confidentiality security的八卦，Yahoo名人娛樂都在討論

SingHealth’s database has experienced a major cyber-attack. 1.5 million patients have had their personal particulars stolen. Of these, 160,000 also had their outpatient medication data compromised. I am personally affected, and not just incidentally. The attackers targeted my own medication data, specifically and repeatedly.

I don’t know what the attackers were hoping to find. Perhaps they were hunting for some dark state secret, or at least something to embarrass me. If so, they would have been disappointed. My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it.

When SingHealth digitised its medical records, they asked me whether to computerise my own personal records too, or to keep mine in hardcopy for security reasons. I asked to be included. Going digital would enable my doctors to treat me more effectively and in a timely manner. I was confident that SingHealth would do their best to protect my patient information, just as it did for all their other patients in the database.

Of course, I also knew that the database would be attacked, and there was a risk that one day despite our best efforts it might be compromised. Unfortunately that has now happened.

The security and confidentiality of patient information is a top priority. I have ordered the Cyber Security Agency of Singapore - CSA and the Smart Nation and Digital Government Group (SNDGG) to work together with the Ministry of Health, Singapore to tighten up their defences and processes across the board. We are convening a Committee of Inquiry to look thoroughly into this incident. It will doubtless have valuable conclusions and recommendations, which will help us do better.

This will be a ceaseless effort. Those trying to break into our data systems are extremely skilled and determined. They have huge resources, and never give up trying. Government systems come under attack thousands of times a day. Our goal has to be to prevent every single one of these attacks from succeeding. If we discover a breach, we must promptly put it right, improve our systems, and inform the people affected.

This is what we are doing in this case. We cannot go back to paper records and files. We have to go forward, to build a secure and smart nation. – LHL

快去連署，幫助香港～

【✍️聯署師召集：要求以色列公司停止為港警破解手機】

聯署link 👉 https://bit.ly/StopPhoneHackingforChina

過去反送中運動以來，黑警沒收數千部抗爭者電話，並透過以色利Cellebrite公司破解手機內容建立針對示威者的「情報網」。

然而，國安法陰霾下，香港的國安、警察、特務更有凌駕法律的權力，在不需搜查令下沒收疑犯電子儀器，令所有香港人的私隱曝露在危險中，加上「煽動顛覆國家政權」、「非法提供國家秘密或者情報」、「勾結外國勢力」等罪名模糊不清，令人質疑這些科技公司正正為中共暴政服務，協助將追求民主、自由的香港人「送中」。

因此，我發起了要求Cellebrite停止為香港警察提供破解手機服務的聯署，希望Cellebrite在國安法嚴重侵犯市民人權的時候，避免成為極權的幫兇。

請各位香港人落力聯署，保護手足的數碼安全。

#國際連結
#停止為港警破解手機
#避免黑警建立情報網
--

Petition: Calling upon Cellebrite to terminate phone-hacking cooperations with Hong Kong Police

Earlier this month, Beijing has unilaterally imposed a sweeping national security law upon Hong Kong, with ill-defined terms, more presence of Chinese agents in Hong Kong and high possibility of extradition to China’s secret courts and black jails. As the law has completely undermined the city’s rule of law and judicial independence, we start this petition to call upon Cellebrite and other digital forensic companies to terminate cooperations with China and Hong Kong’s police forces and security agents.

Israeli forensics company Cellebrite has a long history helping Hong Kong police forces to crack into activists’ mobile devices. Earlier this year, Joshua Wong’s iPhone was crashed by police forces with Cellebrite’s data-extraction technology, let alone nearly 4,000 devices of detainees police cracked into last year.

However, more than just activists, the new security law also covers ordinary citizens and foreigners. According to Article 43 of the law, police can search electronic devices without warrant and court scrutiny. The law also criminalizes sharing of information under the vague offences of "colluding with foreign forces" and "unlawfully provides State secrets or intelligence concerning national", according to Article 29. In the case of China where the security law has been put in place for years, journalists, lawyers, and financial institutions have long become the victims under the law, in particular, the loosely-defined offences like "leaking state secrets" and "inciting subversion". As earlier as in 2005, Chinese journalist Shi Tao was sentenced to 10-year prison for sharing a CCP’s Tiananmen memo abroad. Another veteran journalist Gao Yu was also thrown into prison for downloading widely circulated CCP’s documents from the Internet and sharing them online.

Cellebrite claims its technology is used to create a “safer world.” But once Beijing has imposed a loosely-defined law that covers foreigners inside or outside the city, digital intelligence cooperations with this authoritarian regime are de facto imperilling the personal safety of all western nationals. Especially under rising China’s wolf-warrior diplomacy in recent years, foreign nationals have been subject to mainland-style arbitrary detention and prosecution to serve Beijing’s political ends, from Reuters reporter Anthony Grey to Canadians Michael Kovrig and Michael Spavor. With a broader scope of threats than other western democracies, all cooperations with China and Hong Kong under the new law would be a direct assault on the safe world instead.

To safeguard personal safety and confidentiality of citizens, journalists and foreigners travelling, working and living in this city, we are now calling upon the world to join our petition and urging Cellebrite and other digital forensic companies to terminate all phone-hacking cooperations with Hong Kong police forces and related security agencies.

【思科小學堂】資安檢測機制猜一猜
設立資安目標的時候，都會以資安特徵三要素C-I-A為基準。
那麼甚麼是C-I-A呢？身為網管人不可不知！讓小編考一考大家囉！

(A) Confidentiality(機密性)、Integrity(完整性)、Authentication(驗證性)

(B) Confidentiality(機密性)、Integrity(完整性)、Authorization(授權性)

(C) Confidentiality(機密性)、Integrity(完整性)、Availability(可用性)

(D) Confidentiality(機密性)、Integrity(完整性)、Accountability(可歸責性)

小編稍晚會公布正確答案，大家要鎖定思科粉絲團！
【馬上加入】註冊加入思科同學會，就能收到更多新資訊http://goo.gl/lrdwhb
#Security