...and the nominees for the Forrest
Gump “Stupid is as stupid does” award are:...
By Dissent,
November 4, 2011
Public notice from UCLA Health System,
posted
today on their web site:
The UCLA Health
System is notifying thousands of patients by mail that on Sept. 6,
2011, an external computer hard drive that contained some personal
information on 16,288 patients was among a number of items stolen
during a home invasion. Although this information
was encrypted, the password necessary to unscramble the information
was written on a piece of paper near the hard drive and cannot be
located.
What changes a companies mind?
(someone pointing out reality?)
By Dissent,
November 4, 2011
TRICARE,
the military health program, has
directed its business associate, Science Applications
International Corp., to offer one year’s worth of free credit
monitoring and restoration services to the 4.9 million beneficiaries
affected by a recent breach.
Earlier, TRICARE
had announced that it would not offer credit monitoring services,
citing the minimal risk involved in the breach, which involved backup
tapes stolen from an SAIC employee’s car.
Read more on
GovInfoSecurity.com
(Related) It is bigger than initially
reported (that's common) perhaps it is also riskier?
By Dissent,
November 4, 2011
The HHS breach tool has been updated
and I noticed that the SAIC/TRICARE
breach entry has been added. I also noticed that although media
reports had the breach as affecting 4.9 million, the actual number
appears to be 5,117,799. A lawsuit has been filed against the
Department of Defense after backup tapes were stolen from a SAIC
employee’s car that had been left unattended.
Would we react differently if they were
domestic spies?
Foreign
Spies Stealing US Economic Secrets in Cyberspace
November 4, 2011 16:41
Source: Office of the Director of
National Intelligence, Office of the National Counterintelligence
Executive
From the publication
web page:
The threat to the
United States from foreign economic collection and industrial
espionage is appraised in these annual reports to Congress.
This [year's]
report differs from previous editions in three important ways. The
first and most significant is the focus. This report
gives special attention to foreign collectors' exploitation of
cyberspace, while not excluding other established tactics
and methods used in foreign economic collection and industrial
espionage. This reflects the fact that nearly all
business records, research results, and other sensitive economic or
technology-related information now exist primarily in digital form.
Cyberspace makes it possible for foreign collectors to gather
enormous quantities of information quickly and with little risk,
whether via remote exploitation of victims' computer networks,
downloads of data to external media devices, or e-mail messages
transmitting sensitive information.
+ Link
to full report (PDF; 2.69 MB)
So perhaps you should use Times New
Roman?
Microsoft
defends against espionage virus
Microsoft has released a temporary
software patch to defend against the threat from Duqu, an espionage
virus thought to be closely related to Stuxnet, the cyber attack that
disrupted the Iranian nuclear programme.
… Microsoft said it exploited a
vulnerability
in the Windows TrueType font parsing engine to gain
control of infected computers.
Worth a read. Who would do this in the
US?
Snooping
councils, phone hacking, CCTV… time to reform surveillance laws?
November 4, 2011 by Dissent
Adam Wagner writes:
JUSTICE,
a law reform and human rights organisation, has today published a
significant and wide-ranging critique of state surveillance powers
contained in the Regulation
of Investigatory Powers Act (RIPA).
The report -
Freedom
from Suspicion – Surveillance Reform for a Digital Age – is
by Eric
Metcalfe, former director of JUSTICE and recently returned to
practise as a barrister. It reveals some pretty stunning statistics:
for example, in total, there have been close to three million
decisions taken by public bodies under RIPA in the last decade.
Read more on Adam’s excellent blog,
UK
Human Rights Blog.
...and now, no one needs to go postal!
USPS
Need Not Disclose Psych Tests to Union
November 4, 2011 by Dissent
Julia Filip reports:
The U.S. Postal
Service was justified in refusing to let its workers’ union access
the confidential test scores of 22 employees without written consent,
the 1st Circuit ruled.
Though the
National Labor Relations Board had found that the
union’s collective bargaining interests outweighed employees’
privacy interests, the Boston-based federal appeals court
disagreed.
Read more about this case on Courthouse
News.
[From the article:
"The Privacy Act notices
first reaffirmed to applicants that their information would be kept
private, and then alerted them to possible, limited disclosures,"
Chief Judge Sandra Lynch wrote for the court. "The
notices did not wipe out all expectations of privacy."
The routine-use exception allows
disclosure of relevant information to labor organizations, but it
does not mandate such disclosure unconditionally, the order states.
"Thus, the fact that
information may be disclosed 'as required by law' does not itself
defeat all expectations of privacy, nor does it create an expectation
that the information will be disclosed automatically whenever it is
relevant to a union," Lynch added.
I can see the opportunity for so real
geeky humor here. Hack the system so clicking on the icon gives more
amusing reasons for the ads... “Because you NEED
deodorant!”
New
Google ‘Transparency’ Feature Aims to Reduce Ad-Targeting
Creepiness
Google’s bread and butter is its
targeted advertising technology, a multi-billion dollar business that
includes tailors ad results to the browsing habits of individual
users. The problem is, the better Google gets at guessing which ads
we might want to see, the creepier its system feels.
Google wants to change that. The
company just announced plans to roll out a new feature that provides
clarity (or “transparency” in Google parlance) on why you receive
certain ads on Google’s sites. A simple icon labeled “Why these
ads” will soon begin appearing next to advertisements in Google
Search and Gmail. Click on the icon, and you’ll get information on
why the ad was personalized just for you.
Books you can read when the snowdrifts
block the door...
"The book Digital
Assassination: Protecting Your Reputation, Brand, or Business Against
Online Attacks says businesses that take days to respond
to social media issues are way behind the curve. Social media
operates in real-time, and responses need to be almost as quick. In
a valuable new book on the topic, Securing
the Clicks Network Security in the Age of Social Media,
Gary Bahadur, Jason Inasi and Alex de Carvalho provide the reader
with a comprehensive overview on how not to be a victim of social
media based security problems."
Read on for the rest of Ben's review.
Perspective: I can't see lots of
Facebook programmers working for minimum wage and Social Networking
access...
Facebook
Access More Important Than Salary To Many Young Professionals
… Cisco Systems has just released
its second annual "Connected
World Technology Report." And the study reveals a series of
data points that speak to the centrality of digital and mobile
technology, as well as social media, to the professional expectations
and habits of Generation Y.
But among the most glaring conclusions
are the following two: 40 percent of college students and 45 percent
of young professionals would accept a lower-paying job if it had more
access to social media; a third of respondents consider the Internet
as important as air, water, food and shelter. (Generation Y is
roughly defined as having been born after Generation X -- some
sources put the Gen Y starting point as the late 1970s and its end
point as late as the beginning of the 21st century.)
(Related) Apparently, hactivists feel
the same way!
Anonymous
rejects a 5th November attack on Facebook
THE WIDER PART of the Anonymous
hacktivist group has again publicly denounced a proposal to attack
the social networking web site Facebook.
No comments:
Post a Comment