“Would you like this to save your password?”

                        

As the consumer we take a look at our everyday electronics and just want things to be easier, more streamlined, so that we are more efficient and proactive in our daily work. Things like a set list of programs that launch when you log into your computer and playlists in on iTunes make things a lot more easier and we allow our computers to do the work for us at that point.

Another thing to make our lives easier would be the ability store and keychain passwords for sites on your favorite web browsers like FireFox or Googles own browser “Chrome.” Quite often you may find yourself logging into something like Facebook and Chrome will ask if you want to save this password so you can save yourself 10 seconds of typing a username and password the next time you log in. This makes things so much simpler, because it’ll aid when you have multiple passwords to deal with or when logging into multiples emails and checking several bank accounts online. This is bad! We as the users have compromised security with the hopes of saving a couple of seconds. The point of a password to lock down information. There are programs that allow a user to see the passwords keychained in their browser from their own computer which in a sense would be beneficial if a user relied on the browser so much they even forgot their own password.

Lets take a look at this from a more critical standpoint. Let’s say a corporate big wig steps away from their computer for a couple minutes to use the “restroom” and they have their favorite web browser store all their passwords for them. A hacker can easily get on the computer, and see those store passwords and the websites associated with them. This is a huge issue, because for those as well who have a habit of having similar passwords for multiple log ins, future passwords can also be cracked. Sure this may not be scenario that doesn’t apply to everyone, but can definitely apply to anyone that checks their bank statements online or even can have their reputation torn into shreds because a hacker stole their Facebook password. We need to be careful when letting our machines do everything for us.

Links:

http://www.google.com/support/forum/p/Chrome/thread?tid=782b537929dad8b4&hl=en

http://www.howtogeek.com/70146/how-secure-are-your-saved-chrome-browser-passwords/

Your Heartbeat Could Replace Computer Password

Soon your heartbeat could replace your computer passwords

The uniqueness our your heartbeat could provide the encryption needed to unlock your various devices. A scientific team has successfully translated a human heartbeat into an encryption key. Each person has a unique heartbeat and it also never repeats its pattern so you would never get the same encryption key twice.

The goal is to integrate the system into hardware so that users can both encrypt and decrypt their devices with the touch of their hand.

The research was conducted by Chun-Liang Lin at the National Chung Hsing University in Taichung, Taiwan.

links: NewScientist, Original Article

Anonymous – A Brief History

With the amount of time they have spent on the news over the last 18 months I think it is safe to assume that we all know about Anonymous. However, how many people really understand how anonymous was first created? I figured that because we all understand online culture in our own way, and maybe some of the students in this class understand more than others. At the bottom of this posting I will be listing a few websites and blogs that you can follow if you wish to keep a closer eye on Anonymous after reading this post.

To start this story off I will have to take you all back to the year 2003, and an old school blog/image board called 4Chan. When 4Chan was first created by Christopher Poole, he intended it to be a place that American teens would be able to congregate to talk about Japanese anime, post messages and images anonymously.

The reason Anonymous has proven to be a power house on the World Wide Web is that fact that they have no real structure that can be attacked. Think of the group as a living organism that takes on new members, and loses member in the same manner that the human body creates and loses cells. Anonymous members have the ability to do whatever they want within the group, and because there is no leadership in the traditional manner, when members are arrested there is no slowdown in the movement.

The ideology of this organization is something that a lot of online users and legal groups have spent a lot of time talking about because of so many things that the group has taken part in. One thing you need to keep in mind is the lack of true leadership. Because the group has no leaders there is not going to be one set of ethical beliefs that will dictate the actions of the group.  So that is why you have heard about Anonymous attacking government organizations, financial, and even raciest websites.

I first started hearing about Anonymous in 2010 because of the controversy of the website Wikileaks. Wikileaks came under attack by the United States because of the information that was posted. And the fact that the U.S. influenced financial institutions PayPal, Visa, and MasterCard to the point of freezing Wikileaks accounts. Anonymous took it as a personnel attack on people’s freedom to free information, and ended up using a Denial of Service Attack (DDOS) to the point that it crashed their websites.

By Robert Tanner

The blog below showcases almost everything Anonymous has done to date, or is planning to do in the near future.

Website/blogs:

http://anonops.blogspot.com/

http://www.4chan.org/

The Importance of Securing Medical Information

Today, a great deal of sensitive information is available online. With an ongoing shift of patient’s medical records from analog to electronic, and an increasing desire for patients to access their information remotely, a much greater pressure has been placed on those who secure this information. No longer is the theft of medical information simply a matter of keeping doors locked and information in the right physical hands. Now that this information is available via an internet connection, it has become far more vulnerable to being put in the wrong hands. According to a report from Redspin, Inc., a company dedicated to providing information security assessments, “incidents [involving health security breaches] have been reported in nearly all 50 states and the total number of records breached increased 97%” from 2010 to 2011(The Sacramento Bee).

