Lucas123 writes "Over the past three years, about 21 million patients have had their unencrypted medical records exposed in data security breaches that were big enough to require they be reported to the federal government. Each of the 477 breaches that were reported to the Office for Civil Rights (OCR) involved 500 or more patients, which the government posts on what the industry calls 'The Wall of Shame.' About 55,000 other breach reports involving fewer than 500 records where also reported to the OCR. Among the largest breaches reported was TRICARE Management Activity, the Department of Defense's health care program, which reported 4.9 million records lost when backup tapes went missing. Another five breaches involved 1 million or more records each. Yet, only two of the organizations involved in the breaches have been fined by the federal government."
Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.
netbuzz writes "Employment research firm Foote Partners says U.S. labor statistics from last month reveal an increase of some 18,200 jobs in IT, which represents the largest such monthly jump since 2008. 'The overall employment situation in the U.S. is lackluster, in fact this is the fifth consecutive month of subpar results,' says David Foote. 'But the fact that more than 18,000 new jobs were created last month for people with significant IT skills and experience — and nearly 57,000 new jobs added in the past three months — is incredibly good news.'"
Sparrowvsrevolution writes "Every day or so of the last six months, Carnegie Mellon computer security professor Nicolas Christin has crawled and scraped Silk Road, the Tor- and Bitcoin-based underground online market for illegal drug sales. Now Christin has released a paper (PDF) on his findings, which show that the site's business is booming: its number of sellers, who offer everything from cocaine to ecstasy, has jumped from around 300 in February to more than 550. Its total sales now add up to around $1.9 million a month. And its operators generate more than $6,000 a day in commissions for themselves, compared with around $2,500 in February. Most surprising, perhaps, is that buyers rate the sellers on the site as relatively trustworthy, despite the fact that no real identities are used. Close to 98% of ratings on the site are positive."
waderoush writes "PARC research fellow Van Jacobson argues that the Internet was never designed to carry exabytes of video, voice, and image data to consumers' homes and mobile devices, and that it will never be possible to increase bandwidth fast enough to keep up with demand. In fact, he thinks that the Internet has outgrown its original underpinnings as a network built on physical addresses, and that it's time to put aside TCP/IP and start over with a completely novel approach to naming, storing, and moving data. The fundamental idea behind Jacobson's alternative proposal — Content Centric Networking — is that to retrieve a piece of data, you should only have to care about what you want, not where it's stored. If implemented, the idea might undermine many current business models in the software and digital content industries — while at the same time creating new ones. In other words, it's exactly the kind of revolutionary idea that has remade Silicon Valley at least four times since the 1960s."
sweetpea86 writes "Mekong Development has become the first bank in Vietnam to launch fingerprint authentication enabled debit cards. Fingerprints are captured by Mekong Development at the point of opening an account, and then can be used, instead of a pin, to access funds. Not only has Mekong's account base tripled through the use of fingerprint technology since its launch in June, but the deposit balance per debit card account is two times higher than a regular account."
An anonymous reader writes "In a new study, Barracuda Labs analyzed a random sampling of more than 70,000 fake Twitter accounts that are being used to sell fake Twitter followers. They also analyzed some of the people that are using such fake followers including the recent example of U.S. presidential candidate Mitt Romney's Twitter account. Between Facebook's 10-Q filing stating that 83 million of its accounts are fake, to Mitt Romney's Twitter account recently falling under scrutiny for suspicious followings, fake social network profiles are a hot topic at the moment. And these fake profiles are at the center of a very vibrant and growing underground economy. This underground economy consists of dealers who create and sell the use of thousands of fake social accounts, and abusers who buy follows or likes from these fake accounts to boost their perceived popularity, sell advertising based on their now large social audience or conduct other malicious activity."
Nerval's Lobster writes "Between 4:52 and 5:12 on August 3, attackers used Wired writer Mat Honan's Apple ID to wipe his MacBook, before seizing control of his Gmail and other online identities ('My accounts were daisy-chained together,' he wrote in an Aug. 6 postmortem on Wired), and posting a message on Twitter for all to see: 'Clan Vv3 and Phobia hacked this twitter.' In the wake of Honan's high-profile hack, there are some key takeaways. Even if a typical user can't prevent a social-engineering attack on the company hosting their cloud account, they can armor their online life in ways that make attacks more difficult. First, two-factor authentication can prevent an attacker from seizing control of those vital 'hub' accounts (such as Gmail) where users tend to store much of their most vital information. Google offers two-step verification for signing in, as does Facebook. The truly security-conscious can also uncouple their cloud accounts; for example, making sure that iCloud and iTunes use two different sets of credentials. That might rob daily life in the cloud of some of its convenience, but it could also make you a harder target." Update: 08/08 01:17 GMT by S : This high-profile security breach has had an impact already: Apple has suspended password resets through customer support, and Amazon no longer lets users call in to change account settings.
