Saturday, April 06, 2013

Another unencrypted laptop stolen. I try not to report too many of these – but I don't want anyone to think the frequency of laptop theft has dropped either. Or the frequency with which management fails to ensure they are encrypted.
Renee Slandera reports that the William Jennings Bryan Dorn VA Medical Center in Columbia, South Carolina is notifying more than 7,000 patients that a laptop stolen from the Respiratory Therapy Department in February contained their names, dates of birth, and partial Social Security numbers.
Since the laptop was stolen, Dorn officials say all laptops connected to medical devices have been protected.
Why the heck weren’t they already protected before now?
WIS has uploaded a copy of the notification letter, here. It indicates that the laptop was discovered missing on February 11, and may also have included patients’ weight, race, and the results of their respiratory tests.


“It doesn't have to be true, it only has to fool the voters!”
"Rep. Mike Rogers (R-Mich.) should know better. The chairman of the House Intelligence Committee claimed to told NBC News that the Operation Ababil U.S. bank disruption DDoS campaign could be stopped, if only private businesses had unfettered access to top-flight U.S. government threat intelligence. Not coincidentally, Rogers is the author of CISPA (now v2.0), a bill that would provide legal immunity for businesses that share threat data with the government, while allowing intelligence agencies to use it for 'national security' purposes, thus raising the ire of privacy rights groups. Just one problem: Numerous security experts have rubbished Rogers' assertion that threat intelligence would have any effect on banks' ability to defend themselves. The bank disruptions aren't cutting-edge or stealthy. They're just about packets overwhelming targeted sites, despite what Congressionally delivered intelligence [I like that phrase Bob] might suggest."

(Related)
House to amend CISPA in secret


Now is a good time to ask for more money to “solve the gun problem.”
The ATF Wants ‘Massive’ Online Database to Find Out Who Your Friends Are
The ATF doesn’t just want a huge database to reveal everything about you with a few keywords. It wants one that can find out who you know. And it won’t even try to friend you on Facebook first.
According to a recent solicitation from the Bureau of Alcohol, Tobacco, Firearms and Explosives, the bureau is looking to buy a “massive online data repository system” for its Office of Strategic Intelligence and Information (OSII).
… A follow-up document from the ATF clarifies a few things. The database will not “consolidate multiple databases” the ATF already has access to — like LexisNexis and Thomas Reuters. The bureau is seeking to buy an existing database system and not fund the development of a completely new one.


This is just one reason why I'm proud to be FROM, (as in, far from) New Jersey...
Remember that ridiculous lawsuit by Vernon Township against individuals to whom it had accidentally released employees’ Social Security numbers? There’s an update. Jessica Masulli Reyes reports:
The individuals who received the Social Security numbers of 119 Vernon employees were ordered by a judge to sign certification saying that the confidential information was deleted and not disseminated.
But, in turn, state Superior Court Judge Edward Gannon determined on Friday that Vernon, which filed the suit, must pay all of the individuals’ attorney and court costs, while also creating a township corrective action plan to ensure the release of private information does not happen again.
Read more on the New Jersey Herald. Apparently, the township had a brief shining moment of rational thought after their initial intention to sue for invasion of privacy:
Vernon initially accused the individuals and newspaper of tampering with the document to unveil the hidden columns in the computer spreadsheet, but Kelly later said that this was no longer the case and did not include it in a brief field with the court.
All in all, this is still one of the stupidest lawsuits I’ve seen, and I’ve seen a bunch. The township should have just asked the recipients to delete the files from their drives and sign a certificate saying they had done so. Instead, the town jumped to a heavy-handed approach that may have defamed the hapless recipients of the township’s breach. So now in addition to the costs of offering credit monitoring to the 119 employees whose SSN were disclosed, the town also incurred court costs for itself and the defendants.
Just. Plain. Stupid.


Clearly, “French intelligence” is 'le oxymoron” which will invoke the “effet Streisand.”
"The French domestic intelligence agency DCRI has forced a Wikipedia administrator to delete an article about a local military base. The administrator, who is also the president of Wikimédia France, has been threatened by the agency with immediate reprisals after his initial refusal to comply. Following a discussion on the administrator's noticeboard, the article (which is said to violate a law on the secrecy of the national defense) has been reinstated by a foreign user. Prior to pressuring the admin, DCRI contacted the Wikimedia Foundation (WMF), which refused to remove the article. WMF claimed the article only contained publicly available information, in accordance with Wikipedia's verifiability policy. While the consequences for Wikimedia's community remain unclear, one thing is certain: The military base article – now available in English – will get more public awareness than ever before."