With this in mind, doctors and patients must now figure out new ways to ensure that patients’ records are accessible remotely while not being able to be accessed by eavesdroppers, how medical information can be transferred from hospital to hospital without  being intruded upon, and how all of this can be managed with the information intact and unmodified.

The importance of keeping medical information secure and intact begins with the fact that doctors have to rely on this information to make proper diagnoses. If this information is modified in any way, no matter how small it may be, there may be the possibility of an incorrect diagnosis that could lead, if it becomes severe enough, to further medical problems and death(Ivanov, Yu and Baras). Another more immediate problem that could come if your medical information is stolen or modified is the fact that you may be charged for large bills in your name, potentially maxing out your health care plan and putting you into serious debt(Coalition Against Insurance Fraud) .

Thankfully, there are several current medical policies that help to prevent these kinds of things from happening. The Health Insurance Portability and Accountability Act of 1996(HIPAA) is currently set up in order to provide a blanket of security over your medical information. According to the act’s guidelines, most information relating to your health records is to be kept private between you and your health care provider unless you specifically give written permission for it to be shared with anyone other than yourself or your healthcare provider(HHS.gov). This can help to safeguard your information from those who would use your information for unethical reasons. Most of the states will also have other laws on top of that to provide a further layer of security (Movers.org).

However, there are still some vulnerabilities in the system. What happens if you sign to give information to an organization that appears to be legitimate, but turns out to be nothing more than a facade for the very people who covet these records for their value? What would happen if someone was able to obtain this information through bribery or theft of your own means of identification? What if an attacker was able to somehow break through the encryption keys on your medical records?

Even with these questions in mind, there are many different ways that you can keep your information secure and out of the hands of thieves, including:

  1. Keeping your medical insurance card protected and notifying your insurance company immediately after you lose it or have it stolen (Silver Planet)
  2. Being more wise in choosing what clinics you are giving your information to, avoiding clinics that advertise with gimmicks (Silver Planet)
  3. Making sure that the information provided by your insurance company through their explanation of benefits (EOB) forms is accurate, including your doctor’s names (Silver Planet) and treatments that you have received (CAIF)
  4. Calling your insurance provider or asking your doctor for a summary of medical procedures made in the last year (Silver Planet)
  5. Always reviewing your medical information before you go under surgery, no matter the scale (Silver Planet)

With today’s technologies making a great deal of information available over the internet, including medical information, there has been an increase in people who are able to find ways to obtain this information through illegal means. This has put a great stress on patients, doctors and maintainers of medical information to keep this information safe due to the severe consequences that could come if the security weakened in any way. With this in mind, several new polices have made the protection of this information more streamlined and easier to enforce. However, the best and most assured way to secure this information is to take steps to protect it yourself.

That said, if you suspect that something is fishy with your medical records, through the means provided or otherwise, contact the authorities as soon as possible(CAIF). You life may be on the line.

Sources:

http://www.sacbee.com/2012/02/01/4230093/redspin-reports-on-the-state-of.html

http://www.insurancefraud.org/medical_id_theft.htm

http://www.isr.umd.edu/~baras/publications/journals/Ivanov_Yu_Baras_Securing_communication_of_medical_information.pdf

http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html

http://www.movers.com/moving-guides/transferring-medical-records.html

http://www.silverplanet.com/scams/identity-theft/real-threat-medical-identity-theft/56573

Is Your Smartphone Really in Danger!!!

There is a lot of talk about a lack of awareness for securing mobile devices.  On a PC we have known and have probably been affected by a virus or malware.  Most smartphone users also believe there device is susceptible to these same viruses.  This is where experts disagree.  Some have advised against using anti-virus software, as it can be bad for the operating system (OS). Anti-virus software makers would like us to be differently.   “You could say that the anti-virus software makers have a great interest in playing up the danger, sometimes bigger than it really is,” says Juergen Schmidt.

The threat of malware or a virus on mobile operating systems differs across platforms.  Android is deemed to be the least secure at this point, though it comes down to not paying attention to where and how you are getting the apps.  Once again Apple is the top dog for the most secure platform as Apps can only be installed through the Apples App Store unless you are jailbroken, but that is a whole seperate story.  Downloading from a trusted source is currently the best type of security.

One of the reasons anti-virus software is discouraged is because it slows down the phone and drains the battery.  All of the manufacturers are trying to get longer battery life and faster phones and an anti-virus app could slow it down and stall that movement foward.  Current anti-virus software is not to the ponit where it is beneficial on smartphones.  The security needs to start in the App Store or the Android Market.  A user must read reviews on apps and in most cases the larger the userbase of the app the more secure it is.  It is also a great idea to see what the app will be using, which is a warning before every download on android.  This does leave open the people that download third party apps but those are downloader beware!!

http://www.newsfactor.com/fullpage/fullpage.xhtml?dest=%2Fstory.xhtml%3Fstory_id%3D81139%26page%3D1