The Silicon Underground

Home » Page 255

Anthem, HIPAA, and encryption

Dave Farquhar security February 10, 2015February 9, 2015breach, insurance companies, pentium ii, vulnerability, Wall Street Journal

Late last week, the Wall Street Journal reported that Anthem wasn’t encrypting the database containing tens of millions of health records that were stolen by sophisticated hackers.

There are numerous problems with that story, the first being that we don’t know yet whether the data was encrypted. There are other unconfirmed reports that say the attackers used a stolen username and password to get at the data, which, if that’s true, likely would have allowed them to decrypt the data anyway.

Still, I’m seeing calls now for the government to revise HIPAA to require encryption, rather than merely encourage it. And of course there are good and bad things about that as well.

“It was a sophisticated attack.”

Dave Farquhar security February 9, 2015February 6, 20151980s, antivirus, breach, command prompt

Every breach report contains the words “sophisticated attack.” Security pros like me see it as pure spin. Here’s why.

R.I.P. Radio Shack. I’ll miss what you once were.

Dave Farquhar Retail February 7, 2015February 5, 2025

I’ve tried several times to write a eulogy for Radio Shack. It’s not easy. The demise has been a foregone conclusion for a very long time, and it’s clear they could have done any number of things differently and survived in some form.

But they didn’t. Let me tell you about the last time I almost went to Radio Shack. Yes, almost.

Why every breach is different

Dave Farquhar security February 6, 2015February 5, 2015Adobe Acrobat, Adobe Flash, breach, Microsoft Office, unix, vulnerability, windows nt

I’ve grown used to being asked what unpatched vulnerability was used in the most recent breach, in an effort to make sure some other company is protected.

I appreciate the desire to learn from other companies’ mistakes and not repeat them. But there are several reasons why the answer to that question is complicated, and not necessarily helpful.

Not quite a new floor in a bottle, but…

Dave Farquhar Landlording February 5, 2015September 10, 2017Ammonia, kitchens, Pledge Floor Care, Stain, vinegar

There are several acrylic floor finishes–sometimes mistakenly called wax–that promise they’re like a new floor in a bottle. That’s a bit of an exaggeration, but if you have reasonable expectations, they definitely can make a floor look better and easier to clean. And depending on how you use them, they can even make the floor last longer.

Why you need a hobby

Dave Farquhar Baseball, Health, Toy trains February 3, 2015March 14, 2022baseball cards, classmate, Unintended consequences

As security professionals, we deal with a tremendous amount of stress. Like my boss circa 2015 told me about a week into our tenure together, we tend to be perfectionists, and frequently we’re asked to deal with the most cavalier people in our organization. It’s a toxic combination.

One of the first things that boss asked me after we met was what I think about at home. In all honesty, I can’t help but think about work sometimes. But I have a lot of other things I think about at home too. Important things like my family of course, but other important things too, like trains and baseball and baseball cards. And for the last few years I’ve been in the position of mentoring younger members of my team. I always tell them to get a hobby if they don’t have one.

How to ensure you never get another Windows tech support scam call again

Dave Farquhar scams February 2, 2015October 29, 2018AT&T, AT&T U-verse, phone service, spam, verizon, VOIP

I haven’t received a fake Windows tech support call in a very long time. A couple of the operations doing this have been shut down, but based on the continued popularity of the things I’ve written about them, I wonder if some people are still getting them.

That makes me reluctant to block them, just in case they call me again, but if you’re getting those calls and want them to stop, I can tell you how to do that.

My 11th ’35 Goudey: Four Dodgers

Dave Farquhar Baseball February 1, 2015January 18, 2015Burleigh Grimes, Goudey, New York

Like my 10th card, my 11th card was also an Ebay win. It featured four Dodgers players. It’s a common card, with no Hall of Famers, but all of the players were starters for the Dodgers–no filling up space with utility infielders or middle relievers on this card, at least. A Dodgers fan unwrapping this card in 1935 wouldn’t have been too disappointed.

And even though there are no Hall of Famers on the card, there are some interesting stories here. Two of the players were once traded for each other before becoming teammates, and one of the players was the oldest surviving player to play for all three New York teams when he died at the age of 99.

My 10th ’35 Goudey: Ted Lyons and Mule Haas

Dave Farquhar Baseball January 31, 2015January 18, 2015Chicago White Sox, Connie Mack, Goudey, Major League, Major League Baseball, Marine Corps, National League, Philadelphia Athletics

Once I’d drained my local supply of 1935 Goudeys, I turned to Ebay. To keep some sport in it and keep costs down a bit, initially I decided to limit myself to auction listings rather than buy-it-nows.

The first time I looked, I could have bought every ’35 I lacked, spare one, via buy-it-now, and the one I couldn’t find wasn’t an expensive card. To me, that’s not really collecting. Collecting ought to involve some chase, and waiting an extra week for a com

So, in that spirit, I bid on a 1935 card featuring four Chicago White Sox one Sunday evening, and won.

How to re-attach an Omnipod pod

Dave Farquhar Health January 30, 2015July 27, 2016insulin, medtronic

My wife is a type 1 diabetic, and for the past year or so she’s been using an Omnipod to deliver the insulin she needs. She likes the Omnipod a lot better than the old-fashioned Medtronic insulin pumps she used to use, but one problem with the pods is that they can come off before their useful life is over. The pods cost around $20 and our insurance doesn’t cover any extras, so it’s important to be able to revive or restore the Omnipod adhesive if a pod comes unstuck.

The pods are supposed to last three days, but sometimes the adhesive only lasts a day or so. Humidity, sweating from activity, swimming and bathing can all make the adhesive fail prematurely. It seems the pods themselves are a lot more waterproof than the adhesive is. Then again, she says sometimes just the force of changing clothes can be enough to knock a pod off.