Sunday, May 13, 2012

Does anyone read these articles before they are published? Doesn't this raise more questions than it answers?
California Dept of Social Services notifying over 700,000 In-Home Supportive Services providers and recipients after payroll data lost in the mail
May 12, 2012 by admin
California Department of Social Services is notifying over 700,000 In-Home Supportive Services providers and recipients that their data may have been lost. An FAQ on the department’s web site explains that CDSS became aware of the breach on May 9. The information was in a package that was damaged in transit between a Hewlett Packard processing center and the State Compensation Insurance Fund.
The information included IHSS providers’ names and Social Security numbers as well as their case numbers and provider’s numbers. For recipients, the data included employer identification numbers. [Why not SSAN? Surely the “recipients” do not employ the “providers” – do they? Bob]
The package, which was mailed on April 26 via U.S.P.S., arrived on May 1, but was not intact.
According to Chris Megerian of the Los Angeles Times:
The possibly compromised information, dating from October to December 2011, [Very slow compensation? Bob] for 375,000 workers included names, Social Security numbers and wages. For 326,000 recipients, state identification numbers may have been compromised. [Note that there is almost a one to one “provider” to “recipient” ratio. No wonder health care is expensive! Bob]
Not addressed on the state’s web site were answers to these two questions:
  1. Why was Hewlett Packard using U.S.P.S. to ship payroll data, and
  2. What format were these documents in? It sounds like these may have been paper documents in the package. If so, Why not electronic and secure transmission?
[From the FAQ:
What personal information was released?
The documents that were missing contained the following information:
If you are an IHSS provider
  • Your name
  • Your Social Security number
  • Your IHSS provider number
  • Your IHSS case number
  • If you are an IHSS recipient your employer identification number
[Note that what looks like a simple formatting error hides “recipient” information as a bullet point under “provider” Bob]

It was a lousy marketing idea... Was it also illegal?
wiredmikey writes with a followup to Thursday's news that Adobe was recommending paid software upgrades in lieu of fixing security holes in some of its applications. After receiving criticism for the security bulletin, Adobe changed its mind and announced that it's developing patches to fix the vulnerabilities.
"Developing a patch, especially for three different applications, can be costly and time consuming. Developing these patches consumes development resources, then must run through a QA process, and the patch needs to be communicated and distributed to users. And for a company like Adobe with a massive customer base using its Photoshop, Illustrator, and Flash Professional, the bandwidth cost alone can be substantial. For a popular product that was just over two years old, providing a fix to address a serious security flaw its what customers deserve. And while Adobe may have originally tried to sneak by without addressing the issue and pushing users to upgrade to its new product, the company made the right move in the end."

Useful security tool?
FBI actions mean 350,000 computers – all infected with the “DNSchanger” malware – will be cut off from the Internet on July 9, 2012.
Am I Infected?
Naturally, after reading that, you’re curious to find out whether or not you’re infected. The quickest way to see if your computer is infected with the DNS Changer trojan is to visit this site. If you see red, you’ve got the virus. If you see green, you’re (probably) okay.
There are more things you can do to check; the FBI can help with that. Follow the instructions provided there to figure out whether your DNS servers are good or evil.
Did you find out you’ve got a trojan? Don’t panic! This malware is relatively old, and we’ve outlined more than a few free anti-virus programs that can help.

A new surveillance tool and new privacy questions. Do you suppose every state has radioactivity detectors?
"A Milford, CT man was pulled over when a state police car radioactivity scanner flagged his car as being radioactive. The man had been given a cardiac exam using radioactive dye, and had a note from his physician attesting to this, [Was this incidental or was the “note” in anticipation of this kind of stop? What would have happened if he didn't have a note? Bob] but it raises questions about the legality of the stop. Given that it is not illegal to own or purchase or transport radioactive materials (within limits for hobbyist use), should the police be allowed to stop and search vehicles which show a slight level of radioactivity?"

Making it easy for anyone interested in surveillance? Why not just use the tools & techniques already demonstrated by hackers?
"CNET's Declan McCullagh reported last week on the FBI's argument that the massive shift of communications from the telephone system to the Internet 'has made it far more difficult for the agency to wiretap Americans suspected of illegal activities.' The law has already been expanded once, in 2004, to include broadband networks, but still excludes Web companies. The FBI says its surveillance efforts are in danger of 'going dark' if it is not allowed to monitor the way people communicate now. Not surprisingly, a range of opponents, from privacy advocates to legal experts, disagree — strongly. On key tech hitch with the plan, per ACLU attorney Mark Rumold and others: There is a difference between wiretapping phones and demanding a backdoor to Internet services. 'A backdoor doesn't just make it accessible to the FBI — it makes it vulnerable to others,' Rumold says."

