Abstract: A method of data storage management. A server receives a data upload request from a remote client, the upload request including information identifying the data to be uploaded. The server determines that a duplicate of the data is stored at a data storage device. The server receives proof of possession information derived by the client from the data using additional information known to the server. On the basis of the received information, the server determines whether to allow the client or a user associated with the client to subsequently access the duplicate data stored at the data storage device.

Abstract: A method and apparatus for controlling location information at a computer device such as a mobile telephone. Location information is intercepted and obtained by, for example, intercepting it from an Application Programming Interface destined for a location application. The location application is identified, and a rule is determined for applying to the location information on the basis of the identified location application. The rule is applied to the location information to give amended location information, and the amended location information is then sent to the location application.

Abstract: A method for determining whether an electronic file stored at a client device is infected with malware. A server receives from the client device a request message that includes signature information of the electronic file. The server queries a database of signature information. If the signature information corresponds to signature information stored on the database, a determination is made as to whether the electronic file is malware. If the signature information does not correspond to signature information stored on the database, a determination is made as to whether a number of further request messages for the electronic file are received from additional client devices within a time period. If fewer request messages are received within the time period, it is likely that the electronic file is malware.

Abstract: A method of detecting malware on a computer system. The method comprises monitoring the behavior of trusted applications running on the computer system and, in the event that unexpected behavior of an application is detected, identifying a file or files responsible for the unexpected behavior and tagging the file(s) as malicious or suspicious. The unexpected behavior of the application may comprise, for example, dropping executable files, performing modifications to a registry branch which is not a registry branch of the application, reading a file type class which is not a file type class of the application, writing portable executable (PE) files, and crashing and re-starting of the application.

Abstract: A method of data storage management. A server receives a data upload request from a remote client, the upload request including information identifying the data to be uploaded. The server determines that a duplicate of the data is stored at a data storage device. The server receives proof of possession information derived by the client from the data using additional information known to the server. On the basis of the received information, the server determines whether to allow the client or a user associated with the client to subsequently access the duplicate data stored at the data storage device.

Abstract: A method and apparatus for a determining whether an electronic file stored at a client device is malware. A server receives from the client device a request message that signature information of the electronic file. The server queries a database of signature information of a multiplicity of electronic files. If the signature information of the electronic file corresponds to signature information stored on the database, a determination is made as to whether the electronic file is malware. If the signature information of the electronic file does not correspond to signature information stored on the database, a determination is made as to whether a predetermined number of further request messages for the electronic file are received from further client devices within a predetermined time period. If fewer request messages are received within the time period, it is likely that the electronic file is malware.