Technically

Correct
Home Computer History Computer Basics Networking Basics Security Basics Glossary The Bit Bucket Links About Us

 

 

The Bit Bucket:  News and Commentary

 

 

26 October 2006

The Department of Homeland Security Data Privacy and Integrity Advisory Committee recently released a draft report on the uses of radio frequency identification (RFID) chips in government issued identification documents.  The move towards using RFID technology for identification has been a major priority for the government over the last couple of years, culminating in the proposed used of RFID chips in passports (currently rolling out at the end of this year) and driver's licenses.

As it turns out, the Advisory Committee recommends not using RFID chips as a method of tracking and identifying humans, pointing out that the advantages are not worth the risk involved.  One reason that has been touted as an advantage of these chips is the increase in speed in processing documents in identifying people.  However, as the report points out, using it as identification is of little value if it is not also tied biometrically to the person carrying it (proving that the person holding the identification actually is the person in the identification).  Providing such biometric verification vacates any gain in processing speed which might have been gained.  So, as the report basically concludes, What's the point?

Not surprisingly, government entities that have staked their reputations on promoting these technologies, and the companies hoping for lucrative contracts in providing these chips to the government, are not happy with the report, and are encouraging  the Committee to provide "a deeper factual inquiry and analysis," according to the Cato Institute.

Apparently a deeper factual inquiry and analysis equals recommending the technology, in the minds of these interested parties.

- TechDock

 

11 September 2006

Today marks five years since the calamity of 9/11.  We will not forget.

Wired reports about a guy who put a fake sex ad up on Craigslist, posing as a submissive woman interested in finding a dominant man.  Needless to say, several people responded to the ad.  Not too surprising, as far as that goes.  But then this guy went ahead and took that information and put it, unedited, out on the web.  This information contained many of the respondent's names, addresses, and email addresses, some personal, some business.  Why did the guy do this, you might ask?  Basically, because he could.  It has led to an interesting debate as to whether these respondents had any expectations of privacy, as opposed to if they deserve what they get for responding with utter lack of discretion.

Regardless as to where you fall in the debate, one lesson rings loud and clear:  any information you give anyone on the Internet is now public information, whether you want it to be or not.

- TechDock

 

10 September 2006

The Day reports on the increased use of companies of credit checks on potential employees.  The rationale of these companies is that a bad credit record indicates someone who is unorganized and irresponsible in their personal lives, and therefore they are likely to carry these same characteristics into the workplace.

Unfortunately, the downside of this is that credit reports do not take into account why a person's credit rating may not be sterling.  Many people whose credit ratings suffer have endured layoffs and protracted unemployment, medical emergencies, or other personal emergencies that required them to temporarily overextend themselves.  These by themselves are no indicator of a work ethic.  Also, one of the applicants quoted in the story was turned down, not necessarily because of a bad credit history, but because of the amount of student loans she carried.  If carrying debt becomes a determinant of employability, a whole lot of people are going to be in trouble.

- TechDock

 

31 August 2006

The Wall Street Journal has a report that questions the effectiveness of issuing every child a computer.  Some school districts across the country have done this, with mixed results.  On the up side, some parents say kids are learning valuable business skills, like how to create PowerPoint presentations.  On the other hand, some say the only thing kids are learning is how to waste time during class with games, IM, and MySpace.  Additionally, some say that kids seem to be learning that the only research you need to do on a project is to google the topic.  Beyond educational issues, many districts are finding the hidden costs of infrastructure, such as maintaining and securing a wireless network, are far beyond what was expected.

I volunteer with a high school computer lab, and can vouch for some of the problems encountered.  By and large the biggest problem is students going to inappropriate sites, resulting in a constant battle to refine the content filters.  There are also the same problems with game playing and listening to music inappropriately.  As much of a technology backer as I am, even I have to wonder sometimes if it's worth it.

- TechDock

 

26 March 2006

-- Well, I unfortunately had to take a step today and eliminate a feature I had offered here at TechCorrect.  I had  installed a guestbook for visitors to sign, which wound up with unanticipated attentions.  Last week someone signed it with URLs linking to a site hawking an infamous medicinal, apparently in an effort to to drive up that site's Google ranking.  This week someone else filled it with poorly formatted HTML gibberish, and also placed bogus email addresses purporting to be from this domain all over it.  I'm not sure what their game was, but I decided it was time to terminate the guestbook.

