For
my Computer Security students. Look at the tools and practices that
were ignored or improperly implemented!
Cryptome
has uploaded Verizon’s forensic investigation of the Stratfor hack
in 2011. Their investigation began in December 2011 and was
concluded in February 2012.
You
can read the report here
(66 pp., pdf).
(Related)
Over
the past few years, I’ve seen more and more references to the idea
that if breached entities
have their legal counsel arrange for a forensics or breach
investigation, the breach investigation would be considered
privileged communications or attorney-client work.
Needless to say, I am not happy at any end-run around transparency
involving breach investigations. While there may well be information
in those reports that should be protected lest attackers learn of
significant security features or vulnerabilities that could put the
entity at future risk, in many cases, companies just want to shield
these reports for fear that customers or the public will be appalled
at any security lapses or poor practices – or that they will use
these reports in litigation against the entity.
Scott
Koller of InformationLawGroup addresses the privilege issue and a
ruling in U.S. ex rel Barko v Halliburton Co., and then
offers some advice for counsel as to how to increase their chances of
being able to claim privilege. Read his comments and suggestions on
InfoLawGroup.
(Related)
What is your data worth? (What if their conclusion is $0.25 per
occurance?)
Press
Association reports:
Patients whose personal information is misused in the new medical
records data-sharing scheme should be able to sue the NHS, a new
report suggests.
People whose data is lost or “irresponsibly used” under the
care.data initiative should be able to claim compensation through the
NHS Litigation Authority, the authors said.
The group of experts established by the Institute of Global Health
Innovation at Imperial College London, with a grant from the Peter
Sowerby Foundation, said the programme is “essential to improve
care”.
Read
more on Yahoo!
UK & Ireland.
Oops!
Ali
Winston reports that as a lawsuit concerning a stop based on an
erroneous license plate reading goes to trial in California, privacy
and accuracy concerns continue to grow.
Documents obtained by the Center
for Investigative Reporting show that a leading maker of
license-plate readers wants to merge the vehicle identification
technology with other sources of identifying information. Vigilant
Solutions is pushing a system that eventually could help fuse public
records, license plates and facial recognition databases for police
in the field.
Livermore firm
The Livermore company released facial recognition software last year
for use in stationary and mobile devices. The technology uses
algorithms to determine whether a person’s face matches that of
someone in a law enforcement database. Like license-plate readers,
privacy advocates say, the technology can make incorrect
identifications that ensnare innocent people.
Read
more on SFGate.
See
what others have spied on?
–
is a Google Maps mashup where you can view YouTube videos of drone
coverage. These are not military drones or promotional drones, but
rather personal drones belonging to private individuals. All videos
are hosted on YouTube, and you can see on the map where the footage
was captured. Just click on one to watch the video footage.
Several
articles that illustrate different aspects of the Internet of Things.
First, a few cautions. What happens in a “cell phone free”
zone? Or on airplanes? Or when a “push” update crashes the
phone? Or when hackers encrypt the software and demand “ransom?”
Now the loss of your smartphone goes from annoying to life
threatening.
'Bionic
Pancreas' Astonishes Diabetes Researchers
A
“bionic pancreas” that uses a smart phone, glucose monitor and
insulin pump to automatically control blood sugar levels helped more
than two dozen people live free of finger pricks and other
troublesome reminders of diabetes, researchers reported Sunday.
And
the system controlled their blood sugar levels far better than they
could have done on their own, the researchers told a meeting of the
American Diabetes Association.
… The team’s been working on making an artificial
pancreas for years, and the first human studies
started in 2008. Their device monitors blood sugar — standing in
for the fingerprick test that people with diabetes must do many times
a day. It delivers insulin when needed and in the right amounts —
something diabetics must do several times a day either with a syringe
or by pressing a button on an insulin pump.
And it does something extra — it delivers another hormone called
glucagon, which brings blood sugar back up when it’s too low.
…
It was specifically the iPhone 4, with a low-energy Bluetooth signal
that could be used to help the various components of the device
communicate.
Would
you be crushed if no one subscribed? (Would you be stalked if they
did?)
Google
Glass App Broadcasts Your Life For Cash
A
new Google Glass app will allow people to live stream their lives –
and even charge people a fee to watch.
Livelens
has launched a version of its app for the pioneering device which can
share video in real-time from the head-mounted display.
The
app includes social features such as commenting on videos, as well as
liking them.
Users
can also monetise their live streams by charging people to watch
their videos, a potential area of income for celebrities.
Will
anyone test and certify “Things” or do we rely on the
manufacturers?
Nest
Protect alarm back on sale, now without the dangerous glitch
After
being pulled
from shelves due to safety concerns, the Nest Protect smart smoke
alarm is now available to buy once again.
The
alarm was pulled after Nest discovered a glitch in the Wave feature
that could deactivate the
alarm without the owner even realising - thus completely
defeating the point of a smoke alarm.
No comments:
Post a Comment