Sep 29, 2008

ISPs Call For Industry Standards On Behavioral Targeting

Some of the largest ISPs in the United States have vowed not to monitor Internet users' activities without permission.

Representatives from Verizon and Time Warner Cable testified at a hearing this week and said their companies do not monitor user behavior in order to target them with custom advertisements. They said they would only monitor activity if users choose to opt-in. The companies want other ISPs and search engines to follow suit.

Google has also indicated a willingness to allow consumers the choice to opt-out of data collection.

Congress has been examining the issue and most ISPs prefer industry-wide standards over increased federal privacy laws. Several ISPs are working together to adopt self-regulatory guidelines. Although not all of those involved in drafting the guidelines have come forward, those who have said they hope to produce a code-of-conduct by next year.

Sep 28, 2008

Brisbane lonely-heart loses $20,000 in scam

A Brisbane man has been stripped of $20,000 and left red-faced after his female friend turned out to be a man, in an online romance scam. A 23-year-old man was arrested in Nigeria and charged with fraud over the incident which left 45-year-old Ralph Thomason thousands of dollars out of pocket.

Queensland Police Service worked closely with the Nigerian Economic Financial Crimes Commission in the overseas sting. Police Minister Judy Spence said today the arrest served as a timely reminder for people to be vigilant when using the internet to find romance.

"Requests to send money or personal information like account details overseas to an online companion should be treated with extreme caution." Ms Spence congratulated police for playing a pivotal role in the arrest.

"Queensland police are leading the world when it comes to the investigation of Advance Fee Fraud internet-based offences," Ms Spence said. "This week's result is a testament to the hard work and expertise of our officers." Queenslanders are losing up to $1 million in Nigerian online scams every month.

Sep 27, 2008

Nick McKenzie: $12bn in illicit loot flowing offshore

UP TO $12 billion in illicit drug money is flowing out of Australia annually - an amount up to 30 times greater than official estimates - according to the nation's most powerful crime fighting agency.

The Australian Crime Commission's estimates suggest authorities are drastically underestimating the quantity of drugs crossing the nation's borders without detection.

ACC chief executive Alastair Milroy told The Age that the commission believed $4 billion to $12 billion in drug money was being sent offshore each year.

The most recent official estimate, for 2004, put the figure at $382 million.

"The estimates at the moment range between $4 billion and $12 billion a year. We are not saying at the moment which end of the scale is right or wrong, but what we are saying is it is significant," Mr Milroy said.

While early analysis suggests the real figure is closer to the $12 billion mark, the project is relatively new so the commission cannot commit to a more precise figure.

It is expected that senior law enforcement officials will brief the Federal Government in coming weeks about the need for revised strategies to confront the huge supply and demand for drugs such as ecstasy.

The ACC's estimates come from a secretive international operation, code-named Gordian, which has led to the seizure of drugs worth more than $1.5 billion and the launch of a sophisticated anti-money laundering strategy.

The ACC's work has also led to the arrest of more than 70 suspects over drugs and money laundering offences since 2005.

Those charged with smuggling money out of the country include international airline pilots, money remitters and figures connected to Asian organised crime and triad syndicates in Asia, North America and Europe.

The ACC estimates suggest a continuing huge domestic demand for ecstasy and other illegal drugs in Australia, and that traditional policing methods are failing to detect the majority of drug importations.

Sep 26, 2008

Home Automation To Grow 50% Telstra To Be Key Player

The home automation market is set to change dramatically with the market split into two core sectors ?mainstream? systems based on standardised technologies and packaged home automation components wrapped around services offered through a broadband or wireless service provider like Telstra a leading research Company has said.

The home automation market is set to change dramatically with the market split into two core sectors "mainstream" systems based on standardised technologies and packaged home automation components wrapped around services offered through a broadband or wireless service provider like Telstra a leading research Company has said.
ABI Research has also said that the home automation market is set to grow more than 50-fold between now and 2013.
For 20 years, home automation systems were confined to two niche markets: luxury custom-designed and installed high-end systems that cover the whole home at a typical cost of $50,000-80,000 and up, and "do it yourself" X10 systems that tech-savvy customers typically bought online and installed themselves.
Now, according to ABI Research senior analyst Sam Lucero, "Home automation systems are becoming more mainstream and managed services are growing. ABI Research believes that they will appeal to a much wider public. Their forecasts indicate that the overall market will grow from a modest numbers this year to millions of systems in 2013."
By far the lion's share of that growth will occur in the two new segments, "mainstream" and managed services. Mainstream systems are based on standard technologies and packaged components, as well as software that is integrated into other devices in the home, such as set-top boxes. They feature interoperable devices available from multiple vendors, as opposed to integrated single-vendor systems. Such products are typically sold via high-touch retail and "big box" outlets. Home builders are also using them as an option.

Sep 25, 2008

Liam Tung,, Telstra, CommBank, DoD in secret cyberwar games

In an unknown location, a handful of Australia's best known companies and government agencies are undertaking secret tests in a mock cyberwar, as the country's infrastructure comes under attack in a simulated online war named Cyber Storm II.

This week, as part of Cyber Storm II, 50 critical infrastructure businesses are discovering not just what they can do for Australia under a cyberattack but what they can't. The exercises, which began on Tuesday, involve a series of simulated online and physical attacks, targeting a number of Australia's most important critical infrastructure businesses, including the Commonwealth Bank, Energex and Telstra.

Australia's involvement is being controlled from a secret location in Victoria, a spokesperson for Attorney-General, Robert McClelland, told

"From there we'll throw out different scenarios to all those involved," the spokesperson said.

Exactly what scenarios participating organisations have been facing, however, remains a secret -- to protect the vulnerabilities being tested, the spokesperson said. Several government agencies are taking part in the exercise, including the Australian Federal Police, the Office of the Attorney General and Department of Defence. Of the 50 Australian organisations taking part in the international exercise, only 28 were willing to reveal their involvement. From the financial sector are Commonwealth Bank, National Australia Bank, Westpac, ANZ, Bank of Queensland, Bendigo Bank and Citigroup. The Australian Stock Exchange and the Reserve Bank of Australia also participated.

The energy sector is well represented too, with Woodside Energy, Country Energy, Energex, Energy Networks Association, Ergon Energy as well as South Australia's Department of Transport, Energy and Infrastructure.

Australia's cybersecurity needs work

A previously unreleased report from Australia's attorney-general's department has urged the government to take action to curb the quick and ferocious nature of modern cyber-attacks. In March this year governments from Australia, Britain, New Zealand, Canada and the United States ran the largest-ever cyber war games, Cyber Storm II.

Freedom of Information documents, obtained by AAP, show the participants, which included the private sector, were surprised by the "borderless nature" of cyber attacks and the "speed with which they can escalate". "Contingency planning must include potential flow-on effects," the final report into Cyber Storm II states.

COPD drugs linked to increased heart risk

Inhaled anti-cholinergic agents by patients with chronic obstructive pulmonary disease is linked to increased risk of heart attack, U.S. researchers said.

Inhaled anti-cholinergic agents -- including ipratropium bromide or tiotropium bromide -- are widely used in patients with COPD. Inhaled tiotropium is the most widely prescribed medication for COPD, with more than 8 million patients worldwide having used it since its approval in 2002, said Dr. Sonal Singh of Wake Forest University School of Medicine in Winston-Salem, N.C.

Asher Moses: Moko milks the instant chat fad

You're already on MySpace, Facebook, YouTube, Flickr and Twitter but a Perth entrepreneur hopes Australians have time for just one more web tool.

Ian Rodwell founded Loop Mobile four years ago and for the past three years his mobile phone community site, Moko, has competed for attention with the likes of Facebook and MySpace.

The site is now expanding globally but Rodwell, 46, bristles at the suggestion that his creation is just another social network. He says that, while social networks are designed to help us keep in touch with our existing friends, Moko is all about making new connections.

"It's about meeting new people that you don't know and you don't even have to use your real name," he said.

Sep 23, 2008

Watchdog eyes 140 'scam' websites

The consumer watchdog is investigating 141 Australian websites suspected of scamming the public following an international sweep of the internet conducted by consumer protection agencies yesterday.

The suspicious sites include those providing genealogy/family history services, online DNA testing, lotteries, premium mobile services and arbitrage betting providers, the Australian Competition and Consumer Commission said.

If the website operators are unable to substantiate their claims they will be forced to make modifications or take the sites down altogether.

"The law is the law. When dealing with traders operating in Australia, the same basic rights apply online as they do offline," ACCC deputy chairman Peter Kell said.

The move comes after 30 government operatives in Canberra yesterday carried out a widespread sweep of the internet, searching for sites that sought to deceive shoppers, investors and researchers with scams, overhyped promises and false claims in general.

They were joined by more than 20 consumer protection agencies around the world, which examined sites based out of their respective countries.

The local operatives included staff from the ACCC, ACT Office of Fair Trading, Department of Broadband, Communications and the Digital Economy and the Treasury. They found the sites using predetermined search terms such as "anti-ageing" and "instant millionaire".

