Data rooms are secure spaces used for housing data, usually of a privileged or confidential nature. They can be physical data rooms, virtual data rooms (VDRs), or data centers. They are primarily used for a variety of corporate purposes, including data storage, document exchange, file sharing, financial transactions, and legal proceedings. Today, data rooms are central to workflows in mergers and acquisitions, venture capital, and corporate restructuring, increasingly utilizing artificial intelligence to securely manage and review large datasets. Historically, data rooms were strictly physical locations heavily guarded and monitored. Today, the vast majority of corporate data rooms are hosted virtually on secure cloud platforms, though physical rooms are still occasionally used for highly sensitive government or proprietary intelligence. == Physical Data Rooms == In mergers and acquisitions (M&A), the traditional data room genuinely consists of a physically secured and continually monitored room, normally in the vendor's offices or those of their legal counsel. Bidders and their advisers visit this room in order to inspect and report on various documents, legal contracts, and financial statements made available during the due diligence process. Historically, physical data rooms presented significant logistical challenges. Often, only one bidder at a time was allowed to enter to maintain document integrity and confidentiality. If new documents or new versions of documents were required, they had to be brought in by courier as hardcopies. Teams involved in large due diligence processes typically had to be flown in from many regions or countries and remain available throughout the process. Because these teams comprised a number of experts in different fields—such as legal counsel, forensic accountants, and industry specialists—the overall cost of keeping such groups on call near the physical data room was often extremely high. == Virtual Data Rooms (VDRs) == To address the costs and logistical bottlenecks of physical data rooms, virtual data rooms (VDRs) were developed to provide secure, online dissemination of confidential information. A VDR is essentially a secure cloud repository with strictly controlled access. Access is managed through secure log-ons supplied by the vendor or authority, which can be disabled at any time if a bidder withdraws from a transaction. Because much of the information released during corporate transactions is highly confidential, VDRs utilize digital rights management (DRM) to control information. Restrictions are applied to the viewers' ability to release data to third parties by disabling forwarding, copying, or printing capabilities. Modern VDRs also employ dynamic watermarking and detailed auditing capabilities. Detailed auditing is required for legal reasons so that a precise digital footprint is kept of who has viewed which version of each document, and for how long. Furthermore, modern VDR platforms are typically built to comply with stringent information security standards such as ISO 27001 and SOC 2. Transitioning from sequential physical data rooms to parallel virtual data rooms has been shown to significantly reduce the duration of M&A transactions while allowing sellers to field multiple bidders simultaneously. == Key Applications == Data rooms are commonly used by legal, accounting, investment banking, and private equity firms. Primary applications include: Mergers and Acquisitions (M&A): VDRs are central to the sell-side M&A process. After potential buyers sign a Non-Disclosure Agreement (NDA) and review a Confidential Information Memorandum (CIM), they are granted data room access to perform deep financial due diligence, such as Quality of Earnings (QoE) analysis and legal liability assessments. Venture Capital and Startups: Startups use data rooms as a centralized location for key operational data, capitalization tables, and financial projections to streamline due diligence for angel investors and venture capital firms during fundraising rounds. Initial Public Offerings (IPOs): Taking a company public requires intense regulatory scrutiny. Data rooms are used to securely share company histories and financial audits with investment bankers, legal teams, and regulatory bodies. Corporate Restructuring and Insolvency: During bankruptcies or corporate carve-outs, data rooms are used to organize outstanding debt profiles, creditor agreements, and operational liabilities. == Emerging Technologies == In recent years, the management of virtual data rooms has increasingly incorporated Artificial Intelligence (AI) and Machine Learning (ML). Generative AI and Natural Language Processing (NLP) tools are now integrated into VDRs to automatically index thousands of documents, perform auto-redaction of personally identifiable information (PII), and assist buy-side analysts in identifying hidden liabilities within unstructured text data during the due diligence phase. Modern AI algorithms can extract line items from financial statements to instantly populate structured databases.