...maybe if you encrypt the note before you upload it?
This note will self-destruct after you read it... Okay, so that's not true, but if this note was written on Burn Note it would be true. Burn Note is a free service for sending messages that self-destruct after they are read by their recipients. To use Burn Note just visit their homepage and start typing your note. When your note is complete a unique URL is generated for you to share. Once that URL has been used by someone else, it no longer works.

Does this surprise anyone?
UK: Trade in sensitive personal data uncovered by secret investigation
May 12, 2012 by Dissent
Mark Townsend reports:
The ease with which private investigators can access highly personal and sensitive information stored in secure government databases has been exposed by a report that will intensify calls to regulate the industry.
An investigation by Channel 4′s Dispatches programme reveals how a London firm of private detectives sold personal data on individuals, including details of bank accounts, benefit claims and even a national insurance number.
Undercover reporters also recorded Stephen Anderson, director of private investigators Crown Intelligence, disclosing medical details including the name of one of the volunteers’ doctors, recent appointments with a GP and, in one instance, confirmation of a medical condition. On several occasions, the investigator provided information for payment that appears to be covered by the Data Protection Act, which makes it an offence to “obtain or disclose data without permission or procure the disclosure to another person”.
Read more on The Guardian.

Perhaps this is how you respond to a Senator. Perhaps this is how a very large team of lawyers “almost-responds” to a Senator. At least Franken asks the questions.
By Dissent, May 12, 2012
Melanie Evans reports:
In comments to U.S. Sen. Al Franken (D-Minn.), Accretive Health rejected a recent report that suggested the healthcare billing and collection company violated emergency-room access, patient privacy and debt collection laws.
Accretive’s 29-page comment letter (PDF) came in response to questions from the senator following a highly critical report from Minnesota’s attorney general on Accretive’s business practices. The report said Accretive employees, under contract for Fairview Health Services, sought payment from emergency room and hospital patients before or as they sought care.
Read more on Modern Healthcare. The data breach part of their response begins on p. 24 of Accretive’s letter.

Loss leader or advertising gimmick or an attempt to replace the world's libraries?
Pottermore CEO: New Amazon deal so big, any lost Harry Potter sales “more than made up for”
Here’s the “wizardry” that Amazon teased yesterday: Through an “exclusive license” with Pottermore, Amazon will make all seven Harry Potter e-books free through the Kindle Owners’ Lending Library starting June 19. KOLL allows Amazon Prime members who own a Kindle to borrow one e-book free each month.
… “It’s a commercial deal that makes sense even with a level of cannibalization of my sales,” Pottermore CEO Charlie Redmayne tells paidContent, “but I believe it will actually drive greater sales.” [Baen Publishing has been giving away electronic versions of many of their books for years and have always seen sales go up. Bob]
“The way the deal is structured means that any lost sales are more than made up for,” Redmayne says. “Yes, some people will borrow from the Kindle Owners’ Lending Library and therefore not buy, but Amazon is paying us a large amount of money for that right, and I believe it’s a commercial deal that makes sense.”

View it for the “sources and uses” of energy – not what I thought...
May 12, 2012
CBO Publishes Report and Infographic on Energy Security in the United States
  • "Energy use is pervasive throughout the U.S. economy. Households and businesses use energy from oil, natural gas, coal, nuclear power, and renewable sources (such as wind and the sun) to generate electricity, provide transportation, and heat and cool buildings. In 2010, energy consumption represented 8.4 percent of U.S. gross domestic product. Disruptions in the supply of commodities used to produce energy tend to raise energy prices, imposing an increased burden on U.S. households and businesses. Disruptions can also reduce the nation’s economic output and thus people’s income. This paper examines energy security in the United States—that is, the ability of U.S. households and businesses to accommodate disruptions of supply in energy markets—and actions that the government could take to reduce the effects of such disruptions."

Perspective An Infographic

My online Math Lab uses a strip of film to indicate a video. Problem is, what do you replace these icons with?
"The Floppy Disk Icon, observes Scott Hanselman, means 'save' for a whole generation of people who have never seen one. That, and other old people icons that don't make sense anymore — Radio Buttons, Clipboards, Bookmarks, Address Books and Calendars, Voicemail, Manila Folder, Handset Phone, Magnifying Glass and Binoculars, Envelopes, Wrenches and Gears, Microphones, Photography, Televisions, Carbon Copies and Blueprints — are the subject of Hanselman's post on icons that are near or past retirement age, whose continued use is likely to make them iconic glyphs whose origins are shrouded in mystery to many."

This could be very interesting if we connect it to our free e-textbooks...
Daily Pages is a free to use web service that will email you a chapter of a book every so often. When you visit the site you will find a list of books that you can browse through. In front of each book you will find the number of its members and the number of upcoming readings to be emailed to its group list.

No comments: