DNA and dental records werean example that could be used to positively identify a change - not to prevent treatment.
Changes to a record would not occur until the patient is identified. Until then, they sit in a pending status with the medical history available so as to not delay treatment. If an identify thief used wants to use your records, let them. But, you can easily extract the bogus information if an HCP fails to identify the patient.
TFA would be used by a patient checking in - not for every access by the HCP. TFA, along with a image of the patient at check-in could possibly solve the identify problem and permit the HCP to make entries on behalf of the patient.
Took the time to quickly read through the Whitepaper. My intention will be to examine it more thoroughly over the next day or two. I found it interesting because it predates my own preliminary work on the subject matter. With the serious danger for medical record theft, the development of a secure EHR records system is paramount. It would be nice, to see a mandate by the federal gov't making such a system an absolute requirement in whatever healthcare bill becomes or stays law.
Blockchain technology provides a secure, distributed database. Accessing medical records from corresponding nodes should be very quick. Adding or updating them should require validation of the submitter and of the patient to ensure data integrity and privacy. The identify of a patient can be verified using existing technologies or a database constructed specifically for identification (i.eimage database, biomarkers, and TFA) by the health care provider (HCP). Records that submitted without a thorough vetting of the patient identity can be separated until vetting is complete. If the vetting fails, a new EHR record can be created.
Two-Factor Authentication (TFA) could be used when checking into a HCP or facility when the patient is conscious and has their smart phone or similar mobie device present. In emergency cases where the patient can not respond, the HCP would be able to keep the records separate yet able to retrieve history while the HCP contacts the patients emergency contacts for vetting. And, in the event a patient can not be properly vetted using these techniques, DNA biomarkers or dental records could be used to achieve a positive identification.
Such an approach would ensure that bogus information is not entered into a patients medical record. This will help lower insurance costs AND prevent the patient from potentially receiving life threatening procedures or medications (i.e. if allergic). Removing bogus information is very difficult. And, in accordance with HIPAA and health care privacy laws,, the real patient affected by the bogus information is not even permitted to know the identify of the individual who misused their record (stupid, I know) or to even have the erroneous information easily removed.
By law, everyone is still required to receive stabilizing medical care. But, individuals should not be subject to improper treatment based on bogus data due to misuse nor should they be responsible for medical bills associated with such treatment.
Unfortunately, a key factor in such a system, common EHR data formats, are still a ways away. EHR vendors tend to be proprietary and expect everyone else to use their protocol, if any. In the public safety sector, this was solved using GJXDM and NIEM to provide a standardized reporting standard. Many states and the federal gov't the implemented systems to facilitate the sharing of this data. Such a similar approach for EHR records, coupled with blockchain technologies would revolutionize health care.
Why not simply employ a Sat-phone-like device to upload the data on the fly (assuming they can get a signal)? The data can be transmitted before the SD is compromised. Then, it won't matter if the SD is compromised.
In a similar fashion, have an SD card reader for a cellphone for instances where a cell signal can be received (i.e. domestic use).
Alternatively, simply build cell / encryption capability into the camera itself.
According to another article on today's/. feed, users of pot, a drug, have lower blood flow to the brain. This, according to the study, is a harmful effect.
This article states that religious thoughts have similar effects on the brain as drugs.
Given that the copy protection / license management was disabled by the vendor and 38 copies were purchased, I have to wonder if the Navy purchased a 38 user concurrent license vs a per machine license or believed they had done so. If so, the software is responsible for communicating with a license manager to ensure that a maximum of 38 machines can use the software at a given time.
Bill Cosby was told he wouldn't be subject to prosecution by to Montgomery County, PA prosecutors. The current prosecutor chose to ignore those promises and it was upheld by the courts.
In that light alone, I think it prudent for him not to testify despite given "immunity".
Modify the Uber app so that the rider has to confirm the start of the ride on their mobile device.
Reporting of "scary" profile pics should be simple as well - simple snapshot and forward - If proven - the driver takes a hit on their next 5 drives - say $1-2 per drive.
Delphi was and is not a low-code solution. It is a RAD environment where some really simple apps (i.e. the Fish app) could be built by dropping a few components on a form and linking the properties and writing a couple of events. But, most applications (and visual/non-visual component creation required coding skills.
