Thursday, February 29, 2024

Health care has become a top target for cybercriminals - 29 February 2024

A warning about computer security for medical computing systems was recently raised by a neighbor named Steve Moeller.  He wrote:

Here is an article from the Seattle Times talking about the threat from cybercriminals to the national and local healthcare system: https://www.seattletimes.com/seattle-news/health/why-health-care-has-become-a-top-target-for-cybercriminals/#Echobox=1708874045 

From the article:

When a cyberattack hit Fred Hutchinson Cancer Center late last year and exposed the personal data of nearly a million patients, many were caught off guard, stunned a breach could infiltrate such a large and highly resourced health care organization. 

This is a problem and it is more widespread than most people realize.  

The Internet was designed with open access in mind, so it is proving hard to make it secure.  This means that *anything* attached to the Internet has some degree of exposure that depends on how much thought and effort the "owner" has put into security.  The answer to "how much effort" is often little to none.  This means that everything from your medical records to your banking records are at risk.  Further, your power grid, your road systems, and even your personal cars are all at risk.  The old phone system is relatively secure (ok, I remember 2600 and phone phreaks) but the new wireless systems are far more exposed.  Social media like Facebook, Instagram, Xitter, and Snapchat are all exposed, and even giants in the field like Google and Microsoft are exposed.  

My point?  You should be checking with each and every supplier you use to ask them what their security policies are.  In the main, you will find that the corporate security policies protect the corporation but you?  You are left dangling.  We need legislation that places the burden back on the corporations. 


Wednesday, February 28, 2024

Seattle Nisqually Earthquake 2001 - 28 February 2024

Twenty-three years ago was the Good Friday Nisqually Earthquake.  At 10:54am, I was sitting with my boss, Gene Pope, in his Amazon.com office near S. Weller and 5th Ave S in Seattle, near the International District.  At first, it sounded like a freight train rumbling from the distance and then, the shaking started.  The lights were suspended on cables from the ceiling and I remember watching them swing back and forth, swinging wider as the shaking continued.  Someone was standing nearby in an area of cubbys and I yelled something like "get under the furniture".  I do not recall if he moved or not.  After an eternity or two, the shaking stopped and we started to assess what we had.  The Seattle bus tunnel was closed for a couple of hours while the engineers checked it for damage.  After it opened, I took a bus home and continued work from there.  

There used to be an "earthquake rose" but the original seems to have been pulled from the internet.  You can read about it here -- 

https://inhabitat.com/a-beautiful-and-mysterious-rose-created-by-an-earthquake-and-a-pendulum/


Friday, February 23, 2024

Dell is telling the truth about remote work - 23 February 2024

A recent article from The Register reports on consequences of a recent return-to-the-office (RTO) program at Dell Computer.   From the article:

The implications of choosing to work remotely, we're told, are: "1) no funding for team onsite meetings, even if a large portion of the team is flying in for the meeting from other Dell locations; 2) no career advancement; 3) no career movements; and 4) remote status will be considered when planning or organization changes -- AKA workforce reductions." 

The last three points are the most significant.  The first point is optional - some companies will fund team meetings and some will not.  I think Dell is wrong on this point, but it is their company so they make their rules.  

The most important point is - no career advancement.  Let us say you are the manager and you are faced with a key decision, assigning important tasks, choosing a promotion candidate, or simply assigning bonus budget.  You have two employees, one who is often in the office where you see their work, see their interactions with other team members, and see their presentations, and a remote employee that you see intermittently, see no interactions, and see only video presentations.  Which one are you going to select for rewards and the best assignments?  Pretty obviously the on-site person.  If you think that is wrong, ask your mother if it is OK to just call from now on, and you will stop your in-person visits.  Ask yourself if you would rather put your kids to bed and read them a story rather than read a bedtime story over the phone.  No mother or kids?  What would your dog think?  Expanding on this, no career movements is a reasonable extension.  As a manager, you can choose a local candidate that you see routinely or you can choose someone who is always at the far end of a phone line.  Not hard to choose.  Finally, the old rule is "out of sight, out of mind" and that will trump over "absence makes the heart grow fonder" - when it comes time to downsize, it is far easier to lay-off someone on a phone line compared to someone you see routinely in the office.  It just is.

