What do you mean by SSL spoofing? Someone getting a public CA validated cert for a domain they do not own? I'd consider that a game over level threat myself, I can't imagine much of anything protecting against that completely. Certificate pinning can help mitigate the threat though.
I work in this space. Its probably not a matter of kill people, doctors in ER's don't really need a EHR to function and sometimes do without due to technical issues. The issue is that the hospital won't be able to bill without documentation.
>If it's phishing, typical staff clicking every suspicious email uncarefully opening URLs and attachments, there isn't a lot the hospital can do.
Not give typical staff the user permissions required to encrypt all the databases and delete the backups? Too bad info sec is so full of snake oil salesmen, obvious practical solutions exist for these type of problems they just generally don't involve spending six figures on a product so nobody is interested in them.
Seems like repealing section 203 in connection to paid advertisement would be sufficient, if Facebook publishes a advertisement that defrauds users and profits from it they can also share a portion of the blame.
Never used it in production but used it in personal projects quite a bit. With WAL[0] enabled I would expect it to preform as well as anything else for most workloads. It would seem reasonable to encapsulate your repositories nicely and to change if you hit the scale the requires something more robust at that point you are probably making enough money that it won't be a big deal.
That makes sense but I don't think any third party would pay to be included in a iframe and fed such a limited amount of data, and if you aren't paid for it why bother making all of your users mad in order to do it?
What about the failure rate of all the DNS servers? It's not like someone set up a Windows Server box and we all share it. Google's DNS server at 8.8.8.8 for example uses some sort of complex multihoming/multicast setup and is globally distributed. I trust DNS to work more than any other service on the internet. It's a triumph of software engineering. The Roman aqueduct of the internet.