Change Healthcare Confirms Ransomware Hackers Stole Medical Records on a ‘Substantial Proportion’ of Americans
Read more of this story at Slashdot.
Sales And Repair
1715 S. 3rd Ave. Suite #1
Yakima, WA. 98902
Mon - Fri: 8:30-5:30
Sat - Sun: Closed
Sales And Repair
1715 S. 3rd Ave. Suite #1
Yakima, WA. 98902
Mon - Fri: 8:30-5:30
Sat - Sun: Closed
Read more of this story at Slashdot.
When law enforcement uses automated license plate readers (ALPRs) to document the comings and goings of every driver on the road, regardless of a nexus to a crime, it results in gargantuan databases of sensitive information, and few agencies are equipped, staffed, or trained to harden their systems against quickly evolving cybersecurity threats. The Cybersecurity and Infrastructure Security Agency (CISA), a component of the U.S. Department of Homeland Security, released an advisory last week that should be a wake up call to the thousands of local government agencies around the country that use ALPRs to surveil the travel patterns of their residents by scanning their license plates and “fingerprinting” their vehicles. The bulletin outlines seven vulnerabilities in Motorola Solutions’ Vigilant ALPRs, including missing encryption and insufficiently protected credentials…
Unlike location data a person shares with, say, GPS-based navigation app Waze, ALPRs collect and store this information without consent and there is very little a person can do to have this information purged from these systems… Because drivers don’t have control over ALPR data, the onus for protecting the data lies with the police and sheriffs who operate the surveillance and the vendors that provide the technology. It’s a general tenet of cybersecurity that you should not collect and retain more personal data than you are capable of protecting. Perhaps ironically, a Motorola Solutions cybersecurity specialist wrote an article in Police Chief magazine this month that public safety agencies “are often challenged when it comes to recruiting and retaining experienced cybersecurity personnel,” even though “the potential for harm from external factors is substantial.” That partially explains why, more than 125 law enforcement agencies reported a data breach or cyberattacks between 2012 and 2020, according to research by former EFF intern Madison Vialpando. The Motorola Solutions article claims that ransomware attacks “targeting U.S. public safety organizations increased by 142 percent” in 2023.
Yet, the temptation to “collect it all” continues to overshadow the responsibility to “protect it all.” What makes the latest CISA disclosure even more outrageous is it is at least the third time in the last decade that major security vulnerabilities have been found in ALPRs… If there’s one positive thing we can say about the latest Vigilant vulnerability disclosures, it’s that for once a government agency identified and reported the vulnerabilities before they could do damage… The Michigan Cyber Command center found a total of seven vulnerabilities in Vigilant devices; two of which were medium severity and 5 of which were high severity vulnerabilities…
But a data breach isn’t the only way that ALPR data can be leaked or abused. In 2022, an officer in the Kechi (Kansas) Police Department accessed ALPR data shared with his department by the Wichita Police Department to stalk his wife.
The article concludes that public safety agencies should “collect only the data they need for actual criminal investigations.
“They must never store more data than they adequately protect within their limited resources-or they must keep the public safe from data breaches by not collecting the data at all.”
Read more of this story at Slashdot.
“The new labels allow employees to change prices as often as every ten seconds.”
“If it’s hot outside, we can raise the price of water and ice cream. If there’s something that’s close to the expiration date, we can lower the price — that’s the good news,” said Phil Lempert, a grocery industry analyst…
The ability to easily change prices wasn’t mentioned in Walmart’s announcement that 2,300 stores will have the digitized shelf labels by 2026. Daniela Boscan, who participated in Walmart’s pilot of the labels in Texas, said the label’s key benefits are “increased productivity and reduced walking time,” plus quicker restocking of shelves…
As higher wages make labor more expensive, retailers big and small can benefit from the increased productivity that digitized shelf labels enable, said Santiago Gallino, a professor specializing in retail management at the University of Pennsylvania’s Wharton School. “The bottom line, at least when I talk to retailers, is the calculation of the amount of labor that they’re going to save by incorporating this. And in that sense, I don’t think that this is something that only large corporations like Walmart or Target can benefit from,” Gallino said. “I think that smaller chains can also see the potential benefit of it.”
Indeed, Walmart’s announcement calls the tech “a win” for both customers and their workers, arguing that updating prices with a mobile app means “reducing the need to walk around the store to change paper tags by hand and giving us more time to support customers in the store.” Professor Gallino tells NPR he doesn’t think Walmart will suddenly change prices — though he does think Walmart will use it to keep their offline and online prices identical.
The article also points out you can already find electronic shelf labels at other major grocers inlcuding Amazon Fresh stores and Whole Foods — and that digitized shelf labels “are even more common in stores across Europe.”
Another feature of electronic shelf labels is their product descriptions. [Grocery analyst] Lempert notes that barcodes on the new labels can provide useful details other than the price. “They can actually be used where you take your mobile device and you scan it and it can give you more information about the product — whether it’s the sourcing of the product, whether it’s gluten free, whether it’s keto friendly. That’s really the promise of what these shelf tags can do,” Lempert said.
Thanks to long-time Slashdot reader loveandpeace for sharing the article.
Read more of this story at Slashdot.
From Red Hat’s announcement:
This milestone underscores Red Hat’s pioneering role in obtaining continuous and comprehensive Safety Element out of Context certification for Linux in automotive… This certification demonstrates that the engineering of the math library components individually and as a whole meet or exceed stringent functional safety standards, ensuring substantial reliability and performance for the automotive industry. The certification of the math library is a significant milestone that strengthens the confidence in Linux as a viable platform of choice for safety related automotive applications of the future…
By working with the broader open source community, Red Hat can make use of the rigorous testing and analysis performed by Linux maintainers, collaborating across upstream communities to deliver open standards-based solutions. This approach enhances long-term maintainability and limits vendor lock-in, providing greater transparency and performance. Red Hat In-Vehicle Operating System is poised to offer a safety certified Linux-based operating system capable of concurrently supporting multiple safety and non-safety related applications in a single instance. These applications include advanced driver-assistance systems (ADAS), digital cockpit, infotainment, body control, telematics, artificial intelligence (AI) models and more. Red Hat is also working with key industry leaders to deliver pre-tested, pre-integrated software solutions, accelerating the route to market for SDV concepts.
“Red Hat is fully committed to attaining continuous and comprehensive safety certification of Linux natively for automotive applications,” according to the announcement, “and has the industry’s largest pool of Linux maintainers and contributors committed to this initiative…”
Or, as Network World puts it, “The phrase ‘open source for the open road’ is now being used to describe the inevitable fit between the character of Linux and the need for highly customizable code in all sorts of automotive equipment.”
Read more of this story at Slashdot.