ACCC spokeswoman Lin Enright said 751 local sites were investigated yesterday and, of those, 141 had been "flagged for in-depth review".

The Communications Minister, Stephen Conroy, said trust and confidence underpinned the growth of Australia's digital economy.

"Australians should have the confidence that, when they transact online, they have the same levels of protection that they have in the offline world," he said.

Sport injury crisis 'is being ignored'

AUSTRALIA is ignoring a health crisis from sports injuries, with more than a million occurring each year, sports medicine experts say.

In Victoria, sport is second only to road accidents as the cause of lifelong injuries, yet it does not receive the same attention or concern as the road toll or workplace accidents.

Sports Medicine Australia's chief executive, Gary Moorhead, said: "It's a commonly held view among sports medicine professionals that a lot of the knee and hip replacements that people have to have later in life may well be due to sports injuries when people were young.

"The biggest problem is the injuries aren't as serious in nature but cumulatively they are as serious and the impact is experienced much later in life — they are the sort of injuries that can keep on costing."

The Federal Government yesterday launched new national safety guidelines for young people to prevent sport injuries, which Minister for Sport Kate Ellis said were "a substantial drain" on the health system.

Sep 22, 2008

Ken Schachter: Where Was the Board Oversight

It may take years to assess responsibility for the still-unfolding global credit crisis, but billionaire investor Carl Icahn is joining a chorus of critics taking aim at $1,000-per-hour corporate directors who failed to hold executives’ feet to the fire.

“What did they do to prevent these great ships from going down?” Mr. Icahn asked on his Icahn Report blog. “Were they enjoying lavish lunches and fine wines in the officers' dining rooms or were they on the bridge challenging the captain? Or was the captain even there?”

Corporate executives and pundits have lashed out at the practices of short-sellers, the failures of credit-rating agencies and the reactive policies of the Federal Reserve and the Treasury Department. Mr. Icahn, however, set his sights on directors who are allied with entrenched management.

Rich Bowden: Fish Fingers

Swedish scientists studying a fish that lived 385 million years ago have made a remarkable discovery that pushes back knowledge as to when fingers and toes first evolved.

It has been long-believed that the first creatures to develop fingers were tetrapods as they made their way from sea to living on land around 10 to 20 million years later.

However, a study by scientists from Uppsala University in Sweden, which has been published in the journal Nature, has shown an early form of finger structure was already present inside the fins of an ancient fish called Panderichthys, which lived mostly in mud pools and rivers and grew to around four feet (130 cms) in length.

"For a long time, we thought that fingers were a novelty for tetrapods," said lead researcher Catherine Boisvert, an evolutionary biologist at Uppsala University.

"In the past two years, some evidence has come forward to make us doubt. It's really the last piece of evidence to say fingers are not new. They were really present in fish," she added.

The precursor to fingers was hidden behind the skin and scales of the fish, which probably used them for support rather than all-out swimming, claimed the team.

"It was probably using its front fins as supports to be able to look up, kind of doing push-ups at the bottom of the river looking outside with its eyes," Boisvert said.

The study is a landmark in evolutionary biology, with its confirmation that fingers were already developing in fish prior to their move to land.

"It is an important piece of evidence for the evolution of fish to tetrapods and how 'we' transformed from fish to land animals," said Boisvert.

Jonathan Richards: Thousands of cyber attacks each day on key utilities

Computer networks controlling electricity supplies, telecommunications and banking are being attacked thousands of times a day in a new cyberwar against Britain waged by criminals and terrorists — some of them backed by foreign states — the Government has said.

Lord West of Spithead, the Security Minister, told The Times that a mixture of state-sponsored individuals “and those operating at a terrorist level” frequently tried to break into the key networks.

Intelligence organisations such as MI5 have given warning of the threat of state-sponsored “cyber-espionage” from countries such as Russia and China, but this is thought to be the first time that the Government has quantified the extent of the threat to the nation’s networks, furthering the prospect of more widespread computer-based “warfare”.

“If you take the whole gamut of threats, from state-sponsored organisations to industrial espionage, private individuals and malcontents, you’re talking about a remarkable number of attempted attacks on our system — I’d say in the thousands,” Lord West said. “Some are spotted instantly. Others are much, much cleverer.”

Jeremy Kirk: Cybercrime cooperation advances

In 1997, the G8 had their ministers of justice and interior come together and create a 10-point action plan and 10 principles in combating cybercrime. One of the things that came about was trying to set up a cooperative network realizing that things move quick in cyberspace and often quicker than some of the formalized processes allow. Data is very transient and ephemeral. So the idea was to try to set up a network of informal points of contact. It's essentially a directory, a way to reach cybercrime experts.

By 2001 it had grown to approximately 18 members, and now it has grown to 45, including the addition of six new members in the last year. We have countries represented now from all continents [except for Antarctica]. There are a couple of countries from Africa who joined this past year and countries from South America.

In a case of either a cyberattack or a case where cyberevidence is involved, they can call another person on the contact list and that person can hopefully at least preserve the data while you take the more formal steps.


Cybercrime laws aren't working, says minister

Jim Murphy, the Cabinet Office Minister responsible for e-government, told ZDNet UK on Thusday that present legislation is ineffective, and is not stopping criminals from perpetrating cybercrime. Murphy also suggested that bringing cyberciminals to justice is extremely difficult.

"We aren't going to stop unscrupulous people from doing what they want online — we can pass laws, but the criminals are smart and unconditionally mobile," Murphy said at the launch of Get Safe Online, a consumer protection Web site, in London.

Murphy's comments came just days after the National Hi-Tech Crime Unit (NHTCU) warned that it was struggling to cope with the international nature of e-crime, especially in identifying who actually perpetrates serious cybercrime.

Guidelines for Formal Cooperation between Law Enforcers and ISPz

The CyberCrime Convention 2008 in Europe is set to come up with a bunch of guidelines to help formalize cooperation between Internet Service Providers (ISPs) and Law Enforcement Agencies. These guidelines will be completed during the Cybercrime Conference underway in Strasbourg, France and offered to member countries for use. The convention came by these guidelines while working on ways to speed up response times in reacting to online crime.

The move is timely as until now there was no laid down procedure to aid officials involved in fighting internet crime. This lacuna majorly hampered cybercrime investigations. In fact, online criminals were taking advantage of such loopholes all this while. They felt safe in using the remoteness and anonymity offered by the internet.

Negar Salek: Does cyber-terrorism exist?

Global security experts gathered in Malaysia last month to help ramp up the world’s defenses against cyber-terrorism

Dubbed by organisers as ‘the largest ministerial-level gathering ever organised about cyber-terrorism’, the World Cyber Security Summit (WCSS), was recenlty held in Malaysia. Hosted by the International Multilateral Partnership Against Cyber-Terrorism (IMPACT), government representatives from all over the globe including Australia joined private sector and prominent security experts. The summit was chaired by Malaysian Prime Minister Dato’ Seri Abdullah Ahmad Badawi with international speakers such as Professor Howard Schmidt, former White House security advisor and former chief security officer at Microsoft and eBay.

They were joined by a multitude of security experts including Mikko Hypponen, chief research officer at F-Secure; Dr Paul Twomey, president and chief executive officer of ICANN; Dr Vinton G. Cerf, ‘Father of the Internet’ and chief Internet evangelist at Google and Eugene Kaspersky, founder and chief executive officer of Kaspersky Lab.

Australia was well-represented with officials from the Attorney-General’s office and other government bodies attending the three-day summit.

According to IMPACT, the goal was to chart the future course for IMPACT as a global multilateral platform using ministerial roundtables, plenary sessions and information-sharing sessions about the latest cyber-security threats, trends and issues, such as, ‘Global Denial of Service’.

According to Kaspersky, IMPACT is a unique initiative, aimed primarily at consolidating efforts against cyber-terrorism.

Lexus automobile virus

SC Magazine reporter David Quainton and ZDNet reporter Dan Ilett published stories in late January about an unknown computer virus that might have infected Lexus automobiles. According to the stories, Russian antivirus firm Kaspersky Labs revealed it was contacted "by a user asking how to disinfect the onboard computers of several Lexus cars... The user said that the infection occurred via a mobile phone."

Quainton's story quoted Eugene Kaspersky as saying "if infected mobile devices are scary, just thinking [sic] about an infected onboard computer." F-Secure spokesman Mikko Hyppönen talked in the story about computer security threats for both cars and aircraft.

These stories saw wide reprint on web-based news sites and on computer security mailing lists. They spawned numerous knockoff stories, many of them hysterical in nature and lacking attribution. Local & national TV reporters also expressed an interest in the story. Computer security celebrity Bruce Schneier (Counterpane) added more fuel to the fire when he linked to one such knockoff story in the February edition of his newsletter.

Lee Min Keong: International cooperation key in cybercrime fight

F-Secure Corp chief research officer Mikko Hypponen paints a bleak picture of the fight against escalating cybercrime. He told ZDNet Asia during his visit to F-Secure's Kuala Lumpur office recently, almost all cases have gone unpunished since prorosecuting such crimes is very difficult as it requires the co-operation of enforcement agencies across international borders.

