The manufacturers can already get that info, as well as pharmaceutical manufacturers. No need to be all covert about it. They made sure of that when they wrote HIPAA.
I mean really, Iceland. If you're going to have a earth-shattering-kaboom volcano erupting every couple of years, the least you could do is name it something remotely pronounceable.
The thesis is that you can waltz into a doctor's office AND a hospital with faked records and get the treatment needed. Basically the important bit is the insurance info - what has happened to "you" is less important than what you want to eventually happen to you (in the example given, a heart transplant).
I kinda doubt this, at least in a general sense. First off, you can show all the insurance cards and 'insurance info' to the medical provider all you want. The provider is going to query the insurance company before doing anything expensive. Fine, you say, call them all you want, the 'patient' is insured (it's just not the right patient). Now comes the hard part. The minute that the insurance company starts getting claims from both Peoria and Trenton, NJ flags are going to go up. Other old records would be sought (for something big like a transplant or joint replacement) which would likely not match.
Anything remotely resembling a heart transplant is going to fall apart unless both the real and fake patient have nearly identical physiques, ages and problems. More routine issues could go undetected for a while but persistent discrepancies would show up and as soon as the insurance company flagged the claim as problematic, big ticket items would be placed on hold until things go cleared up. When I worked in an early Medicaid HMO in the 1980's we had some problems with folks 'sharing' the Medicaid ID card (no picture, just a printout basically). It was pretty obvious when the patient's weight varied 30 pounds every other week. We soon insisted on photo ID.
And, in fact, the feds also insist on photo ID these days. Yes, if you're bleeding out we don't ask for it up front but as soon as your blood pressure normalizes we're poking around to figure out just who you are.
So it's possible that that full on medical records might be of value, but it's going to be much harder to monetize than a credit card number and likely would be of limited use. That doesn't mean that the information shouldn't be sealed up, of course. I'm just not sure how big a deal this is. And, in the case of the Community breach, they apparently did not get that information anyway.
"..ICE patterns formed and reformed on the screen as he probed for gaps, skirted the most obvious traps, and mapped the route he'd take through Sense/Net's ICE. It was good ICE. Wonderful ICE......His program had reached the fifth gate. He watched as his icebreaker strobed and shifted in front of him, only faintly aware of his hands playing across the deck, making minor adjustments. Translucent planes of color shuffled like a trick deck. Take a card, he thought, any card.
The gate blurred past. He laughed. The Sense/Net ice had accepted his entry as a routine transfer from the consortium's Los Angeles complex. He was inside. Behind him, viral subprograms peeled off, meshing with the gate's code fabric, ready to deflect the real Los Angeles data when it arrived."
This is most likely billing info. Until healthcare is free, you're going to have billing info. No way around it. The clinical info isn't really useful to your common crook - hard to make a buck out of knowing who has herpes since the pharmaceutical companies have already gleaned that information by paying your local pharmacist to tell them (legal and lucrative).
So, it's the old name, rank and social security number routine.
What were such systems doing connected to the public internet?
You reap what you sew. Put a system on the internet that is a big enough target, and it WILL be owned. The safe approach is physical separation coupled with careful local access control to prevent USB-style attacks (though with physical separation it is hard for them to phone home again).
They weren't on the 'public' Internet. They got hacked. Why was this stuff even on the network? Excellent question. The quick answer is that the hospital would like to get paid. So they have to create claims. Claims these days are electronic, little to no paper. The claims have to be sent from the hospital to the insurance companies -- through a network. And that network is.... the Internet.
Yes. hospitals could just go back to point to point dialup but that's not very convenient. They most likely had firewalls and other fancy things to prevent this sort of thing from happening but got caught either mis configuring something or more likely, fooled some witless employee into divulging something they shouldn't have. And before you get all high and mighty about this sort of thing, stop and reflect that the next witless employee might well turn out to be you.
Right now, impressionable youth from 3rd world countries are cheaper than robots. There won't be much worry about this for a while. A rust-bucket Honda and some dumb kid are going to be a lot cheaper than the latest Google-Tesla joint venture product.
We have plenty of time to think about it before Is-lame-oh terrorists are using them.
Except that one limiting factor in the jihad is the ability to get the starry eye idealist soon-to-be-martyr over on this side of the pond. Blowing oneself to tiny bits appears to be a hard sell to westernized folk. The concern here would be that an autonomous vehicle could alleviate that problem.
Of course, it's not a perfect solution. You have to purchase or steal the thing which now are in rather short supply. An autonomous vehicle is going to be fairly tightly regulated once let out into the wild - one of the basic tenets is that it communicates with other vehicles and presumably some sort of central command. Driving into a crowd or a chemical factory might be frowned upon.
