McDonald's tweets to Trump: 'You are actually a disgusting
excuse of a President'
"@realDonaldTrump You are
actually a disgusting excuse of a President and we would love to have
@BarackObama back, also you have tiny hands," the tweet read.
McDonald's later said in a statement that the account was
hacked and apologized.
"Based on our investigation, we have determined that
our Twitter account was hacked by an external source. We took swift action to secure it, and we
apologize this tweet was sent through our corporate McDonald’s account,"
spokeswoman Terri Hickey said.
It “only” took them a couple of years to discover
this?
And this, kids, is why you need to monitor employee
access to patient records and audit over longer periods.
Kyle Spurr reports:
A caregiver at St. Charles Health
System accessed nearly 2,500 patients’ electronic medical records without
authorization from the hospital.
The caregiver told the hospital
she viewed the files out of curiosity. Her actions are not considered criminal. She signed an affidavit stating she never used
or shared any of the confidential patient information for the purpose of
committing fraud, financial crimes or other crimes against the patients whose
records she viewed.
On Jan. 16, the hospital launched
an investigation and audit of all of the patient files accessed by the
caregiver. The audit found between Oct.
8, 2014 and Jan. 16, the caregiver may have reviewed as many as 2,459 files
containing patients’ names, addresses, dates of birth, health insurance
information, driver’s license numbers and health information such as diagnoses,
physicians’ names, medications and treatment information.
Read more on Bend
Bulletin.
(Related). A
different approach in Canada.
John Chippa reports:
A Justice of the Peace in
Goderich has handed down the stiffest fine to date in Canada for a health
privacy breach.
A university student who was on
an educational placement with the family health team in Central Huron has been
ordered to pay a $20,000 fine and a $5,000 victim surcharge for accessing
personal health information without authorization.
The student pled guilty to
willfully accessing the personal health information of five individuals.
As part of her plea, she agreed
that she accessed the personal health information of 139 individuals without authorization between September 9th,
2014 and March 5th, 2015.
Read more on Blackburn
News.
A $25,000 fine is the biggest fine to date in Canada for a
health privacy breach? Wow.
For
my Ethical Hacking students.
Advanced Persistent "Bad Bots" are Rampant
In 2016, 40% of all web traffic originated from bots --
and half of that came from bad bots. A
bot is simply a software application that runs automated tasks over the internet.
Good bots are beneficial. They index web pages for the search engines,
can be used to monitor web site health and can perform vulnerability scanning. Bad bots do bad things: they are used for
content scraping, comment spamming, click fraud, DDoS attacks and more. And they are everywhere.
Findings from Distil's 2017 Bad Bot Report (PDF)
released Thursday show that the problem is rising again after a brief
improvement in 2015.
“Hey,
somebody is guilty!” Since they have the
guy’s photo, perhaps an image search of Facebook would be a better method?
Thomas Claburn reports:
A US judge has granted cops a
search warrant to direct Google to provide personal details about anyone
searching for a specific name in the town of Edina, Minnesota.
Tony Webster, who describes
himself as a web engineer, public records researcher, and policy nerd,
published a portion of the warrant out of concern that administrative
subpoenas and search warrants are being used for what amounts to fishing
expeditions.
Under the Fourth Amendment,
searches and seizures must be reasonable and as such are generally limited in
their scope, to balance privacy expectations. At issue is whether a warrant for the Google
account data of anyone searching for a given term is unconstitutionally broad.
Read more on The
Register.
[From the article:
According to the warrant, seen in full by The Register,
the case involves bank fraud in which an unknown party used the victim's name
to wire $28,500 from Spire Credit Union to Bank of America. The credit union relied on a faxed copy of the
victim's passport to verify the transaction, but the document was faked.
The search warrant, filed by Edina Police Detective David
Lindman, says that when investigators searched Google Images for the victim's
name, they found the photo used to make the fake passport – an image of someone
who resembled the victim but was not the same person. This led police to believe that the person
responsible searched Google for the victim's name.
Horsefeathers! But,
as long as the tools are available…
No One Wants the Internet of
Things …
… Except Big Brother
The government is already spying
on us through spying on us through our computers,
phones, cars, buses, streetlights, at airports and on the street, via mobile
scanners and drones, through our credit cards and smart meters (see this), television, doll, and in many other ways.
The CIA wants to
spy on you through your dishwasher and other “smart” appliances. Slate
reported in 2012:
Watch out: the CIA may soon be
spying on you—through your beloved, intelligent household appliances, according to Wired.
Read more on WashingtonsBlog.
“We’re
the government. Failure to follow the
rules is normal!”