Hypponen, who is based in Helsinki, Finland, is also an advisory council member of Impact (International Multilateral Partnership Against Cyber Terrorism). Incorporated in January 2008, Impact is a global initiative that seeks to establish a platform bringing governments to partner with the private sector to fight cyber threats.

Q: What has been the success of the law enforcement agencies against cyber criminals?
Well, 99.9 percent of these cases have gone unpunished. Even in cases where the criminal is apprehended, quite often he doesn't get sentenced. Prosecution is hard because the laws are national but these crimes are international. So in the real world, police forces from [say] seven countries would need to cooperate to get evidence for the prosecution. And that is just very hard.

Does it mean the outlook is very bleak?
I'd love to tell you that we are going in the right direction but I am afraid I would be lying. The situation right now is that criminals are making lots of money and they know the risk of getting caught is very low. And even if they get caught, they won't get very serious sentences at all.

Charles Cooper: How lame is lithium ion?

If my laptop drops dead one more time because the battery's out of juice, I may go postal. I know. There are worse things in life. But how lame is lithium ion? I'm sure that my frustration's not unique. Many of you have surely engaged in the same frantic race against the clock, typing furiously as the computer's battery icon wastes down to empty. And Murphy's Law being what it is, there doubtless was not an electrical unit in the same time zone.

Of course, some laptops are better at power management than others. Still, three hours, maximum, is about the best you can hope for. That's no bargain. But such is life in the lithium-ion era. Now a start-up called ZPower says it's come up with a battery technology breakthrough which it claims will result in 40 percent longer laptop life than lithium-ion on a single charge. The company says it has struck a deal with "one of the major" PC makers to use its silver-zinc batteries in a notebook line slated for 2009. The CEO, Ross Dueber, declined to get more specific than that.

'Google phone' to debut this week

A mobile telephone tailored to run on Google's Android software is to debut next week in New York City.

US telecom carrier T-Mobile is slated to unveil a "Google phone" built by Taiwanese firm HTC on Tuesday and to have the device for sale in US stores as early as October.

Google is hoping Android will become the dominant operating system for mobile phones. It is designed to improve the speed and quality of using the Internet on handsets.

Android is being developed as an "open source" platform, meaning anyone is free to use the technology to make mobile telephones compatible with the networks of multiple carriers.

Google announced Android plans late last year and analysts reacted by saying it could potentially transform the mobile telephone market by providing service supported by advertising instead of subscription fees.

"We are seeing a number of technology companies demonstrating how Android will operate on their technology," Google spokesman Barry Schnitt told AFP at a Mobile World Congress gathering in Spain early this year.

"Clearly momentum is building."

Google announced a 34-member group called the "Open Handset Alliance" in November of 2007 to develop Android, including China Mobile, HTC, Intel, Motorola, Qualcomm, T-Mobile, Telefonica, LG and eBay.

ARM, Marvell, Texas Instruments, Qualcomm, NEC, ST Microelectronics were reportedly among companies that demonstrated Android phone prototypes at Mobile World Congress.

Sep 21, 2008

Judy Siegel-Itzkovich: Haifa identifies long-term memory protein

A protein essential in long-term memory consolidation has been identified at the University of Haifa. As the process of memory creation and consolidation is the first to be affected in neurodegenerative diseases like Alzheimer's and Parkinson's, understanding the biological mechanisms of the process brings us one step closer to finding a treatment for these diseases, said chief researcher Prof. Kobi Rosenblum, who published the study in the prestigious journal Nature Neuroscience.

The human brain constantly receives sensory stimuli from the outside world - sounds, tastes, visual images, touch and smells. A very small fraction of these stimuli recorded in short-term memory become part of our long-term memory. Previous studies in the university's laboratory for molecular mechanisms of learning and memory identified a protein linked to the quality of long-term memories. In the current study, researchers were looking to understand how long-term memories are stabilized.

Rosenblum, who heads the department of neurobiology and ethology, was assisted by doctoral student Alina Elkobi, Drs. Katya Belelovsky and Liza Barki, and worked in cooperation with Dr. Ingrid Ehrlich from the Friedrich Miescher Institute at the University of Basel. They searched for a protein present during the process of memory formation that is an essential factor in the process. Using taste learning in mice, the researchers found learning-related induction of the protein PSD-95 in the cortex "taste center" during the process of memory creation. However, when the mice were exposed to known tastes, PSD-95 was not induced in this center.

To prove that PSD-95 is essential for the process of memory creation, the researchers used two different groups of mice that had undergone the same tests for taste learning. Using genetic engineering, the researchers halted the process of PSD-95 production in the nerve cells of the taste center in the cortex. The group whose PSD-95 production was stopped had no memory of new tastes the day after being introduced to them, while the other group remembered the tastes, thus demonstrating that a new memory was created when PSD-95 was induced, and that the information disappeared when the protein was not induced. The study further examined the effect of PSD-95 on existing memories. Mice that had already been introduced to and remembered certain tastes were genetically engineered to stop producing the protein and they still remembered the tastes, which showed that while PSD-95 induction is essential for memory creation, its absence does not affect memory retention.

The process of long-term memory creation in the human brain is one of the incredible processes so clearly different than found in "artificial brains" like a computer. While an artificial brain absorbs information and immediately saves it in memory, the human brain continues to process information long after it is received, and the quality of memories depends on how the information is processed.

"One of the first processes to be affected in neurodegenerative diseases like Alzheimer's and Parkinson's is that of memory acquisition and processing. In this research we identified one specific protein, among the many active in brain synapses whose production is essential to process and remember information it receives. The more we understand about the processes and elements involved in this complicated process, the sooner we will be able to develop medications which will delay the progress of cognitive degenerative diseases and enable patients to continue normative functioning," explains Rosenblum.

Sep 20, 2008

By Stuart J. Johnston: Cloud computing puts your health data at risk

The advent of "in the cloud" medical records services, such as Microsoft HealthVault and Google Health, promises an explosion in the storage of personal health-care information online.

But these services pose sticky privacy questions — unless you know how to protect your personal medical records.

A promise of safer personal health data

Your private health information is migrating wholesale onto the public network with the advent of online health-care records stored in massive data centers around the world.

While the services aim to make it easier for consumers to access and manage their personal health information, the ready availability of this data also makes it much easier and less expensive for insurers to put your medical history under the microscope.

Surprised? You shouldn't be. You voluntarily grant access to that sensitive information every time you sign a waiver so that your health insurer can decide whether to pay for a doctor's visit, a prescription, or an expensive medical test.

What's more, most of the gathering and collating of this information is legal. In fact, the number of companies that have access to this information runs into the millions, say privacy advocates.

As recently as last year, only 1% to 3% of U.S. consumers had electronic versions of their health records, according to market research firm Health Industry Insights, an IDC company.

That is about to change.

The fact that two of the biggest players in the emerging world of cloud computing services — Microsoft and Google — are jumping into that arena with both feet will likely accelerate the shift to online medical records.

Microsoft kicked off the beta test of its HealthVault service almost a year ago, while Google announced its Google Health service last February and launched a beta in May. While both services are still in beta, each company has partnered with large health-care providers for pilot tests: Microsoft with Kaiser Permanente and Google with the Cleveland Clinic.

Private health data goes public by mistake

Part of consumers' reticence to sign up for electronic personal health-care records — with or without services "in the cloud" — has to do with a handful of recent high-profile data breaches. In April, the largest health insurer in the U.S., WellPoint, disclosed that records on as many as 130,000 of its customers had leaked out and become publicly available over the Internet.

To be fair, so-called cloud services aren't at fault, at least not so far. Microsoft, Google, and other companies that put your medical records online are adamant that their security is top-of-the-line. Their services are intended to give consumers greater, not less, control over who sees what by giving consumers personal ownership of their information, according to the services.

"[As a consumer], I control release of that information," Grad Conn, senior director of the Microsoft Health Solutions group, told me in describing HealthVault. A Google spokesperson expressed virtually the same assurance about Google Health. Neither company is disclosing how many users it has signed up thus far.

Indeed, consumers' control of their health data is not the core problem. It's what happens to your information after its initial release that worries privacy advocates — and with good reason. Once the data leaves the safe harbor of a secure cloud service, it's fair game for companies in several different industries.

Take, for example, prescription records.

"All 51,000 pharmacies in the U.S. are wired for data mining. Selling prescription records is a multibillion-dollar-a-year industry," states an FAQ published by Patient Privacy Rights, a major consumer-health and privacy-rights organization.

This data mining of prescription records can cost consumers big-time.

For instance, a July article in Business Week cited the case of a Louisiana couple denied health insurance because the wife took two medications that set off red flags for a prospective insurer.

Ironically, both were for "off-label" uses — that is, they were prescribed not for the maladies that the drugs were originally designed to treat. The woman's doctor prescribed an antidepressant to help her sleep due to symptoms of menopause and a hypertension drug to reduce swelling in her ankles.Although clinically she was neither depressed nor had high blood pressure, the couple's application for health insurance was denied, the article stated.

