Friday, March 18, 2016

Security failures are getting more and more expensive. (One way to reduce the deficit, I suppose.)
There’s a follow-up to a breach I first noted on this blog in 2012 when Feinstein Institute for Medical Research issued a press release about a laptop stolen from a programmer’s car. Now HHS has issued a press release of its own:
Improper disclosure of research participants’ protected health information results in $3.9 million HIPAA settlement
Feinstein Institute for Medical Research agreed to pay the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) $3.9 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules and will undertake a substantial corrective action plan to bring its operations into compliance.
[Some omitted. Bob]
The resolution agreement and corrective action plan may be found on the OCR website at http://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/Feinstein/index.html.




Some of my Computer Security students got this immediately!
Ethan Chiel reports:
When New York started replacing its pay phones with wifi kiosks in January, the new free internet access was met with a great deal of excitement, particularly over the network’s speed. The beta launch included just a dozen wifi hubs, but the city plans to convert 7,500 phone booths over the next few years so that free wifi is as ubiquitous as the yellow taxi in New York. But now, concerns about privacy are beginning to emerge.
On Wednesday, the New York Civil Liberties Union (NYCLU) accusedthe city of using its new public wifi system, LinkNYC, to “build a massive database,” complaining that the company behind the program, CityBridge, can keep a vast amount of information about wifi users, per its privacy policy.
Read more on Fusion.




A simple summary my Computer Security students can use to start a discussion.
Top 4 Reasons Why Online Privacy Should Concern You
Survey results were released in mid-2015 that provide insight into how everyday users — like you and me — view and value online anonymity in this current day and age. Some of the answers were as expected, but a few were not.
Want to know why you should value your privacy on the Internet? Here are the most common reasons given in the survey.




You won't know it's happening until a SWAT team kicks in your door?
ISPs aren't telling customers their router is a public hotspot
ISPs will be implementing public hotspot capability to home routers in the millions over the next few years, says a report (PDF) by Juniper Research.
However, there’s a problem. Consumers don’t want to share their connections DSLReports the influential review and forum site says in an article related to the study. While ISPs are looking at home hotspots as a cheap way to increase Wi-Fi coverage, the “practice is alarming customers,” DSLReports says.
Juniper Research also thinks there might be trouble ahead. It says there’s a “real possibility of a backlash,” in its press release. It’s because the ISPs aren’t telling customers, Juniper thinks
… ISPs send firmware updates that convert the thought-of-as private hotspots to public hotspots, unannounced. Bandwidth is separated and the ISPs have said customers won’t notice any speed degradations. [...and if we do? Bob]




Probably unlikely, but could make an amusing case study. What would be the equivalent of a Hippocratic Oath? Perhaps a Hooper-cratic Oath – named after Grace Hopper?
Apple Engineers Might Refuse To Help Law Enforcement Unlock the iPhone
… workers who actually develop the technology also will factor mightily in the outcome of the battle, and their potential refusal to help law enforcement could further complicate the case.
Current and former Apple engineers, who work on mobile products and security, told The New York Times that they may refuse to do the work or even quit their jobs if a court tells them to create a go-around to the very software they worked to secure—a request that one expert equated to asking a doctor to prescribe a lethal drug.




Perspective. If manufacturing a self-driving car was easy, everyone would be doing it. Looks like it's easy.
Baidu to Test Drive Autonomous Cars in the U.S.
Baidu Inc. will soon start testing autonomous cars in the U.S., part of the Chinese tech giant’s effort to introduce a commercially viable model by 2018.
The move, disclosed by Baidu’s chief scientist Andrew Ng in an interview late Tuesday, is a significant step for the company, which is trying to get ahead in the race to build autonomous cars and is now calling on the resources of its Silicon Valley tech center to advance the effort. At the same time, Baidu is advocating for better coordination with the U.S. government, which the company says is necessary to get self-driving cars on the road.
Central to the push is Mr. Ng, an artificial-intelligence scientist who conducted groundbreaking research at Stanford University and at Alphabet Inc. ’s Google. He’s also a co-founder of online-learning company Coursera Inc.


(Related) Or maybe the future is “renting by the trip” or maybe something else entirely. Stay tuned!
For 100 Years, General Motors Was All About Cars. Now, It's All About People.
… the company is now aggressively working to build an economy that allows individuals to get around without buying a car.
… In January, GM unveiled Maven, a ride-sharing service within GM.
… To be sure, there are already on-demand car-rental services, including Zipcar and car2go. But these companies don’t have the manufacturing and engineering infrastructure of a global automaker behind them, says Steyn.
… Fundamental to the success of any of the GM’s ride and car-sharing programs is this idea that the company is and can be more than a car manufacturing giant. To do this, it must prove it can keep up with emerging trends in the auto industry, which Steyn predicts will “change more in the next five years than it has in the past 50.”




Is this critical or merely the FBI looking for headlines again?
FBI warns car makers and owners about vehicle hacking risks
The FBI and U.S. National Highway Traffic Safety Administration (NHTSA) issued a bulletin Thursday warning that motor vehicles are “increasingly vulnerable” to hacking.
“The FBI and NHTSA are warning the general public and manufacturers – of vehicles, vehicle components, and aftermarket devices – to maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles,” the agencies said in the bulletin.




My students might find this useful.
A Brief History of Robot Law
… The legal system has been wrestling with what robots can and can’t do for longer than you might think. A new paper by Ryan Calo, a law professor at the University of Washington, paints a surprisingly colorful picture of this history, which Calo dates back to a 1947 plane crash involving an Army fighter plane on autopilot.




(This is more advertising than deep economic thought, but I might be able to use it) Sometimes it is hard to convince my students that they need to demonstrate their professional abilities. I have Discussion posts submitted by texting on their smartphones, including abbreviations and emojis!
Skilled Professionals Will Dominate Gig Economy, Report Says
… while the emergence of the so-called gig economy has been exciting (and disrupting, too), a new report by Thumbtack, an online marketplace that helps skilled workers find customers, paints a bleak picture of the future of the low-skilled gig economy as we know it today.




For my game creators. Mission Impossible full face masks, without the mask! Really good artwork until you realize there is no artwork. It's all being created in real time.
'Hellblade' takes real-time motion capture to the next level
Yesterday, during the Epic Games keynote at GDC 2016, Ninja Theory showed off a live motion capture demo for Hellblade, its upcoming AAA indie title. The results are absolutely stunning. Tameem Antoniades, Ninja Theory's chief creative director, described the real-time animation performance as historic, and people at the event seemed to validate his excitement. Interestingly enough, the game has been renamed Hellblade: Senua's Sacrifice, paying tribute to the main character in this combat-heavy story. But you're probably here for the video, so have at it -- we promise it doesn't disappoint.


No comments: