The same kind that run third party provided spyware on their personal computers in order to take exams in law school.
(In other words: Practically all newly minted attorneys in the US)
There is no education in law school in the US at least on responsible data handling, and— in fact— schools often direct students to behave irresponsibly with respect to data security.
Most (all?) schools offer students the ability to take their exams on paper, but doing so is a substantial competitive disadvantage because examinations are usually timed and writing on paper is much slower, students are marked down for legibility and copy-editing noise, etc.
I don't have a citation studying it— but by all appearances it's only a small minority of students that opt out of using their laptops. ("Most Stanford Law School students take their examinations on laptops")
IIRC the California bar exam now also uses one of these spyware exam packages.
I'm mostly amused that we have a whole information-security critical profession who is nearly required to behave negligently wrt information security from day one. :P
Wow, no kidding. Why the heck could it need "Administrator level account permissions" (both on OSX and Windows [1])? I guess you could run it in a VM and wipe it afterwards.
You're prohibited from running it in a VM, and at least some law schools have the students sign some form under penalty of the school ethical code yadda yadda that you won't do that.
(And then— some students do it anyways, because thats the only way to use it on their otherwise non-supported system or because of some other incompatibility. And nothing comes of it... I guess until something does. Better not make too many enemies)
A friend in law school to explained that this software is used for in-classroom exams and prevents any other programs from being used while a student is taking the exam, as well as saving all the work incrementally (in case the computer crashes).
It's certainly not the most secure thing to do, but they need to focus on studying law, not securing systems. I imagine that when lawyers are working on cases, they might end up using more secure devices than their old college laptops.
I do not argue that it should be covered. Just that it is irresponsible. I would argue that GMail accounts are as well.
"Picture this, man convicted of murder after subpoena to online marketing date reveals targeted ads for icotoners and shovels after GMail exchange with lawyer."
It's a stretch of the imagination but we live in a crazy world.
You're implying he had a choice. The article implies that Facebook was his only means of contacting the client, and that situation was presumably his clients choice.