RFPolicy
The RFPolicy outlines a method for contacting vendors about security vulnerabilities found in their products. It was initially written in 2000 by hacker and security consultant Rain Forest Puppy. It was perhaps the second disclosure policy, following Simple Nomad's. The policy gives the vendor five working days to respond to the reporter of the bug. If the vendor fails to contact the reporter within those five days, the issue is recommended to be disclosed to the general community. The reporter should help the vendor reproduce the bug and work out a fix. The reporter should delay notifying the general community about the bug if the vendor provides feasible reasons for requiring so. If the vendor fails to respond or shuts down communication with the reporter of the problem within five working days, the reporter should disclose the issue to the general community. When issuing an alert or fix, the vendor should give the reporter proper credit for reporting the bug. Context for the history of vulnerability disclosure is available in a history article.
Transparent decryption
Transparent decryption is a method of decrypting data which unavoidably produces evidence that the decryption operation has taken place. The idea is to prevent the covert decryption of data. In particular, transparent decryption protocols allow a user Alice to share with Bob the right to access data, in such a way that Bob may decrypt at a time of his choosing, but only while simultaneously leaving evidence for Alice of the fact that decryption occurred. Transparent decryption supports privacy, because this evidence alerts data subjects to the fact that information about them has been decrypted and disincentivises data misuse. Recent work further formalizes transparent decryption and explores practical implementations based on cryptographic protocols and blockchain systems. == Applications == Transparent decryption has been proposed for several systems where there is a need to simultaneously achieve accountability and secrecy. For example: In lawful interception, law enforcement agencies can access private messages and emails. Transparent decryption can make such accesses accountable, giving citizens guarantees about how their private information is accessed. Data arising from vehicles and IoT devices may contain personal information about the vehicle or device owners and their activities. Nevertheless, the data is typically processed in order to provide user functionality and also to investigate and fight crime. Transparent decryption can be used to help users monitor when and how data about them is being accessed and used. == Implementation == In transparent decryption, the decryption key is distributed among a set of agents (called trustees); they use their key share only if the required transparency conditions have been satisfied. Typically, the transparency condition can be formulated as the presence of the decryption request in a distributed ledger. == Alternative solutions == Besides transparent decryption, some other techniques have been proposed for achieving law enforcement while preserving privacy. Solutions that allow competing parties to unify their data access policies. Attribute-based encryption with oblivious attribute translation (OTABE) is an extension of attribute-based encryption that allows translation between proprietary attributes belonging to different organisations, and it has been applied to the problem of law-enforcement access to phone call metadata. Solutions that rely on sophisticated cryptography, such as zero-knowledge proofs that the actions of law enforcement is consistent with judge rulings and the actions of companies, and multi-party computation to compute results.
Strong cryptography
Strong cryptography or cryptographically strong are general terms used to designate the cryptographic algorithms that, when used correctly, provide a very high (usually insurmountable) level of protection against any eavesdropper, including the government agencies. There is no precise definition of the boundary line between the strong cryptography and (breakable) weak cryptography, as this border constantly shifts due to improvements in hardware and cryptanalysis techniques. These improvements eventually place the capabilities once available only to the NSA within the reach of a skilled individual, so in practice there are only two levels of cryptographic security, "cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files" (Bruce Schneier). The strong cryptography algorithms have high security strength, for practical purposes usually defined as a number of bits in the key. For example, the United States government, when dealing with export control of encryption, considered as of 1999 any implementation of the symmetric encryption algorithm with the key length above 56 bits or its public key equivalent to be strong and thus potentially a subject to the export licensing. To be strong, an algorithm needs to have a sufficiently long key and be free of known mathematical weaknesses, as exploitation of these effectively reduces the key size. At the beginning of the 21st century, the typical security strength of the strong symmetrical encryption algorithms is 128 bits (slightly lower values