connection with the objective the state wants to achieve.

While compelling an accused to give their mobile phones or laptops, which contain a trove of information, can lead to encroachment on their right to privacy, this argument has been denied by the courts.

For example, the Karnataka High Court in its March judgment said that giving investigating agencies access to devices or emails for investigation would not infringe their privacy.

It reasoned that investigating crime is a legitimate state aim and asking the accused to merely disclose the password to their device is proportionate and has a causal link with the objective the state seeks to achieve.

The court acknowledged that access to phones and laptops gives the investigating officer free access to all the data not only on the equipment but on the cloud servers as well, which may include personal and privileged communication. But it said that using such data during an investigation falls within the exceptions to the right to privacy and its disclosure to third parties will be determined by the court.

Several legal commentators believe that these decisions wrongly interpret the existing law. The judgments of the Karnataka and Kerala High Courts are particularly concerning, legal commentator Gautam Bhatia wrote, because at a time when mobile phones are becoming more and more an extension of our interior lives rather than simple accessories, criminal procedure law should be moving towards greater protection of mobile phone data rather than a position where the State has free access to it.

However, other courts may arrive at a different conclusion.The Karnataka and Kerala High Courts judgments are the only ones we have on this issue, criminal lawyer Abhinav Sekhri said. However, the legal position on compelling the accused to give electronic devices is up for challenge as other High Courts, such as Delhi, have similar issues pending.

Zubairs lawyers also argued that a journalists digital devices hold a lot of sensitive information and should not be confiscated. However, in India, journalists do not enjoy higher freedom of expression or privacy as compared to other citizens. Nor do they get protection from disclosing their sources.

While Section 15(2) of the Press Council of India Act, 1978 says that no journalist can be compelled to disclose their sources, this protection applies only to proceedings before the council.

Although the Indian Evidence Act, 1872 gives protection from disclosure of certain communications, it does not protect journalists. For instance, Section 122 says that spouses cannot be compelled to disclose communication made during the marriage, whereas Section 126 accords similar protection to lawyers for their professional communication. However, journalists do not have any such privileges.

In 1983, the Law Commission of India recommended inserting a section specifically to give protection to journalists against revealing their sources. However, this has not been acted on.

While the courts have made some observations on protecting journalistic sources, they have not taken a definitive stance on the matter. In the Pegasus case, where a military-grade spyware was used to snoop on journalists, activists and intellectuals, the Supreme Court noted, Protection of journalistic sources is one of the basic conditions for the freedom of the press. Without such protection, sources may be deterred from assisting the press in informing the public on matters of public interest. However, no action has been taken in the case even eight months after the court made these observations and formed a committee to investigate.

On the contrary, in some instances, the courts have asked journalists to disclose their sources. In 2020, Asif Tanha, an accused in the 2020 Delhi riots, had alleged that Delhi Police had leaked his confession to media houses. When Delhi Police denied this allegation, the Delhi High Court asked Zee News to file an affidavit disclosing its source.

Continue reading here:
Zubair arrest: Can a journalist be forced to hand over his electronic devices to the police? - Scroll.in

Weve seen some baby steps towards using our iPhone for proving our identity. But a couple of recent developments point to a future in which an iPhone plus biometrics could let us use our phone as a single means of verifying our identity, both online and in face-to-face interactions.

In all, Apple provides support for four initiatives which I think provide a clear pointer to a future in which the iPhone will be our one-stop device for ID

Apple currently offers support for four separate initiatives:

Each of these form some early stepping stones to what will eventually be a world in which our iPhone will be the primary way in which we prove our identity, both online and offline.

Back in June of last year, Apple announced its plans to allow state ID documents like driving licences in the Wallet app.

To be fully free of your physical wallet, theres one more thing we need to bring to iPhone. And thats your ID. So were bringing identity cards to Apple Wallet. This fall, youll just scan your drivers license or state ID in participating US states. Its that easy. Your ID information is now in Wallet. Encrypted and stored in the Secure Element, the same hardware element technology that makes Apple Pay private and secure.

The company said that the Transportation Security Administration (TSA) would be climbing aboard, allowing iPhone owners to present digital versions of their driving licences as proof of ID for airline travel.

The TSA is working to enable airport security checkpoints as the first place you can use your digital ID.

That didnt happen in the fall of 2021 as scheduled, and when it did finally happen, it was just dipping a toe in the water. As the mDL (mobile driving licence) tracker shows, the system hasnt yet been officially implemented anywhere in the US as yet, and there are just a handful of trials at a tiny number of airports.

