Sunday, November 13, 2016
If Admin accounts are compromised, repair can be difficult. (How’s that for understatement?)
Lee Johnstone reports:
Earlier today a hacker using the handle @CyberZeist announced a breach on the Washington state government website.
Today’s breach was announced on twitter and posted to pastebin [link removed by DataBreaches.net], and it contained 59 administrator accounts with user email addresses, encrypted passwords and salts.
Read more on CyberWarNews.info.
A not-so-amusing question.
Here’s a situation to consider:
At least two Dutch hospitals have stopped using a pre-natal test for Down’s and other syndromes after it emerged the Belgian firm carrying out the testing is using the women’s private information for commercial purposes.
Broadcaster BNR reported that the Gendia laboratory is approaching women who said on their health records there is cancer in their families about cancer screening. This, BNR says, is against both Dutch and EU privacy regulations. Amsterdam’s OLVG hospital group and the Westfries Gasthuis in Hoorn have both stopped working with the Belgian firm. ‘We do not want to be associated with this practice in any way whatsoever,’ the OLVG group said in a statement.
Read more on DutchNews.nl.
So…. is Gendia the only lab that conducts such testing? Will the hospitals that have stopped working with them still be able to provide testing to women?
As to Gendia’s point that it has a duty to let women know, that’s an interesting approach/defense – that they have an obligation to ignore or de-prioritize privacy in service of health. But it doesn’t fly with me. Shouldn’t the women’s primary care physicians or existing health providers be informing them of such testing if they think their patient should have it?
I respect what the hospitals are doing and the Dutch and EU privacy regulations. This is one of those situations where consent or opt-in is important to protect privacy. That said, how often do our primary care physicians fail to refer us for necessary tests or treatment evaluations? Might you actually be grateful at some point that a lab or commercial entity contacted you about their services, even if they shouldn’t have?
Just something else to think about….
What preventive measures do insurers require before they insure? Notice that they knew how to upgrade their security after the attack. Why not before?
There’s an update to a ransomware attack on Lansing Board of Water & Light that had been reported back in May. The Lansing State Journal reported this week:
The Lansing Board of Water & Light paid a $25,000 ransom to unlock its internal communications systems after they were disabled by a cyberattack last spring, officials said Tuesday.
BWL General Manager Dick Peffley pegged the cost of responding to the emergency, including the ransom and technology upgrades to prevent future attacks, at $2.4 million. All but $500,000 of those costs are covered by insurance, he said.
” … Paying the ransom was distasteful and disgusting, but sadly necessary,” Peffley said during a meeting of the BWL Board of Commissioners’ Committee of the Whole on Tuesday night. Paying the ransom was “the only action we could take to unlock our system and free it from the ransomware.”
Read more on the Lansing State Journal.
For my Software Architecture students. Was there adequate testing?
Juha Saarinen reports:
Retailer Big W‘s website remains in browsing-only mode after a glitch meant shoppers were shown the personal information of other customers.
In a notice to customers, Big W said the “technical issue” occured on Thursday November 10 between 1.50pm and 3pm.
It meant “the first stage of the checkout process [was] pre-populated with the personal information of another customer”.
The data leak included a customer’s name, phone and address.
Read more on ITnews.
Isn’t this something the Board of Directors should be monitoring closely?
Wells Fargo Found Potential Issues With Its Ethics Line
Wells Fargo & Co. Chief Executive Timothy Sloan said during a town-hall meeting Thursday that the bank found “some instances” where reports by employees of bad behavior to its ethics line weren’t handled appropriately, according to remarks reviewed by The Wall Street Journal. This follows allegations that some employees faced retaliation for reporting issues that later came to light as part of its sales-practices scandal.
… Mr. Sloan also said in the town hall that the bank launched its first ethics and integrity survey last month, with responses from more than 7,000 employees who identified “areas for improvement.”
Interesting. Rust is not a big problem here in Colorado, but in New Jersey “Rust Happens!”
Toyota to settle U.S. truck rust lawsuit for up to $3.4 billion
Toyota Motor Corp (7203.T) has agreed to a settlement of up to $3.4 billion for a federal class action brought by U.S. owners of pickup trucks and SUVs whose frames could rust through, plaintiffs lawyers have said in court papers.
The proposed settlement covers about 1.5 million Tacoma compact pickups, Tundra full-size pickups and Sequoia SUVs alleged to have received inadequate rust protection that could lead to corrosion serious enough to jeopardize their structural integrity, according to court papers.
This should be amusing.
HP fight about $11 billion takeover sees former Autonomy executive indicted on felony charges
Hewlett Packard complained bitterly that it had been deceived in its disastrous $11 billion acquisition of enterprise software firm Autonomy in 2011. This week, federal prosecutors echoed that claim, indicting Autonomy’s former chief financial officer on felony fraud charges.
… After buying the British company, HP was immediately criticized by analysts for paying too much. A year later, HP announced it had written down $8.8 billion of value in Autonomy, more than $5 billion of that because of alleged accounting improprieties and misrepresentation of finances by Autonomy. Last year, HP reached a $100 million settlement in a class-action lawsuit by shareholders claiming investors were harmed by HP’s pre-purchase hype of the acquisition.
This would be far easier in a cash-free society.
Banks Lure $30 Billion Deposits as Indians Struggle to Find Cash
Indian government’s surprise move to ban high-denomination banknotes on Nov. 8 has seen lenders lure 2 trillion rupees ($29.8 billion), as customers across the nation queue for hours to deposit the old bills.
The decision has also put tremendous pressure on the banking system to replenish the funds, as the banned bills accounted for 86 percent of money in circulation.
… Lenders have been caught out by Prime Minister Narendra Modi’s unexpected and widely-praised announcement of the withdrawal of 500-rupee and 1,000-rupee notes, part of a crackdown on tax evasion and the underground economy.
We’ll probably take a couple of Quarters to turn this into a course.
IBM Provides Developer Kits to Jumpstart Working with Watson
IBM announced recently that they are making it easier for developers to jump into machine learning. At the World of Watson conference, the IBM Cloud-based Watson Data Platform with Machine Learning was launched.
… Laura Bennett, Development Manager for Watson Application Starter Kits, demonstrated the new Developers Starter Kits, a collection of REST APIs, SDKs, and samples that use cognitive computing to solve complex problems. The SDKs have been expanded and users can now code in variety of languages, including SQL, Python, R, Java, and Scala, Node.js, i/OS or Android. In addition, more than 20 ecosystem partner APIs are available to extend the platform services including Twilio, Box, IoT, Insights for Twitter, Weather Insights, Cloudant DB, and Facebook Messenger.
Starter kits are robust, including not only the expected documentation and samples, but models pre-trained for common use cases, notebooks, utilities, bundled APIs, and code templates available on GitHub.
For example, the News Intelligence Kit uses AlchemyLanguage, a collection of APIs that analyze text through natural language processing, AlchemyDataNews, a query that scours the world’s news sources and blogs like a database, and Tone Analyer, a tool that gauges the reaction of commenters. This Kit allows users to process Web and social media to not only understand important topics but how people feel about those topics. You can launch the app or check out the code on GitHub here.
Anything to help my students! (If number 20 worked, I’d be the learningest guy in the world!)
25 Ways to Learn Faster (Infographic)
I too have great ideas and lazy students!