What killed Delphi was stupid decisions by Borland/Inprise to move away from what they did best and become an "Enterprise" company instead of a developer company. They also concentrated on Windows-only development when other platforms (mobile, web, Linux, Mac) were becoming popular (see first f'up). And, they raised the price so far that even dedicated developers and can't afford it's stratospheric pricing ($2600+) - only Gods and birds can reach it.
The language is a dialect of Object Pascal (not in vogue despite its power). Delphi is the IDE and hasn't changed much over the years. It can now target Windows, Mac, iOS, and Android. Linux server is coming. It is very easy to create a highly complex, cross- platform application in a way that Xamarin can't touch. Performance for business apps is good. But, I have yet to see a real game written using it. And, good luck in getting Delphi into your IT shop these days (at least in the US).
Not until developers can afford it again and work with it to see its power (if they can tolerate the language), it will regain its market share.
This, theft or the cloning of the SIM are three possible threat. Another is the display of the SMS on the lock screen which would divulge the token to anyone who has access to the device.
Most WILL NOT issue a severance check UNTIL you sign the separation agreement. They WILL issue you your last paycheck, however - they must do that.
I think requiring companies to pay a 50% salary when a non-compete is in effect is brilliant as they can dictate for whom you can work (and, as such, the ability earn a comparable salary).
If a company determines you are no longer of value to them and they release you (fire/layoff, then the non-compete should be voided entirely. If they still deem you of value but have let you go, they need to provide compensation such as in a layoff with option to recall (as in temporary down-size), they need to pay up or release the obligation.
It's just a matter of time before they will hook these feeds into an AI (ala "Person of Interest") to process those feeds. Does putting something on the internet without a password make it a public asset? Makes you wonder how long it will take before they will be able to readily access even password protected cameras without a warrant."
Everyday, I walk through the Skyways of Saint Paul. There are cameras every hundred yards or so and at every turn and it's a bit disturbing. Still, the little cretins have managed to put up graffiti in a passageway two days in a row...something new.
That's the premise of a Threshold-Based Secret Sharing solution. There are multiple ways to provide a scheme where you need some X of Y shares to recover a value based on WHO is trying to recover the secret.
The simplest is to implement a scheme where N shares are generated and M (where M is less than/equal) to N shares are required to recover a secret.
The same secret can be split into different numbers of shares (or, even splitting a particular share into more shares that get distributed).
Assuming that all the share holders don't meet on Facebook and collude to unlock your secret, you can comfortable distribute the shares and they need not be encrypted (they are useless without the quorum of shares).
Of course, all it takes is one or more share recipients to encrypt the share (or have it encrypted prior to sending it to them using asymmetric encryption) and then it will require those individuals to decrypt the share before your secret can be revealed. It may be, theoretically, harder to compromise an individual AND their share repository vs just the repository.
Similarly, you could use Shamir Secret Sharing with a theshold to break the key up into N shares which could be provided to people you trust. Then, your (or those you designate - include law enforcement) could recover the keys provided they have the threshold number of shares.
Maybe when burning such info into a crystal becomes cheaper and feasible for the common person, it could be burned into one for all posterity.
And, interestingly, "public" information can deemed classified if an analysis of the information and any related resources deem it so. And, such classification can occur at anytime. Does that mean everyone in possession of that information prior to classification should be held accountable for possessing it? No.
However, as you noted, removal of classification markings from a document does not make it any less so until the appropriate classification authority lowers or removes the classification.
Our pet tracker was re-purposed for personnel (not intentionally) and vehicle tracking. It also found its way to used car dealerships and, in particular, was designed for repossession when leasing to those with dubious credit histories (a fairly large market, btw).
The tracking data was uploaded and stored on our servers whenever the device had a strong cell signal.
Due to the size of the device, the technology was creepy and our ops folks had to share location logs when police were investigating murder and domestic assaults.
The high point was reviewing the more popular names people gave to their devices and posting the top 10.
How about make all companies doing business in the US use US resources (including human) rather than just focusing on one company outsourcing their labor?
Unless Apple is a national company (which, it isn't) or vital to national defense/security, I don't see how they legislate just one company to use his proposed model.
When Facebook Messenger was announced, it was clear that only mobile devices could use the service. Additionally, the criteria for creating Messenger content was also fairly high. As a result, I wonder what the adoption rate of Messenger has been since its launch.
By opening up to BOT creation, there is now the potential to create potentially useful services for Facebook mobile users. This could be a good thing. I can think of several services and business models that could benefit from Messenger platform opening up to BOTS.
"...their relative unpredictability on the road are nonetheless leading to more accidents than expected."
