Not a really quality video, but the content is an interesting insight into the challenges of developing TPM.
Category: Information Security
Fancy a bit of dumpster diving?
What’s new? Health records disposed of inappropriately in the U.S. Find more, including videos following the story at action3news
Another USB drive stolen
Unfortunately, nothing new! ‘Just’ another USB stolen in a school in Woodbridge, Virginia, USA. The content: personal information about students. What I couldn’t understand was this phrase in a letter to parents from the Principal of Lake Ridge Middle School: “Unfortunately, it is difficult to prevent the loss of confidential data resulting from unanticipated criminal activity.” Well, fortunately, it is simpler than he thinks to protect confidential data: encryption! There are some free tools out there that every school principal, teacher and even student should know about, such as, TrueCrypt.
Security Analysis of Electronic Health Records
A bit old news, which I picked up from the excellent Bruce Schneiers blog.
The Canadian government conducted a security audit of the electronic health record implementation in British Columbia. It shows just what you could expect: a severe lack of security of any kind.
The Vancouver Sun reported on this last month. The report is available as a pdf here.
The Swedish Media Council criticises Facebook
The Swedish Media Council published a report yesterday where they look at the social networking sites used by kids today (Facebook and Youtube among others).
The study is done from a Swedish perspective, which reflects the sites selected for the study, as well as the basis for what criteria should used for the study to some extent (they base part of the criteria on the Swedish law Law on responsibility for electronic billboards (1998:112), also known as the BBS-law).
They mainly look at how safe the site is from a user (kids) perspective. Safety here focuses on handling of user information, how user reports/issues are handled, conditions for membership and how easy it is to get information on, and in contact with the people running the site.
Unfortunately, the report does not go into all the details on the data they should have gathered in their research. Still an interesting read, and it should provide a good guide for parents looking out for their kids online.
The report is available as a download here. In Swedish only as far as I can tell.
U.S. House overwhelmingly passes cybersecurity research bill
The Cyber Security Research and Development Act of 2009, which passed by a vote of 422 to 5, authorizes the National Institute of Standards and Technology (NIST) to develop a cybersecurity education program that can help consumers, businesses, and government workers keep their computers secure.
“This bill will help improve the security of cyberspace by ensuring federal investments in cybersecurity are better focused, more effective, and that research into innovative, transformative security technologies is fully supported,” said Symantec CTO Mark Bregman. “HR 4061 represents a major step forward towards defining a clear research agenda that is necessary to stimulate investment in both the private and academic worlds, resulting in the creation of jobs in a badly understaffed industry.”
Article here
Stolen account information as a commodity
This came on the news this weekend:
Stolen account data from a bank in Switzerland are for sale for 2.5 million euros. German state says that it is considering a purchase, when calculating the opportunity to access 100 million in tax liabilities. Germany has previously made a similar deal with good profit back in 2008.
It all feels a little sad when it leads to the legitimizing this type of trade in personal data. Data that has been aquired through breaking the law (hacking).
Read all about it here
Novel ways to reach your end-users on the importance of information security in your organisation
Are you looking to find a way to reach your end-users to be serious about information security, but missing the mark. Take a look at this for a great novel idea something created by Application Security Incl., a digital comic.