Thursday, August 05, 2010

It is one thing to “spin” the breach report to make it seem less catastrophic to reporters, it is something else entirely to push a lot of regulatory hot buttons by not bothering to comply with the reporting requirements at all. “You were serious about dat?” Joe Pecsi in “My Cousin Vinny”

http://www.phiprivacy.net/?p=3233

Hundreds of Ont. patient health files stolen

By Dissent, August 4, 2010

If you’re going to have a breach, you probably don’t want the authorities finding out about it from the media instead of from you. CBC News reports:

The head of Ontario’s privacy watchdog says she “hit the roof” after hearing from CBC News that a computer memory stick containing the medical files of hundreds of Toronto patients was stolen.

Last week, the University Health Network (UHN) sent letters to 763 patients who had undergone surgery at one of three of its sites between January and March of this year — Toronto General, Toronto Western and Princess Margaret hospitals — informing them that their medical information had been compromised, the CBC’s Metro Morning has learned.

Some of their files were copied onto an unencrypted USB key, which was stolen from the purse of a staff member on June 18, the letter said.

While the patients’ OHIP numbers, addresses and other contact information weren’t in the files, the patients’ names, their admission and discharge dates and any surgical procedures they underwent were. Police have been informed, but the memory stick has not been recovered.

Read more on CBC News.



Yeah, but whose privacy?

http://news.cnet.com/8301-17852_3-20012732-71.html?part=rss&subj=news&tag=2547-1_3-0-20

Man faces jail for YouTube video of traffic stop



Oh, here's a big surprise...

http://www.databreaches.net/?p=13000

Symantec survey: companies retaining way too much way too long

August 4, 2010 by admin

Symantec Corp. released the findings of its 2010 Information Management Health Check Survey, which hammers home a point I made the other day about getting rid of unnecessary data.

For the current survey, Symantec surveyed 1,680 enterprises in 26 countries. They found that while 87% of respondents believe in the value of a formal information retention plan, only 46 percent actually have one. Too many enterprises save information indefinitely:

For example, three quarters of backups have infinite retention or are on legal hold. That is a huge number. Think of this: Some estimates are that there is roughly 50 petabytes of backup tape stock in enterprise backup libraries. That means nearly 38 petabytes of backup tape is dedicated to retaining enterprise information forever in a format that is extremely difficult to access and manage. To put that in perspective, 38 petabytes of backup tape would stretch to the moon and back 13 times with enough left over to circle the globe 7 times. That is a lot of tape.

Furthermore, enterprises told us they know a quarter of the information isn’t even needed and shouldn’t be retained.

Enterprises also report that one in six files is archived indefinitely.

According to the report, over-retention is having serious consequences:

Studies show that storage costs continue to skyrocket as over retention has created an environment where it is now 1,500 times more expensive to review data than it is to store it. And it is not just the raw cost of tape stock and hard disks, but the higher costs of managing such massive stores.

Second, backup windows are bursting at the seams. It is becoming increasingly common to hear of weekend backups taking more than a single weekend. Recovery times are even worse. The time it takes to restore such massive backups will bring any disaster recovery program to its knees.

Finally, with the massive amounts of information stored on difficult-to-access backup tapes, eDiscovery has become a lengthy, inefficient and costly exercise.

Read the full report here (pdf).



Apparently, Schmidt made a number of profound (or at least interesting) statements while on this panel. Or, more likely, the conference hosts are good at PR.

http://techcrunch.com/2010/08/04/schmidt-data/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Eric Schmidt: Every 2 Days We Create As Much Information As We Did Up To 2003

Every two days now we create as much information as we did from the dawn of civilization up until 2003, according to Schmidt. That’s something like five exabytes of data, he says.


(Related)

http://news.cnet.com/8301-13860_3-20012704-56.html?part=rss&subj=news&tag=2547-1_3-0-20

Google's Schmidt: Society not ready for technology



This seems to be a very artificial “complication”

http://www.phiprivacy.net/?p=3235

HHS panel mulls patient control over select data

By Dissent, August 4, 2010

Mary Mosquera reports:

The Privacy and Security Tiger Team yesterday began exploring how current technologies can help patients make decisions on consent and access to their electronic health records when more sensitive patient data is involved.

The team, composed of government and private sector healthcare privacy experts, teed up questions related to how to accommodate patients [Is accommodation the correct approach? Bob] who might want to exercise highly-selective levels of control over electronic versions of their personal health information or portions of that data.

