Intemperate Thoughts

As I was looking through my Twitter feed at lunch, I ran across the following article by noted security blogger, Brian Krebs.  The story tells about a vendor (in particular a core vendor in the Fiserv family) who had made an announcement to its clients that going past Adobe 8.1 is currently not recommended as it breaks functionality.

First of all, it probably is not the brightest thing for the vendor to recommend an obsolete version of Adobe, especially with all the vulnerabilities and compromises because of Acrobat, and should have been working diligently over the past year to repair that issue.  However, the announcement came over a client only secured web site.  This was information that was being relayed to the client institutions so they can make the proper risk assessment for the organization, and weigh whether or not that the affected optional enhancement that relies on older versions of Adobe is needed for business purposes.

As a user of the software (though not affected by the vulnerability), we weighed the need of the optional software and found a workaround that does not expose us to a known vulnerability (but given time, there will be more).  It is disappointing, though, in the credit union arena that a client would expose confidential information that affects up to 300 other credit unions.  An intelligent black hat can take the information that was shared with Brian Krebs and information filed quarterly with the federal regulators to target specific institutions with Adobe PDF vulnerabilites.  Credit unions oftentimes do not have the security expertise and could have a higher risk than most financial institutions.   If you are going to shame a vendor (especially one you pay tens of thousands a year for support from them), find a better way without putting hundreds of thousands of credit union members at risk.

The National Cyber Security Alliance has put out a very “cute” video on staying safe online.  Think June Cleaver in the internet age.

Barney Frank, in a recent show on MSNBC states that the Democratic Party is working to increase the role of government on every front. Not that the Republicans were much better about this in my voting lifetime….

Well, the Senate Finance Committee finally posted their health care bill. Over 1500 pages! How can they read that in 72 hours? Anyone want to help read it?

Senate Finance Health Care Bill

Another Microsoft “Black Tuesday” passed this week with 13 patches covering 34 vulnerabilities. In addition, Adobe released Reader 9.2 with patched 29 vulnerabilities. Get those systems patched!

Thoughts about the health care speech.  Mind you, I am very cynical about all of this:

Hmmm…say what you want, President Bush was very punctual in starting these speeches.

815 – I see Mrs. Clinton and Mrs. Pelosi have nearly the same pants suit… 

817 – Patting himself on the back for the economy avoiding collapse – doesn’t he realize very few are hiring right now, and that is the problem.

818 – Are we back from the brink yet?  Economic numbers are cloudy.

819 – Okay, now onto health care. – Did Teddy R call for health care reform?

He says that we are at the breaking point.   Uninsured again?

Again, we are not a Democracy, but a Constitutional Republic.  Why do they lose their coverage, because they change or lose their jobs?

Ah…horror story time.  But he is right about the way certain people have been treated…but not everyone.

Rising costs are a real problem…but what is the fix?

Interesting that he brings up the taxpayer, which is who is going to pay for the eventual cost of a government option?

825 – Are we going to get specific now?

Partisan spectacle?  It is infighting between Democrats that has stalled the process, plus the uncertainty of the plans

Goals

More security for those who have

Insurance for those who don’t

Control costs

Details:

1.  If you have health insurance, nothing will require a change of doctor you have….what you have…No denials for pre-existing condition.  Stop dropping coverage when you get sick, no caps per year or lifetime….Limit out of pocket expenses….Preventive care is an important part.

2. Health insurance for uninsured.  Insurance exchange – shopping for competitive prices.  Tax credits for those small businesses cannot afford, exchange in 4 years.  Low cost coverage for those sooner.  Those that choose to not have coverage (persons or businesses), individuals will be required to get health care….same with small businesses, 95% of small businesses can get exemption.

“Death panel” is a lie.

No insurance for illegal immigrants.

No federal funding of abortions.

Blaming Wall Street?????????

Non-for profit public option in the insurance exchange…ahhh…Public insurance option must be self-sufficient.

Finally….how do we pay for it?

No plans to adding to deficit.  Provision for spending cuts if the savings do not meet expectations.

How does he plan on reconciling with the CBO?

Independent commission in charge of looking for waste.

Wait – didn’t we get senior drug coverage under the Bush administration?

Waste will pay for most of the expense – and then charge insurance companies for the rest?  Doesn’t make sense.

Tort reform, with trials in different states?

900B in 10 years?  He think it will reduce the deficit by 4T in the long run?

Our deficit is still going to grow whether or not this happens.

Now back to fear tactics.

An article in our local newspaper, the Gainesville Sun, announced that a local medical firm will be receiving money from the National Institute of Health to develop an inhaled vaccine for smallpox.  Smallpox has all but been eradicated in nature since 1977, with the WHO declaring it eradicated in December 1979.  So, why are we working on an aerosol vaccine for something eradicated nearly 30 years ago?  Are there any biological terror threats we need to be aware of??

The White House finally acquiesced to the fact that the deficits projected by the Congressional Budget Office are more in line, saying that the deficits projected over the next 10 years will approach $9 trillion.  This would push the national debt to $20 trillion, which is nearly 50% more than the 2008 GDP of the entire United States (which was around $14.3 trillion).  Where’s the money going to come from?  Also, is the the CBO right about the projected costs of the Health Care proposals?

What is going to happen with auto sales now that the Cash for Clunkers program is over?

Apparently, criminals in the Heartland Payments Services, Hannaford Brothers, and 7-11 hacks have been indicted and arrested for their crimes.  According to this Wall Street Journal Article, they netted around 130 million credit card and debit card numbers, and were responsible for the TJX breach as well (which were 40 million cards).  These compromised cards were sent to different sites within the United States and overseas to Latvia, the Netherlands, and Ukraine (no surprise there).  Do you think that this may be one of the reasons that the “price” for compromised cards has gone down in the black market.

Some of these criminals must learn the rules of free market supply and demand.