still can be strong, but usually there is little technical gain in using smaller key sizes). Demonstrating the resistance of any cryptographic scheme to attack is a complex matter, requiring extensive testing and reviews, preferably in a public forum. Good algorithms and protocols are required (similarly, good materials are required to construct a strong building), but good system design and implementation is needed as well: "it is possible to build a cryptographically weak system using strong algorithms and protocols" (just like the use of good materials in construction does not guarantee a solid structure). Many real-life systems turn out to be weak when the strong cryptography is not used properly, for example, random nonces are reused A successful attack might not even involve algorithm at all, for example, if the key is generated from a password, guessing a weak password is easy and does not depend on the strength of the cryptographic primitives. A user can become the weakest link in the overall picture, for example, by sharing passwords and hardware tokens with the colleagues. == Background == The level of expense required for strong cryptography originally restricted its use to the government and military agencies, until the middle of the 20th century the process of encryption required a lot of human labor and errors (preventing the decryption) were very common, so only a small share of written information could have been encrypted. US government, in particular, was able to keep a monopoly on the development and use of cryptography in the US into the 1960s. In the 1970, the increased availability of powerful computers and unclassified research breakthroughs (Data Encryption Standard, the Diffie-Hellman and RSA algorithms) made strong cryptography available for civilian use. Mid-1990s saw the worldwide proliferation of knowledge and tools for strong cryptography. By the 21st century the technical limitations were gone, although the majority of the communication were still unencrypted. At the same the cost of building and running systems with strong cryptography became roughly the same as the one for the weak cryptography. The use of computers changed the process of cryptanalysis, famously with Bletchley Park's Colossus. But just as the development of digital computers and electronics helped in cryptanalysis, it also made possible much more complex ciphers. It is typically the case that use of a quality cipher is very efficient, while breaking it requires an effort many orders of magnitude larger - making cryptanalysis so inefficient and impractical as to be effectively impossible. == Cryptographically strong algorithms == This term "cryptographically strong" is often used to describe an encryption algorithm, and implies, in comparison to some other algorithm (which is thus cryptographically weak), greater resistance to attack. But it can also be used to describe hashing and unique identifier and filename creation algorithms. See for example the description of the Microsoft .NET runtime library function Path.GetRandomFileName. In this usage, the term means "difficult to guess". An encryption algorithm is intended to be unbreakable (in which case it is as strong as it can ever be), but might be breakable (in which case it is as weak as it can ever be) so there is not, in principle, a continuum of strength as the idiom would seem to imply: Algorithm A is stronger than Algorithm B which is stronger than Algorithm C, and so on. The situation is made more complex, and less subsumable into a single strength metric, by the fact that there are many types of cryptanalytic attack and that any given algorithm is likely to force the attacker to do more work to break it when using one attack than another. There is only one known unbreakable cryptographic system, the one-time pad, which is not generally possible to use because of the difficulties involved in exchanging one-time pads without them being compromised. So any encryption algorithm can be compared to the perfect algorithm, the one-time pad. The usual sense in which this term is (loosely) used, is in reference to a particular attack, brute force key search — especially in explanations for newcomers to the field. Indeed, with this attack (always assuming keys to have been randomly chosen), there is a continuum of resistance depending on the length of the key used. But even so there are two major problems: many algorithms allow use of different length keys at different times, and any algorithm can forgo use of the full key length possible. Thus, Blowfish and RC5 are block cipher algorithms whose design specifically allowed for several key lengths, and who cannot therefore be said to have any particular strength with respect to brute force key search. Furthermore, US export regulations restrict key length for exportable cryptographic products and in several cases in the 1980s and 1990s (e.g., famously in the case of Lotus Notes' export approval) only partial keys were used, decreasing 'strength' against brute force attack for those (export) versions. More or less the same thing happened outside the US as well, as for example in the case of more than one of the cryptographic algorithms in the GSM cellular telephone standard. The