“What, me hurry?” A. E. Newman
http://www.pogowasright.org/article.php?story=20080501195923906
UCSF waited six months before telling patients of data breach
Thursday, May 01 2008 @ 07:59 PM EDT Contributed by: PrivacyNews News Section: Breaches
Information on thousands of UCSF patients was accessible on the Internet for more than three months last year, a possible violation of federal privacy regulations that might have exposed the patients to medical-identity theft, The Chronicle has learned.
The information accessible online included names and addresses of patients along with names of the departments where medical care was provided. Some patient medical record numbers and the names of the patients' physicians also was available online.
The breach was discovered Oct. 9, but the medical institution did not send out notification letters to the 6,313 affected patients until early April, nearly six months later.
.... UCSF had shared information on its patients with a vendor, Target America Inc., which mines electronic databases amassing information about a nonprofit's potential or existing donors.
Source - San Francisco Chronicle
[From the article:
"The breach is a symptom, but the real ethics challenge is the extent to which health care institutions are tracking patients and their families for nonmedical reasons - for fundraising, marketing, advertising," Caplan said. "I don't think people are aware of the degree to which this is occurring, whether it's by a hospital or a nursing home or a hospice."
Do they really mean mimic? If so, why is this good news?
• verb (mimicked, mimicking) 1 imitate in order to entertain or ridicule. 2 (of an animal or plant) take on the appearance of (another) to deter predators or for camouflage. 3 replicate the effects of. Source: Compact Oxford English Dictionary of Current English
http://www.pogowasright.org/article.php?story=20080501171844580
(update) Analysis Reveals No Security Breach, No Personal Data Exposed At CU-Boulder
Thursday, May 01 2008 @ 05:18 PM EDT Contributed by: PrivacyNews News Section: Breaches
The University of Colorado at Boulder today announced that a forensic analysis of a computer suspected to have been compromised last week revealed no malicious software, and no exposure of student and staff private data.
"The analysis by our staff, working closely with the consulting firm of Applied Trust Engineering, revealed an interaction between two incompatible software programs that mimicked behavior consistent with malicious software," said Dan Jones director of IT Security at CU-Boulder.
Source - University of Colorado - Boulder
Related - Not hacked off, or into
The equivalent of asymmetric CyberWar?
http://www.securityfocus.com/news/11515?ref=rss
Radio Free Europe hit by DDoS attack
Dan Goodin, The Register 2008-05-01
Websites run by Radio Free Europe have been under a fierce cyber attack that coincided with coverage over the weekend of a rally organized by opposition to the Belarusian government.
The distributed denial of service (DDoS) attack initially targeted only the RFE's Belarus service, which starting on Saturday was inundated with as many as 50,000 fake pings every second, according the this RFE account. On Monday, it continued to be affected. At least seven other RFE sites for Kosovo, Azerbaijan, Tatar-Bashkir, Farda, South Slavic, Russia and Tajikistan, were also attacked but have mostly been brought back online.
Often level-headed recommendations, backed by actual thought!
http://www.pogowasright.org/article.php?story=2008050110324086
Ca: Appearance before the Standing Committee on Access to Information, Privacy and Ethics on Privacy Act Reform
Thursday, May 01 2008 @ 10:32 AM EDT Contributed by: PrivacyNews News Section: Non-U.S. News
Source - Office of the Privacy Commissioner of Canada
It's simple to redefine the world to achieve a single objective. Limiting that change to a single objective is where the problem lies... Watch me make this New York business subject to Colorado sales tax. Click here: http://www.carnegiedeli.com/
http://news.slashdot.org/article.pl?sid=08/05/02/0239248&from=rss
Amazon Fights Back Against NY Online Sales Tax
Posted by Soulskill on Friday May 02, @05:11AM from the fighting-the-good-enough-fight dept.
