LAWYER ALERT– Alleged Dropbox Security Issues and New Fix

In a previous post, I sang the praises of Dropbox as a file transfer application for the iPad and discussed the application developer’s security representations See

Dropbox allows the user to put a file into the Dropbox on one device  (PC, Mac, iPad, iPhone, Blackberry, etc.) and the document is automatically synched to “the cloud” and can then be accessed on the users other devices that also have Dropbox installed.  This functionality is especially useful for iPad users, who have few file transfer options.  For this reason,  many applications rely upon Dropbox as their file transfer conduit.

Dropbox is now reported to have over 25 million users worldwide.  The application is also on almost every “Best Application for Lawyers” list.   So many in the legal tech arena becamed concerned when security expert Derek Newton recently exposed a vulnerability that could theoretically allow hackers to invisibly access users Dropbox accounts. See  Dropbox: authentication: insecure by design,

 Newton obbserved that to gain access to the victim’s Dropbox files, a hacker need only  obtain the Dropbox configuration file from the victim’s computer.  This file contains a unique value called “host_id” (think of it as the key to the account) that gets generated when the computer is first linked with a Dropbox account.  The value is not system-dependent, meaning it’s not tied to a particular computer or configuration.  Thus, if a hacker can obtain this “key” by getting physical access to an unsecured computer or by use of a virus designed to exploit this vulnerability, they could use the key on another computer equipped with Dropbox to download the files in the victim’s Dropbox.

Dropbox responded to Newton’s observations stating:

“[W]e don’t agree with the assertion that there is a security flaw – dropbox is a perfectly safe place to store sensitive data. the article claims that an attacker would be able to gain access to a user’s dropbox account if they are able to get physical access to the user’s computer.

In reality, at the point an attacker has physical access to a computer, the security battle is already lost. the research claims dropbox is insecure because it is possible to copy authentication information straight from the user’s hard drive. this ‘flaw’ exists with any service that uses cookies for authentication (practically every web service :) cookies are stored on your hard drive and are susceptible to all the same attacks mentioned by the research (i.e. a virus could steal your cookies and gain access to all your web services).

There are measures that can be taken to make it more difficult (though not impossible) to gain access to the authentication cookie which we’ll consider in the future. that said, dropbox isn’t any less secure than other web service.”

To their credit, the programmers at Dropbox have quickly followed up on their promise to enhance security.  Dropbox has just released a new test version of its client for Windows, Mac and Linux that reportedly fixes the security issue described above.  You can download the current version of this fix from     A file backup is recommended before installation.   Early reports are that this fix is stable, but it does appear that functionality with some applications has been impaired. These applications will need to be updated to address the security changes.   You can follow the discussion regarding the fixes at .  Hopefully this addresses the problem for this important application.

Basic iPad Security for Lawyers

So you love your iPad and want to use it in your law practice.  That likely means using it to store and communicate confidential client information.  You may also be accessing your firm’s internal and cloud based systems.  It is also quite possible that unlike your traditional work desktop/laptop, you may be tempted to share this repository of client secrets with your spouse, children or friends—because after all, the iPad is first and foremost a super cool entertainment machine—right?


If you want to use the iPad as a law practice tool and you value your license, clients and firm, then some basic security precautions are mandated:

  • Set a strong passcode. See   In my opinion, it is malpractice to not have the passcode feature activated if confidential client information is on your device.  The default 4 digit code feature is inadequate if you are going to use the iPad out of the office (which of course you are).  Set a strong passcode! 
  • Activate the free “Find My iPad” and “Remote Wipe” features.  Apple has provides free access to its Mobile Me system to enable you to find your iPad (its location will be displayed on a map) if it is lost, and the ability to remotely wipe all of the data from the device. For more information and set-up instructions see: 
  • Set a time for your iPad to lock up if not used   In “Settings” choose “General” and then select the “Auto-Lock” feature.  Pick a time limit.  The shorter the better.  This feature protects your client data if the iPad is not used for the specified period of time.
  • Set Your iPad to Auto-Wipe after Ten Failed Password Attempts.  Your device can be set to Auto-Wipe all data after 10 failed password attempts.  To access this feature in settings choose “Passcode Lock” and you will be prompted for your Passcode.  After entering the Code, turn “Erase Data” on.  REGURLARLY BACK UP YOUR DATA ON iTUNES IN CASE YOUR iPAD IS LOST OR DAMAGED.
  • Individually Password  Protect Client Information If You “Must” Share Your iPad with Others.   If you are going to allow your spouse, significant other, children, friends, random strangers or others to “play” with your “work” iPad  (BAD IDEA!), then at a minimum secure confidential client information with an Application password.  Many applications have their own password feature that will protect data in that application. For example:  GoodReader, MobileNoter, and Readdle.  Just keep in mind that letting someone use your iPad without protecting your confidential client information is like handing someone a brief case of client documents so that they can retrieve the magazine among the client papers.
  • When Using an Application with Client Information Always Ask the Question—Is it Reasonably Secure.  For example, see my inquiry as to the security of DropBox, MobileNoter and Dragon Dictation   Anytime you are sending data to a third-party or the “cloud” you need to know whether third-parties have access to the data. Failure in this respect may result in disclosure of confidential information and/or waiver of the attorney/client privilege (i.e., malpractice).
  • USE COMMON SENSE!   Treat your iPad like you would a paper file of highly confidential client documents.  Do not leave it unattended in unsecure areas.  Keep it locked up when not in use.

