Spam Trojan Installs Own Anti-Virus Scanner

I just got a link to this article in eWeek entitled Spam Trojan Installs Own Anti-Virus Scanner.

Most viruses and Trojans already attempt to block anti-virus software from downloading updates by tweaking hosts file to the anti-virus update sites to the localhost address. Malicious hackers battling for control over an infected system have also removed competing malware by killing processes, removing registry keys, or setting up mutexes that fool the other malware into thinking it is already running and then exiting at start. But, as Stewart discovered during his analysis, SpamThru takes the game to a new level, actually using an anti-virus engine against potential rivals. At start-up, the Trojan requests and loads a DLL from the author's command-and-control server. This then downloads a pirated copy of Kaspersky AntiVirus for WinGate into a concealed directory on the infected system. It patches the license signature check in-memory in the Kaspersky DLL to avoid having Kaspersky refuse to run due to an invalid or expired license, Stewart said. Ten minutes after the download of the DLL, it begins to scan the system for malware, skipping files which it detects are part of its own installation. "Any other malware found on the system is then set up to be deleted by Windows at the next reboot," he added.

I don't know whether to laugh or cry.

The Healthcare IT Guy gives us a heads-up on a new standard for securing Web Services

Shahid Shah's Health Care IT Guy blog is a reliable source of news about application architectures and their implications for healthcare application domains.  He just posted important news for anyone who is responsible for securing transmissions of HIPAA Protected Health Information (PHI) and wants to use - or is already using - a Service-Oriented Architecture approach.

Xerox reveals transient documents

I just have a minute, but I have to pass this on. Check out PC Pro: News: Xerox reveals transient documents. A taste:

Mario Jarmasz ... demoed the very intriguing 'transient documents'. This offers the prospect of reusable paper in the sense that the content is automatically erased after a period of time, ready for fresh printing. Inspired by the fact that many print outs have a life-span of a few hours (think of the emails you may print out just to read, or the ADVERTISEMENT content you proof read on the train journey back home), the specially prepared paper will preserve its content for up to 16 hours.

This is a definite change of direction from Xerox PARC's Gyricon Project, which was along the lines of the already-commercialized E-Ink electronic paper displays. Here's a cheaper technology that does less: a true disruptive innovation. I see a couple of upsides, one personal and one healthcare business-related.

Looking around at the paper piles on my desk, I think it would be a great idea to have most of the content disappear in 18 hours or less. Most of it had relevance for a few minutes at most, if it had any relevance at all, but I don't have time to decide what goes and what doesn't, until the piles get out of control.  The savings and environmental benefits of reusable paper would be an added bonus.

This could have major benefits in the healthcare industry, where paper documents containing HIPAA PHI are routinely filled out on paper and then scanned into the computer system. Disposing of that original is a major headache, expense, and risk.

Upgrade Your Baby

I'm swamped at work, so I only have a few minutes while I drink my midmorning coffee, but this was too good to pass up. eWeek's daily healthcare newsletter yesterday included a link to an article on VeriChip's Baby Protection System, from which I drew the following teaser text:

VeriChip's infant protection system is really two separate above-the-skin solutions, one a band similar to a standard hospital bracelet that has an embedded RFID chip. The second option, called the Halo skin-sensing system, is similar to an electronic key fob for a car that can be attached to an infant's ankle or a patient's wrist. Another key fob-type device can be worn around the neck of staff members to use as a personal panic button.

Now you can deterministically identify your toddlers among all those others in the daycare center that look just like him or her. One more problem solved for the busy moms and dads out there.

Agent Architectures - the next paradigm for software engineering?

Just about the time I got back from my vacation, HISTalk posted a very interesting interview with Novo Innovations CEO Robert Connely. In it, they discuss in some depth the way Novo's EMR synchronization solutions work. They have had what appear to be some remarkable successes integrating hospitals and labs with community clinics, not just one-offs but across what sound like some mid-sized health systems (check out the Company News items on the right side of their Website) and a one-pager about their implementation at Atlanta's Northside Hospital [pdf], a 455-bed community hospital with 1450+ physicians on staff.

What caught my eye is that they are using an agent-oriented distributed architecture. This is one of the architectures that I believe will dominate the future of healthcare informatics, as I predicted in my 2001 scenario planning paper on application architectures. But - such architectures present challenges in terms of performance and security, and can be awfully hard to debug when things go bad.  Still, Novo's example is worth studying if you are responsible for designing large-scale systems, particularly in the healthcare arena.

You may not be paranoid, but they're still out to get you

I just had a really disquieting conversation with one of the security experts at a high-quality regional consulting firm with whom we have done recent business. We started down the road of speculating about the security exploits of the near to mid-term future, and how we cannot yet even imagine how we are going to be able to handle the threats we know are coming, much less the ones that may be on the way.

Some examples of the exploits on the near horizon:

More on the Linux Wearable Computer

(Click to enlarge)

Yesterday I put up a quickie about a post in The Positive Technology Journal regarding a wearable Linux computer targeted at the healthcare market. I took a look last night at the Web page describing this new toy, the Zypad WL 1000 from Parvus Corporation. I have mixed feelings about it - I love new gadgets as much as anyone, am enjoying learning to hack Linux, but feel like this may be a bit ahead of its time, at least in the healthcare market.

Core Values, Innovation and Outsourcing

Recent entries in two blogs I follow regularly addressed the effects of IT outsourcing, coming at it from different angles. Shahid Shah, the Heathcare IT Guy, speculated on the future effects of offshore outsourcing on the US jobmarket, based on insights his recent trip to India. His warnings apply to IT professionals in all fields, not just his (and my) field of health IT. The EDS Fellows' blog post reviewed some insights from Geoffrey Moore's latest book, bringing into focus some of the reason why outsourcing sometimes fails, onshore or off. These are must-reads for IT professionals: for managers, for whom outsourcing either already is or will soon be a fact of life; and for us worker bees, who wonder what we can do to make sure we still have jobs five or ten years from now.

THIS JUST IN: Health IT Bill stalls because the volume & quality of healthcare may improve

In a riotously but bleakly funny turn of events, the House of Representatives has put off consideration of the health IT bill now on the floor, HR 4157, because the Congressional Budget Office has reported that passing it may cause the government to pay for more and better healthcare. The reason: the CBO expects that behavior explicitly forbidden by the bill will nonetheless take place.

The Clinical Trials Management System Marketplace

I recently re-visited a report issued by IDC a year and a half ago, which you can still find on Oracle's Website (http://www.oracle.com/industries/life_sciences/IDC_CTMS.pdf).  In retrospect, given what I know now about the future direction of clinical research, what's most interesting is not what's there, but what's missing.