Much easier to just blow up a chemical factory somewhere in New Jersey. Or start a forest fire near LA.
But it's the FBI's task to get all paranoid and look at all potential possibilities to ensure our ultimate freedom. USA! USA!
Insurance is a highly competitive industry. If accident rates go down competition will force rates close to $0.
You perhaps might see collision rates go down but there are many other liabilities that one typically insures a vehicle for - weather related damage, medical, liability and others (usually bundled under the rubric of 'comprehensive').
You are also assuming, without any data, that the future Johnny Cab will never get itself into an accident. I'm not so sure I would make such a bold claim.
Huh? I pay quite a bit of money for subscriptions - technical sites, reference sites even (crosses self) Adobe. I don't expect a group of people to curate, collate and organize information for free. Yes, I know that happens and I use those sites frequently as well.
But the subscription web is a useful concept. The problem comes when the value is relatively low. Like, for example, Slashdot. I'm certainly not going to spend several hundred dollars a year here. I have subscribed in the past - the benefits are unclear enough that I usually forget about it. As we've discussed innumerable times, a micropayment system would be an improvement. However, it's not going to get rid of the trolls.
Nothing short of a cosplay version of the Baroque Cycle is likely to do that.
I hope that's what happened, actually, and I think it's 99% likely that you are correct. But it's not too difficult to image another scenario - a terrorist group bent on conducting biological warfare wants to get their hands on some raw material. I don't think that's what happened here. I sure as hell hope not. But do any of these facilities where highly contagious infectious diseases get treated have protection against such things? Should they?
Not a sensible strategy (at least if you are a sensible terrorist). All you need is a single victim which, presumably, you would knock on the head, drain a couple of liters of blood and poof, you have a crude bio weapon. If you were planning on doing more sophisticated things, you would likely just need a couple of vials.
Anyway, I'm not arguing in favor of oil. I'd love for everything to go all electric. BUT we need to not cripple ourselves in the process.
That's correct. We have plenty of oil / coal / tar sands / algae. What we need is a coherent discussion on how to get from here to there over the course of, say, a generation. We need some leadership to push the concept.
If it were the Soviet Union it would be a Hero Project. If it were 1930's US it would be another Rural Electrical Association or WPA project. If it were the 60's it would be the manned spacecraft program.
Unfortunately, in the 21st Century US political climate it's most likely to end up as the "War on Power" or something similar.
I mean, one could probably design a system which works as he proposes - however, this would almost certainly mean a complete revamp of the existing electrical grid.
At which point investing in storage technology and facilities will be the cheaper and more reliable solution.
Exactly this. It would require smart 'everything' (and one hell of a lot of aluminum foil from this crowd). Centralization of a bunch of info. Revamping the transmission grid. Rewiring the cities, towns and hinterlands.
Certainly technically doable. Certainly a political non starter.
Depending on who you work with, blocking attachments can be very useful. If you have users that will click on anything, yes you need to block attachments.
Unfortunately, we have users that will click on anything. But yes, security is a process.
Genetic mutation is at the very core of Darwinian evolution. Surely, while many of these mutations will be bad and cause reduced lifespans for the individuals affected, SOME portion of these mutations must surely be positive (random mutation) leading to better survival chances and small hops forward in evolution. Every nuclear "disaster" like this should cause many individuals to die-off prematurely (not affecting evolution at all unless some were quite unique) not have any effect on some individuals, and cause "positive" mutations in some small number of individuals (which might not otherwise have naturally occurred and which will now be passed-on to offspring)
What's the problem as long as this did not affect a significant population of an endangered species?
Perhaps you can inform yourself how to secure an oil tank against leakage in case of a flood. It is surprisingly simlle, a no brainer in fact.
Of course. Perfectly simple. Perfectly simple to secure a 10,000 gallon tank of diesel oil in the face of a 20 foot high cascade of water and debris capable of knocking entire buildings off their foundations. And that after a magnitude 9 earthquake. Totally simple.
Surprised I am to find that wee bits of assorted chemicals were dumped into the environment after the disaster. Most surprised.
The manufacturers can already get that info, as well as pharmaceutical manufacturers. No need to be all covert about it. They made sure of that when they wrote HIPAA.
I mean really, Iceland. If you're going to have a earth-shattering-kaboom volcano erupting every couple of years, the least you could do is name it something remotely pronounceable.
The thesis is that you can waltz into a doctor's office AND a hospital with faked records and get the treatment needed. Basically the important bit is the insurance info - what has happened to "you" is less important than what you want to eventually happen to you (in the example given, a heart transplant).
