F*c*book Really Hates Security

When F*c*book screws up, they don’t do it in small measures. Facebook: we logged 100x more Instagram plaintext passwords than we thought.

Millions of users, not tens-of-thousands of users were impacted.

The social networking behemoth admitted that it had been logging some passwords in plaintext, saving a record of exactly what your password was, character by character, rather than just keeping a cryptographic hash used for verifying that your password was correct.

This is Data Security 101. It may be Programming 101. Not logging passwords in plaintext, has been around for a very long time. Measured in decades long-time. But given the F*c*book doesn’t care the least little bit about privacy or your security, what the hell do they care?

Facebook is evil and must be destroyed.

Advertisements

The IBM 360 – And How It Changed Computing

DM IBM S360I hate it when I miss important anniversaries. The 360 was announced on April 7, 1964. Building the System/360 Mainframe Nearly Destroyed IBM.

(The image is an IBM System/360 Model 20 CPU with front panels removed, with IBM 2560 MFCM (Multi-Function Card Machine) Ben Franske [CC BY 2.5 (https://creativecommons.org/licenses/by/2.5)%5D, via Wikimedia Commons. Click for a larger view.)

Before the 360, computers were one-off. If you wanted to upgrade to a larger system, every piece of software had to be rewritten. Upgrading to a newer processor required buying new disk and tape drives, as well as printers. To put it bluntly…

By the end of the 1950s, computer users faced a seemingly intractable problem. Had it not been solved, it would have prevented computers from becoming widespread, and any thoughts of living in an Information Age would have been fiction.

So they pretty much bet the company, and embarked on a path that leads to where we are today, where you can add new disk-drives to old computers, where you can upgrade your graphics processor, or add more ports or a new printer by mostly just plugging it in, or you can buy a new computer and use your old mouse, keyboard, monitor and printer.

Their report called for five compatible computers, labeled processors (defined as the computer, its memory, and channels to connect to peripheral equipment). The software and peripherals for one processor were to work with all other processors. The plan called for using standard hardware and software interfaces between computers and peripherals, such as between disk drives and tape drives connecting to computers, so that the peripherals did not have to be swapped out when a new processor was installed. The recommendations became the basis for the System/360.

Principles of Operations, or Principles of Ops, – which grew out of that original report, and spelled out everything – was a standard volume on every system-programmer’s, DBA’s, and other’s desks. The last time I can clearly remember having a copy on my desk was in 1997. (That was when I was pushed into management…tricked, might be a better description of what happened…)

In short, the IBM 360 was the first computer you could upgrade. And it was just what people needed.

In the first month following the S/360 announcement, customers worldwide ordered over 100,000 systems. To put that number in perspective, in that same year in the United Kingdom, all of Western Europe, the United States, and Japan, there were slightly more than 20,000 computers of any kind installed.

Say it again. The order backlog was nearly 500 percent of the then worldwide-installed-base.

Anyway, anyone interested in tech might want to look at that bit of history. (Hat tip to the Chicago Boyz.)

Yet Another Municipality Congratulates Itself on Being Ready for 1992

These newfangled cellular telephones will no longer confuse the people of 911 Call Center in Melford, Mass. Medford Can Now Get Wireless 911 Calls.

Imagine that! A telephone with no wires!

The change from cellular 911 calls being routed through a third party is expected to improve emergency services’ response time.

Well hallelujah, they can handle cellphones, which have been everywhere for 25 years. At least.

The .gov Loves To Collect Data, Not Protect It

But when one agency has 3 breaches in 1 year, there is something wrong. Minnesota DHS Reports Health Data Breach from 2018 Email Hack.

The latest breach bore similarities to those incidents. On Tuesday, DHS officials notified lawmakers of a third data breach caused by a cyberattack on an employee’s email account on or around March 26, 2018.

This one apparently went undetected for some time, as the other 2 were in June and July of last year.

So you’ve proven unable to protect citizens data. Why should you be allowed access to any data? The breach is over a year old. The investigation ended in February of this year, and they only just started notifying people (and legislators) about it.

Amazon Admits They Are Spying on You Via Alexa

That’s not creepy at all. And of course it is covered in the product agreement that everyone reads before opening the package. When you speak to Alexa, Amazon workers may be listening.

Did you honestly think they weren’t going to spy on you? Silly Rabbit, Privacy is a 20th Century concept.

Millions more are reluctant to invite the devices and their powerful microphones into their homes out of concern that someone might be listening.

Sometimes, someone is.

Amazon.com employs thousands of people around the world to help improve the Alexa digital assistant powering its line of Echo speakers. The team listens to voice recordings captured in Echo owners’ homes and offices. The recordings are transcribed, annotated and then fed back into the software as part of an effort to eliminate gaps in Alexa’s understanding of human speech and help it better respond to commands.

Privacy? We don’t need no stinkin’ privacy.

Remember When Electronic Records Were To Improve Health Care?

It didn’t work out so well in this case. All of records erased, doctor’s office closes after ransomware attack.

The two-doctor medical practice in Michigan has apparently become the first health care provider in the nation to shut its doors for good because of a ransomware attack, according to half a dozen cybersecurity experts contacted in the past week. Hackers are targeting Minnesota hospitals and clinics at an escalating pace, including four breaches involving patient files already reported in 2019, though any interruptions of work have been temporary.

Electronic records are only a good idea if proper controls and safeguards are in place. And that means telling doctors how to run their businesses. (They don’t like that.)

Obama promised a golden age in health care, heralded by the arrival of electronic medical records. Didn’t work out for patients of this practice. And things are going to get worse, before they get better.