from Hacker News

They Told Their Therapists Everything. Hackers Leaked It All (2021)

by ollifi on 8/9/22, 6:47 PM with 15 comments

  • by james-redwood on 8/9/22, 7:02 PM

    > Sure, some questioned the purity of Tapio’s motives; Kristian Wahlbeck, director of development at Finland’s oldest mental health nonprofit, says he was “a bit frowned-upon” and “perceived as too business-minded.” And yes, there were occasional stories about Vastaamo doing shady-seeming things, such as using Google ads to try to poach prospective patients from a university clinic, as the newspaper Iltalehti reported. But people kept signing up.

    > But the slick exterior concealed deep vulnerabilities. Mikael Koivukangas, head of R&D at a Finnish medtech firm called Onesys Medical, points out that Vastaamo’s system violated one of the “first principles of cybersecurity”: It didn’t anonymize the records. It didn’t even encrypt them. The only thing protecting patients’ confessions and confidences were a couple of firewalls and a server login screen. Anyone with experience in the field, Koivukangas says, could’ve helped Vastaamo design a safer system.

    Disappointing, but I'm not surprised.

  • by thomassmith65 on 8/10/22, 1:05 AM

    Every year the number of massive data breaches grows. Every day now there's a story about a different leak (today: https://news.ycombinator.com/item?id=32399949)

    Meanwhile, we're less than a decade away from AR glasses being commonplace (https://news.ycombinator.com/item?id=32405565)

    Storage continues to get cheaper, devices smaller and faster - more capable of facial recognition.

    Already, if a person has the motivation and tech aptitude, they can torrent or buy TBs of private records, and cobble together a script to identify passers-by and display a report of their leaked, private details.

    We are speeding toward a gargantuan privacy train-wreck.

  • by westcort on 8/9/22, 7:50 PM

    By design, this free chat bot is probably about as good as Eliza (maybe a little better), can help an individual think through issues, and you can talk to it on an offline PC. Nothing is stored, so there is nothing to hack: https://locserendipity.com/Therapy.html

    Rogerian version: https://locserendipity.com/Rogerian.html

  • by contingencies on 8/9/22, 7:16 PM

  • by Ken_At_EM on 8/10/22, 2:52 AM

    Maybe when nearly everyone's dirt is leaked and public then no one will actually be dirty.