Or take the case of supermarket customers who use so-called "affinity" cards to obtain discounts at their favorite grocery. Data showing that a customer regularly buys cigarettes might be obtained by an insurer or employer and combined with a health record where the customer claimed to be a nonsmoker.

"It's interesting how they can tie all of that [information] together," Lynne Dunbrack, program director at Health Industry Insights, told Windows Secrets.

Consumer privacy may get lost in the clouds

Cloud computing is the latest buzz phrase for putting the massive processing power and storage capacity needed to provide ubiquitous computing out on servers located on the public network, or "in the cloud." Microsoft, Google, and many other online companies have embraced the idea.

Most observers — including privacy advocates — state that the move to store our health records in the cloud is inevitable. In fact, there are many benefits to consumers for having that information available virtually instantly. For example, if you were in a different city and needed to be rushed to the emergency room, your health history would be immediately available to the physicians on call.

Or, Dunbrack added, having access to a patient's commplete prescription information can help displaced persons stay alive in a hurricane-ravaged area, for example.

In fact, a survey conducted last spring for the Markle Foundation found that, of nearly 1,600 respondents, four out of five see electronic health records as useful, but many indicated that protecting the confidentiality of that information is crucial. "Nearly half called specific privacy practices 'critical' in their decision to try one out," a foundation statement said.

The downside is that storing health records online makes it easier for insurers to calculate the odds that you will be more expensive to insure than the next person. That's the rub, say privacy advocates.

Wait, you say. Isn't there a law that keeps your data from being misused? Yes and no.

It's called the Health Insurance Portability and Accountability Act, or HIPAA. Moreover, there are many exceptions to the law. Additionally, both Microsoft and Google claim their health services are not subject to HIPAA regulation, since they don't offer health-care services themselves.

Pam Dixon, executive director of the World Privacy Forum, says HIPAA is far from perfect but better than no protection at all. "Before HIPAA, it really was much worse," she said. However, she agrees that "secondary use" of patient data has become an industry unto itself — a genie that will be difficult or even impossible to get back into the bottle due to the billions of dollars that can be made from it.

"Right now, disclosure of health information is out of control," Dixon said, adding ruefully, "Technology is not going to go backwards."

How to safeguard your health-care records

So, what can you do to protect yourself? Patient Privacy Rights offers these recommendations and questions to ponder as you navigate the sometimes-perilous world of electronic health records:

• Don't even think about using a personal health record (PHR) that's offered by an employer or insurer. These are the last companies with which you want to share all your personal health and daily activities.

• Don't simply rely on a "HIPAA-compliant" PHR. HIPAA has more loopholes than the tax law; millions of businesses can legally access your information without your consent.

• How do you authorize access to the information? If gaining access requires nothing more than having someone guess your password, say "no, thanks."

• Does the PHR provider have the right under its "agreements" to take, sell, or share your information?

• What security does the PHR provide?

Finally, a little personal advice: hold off signing up for any electronic health-records system for the time being. So few people have joined to date that there are bound to be problems to work out, not to mention the potential for identity theft. Let somebody else play the role of pioneer.

Sep 19, 2008

Deakin researchers expose psychological manipulations used to market credit card limit increases.

A landmark report, undertaken by Deakin Business School researchers and commissoned by the Victorian Government and Consumer Action Law Centre has exposed the different psychological manipulations used by banks and other lenders to persuade people to take up offers for higher credit card limits.

Dr Paul Harrison, and Marta Massi, examined actual, unsolicited letters sent to customers by banks, store card providers and other lenders encouraging the customer to take up a pre-approved offer to increase the limit on their existing credit card.

Dr Harrison, Senior Lecturer in marketing at the Deakin Business School, and principal researcher of this report, said that the report confirmed what was already known ­ that banks and credit providers are using psychological manipulations to persuade, encourage, or convince customers to take up a credit card limit increase, often against their better interests.

"Companies have to maximise their profits, so its hardly surprising that banks and credit providers use all the tools available to them to increase the likelihood that current customers will take on more credit, Dr Harrison said.

"We found that lenders frame their letters in various ways to make it more likely customers will not really engage at any appropriate level when receiving the letters, and simply accept the limit increase. In effect, it is the simplicity of the letters that is the most danger to vulnerable consumers.

"For example, because the consumer already has a relationship with the bank, the letters make it easy for the customer to trust experts ­ in this case experts who consumers assume have already determined they can afford a limit increase.

Sep 17, 2008

BHP cuts tech jobs

BHP Billiton is set to make a number of technology staffers redundant as part of an operational restructure aimed at making technology more accountable to the business.

The reorganisation affects 79 employees at its Newcastle Technology Centre in New South Wales, which performs research and development in metallurgy, iron ore, coal and process modelling for a number of BHP Billiton businesses.

The mining giant will finalise the number of workers being made redundant over the next couple of weeks. It also confirmed that 16 contractors were retrenched from the centre last month.

It's expected that the Newcastle facility, which houses 137 staff, will play a role in the miner's future R&D projects.

A sad loss of literacy Down Under

University lecturers in Australia are seeing increasing numbers of students who lack what were once considered basic literacy skills.

Last semester, I taught a first-year communications unit at Melbourne's Monash University. There were 500 students, many of whom hoped to become journalists. Marking essays, I discovered the majority had no idea how to use apostrophes (or any other punctuation, for that matter), that random spelling was in and sentence construction out. About half thought plurals were formed by adding an apostrophe-s, as in "apple's" and "banana's".

Marking the final exam, it emerged that few could write neatly: from bold childlike printing to spidery scribblings in upper case, it is obvious that handwriting is a dying art.

In her new book, The Literacy Wars: Why Teaching Children to Read and Write is a Battleground in Australia, Ilana Snyder, associate professor at Monash's faculty of education, examines the idea that Australia is having a literacy crisis.

Chuck Squatriglia: Chevrolet Volt

Love it or hate it -- and a lot of people hate it because they think it looks like a Prius -- the Chevrolet Volt that General Motors unveiled today is one slick number. The General's engineers spent more than 1,000 hours in the wind tunnel, nipping and tucking the angular concept car we first saw at the Detroit auto show to make it as aerodynamically efficient as possible.

The result is a car that's more aerodynamic than the Toyota Prius and Honda Civic Insight. We've got more details on that in the story we posted this morning, and GM's provided a promo video of aero engineer Nina Tortosa discussing the process in GM's massive wind tunnel, which you can see more of in the gallery we've posted.

Using alcohol to deal with stress

Several factors determine someone's pre-disposition to stress. These include each individual’s personality, coping skills, resilience, social support, physical stamina and overall general health. Stress is not something that just 'happens': It arises when someone perceives a situation to be beyond their ability to handle it, when they believe they cannot cope with the demands of their environment and the issues at hand.

Self-esteem is one of the most crucial elements in our anti-stress armour. It influences attitude, which in turn affects our reactions to stress. Low self-esteem combined with chronic (ongoing) stress makes for extremely dangerous territory, and often results in alcohol abuse to the point of dependency.

How does this happen?

Some people find themselves in a stress cycle, consisting of three stages.

The alarm stage: In the initial stages of stress, the brain signals the adrenal glands to produce about forty hormones, most importantly adrenaline and cortisol. These boost blood sugar levels. The adrenals also release the hormone DHEA (dehydroepian-drosterone), which helps maintain energy and resistance to stress. As a result of this rapid deployment of adrenaline, cortisol and DHEA, there is more available oxygen and sugar and we become instantly more alert.

The adaptation stage: When the body needs to continue its defence mechanism beyond the initial 'fight or flight' response, it starts adapting to chronic stress. Cortisol and DHEA have a reciprocal relationship, so as cortisol levels go up, DHEA levels fall. We start feeling fatigued, increasingly anxious and may suffer mood swings.

The exhaustion stage: When stress becomes severe, we can become 'stuck' in the stress response. DHEA levels plummet and the body can no longer produce the necessary cortisol to respond. Since adrenaline is derived from the 'feel-good' neurotransmitter dopamine, excess adrenaline demands lead to dopamine deficiency. Consequently, the emotions can take a dive into depression.

It is often at this stage that people 'self-medicate' using alcohol. Initially this seems to help, as alcohol stimulates the release of dopamine. However, this chemical coping mechanism actually perpetuates the situation and compulsion can set in. In a fairly short period of time, the brain’s natural release of dopamine is stopped - waiting for the chemical stimulation. The regular use of alcohol then becomes a 'necessity' and can lead to dependency.

Some people fall victim to this cycle completely unwittingly – a well-meaning friend may suggest having a couple of drinks at night to reduce stress and, if you feel better after a couple, it's easy to see how you'd want to continue to reduce stress that way every night.

While much is written about alcoholism and addiction, it must be made clear that not everyone who 'uses' alcohol to get through a rough patch is an alcoholic. There are many factors that combine in alcoholism, including – many believe – genetics. But it's also important to know that 'using' alcohol can quickly become 'abusing' alcohol in those who are severely stressed.

There are many ways to reduce stress. One is knowing that worry is like winking at someone across a pitch-dark room – you’re the only one who knows you’re doing it, and it doesn’t get you anywhere. Another is keeping your life manageable, not letting bills or calls from creditors pile up before you answer them. Stress-management courses abound, and there’s always exercise and meditation. Find someone you can trust to talk to, and pick up the phone before you pick up a drink. Stress can swim, so taking a drink won’t drown it!

Plastic bottles linked to heart disease

A chemical contained in plastic drink bottles and containers could be linked to heart disease a study has found.

Researchers in Europe say that higher levels of the chemical Bisphenol A (BPA) within heart disease patients could be linked to it's inclusion in plastic bottles and containers. People regularly eat and drink from plastic containers containing BPA - a chemical researchers say could be linked to higher rates of heart disease. Under the study, about 1500 patients were tested using urine samples.

Of those patients, those with increased levels of BPA had a nearly 40% chance of having some kind of cardiovascular disease. The 25% of people with the highest BPA levels had nearly three times the odds of cardiovascular disease than those in the lowest 25%, the study said.

Blog: New Windows in eight weeks

Analysts are predicting that the new Windows 7 (the successor of Windows Vista) could be available in beta within eight weeks.

With two major developer conferences coming up for Microsoft within the next two months, Windows Hardware Engineering Conference and Professional Developers Conference, Microsoft is unlikely to not give developers a view at its new system and give them some early coding for it.

Windows 7 features on both conference timetables, and the developers won't want to go home empty handed.

Most believe that the WinHEC conference will be where the new version is revealed, as Microsoft has played its cards close to its chest and this is a smaller conference.

Historically Microsoft has usually released some information about an upcoming operating system at these events, even if it may be just a little bit of rough code.

Sep 16, 2008

Taking a shine to Google's Chrome

IS Google's sudden foray into the web browser market last week an offensive or defensive move?  At first glance, that probably seems an odd question. With its beta release of Chrome, Google emphatically confirmed two years of Silicon Valley rumours that it was working on a next-generation web browser, and immediately won plaudits for shaking up the established order in this segment of the software market. Google's reinvigoration of the browser wars is timely.

All existing web browsers with any real market share - Microsoft's Internet Explorer, Mozillas Firefox, Apple's Safari, and Opera - have their origins in a different era, when the main tasks a browser had to perform were rendering HTML pages and ensuring that plug-ins to play any embedded video or audio worked smoothly.  But, increasingly, this is not the way that the web is used.

Instead of simply displaying pages, users increasingly require access to application-like functionality, whether this is for online gaming, communication via email and messaging, photo manipulation or media playback.

And if Google and the other vendors of web-based productivity applications competing with Microsoft Office and other desktop apps continue to gain traction, the demands placed on browsers will increase further.

To respond to the profound shift in the way the web is used, Google went back to a clean sheet of paper in designing Chrome.

This is evident in its user interface, which downplays familiar browser features such as bookmarks, history and menus.

But the surface makeover is just the beginning. Underneath Chrome's minimalist interface lie several innovations that even more fundamentally rethink the way a browser works.

One is parallelism: Chrome creates a new process for each web page opened, and allows the different tasks involved in displaying a website to take place in parallel, rather than serially.

HP announces 24,600 layoffs in wake of EDS acquisition

On a day where the stock market nosedived, a major investment bank failed, and the financial services industry appears set to shed jobs by the tens of thousands, Hewlett-Packard Co. added to the gloom, saying it would add 24,600 people to the unemployment lines.

The workforce reduction will be spread over three years, and affect about 7.5% of the combined companies' workforce, HP officials said.

Half of the workforce reduction that HP will be making will be to workers in U.S., and it follows its $13.9 billion acquisition of Electronic Data Systems in May, which was completed late last month.

Intel launches 6-core chips

The processor world has officially moved beyond quad-core.

Intel Corp. today unveiled the new Xeon 7400 series, which had been dubbed Dunnington. The server processors are available in dual-core and six-core versions, taking the market further down the multicore path.

"For servers, this is a big deal," said Jim McGregor, an analyst at In-Stat in Scottsdale, Ariz. "The more we can consolidate resources, the better. That's the critical point for being able to increase your performance while maintaining your environmental solution, your power constraints and everything else. If you can increase performance without increasing thermal and power, that's big progression. Servers always need more performance."

The new Xeon 7400 family includes seven 45-nanometer chips, according to Intel. The processors have up to six processing cores per chip and 16MB of shared cache memory. They also have frequencies up to 2.66 GHz and power levels down to 50 watts. The series includes a six-core, x86-compatible 65-watt chip, which translates to just under 11 watts per processor core.

"The big cache and six cores will give customers a nice bump in performance,"

New research centre to help arthritis sufferers

The 3.85 million Australians affected by arthritis will be pleased to hear a state-of-the-art $10.7 million medical research centre will open at Brisbane's Prince Charles Hospital tomorrow.

The Medical Engineering and Research Facility (MERF) at the Prince Charles Hospital will allow doctors and allied health professionals to conduct research on orthopaedic care, critical care and artificial organs.

MERF director and Biomedical Engineering Professor Mark Pearcy said clinicians would seek solutions to problems they'd already found in the real word and apply the new techniques and technologies back to the clinic.

"Some facilities are described as bench to bed," Professor Pearcy said.

"We're actually bed to bench and back to bed."

Some of the problems being examined already include an artificial heart program, ventilation for premature babies and regrowing bones.

MERF will also be home to a surgical training facility where surgeons from all over the globe can hone their skills.

The facility at Chermside features training theatres, mechanical and electrical workshops, cell culture laboratories, materials testing laboratories, and teleconferencing rooms that will host ten to 11 researchers, mostly on a rotating basis.

"It's a really exciting development. We're unique in Australia and there aren't many other places in the world that do what we do."

He said MERF was part of the Queensland University of Technology's Institute of Health and Biomedical Innovation and had been in development for years.

"We bid for SmartState funding in 2004, so it has taken about four years to get where we are today."

The facility will welcome visiting clinicians and researchers from Australian universities like University of Queensland and Griffith, as well as groups in Germany, Switzerland and the UK.

"We're quite an international facility here."

State Health Minister Stephen Robertson will officially open the facility on Tuesday.

Sep 14, 2008

SaaS Takes a Shine to Chrome

Google's new browser Chrome has got blogs and newswires buzzing about the search giant's continued foray into Microsoft's core territory and I am not referring to their browser, the real challenge is to Microsoft's software applications. Obviously Chrome also signifies a challenge Internet Explorers' 72 percent browser dominance, especially as the struggle to snap up online advertising dollars continues to grow.

The launch of the beta version of Chrome has given people the chance to put the site through its paces. Given that I'm a Mac user I had to test drive it on a PC which was a shame, but no doubt Google will come up with a version that is OS X compatible before too long. After all, Google's persona seems much more 'Mac guy' oriented.

The general consensus, so far, seems to be pretty positive. Aside from the major factor that Chrome is really 'kick-ass' fast, the browser automatically lists the tabs of your most visited sites, it also allows the user to store URL thumbnails on your desktop providing shortcuts which can be useful.The optional 'porn mode' also allows you to surf XXX rated material freely without cookies being embedded, which is always a relief. Knowing that you can peruse at your leisure while remaining in 'stealth' mode is more than gratifying. User satisfaction trumps tracking in my opinion especially when it comes to undesirable, if not unintentional pop-ups, if you know what I mean.

Safe Practices of IT Computing

  1. Never open suspicious files. Assume that any file you receive may be potentially infected, even if you know the sender well. Viruses, spyware and other malicious code typically originate from an infected PC and its address book, thus it will most likely come from family, friends, or business associates. When working with your email, browsing websites, or chatting via an Instant Messenger, do not accept any unsolicited files from anyone since they could contain malicious code. Some of the more common file types to be wary of end in EML, NWS, JS, EXE, etc. These file types can infect your desktop.
  2. Avoid going to any URLs in email messages that may be questionable. Hackers often infect web pages with malicious code, so do not visit any website that you are not familiar with.
  3. Always keep your anti-virus, anti-spyware, and firewall protection up to date. New threats emerge regularly so it is critical that you keep your protective software and firewall technology current. In addition, scan your system monthly with the settings recommended by your Internet security provider.
  4. Restrict Administrative Privileges. It is important to make sure that all employees have a level of administrative access equal to their job responsibilities. This includes not allowing employees to install software, music files, games, etc., as well as restricting access to external services such as web mail and remote control services. These types of restrictions will help protect your organization from spyware such as keystroke logging.
  5. Keep your operating system and your application software patches up to date. In order to prevent being infected by malicious code, keep the software patches up to date for your operating system, i.e.: Windows, Linux, Apple, as well as for your applications, i.e.: Internet Explorer, Firefox and Safari.
  6. Stay informed and educated. It is important that not only your IT department stays up to date on the latest threats but that your employees and your business customers are also advised of them and that you educate them about the techniques of "safe computing." Internet security providers release formal alerts on the latest threats and vulnerabilities and how to protect against them.

Sep 12, 2008

Google Chrome vulnerable to 'carpet bomb' bug

Attackers can combine the months-old "carpet bomb" bug with another flaw disclosed last month to trick people running Google's brand-new Chrome browser into downloading and launching malicious code, a security researcher has warned.

The attacks are possible because Google used an older version of WebKit, the open-source rendering engine that also powers Apple's Safari, as the foundation of Chrome, said Israeli researcher Aviv Raff on Wednesday. Raff posted a proof-of-concept exploit to demonstrate how hackers could create a new "blended threat" - so-named because it relies on multiple vulnerabilities - to attack Chrome.

"This is different from the Safari/IE blended threat," said Raff in an interview conducted via instant messaging. "It's a different blend with one similar component. It uses the auto-download vulnerability (aka 'Carpet Bomb') in combination with a [user interface] design flaw and an issue with Java that doesn't display a warning on execution of JAR files downloaded from the Internet." Raff's reference to the earlier Safari/IE blended threat was to his May report that said a bug in Apple's Safari browser could be paired with an unpatched vulnerability in Microsoft's Internet Explorer (IE) to compromise Windows PCs.

The "carpet bomb" bug, revealed by researcher Nitesh Dhanjani in May and named for the way it could be used to dump files onto the Windows desktop, stemmed from the fact that Safari did not require a user's permission to download a file. Attackers, Dhanjani said, could populate a malicious site with rogue code that Safari would automatically download to the desktop, where it might tempt a curious user into opening the file.

After first balking - for a time it refused the classify the flaw as a security vulnerability - Apple patched the bug in mid-June by updating Safari to 3.1.2.

Olga Kharif: The U.S. Closes the Mobile Innovation Gap

It was a familiar refrain: The U.S., the birthplace of the Internet, was a wireless backwater. Even early in this decade, many viewed the U.S. as a developing market, fit mostly for hand-me-downs from the more advanced Europeans and Asians. Unlike unified Europe, the U.S. market was fractured by warring radio standards and dotted with dead zones. Long after cellular was a way of life elsewhere, Americans still carried beepers and left messages saying to call cell phones only in emergencies. America was to be pitied, and the competitive upshot was huge: The next great innovations in wireless, including the mobile Internet, were likely to arrive from outside the U.S.

Yet the competitive balance is shifting. As the focus of the wireless world moves toward Internet communications, the U.S. strength in software, most notably at Google (GOOG) and Apple (AAPL), is pushing the U.S. ahead as a laboratory for wireless development. American users are catching up, too. In the past year, the U.S. surpassed Western Europe in the number of subscribers to the high-speed networks known as 3G, according to consultancy comScore M:Metrics (SCOR). "The industry needs to stop talking about the gap between the U.S. and Europe," says Kanishka Agarwal, vice-president of mobile media at Nielsen. "We have caught up, and we have already passed."

The change has been dramatic. While a year ago 6% of Americans who bought phones purchased smartphones, capable of Web access and application downloads, their ranks rose to 16% in early 2008, according to consultancy Nielsen Mobile's survey of 70,000 U.S. wireless subscribers. Over the same time, in Western Europe, the jump in recent smartphone buyers was smaller, from 11% to 17%, according to Nielsen.
Stride for Stride With Europe

The U.S. is now neck and neck with Western Europe in use of short text messages (SMS), multimedia messaging, and mobile games. More Americans, meanwhile, use mobile e-mail and instant messaging, according to Nielsen Mobile. Mobile Web browsing in the U.S. is also on a tear, but it's still a few percentage points behind the Europeans. Some 17% of Americans browse on the mobile Web, compared to 20% of Western Europeans, according to Nielsen.

True, both regions lag behind the hottest Asian markets in data speed and mobile Internet usage. But the progress in the U.S. has boosted the country as an advanced wireless market and laboratory for Europeans as well as Asians. "It used to be the biggest sandbox they could play in was outside the U.S.," says Mark Donovan, senior analyst at comScore. "Now it turns out this is a big market."

At a new Nokia (NOK) lab in San Diego, 400 employees are tailoring Nokia's products to AT&T's needs. Japan's NTT DoCoMo (DCM) and other Asian carriers are scouting Silicon Valley looking for local mobile startups to fund. European mobile software makers like Nokia-controlled Symbian are expanding their U.S. offices. The U.S. is fast becoming a fulcrum for mobile advertising, games, and other applications, says John Forsyth, vice-president for strategy at Symbian in London. "Our head turned westward completely in terms of talking to developers."
Apple Changes the Game

The biggest game-changers are Apple and Google. In July, Apple debuted its iTunes App Store, offering hundreds of applications from third-party developers in many countries worldwide. Easier to use than most previously available mobile stores, Apple's effort has attracted scores of programmers who've already created more than 3,000 innovative applications (, 9/5/08). After 10 years of efforts, Symbian has released fewer than 10,000 third-party applications. "Apple has fundamentally changed the industry from a focus on hardware to a focus on software and content," says Ken Dulaney, an analyst at consultancy Gartner (IT). "We can drive innovation for sure."

Sep 9, 2008

Virtualization Driving Organisations to Reevaluate DR

Symantec Corp. (Nasdaq: SYMC) today announced the global results of its fourth annual IT Disaster Recovery survey, which demonstrates a significant decline in executive involvement in disaster recovery planning and a significant increase in the number of organisations reevaluating their disaster recovery (DR) plans due to virtualization. As more applications and data are managed in a virtual environment, organisations are evaluating the most efficient ways to manage applications and data in both physical and virtual environments.

Nearly one-third of global organisations, and 20 percent of Australian organisations, reported they have had to implement part of their DR plan due to a computer system failure. However, in the past year there was a significant decrease in executive involvement on DR committees. And, while there appears to be improvement in successful disaster recovery testing, one-third of global respondents (12 percent in Australia) indicate testing will impact their customers, and one-fifth globally (12 percent in Australia) admit such testing could negatively affect their organisation’s sales and revenue.

With a rapid increase in mission critical applications combined with the continued growth of stored data – both physical and virtual – it is crucial that organisations incorporate a comprehensive, proven disaster recovery plan into the overall business strategy. This will help ensure the successful recovery of data and applications with the least amount of impact to business operations should a disaster – natural disaster, human error or system failure – occur.

Sharp increase in applications considered mission-critical

On average global respondents indicated that 56 percent of applications were deemed mission critical – significantly up from 36 percent in 2007. Within Australia, approximately 64 percent of applications were deemed mission critical. With the increase in the number of mission critical applications, it becomes difficult for organisations with flat IT budgets to maintain the availability of a greater number of mission critical applications. As a result, companies should look at more cost effective ways to protect applications including reducing spare servers, increasing server capacity, looking at physical to virtual configurations, and more.

More than one-third of organisations have executed DR plans

Disaster recovery plans are not documents collecting dust on shelves. In the past year, one-third of organisations surveyed had to execute their disaster recovery plans due to a variety of factors including: Hardware and software failure (36 percent of organisations globally, 20 percent within Australia); external security threats (28 percent of organisations globally, 12 percent within Australia); power outage/failure/issues (26 percent of organisations globally, 10 percent within Australia); natural disasters (23 percent of organisations globally, 12 percent within Australia); IT problem management (23 percent of organisations globally, 10 percent within Australia); data leakage or loss (22 percent of organisations globally, 8 percent within Australia); and accidental or malicious employee behaviour (21 percent of organisations globally, 10 percent within Australia). Given the regularity of events that cause downtime, IT organisations should expect that their DR plans will be tested at some point in the future.

Executive involvement in DR planning declining

Survey results also indicate that that C-level involvement in DR planning is declining. In the 2007 survey, 55 percent of respondents said that their DR committees involved the CIO, CTO or IT director. However, in 2008 that number dropped to 33 percent worldwide. Symantec believes that such a move is a troubling trend, particularly in light of the mission critical applications not currently covered in DR plans and the reevaluation of plans due to virtualization. Increased executive involvement has been shown to increase the success of DR plans.

Virtualization driving reevaluation of plans; automation and cross-platform tools needed

Virtualization is the major factor that is causing more than half (55 percent) of respondents globally – 44 percent in Australia – to reevaluate their DR plans. In some cases virtualization is being deployed for DR purposes and applications and data in virtual environments pose a difficult challenge since processes for physical environments may not work in virtual environments. In addition, native DR tools in virtual environments are immature and don’t provide the enterprise-class protection that organisations require. The respondents reported that 35 percent (30 percent in Australia) of their virtual servers are not currently covered in organisations’ DR plans, only 37 percent (50 percent in Australia) of respondents reported that they back up all of their virtual systems.

Fifty-four percent of global respondents listed resource constraints as their top challenge with backing up virtual systems, while within Australia lack of efficient technology/software and resource constraints were the top challenges cited by respondents, each at 35 percent. Globally, 35 percent of respondents (28 percent of respondents in Australia) cited too many different tools as the biggest challenge in protecting mission-critical data and applications within physical and virtual environments. Complications with having different tools for physical and virtual environments include higher training costs, operating inefficiencies, greater software costs and workforces that work in silos. Lack of enterprise storage management ranked second for Australian organisations, at 20 percent.

