Using CVS App A Prescription For Invasion Of Privacy – IMRAN™

CVS invasion of consumer privacy

Advertisements

Why is CVS Pharmacy trying to track #consumers’ #location even when we are not actually using their App? Sleazy invasion of #privacy and a #security risk! Shameful #UX design decision. Maybe the Federal Trade Commission can find out.

© 2017 IMRAN™

https://t.co/0cgubYkwYb

(Out Of Control) Without A Control Tower? – IMRAN™

Control Towers Don’t Eradicate Poor Communications Or Human Error.

Another Brick In The (Fire)Wall Versus The Great Wall Of Red China! – IMRAN™

In 1998-1999 I had the privilege of being the first person to be invited to speak to the leadership of the United States Space & Missile Defense Command (think of it as Star Wars or Crystal Palance from one of my favorite #‎movies as a kid, War Games) at a top secret location in Huntsville, Alabama!

Product Review: Eikon To Go USB Fingerprint Reader With Apple Mac + Windows Software

The product itself gets 3 stars, but the 4th star is for the fact that they made the effort to develop it for Mac, and even more so for how absolutely wonderful both the seller (reseller) and the manufacturer were to my emails about the bugs and frustrations I encountered.

I have always believed in the convenience of biometric devices. They have been hard to come by on Macs, but for many years I have used and appreciated a fingerprint scanner (infrared pad to USB) from Microsoft, that only worked on Windows, though sadly now does not work in Windows 7.

This Eikon fingerprint scanner is a USB plug in type for the Mac and comes with Windows software also. I tested and use it on both platforms, after buying from Amazon.

The product itself gets 3 stars, but the 4th star is for the fact that they made the effort to develop it for Mac, and even more so for how absolutely wonderful both the seller (reseller) and the manufacturer were to my emails about the bugs and frustrations I encountered.

It is finicky, it often takes 2-3 slides of the finger(s) or one slow very accurate swipe for it to work. Often I wonder if the 2-3 attempts are worth the hassle of using the device. On the other hand (no pun intended) it does log me in quickly when I do it “right”. Using it regularly and getting used to it provide the benefit that you can ( I did) make the password far more complex/long than when just typing it in my hand. E.g. &*mYpa$$word&*43!! Instead of just &*mYpas$$ etc.

The worst thing about the design is that it is useless to plug in to a typical MacBook Pro (i5 15″ for this case) when anything else is plugged in. It is too wide. So, it comes with a maybe 6″ USB extension, but then it makes it even less attractive, in visual and usage sense.

Now you have loose hanging thing twisted upside down or sideways sitting on the side of your laptop (as the cables often have an inherent ‘twist’ torque in them that flip the device on its side), and it is now even less usable as you almost have to grab is with one, hold it up firmly enough so you can swipe a finger from the other hand through it.

Since I use external USB keyboards with my MacBook Pros, I tried to plug it into the USB built in to Apple keyboards. No joy, as the device will not fit there and even if it did, it would be under the keyboard body and not usable. Hanging it by the USB tail extension I can use it but it will always move around, still requiring the 2 hand use, unless I scotch tape it. Then, it makes the laptop a little less mobile if I have to remove it every time I travel.

I am also disappointed that despite taking far more repetitions to learn a fingerprint than a 10 year old Microsoft infrared fingerprint reader (sadly not compatible with Mac or even Windows 7 now), it still needs the finger swipe to be so specifically accurate. But, it i doable, and when you get used to it, it does save time.

A plus is that I have it working on an office provided Windows 7 laptop. A disappointment is that it does not store finger prints on the device for MAC users. It does store the fingerprints for the Windows software! So, technically I think I can carry it to different Windows desktops/laptops without having to save fingerprints x 10 x 5 repetitions per finger on each machine, but for each Mac I would have to go through that process.

Based on just how cooperative the seller and the manufacturer have been, and the price, and overall tolerable usability, I am considering getting another unit so I can leave one taped to the desk and one to carry with me or use on the other laptop(s). Or, of course, I will be happy to buy the next great biometric device that comes out for my preferred platforms. 

But please be aware of the shortcomings (and advantages) before you order this or similar devices.

Imran Anwar

Technorati Tags: , , , , , , , ,

CURES For Security Challenges In Cloud, Crowd, Big Data And The Big Bad World

start thinking in terms of erasing boundaries between security departments — not just in IT but even with and within non-IT. At the level of criical importance their Star Wars program was (and the nature of information today must be even more important and the threats even more nefarious and multifarious), not only would there be attempts, I said, to break in over the network, but physically, as well as various combinations.

An industry colleague and fellow blogger/journalist Mary Jander wrote an interesting article, “Security May Be Too Big a Job for IT” on Internet Evolution. It was a thought provoking post. Though I only see two comments on it at the time of writing this article, I am, for someone often taking contrarian views, quite in agreement with both Kim Davis and smkinoshita who wrote comments there. They talked about collaboration, and where the role of Security in an organization should lie.

With the advent of Cloud Computing, and more and more use of public, hybrid and public cloud converged infrastructures, one of the questions I am asked most often is, “Oh, is the cloud secure?”

Ironically, this is common between a housewife sitting on a flight next to me and a CEO that I may be advising.

“Nothing is secure, unless you make it a collaborative business of everyone in the enterprise to make it so,” is what I, sometimes to their chagrin, bluntly tell them.

The problem is how Cloud Security, IT Security, Information Security, Data Security, Premises Security, Perimeter Security, XYZ Security, are still almost islands of imagined security unto themselves. This is not so much a technical limitation as an issue of three major distinct issues.

The first is due to enterprise architectures designed for the last century, or at best, for the last decade.

The second is the human element of doing management by dividing large entities into smaller pieces for easier management. That works great for operations, project management, etc. but is a terrible approach to security.

The third is a lack of collaboration (and integration) where it counts (end-to-end enterprise security) while organizational leaders patting themselves on the back for having rolled out some collaboration platform for sharing Word documents and Excel files.

This problem is not new. It goes back decades.

In 1999, as CEO of EverTrac, a pioneer of location-aware mobile information management & security, I was privileged to speak to top leaders at the United States Space & Missile Defense Command (I still get goosebumps at that name 🙂 and tell people to envisage Crystal Palace in one of my favorite childhood movies, War Games) at an Undisclosed Location in Alabama 🙂 .

But, excitement aside, I was surprised (and seriously concerned) when they were surprised at my saying they had to worry more about the information than about how to secure the servers and data centers, as they were focused on.

Even more, I said, they had to start thinking in terms of erasing boundaries between security departments — not just in IT but even with and within non-IT. At the level of criical importance their Star Wars program was (and the nature of information today must be even more important and the threats even more nefarious and multifarious), not only would there be attempts, I said, to break in over the network, but physically, as well as various combinations.

The advent of mobile devices, global networks, hacking tools, complicated systems with often un-patched vulnerabilities, managed by people either lacking or not interested in keeping up with the latest iterations of technology and security challenges and solutions, all touching the cloud, make for an explosive mixture.

Even in 1999, I declared to my audience that these problems had CURES™.
 
I said Collaborative Unified Realtime Enterprise Security (collaboration was not yet a buzzword then) would be key to solving the problem before it became intractable. Sadly, 12-13 years later, even the top companies in private sector high information value businesses do not get it.
 
I continue to highlight this even more vociferously the more our lives generate, use, and are governed by, floods of big data, accessible to crowds large and small, all in a cloud with nebulous threats and security capabilities. I am glad others are taking up this serious problem.
 
Together, we can find the CURES!
 

Technorati Tags: , , , , , ,

 

Question The Tough Questions To Ask In Cloud Computing

I am on record as suggesting that tough questions need to be asked by everyone (including clients, media AND vendors) before jumping on the Cloud Computing bandwagon. (See http://www.youtube.com/watch?v=uYl-tzTHtQk which I recorded even before having a day job at the leading Cloud Computing Converged Infrastructure vendor.)

