Language Selection

English French German Italian Portuguese Spanish

Hacker hits Duke U

Filed under
Security

A hacker broke into the Duke University Medical Center computer system last week, stealing thousands of passwords and fragments of Social Security numbers, Duke officials said Friday.

Duke is notifying about 14,000 people, roughly 10,000 of whom are medical center employees, that their information may have been compromised and is advising people to change passwords if they use the same one for multiple purposes.

Other individuals affected include alumni of the Duke University School of Medicine, physicians and other clinicians who registered online for some types of continuing medical education at Duke and others who accessed certain Web pages maintained by the medical school.

The incident is the latest in a series of security breaches nationally at banks and other major organizations that store personal information. This is one of the largest yet to hit the Triangle.

None of the Duke computer databases broken into contained personal financial data or patient information, according to the medical center. The hacker did grab about 5,500 computer passwords and the users' first and last names. In addition, the hacker stole about 9,000 partial Social Security numbers -- either the last four digits or the last six digits.

Full Story.

More in Tux Machines

OSS and Sharing/Standards Leftovers

  • Linux Announces New Open Network Automation Platform Project
    The Linux Foundation has announced the creation of the new Open Network Automation Platform (ONAP) Project with the merger of Open Orchestrator Project (OPEN-O) and open source ECOMP. This new platform will help in designing, automating, orchestrating, and managing network services and virtual functions by creating a comprehensive and a harmonized framework that allows virtual network functions to be automated by using real-time, policy-driven software.
  • Open-Source Networking Is Coming of Age
    Service providers of all sizes and types should take note of some changes occurring across the open-source community—changes that promise to accelerate the adoption of software-defined networks (SDN). The first is a decision by AT&T to open source the ECOMP management and orchestration (MANO) framework it developed via the Linux Foundation. Through a variety of working groups, the foundation has been accelerating the development of core network function virtualization (NFV) software and associated SDN technologies. But a big piece missing from that equation has been the management plane.
  • CAVO Continues to Advance Open Source for Democracy [Ed: Remember what Microsoft did there]
    OSI Affiliate Member, the California Association of Voting Officials (CAVO), has shared some exciting news regarding their advocacy work in San Francisco: according to the San Francisco Examiner, the city of San Francisco is pushing forward with plans to develop their open source election system. In addition, the paper is reporting that the San Francisco Elections Commission voted unanimously on Feb 17th to request $4 million to fund the initial stages of the open source voting system. For many years board members of CAVO have been urging San Francisco to expedite, "the creation and deployment of a GPL v3 open source / paper ballot printing system that would set the standard for voting systems nationally." According to CAVO, currently only New Hampshire has deployed a voting system using open source software, Prime III.
  • Mozilla Acquires Pocket, Will Open Source Pocket Code
    Chances are you've heard the new: Mozilla has acquired Pocket, the go-to 'read it later' service, and says it plans to open-source Pocket code in due course.
  • The Speed Of LLVM's LLD Linker Continues Looking Good
    LLVM's LLD linker still isn't too widely used yet on Linux systems, but the performance of this linker alternative to GNU Gold and GNU ld are quite compelling. We've written many times before about the much progress and better performance of "the LLVM linker" while some new numbers were committed to the LLD documentation.
  • Welcome to Code.mil - an experiment in open source at the Department of Defense!
  • DoD Announces the Launch of “Code.mil,” an Experiment in Open Source
    The Department of Defense (DoD) announced the launch of Code.mil, an open source initiative that allows software developers around the world to collaborate on unclassified code written by federal employees in support of DoD projects.
  • An Introduction to Open Data Kit