The New York Times is reporting on Amazon's lawsuit contesting the recently enacted New York state law which requires online retail outlets to collect sales tax on items sold to the state's residents. Amazon disagrees that it should be required to collect such tax without a physical presence in the state. We discussed the 'Amazon Tax' last month. Quoting:
"The new law is based on a novel definition of what constitutes a presence in the state: It includes any Web site based in the state that earns a referral fee for sending customers to an online retailer. Amazon has hundreds of thousands of affiliates--from big publishers to tiny blogs--that feature links to its products. It says thousands of those have given an address in New York State, although it does not verify the addresses. The state law says that if even one of those affiliates is in New York, Amazon must collect sales tax on everything sold in the state, even if it is not sold through the affiliate."
Strategy is as strategy does... (Get all you can before your RICO conviction shuts you down?)
http://yro.slashdot.org/article.pl?sid=08/05/02/0350227&from=rss
Massive Increase in RIAA Copyright Notices
Posted by Soulskill on Friday May 02, @08:18AM from the harnessing-the-power-of-spam dept.
According to Wired, universities in the US are experiencing a "20-fold increase" in the number of takedown notices from the RIAA in the last ten days. Indiana University reports 80 notices a day, but they say their traffic hasn't increased significantly over the same time period. It will be interesting to see if the affected schools join the legal battle against the RIAA, or cave under the increased pressure.
"University of California at Berkeley's chief information officer Shel Waggener confirmed he'd heard of the spikes and suggested there was a political purpose driving them. 'Public universities are in a unique position since the industry puts pressure on us through state legislatures to try to impose what are widely considered to be draconian content monitoring measures and turn us into tech police forces in support of a specific industry,' Waggener said. The RIAA is also backing legislation in states such as Illinois and Tennessee that would require schools that get a certain number of notices to begin installing deep packet monitoring equipment on their internet and intranets, according to Luker."
Another delusional world?
http://yro.slashdot.org/article.pl?sid=08/05/02/1259231&from=rss
SCO's McBride Testifies "Linux Is a copy of UNIX"
Posted by kdawson on Friday May 02, @09:39AM from the can-you-spell-perjury dept. Caldera The Courts Linux
eldavojohn writes
"Here's a short update on the Novell Vs. SCO case we've been following. Our good friend Darl McBride made some interesting comments in court yesterday. He stated (under oath): 'Many Linux contributors were originally UNIX developers... We have evidence System V is in Linux... When you go to the bookstore and look in the UNIX section, there's books on "How to Program UNIX" but when you go to the Linux section and look for "How to Program Linux" you're not gonna find it, because it doesn't exist. Linux is a copy of UNIX, there is no difference [between them]." This flies directly in the face of what SCO found in extensive investigations in 2002 and contradicts what SCO Senior Vice President Chris Sontag had just finished testifying earlier that day (testimony that McBride did not hear)."
Looks like we are trying to match the UK's “a camera in every pot” strategy...
http://www.pogowasright.org/article.php?story=20080502062810450
D.C. Forging Surveillance Network
Friday, May 02 2008 @ 06:28 AM EDT Contributed by: PrivacyNews News Section: Surveillance
The D.C. government is launching a system today that would tie together thousands of city-owned video cameras, but authorities don't yet have the money to complete the high-tech network or privacy rules in place to guide it.
The system will feature round-the-clock monitoring of the closed-circuit video systems run by nine city agencies. In the first phase, about 4,500 cameras trained on schools, public housing, traffic and government buildings will feed into a central office at the D.C. Homeland Security and Emergency Management Agency. Hundreds more will be added this year.
Source - Washington Post
“Gee, if we actually saved and looked at the logs, we might have to do something!”
http://www.pogowasright.org/article.php?story=2008050110280640
Audit: NJ lacks computer security for personal Medicaid data
Thursday, May 01 2008 @ 10:28 AM EDT Contributed by: PrivacyNews News Section: State/Local Govt.
New Jersey has not monitored access to key personal information in a computer system that tracks care for the poor, leaving no way to know if Social Security numbers and other information about doctors and patients have been misused, a recent state audit found.
The analysis determined that the state Department of Human Services lacks appropriate security policies and procedures for the computer system it uses to process claims for more than 1 million New Jersey Medicaid patients.
