Friday, November 14, 2014

HealthCare OpenData shows cost of pregnancy at men aged 76 are the highest in the Dutch city of Lelystad

A Dutch organisation by the name Vektis recently published an open-data file showing the costs that healthcare insurers have paid in 2012. With this data set, Vektis aims to help stake holders gain a better understanding with the ultimate goal to improve quality and cost of #healthcare.

Dutch RTL Nieuws analysed the raw data and published several articles about this (link, in dutch) and aired it on their prime time TV news last night.

So did I, but from a different angle:

Vektis raw data reveals 56 men, aged 76, within the dutch city of Lelystad who expensed 2,002.29 euro for cost of maternity and obstetric healthcare. Can we conclude that 76 year old men in Lelystad expense an average of 35,76 euro for pregnancy?

I don’t think so.

The raw data of Vektis contains 40 records where male people have submitted expense reports for maternity and obstetric care, totalling 20,627 euro.

The data does not show how many expense reports were filed, nor by how many people. Therefore we have to be very very careful to draw conclusions.

How accurate is the Vektis data?

Monday, September 22, 2014

IPad IOS 8.0 update: why I never do (dot null) releases

 I should have known better. Things that used to work fine, no longer do.

Google streetviewing a property: boom!

Writing a blog post about this: now became annoying
  1. Cursor gone
  2. Focus gone
  3. Selections wrong
Under Jobs they used to do a better job...

(Or should I blame Google?)

Friday, August 1, 2014

Uncovering what lies beneath...

Clarification for Information Leakage: A trusted US business partner of mine asked me for assistance. He needed help in identifying the source of a potential information leak for one of his customers.

As everyone knows, the behaviour of regular business users is rather predictable. This predictability can be visualised and wrapped in a bubble allowing for granular and non-granular analysis.  

With the image below, I created a non-granular view where each bubble represents a user's normal interactions. Even with a casual glance you can immediately see how one bubble stands out from the others.

This visualization provides clear evidence of one individual who had accessed the contents of more than 2,500 mail files of other employees in the organisation. 

In greater detail, each bubble in the above image represents a single user who accesses a particular number of databases.  Each type of database is given a designated color, described in the legend.  The entire visualization represents the activity of 5,000 users inside the organization's IBM Domino collaboration environment.

Some of you may have noticed the second largest bubble (in the blue bubbles). This represents the activity by a well-known performance monitoring tool.

A forensics engagement like this typically takes about one to two weeks to perform with a lead time < 24 hours. All of the work is performed remotely, with the exception of the data collection (online screen sharing session, appr. 1 hour) and presentation of findings (again online screen sharing session).

Wednesday, April 2, 2014

How to DOS your Imac

Have your keyboard, mouse and trackpad all connect via bluetooth.
Next, click the bluetooth icon, turn it off and discard the warning dialog that tells you why you should not be doing this.

Plugging in a usb-mouse didn't work. Remote access could have, so I guess I should enable this.

Monday, December 3, 2012

Over 21,000 views on my Tumi TSA Lock video

Did you know how many people forget the number combination of their luggage locks? Imagine the trouble, if you just arrived in your hotel after a long flight.

In this short instruction video I posted a while back on youtube, I show how to open a Tumi TSA approved lock if you've forgotten the number combination.

And I just discovered it's been watched more than 21,000 times in the past 9 months. Wow ;-).

Tuesday, November 27, 2012

Amazing experience working with IBM China

I have very good memories from working with people in the AsiaPac region, both as a guest speaker at it-security (BlackHat) conferences in Hong Kong and in performing some forensics work for the Internal Security Department in Singapore.

This week I had my first experience in working together with team members from IBM in China. In one word: amazing! Let me tell you why:

Following the partnership that IBM and my company started this year (see this link >>), we needed to start supporting the non-western character-sets in our DNA solution in order to perform data collections on Lotus Domino servers in China.

For this purpose, Viktor Kranz (IBM's TF/DNA coordinator inside IBM) brought me in touch with Mr. Lin Tang of IBM China or 'Forest Soup' for those who get to know him ;-)

My encounters with Forest Soup:
  • setting up a complete C++ dot Net 2003 IDE, including Notes C-api 
  • understanding code logic for 9,000 LOC (C++): 25 minutes
  • installation of a new Domino server: 5 minutes
  • limit questions to just 4 sharp & smart ones: 5 minutes
  • coming up with a plan
  • daily status updates
  • superb documentation
  • clarity in communication
  • entire new code done within a matter of days
Over the past 12.5 years in Trust Factory, I've met -and worked with- several uber-specialists such as Bill Buchan, Daniel Nashed, Richard van den Berg, Michael Dudding, Stephan Wissel, to name a few.

I'm ready to add another uber-specialist to my list: Amazing Mr Tang :-)