term is commonly used to convey that some algorithm is suitable for some task in cryptography or information security, but also resists cryptanalysis and has no, or fewer, security weaknesses. Tasks are varied, and might include: generating randomness encrypting data providing a method to ensure data integrity Cryptographically strong would seem to mean that the described method has some kind of maturity, perhaps even approved for use against different kinds of systematic attacks in theory and/or practice. Indeed, that the method may resist those attacks long enough to protect the information carried (and what stands behind the information) for a useful length of time. But due to the complexity and subtlety of the field, neither is almost ever the case. Since such assurances are not actually available in real practice, sleight of hand in language which implies that they are will generally be misleading. There will always be uncertainty as advances (e.g., in cryptanalytic theory or merely affordable computer capacity) may reduce the effort needed to successfully use some attack method against an algorithm. In addition, actual use of cryptographic algorithms requires their encapsulation in a cryptosystem, and doing so often introduces vulnerabilities which are not due to faults in an algorithm. For example, essentially all algorithms require random choice of keys, and any cryptosystem which does not provide such keys will be subject to attack regardless of any attack resistant qualities of the encryption algorithm(s) used. == Legal issues == Widespread use of encryption increases the costs of surveillance, so the government policies aim to regulate the use of the strong cryptography. In the 2000s, the effect of encryption on the surveillance capabilities was limited by the ever-increasing share of communications going through the global social media platforms, that did not use the strong encryption and provided governments with the requested data. Murphy talks about a legislative balance that needs to be struck between the power of the government that are broad enough to be able to follow the qui
Merit Network
Merit Network, Inc., is a nonprofit member-governed organization providing high-performance computer networking and related services to educational, government, health care, and nonprofit organizations, primarily in Michigan. Created in 1966, Merit operates the longest running regional computer network in the United States. == Organization == Created in 1966 as the Michigan Educational Research Information Triad by Michigan State University (MSU), the University of Michigan (U-M), and Wayne State University (WSU), Merit was created to investigate resource sharing by connecting the mainframe computers at these three Michigan public research universities. Merit's initial three node packet-switched computer network was operational in October 1972 using custom hardware based on DEC PDP-11 minicomputers and software developed by the Merit staff and the staffs at the three universities. Over the next dozen years the initial network grew as new services such as dial-in terminal support, remote job submission, remote printing, and file transfer were added; as gateways to the national and international Tymnet, Telenet, and Datapac networks were established, as support for the X.25 and TCP/IP protocols was added; as additional computers such as WSU's MVS system and the UM's electrical engineering's VAX running UNIX were attached; and as new universities became Merit members. Merit's involvement in national networking activities started in the mid-1980s with connections to the national supercomputing centers and work on the 56 kbit/s National Science Foundation Network (NSFNET), the forerunner of today's Internet. From 1987 until April 1995, Merit re-engineered and managed the NSFNET backbone service. MichNet, Merit's regional network in Michigan was attached to NSFNET and in the early 1990s Merit began extending "the Internet" throughout Michigan, offering both direct connect and dial-in services, and upgrading the statewide network from 56 kbit/s to 1.5 Mbit/s, and on to 45, 155, 622 Mbit/s, and eventually 1 and 10 Gbit/s. In 2003 Merit began its transition to a facilities based network, using fiber optic facilities that it shares with its members, that it purchases or leases under long-term agreements, or that it builds. In addition to network connectivity services, Merit offers a number of related services within Michigan and beyond, including: Internet2 connectivity, VPN, Network monitoring, Voice over IP (VOIP), Cloud storage, E-mail, Domain Name, Network Time, VMware and Zimbra software licensing, Colocation, and professional development seminars, workshops, classes, conferences, and meetings. == History == === Creating the network: 1966 to 1973 === The Michigan Educational Research Information Triad (MERIT) was formed in the fall of 1966 by Michigan State University (MSU), University of Michigan (U-M), and Wayne State University (WSU). More often known as the Merit Computer Network or simply Merit, it was created to design and implement a computer network connecting the mainframe computers at the universities. In the fall of 1969, after funding for the initial development of