There's a major grocery store chain in Texas called H-E-B. They've got facial recognition running at the entrances and exits. They want to make sure everyone knows it. Walk by and you might get some random red box around your face for no obvious reason. It looks like the equipment they have only identifies one face at a time, though. Either way, I can't see how it serves any real purpose.
Can they get a dolphin and name him Darwin for this moon pool?
i doubt that it had anything to do with that, because there was absolutely no way for parents to access it. It was only accessible from within the hospital network. There might have been some gateway to the global Internet, but I did not find that. I did find a couple CT scanners accessible from the global Internet when I ran them into SHODAN.
Almost as good as when I was telling people where to go to get gas during Hurricane Harvey because all these stations left the meters on their gas pumps open to the Internet for no reason. "Hey, fuck the line! The guys down on x pedro have xxx gallons of whatever." This IoT thing is pathetic to the max.
This load of horseshit was actually in Texas.
China calling Elon. Come in, Elon!
Holy cow!
Was there no agency you could have tipped off about it?
Of course. The problem was that because I'd previously brought some of the problems to their attention, they would have known it was me. Aside from them probably accusing me of "hacking" (what a joke), they probably would have sued me. And while a lawsuit like that would ultimately be unsuccessful, it would have tied me up and buried me in legal fees. Then it probably would have made me completely unemployable. When you have professional licenses and the job market already sucks, you don't want to have that kind of albatross hanging over you.
Theoretically, the hospital was on the hook for up to $250,000 per record and as a whistleblower I would have been rewarded some of that. The reality is that it was a regional public hospital, they couldn't afford it, the government wouldn't have imposed the fines anyway, they would have come up with some excuse for me not to get the reward, and I would be unemployable after I'm slathered all over the news media.
I just left in utter disgust. That's the worst case of incompetence I've ever seen. Well, there was the place in Ohio that had their access control system for the nursery controlled by an old garage door opener. Flipper Zero anyone? (FZero wasn't around then, though.)
Back about ten years ago I was working at a regional hospital. I've told this story before on Slashdot, but it is relevant here.
I start working there and one of the first red flags was that these idiots didn't have individual user accounts set up. The entire system was based on Windows. They had a general account that everybody from the doctors to the janitors used, and it had a simple five letter password that everybody knew. So, well, basically useless. They had this idea that this made them comply with HIPAA. Uh, no. And their entry code to the ER ambulance entrance was 911. (That is not uncommon.) But it gets better.
They had a global Windows share drive that was a dumping ground for... everything. So this thing had everything from patient information to employee lists to social security number lists for employees to recipes (I kid you not) crappy soup in the hospital kitchen. It was insane. I warned them about it in the first two days or so that I was there and, of course, was ignored.
Predictably, they were shut down with ransomware in the middle of the night. Someone had infected a random computer and it hit that network drive, crippling the hospital. I was working at two in the morning and immediately knew what happened. So I called the IT emergency number and got some tech, who was clearly drunk off his ass. I was literally sitting there walking this guy through logging in on the phone. And knowing the basics of their network topology, I even told him the most obvious way to identify where it was introduced: It encrypted everything it saw, which included the network drive, but you just have to find the computer that has all its local stuff infected. Oh, and by the way, from the language of the ransom note, it was clearly someone from Eastern Europe or Russia. And so on. Eventually they fixed it but it took them about 12 hours.
Well, it gets even better. The morons had all the security cameras accessible on their local network. No VLAN, nothing. And they had a very predictable IP assignment for it. I think it was something like the floor and a camera number. So like 192.45.1.5 for camera 5 on the first floor. That really isn't so bad, except that it shouldn't be globally accessible from any computer in the fucking city. But wait! When you connect to it using a web browser, it squirts out the model number of the camera. And, as you can guess... No, they never set passwords on the damned things, and used the default password. We're talking literally Googling the model of the camera and finding out it was "admin" or something like that.
