cyberartisans logoWeb professionals dedicated to
    making your web site work for you...

Back to
Newsletter listCyberArtisans Logo
CyberArtisans Web Developers Newsletter
Keeping you up to date on the web August 2007
In this issue
  • Personal Health Records Online
  • Mozy Followup
  • Monster.com Mess

    •      

    Welcome to the August 2007 issue of the CyberArtisans monthly newsletter!

    Our goal is to present information that will be useful to you as a website owner and as a user of the web. If these newsletters are useful, please forward this to a friend. To unsubscribe, follow the directions at the bottom of this email.


    		Personal Health Records Online

    Having your personal health records available where an Emergency Room can get to them could save your life. On the other hand, having your personal health records in the wrong hands could complicate your life a lot.

    There are number of places online that now offer either online record-keeping or software that allows you to keep your records offline, on your computer. Having them online means your doctor can see (or add to) them, or an ER can use them (with proper permission) in an emergency. But it also increases the risk of their getting into the wrong hands. The decision comes down to balancing the risk of stolen records vs. the risk of not having the right records available in an emergency. And some of that might be a function of whether you have any medical conditions that might need special handling.

    One good source of these services is the American Health Information Management Association, which lists a lot of services on this page according to your preferences.

    Our favorite among the available services is iHealthRecord, which was created and is maintained by the Medem network, a "network founded by the nation's medical societies to help physicians communicate with their patients." It's free, which is nice. It's also maintained by an organization that has a reputation for privacy to protect.

    		Mozy Followup

    In an earlier issue we mentioned Mozy as a source of online backup. We've been using it for a while now and are very happy with it so far. We're using the paid version for our systems with a lot of user files and the free version for the smaller systems. Both work as advertised.

    There are a couple of complications, however. Depending on how your file system was created on your system, you may have to shut down any program that keeps open a file you want backed up. Most notable is Outlook -- if you leave Outlook running your email will not be backed up. But we've found it's not difficult to get into the habit of shutting down Outlook when work is done for the day.

    You also have to leave your computer running and connected to the Internet if you want your files backed up at night. You can turn your monitor off, however.

    We've had one occasion to use Mozy's restore function. It worked as advertised. Not quite as instant as we had hoped, but then we were restoring a 1.8 GB Outlook data file....

    		Monster.com Mess

    You may have heard that some folks who posted resumes on Monster.com had their identity stolen or bank accounts emptied. The dismaying part of this is that the thieves did not hack Monster.com's records as was done in previous infamous online exploits like TJX.

    Instead, the thieves simply acquired an employer account. It's not clear if they did this by stealing passwords or just posing as an employer. In either case, they then used the data that was already on Monster.com to obtain user's names, addresses, phone numbers, and email addresses.

    With that information, they sent personalized emails to the email addresses. These folks, instead of getting the usual "Hi jspencer@cyberartisans.com..." which is a dead giveaway that it's Spam, received email that said "Hi Jonathan Spencer...." The email said that the email attachment was a Monster Job Seeker Tool that would make job-hunting on Monster more efficient. In fact, the attachment was a Trojan that installed a keylogger that copied the victim's keyboard entries, including passwords for bank accounts. There's a very complete accounting (5 pages worth) of the whole story on the ComputerWorld website.

    So the standard advice still holds: Be very wary of attachments unless you are sure you know the sender and equally sure that that sender sent this email to you. If necessary, call them and ask before opening the attachment..

    Quick Links...