the network had been secured, Bertram Herzog was named director for MERIT. Eric Aupperle was hired as senior engineer, and was charged with finding hardware to make the network operational. The National Science Foundation (NSF) and the State of Michigan provided the initial funding for the network. In June 1970, the Applied Dynamics Division of Reliance Electric in Saline, Michigan was contracted to build three Communication Computers or CCs. Each would consist of a Digital Equipment Corporation (DEC) PDP-11 computer, dataphone interfaces, and interfaces that would attach them directly to the mainframe computers. The cost was to be slightly less than the $300,000 ($2,487,100, adjusted for inflation) originally budgeted. Merit staff wrote the software that ran on the CCs, while staff at each of the universities wrote the mainframe software to interface to the CCs. The first completed connection linked the IBM S/360-67 mainframe computers running the Michigan Terminal System at WSU and U-M, and was publicly demonstrated on December 14, 1971. The MSU node was completed in October 1972, adding a CDC 6500 mainframe running Scope/Hustler. The network was officially dedicated on May 15, 1973. === Expanding the network: 1974 to 1985 === In 1974, Herzog returned to teaching in the University of Michigan's Industrial Engineering Department, and Aupperle was appointed as director. Use of the all uppercase name "MERIT" was abandoned in favor of the mixed case "Merit". The first network connections were host to host interactive connections which allowed person to remote computer or local computer to remote computer interactions. To this, terminal to host connections, batch connections (remote job submission, remote printing, batch file transfer), and interactive file copy were added. And, in addition to connecting to host computers over custom hardware interfaces, the ability to connect to hosts or other networks over groups of asynchronous ports and via X.25 were added. Merit interconnected with Telenet (later SprintNet) in 1976 to give Merit users dial-in access from locations around the United States. Dial-in access within the U.S. and internationally was further expanded via Merit's interconnections to Tymnet, ADP's Autonet, and later still the IBM Global Network as well as Merit's own expanding network of dial-in sites in Michigan, New York City, and Washington, D.C. In 1978, Western Michigan University (WMU) became the fourth member of Merit (prompting a name change, as the acronym Merit no longer made sense as the group was no longer a triad). To expand the network, the Merit staff developed new hardware interfaces for the Digital PDP-11 based on printed circuit technology. The new system became known as the Primary Communications Processor (PCP), with the earliest PCPs connecting a PDP-10 located at WMU and a DEC VAX running UNIX at U-M's Electrical Engineering department. A second hardware technology initiative in 1983 produced the smaller Secondary Communication Processors (SCP) based on DEC LSI-11 processors. The first SCP was installed at the Michigan Union in Ann Arbor, creating UMnet, which extended Merit's network connectivity deeply into the U-M campus. In 1983 Merit's PCP and SCP software was enhanced to support TCP/IP and Merit interconnected with the ARPANET. === National networking, NSFNET, and the Internet: 1986 to 1995 === In 1986 Merit engineered and operated leased lines and satellite links that allowed the University of Michigan to access the supercomputing facilities at Pittsburgh, San Diego, and NCAR. In 1987, Merit, IBM and MCI submitted a winning proposal to NSF to implement a new NSFNET backbone network. The new NSFNET backbone network service began July 1, 1988. It interconnected supercomputing centers around the country at 1.5 megabits per second (T1), 24 times faster than the 56 kilobits-per-second speed of the previous network. The NSFNET backbone grew to link scientists and educators on university campuses nationwide and connect them to their counterparts around the world. The NSFNET project caused substantial growth at Merit, nearly tripling the staff and leading to the establishment of a new 24-hour Network Operations Center at the U-M Computer Center. In September 1990 in anticipation of the NSFNET T3 upgrade and the approaching end of the 5-year NSFNET cooperative agreement, Merit, IBM, and MCI formed Advanced Network and Services (ANS), a new non-profit corporation with a more broadly based Board of Directors than the Michigan-based Merit Network. Under its cooperative agreement with NSF, Merit remained ultimately responsible for the operation of NSFNET, but subcontracted much of the engineering and operations work to ANS. In 1991 the NSFNET backbone service was expanded to additional sites and upgraded to a more robust 45 Mbit/s (T3) based network. The new T3 backbone was named ANSNet and provided the physical infrastructure used by Merit to deliver the NSFNET Backbone Service. On April 30, 1995, the NSFNET project came to an end, when the NSFNET backbone service was decommissioned and replaced by a new Internet architecture with commercial Internet service providers (ISPs) interconnected at Network Access Points provided by multiple providers across the country. === Bringing the Internet to Michigan: 1985 to 2001 === During the 1980s, Merit Network grew to serve eight member universities, with Oakland University joining in 1985 and Central Michigan University, Eastern Michigan University, and Michigan Technological University joining in 1987. In 1990, Merit's board of directors formally changed the organization's name to Merit Network, Inc., and created the name MichNet to refer to Merit's statewide network. The board also approved a staff proposal to allow organizations other than publicly supported universities, referred to as aff