The department, according to the analysis, fails to properly monitor access to information such as Social Security and tax identification numbers, Drug Enforcement Agency numbers used to write drug prescriptions, and birth dates.
Source - Newsday
Note: This does not address TSA doing similar “searches” domestically...
http://www.pogowasright.org/article.php?story=20080501135225848
Protecting Yourself From Suspicionless Searches While Traveling (updated)
Thursday, May 01 2008 @ 01:52 PM EDT Contributed by: PrivacyNews News Section: Surveillance
The Ninth Circuit's recent ruling (pdf) in United States v. Arnold allows border patrol agents to search your laptop or other digital device without limitation when you are entering the country. EFF and many civil liberties, travelers’ rights, immigration advocacy and professional organizations are concerned that unfettered laptop searches endanger trade secrets, attorney-client communications, and other private information. These groups have signed a letter asking Congress to hold hearings to find out what protocol, if any, Customs and Border Protection (CBP) follows in searching digital devices and copying, storing and using travelers’ data. The letter also asks Congress to pass legislation protecting travelers’ laptops and smart phones from unlimited government scrutiny.
In the meantime, how can international travelers protect themselves at the U.S. border, short of leaving their laptops and iPhones at home?
Source - EFF
Related - The Register: Your personal data just got permanently cached at the US border
For my Computer Security students
7 dirty secrets of the security industry
At the Interop conference, Joshua Corman, principal security strategist for IBM/ISS, discussed the misconceptions and half-truths surrounding the security industry
By Tim Greene, Network World May 01, 2008
... "The goal of the security vendor is not to secure, it's to make money," Corman says.
He says that is his "zeroth" dirty secret of the security industry. These are the other seven:
1. Antivirus certifications are misleading.
2. There is no perimeter.
3. Risk analysis threatens vendors.
4. There is more to risk than just weak software.
5. Compliance threatens security.
6. Vendor blind spots allowed the Storm worm outbreak to happen.
7. Security has grown well past do-it-yourself.
Another perspective.
http://money.cnn.com/2008/05/01/news/international/usgas_price/?postversion=2008050109
U.S. gas: So cheap it hurts
Relatively low taxes have kept pump prices far below most other developed nations, which some say is precisely why the current runup is so painful.
By Steve Hargreaves, CNNMoney.com staff writer Last Updated: May 1, 2008: 12:18 PM EDT
Most expensive places to buy gas
Rank Country Price/gal
1. Sierra Leone $18.42
2. Aruba $12.03
3. Bosnia-Herzegovina $10.86
4. Eritrea $9.58
5. Norway $8.73
6. United Kingdom $8.38
7. Netherlands $8.37
8. Monaco $8.31
9. Iceland $8.28
10. Belgium $8.22
111. United States $3.45
This is curious. I'll have to give some thought to new venture capital opportunities...
http://hbswk.hbs.edu/item/5928.html
What is the Future of State Capitalism?
Published: May 2, 2008 Author: Jim Heskett Forum open for comment until May 29
Executive Summary:
Whatever happened to the fears not long ago that global corporations with allegiance to no government would challenge the world economic order? These days, state-owned corporations now dwarf even the largest privately-owned global organizations, says HBS professor Jim Heskett. What is impact on competition? What do you think?
If you haven't downloaded and installed the new Ubuntu (8.04) I recommend that you do. Having a dual-boot option lets me play more often with Linux. This is for those of you who tried it.
http://www.killerstartups.com/Web-App-Tools/Medibuntuorg---Free-Ubuntu-Software/
Medibuntu.org - Free Ubuntu Software
Medibuntu, which stands for “Multimedia, Entertainment & Distractions In Ubuntu,” is a packaging product that distributes software that can’t be included in the regular Ubuntu package. Ubuntu is an open source operating system built around Linux, and is generally designed to be something that can be distributed in any country. Because freedom of speech, patent, copyright, license, or other laws vary in different countries, these laws can often preclude the inclusion of a certain software in the Ubuntu package. Medibuntu.com provides packages of software that was not included in Ubuntu for these types of reasons, and distributes them with professional quality packaging that integrates easily with Ubuntu.
No comments:
Post a Comment