Read more on Government Health IT. The story gives a useful example of how quickly things can become complicated:

Some technologies can enable patients to release parts of their medical record to their providers, but the tools and techniques supporting such piece-meal management of patient data are far from fool-proof, noted Paul Egerman, a software entrepreneur and also co-chair of the tiger team.

For example, a provider can decide to not show certain codes in the exchange of a standard Continuity of Care Document (CCD) that specify a condition or illness that the patient does not want shared, such as a sexually transmitted disease (STD), Egerman said.

However, other codes in the record for test results or medications can still allow others to infer the patient has an STD. [“and we are unable to relate the treatment to the diagnosis.” Bob] “It’s leaky,” Egerman said. “Downstream inferences are beyond the state of the art.”



Amusing. This suggests that 77 percent didn't remember Pearl Harbor.

http://it.slashdot.org/story/10/08/04/2330230/Most-Consumers-Support-Government-Cyber-Spying?from=rss

Most Consumers Support Government Cyber-Spying

Posted by samzenpus on Wednesday August 04, @10:28PM

"Nearly two thirds of computer users globally believe that it is acceptable for their country to spy on other nations by hacking or installing malware, according to Sophos's mid-year 2010 Security Threat Report. And 23 percent claimed to support this action even during peacetime. Perhaps more surprisingly, 32 percent of respondents said that countries should also be allowed to plant malware and hack into private foreign companies in order to spy for economic advantage."

[The Report:

http://www.sophos.com/sophos/docs/eng/papers/sophos-security-threat-report-midyear-2010-wpna.pdf


(Related) Is this an attack on Wall Street? I doubt it. Much more likely to be an idling algorithm waiting for a trading threshold to be reached.

http://news.slashdot.org/story/10/08/04/1920224/Market-Data-Firm-Spots-the-Tracks-of-Bizarre-Robot-Trading?from=rss

Market Data Firm Spots the Tracks of Bizarre Robot Trading

Posted by timothy on Wednesday August 04, @04:16PM

jamie spotted a fascinating story at The Atlantic about "mysterious and possibly nefarious trading algorithms [that] are operating every minute of every day in" the stock market:

"Unknown entities for unknown reasons are sending thousands of orders a second through the electronic stock exchanges with no intent to actually trade. Often, the buy or sell prices that they are offering are so far from the market price that there's no way they'd ever be part of a trade. The bots sketch out odd patterns with their orders, leaving patterns in the data that are largely invisible to market participants."

Spotting the behavior of these bots was possible by looking at much finer time slices than casual traders ever see — cool detective work, but as the story points out, discovering it is just the beginning: "[W]e're witnessing a market phenomenon that is not easily explained. And it's really bizarre."

[From the article:

Donovan thinks that the odd algorithms are just a way of introducing noise into the works. Other firms have to deal with that noise, but the originating entity can easily filter it out because they know what they did. Perhaps that gives them an advantage of some milliseconds. In the highly competitive and fast HFT world, where even one's physical proximity to a stock exchange matters, market players could be looking for any advantage.



The 'evil twin' of Behavioral Advertising?

http://it.slashdot.org/story/10/08/05/0158207/Anatomy-of-an-Attempted-Malware-Scam?from=rss

Anatomy of an Attempted Malware Scam

Posted by samzenpus on Thursday August 05, @01:44AM

"Malicious advertisements are getting more and more common as the Bad Guys try to use reputable ad networks to spread malware. Julia Casale-Amorim of Casale Media details the lengths that some fake companies will go to to convince ad networks to take the bait."



Apple gave schools significant discounts to “addict” children to their early computers. Could they be attempting the same thing here?

http://ocunwired.ocregister.com/2010/08/03/all-new-uci-medical-students-get-ipads/

UPDATE: Free iPads for new UCI medical students

UPDATE: Stanford too is offering iPads to the class of 2014. Any others?