The wheels of government grind exceedingly slowly, so the point at which we can flash our iPhone at a TSA checkpoint or traffic cop are some way off yet, but some 30 states have announced that they are at least exploring the idea.

Partnering with Blackboard lets college students store their ID card in the Wallet app, which can then be used for everything from entering campus facilities to paying their laundry bills.

Students who load their IDs into Apple Wallet on iPhone/Apple Watch will be able to have secure access to campus facilities, residence halls, and more in addition to using the digital card for payments at vending machines, dining halls, laundry, and even off-campus retail locations that accept student IDs as payment.

Back in 2020, Apple joined the Fido Alliance, a tech working group dedicated to eliminating passwords. Weve previously explained how FiDO (Fast IDentity Online) works.

Currently, to log in to a website or app, we usually enter a username and a password. What FIDO does is instead allow our device to authenticate us. The logic is this (using an iPhone with Face ID as an example):

At no point is there a password involved: Authentication is performed on your device, not on the website server. The web server trusts your iPhone to authenticate you in exactly the same way that payment terminals trust your phone for Apple Pay transactions.

Apple branded its implementation of FiDO as Passkeys in the Cloud. After a halfway house in iOS 15, the iPhone maker has fully implemented this in iOS 16 and macOS 13.

Of course, it also requires online services to support the login method, and this will again take time.

iOS 16 allows allows us to bypass Captchas in apps and on the web.

A new feature called Private Access Tokens will use a combination of details about your device and your Apple ID to inform a website that you are a legitimate user rather than a robot. In turn, this allows you to completely bypass the CAPTCHA step.

This might seem like an odd thing to mention in this context, as it doesnt actually verify our identity, but it operates on the same principle it carries out a form of user validation, and the authentication needed for this happening entirely on our device.

Again, this requires apps and websites to sign-up, so rollout will take some time, but its an easy way to improve the user experience while reducing friction (points at which people might give up), so Id again expect adoption to be reasonably brisk.

Long-term, Id expect the principles involved here to become the standard way we prove our identity, both online and offline. This is because its safer for all involved individuals, companies, and governments.

Its safer for us both online and offline.

Online data breaches are ridiculously common. Companies keep making ridiculous mistakes like storing customer databases on cloud servers without any protection, or messing up permissions to anyone with access to their network can download customer records. With FiDO, there is no database to hack

Offline, only the necessary personal data is revealed, and that is done in encrypted form. When you show your mobile driving license at a TSA checkpoint, they only receive the actual data they need, not all the data stored on/in your license. Its very much equivalent to Apple Pay, where the payment terminal doesnt get all of the information on your credit card, and relies on your iPhone confirming that it has verified your identity with Face ID or Touch ID.

One of the biggest headaches for businesses is keeping customer data safe from hackers. The financial and reputational cost of a security breach can be extremely costly. With FiDO, no user credentials are stored on the server as the authentication happens entirely on our devices. (Of course, they still have to keep other customer data safe, but removing the need for login credentials is a big win.)

Paper documents can be convincingly forged, despite watermarks and the like, which is why really important ones like passports also rely on electronic security in the form of an embedded RFID chip. Moving all identity documents to electronic versions, with biometric protection, is a huge step forward in security.

I mentioned above that companies will still have to store some customer data, like addresses. But what if they didnt have to? What if you place an online order, and your iPhone or Mac sends an encrypted code which can only be decoded by courier companies?

What if your doctor didnt phone you with test results, but instead sent you a link to a file which can only be read by a device which uses biometric authentication to prove your identity?

What if you didnt have to show your credit card or ID when collecting concert tickets, but your iPhone verified your identity without revealing any of your data?

It doesnt take much imagination to see the massive potential for on-device authentication to be used in any situation in which we need to prove our identity, whether online or offline.

To me, on-device authentication is the future of ID checks, even eventually passports and visas. Personally, I cant wait. What about you? Please take our poll, and share your thoughts in the comments.

FTC: We use income earning auto affiliate links. More.

Check out 9to5Mac on YouTube for more Apple news:

Original post:
The iPhone will be the future of proving our identity, online and offline - 9to5Mac

Power and thermal management equipment essential to building datacenters is in short supply, with delays of months on shipments a situation that's likely to persist well into 2023, Dell'Oro Group reports.