Quite the opposite - they are predictable in that they follow all traffic laws - that's very predicatable. It's the unpredictability of human nature that causes the accidents. Should these robots be taught to break the law in order to conform with the behavior of their more chaotic human counterparts???
The article brought up another ethical question - the just one posed in Issac Asimov's book, "iRobot" - where the robots calculated the probability of survival and made the cold, calculating decision on who to save. In the case of a self-driving car and self-driving bus full of children, should the both vehicles decide to save the children or, simply, their occupants. Clearly, the latter would result in serious consequences if they both take the latter approach.
Celestial navigation was taught in our Naval Science Navigation course. As naval bridge officers, we were required to learn celestial navigation primarily as tradition and to have a working understanding of the mechanics of the process. That being said, one must know where the ship is at all times. Today, we rely on GPS, inertial navigation systems and the gyroscopic compass (as opposed to a magnetic compass). There have been times when we lost GPS or LORAN C while at sea. We did experience loss of the gyroscopic compass in the middle of ocean and our ship didn't have INS. You have a mission to carry out and that entails safely navigating your vessel.
Basic skills such as dead reckoning and visual position fixes are used when near land. At sea, with no landmarks, knowing where you is just as important. Case in point is that there is an underwater mountain in the Pacific that ships still manage to hit. Avoiding those things is pretty important. Murphy's law will ensure that your ship fill find the underwater mountain or shoal waters if you aren't prepared.
Do navigators take celestial fixes every night the skies are clear? No. They do it from time to time to keep the traditions alive. And, should the skills ever be needed, they will have them. The calculations are tedius and no where as accurate as GPS fix. But, it's an interesting exercise and a time honored tradition.
Slashdot Mirror
But you won't forget "Yeah, best of luck with that"
Yup. I think I will use "Yeah, best of luck with that" as my passphrase.
Hot fixes such as this should be limited to enterprise apps only - i.e. apps that don't affect the world.
Was the hot fix permitted for all apps or just enterprise apps? If the former, then it should be definitely be removed.
DNA and dental records werean example that could be used to positively identify a change - not to prevent treatment.
Changes to a record would not occur until the patient is identified. Until then, they sit in a pending status with the medical history available so as to not delay treatment. If an identify thief used wants to use your records, let them. But, you can easily extract the bogus information if an HCP fails to identify the patient.
TFA would be used by a patient checking in - not for every access by the HCP. TFA, along with a image of the patient at check-in could possibly solve the identify problem and permit the HCP to make entries on behalf of the patient.
Took the time to quickly read through the Whitepaper. My intention will be to examine it more thoroughly over the next day or two. I found it interesting because it predates my own preliminary work on the subject matter. With the serious danger for medical record theft, the development of a secure EHR records system is paramount. It would be nice, to see a mandate by the federal gov't making such a system an absolute requirement in whatever healthcare bill becomes or stays law.
Blockchain technology provides a secure, distributed database. Accessing medical records from corresponding nodes should be very quick. Adding or updating them should require validation of the submitter and of the patient to ensure data integrity and privacy. The identify of a patient can be verified using existing technologies or a database constructed specifically for identification (i.eimage database, biomarkers, and TFA) by the health care provider (HCP). Records that submitted without a thorough vetting of the patient identity can be separated until vetting is complete. If the vetting fails, a new EHR record can be created.
Two-Factor Authentication (TFA) could be used when checking into a HCP or facility when the patient is conscious and has their smart phone or similar mobie device present. In emergency cases where the patient can not respond, the HCP would be able to keep the records separate yet able to retrieve history while the HCP contacts the patients emergency contacts for vetting. And, in the event a patient can not be properly vetted using these techniques, DNA biomarkers or dental records could be used to achieve a positive identification.
Such an approach would ensure that bogus information is not entered into a patients medical record. This will help lower insurance costs AND prevent the patient from potentially receiving life threatening procedures or medications (i.e. if allergic). Removing bogus information is very difficult. And, in accordance with HIPAA and health care privacy laws,, the real patient affected by the bogus information is not even permitted to know the identify of the individual who misused their record (stupid, I know) or to even have the erroneous information easily removed.
By law, everyone is still required to receive stabilizing medical care. But, individuals should not be subject to improper treatment based on bogus data due to misuse nor should they be responsible for medical bills associated with such treatment.