If you follow these tips, confidential information on your iPad should be “reasonably” secure.  Ignore them and your license may not be.  Have a Nice Day :).

Important iPad Security Tip for Lawyers

The blog iPad4lawyers has an excellent security tip. The simple 4 number pass code protection offered as a first default when security is enabled on the iPad is very weak. However, the iPad has the capability to require a strong password or even number/letter combinations. Tap the link below for directions in setting up your iPad with a strong password/number combination:

iPad4Lawyers link

In my opinion, if you are going to store confidential information on your iPad, a strong passcode is a must.

Supplementing Attorney Notes with Synched Audio Recordings (PC and iPad)

There are a number of PC programs and iPad applications that can be used to audio record voices and sounds while an attorney takes notes—synching the recording to the notes for easy reference.  This is an extremely useful tool when conducting witness interviews, attending meetings and when conducting or defending depositions. 

For example, suppose you are deposing the expert for an opposing party.   The expert gives long detailed answers during the course of the deposition.  If you have recorded the deposition with a program or app that synchs the recording with your notes, you simply highlight or click your note entry on the particular part of the testimony in which you have interest, and that section of the deposition recording is played back for your review.  You can then determine whether you are satisfied with the testimony or whether further examination is required.

Those that follow this blog know that I am a big fan of MS OneNote for the PC.  See   The Paperless Lawyer,   OneNote has many useful case management attributes.  One of them is an audio recording feature that permits creating a recording that is correlated with the typewritten notes being taken.  Access this functionality by clicking on the microphone on the tool bar.  Video recording is also supported.

On the iPad, there are a number of applications that provide this same functionality (audio only).  One of my favorites is Notability, which does a good job recording sounds as you type and then synching these sounds to your notes for easy reference.  Another Application I have used is AudioNote.  AudioNote is unique because it records and synchs with handwritten notes, or typed notes, or both.  As you play back the audio, your notes (handwritten and/or typed) are highlighted.  If you want to hear the part of the recording that correlates with a particular section in you notes, just tap on the words and voila, the App advances or reverses to that section of the recording.

In preparation for a recent deposition, I preloaded my examination outline (cut and paste) into AudioNote on the iPad.  I took notes for the deposition by hand and typing, while simultaneously also using the recording function of the App (after informing those present of my use of a recording device—see below).  In my preloaded outline, I had a checklist for each of my “objectives” for the deposition. As that objective was addressed by witness testimony, I simply checked it off the list. On a break toward the end of the deposition, I then reviewed the key testimony by tapping my objective checkmarks on the outline.  The App then played the correlated testimony.  I found the quick review of testimony to be very useful.

Obviously, there are many situations in which a recorded backup synched to your notes could be useful.  However, one word of caution, a number of jurisdictions require that everyone present be informed that that they are being recorded.  In my home jurisdiction of South Carolina, the general rule is that an attorney may not surreptitiously record anybody, i.e., that everyone be informed. See e.g.

As a practical matter because my practice takes me all over the country, when recording, I advise everyone in the room.  I have not had any objections so far to the recording of deposition testimony. This is probably because the proceeding is being recorded anyway by the Court Reporter (often with an audio recorder backup) and deponents expect to be recorded.  In the case of investigations and meetings, you will need to assess whether the advantages of recording outweigh the potential disadvantage of chilling discussion or candid responses.

Join the Debate– Is the iPad a Practical Tool for Lawyers?

In his blog “Spam Notes,”  Venkat Balasubramani has penned a well written debate provoking piece entitled “What is the ‘iPad for lawyers” Crowd Smoking.”  See

The author focuses on the fact that every lawyer need seems to require the purchase of a specialized App or piece of equipment such as a separate key board.  While this is generally true, the Apps generally range in price from free to less than $10, with the majority probably averaging $3.  With a $100 App budget and a little prior research, a lawyer can put together a potent set of Apps that facilitate work in that lawyer’s preferred style.  Compare this cost to that of  a suite of PC or Mac software, and you are likely find a suite of Apps to be a bargain.

