Episodes 108 and 109 – February 6, 2010
Show notes from Episode 108
Episode 108 is the su root edition. Interview with Gretchen Hellman of Vormetric, expert in HIPAA and encryption. Gretchen discusses the 2009 “son of HIPAA” passed by congress, called “HIPAA high tech,” and a Connecticut HIPAA lawsuit against Health Net, involving the loss of thousands of unencrypted records. Read about the lawsuit here.
Shownotes from Episode 109
Google approaches the National Security Agency for help in securing its networks. National Security Agency says yes. Neither is commenting publicly. NSA will perform a range of tasks for Google that are widely available from private information security companies. Is Google getting IT Security on the taxpayer dime? What’s Google offering the NSA in return? ? Is there more to Chinese Google attack than we’ve been told? Read the Washington Post report.
Speaking of China… they’ll get around to everyone sooner or later. This week it was the Iowa Gaming and Racing Commission. The Desmoines Register describes the attack, which exposed personal information belonging to 80,000 current and former casino employees, jockeys, horse and greyhound owners, and more. Desmoines Register reports.
Major patch Tuesday for Microsoft. This batch will include patches for 26 holes in multiple versions of Windows.
News from Black Hat D.C. A researcher points out holes in Cisco’s wiretapping architecture.
Biggest threats to databases come not from SQL injections, but from poor account management.
Law Enforcement is pushing for ISPs and other service provides to develop a web interface to make it easier and faster for police investigators seeking customer records. cnet’s Declan McCullough is on top of it.