The invention includes delivering and monitoring digital content distributed to correctional facility inmates, giving supervisory authorities the ability to screen the incoming digital content. Digital content can include email, and stored and steamed video content, and can be scanned for keywords by supervisory authorities before delivery to an inmate. A computer kiosk can be used by inmates to view and record digital video content. A portable player is provided to inmates which can be used to play, and in some embodiments record, digital content. The player is issued to a particular inmate, and can only be used with respect to that particular inmate's digital content. The kiosk, and in some embodiments, the player, can be used to shop for items available at a store, for example a commissary.

Systems and methods for use in a secure personal data marketplace are disclosed. In accordance with one method, a request for processed user data from a requesting party is received at an electronic marketplace. The request for the processed user data is published from the electronic marketplace to a plurality of responding agents. The plurality of responding agents determine whether one or more of the users will be a user participant. The responding agents send the user information for the user participants to the electronic marketplace, where the user information is processed in a trusted environment to generate the processed user data requested by the requesting party. The processed user data is sent from the electronic marketplace to the requesting party, and the user information and processed user data is deleted from the electronic marketplace once the processed user data has been sent to the requesting party.

A telecommunications network comprises at least one core network interface for providing interconnection to a core network. At least one base station interface provides communications to at least one user device. At least one server defines a configurable network interconnecting the at least one core network interface and the base station. The configurable network comprises a cloud based virtual radio access network (VRAN). The at least one server defines logically independent network slicing for the configurable network that selects a first network slice responsive to use of the configurable network by a first application and selects a second network slice responsive to use of the configurable network by a second application. The at least one server implements the VRAN in a first configuration responsive to use of the first application by the configurable network and a second configuration responsive to use of the second application by the configurable network. At least one transceiver associated with the at least one base station interface for provides massive MIMO communications between the at least one server and the at least one user device.

An apparatus for monitoring a plurality of devices that use a plurality of networks includes a network interface and a processor. The processor is configured to receive, via the network interface, a plurality of packets that were collectively communicated, from the devices, via all of the networks, to aggregate the packets, using at least one field that is included in respective packet headers of the packets, into a plurality of packet aggregations, such that all of the packets in each one of the packet aggregations were collectively communicated from no more than one of the devices, to group the packet aggregations into a plurality of groups, such that there is a one-to-one correspondence between the groups and the devices, in that all of the packets in each of the groups were collectively communicated from a different respective one of the devices, and to generate an output in response thereto.

Methods and apparatus, including computer program products, for surreptitiously installing, monitoring, and operating software on a remote computer controlled wireless communication device are described. One aspect includes a control system for communicating programming instructions and exchanging data with the remote computer controlled wireless communication device. The control system is configured to provide at least one element selected from the group consisting of: a computer implemented device controller; a module repository in electronic communication with the device controller; a control service in electronic communication with the device controller; an exfiltration data service in electronic communication with the device controller configured to receive, store, and manage data obtained surreptitiously from the remote computer controlled wireless communication device; and a listen-only recording service in electronic communication with the device controller.

A serial tap device consists of a first serial port, a second serial port directly connected to the first serial port by multiple serial lines, and a switch configured to selectively connect one or more of the multiple serial lines to a convertor module. The convertor module is configured to convert serial communications signals from the one or more serial lines to transistor-transistor logic (TTL) level signals. The serial tap device includes a communications module and a processor which operates to capture data from the TTL level signals, generate packets containing the captured data, and transmit the packets to a communications network, such as the internet, through the communications module. The serial tap device may be connected inline, between two serial devices, in order to capture data exchanged in serial communication flows between the devices and transmit the captured data to a remote server.

Agencies issue recording devices to personnel for administrating and monitoring controlled calls during the course of their duties. To provide flexible capabilities to agencies, a virtual number is provisioned and configured to enable an operator to administrate controlled calls without dedicated recording devices. Using the virtual number, the operator may setup a controlled call between a victim and a baddie. The victim is contacted via the virtual number by the operator and optionally informed about the controlled call process. In turn, the baddie is contacted using number information of the victim's phone and connected with the victim. Call audio between the victim and baddie is transmitted to the operator. When necessary, the operator may terminate the call remotely from the telephonic device the operator used to setup the call.

A method, system, and a computer program product for reducing consumption of resources for lawful interception or retention data related to traffic concerning a 2G/3G target mobile connected to a telecommunications network interworking with Evolved Packet System is provided. A first parameter value in traffic for which lawful interception or data retention has been activated is detected at a first node. Based on at least the first parameter value, whether the traffic will be intercepted or retained at a second node crossed by the traffic is evaluated. If the second node will intercept or retain the traffic, the first node foregoes a lawful interception request or retention of intercepted data.

According to one embodiment, a web application layer attack detector (AD) is coupled between an HTTP client and a web application server. Responsive to receipt of a set of packets from the HTTP client carrying a web application layer message that violates a condition of a security rule, the AD transmits an alert package to an automatic attribute value generation and rule feedback module (AVGRFM). The AVGRFM uses the alert package, and optionally other alert packages from the same AD or other ADs, to automatically generate a new set of attribute values for each of a set of attribute identifiers for use, by the AD or other ADs, in a different security rule than the violated security rule. The new set of attribute values may be used in an attack specific rule to detect a previously unknown web application layer attack.

One example method includes intercepting an IO that is directed to a volume, writing the IO to a grid-CG that is one of a plurality of grid-CGs that collectively form a distributed CG, adding the IO to a stream journal associated with the grid-CG, receiving a bookmark request, in response to the bookmark request, inserting a bookmark in the stream journal, incrementing a splitter counter and broadcasting a splitter counter value to the grid-CGs in the distributed CG, and inserting the bookmark in respective stream journals of the grid-CGs in the distributed CG.