Identi.ca
identi.ca is a free and open-source social networking and blogging service based on the pump.io software, using the Activity Streams protocol. Identi.ca stopped accepting new registrations in 2013, but continues to operate alongside several other pump.io-based hosts provided by E14N which continue to accept new registrations. == Features == Identi.ca is similar to social networking sites like Facebook and Google+, allowing unlimited length status updates, rich text, and images. The Activity Streams protocol supports many kinds of activities such as games. OpenFarmGame is a prototype application for an Activity Streams-based game. Previous features from its StatusNet version such as hashtags, groups, and global search are not supported. == History == === StatusNet === The service received more than 8,000 registrations and 19,000 updates within the first 24 hours of publicly launching on July 2, 2008, and reached its 1,000,000th notice on November 4, 2008. In January 2009, identi.ca received investment funds from venture capital group Montreal Start Up. On March 30, 2009, Control Yourself (since renamed StatusNet Inc) announced that Identi.ca was to become part of a hosted microblogging service called status.net to be launched in May 2009. Status.net offers individual microblogs under a subdomain to be chosen by the customer. Identi.ca will remain a free service. All notices will be published under the Creative Commons Attribution 3.0 license by default, but paying customers will be free to choose a different license. Formerly based on StatusNet, a micro-blogging software package built on the OStatus specification (and earlier based on the OpenMicroBlogging specification), Identi.ca allowed users to send text updates (known as "notices") up to 140 characters long. While similar to Twitter in both concept and operation, Identi.ca/StatusNet provided many features not currently implemented by Twitter, including XMPP support and personal tag clouds. In addition, Identi.ca/StatusNet allowed free export and exchange of personal and "friend" data based on the FOAF standard; therefore, notices could be fed into a Twitter account or other service, and also ported in to a private system similar to Yammer. === pump.io === Developer Evan Prodromou chose to change the site to the pump.io software platform in development, because pump.io offers more features making it technically more advanced. Registration on Identi.ca was closed in December 2012 in preparation for the switch to pump.io software (the popularity of Identi.ca and "official" Status.net hosting were considered a hindrance to the creation of a federated social network). The conversion was completed on 12 July 2013. The 140 character per post limit was removed (in StatusNet, it was a setting, not an inherent limitation); now the blog posts can contain formatting and images. Groups, hashtags, and a page listing popular posts are not yet implemented in pump.io.
Perfectly Imperfect (platform)
Perfectly Imperfect is an online newsletter and social media platform. It was initially founded in 2020 as a biweekly email newsletter that focused on recommendations. In January 2024, Perfectly Imperfect launched PI.FYI, a social media platform. The platform is based around sharing recommendations. Its main feed is presented in reverse chronological order and is not algorithmically curated. == History == Perfectly Imperfect was started during the COVID-19 pandemic by Tyler Bainbridge, alongside college friends Alex Cushing and Serey Morm, whom he met at UMass Lowell; Morm later departed. Motivated by a dissatisfaction with algorithm-driven recommendation culture, they launched on Substack in September 2020. Its early newsletter format, PI, published brief recommendation lists and personal notes from contributors. Contributors have included a mix of underground artists and more established creative figures, such as Charli XCX, Chloe Cherry, Chloe Wise, and Meetka Otto. In October 2024, PI announced it was leaving Substack to launch its own site. == Overview == The current platform, PI.FYI, features both editorial content (guest columns, long-form essays, staff picks) and user-generated recommendations. The platform also supports "Ask" posts, where users can solicit recommendations from the community, and allows commenting, liking, and profile customization. In August 2025, it launched an events feature. In 2022, Perfectly Imperfect hosted their first offline event at Baby's All Right in Brooklyn, with a performance by The Dare. They have since expanded their event promotion/sponsorship to markets such as Los Angeles, San Francisco, and even Auckland.