e-Criminals

I woke this morning to the news that Ireland’s health service was hit by ransomware, crippling a vital component of our society in the middle of a global pandemic. The first reported casualty of this evil deed was a maternity hospital. As the day goes on we will find the consequences of this attack will expand to include more hospitals, medical clinics, doctors’ surgeries and particularly worrying the Covid-19 processes (testing and vaccination). Some or all of these will have to go offline. Much will have to move to alternative mechanisms, such as pen and paper!

Undoubtedly any ransom demand will be rebuffed. To accede would simply raise a flag saying “we pay” and invite more attacks. No, this will have to be taken on the chin, even though the cost of repairing the damage could be some orders of magnitude more than any ransom.

The ramifications of this attack could last weeks or months, and the cost could be massive. In the meantime there will be questions about how the criminals got in and how prepared (or not) the health service was to deal with such attacks. There will be a lot of questions about backups, aging equipment and potential data exfiltration.

It’s a bad day.

Cookie monsters

“We value your privacy…” Yes, sure you do.

If they valued my privacy so much, they would simply not be using the 100s of tracking cookies on their site. My privacy is not valued, nor is anyone else’s. We’ve known this for a very, very long time. In recent times the biggest culprits of personal data harvesting have been forced to make this more obvious because of the EU’s privacy laws, particularly GDPR. They now have to display to visitors their use of cookies, and seek clear consent to proceed on that basis.

Nevertheless, I have observed that many major sites are flouting the law by not making the consent process clear, by using opt-out instead of opt-in, and by not providing any kind of “reject all” (even if that only applies to non-essential cookies). Indeed, it would seem that they have adopted a strategy of presenting a massive “cookie notice” overlay that has a big “I accept” button and a refinement process that is so convoluted that almost nobody will go through it. The “I accept” button is essentially coercion.

It would also seem to be the case that some sites have already dropped cookies into your browser while they are presenting the big cookie notice and waiting for your consent!

This has to stop.

I trust the CJEU and the various associated national data protection agencies will be slapping more fines as time goes on, and hopefully the message will get through.

Money, money, money

The potential for physical money to be the vector for the virus has encouraged every capable society to shift towards card-based payment, preferably contactless at the point of sale. As a consequence I, like many other people, stopped using cash.

In fact, it has been about a year since I last used cash, and I’m getting to like it. One downside of this is that now all of my transactions are being tracked by someone. With the demise of cash comes the demise of privacy.

So now I predict that there will be a growing popular demand for a true digital cash technology, one that has all the convenience of traditional cash, the added benefits of personal accounting (not to mention the added hygiene), and without loss of transactional anonymity. That’s going to be quite a challenge.

Domain control

I won’t give the perpetrators the benefit of a mention or link, but it is really troubling when those responsible for a top level DNS domain don’t adhere to their own rules by allowing unethical use of a domain name during the current global crisis. A phrase strongly associated with public health is undoubtedly going to encourage people to enter into their browser’s address bar a site name based on that phrase. Sadly, these unsuspecting people will then be presented with the latest conspiracy theories, anti-vaccination tripe and bizarre political agendas.

During the current worldwide calamity it is not only the search engines and social media companies that need to keep a close eye on their services. All of the infrastructure providers have an equal responsibility. The problem for the public is that any attempt to bring issues to the attention of the providers merely gives publicity to those who are abusing the services, which just makes things worse because the providers are ignoring the complaints.

Claims about removing tens of thousands of inappropriate messages/pages/sites may sound good, but there are hundreds of thousands, if not millions, of such cases. And the problem just keeps growing. The future of public discourse, education and engagement is under threat.

2020 main course

It looks like we’re polishing off the main course served to us by 2020. I summarised the first 6 months of this calamity back in June, at which point the coronavirus infections had passed 7 million globally. It is now more than ten times that number! According to Johns Hopkins University 75 million people have been infected and over 1.5 million people have lost their lives. (2020-12-19) Countries across the world are either in, or going into lockdowns of varying severity.

Despite these shocking numbers, we have some good news. There are now several vaccines – two of which have been approved in the US, EU approval only a matter of days away, two others rolling out in Russia and China, and at least one more in a few months. We’re being assured that the approved vaccines have been developed so rapidly not because of cutting corners, but because of intense effort, parallel activities and pre-emptive resourcing (manufacturing ahead of regulatory approval). Naturally this means that a lot of work went to waste. There were many fruitless lines of investigation, much production that eventually had to be dumped, lots of promising developments that failed for one reason or another.

Nevertheless, we now have vaccines.

The planet has almost 8 billion people and the vaccines generally need two doses per person, so we need 16 billion doses. This is shipped in little glass vials typically holding 5 doses each. Maybe 60% of people will actually get the vaccine, as there will always be people who will decline, and some who can’t for sound medical reasons. Hopefully the world will ensure that those who want the vaccine but don’t have the resources will be helped by those of us who are better off.

The different vaccines have their own complications. One needs to be stored at -70°C. Another, bizarrely, seems to work best given as a half dose followed by a full one several weeks later. This is all going to be challenging in terms of logistics and data management.

Even good intentions by medical teams could cause problems. For example, with the early rollout of the first vaccine in the West it was discovered that some of the 5-dose vials contained enough for a 6th dose. Rather than waste the extra vaccine, many have been giving it to patients. However, as a second dose is a necessary follow-up, this means that the suppliers need to know about the unexpected beneficiaries of the overflow doses to ensure they have stock for the second round.

Meanwhile, the after-effects of Brexit still loom large. The temporary transition period expires in two weeks and there is still no agreement between the EU and UK regarding trade and other topics of mutual interest. This weekend could be the last chance the two will have to iron out the remaining creases (the thorny subject of access to fishing waters around the UK being the last straw). The signs are not good, but failure to come to some arrangement would be a disaster for everyone so there will be some colourful manoeuvring and overt pressure on both sides to hammer out something, even if it means going beyond the final, final deadline.

Across the bigger pond the US has chosen a new president, so while their problems haven’t gone away, perhaps there will be less chaos compared to the past few years, which will be a welcome change. At least we won’t be waking every morning wondering what new horror has appeared on Twitter.

This 2020 main course should be over in the next month or two. Everything will change as we use the New Year palette cleanser and prepare to tuck into 2021 dessert, which will involve a ramped-up vaccination programme, some clarity on UK-EU relations, a steady hand on the US tiller and a new determination to get our world back in shape.

It could still take another six months before there’s some semblance of normality, whatever that is.