Saturday, January 19, 2013

We didn't have the time to do it right, but we found the time to do it over...”
Doesn't the fact that they immediately changed their practices after the loss impact their liability?
By Dissent, January 18, 2013 7:09 pm
Chris Cobb reports:
Montfort Hospital officials were scrambling on Friday to reassure thousands of patients that an unsecured USB data key lost by a hospital employee did not contain intimate details of their health issues.
Information on the USB key, downloaded from a Montfort computer in contravention of hospital rules, contained information on more than 25,000 patients, all of whom have been sent a letter of apology and reassurance signed by Montfort’s chief privacy officer El Mostafa Bouattane.
The mass-mailed letter addressed to “Dear Patient”’ tells patients only that the USB key disappeared “despite our standard precautions” and contained just basic person information — “your name, summary data relating to the type of service you received, the date of service and a code referring to your provider’s name.” (“Provider” is the patient’s doctor).
Read more on Ottawa Citizen.
[From the article:
The employee has now been “re-sensitized” to security issues and is back at work, he added, but she wasn’t suspended or otherwise penalized.
… We decided there was no malice, hacking or other illegal activity involved.”
The Montfort, previously equipped with both encrypted and non-encrypted computers, has upgraded its systems with new privacy technology that does not allow data to be download onto USB keys that are not similarly encrypted, added Marleau.
… Carolyne Chaput, who had X-rays taken at the Montfort in October, said Friday that the letter came to her home Thursday “out of the blue” and she found it was extremely vague.


I wouldn't give up a valuable tool like that unless I had another (next generation ) tool ready to go, or better already installed and working.
Red October espionage platform unplugged hours after its discovery
Key parts of the infrastructure supporting an espionage campaign that targeted governments around the world reportedly have been shut down in the days since the five-year operation was exposed.
… The research uncovered more than 60 Internet domain names used to run the sprawling command and control network that funneled malware and received stolen data to and from infected machines. In the hours following the report, many of those domains and servers began shutting down, according to an article posted Friday by Kaspersky news service Threatpost.


Are we heading toward “universal breach notification?”
New bill asks companies to notify EU of security breaches
Proposed legislation in the European Union would force tech companies that have access to user data -- such as Facebook, Google, and Microsoft -- to report any security breaches to local cybersecurity agencies, the Financial Times reported today.


“We know what's best for students, parents don't!”
School Kicks Out Sophomore in RFID Student-ID Flap
A Texas high school on Friday barred a girl from attending class as part of the fallout from a legal flap that began when the sophomore refused to wear around her neck an RFID-chip student ID she claims is the “Mark of the Beast,” lawyers connected to the brouhaha said.
… The devout Christian sued the district, and last week a Texas federal judge concluded the 15-year-old’s right of religion was not breached, a decision a federal appeals court left intact Wednesday. That’s because the school district, the lower court ruled, eventually agreed to accommodate the girl and allow her to remove the RFID chip while still demanding that she wear the identification like the other students.
… U.S. District Judge Orlando Garcia’s ruling gave the girl and her family until Friday to decide whether to go to a different school or comport. She appealed to the New Orleans-based 5th U.S. Circuit Court of Appeals, arguing that adorning herself with the ID card, even one without an RFID chip, amounted to discriminating against her “sincerely held beliefs.”
… Money is the main motive behind the school using the RFID chips.
Like most state-financed schools, the district’s budget is tied to average daily attendance. If a student is not in his seat during morning roll call, the district doesn’t receive daily funding for that pupil because the school has no way of knowing for sure if the student is there.


“Yeah, that used to be a privacy option, now it's a search feature!”
On Facebook, users can no longer hide from search results
In the wake of its “graph search” announcement, Facebook removed the ability for users to opt out of appearing in search results on the site, as noted by Quartz. Because graph search relies on the content of profiles to fuel its results, the move will allow more comprehensive returns on searches but may violate the privacy of users who previously relied on that feature.


A useful case study for Copyright law students? OR Something for the Copyright lawyers to blather about?
Hands On With Kim Dotcom’s New Mega: This Service Could Dismantle Copyright Forever
Kim Dotcom's Mega officially launches tomorrow, but we're already in. From the membership plans we showed you this morning, the service might look like it's just another online storage locker like Dropbox or Google Drive. But it's way more than that. Mega is a weapon aimed straight at copyright rights holders. It's maybe the most private, invincible file-sharing service of all time.
When you first sign in, you see (instead of a big red button coyly promising to change the world) a simple drag-and-drop upload tool. A Mega upload tool.
From there, you're immediately prompted to agree to terms and conditions. Our resident lawyer told us they're not very well written, but in essence, they absolve Mega for any liability whatsoever for and naughty things you might do with the service. Smart Move, Kim.
… So what's to stop Mega from going down just the way Megaupload did? Mega's privacy, which is a no-foolin' stroke of genius. See, all of your files are encrypted locally before they're uploaded, so Mega has no idea what anything is. It could be family photos or work documents, or an entire discography of your favorite band. Poof: online and easy to share. And importantly, Mega doesn't have the decryption key necessary to get in. See? It's a masterstroke of copyright subversion.


It never hurts to redundantly repeat and reiterate the basics...

(Related)


How else does one get the attention of (for example) people who use the XYZ website?
"You don't necessarily have to a hacker to be viewed as one under federal law. ProPublica breaks down acts of 'hacktivism' to see what is considered criminal under the Computer Fraud and Abuse Act. It points out that both Aaron Swartz and Bradley Manning were charged under the CFAA. Quoting: 'A DDoS attack can be charged as a crime under the CFAA, as it “causes damage” and can violate a web site’s terms of service. The owner of the site could also file a civil suit citing the CFAA, if they can prove a temporary server overload resulted in monetary losses. ... The charges for doxing depend on how the information was accessed, and the nature of published information. Simply publishing publicly available information, such as phone numbers found in a Google search, would probably not be charged under the CFAA. But hacking into private computers, or even spreading the information from a hack, could lead to charges under the CFAA.'"


I read a LOT of articles every day, so I will give this a try.
When was the last time you read a whole article? Not two or three paragraphs and then clicked on to the next one, but the whole thing. What about an article that was more than 1000+ words? The fact is, it’s difficult to read on the web. There are a number of things that could be blamed from ads along side of content that are distracting to our click-happy habits of constantly opening more and more links in our browser.
A developer by the name of Richard Wallis saw this problem too and he created a solution. That solution is a browser extension and a bookmarklet that removes the potential distractions from around the page, but it also addresses something else that he feels is actually the reason behind our poor reading habits online.
In his blog post, he explained his reasoning:
The problem is scrolling. Scrolling is a brilliant way to display a map or an Excel spreadsheet on a computer. But it’s a terrible way to display text.
That’s because scrolling moves the text on a page. And moving text, even if it’s under your control, will break your reading rhythm.
… MagicScroll certainly isn’t the only web reading aid out there, there’s Clearly, Instapaper, iReader, and Readability, which are among my favorites.
Don't have Chrome? Just drag the following link to your bookmarks bar:


For my amusement...
San Jose State University has partnered with the online education startup Udacity to offer 3 online classes for credit. Although Udacity has been at the forefront of the recent MOOC-hype, these classes aren’t really “MOOCs.” They aren’t massive — just 100 students apiece. They aren’t open — they’re limited to a select group of SJSU, community college, and high school students. They aren’t free. The credits will cost $150 a piece. MOOCs or not, this is pretty big news. My write-up is here.
… In related news, ACE (the American Council on Education) will evaluate 4 Udacity courses for credits. ACE announced in November that it was similarly evaluating Udacity’s competitor Coursera to see if its courses could be eligible for credit.
A survey from Scholastic finds that the number of kids reading e-books has nearly doubled since 2010. Despite the interest expressed by those age 6 to 19 about e-books, 80% said that they still read books for fun “primarily in print.”


This is the start of my HTML5 collection
Here’s the Interactive Site That Will Make You an HTML5 Devotee
… Designer and developer Jongmin Kim has taken it upon himself to explore the language’s bleeding edge with his Form Follows Function web project, which demonstrates and expands HTML5′s most aesthetically interesting capabilities.


So can my students rent textbooks?
This week Amazon has unveiled Kindle book rentals in an extremely quiet fashion, opting to test it out with the public before doing any sort of press on the topic – but you can try it out right this minute if you wish. What you’re going to be doing here is renting a title for a certain amount of time, with the price going up based on how many months you’d like to keep it around. Thirty day increments appear at the moment to be the turn-over for how much you’ll be paying, 30, 60, 90, and 120 day periods being available for less than a dollar difference.
… If you have a peek at one of the very, very few titles available with rentals thus far by the name of Theories of International Politics and Zombies (courtesy of tipster Karen at Zats Not Funny, you’ll find that the Buy Price is (as it usually is) a little more than half of the price of the list price. The rent price, then, is less than half that cost – 80% off the original list price. Of course that’s the price to rent a digital copy for 30 days instead of owning the original print book forever, but the price difference is extremely important to the author in the end.

No comments: