OH BOY.
Im trying to reduce the snarky level of my posts so.... here goes.
I read this article and had to wonder how much was spent on a report that verifies what many computer security professionals have been saying for a while.
Generally speaking, no electronic files of any sort are without risk of compromise. (Physical record are also susceptible but they take more individualized effort and run into fundamental laws of physics reducing the scope of a successful attack.... how many file-folders can you fit in the trunk of your car?) However, the more a given set of information is worth, the more likely its theft or compromise will be.
And always remember, the largest data thefts tend to be inside jobs.
OK, now we have covered the 'background' so to speak, lets get some quotes from this article:
"Concerns about harm from the use of health (technology) have emerged," the report said. "Designed and applied inappropriately, health (technology) can add an additional layer of complexity to the already complex delivery of health care, which can lead to adverse consequences."
What I read there is that if you dont keep it simple, and make too many competing standards.... all hell will break loose. Even standardized systems can be clunky or badly setup. I have personal experience with a system set up at two nationally acclaimed children's hospitals. The same system, set up by what I believe was two different vendors. In one Hospital, the implementation was so complicated that even after six months of training and testing there were still life threatening mistakes being made on a regular basis. The other hospital, however, had a better setup with fewer default settings left in place and more reasonable and logical customization. Their system worked well.
Another Quote:
Tuesday's report is not the only flashing yellow light in the switch to computerized medical records. Previously, the Health and Human Services inspector general warned that security standards need improvement.
I've seen the warning from the HHS inspector general reported on before.
Hes right. One of the most popular software packages for small doctor's offices is built on an open source platform.... with a hardcoded default admin password. Unless the person installing it knows and cares to change it, the installation is vulnerable to remote attack of the simplest and most devastating sort.
Ok, enough babbling. Its a decent article, light on technical stuff but it has the right idea. Electronic medical files are not a panacea and will cause easily as many issues as it solves.
Thursday, November 10, 2011
Tuesday, November 8, 2011
RTFM
A close friend of mine has been yelling that at me for years.
He's right in every way.
Even if you 'know' the system.
READ THE F-ing MANUAL.
Consider it a basic level requirement. Before you become a master, you need the basics and its (usually) all in the manual.
Boring but true.
He's right in every way.
Even if you 'know' the system.
READ THE F-ing MANUAL.
Consider it a basic level requirement. Before you become a master, you need the basics and its (usually) all in the manual.
Boring but true.
GOOGLEFU
I was thinking that I needed something small to keep me busy for the next twenty minutes.
I figured I could find a short tutorial or set of suggestions on the art of googling, aka googlefu (google fu, google-fu, google foo, etc...).
I found of course the definition, as well as this site
Which seemed like a great please to start except that this is what I found inside:
Which just brings me back to what I already knew about googling:
Know the basics. http://www.google.com/support/websearch/?hl=en
Learn the advanced stuff from the source, google.
and then there is this:
http://www.wdyl.com/#google+search
I mean.... good lord.... thats really cool and at the same time kinda scary.... I mean you could get rid of many many blogs by putting in the right search term like: http://www.wdyl.com/#learning+computer+security
I figured I could find a short tutorial or set of suggestions on the art of googling, aka googlefu (google fu, google-fu, google foo, etc...).
I found of course the definition, as well as this site
Which seemed like a great please to start except that this is what I found inside:
Know the basics. http://www.google.com/support/websearch/?hl=en
Learn the advanced stuff from the source, google.
and then there is this:
http://www.wdyl.com/#google+search
I mean.... good lord.... thats really cool and at the same time kinda scary.... I mean you could get rid of many many blogs by putting in the right search term like: http://www.wdyl.com/#learning+computer+security
Starting small - OR - Pageviews from WHERE?!?!
OK, so I know that I am just starting out. There is not enough content, let alone original content for me to be drawing big crowds yet.
In fact, the only people I expect to look at this so far are those friends I have personally told about the blog. ie, 2 friends in the DC area.
To my surprise, I'm getting page views from russia.... I am curious why.
My guess? Some sort of automated news aggregator filling dummy pages with security themed posts grabbed from google searches. I looked at one of the referring pages, its a known malware page in the .tk ccTLD (linked to the wiki article on .tk, not to the infected page) which does not make me terribly happy. Oh well, nothing I can do about it.
In fact, the only people I expect to look at this so far are those friends I have personally told about the blog. ie, 2 friends in the DC area.
To my surprise, I'm getting page views from russia.... I am curious why.
My guess? Some sort of automated news aggregator filling dummy pages with security themed posts grabbed from google searches. I looked at one of the referring pages, its a known malware page in the .tk ccTLD (linked to the wiki article on .tk, not to the infected page) which does not make me terribly happy. Oh well, nothing I can do about it.
relearning the basics - HijackThis
Ok, ok ,ok... its more like Computer Care 101 than System Security 101 but... all the same.
I happened across this:
http://www.bleepingcomputer.com/tutorials/how-to-use-hijackthis/
I have used HijackThis for a long time. I dont think I was using it to its fullest extent.
Damn that thing is thorough, much more useful now that I went back and learned the basics from the source.
Yeah, its unlikely it will help you nab a hacker, but it is extremely useful at finding (and to some extent cleaning) infections and bots and the like.
I personally hold to a strict "nuke and pave" rule for anything infected, so for me its more detection and identification than remedeation, but to each their own.
I happened across this:
http://www.bleepingcomputer.com/tutorials/how-to-use-hijackthis/
I have used HijackThis for a long time. I dont think I was using it to its fullest extent.
Damn that thing is thorough, much more useful now that I went back and learned the basics from the source.
Yeah, its unlikely it will help you nab a hacker, but it is extremely useful at finding (and to some extent cleaning) infections and bots and the like.
I personally hold to a strict "nuke and pave" rule for anything infected, so for me its more detection and identification than remedeation, but to each their own.
Wednesday, November 2, 2011
SNORT: a how to
Im not ACTUALLY ready for this yet. I want to do things in the right order. Everything I know about becoming an expert says that if you skip the basics to try the cool advanced stuff, you will ALWAYS be playing catchup and NEVER have a true mastery of your subject.
If anyone can suggest what basics to cover first, I'm always interested in your thoughts.
That being said, I found this and wanted to share it with anyone who might be looking for info on it.
It is by no means an exhaustive tutorial, here is the table of contents:
However it is worth looking at. Always remember that the best way to learn this stuff is by doing it. Grab an old machine and set up a snort box. Then test it. Then learn to read the logs from it and test it again.
Ill tell you what I think of it when I get there.
If anyone can suggest what basics to cover first, I'm always interested in your thoughts.
and of course defcon
OK, how many of use dont have the time or money to be at defcon/blackhat?
(ME)
How many of use wish we could still hear the amazing speakers?
(ME)
Have any of you tried watching the defcon media from the defcon media site?
(um...... me.... soon?)
Ok, I'll admit it, I have not yet done it. But as soon as I have power in my own house, I'll spend a few hours watching and learning.
Black Hat online
I dont know why I did not mention this earlier, BUT:
Black Hat has online talks with slides, mostly (all I think) free to listen to/download.
Its a great way to learn something new AND stay current.
https://www.blackhat.com/html/webcast/webcast-home.html
and now we return you to your regularly scheduled blog
AH, the loveliness of routine.
Not quite back to my routine BUT, at least i have internet for the day.
This caught my eye:
Security firm: Hackers hit chemical companies
Cyber attacks traced to China targeted at least 48 chemical and military-related companies in an effort to steal technical secrets, a U.S. computer security company said Tuesday, adding to complaints about pervasive Internet crime linked to this country.
Security experts say China is a center for Internet crime. Attacks against governments, companies and human rights groups have been traced to this country, though finding the precise source is nearly impossible. China's military is a leader in cyberwarfare research but the government has rejected allegations of cyberspying and says it also is a target.
So what can we learn from this?
well, first off that we can't trust China. On the other hand can you really trust any entity whose primary reason for existing is to ensure its own existence and supremacy? This applies to large corporations, small competitors, governments and most NGOs.
Truth is, you can't trust a group. You can trust an individual, but groups have a tendance to lose their trustworthiness pretty quickly. Its kind of mob mentality. If the Group did it, the individual is free of blame to work as they see fit for the betterment of the group.
OK, enough rant, back to security.
Take away:
Secure those items that make your company special or different. Famouse case of Intel and AMD. AMD once was the big player. One of their people defected to intel with the plans for the x86 chipset architecture. AMD had nothing in place to stop that, thus most of what we buy is made by .... INTEL. Securing your credit card sales is good business, securing the intelectual property that allows you to make the product being purchased with those credit card is ESSENTIAL business.
So again, secure those items that make your company special or different. Withut them, you have no reason for continuing in business.
OH GOOD LORD.......
SO, no sooner do I get things straightened out and on some sort of schedule......
EDIT:: was without power/heat/internet/etc... for 5 days. Spent the time living in the extra rooms of Family members. Vagabond lifestyle may look cool, but not with a whole family in tow.
Car Issues
Family Issues
A FREAKIN THREE STATE ICE STORM
no power, no heat, no internet.... yeah this has been fun.
all in all, blogging has not been a top priority right now.
EDIT:: was without power/heat/internet/etc... for 5 days. Spent the time living in the extra rooms of Family members. Vagabond lifestyle may look cool, but not with a whole family in tow.
Subscribe to:
Comments (Atom)