Respondents report one-third of disaster recovery tests unsuccessful

According to survey data, while having a disaster recovery plan is essential in most organisations today, knowing that disaster recovery plans work is equally important. In 2007, 88 percent of IT professionals polled carried out a probability and impact assessment for at least one threat. In 2008, that number increased to 98 percent of respondents indicating that they have carried out an assessment for at least one threat. However, respondents report that 30 percent (34percent in Australia) of tests fail to meet recovery time objectives (RTOs) with an average global RTO of 9.54 hours and 14.67 hours for Australia.

Respondents also reported the top reasons why their tests failed include: human error (35 percent globally, 18 percent in Australia); technology failure (29 percent globally, 18 percent in Australia); insufficient IT infrastructure (25 percent globally, 16 percent in Australia); out-of-date plans (24 percent globally, 10 percent in Australia) and inappropriate processes (23 percent globally, 10 percent in Australia). Since human error is one of the greatest problem hindering successful recoveries, organisations should look to automation that will speed recovery and reduce errors and reliance on personnel.

In addition, 93 percent of IT organisations globally report they have tested their disaster recovery plan since it was created, yet 30 percent of those tests are not fully successful – improved from 50 percent failed tests in 2007 – and only 16 percent say that tests have never failed. Within Australia, 86 percent of IT organisations report they have tested their disaster recovery plan since it was created and 16 percent state tests have never failed.

Why hackers escape

The nightmare for Ecount, an online gift certificate service, began last year when a hacker broke in to the company's system and stole personal information belonging to its customers.

Nine months later, the criminal is still at large. The thief has brazenly taunted executives with repeated e-mails while staying ahead of investigators, deftly wiping away his electronic fingerprints and covering his tracks at every turn.

"We're sick to death of hearing from him," Ecount Chief Executive Matt Gillin said of the intruder, who has offered to return the information for a fee.

Although law enforcement agencies are quick to trumpet their occasional victories against cybercriminals, they are rarely able to track down hackers sophisticated enough to pull off such complicated heists. Few hackers of this caliber are arrested, and fewer still spend time behind bars.

Siobhain Ryan: Medicare crackdown on healthcare fraud

MEDICARE Australia will investigate the effects of big corporate health players on the public purse and target aggressive advertising of unnecessary tests as it dramatically scales up its checks on the health profession.

It announced its compliance plan for 2008-09 yesterday, after revealing it was investigating 209 people for Medicare fraud and had referred 74 cases for criminal prosecution.

Human Services Minister Joe Ludwig said Medicare Australia, which spends billions of dollars each year subsidising health services, saved at least $250 million from its crackdown on suspect billing practices.

"When honest mistakes are made, people will be given appropriate support, as well as the opportunity to explain or rectify their error," he said.

However, those who choose to deliberately abuse the healthcare system through fraudulent activity would feel the full force of the law, he said.

In April this year, a medical receptionist and her daughter were each sentenced to 18 months' jail and ordered to repay $32,000 after fraudulently claiming benefits for Medicare services, according to the Medicare Australia report.

Sep 8, 2008

GM's Volt into the blue

SIX years ago, General Motors was out to change the world. It placed a big bet on hydrogen fuel cells and staked its claim to be the industry leader when it unveiled the Autonomy car concept.

As well as being a good looker, the Autonomy would not only use less fuel, it would help take the environmental heat off the private car by emitting only water.

Based on an all-purpose "skateboard" chassis, the Autonomy would also revolutionise car production by giving customers the choice of different body styles that could be switched onto the skateboard at different times to suit different purposes.

GM sent its head of research and development, Larry Burns, on a worldwide tour to promote the vision, and it made a lot of headlines.

GM had it all worked out - except for a couple of minor aspects. Fuel, for one. There wasn't any way of economically producing hydrogen so it could compete with petroleum-based fuels.

And, even if you could produce it, hydrogen has to be held at such low temperatures in order to be carried around that it would require a new distribution system outside of the well-established network of petrol stations.

And why would energy companies spend billions of dollars creating a hydrogen fuel network when oil was still so cheap? Just because GM asked them to?

Fast forward six years and it is all quiet on the Autonomy front.

Sobered by a near-death experience - losses totalling $US50 billion ($A57 billion) in three years to 2007 - brought on by soaring oil prices and plunging truck sales, GM has abandoned the Autonomy hubris and adopted more modest goals - and eminently more achievable ones.

The lessons of the Iraq war - that securing guaranteed supplies of oil can be more expensive than expected - and the possibility that oil supplies may have peaked have prompted the company not to pick a single winner but to place a bet on every number on the roulette wheel.

Burns is now singing from a different hymn sheet.

"Of the world's 900 million vehicles, 96% depend on petroleum," he says. "GM is focused on a strategy to reduce our dependence on petroleum. The key is to focus on efficiency and energy diversity."

Fuel cells are still on the agenda, make no mistake, but GM is now also working on improving its petrol engines and adapting them to run on virtually any liquid or gaseous fuel, including LPG, CNG, E85 and alcohol from biomass.

The engines will use technologies such as active fuel management (turning off cylinders while cruising), direct injection and turbocharging.

Drunk patient assaults paramedic in Pascoe Vale

A PARAMEDIC was lucky to escape serious injury after he was punched by a man he was trying to treat.

The Metropolitan Ambulance paramedic and his partner were called to an address in Raeburn St, Pascoe Vale, about 11pm on Saturday, to attend to a man with breathing difficulties.

When they approached the man, who appeared to be drunk, he lashed out and verbally abused the paramedics before grabbing one by the throat and punching him in the face.

The second paramedic called police, who arrived at the scene and used capsicum spray to subdue the assailant.

MAS general manager of metropolitan operations Keith Young described the incident as worrying.

"It's shocking, just unacceptable behaviour towards people who are there to help.

"This was one of those unfortunate situations where our members were called out to a medical situation and they were assaulted in the course of doing their job.

"They should be free to go about their job without the fear of harassment or violence."

The paramedic was treated for facial injuries.

Police yesterday charged a Pascoe Vale man, 40, with intentionally causing injury, recklessly causing injury and resisting arrest.

Sep 7, 2008

Dr Michael Fitzpatrick : AIDS epidemic? It was a ‘glorious myth

There is a widely accepted view that Britain was saved from an explosive epidemic of heterosexual AIDS in the late 1980s by a bold campaign initiated by gay activists and radical doctors and subsequently endorsed by the government and the mass media.

According to advocates of this view, we owe our low rates of HIV infection today largely to the success of initiatives such as the ‘Don’t Die of Ignorance’ leaflet distributed to 23million households and the scary ‘Tombstones and Icebergs’ television and cinema adverts (though they are always quick to add that we must maintain vigilance and guard against complacency).

Now former AIDS industry insiders are challenging the imminent heterosexual plague story and many of the other scare stories of the international AIDS panic. James Chin, author of The AIDS Pandemic: The Collision of Epidemiology with Political Correctness, is a veteran public health epidemiologist who worked in the World Health Organisation’s Global Programme on AIDS in the late 1980s and early 1990s. Elizabeth Pisani, a journalist turned epidemiologist and author of The Wisdom of Whores: Bureaucrats, Brothels and the Business of AIDS, spent most of the past decade working under the auspices of UNAIDS, which took over the global crusade against HIV in 1996. Once prominent advocates of the familiar doomsday scenarios, both have now turned whistleblowers on their former colleagues in the AIDS bureaucracy, a ‘byzantine’ world, according to Pisani, in which ‘money eclipses truth’.

Sep 4, 2008

Microsoft's Live Mesh Is Apparently for Us

I couldn't be sure what it was about, or who it was aimed at, when I first read Microsoft's official description of Live Mesh. I'm still not sure what it will do, but apparently it's worth watching because it's aimed at us consumers.

Essentially, "mesh" is Microsoft's extending the concept of "cloud," which is storing and sharing everything on distant computers managed by others, including companies like Microsoft. Microsoft is planning to add software, "platforms," and "experiences" to mash together a mesh.

To start, it appears Mesh will sync digital files among devices. But it will also be a "new software-plus-services platform" and offer "unified device management." Not sure what those are, though.

Only by looking at screen shots and videos of execs did it become a little more clear, at least conceptually, that Mesh is aimed initially at consumers. The early examples describe sharing photos among friends and family, and include a "Home Desktop" in the network.

Surely the concept will extend to corporate offices. But information-technology folks at businesses usually want to lock out other devices like "Home Desktop." So this one appears to be for us—maybe?

Sep 3, 2008

Chrome bomb

“First tests of Google's "faster, safer" browser have revealed embarrassing glitches which prevent basic web features from loading. Online speculation suggests that the errors are based on the Javascript foundations of the browser, which can affect everything from pop-up windows to login modules. The free browser has been made available in a "public trial" version following a premature press release yesterday on the new service, which came in comic book form.