What a shame.  I've been active on the Internet since about 1994, not long after the Mosaic browser debuted.  Before that, I had a CompuServe account dating from 1986.  The online communities have always had a lot to offer, but the unfortunate actions of a few always attempt to spoil it for others.  And of course, there are no easy answers.  The open nature of the Internet, which is it's strength, also leave it ripe for abuse by the few spoilers.

What a waste.

- TechDock

 

22 March 2006

-- USA Today reports that a law professor at the University of Memphis has outraged students by banning the use of laptop computers for taking notes in her first year classes.  The professor justifies her position by saying that students are so involved in typing down everything she says word for word, they  miss the essence of what she is actually saying.  Students have started a petition protesting the ban, saying they are afraid that if they don't fight this now, other instructors will soon follow suit.

I've got to back the professor up on this one.  It's hard enough standing in front of a group of people teaching them information when you have their attention, much less than when they're all staring down at the screen in front of them.  Coincidentally, I just read another article elsewhere today that comments on this phenomena, which the author called Constant Partial Attention, in which we all have become accustomed to paying attention to several things at once.  But I can certainly see the problem in a situation where the students are more concerned with completeness of their notes instead of their meaning.  And, of course, this doesn't even address the problem of web browsing, instant messaging, emailing, game playing, and so on as a distraction during class.

I also saw a good point about this brought up on Slashdot concerning this article, in which old fashioned note taking, meaning with pen and paper, has another valuable point.  That poster pointed out that since it's impossible to keep up with the lecturer when writing longhand, this enforces discrimination skills with the students, forcing them to decide quickly and constantly what the important points of the lecture are and that should be written down, and which ones can be ignored.  I suspect there's probably a good bit of truth to that observation.

- TechDock

 

13 March 2006

-- ZDNews reports that the courts have ruled in a case involving criminal file deletion.  Jacob Citrin was employed by International Airline Centers in a position that involved identifying potential acquisition targets for the company's real estate division, and was given a company laptop for use in that capacity.  At some point he decided to go into business himself doing the same thing, quit, and returned the laptop to the company.  IAC suspected that he went into business for himself using information that he had collected while working for the company, and examined his laptop for possible evidence to support a lawsuit.  They discovered that Citrin had not only deleted his work related files from the laptop, he used a security program to overwrite the data so that it was unrecoverable.  This is where it gets interesting.  At that point IAC lodged a criminal complaint against Citrin, accusing him of violating the Computer Fraud and Abuse Act by damaging the laptop.  The alleged damage is file deletion.

This is a disturbing case, as creating and deleting files is an everyday routine for anyone who uses a computer for anything.  It also raises the question as to whether users are legally liable for the creation and deletion of the temporary files computers use without any knowledge of the user.  But what is truly disturbing is the ruling of the appeals court.  They found in favor of IAC.  First, they ruled that deleting files from a computer constitutes "damage."  Second, they ruled that whenever Citrin made the decision to go into business for himself, his authorization to access the computer on behalf of IAC evaporated, even though he had not yet given notice.

The final aspect of this situation that I really have a problem with is that IAC went looking for files to prove that their employee committed a wrongful act.  Unable to find any such evidence, they prosecuted this former employee, who was now a competitor,  under a computer abuse law.  This ruling actually places any employees that use computers on behalf of another organization in the position of proving their innocence, rather than relying on the ancient tradition of presuming innocence and proving guilt.  Employees will now find themselves in the position of having to leave all files on their system in order to prove they have done nothing wrong.  It that doesn't define "slippery slope," I don't know what does.

- TechDock

 

 

6 March 2006

-- The NY Times reports (registration required) on the prevalence of open wireless connections available today.  The majority of connections are not configured for security, simply because router manufacturers want customers to be able to turn the things on and be able to connect, and most users either don't know or don't care about enabling security on their systems.  However, the most disturbing thing in the article seems to be the attitude most users have over illicit connection sharing.  The prevailing attitude seems to be that there is nothing wrong with piggybacking onto someone else's connection because it's not really hurting anyone or taking anything of value away from anyone.