I am on record as suggesting that tough questions need to be asked by everyone (including clients, media AND vendors) before jumping on the Cloud Computing bandwagon. (See http://www.youtube.com/watch?v=uYl-tzTHtQk which I recorded even before having a day job at the leading Cloud Computing Converged Infrastructure vendor.)

I read a recent article, Some tough questions you need to ask your cloud provider,  by Rutrell Yasin. It is in the respected GCN (Government Computer News), a publication I also recall being interviewed by in the past. That was during my days of being CEO, EverTrac, the pioneer in location-aware eBusiness solutions, including tracking people and assets, indoors and outdoors, in the late 1990s.

In it, the writer quotes, Wolf Tombe, chief technology officer within the Customs and Border Protection’s Office of Information Technology. I am certain Mr. Tombe is far smarter, more experienced and clout-carryng in government, technology, and probably even Cloud Computing circles than I am.

But, I also respectfully disagree with his contention that some applications are “easy wins moving to the cloud, such as e-mail and collaboration tools”.

If “easy” refers to how quickly and conveniently an app can be deployed onto a cloud or converged infrastructure, then I would say, most apps, whether email, or ISV created vertical solutions, can be migrated with reasonable convenience and the expected amount of work.

If the contention is that somehow email and collaboration are no brainers to put in the public cloud, I strongly disagree.

I think that is over simplistic and dangerous. What apps are no-brainers to move to the public cloud should depend on the mission-critical or sensitive nature of the data or functionality in the app, not what the app itself is.

For example, even the simple email and internal discussion files of a nuclear weapons design agency with just 100 people would be far more critical to protect than, say, all the accounting data of a widget making company with 5000 employees.

So, as I have said before, tough questions need to be asked… by clients, by media, and even by vendors. The stakes are too high, the opportunity too huge, and the threats too serious for any of these elements to be glossed over.

Technorati Tags: , , , , , , , ,

Have American Airlines Pilots Become Paranoid Bathroom Attendants?

I am thankful that 9/11 2011 passed solemnly and uneventfully from a security perspective, but I remain concerned, and we must remain vigilant. We are not out of danger, and we are all in this together.

Like everyone else, I was seriously concerned about the threat of new terror attacks on the 10th Anniversary of September 11. I was more worried about vehicle borne or even lone wolf suicide bombings than someone still managing to pull off a terror attack using jet airliners.

So, I read with interest the news reports of two separate planes that caused national security alerts, with fighter jets being scrambled, and passengers being questioned, after landing, for their… drum roll… extended use of the airliner toilets.

news item in particular was very strange… An American Airlines “pilot became nervous when he noticed that several passengers were making frequent trips to the bathroom.”

I am all for safety and being alert, especially on the 10th anniversary of 9/11, but what kind of airliner pilot is more focused on how many people are going to the bathroom than flying the darn plane? Is he SuperPilot that he can see through the locked cockpit door? Or did some ditsy (male or female) flight attendant cause the scare? They should consider taking a job in a restaurant to keep track of bathroom visits by patrons.

Also, I am all for a couple deciding to make out on planes, trains and automobiles, but (if that is indeed what had happened on aFrontier Airlines flight) for a couple to try pulling that off (no pun intended) in an aircraft toilet on 9/11 suggests the Moron gene’s presence.

Maybe airlines should not issue coupons (like drink coupons) on how many times and for how long passengers can go to the bathroom. eBay can set up a new marketplace to trade in toilet time futures.

A separate news report during the hunt for possible terror plotters mentioned how police were searching for stolen vans and similar vehicles.

That made me think… how dumb must be those retards who would steal any vehicle, much less a potential bomb-carrying-capable van on or around 9/11. I really wish they get caught, and even if they’re simply Grand Theft Auto fans, I hope they are shipped to Guantanamo for the crime of being extra stupid, and for causing extra concern for the whole nation.

Finally, I am thankful that 9/11 2011 passed solemnly and uneventfully from a security perspective, but I remain concerned, and we must remain vigilant. We are not out of danger, and we are all in this together.

What were your thoughts on 9/11/2011 and how have your thinking and you changed since 9/11/2001 ?

 

Technorati Tags: ,