Unfortunately, a key factor in such a system, common EHR data formats, are still a ways away. EHR vendors tend to be proprietary and expect everyone else to use their protocol, if any. In the public safety sector, this was solved using GJXDM and NIEM to provide a standardized reporting standard. Many states and the federal gov't the implemented systems to facilitate the sharing of this data. Such a similar approach for EHR records, coupled with blockchain technologies would revolutionize health care.
Just my $0.02 worth.
RD
Why not simply employ a Sat-phone-like device to upload the data on the fly (assuming they can get a signal)? The data can be transmitted before the SD is compromised. Then, it won't matter if the SD is compromised.
In a similar fashion, have an SD card reader for a cellphone for instances where a cell signal can be received (i.e. domestic use).
Alternatively, simply build cell / encryption capability into the camera itself.
-- RD
According to another article on today's /. feed, users of pot, a drug, have lower blood flow to the brain. This, according to the study, is a harmful effect.
This article states that religious thoughts have similar effects on the brain as drugs.
Ergo, religious thoughts are dangerous?
Given that the copy protection / license management was disabled by the vendor and 38 copies were purchased, I have to wonder if the Navy purchased a 38 user concurrent license vs a per machine license or believed they had done so. If so, the software is responsible for communicating with a license manager to ensure that a maximum of 38 machines can use the software at a given time.
Moderate parent +5 Funny!
Wish I still had my moderator points...LMAO.
Bill Cosby was told he wouldn't be subject to prosecution by to Montgomery County, PA prosecutors. The current prosecutor chose to ignore those promises and it was upheld by the courts.
In that light alone, I think it prudent for him not to testify despite given "immunity".
to the "ghost rides".
Modify the Uber app so that the rider has to confirm the start of the ride on their mobile device.
Reporting of "scary" profile pics should be simple as well - simple snapshot and forward - If proven - the driver takes a hit on their next 5 drives - say $1-2 per drive.
Problem solved.
Delphi was and is not a low-code solution. It is a RAD environment where some really simple apps (i.e. the Fish app) could be built by dropping a few components on a form and linking the properties and writing a couple of events. But, most applications (and visual/non-visual component creation required coding skills.
What killed Delphi was stupid decisions by Borland/Inprise to move away from what they did best and become an "Enterprise" company instead of a developer company. They also concentrated on Windows-only development when other platforms (mobile, web, Linux, Mac) were becoming popular (see first f'up). And, they raised the price so far that even dedicated developers and can't afford it's stratospheric pricing ($2600+) - only Gods and birds can reach it.
The language is a dialect of Object Pascal (not in vogue despite its power). Delphi is the IDE and hasn't changed much over the years. It can now target Windows, Mac, iOS, and Android. Linux server is coming. It is very easy to create a highly complex, cross- platform application in a way that Xamarin can't touch. Performance for business apps is good. But, I have yet to see a real game written using it. And, good luck in getting Delphi into your IT shop these days (at least in the US).
Not until developers can afford it again and work with it to see its power (if they can tolerate the language), it will regain its market share.
This, theft or the cloning of the SIM are three possible threat. Another is the display of the SMS on the lock screen which would divulge the token to anyone who has access to the device.
Is Apple responsible for users selecting weak passwords? Yes and no.
Forcing a user to use a TFA protocol significantly reduced the danger of a weak or reused password might pose.
Can Apple stop someone from reusing a password (weak or otherwise)? No.
Can Apple force users to use TFA? Yes.
Lifelock? Immune? Mod the parent to +5 funny.
Most WILL NOT issue a severance check UNTIL you sign the separation agreement. They WILL issue you your last paycheck, however - they must do that.
I think requiring companies to pay a 50% salary when a non-compete is in effect is brilliant as they can dictate for whom you can work (and, as such, the ability earn a comparable salary).
If a company determines you are no longer of value to them and they release you (fire/layoff, then the non-compete should be voided entirely. If they still deem you of value but have let you go, they need to provide compensation such as in a layoff with option to recall (as in temporary down-size), they need to pay up or release the obligation.
I got the impression that these are, initially, intended for disabled shoppers rather than all customers due to the $1400 unit cost.
It's just a matter of time before they will hook these feeds into an AI (ala "Person of Interest") to process those feeds. Does putting something on the internet without a password make it a public asset? Makes you wonder how long it will take before they will be able to readily access even password protected cameras without a warrant."
Everyday, I walk through the Skyways of Saint Paul. There are cameras every hundred yards or so and at every turn and it's a bit disturbing. Still, the little cretins have managed to put up graffiti in a passageway two days in a row...something new.
