Mild science, tech news, stories, reviews, opinion, maps and humor

27 October 2013

Paleo specie

This is BB Billosaur, a ceramic piggy bank for paper currency. He is made by Le Mouton Noir & Co. Le Mouton Noir is located in New York City. I am not surprised (I miss it there).

The store owners describe their motivation:
For many years we have followed the heard like a flock of sheep. Working hard, learning and growing, we have never let go of our dream. The black sheep finally wakes up and steps forward to have some fun.

Meet bb billosaur a ceramic piggy bank
Billo-saurus!

BB Billo seems difficult to resist: A paper currency-only porcelain piggy with holes down his back emulating a Stegosaurus-like Mohawk, made by black sheep!

25 October 2013

Account hijackers

If a message originates from a familiar name or email address, its likelihood of making it through spam filters is greater.

Google described their efforts to minimize harm to users due to email account hijacking:
"Our security team...saw a trend of spammers hijacking legitimate accounts to send their messages. [We developed] a system that uses 120+ signals to...detect whether a log-in is legitimate, beyond just a password."
Less than 1% of spam emails make it into a Gmail inbox.

chart Google Gmail accounts compromised since 2010 decreased to nearly zero
Legitimate Gmail accounts blocked for sending spam versus time

The number of compromised accounts decreased by 99.7% since 2011. That's impressive, for a sustained reduction! How does Google avoid false positives? I am so curious about the specific details of their filtering rules!

The blog post was written in March 2013. It is remarkable that the same methods continue to be effective, as Gmail spam-attackers would perceive this as a new challenge to be overcome.

120 Signals


I suspect that Google's methods are analogous to those used by the U.S. Department of Health & Human Services' Centers for Medicare & Medicaid Services (CMS) in detecting medically unlikely edits (MUEs). MUEs can be accidental, due to claim coding or data entry errors. MUEs can also be deliberate, when there is fraudulent intent, e.g. by filing for more services, or for more expensive services. Regardless of intent, MUE identification reduces paid claims error rates.

How will the Affordable Care Act impact existing processes for detecting MUEs, and for setting benchmarks? CMS does not disclose its MUE criteria for the same reasons that Google will not reveal details about their 120 signals.

Continuous improvement is a part of life, for email-spam account hijackers, Google and the fraud detection team at the Centers for Medicare and Medicaid Services.

I wrote a post about health care, with a much more Ellie-centric theme, a few years ago. That was when I worked as statistician for ACCCHS, Arizona's state-administered Medicaid/Medicare program, monitoring program performance and quality of care.