I kinda doubt this, at least in a general sense. First off, you can show all the insurance cards and 'insurance info' to the medical provider all you want. The provider is going to query the insurance company before doing anything expensive. Fine, you say, call them all you want, the 'patient' is insured (it's just not the right patient). Now comes the hard part. The minute that the insurance company starts getting claims from both Peoria and Trenton, NJ flags are going to go up. Other old records would be sought (for something big like a transplant or joint replacement) which would likely not match.
Anything remotely resembling a heart transplant is going to fall apart unless both the real and fake patient have nearly identical physiques, ages and problems. More routine issues could go undetected for a while but persistent discrepancies would show up and as soon as the insurance company flagged the claim as problematic, big ticket items would be placed on hold until things go cleared up. When I worked in an early Medicaid HMO in the 1980's we had some problems with folks 'sharing' the Medicaid ID card (no picture, just a printout basically). It was pretty obvious when the patient's weight varied 30 pounds every other week. We soon insisted on photo ID.
And, in fact, the feds also insist on photo ID these days. Yes, if you're bleeding out we don't ask for it up front but as soon as your blood pressure normalizes we're poking around to figure out just who you are.
So it's possible that that full on medical records might be of value, but it's going to be much harder to monetize than a credit card number and likely would be of limited use. That doesn't mean that the information shouldn't be sealed up, of course. I'm just not sure how big a deal this is. And, in the case of the Community breach, they apparently did not get that information anyway.
"..ICE patterns formed and reformed on the screen as he probed for gaps, skirted the most obvious traps, and mapped the route he'd take through Sense/Net's ICE. It was good ICE. Wonderful ICE... ...His program had reached the fifth gate. He watched as his icebreaker strobed and shifted in front of him, only faintly aware of his hands playing across the deck, making minor adjustments. Translucent planes of color shuffled like a trick deck. Take a card, he thought, any card.
The gate blurred past. He laughed. The Sense/Net ice had accepted his entry as a routine transfer from the consortium's Los Angeles complex. He was inside. Behind him, viral subprograms peeled off, meshing with the gate's code fabric, ready to deflect the real Los Angeles data when it arrived."
William Gibson
This is most likely billing info. Until healthcare is free, you're going to have billing info. No way around it. The clinical info isn't really useful to your common crook - hard to make a buck out of knowing who has herpes since the pharmaceutical companies have already gleaned that information by paying your local pharmacist to tell them (legal and lucrative).
So, it's the old name, rank and social security number routine.
What were such systems doing connected to the public internet?
You reap what you sew. Put a system on the internet that is a big enough target, and it WILL be owned. The safe approach is physical separation coupled with careful local access control to prevent USB-style attacks (though with physical separation it is hard for them to phone home again).
They weren't on the 'public' Internet. They got hacked. Why was this stuff even on the network? Excellent question. The quick answer is that the hospital would like to get paid. So they have to create claims. Claims these days are electronic, little to no paper. The claims have to be sent from the hospital to the insurance companies -- through a network. And that network is .... the Internet.
Yes. hospitals could just go back to point to point dialup but that's not very convenient. They most likely had firewalls and other fancy things to prevent this sort of thing from happening but got caught either mis configuring something or more likely, fooled some witless employee into divulging something they shouldn't have. And before you get all high and mighty about this sort of thing, stop and reflect that the next witless employee might well turn out to be you.
You should have seen him before the lobotomy.
Uh Oh. Here we go again.
Can we just say op. cit. and have it done with?
Easier for you, easier for me, but not easier for the PEBKAC folk that outnumber us by a couple of orders of magnitude.
A well organized and vetted store can be a big help to naive users. The annoying part is that even Apple can't figure out how to do this properly.
That's exactly what Apple is doing. The OS and assorted upgrades and patches are delivered through the app store.
One store to rule them ...
Right now, impressionable youth from 3rd world countries are cheaper than robots. There won't be much worry about this for a while. A rust-bucket Honda and some dumb kid are going to be a lot cheaper than the latest Google-Tesla joint venture product.
We have plenty of time to think about it before Is-lame-oh terrorists are using them.
Except that one limiting factor in the jihad is the ability to get the starry eye idealist soon-to-be-martyr over on this side of the pond. Blowing oneself to tiny bits appears to be a hard sell to westernized folk. The concern here would be that an autonomous vehicle could alleviate that problem.
Of course, it's not a perfect solution. You have to purchase or steal the thing which now are in rather short supply. An autonomous vehicle is going to be fairly tightly regulated once let out into the wild - one of the basic tenets is that it communicates with other vehicles and presumably some sort of central command. Driving into a crowd or a chemical factory might be frowned upon.
