Medical implants and hospital systems are still infosec dumpster-fires

mostlysignssomeportents:


Medical devices have long been the locus of information security’s scariest failures: from the testing and life-support equipment in hospitals to the implants that go in your body: these systems are often designed to harvest titanic amounts of data about you, data you’re not allowed to see that’s processed by code you’re not allowed to audit, with potential felony prosecutions for security researchers who report defects in these systems (only partially mitigated by a limited exemption that expires next year). What’s more, it can get much worse.

A pair of new studies from independent security researchers show that things are as bad or worse as they’ve ever been in the domain of implants and hospital systems.

Whitescope’s whitepaper on pacemaker security analyzes 7 different pacemaker programming devices from four different manufacturers (devices that can reprogram a pacemaker remotely, generally by using radio signals) and finds that they are collectively undefended against 8,000 know vulnerabilities, and do not have even simple authentication between pacemakers and pacemaker programmers, meaning that there’s no way your implanted pacemaker can tell whether it is connected to a legit device or an attacker’s hacking tool.

Whitescope was only able to publish this paper because of a limited, expiring exemption to the Digital Millennium Copyright Act that the Electronic Frontier Foundation won last year (but the exemption doesn’t extend to allowing them to publish some code samples and other sorts of normal security-audit data that would help other security researchers extend their work).

The other study, from the Ponemon Institute, bears the reassuring and self-explanatory title Medical Device Security: An Industry Under Attack and Unprepared to Defend.

Some highlights: “budget increases to improve the security of medical devices would occur only after a serious hacking incident occurred”; “ organizations do not encrypt traffic among IoT devices”; “testing of medical devices rarely occurs” and “device makers and users do not disclose privacy and security risks of their medical devices.”

https://boingboing.net/2017/05/26/disclosure-vs-dmca.html

Cable lobby conducts survey, finds that Americans want net neutrality

Cable lobby conducts survey, finds that Americans want net neutrality:

news-queue:

As US cable companies push to eliminate or change net neutrality rules, the industry’s primary lobby group today released the results of a survey that it says shows “strong bipartisan consensus that the government should let the Internet flourish without imposing burdensome regulations.”

But proponents of keeping the current rules can find plenty to like in the survey conducted by NCTA—The Internet & Television Association. A strong majority of the 2,194 registered American voters in the survey support the current net neutrality rules that prohibit ISPs from blocking, throttling, or prioritizing online content in exchange for payment. While most opposed price regulation, a majority supported an approach in which regulators take action against ISPs on a case-by-case basis when consumers are harmed—the exact same approach the Federal Communications Commission uses under its existing net neutrality regime.

Full results of the NCTA survey conducted with Morning Consult are available here.

About 61 percent of respondents either “strongly” or “somewhat” support net neutrality rules that say ISPs “cannot block, throttle, or prioritize certain content on the Internet.” Only 18 percent oppose net neutrality, as the rest don’t know what it is or had no opinion.

Technically, this doesn’t contradict the official position of major cable companies like Comcast and Charter. These companies say they support the core net neutrality rules, while merely opposing the FCC’s use of its common carrier authority under Title II of the Communications Act to enforce them. But the net neutrality rules imposed in 2015 depend on Title II because of a 2014 court decision that prevented the FCC from enforcing the rules without reclassifying ISPs as Title II common carriers.

Support for protecting consumers

The first slide in the NCTA survey results trumpets broad support for “light touch” regulation. But instead of signaling broad opposition to Title II, the wording of the question shows that Americans support an approach that’s consistent with the one taken by the FCC’s then-Democratic leadership in 2015 (and which the FCC’s current Republican leadership wants to overturn).

Read More

FCC halts public comments on Net Neutrality

mostlysignssomeportents:

After hearing from so many angry Americans who wanted to preserve net neutrality rules that they had to invent a seemingly fictional “denial of service” attack to explain their servers melting down, the FCC has solved the problem by telling the public to go fuck themselves.

The FCC will no longer accept public comments on Net Neutrality, while it “reflects” on the comments it’s received.