Well, Google IS bigger than the US Government...

http://tech.slashdot.org/story/10/08/05/0327200/Google-and-Verizon-In-Talks-To-Prioritize-Traffic?from=rss

Google and Verizon In Talks To Prioritize Traffic

Posted by samzenpus on Thursday August 05, @05:13AM

"Google and Verizon are nearing an agreement that could allow Verizon to speed some online content to Internet users more quickly if the content's creators are willing to pay for the privilege. Any agreement between Verizon and Google could also upend the efforts of the Federal Communications Commission to assert its authority over broadband service, which was severely restricted by a federal appeals court decision in April. People close to the negotiations who were not authorized to speak publicly about them said an agreement could be reached as soon as next week. If completed, Google, whose Android operating system powers many Verizon wireless phones, would agree not to challenge Verizon's ability to manage its broadband Internet network as it pleased."



Are there still people who believe their phones are secure?

http://mashable.com/2010/08/03/iphone-pdf-exploit/?utm_source=feedburner

Security Exploit Can Give Hackers Control of Your iPhone or iPad [WARNING]



For my Computer Security standards.

http://www.networkworld.com/community/node/64514

Who really sets global cybersecurity standards?

This week in a report that was critical about how the US will face global cybersecurity events, the Government Accountability Office identified 19 global organizations" whose international activities significantly influence the security and governance of cyberspace."



Geeky stuff. Looks much like a targeting system...

http://www.bespacific.com/mt/archives/024877.html

August 04, 2010

Microsoft Street Slide: Browsing Street Level Imagery

Street Slide: Browsing Street Level Imagery - Johannes Kopf, Billy Chen, Richard Szeliski, Michael Cohen [Microsoft Research]. Please see the accompanying video here.

  • "Systems such as Google Street View and Bing Maps Streetside enable users to virtually visit cities by navigating between immersive 360 degree panoramas, or bubbles. The discrete moves from bubble to bubble enabled in these systems do not provide a good visual sense of a larger aggregate such as a whole city block. Multi-perspective “strip” panoramas can provide a visual summary of a city street but lack the full realism of immersive panoramas. We present Street Slide, which combines the best aspects of the immersive nature of bubbles with the overview provided by multiperspective strip panoramas. We demonstrate a seamless transition between bubbles and multi-perspective panoramas. We also present a dynamic construction of the panoramas which overcomes many of the limitations of previous systems. As the user slides sideways, the multi-perspective panorama is constructed and rendered dynamically to simulate either a perspective or hyper-perspective view. This provides a strong sense of parallax, which adds to the immersion. We call this form of sliding sideways while looking at a street facade a street slide. Finally we integrate annotations and a mini-map within the user interface to provide geographic information as well additional affordances for navigation. We demonstrate our Street Slide system on a series of intersecting streets in an urban setting. We report the results of a user study, which shows that visual searching is greatly enhanced with the Street Slide interface over existing systems from Google and Bing."



This could be useful. Copy your old message traffic as you change email providers or steal all your business correspondence from your old employer.

http://www.smashingapps.com/2010/08/04/backup-data-stored-on-email-servers-and-online-social-networks-with-backupify.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SmashingApps+%28Smashing+Apps%29

Backup Data Stored On Email Servers And Online Social Networks With Backupify



This sounds trivial, but we geeks are creating an e-Grammer completely unrelated to the traditional (but illogical) rules of the past.

http://ask.slashdot.org/story/10/08/04/161232/Sentence-Spacing-mdash-1-Space-or-2?from=rss

Sentence Spacing — 1 Space or 2?

Posted by CmdrTaco on Wednesday August 04, @01:18PM

An anonymous reader noted an epic battle is waging, the likes of which has not been seen since we all agreed that tab indenting for code was properly two spaces. He writes

"Do you hit the space bar two times between sentences, or only one? I admit, I'm from the typewriter age that hits it twice, but the article has pretty much convinced me to change. My final concern: how will my word processor know the difference between an abbr. and the end of a sentence (so it can stretch the sentence for me)? I don't use a capital letter for certain technical words (even when they start a sentence), making it both harder to programmatically detect a new sentence and more important to do so. What does the Slashdot community think?"



At least, take a peak...

http://www.makeuseof.com/tag/10-google-services-limelight/

10 Google Services That Don’t Get the Limelight



I'm not sure, but – isn't this the biggest threat I could make? Ten articles a day for four years is over 14,000 articles. Is the world ready?

http://www.freetech4teachers.com/2010/08/anthologize-turn-your-wordpress-blog.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+freetech4teachers%2FcGEY+%28Free+Technology+for+Teachers%29

Wednesday, August 4, 2010

Anthologize - Turn Your Blog Into an Ebook

No comments: