There was another good post by Schneier today about how even the most secure web services are more vulnerable than many people think. He links a paper that finds (what most hackers already know) that just because a communication is encrypted, that it does not leak information about the data being transferred. I strongly recommend you at least read the abstract.
One of the more telling examples is being able to determine someone’s AGI(Adjusted Gross Income) by listening in on the volume and frequency of traffic on a popular web tax-preparation site:
The researchers studied a major online tax preparation site (which they don’t name) and found that it leaks a fairly accurate estimate of your Adjusted Gross Income (AGI). This happens because the exact set of questions you have to answer, and the exact data tables used in tax preparation, will vary based on your AGI.
To give one example, there is a particular interaction relating to a possible student loan interest calculation, that only happens if your AGI is between $115,000 and $145,000 — so that the presence or absence of the distinctively-sized message exchange relating to that calculation tells an eavesdropper whether your AGI is between $115,000 and $145,000. By assembling a set of clues like this, an eavesdropper can get a good fix on your AGI, plus information about your family status, and so on.
If this can be done with tax preparation sites, it can also be done with EMR portals.Also quoted in the paper:
Research shows that surprisingly detailed sensitive user data can be reliably inferred from the web traffic of a number of high-profile, top-of-the-line web applications
Here’s looking at you, online EMRs. A mutual friend and advisor for me and my client has been in the EMR business for 20 years and he is crazy over security. He strongly opposed any attempt to host Ankhos on the public Internet (which was part of our original plan). The bottom line is that encryption does not equal security. Security and data privacy are much harder to achieve than wrapping your traffic in encryption and putting ‘secure’ on your sales presentation.