coondoggie writes with word that a "group of researchers is proposing a sensor that would authenticate mobile and wearable computer systems by using the unique electrical properties of a person's body to recognize their identity. In a paper [presented Monday] at the USENIX Workshop on Health Security and Privacy, researchers from Dartmouth University Institute for Security, Technology, and Society defined this security sensor device, known as Amulet, as a 'piece of jewelry, not unlike a watch, that would contain small electrodes to measure bioimpedance — a measure of how the body's tissues oppose a tiny applied alternating current- and learns how a person's body uniquely responds to alternating current of different frequencies.'"
An anonymous reader writes "IEEE Spectrum reports on a method that exploits the decaying contents of unpowered computer memory to create an hourglass-like 'time machine' that rate limits brute force attacks against contactless smartcards and RFIDs. The paper takes an odd twist on the 'cold boot' attack reported four years ago at USENIX Security. Not quite as cool as a hot tub time machine though. " Full paper (PDF).
An anonymous reader writes "Apparently someone set up a fake Twitter account under the name of a Russian Foreign Minister and said President Assad of Syria had been hurt/killed. From the article: 'The ministry and the embassy denied the veracity of the report and a message later appeared on the same Twitter account saying "this account is a hoax." It did not say what the aim of the hoax was although it had briefly affected oil markets.'"
1sockchuck writes "Some data centers are kept as chilly as meat lockers. But IT operations in colder regions face challenges in managing conditions — hence Facebook's to use environmentally controlled trucks to make deliveries to its new data center in Sweden, which is located on the edge of the Arctic Circle. The problem is the temperature change in transporting gear. 'A rapid rate of change (in temperature) can create condensation on the electronics, and that's no good,' said Facebook's Frank Frankovsky."
zacharye writes "Bruised mobile carriers such as AT&T and Verizon are 'fighting back' against Apple's iPhone, despite the fact that the device has helped them eke out consistently higher average revenue per wireless subscribers since its launch. To hear the carriers tell it, the iPhone is a major inhibitor to their profits as last year they were 'only' generating wireless service profit margins in the 38% to 42% range. But ever since these beleaguered companies started 'fighting back' by implementing data caps, increasing fees for device upgrades and implementing longer waiting periods before users can switch devices, they’ve seen their wireless service profit margins surge. AT&T reported a 45% margin in Q2 2012 and Verizon reported a record-high 49% margin."
DavidGilbert99 writes "The Iranian minister for telecommunication has said that the government will be taking key ministries and state agencies offline in the next month to protect sensitive information from cyber-attacks. However this move is just the initial step in an 18 month plan to take the country off the world wide web, and replace it with a state-controlled intranet. From the article: 'The US began offensive cyber-attacks against Iran during the presidency of George W. Bush when the Olympics Games project was founded. Out of this was [born] the Stuxnet cyber-weapon, which was designed to specifically target the Natanz nuclear enrichment facility in Iran.'"
wiredmikey writes "Microsoft has released the public version of Attack Surface Analyzer, a tool designed to help software developers and independent software vendors assess the attack surface of an application or software platform. The tool was pushed out of beta with Version 1.0 released on Thursday. Since ASA doesn't require the original source code, managers and executives can also use the tool to determine how a new application or software being considered would affect the organization's overall security before deploying it. The tool takes snapshots of the system before and after an application was installed, and compares them to identify changes made when new applications were installed. A stand-alone wizard guides users through the scanning and analysis process and a command-line version is available for use with automated tools. Attack Surface Analyzer 1.0 can be downloaded from Microsoft here."
wrekkuh writes "The Economist has printed an interesting look at the concerns and speculations of the fast-growing Chinese telecom giant Huawei, and its spread into western markets. Of particular concern is Huawei's state funding, and the company's founder, Ren Zhengfei, who once served as an engineer in the People's Liberation Army (PLA). However, another article from The Economist goes into greater detail about the steps Huawei has taken to mitigate some of these concerns in England — including co-operating with the GCHQ in Britain, the UK's signals-intelligence agency, to ensure equipment built by Huawei is not back-doored."