Leftovers: Software

  • Linux Command Line Browser To Surf Internet
    Links is an open source text and graphical web browser with a pull-down menu system. It renders complex pages, has partial HTML 4.0 support (including tables and frames and support for multiple characters sets such as UTF-8), supports color and monochrome terminals and allows horizontal scrolling. It’s very useful for low resources computers because day by day the web pages are bigger and heavier. If your computer doesn’t have a suitable performance you’ll have some mistakes while you’re surfing. So, Links is much faster than any common web browser (with GUI) because it doesn’t load all the content of a website, for example, videos, flash, etc.
  • Stacer – The Linux System Optimizer You’ve Been Waiting For
    System optimizer apps are quite the thing on platforms such as Windows and Android. Their usefulness, however, is debatable considering how notorious they are when it comes to using system resources. On the Linux platform, however, we can almost always find the applications, a developer puts their time in developing to be mostly useful. Stacer is one such app created to better optimized your Linux PC in the sense that it packs quite the list of features you’d normally expect from an optimizer and more to give your system a refresh whenever you feel the need.
  • Ulauncher – A Lightweight Application Launcher for Linux
    Each Desktop environment has the own launcher and doing their job nicely but it take a while to launch the application whenever we are searching. Ulauncher is a lightweight application launcher that loads instant search results, usese low resources, and remembers your previous choices and automatically selects the best option for you. It’s written in Python and uses GTK as a GUI toolkit. When you are typing wrong application name, after few words or spelling, it will figure out what you meant. Use Ulauncher to open your files and directories faster with fuzzy search. Type ~ or / to start browsing. Press Alt+Enter to access the alt menu.

Linux Kernel and Graphics

Security News

  • Windows 10 least secure of Windows versions: study
    Windows 10 was the least secure of of current Windows versions in 2016, with 46% more vulnerabilities than either Windows 8 or 8.1, according to an analysis of Microsoft's own security bulletins in 2016. Security firm Avecto said its research, titled "2016 Microsoft Vulnerabilities Study: Mitigating risk by removing user privileges", had also found that a vast majority of vulnerabilities found in Microsoft products could be mitigated by removing admin rights. The research found that, despite its claims to being the "most secure" of Microsoft's operating systems, Windows 10 had 395 vulnerabilities in 2016, while Windows 8 and 8.1 each had 265. The research also found that while 530 Microsoft vulnerabilities were reported — marginally up from the 524 reported in 2015 — and 189 given a critical rating, 94% could be mitigated by removing admin rights. This was up from 85% in 2015.
  • Windows 10 Creators Update can block Win32 apps if they’re not from the Store [Ed: By Microsoft Peter. People who put Vista 10 on a PC totally lose control of that PC; remember, the OS itself is malware, as per textbook definitions. With DRM and other antifeatures expect copyright enforcement on the desktop soon.]
    The latest Windows 10 Insider Preview build doesn't add much in the way of features—it's mostly just bug fixes—but one small new feature has been spotted, and it could be contentious. Vitor Mikaelson noticed that the latest build lets you restrict the installation of applications built using the Win32 API.
  • Router assimilated into the Borg, sends 3TB in 24 hours
    "Well, f**k." Harsh language was appropriate under the circumstances. My router had just been hacked. Setting up a reliable home network has always been a challenge for me. I live in a cramped three-story house, and I don't like running cables. So my router's position is determined by the fiber modem in a corner on the bottom floor. Not long after we moved in, I realized that our old Airport Extreme was not delivering much signal to the attic, where two game-obsessed occupants fought for bandwidth. I tried all sorts of things. I extended the network. I used Ethernet-over-powerline connectors to deliver network access. I made a mystic circle and danced naked under the full moon. We lost neighbors, but we didn't gain a signal.
  • Purism's Librem 13 Coreboot Port Now "100%" Complete
    According to Purism's Youness Alaoui, their Coreboot port to the Librem 13 v1 laptop is now considered complete. The Librem 13 was long talked about having Coreboot over a proprietary BIOS while the initial models still had shipped with the conventional BIOS. Finally in 2017, they have now Coreboot at what they consider to be 100% complete for this Linux-friendly laptop.
  • The Librem 13 v1 coreboot port is now complete
    Here are the news you’ve been waiting for: the coreboot port for the Librem 13 v1 is 100% done! I fixed all of the remaining issues, it is now fully working and is stable, ready for others to enjoy. I fixed the instability problem with the M.2 SATA port, finished running all the tests to ensure coreboot is working correctly, fixed the headphone jack that was not working, made the boot prettier, and started investigating the Intel Management Engine issue.
  • Linux Update Fixes 11-Year-Old Flaw
    Andrey Konovalov, a security researcher at Google, found a use-after-free hole within Linux, CSO Online reported. This particular flaw is of interest because it appears to be situational. It only showed up in kernels built with a certain configuration option — CONFIG_IP_DCCP — enabled.