I'm sure we've all piggybacked onto someone else's wireless connection at some time or another, intentionally or not.  I can easily find two or three unsecured connection from my house, and I live in a fairly wide spaced residential neighborhood that I'm sure will never be mistaken for Tech Central.  As a matter of fact, I first became aware of some of these networks when I installed wireless on my DSL connection and suddenly realized I was able to download from the Internet much faster than I should have been able to.  My laptop insisted on grabbing someone else's cable modem connection rather than my own, and it took a bit to figure out how to change the settings to prevent that to happening.

What is my main concern?  Security.  If someone else can get on your network, they can use it not for innocuous activity like browsing the news, but file piracy, ID theft, and other illegal or immoral activities.  Also, if your network isn't well nailed down (and it probably isn't, since your router would probably be secured as well), it doesn't take much for them to break into your system and have their way with it.  There are just too many opportunists out there to gamble on everyone being nice enough to not mess with your system.

The other problem is the main premise of those who see nothing wrong with piggybacking:  it doesn't hurt anyone.  Actually, the article mentions a few people who had open connections, and it was fine at first.  But then as more and more people started jumping on, they found their throughput dropping until their connections - for which they were paying good money - were useless until they secured them again.  And then, of course, the neighbors were upset that they pulled away their free, high speed Internet!  No, when you're piggybacking, you are taking bandwidth, which has value.  There is also the issue of whether or not the actual Internet Service Provider allows connection sharing, which is another problem.

Basically, if you have a wireless connection, it should be secured to protect you from some of the unsavory types.  If you really need to find a wireless connection, it shouldn't be too hard to run down a Starbucks that has one.  They're on mostly every other corner, anyway.

- TechDock

 

 

27 February 2006

-- The LA Times reports that a whistleblower who released damaging documents involving whether or not Diebold fielded uncertified voting systems in violation of law has been charged with felony access to computer data, commercial burglary, and receiving stolen property.  Interested parties are shaping this up into a whistleblower being persecuted by a vengeful company type of thing.

At first glance this does seem to be a case of whistleblower persecution, but after reading the details I'm not so sure.  The whistleblower was not employed by Diebold, as I first assumed, but was a contractor doing word processing for a law firm retained by Diebold.  It seems the documents he came across were between two lawyers at the firm discussing allegations from voting activists as to whether or not Diebold had fielded uncertified voting systems, and discussing potential liability if they had done so.  First, it seems the documents did not say Diebold had done wrong; it explored the possibilities if it turned out they had.  Second, I have to think that this sort of information is covered by lawyer-client confidentiality.  Finally, while I'm normally all in favor of whistleblowers, I hate to think of the consequences if every person doing word processing makes public every document they see that they believe does someone wrong.  I also assume that in order to do word processing for the law firm, the whistleblower must have signed, and therefore violated, a nondisclosure agreement.  I'm no fan of Diebold, but I don't believe this person was in the right for releasing documents that discussed the possibility of the company having done wrong, but was not definitive proof that wrong had been done.

- TechDock

 

 

22 February 2006

-- GameDaily reports that EA is lowering the price on some of their newest game software 20% - from a normal retail price of $50 to $40.  This is being hailed as a bold and innovative move designed to enhance lagging sales.

Come on, guys.  This is nothing more than an admission of a grossly overpriced product in the first place.  It is appalling that game companies charge $50 for a new game with a shelf life of about a month, especially when compared with other entertainment media.  Most DVDs can be purchased new for less than $20, and enjoy a replay value much greater than that of most games.  I know the argument is made that you get more entertainment from the games, as they take longer to complete, but I understand most games now can be completed in around ten hours, and that's assuming it engages the player long enough for them to actually finish it.  If EA and others really want to enhance game sales, price cuts are a good start, but they should be the norm, not the exception.

- TechDock

 

 

21 February 2006

-- The New York Times (registration required) has an article about the security risks engendered by the proliferation of small, handheld devices in the corporate environment.  This was not the usual article about how easy it is for someone to steal trade secrets by copying files undetected onto a flash drive, however.  This one took a slightly different tack, and addressed the problem of people losing sensitive company data when they misplace cell phones, PDAs, or whatever that they use for work.

This is a real problem that is becoming more and more prevalent.  I recently saw another article where a person mentioned that one of his coworkers buy flash drives in bulk because he loses them on a regular basis.  Unfortunately, by the tone of the article, the only problem with this is the inconvenience engendered by losing the device.  We also see more and more news articles detailing how private details of thousands of people are compromised by loss or theft of laptops.  People need to realize that it is not the devices that are truly valuable, it is the data they contain.  The sooner everyone starts adopting the use of encryption as a routine matter of course, both by companies and by private individuals, the harder life will be for data thieves and better for the rest of us.

- TechDock

 

 

20 February 2006

-- The Register reports that Dell (the computer maker) is suing Paul Dell (a web designer) in France for running a website using Dell's name, dellwebsites.com.  Dell is claiming parasitism and unfair competition, and is demanding compensation of 150,000 euros, plus an additional 500 euros for every time Dell is mentioned on the website.

When corporations started going after cybersquatters a few years ago, they often had good reason.  These were individuals who would register variations on well known trademark names and then attempt to sell those domains to the owners for anything from a few hundred to a few million dollars.  Eventually corporations started suing people who attempted to make a quick buck through this kind of domain speculation, and the courts sided with the corporations.

Unfortunately, the pendulum quickly swung the other way, and now we all too frequently see corporations with way too much money and way too many lawyers attempting to bully people who have legitimate claims to domain names the corporations want to acquire.  The first widely publicized case of this happening several years ago was when a gentleman registered the domain pokey.org for his son as a birthday present.  The son's nickname since early childhood had been Pokey.  Unfortunately, they later found themselves at odds with the corporation that owned the trademarks for the animated characters Gumby and Pokey, who demanded the boy surrender ownership of the domain to themselves.  The corporation quickly withdrew their lawsuit after the case was publicized and they found themselves the target of several unflattering news articles and opinion pieces.

Similarly, Mr. Dell's situation is clearly not a case of cybersquatting.  Paul Dell registered this domain name in 2001, and has used it to promote his own business.  There is no evidence that he ever approached Dell Computers with an offer to sell the domain to them, a move which could have been interpreted as domain speculation.  Hopefully Mr. Dell will be able to withstand this unfair pressure from Dell Computers and prevail against them in court.

- TechDock

 

 

18 February 2006

-- The Washington Post reports that two uniformed men who identified themselves as being with the Department of Homeland Security entered a library in Bethesda, Maryland earlier this month, surveyed the library patrons using the computers, and then announced that the viewing of Internet pornography was forbidden.  One of the men then challenged what one of the library patrons was viewing and asked him to step outside.  A librarian intervened, police were called, and eventually the DHS representatives left the building, leaving library patrons and local residents confused over how a county department whose duties include the safety of physical building had crept up to include a prurient condemnation of Internet usage.  The county later released a statement calling the incident "unfortunate" and "regrettable," saying the two employees thought they were enforcing the county's sexual harassment laws, and had been reassigned to other duties.

This is exactly the kind of mission creep that you can expect when small people are empowered with open ended authority.  It is a small leap from viewing "inappropriate" images on a computer to "inappropriate" speech or political commentary.  The fact that this incident happened at all, that persons representing the Department of Homeland Security, saw fit to attempt to impose their viewpoint on private citizens minding their own business, is extremely disturbing.  On the other hand, kudos to the county government for realizing that these actions by their officers were inappropriate, and for taking steps to keep it from happening again.

 

-- The Seattle Pi reports the the Police Chief of Houston proposed this week that cameras should be installed in apartment buildings, shopping malls, and all manner of public places as a solution to a police shortage.  He also proposed that cameras be installed around private residences where the residents have a habit of calling police.

It is disturbing that the Chief of Police seems to believe the best solution to his manpower shortage is to provide continual surveillance of private citizens, presumably based on the belief that all people are simply criminals waiting for an opportunity, anyway.  But the truly dismaying part of the story is the Chief's justification for such a program:  "I know a lot of people are concerned about Big Brother, but my response to that is, if you are not doing anything wrong, why should you worry about it?"  (Houston Police Chief Harold Hurtt, 15 February 2006, at a regularly scheduled press conference).   How ironic the Chief doesn't seem to realize that every totalitarian society in history has said something similar at their establishment to justify their treatment of the populace.  Unfortunately, this attitude seems commonplace in government today, as it has been used at several levels of government to justify illegal activities, all in the name of fighting terrorism.  Yes, we must fight terrorism, but we must do it without destroying ourselves as a people who pride ourselves on tolerance and self-determination.

- TechDock

 

 

16 February 2006

-- The Electronic Frontier Foundation reports that the Recording Industry Association of America is now arguing in court briefs that ripping music from a CD and placing it on a computer or personal listening device (such as an iPod) for personal use should not be covered under the Fair Use laws.  It's kind of hard to make it through the legalese, but they are apparently arguing that since people can purchase digital music that is protected by Digital Rights Management so that each download can only be reproduced a limited number of times, that is the only kind of reproduction that should be regarded as Fair Use.  Since anyone can copy an unprotected CD an unlimited number of times, even one reproduction, even if it is for personal use, time shifting, or backup purposes, should be considered an infringement of copyright.

This is yet again another example of the RIAA's determination to completely obliterate the legal concept of Fair Use.  The courts have ruled repeatedly over the years  that customers who have purchased a video or music recording have a legal right to make a copy of that recording for purposes of backup, time shifting, or use on another device, as long as it is strictly for a personal use.  Fair Use already took a big hit under the combination of encrypted recordings and the passage of the Digital Millennium Copyright Act, which makes even an attempt to break copyright encryption illegal, thus destroying the Fair Use concept of legally making a backup recording or time or device shifting for personal use.

The most telling part of the tale is when the RIAA addresses the right of the consumer to backup a CD against the possibility of damage to the CD.  Their response to that is that if a consumer damages a CD, the consumer can just purchase another one since they really aren't that expensive.  Apparently, the true goal of the RIAA is to get consumers to pay for their music multiple times.  That solves that pesky problem of producing a constant revenue stream without actually having to produce new content.  It certainly seems likely that any industry that treats their customers with such disregard will eventually find themselves with no customers at all.

- TechDock

 

 

15 February 2006

-- The Associated Press mentions a survey that reports what to me is a blinding flash of the obvious:  30% of US Internet users go online strictly for the fun of it each day.  Well, duh.  The report indicates that recreational surfing is the third most popular reason given in the survey, behind email and Internet search, and just about ties for reading online news.

I guess this took me a bit off guard because it never occurred to me that people wouldn't go on the Internet just for fun.  I remember very well when the Internet first caught everyone's attention and took off, in late 1993 and early 1994 with the widespread adoption of Mosaic, the first web browser and predecessor to Netscape Navigator.  The Internet existed before the World Wide Web, sure, in the form of FTP sites, and somewhat esoteric browse and search programs like Gopher and Archie.  But Mosaic made it simple and intuitive to the masses, and in the mid-90s everyone was going on the Internet.  And it was almost all for fun.  There wasn't nearly as much useful content yet as there would be, and no one really had a feel for what this thing was we were all discovering, so surfing at random and following one link to another for hours was not surprising; in many ways it was expected.  These were the times when one of the first really useful search engines, Yahoo!, offered to send you to a random link, just for the heck of it.  Yahoo's random link search disappeared a few years ago, and I always assumed that was because of the odds it would send a user to an adult explicit site, instead of some schmuck's personal website showing off his kids and dog.  Even though the Internet is a lot more useful today, sometimes I miss the exploration of those early times.

- TechDock

 

 

14 February 2006

-- The New York Times reports that the government of Great Britain voted this week in favor of mandatory ID cards for its citizens.  These cards would contain biometric information, and would apparently be issued whenever people put in for other documents, such as passports.  The rationale for this is that use of these cards will help fight terrorism and identity theft.

There are a number of problems with this scenario.  First is the belief that this will be a tool against criminals and terrorists.  This might be true, if we had a foolproof system to ensure criminals had no way to game the system and get fake ID cards.  How many suspense movies depend on the villain's ability to obtain fake documentation?  Fiction aside, this does not seem to be that difficult.  In the United States, revelations that low-paid employees at the Department of Motor Vehicles issue fake driver licenses at $50 a shot are not uncommon.  It is just not believable to assume that the bad guys won't be able to get IDs.  Once they do, they will be able to move within the system with impunity, because, of course, everyone will KNOW it's impossible to get fake IDs.

Secondly, and ironically, mandated use of such a card can make life a living hell for identity theft victims.  The scenario seen in the movie "The Net," can actually come to pass, where a victim of identity theft can be placed in the untenable position of trying to prove who she really is.  Again, this will be because of the assumption that the system is fool-proof.  We already see something like this in the banking industry.  It has been reported on technical websites for some time now that there are ways to break into banking accounts through ATM access other than physical possession of a card and PIN.  The banks take the stand that the ATMs are fool-proof and cannot be gamed.  This leaves people who claim that their accounts have been raided by ATM access in the unenviable position of both losing their money, and then being accused by the banks of attempting to defraud them when they report the crime.  We may see such scenarios explode exponentially with the use of mandatory ID cards used to authenticate all transactions.

