Sunday, May 01, 2016
If you think encrypting a laptop is too expensive, consider what it might cost to lose an unencrypted laptop.
Bill Mah reports that a lawsuit filed after a 2013 Medicentres breach has settled. The incident involved a laptop with information on 620,000 Albertans being stolen from the clinic. The laptop belonged to an employee of their IT consultant, AbleIT Inc. The Privacy Commissioner would later rule that the clinic had failed to adequately protect their patients’ information.
According to Mah:
The settlement totals $725,000 to resolve credit damage, mental distress, increased risk of future identity theft and time and costs associated with preventing identity theft, according to a notice posted on the website of James H. Brown and Associates, an Edmonton law firm working with Calgary-based D’Arcy Deacon on the lawsuit.
The lawsuit originally sought $11 million.
Read more on Edmonton Journal.
Have you noticed that all of the FBI’s “secret” programs, tools and techniques seem to leak? And sooner rather than later!
Former Tor developer created malware for the FBI to hack Tor users
How does the U.S. government beat Tor, the anonymity software used by millions of people around the world? By hiring someone with experience on the inside.
A former Tor Project developer created malware for the Federal Bureau of Investigation that allowed agents to unmask users of the anonymity software.
Matt Edman is a cybersecurity expert who worked as a part-time employee at Tor Project, the nonprofit that builds Tor software and maintains the network, almost a decade ago.
Since then, he's developed potent malware used by law enforcement to unmask Tor users. It's been wielded in multiple investigations by federal law-enforcement and U.S. intelligence agencies in several high-profile cases.
… Tor is widely considered one of the most important and powerful Internet privacy tools ever made. The project has received the majority of its funding from the U.S. government.
“This is the U.S. government that's hacking itself, at the end of the day,” ACLU technologist Chris Soghoian told the Daily Dot in a phone interview. “One arm of the U.S. government is funding this thing, the other is tasked with hacking it.”
… The malware targeted the Flash inside the Tor Browser. The Tor Project has long warned against using Flash as unsafe but many people—including the dozens revealed in Operation Torpedo—often make security mistakes, just as they do with all types of software.
Interesting. Not that they made the projection, but that anyone at this level remembered where they predicted encryption to be in seven (not five or ten) years.
THE DIRECTOR OF NATIONAL INTELLIGENCE on Monday blamed NSA whistleblower Edward Snowden for advancing the development of user-friendly, widely available strong encryption.
… When pressed by The Intercept to explain his figure, Clapper said it came from the National Security Agency. “The projected growth maturation and installation of commercially available encryption — what they had forecasted for seven years ahead, three years ago, was accelerated to now, because of the revelation of the leaks.”
Something for my Computer Security class.
IBM Defines Security Standards For Running Blockchain In The Cloud
… “We are enumerating a set of standards that we think are critical to running production watching networks, especially for companies that are regulated,” says Jerry Cuomo, IBM’s vice president of blockchain, adding that this will help several industries, including financial services, healthcare and government, deal with data security regulations.
… The new standards provide companies experimenting on IBM’s cloud-based blockchain networks the ability to create comprehensive log data that can be used for audits and compliance.
… Blockchain technology is shorthand for a ledger held on multiple computers that records all the transactions being tracked. It obviates the need for a middleman, since cryptography makes the record immutable and tamper-proof, thereby increasing efficiency and lowering costs. The technology also enables companies to offer new products and services that are too expensive or impossible with current systems.
[For more on Blockchain: http://www.ibm.com/blockchain/
Dilbert on e-voting?