Lees and Orts

That whole internet of thangs idea just keeps sounding better and better, n’est-ce pas? Internet-connected medical devices (MRI machines, CT scanners and dialysis pumps for pity’s sake) are increasingly being targeted by hackers looting patient medical records. Attackers consider the devices soft digital targets, seldom guarded with same security as client PCs and servers within hospitals. And that’s because the idiots making this shit are using EoL versions of Windows that a.) aren’t supported, b.) updated or, c.) otherwise secure. I mean, these guys/gals are using Conficker, which was sparkling new back in say…2009.

Meanwhile, over at the internet of cars meme, some folks are fairly insistent about what they think on-board WiFi is going to need: Public Knowledge and The New America Open Technology Institute filed a petition last month with the FCC that demands, among other things:

  • Limit DSRC to life and safety uses only. The auto industry plans to take spectrum allocated for safety of life and monetize it with advertising and mobile payments. This compromises cybersecurity and potentially violates the privacy of every driver and passenger.
  • Require automakers to file a cybersecurity plan before activating DSRC systems. This plan should not only show that auto manufacturers have taken appropriate precautions today, but explain how they will update security over the life of the vehicle.
  • Data transparency and breach notification. Auto manufacturers must inform purchasers of DSRC-equipped cars what personal information they collect and how they will use that information. In the event of a data breach, the manufacturer collecting the information must notify the customer.

I’ve no idea what idiot thought adding WiFi to your car in order to browse the internet while you’re already texting was a good idea, but he should be summarily shot.

This is a good read on the hackers the NSA employs, done by Peter Maas of I Hunt Sysadmins infamy.

Back in the middle of June Apple announced some new security and privacy features, including a little gem called “Differential Privacy” in order to improve the privacy of their data collection practices.

I don’t know about you but I knew little about the workings of differential privacy and so went digging for source material, which I found here.

It’s a bit of a read but the long and short of it is Apple plans on collecting even more data from your iPhone. The rationale for this is to improve service, NOT collect individual users’ usage habits. And to assure this happens Apple will apply the differential privacy formula to ensure that the aggregate data doesn’t leak individual contributions.

We’ll see…

Something to say...?