The analyst firm's latest datacenter physical infrastructure report which tracks an array of basic but essential components such as uninterruptible power supplies (UPS), thermal management systems, IT racks, and power distribution units found that manufacturers' shipments accounted for just one to two percent of datacenter physical infrastructure revenue growth during the first quarter.

"Unit shipments, for the most part, were flat to low single-digit growth," Dell'Oro analyst Lucas Beran told The Register.

He blamed challenging supply chain conditions and strong demand from hyperscalers which are expected to open at least 30 additional regions this year for the delays.

Customers hoping to get their hands on what Beran calls long-sales-cycle products large centralized, three-phase UPSes, thermal management, and cabinet power distribution systems, for example may have to wait between six months and a year before they even ship.

And the story isn't much better for products that are typically readily available. Things like single-phase UPSes, rack power distribution units, and IT racks have seen lead times slip to between four and six weeks depending on the vendor.

"Supply chain disruptions aren't going away by any means," Beran said, adding that while he does expect a higher volume of unit shipments in the second half of 2022, the improvement is likely to be marginal.

While supply remains challenged, Beran notes that some emerging technologies are gaining momentum.

He expects liquid and immersion cooling to see robust growth over the next few years as customers warm up to the tech. While liquid and immersion cooling combined accounted for just five percent of total thermal-management spending in 2021, it's a market that's growing rapidly up roughly 50 percent from the prior year.

What's more, interest in the technologies is at an all-time high, accelerated by investments by large OEMs and chipmakers. Last month, Intel announced a $700 million lab in Oregon to develop novel liquid cooling technologies.

"When Intel throws their weight behind something like that, and not just a little something, but $700 million close to a billion dollars that is a pretty large signal to the datacenter ecosystem that this is a serious technology," Beran said.

Despite the stark supply chain forecast for datacenter physical infrastructure, the sector's revenues surged six percent year-over-year in Q1 as pent-up demand was met with higher per-unit costs.

"When I look at datacenter physical infrastructure as a whole four to five percent of that was driven by price increases," Beran observed, adding that vendors are passing higher costs on to channel partners and customers.

The majority of this growth was realized in the North American, Asia Pacific, and Chinese markets, where Eaton Riello and Schneider Electric gained the largest shares during the quarter.

Short-sales-cycle products like single-phase UPS bore the brunt of inflationary pricing pressures during the quarter, according to Beran, who expects higher pricing to begin hitting longer-sales-cycle products in early 2023.

Looking ahead, Beran predicts datacenter physical infrastructure revenues will grow nine percent in full-year 2022, as improving supply chain conditions in the second half of 2022 are met with higher prices.

This growth will be fueled, in large part, by a surge of hyperscale and cloud spending this year. The analyst firm predicts cloud providers will spend upwards of 25 percent more to $18 billion on datacenter infrastructure in 2022 following record investments in Q1.

Read more:
Having trouble finding power supplies or server racks? You're not the only one - The Register

StackCommerce

The following content is brought to you by ZDNet partners. If you buy a product featured here, we may earn an affiliate commission or other compensation.

More and more companies are using Azure for their cloud services lately, which makes sense on many levels. Other Microsoft platforms like Office have been the standard around the workplace for decades, after all.

With all this new tech comes new demand for IT workers that can set it up. The road to Microsoft certification can be long, but the Complete 2021 Microsoft 365, Windows and Azure Bundle is a great resource that can smooth out the path for budding admins.

What you've got here is a roundup of 17 online courses, all pulled from the extensive catalog at iCollege. If you've ever used online learning before, you probably already recognize that name. They're a trusted learning outlet whose educators have prepared thousands of workers for new careers on three continents. Each course is taught in an accessible, hands-on style, and you can tackle them at your own pace.

Depending on your job goals, you can start with one of several intro courses. In a few hours, you'll be able to learn the fundamentals of PowerShell, RDS, Teams and other essential platforms. After mastering those, you can move on to more targeted classes, each of which serves as study guides for a different Microsoft certification.

In addition, there are courses on the MS-100 and 101 for Microsoft 365, the MD-100 for Windows and multiple guides that can help you breeze through your first few Azure Administrator and Azure Associate exams. By the time you're done, you'll be an asset to any company that uses MS systems, whether they're working in the cloud or with onsite servers.

There are more than 225 hours of training in the Complete 2021 Microsoft 365, Windows, & Azure Bundle, and all 17 courses are now available for $59.99. That's under $4 per course!

Read the rest here:
Launch your IT career with over 225 hours of training on Microsoft 365, Windows & Azure - ZDNet