Three out of Five Federal Agencies Flout New FOIA Law
by Sabrina
I. Pacifici on Mar 16, 2017
National Security Archive: “Three out of five of all
federal agencies are flouting the new law that improved the Freedom of
Information Act (FOIA) and required them to update their FOIA regulations,
according to the new National Security Archive FOIA Audit released today to
celebrate Sunshine Week. The National
Security Archive Audit found that only 38 out of 99 federal agencies have
updated their FOIA regulations in compliance with the FOIA Improvement Act of 2016 that
was passed with bipartisan, bicameral support. The new law required agencies to update their
FOIA regulations within 180 days of passage – that was June 30 so December 27,
2016 was the deadline. Updated
regulations were supposed to include the law’s new improvements, such as
requiring agencies provide requesters with no less than 90 days to file an
appeal, prohibiting agencies from charging “search or duplication fees when the
agency fails to meet the notice requirements and time limits set by existing
law,” and mandating agencies notify requesters of their right to seek
assistance from either the agency’s FOIA Public Liaison or to seek dispute
resolution services with the Office of Government Information Services (OGIS),
the FOIA ombudsman…”
I wonder if J.K Rowling owns the copyright on ‘Defense
against the dark arts?”
Paper – Defense Against the Dark Arts of Copyright Trolling
by Sabrina
I. Pacifici on Mar 16, 2017
Sag, Matthew and Haskell, Jake, Defense Against the Dark
Arts of Copyright Trolling (March 14, 2017). Available at SSRN: https://ssrn.com/abstract=2933200
“In this Article, we offer both a legal and a pragmatic
framework for defending against copyright trolls. Lawsuits alleging online copyright
infringement by John Doe defendants have accounted for roughly half of all copyright cases filed in the
United States over the past three years.
… We also
undertake a detailed analysis of the legal and factual underpinnings of these
cases. Despite their underlying
weakness, plaintiffs have exploited information asymmetries, the high cost of
federal court litigation, and the extravagant threat of statutory damages for
copyright infringement to leverage settlements from the guilty and the innocent
alike. We analyze the weaknesses of the
typical plaintiff’s case and integrate that analysis into a comprehensive
strategy roadmap for defense lawyers and pro se defendants. In short, as our title suggests, we provide a
comprehensive and useful guide to the defense against the dark arts of
copyright trolling.”
Tread
lightly, Google. You don’t want to tell
them that your Behavioral Advertising AI suggested this ad placement because people
going to those sites respond best to (click on) the government ads.
Google summoned to appear before the UK government to explain
why ads keep appearing next to extremist YouTube videos
LONDON — Google has been summoned to appear in front of
the UK government to explain why taxpayer-funded ads are appearing next to
extremist content on YouTube, The
Times reported.
The Times found government ads — and also those from the
BBC, The Royal Air Force, and The Royal Navy — appearing next to videos from
American white nationalist David Duke, a pastor who praised the killing of 49
people in an Orlando gay nightclub, and videos from Michael Savage, who the
newspaper describes as a "homophobic shock-jock."
… The issue is not only the
juxtaposition of government ads next to inappropriate content, but the fact that
those ads are making money for the video creators. The Times says a YouTube user earns $7.60 on
average for every 1,000 times an ad is viewed.
On Thursday, the government suspended all of its YouTube
advertising until Google can make assurances that ads from public-funded bodies
would not appear in unsafe environments.
On
the other hand, this one looks like a slam dunk for Google.
Someone Copied The Wrong Person On An Email, And It Just
Might Destroy Uber
On Dec. 13, an employee at Waymo, a self-driving startup
founded by Google, was accidentally copied on an email from one of its vendors.
Where was the email supposed to
go? Why, to Uber ― or, more
specifically, to Uber’s newly acquired startup Otto.
Included in the email were schematics for a circuit board,
one that looked remarkably similar to a board designed at considerable expense
by Waymo. Without that circuit board and
the “LiDAR”
(laser-based surveying) technology it made possible, neither Otto nor Waymo
would be going on a self-driving jaunt any time soon.
… Levandowski abruptly resigned from
Waymo in January 2016, then founded Otto and sold it to Uber for $680 million
that summer. (You can read a complete, surprisingly
riveting timeline of the saga here, via the New Zealand tech blogger Daniel
Compton.)
The vendor’s misaddressed email has spurred an
investigation by Waymo into Levandowski’s activities. Waymo declined to speak about the email or the
ensuing investigation, instead directing The Huffington Post to a
company blog post on the matter:
Some
things are clearly inevitable.
Google Tests Waters of Voice Ads on Speaker
Google’s smart home speakers on Thursday played an
unprompted promotion for Walt Disney Co.’s new “Beauty and the Beast” movie,
the first sign of how the world’s largest advertising company could shoehorn
ads into its growing number of voice interactions with users.
No comments:
Post a Comment