Finally, as so many others have noted, this is but another step on the road to creating Orwell's world of 1984.  We will eventually reach the point where ordinary citizens will be punished, not for having done something, but for failure to do something, such as obtain mandatory identification.  Do we want to reach the point where a citizen can be arrested for no other crime than existing?  More to the point, do we want a society where anyone can be stopped by authorities and a demand of "Your papers, citizen!"?

- TechDock

 

 

13 February 2006

-- AP is running a story that discusses the interesting and unintended side effects of personal web sites.  Primarily, they talk about what happens when people use web sites for personal diaries, and the media frenzy that sometimes occurs when these people are involved in something that makes national news, such as a murder.  They mention a recent case where a husband allegedly murdered his wife and baby, and it became headline news after the press found a web site where family pictures were posted, giving the tragedy a human face.

It seems odd to me that personal web sites have gone in this direction, becoming online diaries for so many people.  In an age of increasing identity theft, I would be very apprehensive about posting too much personal information.  Even the most innocuous details can become critical when put together with everything else about us out there.  But I shouldn't be too surprised.  Eight or ten years ago, having a personal web site became critical for those of us in the technology field.  This was brought home to me when I went to a job interview and was asked during the course of the interview for the URL for my web site.  That was when I realized that in those early days, a personal web site was required for a geek to have "street cred."  Actually, all it proved was at least a working knowledge of HTML, and of how the WWW works in general.

Nonetheless, it is true that the proliferation of personal web sites can lead to somewhat alarming side affects.  I was recently going through the bookmarks in my browser to see which ones still worked.  Many of these bookmarks go back many years, having been exported from one machine to another.  I wanted to check them personally, rather than use a link checker, because today so many web sites are still "live" in the sense that they go to a search engine or domain name advertisement if they have been abandoned.  I found a web site that I used to go to about five years ago involving an experiment in artificial intelligence advancement.  The web site was still there, but with a message that the experiment closed down last year, and with a link to the author's personal blog for more information.  Curious, I went to the blog to see how the experiment had fared.  I was shocked to find the final entry on the blog, dated only ten days before, was a suicide note.  A brief google of the news proved that the author had indeed killed himself just a few days before.  A disturbing end to the evening that I certainly did not expect.

- TechDock

 

 

12 February 2006

-- SecurityFocus reports that a surveillance company based in Cincinnati, CityWatcher.com, has started requiring employees that access the datacenter when surveillance video tapes are archived be injected with radio frequency identification (RFID) chips.  Access in the past has been controlled by RFID chips embedded in employee badges, but these chips are injected into the employee's biceps.  According to the article, having the chips injected is not a condition of employment with the company, but it also states that it will be a requirement for accessing the datacenter.

Very nice.  "You don't HAVE to have the chip implanted.  We believe in freedom of choice.  However, since your job does require datacenter access, if you decide NOT to have the chip implanted, well, really, I'm sorry, but what else can we do..."  Looks like the time of everyone being identified and tracked 100% of the time has pretty much arrived..  (He said, carefully placing tinfoil hat on head...)

 

-- The Seattle Times reports that three persons have been charged  with interfering with computers in a local hospital intensive care unit.  These people created websites that were part of advertisement affiliate programs with several companies.  They then found vulnerable computers on the Internet, and placed software on them to create a botnet of about 50,000 computers.  They then had these computers automatically access their websites.  The resulting ad revenue they generated, according to one, was more than he made at his job.

What's really disturbing about this is that these guys interfered with vital computer systems at a hospital in order to line their own pockets.  I know some will say it's the hospital's fault for not better securing their systems, but I'm not buying that.  If someone breaks a window to enter my house, it's not my fault for choosing a house with windows.  Even if these guys weren't aware that they were incorporating hospital computers into their botnet, this still emphasizes the responsibility that all Internet users must share in these days of increasing interconnectivity.