So I discover this when I'm bored one night on a 24 hour shift. So I'm flipping through cameras, and there were cameras in pretty weird places. Like the playroom for the children in pediatrics. Really, I don't want to know. There was also one on the roof that was a movable camera. I reported it and was ignored. A couple of weeks later, I turned the camera into a tree. When I came back two weeks later, it was still looking at the tree, so obviously nobody was looking at these things.
I won't even get into the shit that happened when they had a bomb threat from some asshat and their incredibly incompetent response to it. They demanded that everybody turn their cell phones off because... reasons I still don't understand. (The real reason was that they wanted a communications blackout.) But it was "Oh my god, if you use your cell phone it might detonate da bomb!" Sure. Well, when they locked down the place my cell phone was in my call room in the middles of the hospital. The local PD obviously had some kind of scanner they were using, because they kept circling around the closet I had to sleep in trying to find the phone. Being idiots, they never found it. In the middle of all this, because they had to have communications, they bring out cell phones the hospital had and start handing them out to critical personnel: Apparently their cell phones won't "set us up the bomb."
Oh, and while they were trying to tell everyone not to use cell phones (and I guarantee the patients and families who were oblivious to all this were using theirs) they left the facility public WiFi on. So, well, hell, nobody could possibly use a text message or something over WiFi and trigger something, right?
Oh, and it gets even BETTER. Their entire electronic health record that they used for the ER was all nice and password protected. The problem was that they had a hidden Windows share drive that exposed the backend of their ER system. Once you opened that, everything was unprotected and plaintext. There were thousands and thousands of records that were accessible. I mean, you could pull up document images that had been scanned in. I estimated about 750,000 records going back about eight years.
But wait! There's more! On ANOTHER "hidden" share drive there was the dumping ground that the IT department used. The most interesting thing on that was a Powerpoint presentation someone had made detailing some of their security vulnerabilities and laying out a two year plan to address it... dated about a year prior.
This happened and I was only there SIX MONTHS. I wasn't trying to do anything specific. This was all completely natural. Kind of like "What happens if I type \\Alpha"? Needless to say, I got the fuck out of this hell hole as quickly as humanly possible. My contract ended and I ran like hell.
So it really doesn't surprise me that the Louve did this, or that one of Hillary Clinton's campaign officials had the password "password".
bah.
Let me know when they start making *autographic* 120 film again. I have the camera, and am dying to shoot a roll!
The last rolls were apparently made in 1932. The cameras had a flap that could flip up and allow writing directly onto the film with a stylus. When you see handwriting on an old picture print, it was likely shot on autographic.
[and, yes, in fact my autographic camera *does* have bellows!]
That Electrolux isn't really an Electrolux.
a couple of decades ago, in one of those weird corporate maneuvers, it sold the name, and now sells its vacuums under another name, while the buyer sells non-electrolux as Electrolux.
So what she knows of Electrolux from the late 20th and early 21st centuries no longer applies.
But, yes, they were very good and lasted forever. Also extremely pricey.
If all countries required a 7.5% spend on local content, Netflix and other streamers would have to spend 1462.5% of their revenue on local content.
7.5% of the Australian revenue.
Can you stop speaking in marketing buzzwords and use plain language?
"white label" is not a marketing term. It's not something to boast about. It means a company puts their name on a product that is actually made by someone else.
I mean back when I was still using Windows, I once tried to get it as small as possible by boot-formating a disk and putting in more and more files until it came up. I think I ended up comfortably getting it onto a normal HD 3,5 inch "floppy". It's not that hard. Though I have never actually looked into Windows 7, but I can't imagine it's so much bigger than Windows 3.1.
I did this as well with Windows 3.11, but it required using Stacker/DriveSpace (can't remember which) and also using XDF to increase the capacity of the disk from 1.44 MB to ~1.8 MB. The end result was bootable and it could load Program Manager.
Make deliberate mistakes with CAPTCHAs - don't give away nice training data for free.
+1.
try using mirrors. What could go wrong?
If a thing's worth doing, it is worth doing badly. -- G.K. Chesterton