You can still tell the FCC what you think by posting to EFF’s DearFCC.org site – EFF will make sure the commissioners get your comments.

https://boingboing.net/2017/05/15/a-banana-in-my-ear.html

you are about to lose your access to the internet.

fullhalalalchemist:

right now, you are able to access everything on the internet, correct? it’s not like cable tv, where you’re forced to pay a company to only give you a limited range of shitty tv shows bombarded with shitty commercials all for an expensive and unfair deal.

the internet is about to be exactly like that. everything, from accessing sites like Tumblr to ao3, to seeing your financial aid packet online, to googling dumb shit on wikipedia, to laughing at internet memes, to streaming things online, all of that is because the internet is open and free. and it is all about to be taken away from you. you are about to lose your net neutrality.

do not understand net neutrality? here is a handy guide. here is also a john oliver segment describing everything.

here is what you can do to stop it:

-submit your comment to the fcc here. click on + Express, fill out your info, and tell the FCC not to repeal Net Neutrality rules. Tell Ajit Pai to support Net Neutrality backed by title 2 oversight on ISPs. make your comment personal.

YOU. MUST. SUBMIT. A. COMMENT. this is the most IMPORTANT part!! public comments close on MAY 11. we don’t have much time to save the internet!

-FCC Hotline: 1-888-225-5322

-here are petitions you can sign

-call your representatives. urge them to pressure the FCC not to remove the Titile 2 oversight on ISPs.

PUBLIC COMMENTS CLOSE THIS THURSDAY, MAY 11. WE HAVE TWO DAYS TO COMPLETELY FLOOD THE COMMENTS. THIS IS URGENT.

please spread! send this to all your mutuals! spam your blogs! send this to all your friends on facebook, on twitter, reddit, on anything and everything! email your mom! idc! just get as many people as you can to submit a comment!!

you are about to lose your access to the internet.

fullhalalalchemist:

right now, you are able to access everything on the internet, correct? it’s not like cable tv, where you’re forced to pay a company to only give you a limited range of shitty tv shows bombarded with shitty commercials all for an expensive and unfair deal.

the internet is about to be exactly like that. everything, from accessing sites like Tumblr to ao3, to seeing your financial aid packet online, to googling dumb shit on wikipedia, to laughing at internet memes, to streaming things online, all of that is because the internet is open and free. and it is all about to be taken away from you. you are about to lose your net neutrality.

do not understand net neutrality? here is a handy guide. here is also a john oliver segment describing everything.

here is what you can do to stop it:

-submit your comment to the fcc here. click on + Express, fill out your info, and tell the FCC not to repeal Net Neutrality rules. Tell Ajit Pai to support Net Neutrality backed by title 2 oversight on ISPs. make your comment personal.

YOU. MUST. SUBMIT. A. COMMENT. this is the most IMPORTANT part!! public comments close on MAY 11. we don’t have much time to save the internet!

-FCC Hotline: 1-888-225-5322

-here are petitions you can sign

-call your representatives. urge them to pressure the FCC not to remove the Titile 2 oversight on ISPs.

PUBLIC COMMENTS CLOSE THIS THURSDAY, MAY 11. WE HAVE TWO DAYS TO COMPLETELY FLOOD THE COMMENTS. THIS IS URGENT.

please spread! send this to all your mutuals! spam your blogs! send this to all your friends on facebook, on twitter, reddit, on anything and everything! email your mom! idc! just get as many people as you can to submit a comment!!

touzen: datarep: “He kidnaps, she screams”: words associated…



touzen:

datarep:

“He kidnaps, she screams”: words associated with gender in Wikipedia plot descriptions

by variance_explained

In linguistics we call this “social gender”, which is basically whether a word has a feminine or masculine connotation. This kind of thing can be hard to intuit, since there are no hard and fast rules. Obvious examples include words like “nurse”, which may be technically gender neutral, but it’s got such a strong feminine connotation that many people will clarify “male nurse”. Less obvious examples are words like “muscles”, which all humans have, but the default interpretation is like, a manly guy with bulging biceps.

Many many words have social gender that’s difficult to notice, either because of the natural struggle to see gender, or because it’s just that subtle. So a corpus analysis like this is exciting because it gives concrete data on words we might not have thought twice about!!

izanzanwin: Settlers deny that they desecrate sacred remains….







izanzanwin:

Settlers deny that they desecrate sacred remains. They deny the violence that happened at Standing Rock, and now they continue to desecrate and destroy the sacred sites. Please signal boost, call, get the word out that this is happening. Colonialism is still ongoing, never forget.