Today I continue our conversation about API -centric trends with some exploration of these ideas in the context of the FHIR interoperability standard in healthcare, elaboration on my simplified 80/20-rule definition of an API with a very familiar example courtesy of Google, and how these trends and patterns are related to common practices in WebDevelopment. In all our trends, getting developers on board is really the business goal underneath.

I've become a grumpy old man complaining about the FederalReserve... Take ~7 minutes for my basic introduction to how the Fed's policy tools really, what memes about Jerome Powell's "money printer" really refer to, the history of quantative easing (QE) and the taper tantrum as opposed the Fed's more well-traveled manipulation of short-term interest rates, and why inflation concerns leave policy makers caught in between these two tools in a way they don't have a lot of clear historical prototypes for handling.

ALERT: THURSDAY MINI-SERIES EVENT! On Thursdays for the next 3 weeks I will be posting a series of videos discussing a number of API (application programmer interface) - centric trends, specifically open banking, the FHIR standard in healthcare, and the NEF (network exposure function) idea attached to the move to 5g in telecom. In addition to discussing the details for each I will talk about how the business backdrop is about access to developers and the tension between established companies and younger, app-driven would-be-disruptors in verticals that happen to also share name suffices like fintech and insurtech.

I will also talk about how you can use private computation, like Capnion's Ghost PII API, to provide a much higher level of data privacy in these settings especially in cases where you want to consume data from multiple sources.

Privacy is emerging as an important product differentiator that can provide you a nice story to tell consumers about why they want to throw in with you and not somebody else. Spend ~5 minutes to learn about how Litecoin is set to adopt the private computation protocol Mimblewimble, how you might say this is a sort of cryptocurrency world version of a legacy product adopting privacy as a means of staying fresh in the marketplace, and finally enjoy my understated sarcastic jokes about the role played by meme images of dogs.

I have a positive story for you about a hospital responding well to a ransomware attack. Specifically, they made a gutsy, quick decision to shut down their IT systems to prevent spread and fell back onto an all-paper contingency to continue operations while the issues were sorted out.

You should definitely take ~5 minutes to learn about personal cybersecurity best-practices involving use of a password manager and two-factor authentication, why the credential stuffing type of cyberattack makes these best-practices such, and learn about some interesting current events involving Lastpass and the New York attorney general that exemplify this how and why.

Cybersecurity executives are seeing more and more civil and criminal legal liability from breaches that occur on their watch (if not handled correctly). I discuss this trend in the context of Uber's 2016 breach, the recent accelerating criminal proceedings against Uber's then CSO (often a similar role is styled CISO), talk some very basic best practices around what is supposed to happen, and discuss how this trend has chilled enthusiasm for ransomware payments and bug bounty programs.

In 8 minutes I cover some basics of web3, it's relationship with technologies like blockchain and cryptocurrency, and recent complaints from famous tech personalities like Elon Musk that it is a "marketing buzzword" or from Jack Dorsey that it is too beholden to venture capital to deliver the decentralization it claims to promise.

You should take 6 minutes to learn about the recently announced Apache Log4j 2 vulnerability (especially if these things are unfamiliar to you) including immediate action items like checking in on your public cloud assets, the role of the MITRE corporation in maintaining the official list of CVEs, the very prosaic urgency of patching for announced vulnerabilities, and the 2017 Equifax data breach as an example of why this patching can be imminently important. Correction: I snuck an extra "s" onto the end of Log4j erroneously on a couple occasions in the video.

I have a great spy v. spy insider threat -type story for you today. Take 7 minutes to learn about the long-unfolding drama at Ubiquiti including their January data breach, demands for a huge ransom of Bitcoin, the now discredited whistleblower revelations in March that fooled cyber security influencer Brian Krebs, and finally the just-unsealed FBI indictment stating the attacker and whistleblower are one and the same. The data privacy conscious will be interested to learn the tiny flaw in this alleged criminal's use of a VPN that led to the unraveling of their plot.

Check out this update on what went wrong enabling the data breach at Robinhood, including details on the social engineering attack targeting their customer support, the background role played by rapid growth mindsets, and how you might say the attack was only barely detected.

Let me convince you that market power (or not) in the social media world is one of the most interesting and intersectional topics out there. I discuss SingYourDialect as harbinger of Twitter crushing Clubhouse, Facebook under siege for its young and old users by Snapchat and Nextdoor respectively, Trump's struggles to get his megaphone back embodied in conservative networks like Parler, GETTR, and TruthSocial, and while the quiet tidal wave of Pikachu pornography makes this business harder to enter than you might think.

In this ~7 minute video, I take last nights steep drop in the price of cryptocurrency, like Bitcoin and Ethereum, as a view to arguing that the journey to mainstream acceptance plays a key role in price movements both up and down. I specifically discuss the role of the new tax laws in the infrastructure bill, what the new provisions are, and why people are a little irked by them.

You should find ~4 minutes to learn about the notable data breach at Robinhood, the company previously famous for its role in the retail trader meme stock dynamics around companies like AMC and GameStop. I cover the role of social engineering, why this breach signals imminent further danger for similar companies and Robinhood users, and highlight a few odd pieces of incomplete information in Robinhood's disclosures.

Check out this brief primer on some social and ethical challenges around facial recognition technology including the problematic frequency of web scraping as a source training data, the role of law enforcement as a major customer, and particular vivid concerns about algorithmic bias in this area of artificial intelligence. I discuss these threads and more in the context of Clearview AI and the recent decision in Australia to demand that company delete the data of Australian citizens it might hold... if they labeled it well and can find it now...

Check out a whirlwind tour of how Ghost PII can help with data loss prevention including access control dashboards, Jupyter notebooks that can do useful work but not decrypt raw data, and how easy it all is to standup in Google's cloud platform.

Take ~4 minutes to learn about Kenya's Huduma Namba biometric and national ID card program, the data privacy concerns that have led the high court to declare it illegal (for the moment), the need for data privacy impact assessments past and future, as well as what you might call a diversity, equity, and inclusion narrative around opposition to the program.

Take a moment to absorb some notable details around the Twitch data breach including the perennial importance of infrastructure configuration, validation of data protection practices like encryption of passwords, unusual political intersectionality a.k.a. why Twitter was mad at random people for being rich this past week, market in e-sports. Also, turn on your two-factor authentication where you can.

I cover some important context on recent crypto currency regulation in China and argue that the news can both be true and also less important than it appears. I touch on topics like the ICO bans of a few years ago, China's current electricity crisis, perennial Chinese anxiety about capital flight, and where crypto mining is heading when it leaves China.

Some notable details around the 225 million GDPR fine levied on WhatsApp including the role played by the Data Protection Commission in Ireland in particular vs. that of other national regulators, the significance of the privacy policy, the nature of own volition investigations, and why this might be the beginning and not the end of heavy-duty data privacy enforcement.