#Notification#apps: Early #messengers walked with a bell through villages and towns. We still have this bell symbol on Mastodon!
People used this technology especially before the beer was brewed. Their voice system intoned aloud: It is announced that from tomorrow morning onwards, no one will be allowed to shit in the stream where the honourable Council brews beer the day after tomorrow.
Here’s a great way to destroy any trust your patients might have in you. Madeleine Damo reports:
"Staff at a western Sydney radiologist – recently hit with a cyber attack – were told to tell concerned patients the breach was “an operational IT issue”, while also fielding harassing phone calls from hackers themselves."
In other words: don’t tell patients that there was a ransomware attack in which their data was encrypted and their personal and protected health information acquired by the criminals?
This is yet another example of why we need firm laws requiring more honest and full disclosures and prohibiting deception or minimization in disclosures.
Fred Hutchinson Cancer Center failed to reveal threats of potential swatting attacks until this site revealed the threat. Should they have disclosed it themselves?
I asked the PARC veterans of the Medley Interlisp project whether they interacted with Niklaus Wirth during his sabbaticals at the lab. Ron Kaplan shared a funny early 1970s anecdote on a comment by Wirth on what we now call email notifications:
This time, it's (get this...) my employer's Canadian subsidiary's group health plan's provider's banking partner's provider of file transfer services, #MOVEit.
"The type of #data accessed could include any of..." <everything needed for #identity#theft>, and as an extra-special bonus, "#Health information relating to a claim"!
I asked the Maine AG's Office to help me understand Maine's #databreach#notification statute in terms of what it means about determining the scope of a breach and notifying "as expediently as possible and without unreasonable delay, consistent with the legitimate needs of law enforcement pursuant to subsection 3 or with measures necessary to determine the scope of the security breach and restore the reasonable integrity, security and confidentiality of the data in the system."
Once again, we see a notification that is not as transparent as one would hope. Nowhere do they even tell the patients this was a ransomware incident and data was exfiltrated.
I'm thinking maybe I should somehow find some time and try to file some FTC complaints about companies that don't notify timely and withhold information consumers need to assess their risk and to protect themselves.
@euroinfosec Great! I think we need to identify what we consider the minimum necessary elements or conditions to be disclosed and also what kinds of deceptive language or possibly misleading language need to be flat-out prohibited.
Maybe you can do an OpEd on your site, too, and we can start to get more people publicly speaking up on this issue.
And fwiw, I think the #GDPR and Canadian laws are also too weak in terms of mandating disclosure and transparency. I actually got sued in a Canadian court and had a court order against me for reporting on a breach and disclosing info on it.
It didn't stop me, of course, but still, the presumption should be disclosure and transparency.
(For those who don't know me IRL, my dad always told me I was a "tough cookie." 😂 )
An unexpected benefit of having an Activity Pub focused open ended project for my SE class is I get test follows.
Hi👋 everybody from #Ucsd CSE. Have fun exploring the #Fedi. #Mastodon is just part of it.
If folks have suggestions requests for some CS Graduate student teams to build something for the Fedi as a class project reply below. They’ll see it or I’ll bring it to class for sure.
while true {
for event in events {
time = currentTime()
if time >= event.startTime && time < event.endTime {
sendNotification(event);
}
}
sleep(60 * 5);
}
I wonder how many people are going to disable notifications from this app completely because of this.
These two notifications have been firing for HOURS, and it’s still going. I expect it to continue firing until the events end tomorrow.
Ok, I'm all for timely notifications, but this claim in a potential class action lawsuit seems a bit unrealistic, even to me. Keep in mind while reading this that although TAs claimed to have hacked and acquired data from the company, they had not provided any proof of claims:
"Despite this Data Breach being publicized over a week ago, [company] still has not
notified affected consumers—including Plaintiffs and class members—that their data may be in the hands of cyber criminals."
This was one of those messes where the breach notification by the health care clearinghouse was so fouled up that people were getting multiple wrong letters and there was a HIPAA privacy breach while reporting about the HIPAA security breach...
Okay, so... been on #Mastodon a few weeks now and I only just now realized there's a #notification bell thingy you can activate with people you follow, so you get notifications when they post.
Did anyone know about this? Am I super late to the party again? Why did my advisors not tell me about this!?