While I agree that the iPad cannot completely replace a laptop (I frequently travel with a laptop and two iPads- for the reason see my blog article  Depo Prep with the iPad), it can come quite close in many situations.   I am a road warrior with most of my cases being located out of my home jurisdictions of SC and NC.   The multi-jurisdictional practice of law, which has been the norm for me for many years,  is becoming more and more common.  The iPad is a compliment to this practice.  The 25 minutes I can use the iPad while the plane is boarding is valuable time.  Because of its size, the iPad is also much easier to use on a crowded commuter jet in flight.  In the real world, my laptop generally stays packed up until I get to the hotel.

The iPad is also clearly superior to a laptop for:

  • Reading documents;
  • Making and sharing  hand annotations and edits to pdf files;
  • Taking, storing and sharing handwritten notes;
  • Paper free depo prep (see my blog article);
  • Marketing presentations;
  • Travel logistics (reservations, directions);
  • Websurfing (ok– flash is an issue, but less and less so);
  • Battery life;
  • Truly mobile computing.

Right now, we are at the tipping point where using the iPad for real lawyer work may be practical only for those on the cutting edge that are willing to invest substantial time and effort into molding the iPad into the tool they need.  However, that’s the way it is with revolutionary technology- early adopters pave the way for mass use.  I predict that iPad and similar tablet devices will soon become as routine and ubiquitous as lawyer tools, as the smart phone and the laptop are today.  Remember when lawyers first adopted Blackberrys (just a few short years ago).

If you enjoy being a part of adopting new technology to transform work, this is a wonderful time to be practicing law.

How to Convert Video for use in iMovie on iPad2

Recently we reviewed iMovie on the iPad2 for use by lawyers.  While it may appear on first blush that only video taken using the iPad2 camera is recognized by iMovie, this is not the case.

The trick is to convert what ever video format your are using to mp4 (h264 codec; 1280 x 720)).  Reportedly this can be done by using a free video converter “Aleesoft Free ipad Video Converter.” However, I was unable to get this to work.

I was successful using Replay Media Catcher 4 (“RMC4″), a program I have used for over a year.  My practice often involves litigating advertising claims. I use RMC4 to capture streaming video of offending commercials.  One side feature feature of RMC4 is that it will convert almost any format video file to almost any video format you need. This PC based program is $39. See  A 30 day free trial is offered.

Using RMC4,  I have converted content from a Sony HD video camera , a Blackberry Bold Smart phone, random YouTube videos, and video from a deposition (unknown format),  all to MP4 format that when sychronized through iTunes, to photos, was recognized by iMovie. 

Using RMC4 you simply choose to convert to iPad (MP4 H264;30fps; 1280x 720;AAC). You then use the browse function to select the video file you desire to convert.  After selecting the video, click on convert.

Once the file is converted, sync your iPad with iTunes.  Select your iPad as the device in the left side tool bar.  Choose Photos in the top menu bar. Then set your iPad default to copy all photos (including videos– need to check “include videos box”)  Once that is done, hit the sync button at the right bottom corner of the screen.   After the sync, your video should appear both in iMovie and your camera roll.  From here, it is ready to edit and publish.

If there are easier ways to do this, we would love to hear about them.

Using the iPad for Witness Preparation

Video demo available:

Have you purchased an iPad2 and are now looking for a good use for your original iPad? Consider using it as a deposition preparation tool. I am a trial attorney and primarily litigate complex business cases. My practice is national in scope, and I am often on the road preparing witnesses for deposition, hearing, or trial testimony. This typically involves reviewing dozens if not hundreds of documents with the various witnesses. Prior to the iPad that often meant lugging around two or more bankers boxes all over the country. NO MORE.

Now, I load the documents for review on both my iPad2 and my original iPad (which is been sanitized to remove any sensitive legal documents or information in cases other than the one involving the witness).

Goodreader is my document review reader of choice. I like it because it can handle large documents and a large volume of documents. Goodreader also allows for the annotation or highlighting of PDF and documents. If your documents were produced in TIF format, they are easily converted to PDF.

The best way to load a large volume of documents into Goodreader is to use iTunes. To do this, connect your iPad to your computer. After iTunes opens, select your device. Then go to the menu at the top of the screen and select “Apps.” When the App screen loads up, go to the bottom and select Goodreader. In the box to the right, touch “add” and the use the browse feature to select the files you want to copy to the iPad from you computer.