That's the premise of a Threshold-Based Secret Sharing solution. There are multiple ways to provide a scheme where you need some X of Y shares to recover a value based on WHO is trying to recover the secret.
The simplest is to implement a scheme where N shares are generated and M (where M is less than/equal) to N shares are required to recover a secret.
The same secret can be split into different numbers of shares (or, even splitting a particular share into more shares that get distributed).
Assuming that all the share holders don't meet on Facebook and collude to unlock your secret, you can comfortable distribute the shares and they need not be encrypted (they are useless without the quorum of shares).
Of course, all it takes is one or more share recipients to encrypt the share (or have it encrypted prior to sending it to them using asymmetric encryption) and then it will require those individuals to decrypt the share before your secret can be revealed. It may be, theoretically, harder to compromise an individual AND their share repository vs just the repository.
Why not print the encrypted key as a QR Code?
Similarly, you could use Shamir Secret Sharing with a theshold to break the key up into N shares which could be provided to people you trust. Then, your (or those you designate - include law enforcement) could recover the keys provided they have the threshold number of shares.
Maybe when burning such info into a crystal becomes cheaper and feasible for the common person, it could be burned into one for all posterity.
And, interestingly, "public" information can deemed classified if an analysis of the information and any related resources deem it so. And, such classification can occur at anytime. Does that mean everyone in possession of that information prior to classification should be held accountable for possessing it? No.
However, as you noted, removal of classification markings from a document does not make it any less so until the appropriate classification authority lowers or removes the classification.
This was state of the art in 2010 on T-Mobile.
Our pet tracker was re-purposed for personnel (not intentionally) and vehicle tracking. It also found its way to used car dealerships and, in particular, was designed for repossession when leasing to those with dubious credit histories (a fairly large market, btw).
The tracking data was uploaded and stored on our servers whenever the device had a strong cell signal.
Due to the size of the device, the technology was creepy and our ops folks had to share location logs when police were investigating murder and domestic assaults.
The high point was reviewing the more popular names people gave to their devices and posting the top 10.
How about make all companies doing business in the US use US resources (including human) rather than just focusing on one company outsourcing their labor?
Unless Apple is a national company (which, it isn't) or vital to national defense/security, I don't see how they legislate just one company to use his proposed model.
When Facebook Messenger was announced, it was clear that only mobile devices could use the service. Additionally, the criteria for creating Messenger content was also fairly high. As a result, I wonder what the adoption rate of Messenger has been since its launch.
By opening up to BOT creation, there is now the potential to create potentially useful services for Facebook mobile users. This could be a good thing. I can think of several services and business models that could benefit from Messenger platform opening up to BOTS.
"...their relative unpredictability on the road are nonetheless leading to more accidents than expected."
Quite the opposite - they are predictable in that they follow all traffic laws - that's very predicatable. It's the unpredictability of human nature that causes the accidents. Should these robots be taught to break the law in order to conform with the behavior of their more chaotic human counterparts???
The article brought up another ethical question - the just one posed in Issac Asimov's book, "iRobot" - where the robots calculated the probability of survival and made the cold, calculating decision on who to save. In the case of a self-driving car and self-driving bus full of children, should the both vehicles decide to save the children or, simply, their occupants. Clearly, the latter would result in serious consequences if they both take the latter approach.
Celestial navigation was taught in our Naval Science Navigation course. As naval bridge officers, we were required to learn celestial navigation primarily as tradition and to have a working understanding of the mechanics of the process. That being said, one must know where the ship is at all times. Today, we rely on GPS, inertial navigation systems and the gyroscopic compass (as opposed to a magnetic compass). There have been times when we lost GPS or LORAN C while at sea. We did experience loss of the gyroscopic compass in the middle of ocean and our ship didn't have INS. You have a mission to carry out and that entails safely navigating your vessel.
Basic skills such as dead reckoning and visual position fixes are used when near land. At sea, with no landmarks, knowing where you is just as important. Case in point is that there is an underwater mountain in the Pacific that ships still manage to hit. Avoiding those things is pretty important. Murphy's law will ensure that your ship fill find the underwater mountain or shoal waters if you aren't prepared.
Do navigators take celestial fixes every night the skies are clear? No. They do it from time to time to keep the traditions alive. And, should the skills ever be needed, they will have them. The calculations are tedius and no where as accurate as GPS fix. But, it's an interesting exercise and a time honored tradition.