- HP’s IoT Security Research (PDF) — 70% of devices use unencrypted network services, 90% of devices collected at least one piece of personal information, 60% of those that have UIs are vulnerable to things like XSS, 60% didn’t use encryption when downloading software updates, …
- USB Security Flawed From Foundation (Wired) — The element of Nohl and Lell’s research that elevates it above the average theoretical threat is the notion that the infection can travel both from computer to USB and vice versa. Any time a USB stick is plugged into a computer, its firmware could be reprogrammed by malware on that PC, with no easy way for the USB device’s owner to detect it. And likewise, any USB device could silently infect a user’s computer. “It goes both ways,” Nohl says. “Nobody can trust anybody.” […] “In this new way of thinking, you can’t trust a USB just because its storage doesn’t contain a virus. Trust must come from the fact that no one malicious has ever touched it,” says Nohl. “You have to consider a USB infected and throw it away as soon as it touches a non-trusted computer. And that’s incompatible with how we use USB devices right now.”
- AdBlock vs AdBlock Plus — short answer: the genuinely open source AdBlock Plus, because AdBlock resiled from being open source, phones home, has misleading changelog entries, …. No longer trustworthy.
More visible at Health Privacy Summit than Health Datapalooza.
On the first morning of the biggest conference on data in health care–the Health Datapalooza in Washington, DC–newspapers reported a bill allowing the Department of Veterans Affairs to outsource more of its care, sending veterans to private health care providers to relieve its burdensome shortage of doctors.
There has been extensive talk about the scandals at the VA and remedies for them, including the political and financial ramifications of partial privatization. Republicans have suggested it for some time, but for the solution to be picked up by socialist Independent Senator Bernie Sanders clinches the matter. What no one has pointed out yet, however–and what makes this development relevant to the Datapalooza–is that such a reform will make the free flow of patient information between providers more crucial than ever.