This is typical of the confusion we have in this country over guns. My experience with “wet paper” ammunition was called a 'spitball” and required only an easily concealed straw and a mouthful of paper. It was unlikely to cause an overreaction (school lockdown and the SWAT team) Can't wait to see how bad this could become.
This DIY Cardboard Rifle Can Fire Paper Pellets 75 Feet
Paper pellets make great projectiles — just ask any schoolkid. Paper Shooters, rifles made primarily out of cardboard, can fire those paper pellets up to a distance of 75 feet, lending a degree of professionalism to a pursuit that is usually more of a hobby.
Developed by a team of designers that includes former Nerf engineers, in collaboration with Bang Creations, the Paper Shooters kit comes with all the tools needed to build the working gun. Apart from the plastic firing mechanism, the gun is pretty much all cardboard, and the three varieties — Digital Ops, Golden Touch and Zombie Slayer — look surprisingly realistic (although perhaps only if you’re James Bond in the case of Golden Touch).
The creators have just launched an Indiegogo campaign for $72.000, to satisfy the minimum order number required to begin manufacturing kits in China, and to raise additional funds for further die-cutting tools and molds.
“I’m an entrepreneurial 29-year-old from Manchester who loves designing new products,” said Mike Howarth of Team Paper Shooters by email. “This is my first product — designed initially in my apartment — and has just blossomed from there into a really great piece of kit. This is my first product, although there are lots more to come!”
Each kit contains a plastic firing mechanism and skeleton, layers of cardboard “skin” for the gun that are either glued or clipped on, eight gold shells, 50 pieces of pre-made ammunition, a mold for making new ammunition out of paper (any soft paper will do) and a target in the shape of a zombie’s head.
Howarth said: “The plastic is merely a ‘skeleton’ (minimum amount) as it shoots wet paper ammo that the user makes themselves.” The soft paper pellet ammunition fits into cartridges the shape of real bullets, and creating a cardboard gun that could handle moisture was a particular challenge.
The cartridge casings eject out of the side every time the user reloads, just like a real semiautomatic rifle. Apparently, the pellets have aerodynamic qualities similar to Airsof  rounds (“the accuracy is very good up to 65 feet [20m], then probably drops slightly after that,” says Howarth), so they are actually quite dangerous if not treated with respect. It’s very much for teenagers, not children, with an age guidance of 14-years-old and up. According to Howarth, “the ‘gunsmith experience’ is definitely the main selling point”.
Also, while the kits come predesigned, “users can absolutely print their own card frame as we supply the card template blueprints via email with every kit,” Howarth said.
It’s not quite 3D-printing an actual gun, but it’s a lot safer and a lot more legal.

(Related)
Meet the 'Crypto Anarchist' Who Wants Everyone to Print Their Own Guns
Just because you have the ability to 3D print guns, doesn't, of course, mean that you have to. But -- law of large numbers -- somebody is going to. And that somebody isn't just going to print their own guns, but they're going to make it their cause, and devote their time and energy to making sure other people can too. That person, in America today, is 25-year-old Cody R. Wilson.
Motherboard's excellent documentary, above, has given us a deep dive into the mind of this person -- his political beliefs, his hopes, the ideologies he seeks to undo. What you see is someone who is deeply engaged in the ideas behind his project; someone who isn't just making, but who sees his creations as political acts, as arguments. He directly says: "We're trying to prove a point."


Tools for my Ethical Hackers.
Wi-Fi Guard is a great little piece of freeware that works on Windows, Mac and Linux with the aim of making your home Wi-Fi connection more secure. It works by detecting currently connected devices and notifying you when new devices show up on your network. This makes it easy to detect if someone else has connected to your wireless without you knowing.


My weekly amusement...
… A new bill proposed in the California state legislature would create a fourth division of the state’s higher education system. According to The Chronicle of Higher Education, it would establish the “New University of California,” “an institution with no faculty and no tuition that, like the University of California, would be governed by a board of 11 trustees and one chancellor.”
… The open-access publishing startup Unglue.it (one of my picks for the best education startups of 2012) announced this week that textbook publisher De Gruyter will offer 100 of its titles on the crowdfunding platform. Books that raise $2100 will be “unglued” — released in a DRM-free digital format under a Creative Commons license.
The Saylor Foundation announced that it’s made agreements with 7 colleges and universities that will offer transfer credits to students who pass exams after taking Saylor’s free online courses. The institutions: Charter Oak State College, The City University of New York (CUNY) Baccalaureate for Unique and Interdisciplinary Studies, Colorado Technical University, Excelsior College, Granite State College, Thomas Edison State College, and the University of Maryland - University College; and the classes are Corporate Communications, Western Political Thought, and Business Law & Ethics.
Arizona Phoenix College math instructor James Sousa has posted some 2,600 video tutorials online, all under a CC BY-NC-SA license. Sousa, who has been teaching math for 15+ years, has posted all the work on YouTube as well as on MyOpenMath.com. More details via the Creative Commons blog.

No comments: