- Matt Doyle (the Accretive employee whose laptop was stolen) should not have had access to patient data.
Sunday, April 29, 2012
'cause this was actually a big deal.
Google releases FCC report on Street View probe
April 28, 2012 by Dissent
If there’s damning evidence against you, best to get the story out yourself – and best to get it out on the weekend when fewer people follow news.
Jessica Guynn has a must-read piece in today’s L.A. Times about the FCC’s investigation of Google’s wi-fi breach. Google has reportedly released the entire report, only redacting employees’ names. But here’s the kicker:
The report points the finger at a rogue engineer who, it says, intentionally wrote software code that captured payload data information — communication over the Internet including emails, passwords and search history — from unprotected wireless networks, going beyond what Google says it intended. The engineer invoked his 5th Amendment right and declined to speak to the FCC. [It's good to employ the occasional “mad scientist” Bob]
But the FCC raises the question of whether engineers and managers on the Street View project did know — or should have known — that the data was being collected.
According to the FCC report: The engineer in question told two other engineers, including a senior manager, that he was collecting the payload data. He also gave the entire Street View team a copy of a document in October 2006 that detailed his work on Street View. In it, he noted that Google would be logging such data.
Those working on Street View told the FCC they had no knowledge that the payload data was being collected. Managers of the Street View program said they did not read the October 2006 document. [Believe what you will... Bob]
Read more in the L.A. Times.
So far, I’ve not found a copy of the actual
report itself, but hopefully someone will point me to it.
Thanks to @rford and @Walshman23 for pointing me to the actual
On Thursday, Google had blasted the FCC over its handling of the Street View probe and its fine for obstructing the investigation, which Google had agreed to pay. The FCC had dropped its investigation in terms of the actual core issues. In light of today’s news, one wonders why they did as it seems there was actually some evidence that the collection of unsecured wi-fi data was intentional on at least one employee’s part.
Update: Okay, now that I’ve read their report, I do understand why they didn’t pursue it. The legal issue boils down to if you’re using unsecured wi-fi, you are making your transmissions available to the general public, and the prohibitions of the Wiretap Act do not apply. [Do you think anyone at the FCC knew that before they wasted all of my tax dollars on this investigation? Bob]
It's too late to take Security seriously... Bits from a long article
By Dissent, April 28, 2012
If you were to search DataLossDB.org to find out what we knew about data breaches involving Accretive Health, you would have found one incident from last year. But that may be the tip of the iceberg. Christopher Snowbeck of Pioneer Press reports that there were others:
When a laptop computer was stolen last summer from the locked car of an Accretive Health employee, it wasn’t the first time.
In June 2010, another employee at Accretive – a Chicago-based consultant hired by the Fairview health system to work on billing issues – reported that his laptop had been stolen from a locked car parked outside a restaurant in Roseville.
In the Roseville case, the laptop was encrypted and the computer was rendered inoperable about two hours after the theft, according to documents released this week by state Attorney General Lori Swanson. So it wasn’t considered a security breach that put patient records at risk.
But lightning struck again in late July 2011, when another Accretive Health employee’s laptop was reported stolen from a locked car in Minneapolis. In the second case, the laptop wasn’t encrypted and the Fairview and North Memorial health systems wound up having to notify thousands of patients about the risk to their personal health information.
The sequence of events is part of the reason Sen. Al Franken, D-Minn., turned up the heat on Accretive Health on Friday, April 27, with a letter to the company’s CEO demanding answers to a series of questions.
“The report states that Accretive employees lost six laptops to theft in three separate incidents,” Franken’s letter states. “Is this accurate?”
Fairview and Accretive officials have said there’s no evidence [Not the same as no complaints or suspicions Bob] that any patient has been harmed by the laptop theft in Minneapolis. But they have not previously disclosed details about the June 2010 theft or the possibility that there might be a pattern of lost laptops.
Read more on Pioneer Press.
… Another shocking revelation in the Attorney General’s report was contained in a November 2011 presentation prepared by Accretive for Fairview. It noted, in part:
(p. 11, Volume 3). Significantly, not only should Doyle not have had access to patient data, but he comingled data from Fairview with St. John’s Hospital in Michigan – even though he shouldn’t have had the latter’s data more than a year after he left that site (Volume 6, p. 14)
… This may turn out to be one of those incidents where a breach actually does kill a business. Accretive’s stock had already dropped following the January announcement of the Attorney General’s lawsuit against them and the release of the 6-volume report triggered a 42% drop in stock prices and an investor lawsuit. Now, just 12 hours ago, Accretive announced that it had lost its contract with Fairview:
Accretive Health, Inc. (NYSE: AH - News) said today that it has received notice of termination from Fairview Health Services of its Quality and Total Cost of Care (“QTCC”) services contract. The terms of the transition have yet to be determined. The Company will update its business outlook on its quarterly earnings call on May 9, 2012.
(Related) Long letter omitted. Have fun answering this Accretive.
I suggest a year-round season on drones, with no bag limit. No doubt the paparazzi will arm themselves so celebrities will need anti-drone surface to air missiles. GreenPeace will want torpedoes for whaling ships. Tree-huggers will want missiles that “home on chain saws.” Where will the Privacy-Arms race end? Another “technology outstrips law issue?”
Hunting group to sue over remote UAV surveillance
April 28, 2012 by Dissent
In a statement, the Federation for Hunting & Conservation – Malta (FKNK), has said that “on behalf of all of its members in principle and on behalf of several of its members who have been filmed without their consent, intends to press charges in Court against German-based CABS personnel.”
“The charges will include, but are not limited to: harassment; intrusion of privacy; trespassing; spying; flying of an unmanned remote-controlled aircraft equipped with video-recording equipment at a low altitude over private property; landing of this aircraft on private-owned land; unauthorised video and photo shooting; breach of local air-traffic control regulations and related dangers; etc,” CABS said.
Read more on Gozo News.
For those as confused as I was, CABS is the Committee Against Bird Slaughter. A news item on CAB’s site this week reported:
A model aircraft employed by the Committee Against Bird Slaughter (CABS) and the German TV station RTL to discover active illegal trapping sites has been shot down. The aircraft, equipped with a video camera, was hit yesterday by shotgun pellets, but no serious damage was caused. The aircraft has been operating since the beginning of the week and had already filmed four active trapping installations from the air. A huge clap net was detected in the south of Malta yesterday. Police seized the nets as well as some half a dozen protected bird species including Robins, Yellow Wagtail and Collared Doves. (More here)
Because trivial stuff ain't worth protecting?
"In what may win awards for the silliest-sounding lawsuit of the year, a case about whether Facebook 'likes' qualify for free speech protection under the First Amendment has ended in a decisive 'no.' In the run-up to an election for Sheriff, some of the incumbent's employees made their support for the challenger known by 'liking' his page on Facebook. After the incumbent won re-election, the employees were terminated, supposedly because of budget concerns. The employees had taken a few other actions as well — bumper stickers and cookouts — but they couldn't prove the Sheriff was aware of them. The judge thus ruled that 'merely "liking" a Facebook page is insufficient speech to merit constitutional protection. In cases where courts have found that constitutional speech protections extended to Facebook posts, actual statements existed within the record.'"
One of my Math students plans to write his own algorithm. Perhaps studying this one will help. Bob's Tip: If you do find a successful algorithm, keep it to yourself (and your math professor)
"The BBC has a fascinating story about how a mathematical formula revolutionized the world of finance — and ultimately could have been responsible for its downfall. The Black-Scholes mathematical model, introduced in the 70s, opened up the world of options, futures, and derivatives trading in a way that nothing before or since has accomplished. Its phenomenal success and widespread adoption lead to Myron Scholes winning a Nobel prize in economics. Yet the widespread adoption of the model may have been responsible for the financial crisis of the past few years. It's interesting to ponder how algorithms and formulas that we work on today could fundamentally influence humanity's future."
This could be handy for grabbing the occasional cartoon.
… All the user is required to do is download the extension from the Firefox addon repository and configure the add-on to include the folders where the images can be saved. Once done, just navigate to any image on a webpage, right-click, choose the option “Save Images in Folder” and select the folder in which you want to save the image.
I don't have dedicated eBook readers, but I do have the Kindle app on my PC.
Calibre allows you to convert eBooks from any format to any other format. So, if you download a book that isn’t supported on your reader, there is no need to worry, simply use Calibre, and you will be good to go. There is almost no format that Calibre does not support. For the complete list, click here.
If all that wasn’t enough, Calibre has a beautiful eBook reader built-in. This way, if you don’t have a dedicated reader, you can use Calibre to read your favorite books right on your computer.
Similar tools: EPUB To MOBI, GrabMyBooks, EPubReader, Epub2Go, Wikipedia Book Creator, MyEbook and Zinepal.