Google Chrome is being touted as a sleeker and more reliable alternative to Microsoft's Internet Explorer, with Google saying a sophisticated testing system was used to prevent bugs from occurring on popular websites. However this morning, some computers running Chrome failed to load Google services such as iGoogle and Google Docs, and others – such as GMail's login page – only loaded part of the text, without images or a login form.”

Liam Tung: Google defends privacy credentials

Google has defended its privacy credentials following a claim by Microsoft's privacy chief last week that the search giant was a decade behind Microsoft when it came to privacy. "Google's a great company, got some great products, but you know in some respects I think Google is where Microsoft was seven or 10 years ago," Peter Cullen, Microsoft's chief privacy strategist told last week in a video interview. The rebuttal came immediately: "There are different ways of deploying privacy awareness within a company," a Google Australia spokesperson today said in response.

Visiting Australia to host the Australian Privacy Commissioner's Privacy Awareness Week awards, Microsoft's chief privacy officer Peter Cullen last week said that while Microsoft tackled privacy issues in product development, Google only dealt with concerns reactively, for example, after products such as Street View were released. Cullen said Google had not invested to the same extent that Microsoft had in building its teams to deliver privacy-aware products. "Microsoft has over 40 full-time people invested in privacy and over 400 part-time people. Google hasn't — at least from what I read about them — evolved to that," he added.

Google's spokesperson declined to disclose how many privacy officers it had hired, but said the company had lawyers dedicated to the issue. "We have lots of specialised lawyers and government affairs teams all around the world whose job is to think about the privacy implications in the development of products," the spokesperson said. He also labelled Microsoft's privacy team as "isolated".

"Rather than a single, isolated privacy department, here at Google we embed the importance of privacy into our products and systems from engineers through to executives, guided by trained privacy professionals," he said. "All our engineering, legal, policy and communications teams work closely together to build privacy protections into our products." In what has been called a publicity stunt by some, both Google and Microsoft last year promised to make their search logs anonymous, but only after 18 months.

Liam Tung: Luck and Security...

Does anyone seriously believe that Australian businesses and government agencies manage security any better than the US or UK? Apparently the people that influence Australia's privacy laws do, which is why the government has given itself four years, or until 2012, to start reviewing the Australian Law Reform Commission's recommendation to include "mandatory" data breach notification measures in Australia's Privacy Act. In the meantime Australians will have to settle for softer initiatives, like the Office of the Privacy Commissioner's (OPC) Privacy Awareness Week, which recognises "good" privacy practices by organisations, but doesn't ferret out bad security and privacy practices.

In this state of affairs, if Australian Customs were to suffer a breach where people disguised as EDS staff stole two mainframes from its high security centre, which also contained sensitive details about you, Customs won't tell you. Until 2012 we can celebrate privacy while the US clocks up another two billion data breach notifications — the number of notices issued to its citizens since 2002, Microsoft's chief privacy officer Peter Cullen tells me. The first areas of the Privacy Act the government has promised to tackle are health information and privacy, which is sensible since health costs impact the public purse more than anyone's right to know when your personal information is exposed.

Data security and its relationship to privacy has been put on the back burner due to one fact: no one, not the ALRC, not politicians, not the Privacy Commissioner, and especially not the public, have the foggiest idea about the extent to which data breaches have affected Australians. We could be lucky, or perhaps have supreme intellects, which has helped Australia avoid HMRC-style mass breaches that exposed 25 million UK citizens' personal records. The Australian Taxation Office at least recognised the reality of the risk. The HMRC breach inspired a security review that found overall good practices, but significant security holes which could result in a data breach.

This was quite rare indeed. According to a recent survey by analyst firm Intelligent Business Research Services of 99 local IT managers — half came from organisations with more than 1,000 staff — many organisations could haemorrhage data without realising it, just like TJX. Asked "How would you know if an unauthorised person were to access sensitive data?", 45 per cent agreed "It's possible we would not know if this occurred".

So that's the situation. The politicians don't know, organisations that hold your information don't know and the pubic doesn't know. If ignorance is bliss, then who the bloody hell am I to question Australia as being the lucky country? She will, as we say, be right.

Conroy's filtering plan: security worries

Communications Minister Stephen Conroy has welcomed "improvements" in ISP filtering technologies, but will a broad-scale roll-out make ISPs a thief's favourite target?

The great success of the ISP filtering trial was that current technologies impose far less interference on an ISP's network than similar tests done five years ago.

Improvements like this give the impression that yes, the government has its collective head around the challenge of making the internet a safe place.

But after an interesting chat with Internode's core networks and infrastructure group team leader Mark Newton, I came to the conclusion that any concerns about network degradation are peanuts compared to security worries around what could happen if the technology is implemented — in particular to the protocol used to conduct secure Web sessions with your bank or the tax office — HTTPS.

Newton raised an interesting idea: for an ISP to filter HTTPS sessions it would have to engage in a Man in the Middle attack, where the attacker intercepts and changes information being transmitted between two parties.

One of the key attributes the government was looking for in the tested filtering technologies was the ability to analyse content for smut so that it can accurately filter information rather than just block a bad source. While the filters were unable to analyse content over peer-to-peer networks, all the products were able to analyse Web protocols HTTP and HTTPS. (See table)

So what happens when granular filtering is applied to your transactions with a bank or the tax man?

Normally HTTPS means that data streams pass unfettered between your computer and the bank's servers, but ISP filtering would see that data unencrypted at the ISP, inspected, re-encrypted and then forwarded on to you and the bank.

Now, I don't use Dodo, Exetel or TPG, but these ISPs don't seem to be able to afford call centre staff, so can we rely on these ISPs to implement whatever technology the government approves?

And if the filtering products run on Windows operating systems, what happens if and when those systems become infected with a trojan or virus that siphon information to cybercrims?

Let's hope we find out a little more about the security and privacy implications in the "live" trials the government plans to run in the coming months.

Sep 1, 2008

Access to heart surgery worst in NZ

New Zealand has come bottom of a survey of seven countries for heart patients' access to potentially life-saving surgery.

The Ministry of Health draft report says the "critical failing" is disturbing because people are likely to die if they do not get heart surgery.

Canada and Northern Ireland both had access rates more than 50 per cent better than our own. England's rate was nearly 40 per cent better. While the report said New Zealand fared worse than Australia, it did not include comparative figures.

Cardiac surgery rates also fluctuated widely around the country, a finding which National Party health spokesman Tony Ryall slammed as "healthcare by postcode".

Of the five New Zealand health boards with cardiac surgical services, only Otago had a consistent rate of access comparable to other first world countries.

Staff shortages in the health sector, especially in intensive care unit nursing, were fingered as a major factor in the country's poor performance.

Curmudgeons may grimace today

Curmudgeons may be grimacing today, being that it is Random Act of Kindness Day, but I'm sure even the killjoys amongst us would appreciate a free arbitrary hug from a complete stranger - except, maybe, that pretty runner who hilariously avoided Brendon Pongia's open arms like the plague this morning on TV One's Breakfast show. Don't ya love live TV?

Pongs hit the streets in Wellington with his arms open wide offering free hugs. Most took him up on the offer, but just at the moment I tuned in to Breakfast (hoping, actually, to get an impromptu update from Paul I've-just-skived-back-from-a-two-month-holiday Henry on his trip abroad with Mrs Diane Foreman) I saw the snub. Pongs brushed it off, as in pah, there are plenty more pretty girls to hug, thank you.

Ironically, my first hug today came from the once Mrs Pongs-to-be: the gorgeous Miriama Smith. The pair was once engaged to be married many years ago. Smith was also engaged to Frank Bunce some time ago. But now she's dating the dashing Scott Palmer.

Miriama - who's set to star on the new show New Zealand's Got Talent alongside Paul Ellis and Richard Driver (note: he no longer likes to be called Dick) - sent me a delightful text message at 8:24am this morning saying: "Random Acts of Kindness Day!!! Hav a hug & kiss on me. Mwah!!! Oxox."

Bless. What a nice way to start my morning, I thought. It's better than my usual random run-in with Smith. You see there's this couple that go jogging around my neighbourhood. I see them when I'm out walking my pooch Sebastian. They look like a coco Ken and Barbie: all perfectly coiffed and slender. No puffy red faces. Barbs, I've learned is none other than Miriama; Ken is her beau Scott. Smith's effortless exercise regime is one of the banes of my daily life. Who looks that good sweaty?

Slick new au phone targets middle-aged and elderly customers

KDDI Corp., the operator of au brand cell phones, has announced the release of the Sharp Urbano, a mobile phone targeting middle-aged and elderly customers that is due to go on sale mid-September.

Designed to resemble a luxury watch, the phone is aimed specifically at men in their 50s and over, and sports a slightly enlarged keypad and screen text size. It also features a golf distance calculator, business card scanning software, and a pedometer for the health-conscious.

The price has yet to be fixed, but the phone expected to go on sale for between 45,000 and 50,000 yen.