Much easier to just blow up a chemical factory somewhere in New Jersey. Or start a forest fire near LA.
But it's the FBI's task to get all paranoid and look at all potential possibilities to ensure our ultimate freedom. USA! USA!
Insurance is a highly competitive industry. If accident rates go down competition will force rates close to $0.
You perhaps might see collision rates go down but there are many other liabilities that one typically insures a vehicle for - weather related damage, medical, liability and others (usually bundled under the rubric of 'comprehensive').
You are also assuming, without any data, that the future Johnny Cab will never get itself into an accident. I'm not so sure I would make such a bold claim.
Huh? I pay quite a bit of money for subscriptions - technical sites, reference sites even (crosses self) Adobe. I don't expect a group of people to curate, collate and organize information for free. Yes, I know that happens and I use those sites frequently as well.
But the subscription web is a useful concept. The problem comes when the value is relatively low. Like, for example, Slashdot. I'm certainly not going to spend several hundred dollars a year here. I have subscribed in the past - the benefits are unclear enough that I usually forget about it. As we've discussed innumerable times, a micropayment system would be an improvement. However, it's not going to get rid of the trolls.
Nothing short of a cosplay version of the Baroque Cycle is likely to do that.
Ads?
Too bad he (or she) didn't create it. It was a Heinleinism.
You are forgetting d) Nuke 'em from orbit.
It's the only way to be sure.
Naw, for the equipped Slashdotter, you will want one of these bad boys.
Gotta cover all your bases.
I hope that's what happened, actually, and I think it's 99% likely that you are correct. But it's not too difficult to image another scenario - a terrorist group bent on conducting biological warfare wants to get their hands on some raw material. I don't think that's what happened here. I sure as hell hope not. But do any of these facilities where highly contagious infectious diseases get treated have protection against such things? Should they?
Not a sensible strategy (at least if you are a sensible terrorist). All you need is a single victim which, presumably, you would knock on the head, drain a couple of liters of blood and poof, you have a crude bio weapon. If you were planning on doing more sophisticated things, you would likely just need a couple of vials.
No need for all the fuss.
And who knows, 2880 AC's might get a grasp on statistics. (1:10E6 chance of a global event does not give you 7000 casualties - that's not even wrong.)
Anyway, I'm not arguing in favor of oil. I'd love for everything to go all electric. BUT we need to not cripple ourselves in the process.
That's correct. We have plenty of oil / coal / tar sands / algae. What we need is a coherent discussion on how to get from here to there over the course of, say, a generation. We need some leadership to push the concept.
If it were the Soviet Union it would be a Hero Project. If it were 1930's US it would be another Rural Electrical Association or WPA project. If it were the 60's it would be the manned spacecraft program.
Unfortunately, in the 21st Century US political climate it's most likely to end up as the "War on Power" or something similar.
I mean, one could probably design a system which works as he proposes - however, this would almost certainly mean a complete revamp of the existing electrical grid.
At which point investing in storage technology and facilities will be the cheaper and more reliable solution.
Exactly this. It would require smart 'everything' (and one hell of a lot of aluminum foil from this crowd). Centralization of a bunch of info. Revamping the transmission grid. Rewiring the cities, towns and hinterlands.
Certainly technically doable. Certainly a political non starter.
Keep saving those AA's. Your gonna need them.
Depending on who you work with, blocking attachments can be very useful. If you have users that will click on anything, yes you need to block attachments.
Unfortunately, we have users that will click on anything. But yes, security is a process.
Genetic mutation is at the very core of Darwinian evolution. Surely, while many of these mutations will be bad and cause reduced lifespans for the individuals affected, SOME portion of these mutations must surely be positive (random mutation) leading to better survival chances and small hops forward in evolution. Every nuclear "disaster" like this should cause many individuals to die-off prematurely (not affecting evolution at all unless some were quite unique) not have any effect on some individuals, and cause "positive" mutations in some small number of individuals (which might not otherwise have naturally occurred and which will now be passed-on to offspring)
What's the problem as long as this did not affect a significant population of an endangered species?
I have one word for you: Godzilla.
Perhaps you can inform yourself how to secure an oil tank against leakage in case of a flood. It is surprisingly simlle, a no brainer in fact.
Of course. Perfectly simple. Perfectly simple to secure a 10,000 gallon tank of diesel oil in the face of a 20 foot high cascade of water and debris capable of knocking entire buildings off their foundations. And that after a magnitude 9 earthquake. Totally simple.
Surprised I am to find that wee bits of assorted chemicals were dumped into the environment after the disaster. Most surprised.
No brainer, indeed.
It's Obama's fault.