Note that "routinely in the office" includes hybrid and full-time office sightings.  Seeing someone Monday-Wednesday-Friday is closer to Monday-Friday than never or rarely.  I am not arguing against work-from-home, simply stating boundaries.

Furthermore:

Another employee said: "Choosing to be remote does indeed put career advancement at a standstill."

As one advances up the ranks, there are more and more leadership and team skills required to work on larger projects.  If your job is one person (you) in one place (your home or office), then advancement within these constraints is possible.  But if your job requires interactions and teams, that is best done in-person.  To advance, you need to demonsrate those leadership and team skills, and you cannot do that sitting alone in your home-office with the dog.

So if you want to be a Lyft driver or work on small projects for the rest of your life, work from home.  But if you want to advance in the corporate environment, get to the office.




Friday, February 16, 2024

10km ebike ride to awaken the limbs - 16 February 2024

After weeks of rain, a day of snow, and overnight frosts, I grabbed a partly sunny day to unwind my limbs and refresh the e-bike.  I just puddled around the neighborhood for 6.2 miles, up and down and around.  It was a bit on the cold side, 47F, but I was able to wrap up.  The main "save" was the pair of gloves that I wore.  My fingers get cold after the frostbite session on that China trip.

https://photos.app.goo.gl/sgey47DQpqEUi76HA


Friday, February 09, 2024

Bad Reporting #1: Radio Tower Stolen - 9 February 2024

No.  One does not just steal a 200-foot tall radio tower.  No.  There are two major problems with this simple-minded assertion, size and power.

The obvious problem is the size of the 200-foot tower.  It takes time and equipment to down it and haul it away.  You need a couple of hours to rig it, to lower it to the ground, to dismantle it, and then to haul it away.  The word "stolen" implies surprise or stealth.  The radio station had hours to respond to any surprise attempt to take the tower.  The police had hours to respond when called.  This tower was not stolen.  

The other problem is the electrical power being pumped into the antenna.  There are thousands of watts of power being pumped into the antenna in order to broadcast, perhaps as high as 50,000 watts, but likely less in this case.  When you walk up to the tower and touch it, you become the path to ground.  Big shock - literally.  Someone had to have the smarts to cut off the transmitter before anyone touched the tower.  Yes, the report talks about evidence of a break-in, suggesting that the thief did have the requisite smarts.  But radio stations monitor their signal - they listen to themselves to make sure they are still transmitting.  Again, no surprise is possible when the transmitter gets cut and the antenna gets "stolen".

Reporters really need to pause and think before they report this stuff.

Source: Alabama station in disbelief after 200-foot radio tower stolen at NBC News.



Thursday, February 01, 2024

Privacy and the Internet Giants - 1 February 2024

Twelve years ago, Facebook went public as a multi-billion dollar company.  On today's market, Facebook (now META) has a market cap of $1T and a user base between 2 billion and 3 billion, depending on who is counting what.  This suggests that the value of a Facebook user has gone up from about $6 to about $333 (very roughly).  Why such a significant rise?  Does Facebook offer more value and function to you today than it did a decade ago?  Not really.  55x more value and function?  Far from it.  The stock market has assigned the price, so where does this value come from?

In a recent report from Consumer Reports, "Using a panel of 709 volunteers who shared archives of their Facebook data, Consumer Reports found that a total of 186,892 companies sent data about them to the social network. On average, each participant in the study had their data sent to Facebook by 2,230 companies."  And as noted by Bruce Schneier, "This isn’t data about your use of Facebook. This data about your interactions with other companies, all of which is correlated and analyzed by Facebook."

This is not Facebook/META alone - this is all the big Internet companies, including a bunch you do not know about like Palantir Technologies.  You are not a hapless victim.  Contact your representatives and senators to demand protection.  Consumer Reports probably has some good suggestios of where to start.