- TechDock

 

 

11 February 2006

-- A small Indiana county is scrambling to try to make up an $8 million dollar shortfall in its budget after a data entry error resulted in an $8 million dollar overage in last year's budget.  Apparently a homeowner was trying to enter some information in an online database the county maintains for residents, and he inadvertently entered a property value of $400 million dollars, resulting in an $8 million tax assessment.  The treasurer's office caught and corrected the initial mistake, but did not realize that the data had already made its way into the county budget system.  The county says they are likely going to have to cut out several county programs, and possibly lay off some employees, to make up the deficit.

There are a couple of things that are just wrong with this.  First of all, a small rural county generally doesn't have that much extra money on hand.  An $8 million windfall didn't catch anybody's eye?  It also sounds like this county runs in a continuous deficit situation - spending next year's money this year, and expecting to make it up.  That's a dangerous way to live, although I have no doubt that is the norm for government budgeting nowadays.

 

-- A New York City employee was fired for playing Windows Solitaire on his computer during work.  Mayor Bloomberg was touring the office where he worked, and as the Mayor came through with photographers in tow, this employee stepped away from his computer, leaving it unlocked and with the solitaire game up and in plain view.  The Mayor did not say anything then, but later instructed an aide to find out who the employee was a fired him.  When asked about this decision later, the Mayor said that employees were expected to actually work at work, and not play games.

I have to side with the Mayor on this one.  The employee's defense was that he only played games during lunch hour, or when he felt he really needed a break.  When it was pointed out that the office policy prohibited computer games and that the Human Resources records showed he had reviewed and signed off on the policy a couple of years ago, he admitted he did not remember the policy, but that he had probably signed off.  Which indicates that he probably just pencil whipped the thing when HR sent it to him.  The employee felt he should have just gotten a reprimand, which may be valid, but not many people get a second chance for making the boss look bad in front of outsiders.

I think what this guy is really paying for is being stupid.  How many smarts does it take when the big boss is coming through with an entourage and photographers to not be seen slacking off?

- TechDock

 

 

10 February 2006

In the news today...

- - Kip Hawley, chief of the Transportation Security Administration, told a Senate committee that deployment of the Secure Flight program will be delayed because of concerns it is not adequately safeguarded against hackers.  Secure Flight is essentially a database in which all travelers will be matched against known terrorists and criminals.

I have been concerned about the concept of Secure Flight since its inception a couple of years ago.  Even at the beginning, the benefits of this database balanced against the naming errors that are sure to follow have hardly seemed worth it.  More importantly, the TSA has never addressed the issue of people how to get people off the database who happen to share similar names with others on the list, terrorist or not.  Regardless, it is reassuring to see that the TSA recognizes the value of Secure Flight as a potential one-stop shopping goal for hackers, and are taking steps to secure it.

 

-- NetFlix, the popular DVD rental company, is attracting some unwelcome publicity since the disclosure that they have taken to penalizing their heaviest users.  As NetFlix uses a flat rate subscription model, they obviously don't make as much money on heavy users as they do on users that only use the service occasionally.  Using a practice called throttling, NetFlix has taken to placing requests for popular movies from heavy users to the back of the line, giving new subscribers or occasional users priority to new releases.  NetFlix benefits from this in two ways:  new subscribers get better service and are less likely to leave, and NetFlix saves on the amount of postage incurred by frequent users.  Of course, as they are now finding out, they also have to deal with the ire of loyal customers who now feel betrayed and downtrodden.

 

-- The Electronic Frontier Foundation is advising computer users to not activate a new feature in the latest Google desktop toolbar.  Called "Share Across Computers," the new feature allows people who use more than one computer regularly the option to upload their files and documents onto Google's servers, so that the users may access them no matter what computer they are using.  The EFF's concern is that once personal files are uploaded onto Google's equipment, they may lose whatever privacy protection they enjoy on the user's own computer, and be vulnerable to subpoenas or requests for discovery issued to Google.  This is unknown legal territory, so it's not know how such subpoenas might play out.

It should be pointed out that this option is disabled by default, and must be turned on by the user.  Some websites are making it sound like Google is sneaking onto people's computers and stealing files in the middle of the night, and that is not what is happening here.  This could be a useful tool for some people, but as the EFF says, be aware of the possible ramifications.  Once your files are no longer under your direct control, it's impossible to say what might happen to them.

 - TechDock

 

 

Questions or comments?  E-mail us at 

©1998 - 2008 TechDock and techcorrect.com