Alternatively, if the volume of documents is not too significant, Dropbox can be used to transfer the documents. If you’re going to use this method, then I recommend creating a folder with the case or witness name on your PC, loading copies of all the review documents into that folder and then moving the entire folder folder into Dropbox. On the iPad, the folder will appear in Dropbox. Simply select the folder, and individual documents will appear. Open each of the documents individually Goodreader to move it over. This requirement to individually open each document in Dropbox and them move it to Goodreader is why I prefer the iTunes bulk transfer method.

Whichever method you use to load the documents, the end result will be a bunch of individual files in Goodreader. My practice is to create a folder for the witness or the case using Goodreader’s manage files function, and then move the documents into that folder. If you have a number of witnesses to prepare, simply make a folder for each witness.

For the actual prep session, provide the witness with their own iPad loaded with the documents. These documents might be identified by descriptive title, by Bates number or by a simple exhibit numbering or lettering system.

Ideally, during the prep session the lawyer’s iPad2 will be connected to a projection device or monitor allowing the attorney to annotate or highlight documents and discuss them with the witness. The iPad 2 has the mirror function that permits display of the documents and anything else on the device. Goodreader also displays the documents on iPad1 if you turn on the video display feature (screen icon at bottom on file management screen). Because both the lawyer and the deponent’s iPads are connected by e-mail and dropbox (assuming active internet connection), the lawyer has the option of adding additional review documents to the client’s iPad on the fly during the course of the deposition prep.

At the end of the deposition, retrieve the witnesses’ iPad— thus, avoiding the problem of loose documents floating around. It should be noted that Goodreader has the capability to password protect folders and it is my practice to use this function.

So that’s deposition preparation using the iPad. We welcome any suggestions you might have that could improve upon our suggested methodology. Please post any comments to our blog site or you can e-mail me at

Three Minute Video Review of iMovie and teleprompt+

Click the link for my favorable, less than three minute, video reviews of iMovie (iPad2 only– or is it?)  and teleprompt+ (iPad and iPad2):

In a nutshell, iMovie has surprising robust editing capability.  I found the following YouTube video to be straight to the point and very instructive on how to use iMovie:


teleprompt+ is an amazing teleprompter App.  Perfect to use on the podium for that big speech.  I use and show it in action in the demo.

10 Best iPad Apps for Lawyers -15 Minute Video Demo

Here is the link to our first video where we demo the apps on’s current top ten iPad apps for lawyers list.  Please be kind– this is a first attempt.

The top 10 are:

1.  Dropbox  (file transfer among conputers and devices)

2.  Goodreader  (media viewing and content management)

3.  iAnnotate PDF  (Best at marking up PDF files– lots of features)

4.  Penultimate (best handwriting note taking app)

5.  Pages (Best word processor– converts to Word)

6.  DocsToG0  (allows editing of .doc, .xls, .ppt documents among others)

7.  MobileNoter  (syncs with MS One Note– our favorite case organizer (see review))

8.  Keynote (Apple version of PowerPoint.  PowerPoint files can be converted)

9.   Fastcase  (Free legal research data base. State/Federal cases and statutes)

10.  Dragon Dictation (voice dictation– very cool)

We will update this list as new Apps come to our attention.

If you have a favorite App not on the list that you beleive is particularly well suited for use by lawyers, we would love to hear about it.


I have been testing BlackTrack for several months now.  BlackTrack is a time tracker application for use with BlackBerry® smartphones. It provides on demand, daily, weekly and/or monthly reports of your phone/email/SMS activity with optional notes entries, all of which are helpful for billing time and completing timesheets.

From your Blackberry, you can customize all settings and functions. BlackTrack provides complete, pop-up free tracking as soon as it is installed, with the option to customize all settings.  BlackTrack works invisibly in the background.  It sends you a time report via e-mail on an interval that you select that gives date/time and minutes for each call.  It also reports the time spent typing or reading a particular email or SMS message on the Blackberry.  If you are on a Blackberry enterprise server, BlackTrack also captures basic caption information from every email you send or receive on the exchange system from your desktop (although it only provides length of time information for email and sms messages read or drafted on the Blackberry).

As for security, the provider states that BlackTrack’s activity data is stored only in the BlackBerry’s internal memory and can only be accessed by users who have permissions to view the BlackBerry or the registered email account.  The BlackTrack data is not sent to any server other than the users own e-mail system. Below is an example screenshot of a sample BlackTrack report:

 The cost of the application is $4.99 at the BlackBerry App store.  There is also a Blacktrack Lite version available for free that has most (but not all) of the functionality of the paid version, but which you have to keep registering on a monthly basis. See for more information.  I highly recommend this application if you are a heavy Blackberry/cell phone user and find yourself losing track of billable time during the course of the month.