Friday, December 24, 2010

A small but typical breach. There was no security beyond a password, no security training, and no record of what information had been loaded on the laptop.

Computer with information on 3,100 Mankato Clinic patients stolen

A laptop computer with personal and medical information on more than 3,000 Mankato Clinic patients was stolen nearly two months ago. Randy Farrow, CEO of the Mankato Clinic, said Thursday that while they take the security breach very seriously, it is unlikely that anyone has accessed the password-protected information. [Unless they wanted to... Bob]

And Farrow said patients do not have to take any measures to protect themselves because no financial information, Social Security numbers or home addresses of patients were on the laptop data.

… The laptop contained a spreadsheet which included personal health information of 3,159 patients. The patient information includes: patient¹s full name, date of birth, medical record number, healthcare provider¹s name, encounter date, and diagnosis information.

… He said it took nearly two months to notify the public and patients about the theft as the clinic did it¹s own internal investigation and pieced together what was on the laptop and which and how many patients were affected. [Because they didn't know... Bob]

Farrow said nurses often travel between clinic locations and brings their laptops with them. [I must assume this means the laptops thay have been issued. They couldn't mean the nurses personal computer, could they? Bob]

The breach has prompted the clinic to institute more safeguards, including mandatory security training of all staff, using encryption software on all mobile computers and establishing a more stringent policy on mobile computer devices.

Local It's one thing to be “tough on illegal immigration” but quite another to fish for possible illegals by rummaging through tax records. (Shouldn't they be looking for illegals who DON'T pay their taxes?)

Judge issues permanent injunction against DA, Weld sheriff in Operation Number Games

December 23, 2010 by Dissent

Nate A. Miller reports:

A Larimer District Court judge has put a formal end to efforts on the part of Weld District Attorney Ken Buck and Weld County Sheriff John Cooke to crack down on illegal immigration and identity theft using records from a Greeley tax preparer.

In a decision Tuesday, District Judge Stephen Schapanski made permanent a temporary injunction issued against Buck and Cooke in April. The ruling directs the Weld County court clerk to destroy all copies of information obtained from the search and seizure of tax files from Amalia’s Translation & Tax Service in Greeley in 2008. Weld authorities also are forbidden from using any information learned from the contents of those files.

Read more in the Greeley Tribune. The ACLU’s press release can be found on the Colorado ACLU site.

There must be more to this, right? How did this make air travel safer?

Woman arrested at ABIA after refusing enhanced pat down

… Claire Hirschkind, 56, who says she is a rape victim and who has a pacemaker-type device implanted in her chest, says her constitutional rights were violated. She says she never broke any laws. But the Transportation Security Administration disagrees.

… Hirschkind said because of the device in her body, she was led to a female TSA employee and three Austin police officers. She says she was told she was going to be patted down.

"I turned to the police officer and said, 'I have given no due cause to give up my constitutional rights. You can wand me,'" and they said, 'No, you have to do this,'" she said.

Hirschkind agreed to the pat down, but on one condition.

"I told them, 'No, I'm not going to have my breasts felt,' and she said, 'Yes, you are,'" said Hirschkind.

When Hirschkind refused, she says that "the police actually pushed me to the floor, (and) handcuffed me. I was crying by then. They drug me 25 yards across the floor in front of the whole security."

An ABIA spokesman says it is TSA policy that anyone activating a security alarm has two options. One is to opt out and not fly, and the other option is to subject themselves to an enhanced pat down. Hirschkind refused both and was arrested. [How exactly do you “refuse” to “not fly” if they won't let you past security? Bob]

… The TSA did release a statement Wednesday that said in part, "Our officers are trained to treat all passengers with dignity and respect. Security is not optional." [Apparently it is. If you can refuse to fly... Bob]

(Related) Security Theater...

TSA Investigates Pilot Who Exposed Security Flaws

"The TSA is investigating a TSA deputized pilot who posted videos to YouTube pointing out security flaws. Flaws exposed include ground crew clearing security with just a card swipe while pilots have to go through metal detectors, and a 'medieval-looking rescue ax' being available on the flight deck. Three days after posting the video, 6 government officials arrived at his door to question him and confiscated his federal firearm (and his concealed weapon permit)."

For my Ethical Hackers

Two privacy-related bills signed into law this week

December 23, 2010 by Dissent

This week, President Obama signed several bills into law that have privacy implications. In addition to repealing Don’t Ask Don’t Tell, he signed The Social Security Number Protection Act of 2010 and The Truth in Caller ID Act.

The former bill is intended to help reduce identity theft by restricting the use of full Social Security Numbers on government-issued checks and by preventing prisoners from having access to Social Security Numbers. A number of media stories in the past few years had revealed how government agencies were contracting with prisons, who, in turn, had prisoners doing work that gave them access to SSN.

The second bill prohibits any person within the United States from knowingly transmitting misleading or inaccurate caller identification information “with the intent to defraud, cause harm, or wrongfully obtain anything of value.” Exemptions to the prohibition include law enforcement. People who violate the law may face forfeiture or criminal fines.


U.S. Commerce Department Unveils Online Privacy Framework

December 23, 2010 by Dissent

Richard L. Santalesa writes:

Though overshadowed by the December 1st release of the FTC’s Privacy Framework (see our coverage here, here, here and the report itself here), we wanted to at least give a nod before the year runs out to the Department of Commerce’s own report, entitled Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework, and less formally known as the Internet Policy Task Force Privacy Green Paper (the “Report”), available here.

Read more on InformationLawGroup.

Think of this as a “personal drone” No doubt this will result in laws banning model aircraft in cities (or over Area 51?) but it does show the potential for “Google Drone”

Breath-Taking Aerial Video Footage from New York City – Taken by a RC Plane!

Expert remote control pilot Raphael “Trappy” Pirker recently took his 54 inch Zephyr model plane on a harrowing tour of Manhattan and the surrounding area. The best part: his RC vehicle was fitted with a camera that wirelessly transmitted an amazing recording of everything it saw – Pirker was piloting his craft with this visual feed. As you can see in the video below, the results were spectacular. The plane looks to be flying within a few feet of buildings and whizzing past bridges with ease. You have to check out around 2:01 when he starts to buzz the Statute of Liberty. Phenomenal! First person view (FPV) flying is a growing part of the RC community and watching footage like this I can certainly see why. Could the new era of personal video recording be spreading to the sky?

… Pirker has tested his RC and video electronics to a distance of 27 miles. According to calculations, the maximum range would be 120 miles!

… It’s the extreme nature of Pirker’s flight that has garnered him praise and condemnation. The Academy of Model Aeronautics issued a statement declaring his flight “posed a significant threat to people and property.” In an interview with FliteTest, Pirker explained that he didn’t violate FAA airspace (the Zephyr was a model craft), and that he and his team took precautions to make sure that the plane wouldn’t fall on innocent people in the case of failure.

For my Statistics students

Scientifically, You Are Likely In the Slowest Line

"As you wait in the checkout line for the holidays, your observation is most likely correct. That other line is moving faster than yours. That's what Bill Hammack (the Engineer Guy), from the Department of Chemical and Biomolecular Engineering at the University of Illinois — Urbana proves in this video. Ironically, the most efficient set-up is to have one line feed into several cashiers. This is because if any one line slows because of an issue, the entry queue continues to have customers reach check-out optimally. However, this is also perceived by customers as the least efficient, psychologically."

For the Swiss Army folder...

FreeFileConverter: Various File Format Conversion Tool

There are different online tools that can be used to convert files between formats of certain file types. This means you need to bookmark a separate conversion site for video, audio, and document files. Fortunately “FreeFileConverter” merges all of those conversion tools and presents them on a single dashboard.

The file can be of any type: audio, video, or a document. Using the site is very easy: you select a file from your computer or enter its URL, then select the desired output format, and click on the “Convert” button. The output format options are provided according to the type of file you select.

When the file is converted the output can be downloaded in the desired format or as a ZIP archive; sizes of both download types are provided with the download link. The output file is stored on the site’s servers for 12 hours.

Similar tools: Fileminx, Hamster Video Converter and YouConvertIt.

Also read related articles:

5 Easy-to-use Freeware Video Converters

Top Online File Converters (Video, Audio, Images …).

No comments: