Language Selection

English French German Italian Portuguese Spanish

Security: Updates, Mirai and Singapore's Massive Breach

Filed under
Security
  • Security updates for Friday
  • Mirai botnet hackers [sic] avoid jail time by helping FBI

    The three men, Josiah White, 21, Dalton Norman, 22, and Paras Jha, 22, all from the US, managed to avoid the clink by providing "substantial assistance in other complex cybercrime investigations", according to the US Department of Justice. Who'd have thought young hacker [sic] types would roll over and show their bellies when faced with prison time....

  • A healthcare IT foundation built on gooey clay

    Today, there was a report from the Solicitor General of Singapore about the data breach of the SingHealth systems that happened in July.

    These systems have been in place for many years. They are almost exclusively running Microsoft Windows along with a mix of other proprietary software including Citrix and Allscript. The article referred to above failed to highlight that the compromised “end-user workstation” was a Windows machine. That is the very crucial information that always gets left out in all of these reports of breaches.

    I have had the privilege of being part of an IT advisory committee for a local hospital since about 2004 (that committee has disbanded a couple of years ago, btw).

    [...]

    Part of the reason is because decision makers (then and now) only have experience in dealing with proprietary vendor solutions. Some of it might be the only ones available and the open source world has not created equivalent or better offerings. But where there are possibly good enough or even superior open source offerings, they would never be considered – “Rather go with the devil I know, than the devil I don’t know. After all, this is only a job. When I leave, it is someone else’s problem.” (Yeah, I am paraphrasing many conversations and not only from the healthcare sector).

    I recall a project that I was involved with – before being a Red Hatter – to create a solution to create a “computer on wheels” solution to help with blood collection. As part of that solution, there was a need to check the particulars of the patient who the nurse was taking samples from. That patient info was stored on some admission system that did not provide a means for remote, API-based query. The vendor of that system wanted tens of thousands of dollars to just allow the query to happen. Daylight robbery. I worked around it – did screen scrapping to extract the relevant information.

    Healthcare IT providers look at healthcare systems as a cashcow and want to milk it to the fullest extent possible (the end consumer bears the cost in the end).

    Add that to the dearth of technical IT skills supporting the healthcare providers, you quickly fall into that vendor lock-in scenario where the healthcare systems are at the total mercy of the proprietary vendors.

More in Tux Machines

Games: Jenny LeClue - Detectivu, Death Trash and GOG Gaming

Fast Linux Application Launcher Ulauncher 5.3.0 Stable Released

Ulauncher is an open source application launcher for Linux that can be extended to perform various other tasks through addons. The application features fuzzy search, custom color themes, and it can browse through system directories. Under the hood, Ulauncher uses Python with GTK for the launcher user interface, and HTML/JS rendered in a Webkit frame for the preferences window. Open it using a keyboard shortcut (Ctrl + Space by default), then type a few letters of your search query, use the Up / Down arrows to navigate through the results, and press the Enter key to launch the selected item. The Ulauncher window will close as soon as you press Enter. You may also launch an item using Alt + 1 for the first item in the Ulauncher list, Alt + 2 for the second, and so on. Don't worry if you have a typo - thanks to Ulauncher's fuzzy search, the application will figure out what you meant in most cases. Also, the launcher remembers your previous choices, automatically selecting them in the future. Read more

Introducing ‘Stealing Ur Feelings,’ an Interactive Documentary About Big Tech, AI, and You

The six-minute documentary explains the science of facial emotion recognition technology and demystifies how the software picks out features like your eyes and mouth to understand if you’re happy, sad, angry, or disgusted. While it is not confirmed whether big tech companies have started using this AI, “Stealing Ur Feelings” explores its potential applications, including a Snapchat patent titled “Determining a mood for a group.” The diagrams from the patent show Snapchat using smartphone cameras to analyze and rate users’ expressions and emotions at concerts, debates, and even a parade. The documentary was made possible through a $50,000 Creative Media Award from Mozilla. The Creative Media Awards reflect Mozilla’s commitment to partner with artists to engage the public in exploring and understanding complex technical issues, such as the potential pitfalls of AI in dating apps (Monster Match) and the hiring process (Survival of the Best Fit). “Stealing Ur Feelings” is debuting online alongside a petition from Mozilla to Snapchat. Viewers are asked to smile at the camera at the end of the film if they would like to sign a petition demanding Snapchat to publicly disclose whether or not it is already using facial emotion recognition technology in its app. Once the camera detects a smile, the viewer is taken to a Mozilla petition, which they can read and sign. Read more

Today in Techrights