Another “We're not sure...” breach report. Why would data need to be stored at all? Couldn't the machine upload information to a secure, central repository immediately?
http://www.phiprivacy.net/?p=5929
Baylor Health Care System notifies over 8,000 patients after portable ultrasound machine with PHI is stolen
By Dissent, February 15, 2011
Baylor Heart and Vascular Center in Texas reports that over 8,000 patients might have been affected by the theft of a portable ultrasound diagnostic machine. The device was stolen from a patient’s room in Baylor’s Jack and Jane Hamilton Heart and Vascular Hospital (BHVH) in Dallas on the evening of December 2 or the early morning of December 3, 2010. A statement on Baylor Health Care System’s site linked from their home page says:
We believe the ultrasound machine may have contained limited data on a small number of patients seen at the hospital from December 26, 2006 to December 2, 2010. Patient health information on the machine is limited to patient names, dates of birth, blood pressure, height, weight, and limited health information in the form of ultrasound images of patient’s hearts. Approximately 8,000 patient procedures were performed on the ultrasound machine. However, Baylor believes only a very small fraction of the 8,000 patients’ information was actually contained on the device because the data is regularly purged and overwritten. Therefore, Baylor is not able to determine exactly which patients’ information was on the device. Out of an abundance of caution, Baylor is notifying all patients that could have information contained on the device.
In its notification to the U.S. Dept. of Health & Human Service, Baylor reported that 8,241 patients were being notified.
Baylor also indicated that the stolen machine contained patient health information from patients of both BHVH and Baylor University Medical Center at Dallas. No financial information or social security numbers were affected.
Coming soon to a school near you!
http://www.pogowasright.org/?p=20866
FERPA’s “directory information” inconsistent with privacy protection
February 16, 2011 by Dissent
A Princeton student who tried to raise awareness about how much information the university makes available about students online may have bought himself some trouble with the university.
Anastasya Lloyd-Damnjanovic reports:
“Congrats on using Gmail for your Princeton email,” Dan Li ’11 wrote in the hundreds of e-mails he sent out over the last few days to students who forward e-mails from their Princeton accounts to their Gmail e-mail addresses. “If you’re creeped out because I know your Gmail address, read on.”
The e-mails included personal details about each student including their names, e-mail and mailing addresses, dorm room addresses and student identification numbers, which, he said, were publicly accessible through the University’s web-based directory.
Li said he sent the e-mails in an effort to raise awareness about a perceived security breach in the University’s Lightweight Directory Access Protocol server that could allow anyone outside the community to access the personal information about students that Li included in his e-mails.
Read more on The Daily Princetonian.
Toward ubiquitous surveillance...
http://news.cnet.com/8301-17852_3-20032150-71.html
Police chief: Hack your kids' Facebook passwords
Where are your kids tonight? Virtually speaking.
… The police chief of Mahwah, N.J., James Batelli, believes that you shouldn't be sitting there and wondering. He believes parents should be using any methods they can to spy on their kids.
… Batelli reportedly sees nothing wrong with using spyware to monitor their every virtual move and hack their passwords to Facebook and any other site for which they might have a regular fondness.
Indeed, his detectives hold free seminars to teach parents how to install spyware on all their computers at home.
… "If it means buying an $80 package of software and putting it on and seeing some inappropriate words you don't want your child to say. Then that's part of society," he told NBC New York.
Unfortunately, another part of society is that kids tend to be more adept computer-wise than their parents. What will happen when the kids realize they're being spied on? What kind of pouting might such an outing cause? And what might kids find if, in retaliation, they decide to hack into their parents' laptops?
(Related) Would this be a way around Internet spyware? (Yes, Bob, it would.)
Facebook-Direct Phones — and Facebook Right On the SIM
"Gemalto, a Dutch digital security company, has announced Facebook for SIM at the Mobile World Congress in Barcelona. The company's software development team has effectively shrunk Facebook down so that it fits onto a standard SIM card, enabling anyone with a GSM phone to enjoy the service even if without a data plan. In fact, the company is claiming the Facebook application is compatible with 100 percent of SIM-compliant mobile phones. As a result, it works on prepaid as well as on subscription-based mobile plans. In doing so, Gemalto is offering Facebook to millions of mobile phone users regardless of their handset type. Facebook for SIM doesn't require a data connection because it taps into a handset's SMS connectivity to allow the user to interact with the service; users can sign up for Facebook, log in directly, and even check out friend requests, status updates, wall posts, and messages, all via the dedicated SIM application."
And if that's just a bit too Facebook-centric for you, a notch down are two phones from HTC just announced in Barcelona, the Salsa and the ChaCha, with dedicated Facebook buttons.
Interesting, if true.
On Retirement, Israeli General Takes Credit for Stuxnet Attacks
"Last month, The New York Times run a story about Stuxnet having been developed by the Americans and the Israelis as a part of a joint project, but it was based on the claims by confidential sources. But, it now seems that the information from these sources was correct. The Haaretz — Israel's oldest daily newspaper — reports about the a surprising video that was played at a party organized for General Gabi Ashkenazi's last day on the job."
Sneaky, I love it
Could Your Firm's E-Mail Policy Run Afoul of the Federal Wiretap Act?
The act's robust damages scheme triggers a significant risk profile because businesses can now violate the Federal Wiretap Act much more easily and much more frequently than in the past. The act makes it unlawful intentionally to intercept an oral, wire or electronic communication using an electronic, mechanical, or other device.
Courts have consistently rejected claims by employees seeking to apply this statutory language to an employer's review of stored e-mail, holding that an "interception" under the act requires the acquisition of the content of an e-mail contemporaneously with transmission, not in storage. Because e-mail, by its very nature, cannot easily be acquired in transmission, this line of authority seemed to insulate employers from the act's rich remedial scheme.
A recent decision by the 7th U.S. Circuit Court of Appeals, however, has raised the specter of substantial civil liability for unlawful interceptions despite extant precedent in the area. In U.S. v. Szymuszkiewicz, the court affirmed the criminal conviction for Federal Wiretap Act violations of an IRS agent who, unbeknownst to his supervisor, activated the supervisor's Microsoft Outlook "autoforwarding" feature.
… The 7th Circuit's decision turned principally on whether autoforwarding e-mail constitutes an "interception" as defined by the Federal Wiretap Act. The court answered that question in the affirmative because the autoforwarding permitted the IRS agent to obtain the content of e-mail stored in his supervisor's e-mail inbox.
The 7th Circuit's decision is significant for employers because corporate IT departments commonly use Outlook's autoforwarding feature. IT departments, for example, routinely activate this feature after an employee has left an organization, or when an employee is on an extended leave of absence, so that a supervisor or co-worker can promptly respond to e-mail intended for the employee.
It also is not uncommon for corporate IT departments to rely on "e-mail journaling" to create a duplicate set of outgoing and incoming e-mail for archival purposes. Journaling essentially functions the same as autoforwarding except that the duplicate e-mail content is stored on a server for possible future retrieval rather than being transmitted directly to a third party's e-mail inbox.
E-mail journaling is a basic tool of electronic discovery as it permits the automated preservation of e-mail.
For my Computer Security students.
Your guide to the seven types of malicious hackers
Cyber criminals
Spammers and adware spreaders
Advanced persistent threat (APT) agents
Corporate spies
Hactivists
Cyber warriors
Rogue hackers
Are Facebook users paranoid enough to use this? I kinda doubt it.
http://www.makeuseof.com/tag/check-accessing-facebook-account/
How To Check If Someone Else Is Accessing Your Facebook Account
Tools for Geeks. You need this to move an OS from one machine to another, right?
http://www.makeuseof.com/tag/remove-windows-activation-install-computer/
How To Remove Windows Activation So You Can Install On A Different Computer
With piracy a constant concern for computer software companies, methods of registering and validating software are now the norm. Operating systems are no different. Microsoft Windows has long used a product key that validates the operating system.
The complexity of the validation used, however, has increased over time. Today, Microsoft has online activation servers that must validate your installation key, and your installation key is often tied to your computer. Installing a copy of Windows with the same key on a different computer can cause issues, but it’s possible to get around them.
(Related) For those intense 'cut & paste' projects...
http://www.makeuseof.com/tag/computers-text-clipboard-history-clipcube-windows/
Keep Your Computer’s Text Clipboard History With ClipCube [Windows]
You need to copy every item that you want to paste, even though that item has been copied to the clipboard before. If you are working with a long document and need to copy and paste multiple items several times, this limitation is really inconvenient.
That’s why we have clipboard managers. These tools will create a larger clipboard that can keep more items inside, keep a track of clipboard history, and give access to users to easily choose and paste any item from the history. There are many clipboard managers out there, but if you want a really tiny and portable one that handles nothing beyond text, maybe you could try ClipCube.
(Related)
http://www.makeuseof.com/tag/download-windows-speed-free-pc-tune-guide/
Windows on Speed: Ultimate PC Acceleration Manual
DOWNLOAD Windows On Speed or Read now on Scribd
No comments:
Post a Comment