Tag Archives: risk

Read It

Utah Joins NY in Toughening Texting-While-Driving Laws

Leave a comment

As a motorcyclist, I can talk for hours and hours about first-hand encounters with drivers preoccupied with their cell phones (not to mention food, newspapers, computers, GPS units, ad nauseum). We (the editorial we) pass all kinds of stupid laws all the time, why can’t we have more like these? Just as, or perhaps even more importantly, why can’t we actually enforce them as vigorously as needed in order that they’re effective in changing behavior?

http://www.nytimes.com/2009/08/29/technology/29distracted.html?_r=1

Blather

Twitter Report

2 Comments

It’s been about a month since I dipped my toe in the Twittery waters and I still don’t quite know what to make of it. Statistics tell me that traffic to my personal Web properties has increased rather dramatically. That’s a good thing, right?

I should mention that I quickly learned that there’s little/no restriction on creating new IDs, and it’s very useful to do that in order to experiment with stuff. It’s nice that they allow you delete your ID, too, so if you play that way it’s just nice to clean up when you’re done. That dopey ID you made for testing might be the one someone else is seeking.

So let’s take a look at few Twittery things I’ve noticed, shall we?

Tools Twitter’s API is lots of fun to play with. There’s so much you can do with it and zillions of folks are hard at work trying to figure out how their pet hack can bring them fame, fortune and, yes, money. I’m not at all crazy about the hosted tools that need you to enter your credentials before they’ll function. It’s a trust thing. (Test IDs can come in handy here.)

Advertising Like everywhere else on the Web, everybody’s trying to sell you something. The current worldwide economic climate has spawned a kind of desperation that’s driven some to every imaginable online get-rich-quick scheme. And Twitter’s incredible popularity and growth attracts ’em like poop attracts flies. In fact, there are more Twitter users expounding on how to make money with Twitter than you can shake the proverbial stick at!

Loneliness There’s an air of sadness, loneliness, melancholy. I can’t quite put my finger on it, but it’s definitely there.

Celebrity Lots of celebrities of all levels are on Twitter. Some are even personable and cool. You’ve really gotta take it with a grain of salt, however. Who’s real? Sure, it’s uncool to impersonate, but uncool isn’t a crime. Who’s got staffers writing for them? Who’s just there for shameless self-promotion?

Risk Many tweets include URLs, and most of them have been shrunk to fit the 140-character space using one of the many URL-shortening services. Unless you take steps to preview – and it seems like nobody does – you just don’t know where you’ll end up. And that can be double-plus-ungood. You really need good client-side defenses – you just know you’re gonna end up clicking that link.

Twitter reminds me alot of the CB craze back in the ’70s (when dinosaurs roamed the Earth). This time around, though, you get the fickle tides of Internet trendiness instead of an 11-year sunspot cycle to interrupt the fun. (Internet trendiness is not unlike that surging feeling in your stomach as your Scrambler car changes direction, or the wave pool at Typhoon Lagoon on a hot Wednesday afternoon.) Technically, there’s nothing really new here; all of the technology behind Twitter has been around for quite a while. Doesn’t matter, its popularity is on fire now, and the big question is how it’ll make money. I’m not going to speculate.

I’ll leave you with this cartoon. It’s silly, but it also pretty much sums it up.

Blather

Standards and Documentation

1 Comment

 

[This entry is lifted verbatim from a message I recently wrote in email to a good friend. We were idly discussing a bit of documentation that one of his technical writers had produced, when he commented that he created his own standards: whatever he said, so it would go. He concluded, “It’s good to be the king, sort of…”]

I was lapsing into the way things used to be. Once upon a time there were Standards for everything.

Here’s a funny story. There’s no real proprietary stuff here, but it sheds a teeny tiny bit of light on the seedy underbelly of a company that would probably prefer otherwise.

Back in the 80s and before, there was a Standards Department. A handful of folks: a few writers, a few managers, a room of shelves with binders. (This was, of course, pre-LAN, pre-email, pre-all-the-stuff-we-take-for-granted-today. They walked floppies to a PC that was connected to an IBM line-printer. This was modern; not much earlier they used typewriters. The IBM ball-headed devices – were they called Quietwriters?  Selectrics – were still around.)

I hear you saying, “roomful of shelves with binders? Golly, what could they be documenting?”

Back then, every system, every subsystem, every sub-subsystem, every database, every data feed, every EVERYTHING was custom-built for a specific purpose – be it another system, a customer, whatever. This was before all the wonderful acronym-laden standards for such stuff we have today. (“I love standards – there are so many to choose from!”)

Anyway, time passes and in comes LANs and email and all kinds of magic and, one day, they went and dissolved the Standards Department. Figured that the Programmers could write their own documentation. Out went the writers, one by one. Then the managers. Their equipment was collected and taken away and their space was re-allocated. But not before I scoured their PCs for their documentation files. Thousands and thousands of Word docs. Stashed ’em away in a big zipfile, I did.

Then there was the room full of shelves of binders. A girl I knew, a minor manager, was given the mandate to keep the lights on.

So the years passed. Major systems were rearchitected to common standards. New products were created. The outsourcing wave washed upon the tech shores. And lots of old talent – along with the knowledge of how the proprietary systems worked – was shown the door.

Along came Y2K, at first just a glimmer on the horizon. With the massive technical audit that was undertaken to prepare for that event came the realization that quite a bit of the shiny, new, “self-documented” code was critically dependent upon… wait for it… bits of old legacy stuff that nobody knew anything about anymore.

“Wait!” someone said, “We’ll call the Standards Department! All this stuff is documented!”

Uh oh.

It took a while, but eventually it was realized that the Standards Department had been decimated the better part of two decades earlier. Some hand-wringing later they discovered the roomful of shelves of binders. It had been dutifully passed along from hand to hand through several reorganizations, relocated over 2-3 facilities moves, but there they were. Unmaintained. Disorganized. Dusty. Thick, blue, three-ring binders, labeled with crusty, cryptic strings of numbers and letters – if you were lucky. Some had fallen off with age. But descend upon the room they did, borrowing one volume or another as the analysis plodded onward.

I remembered the original room, the old Standards Department, and when I heard about this I smiled. But when I heard that as often as not the borrowed volumes weren’t being returned, my smile turned into a frown. I grabbed control of the room, had it locked, began to mediate access. Soon I was doing a brisk side business as a librarian. I blew the dust off the forgotten zipfile and got the content onto the network. After all, it’s way easier to content-search a tree of files than to traipse over to some other building an spend hours with those dusty old binders. Or sign your life away to the shaved-head dweeb that made sure you brought ’em back. Trouble is, the files and the binders ain’t exactly one and the same all the time.

And then, there’s the stuff that no one, try as they might, could find documented ANYWHERE. Several thousands of those entities were scattered across the organization. Little black boxes, you can see what goes in and comes out, but haven’t got an inkling of what goes on inside. Except when one little black box talks directly to or from another little black box, hmmm, then you don’t really know much about the interfaces either. Quite troubling.

Y2K came and went – rather uneventfully, actually. The world didn’t end. The systems actually came out the other side better than they went in. Life went on. Interest in the room and the files waned, but didn’t go away. As it turns out, Programmers, especially contractors, especially hourly contractors with lots of churn, aren’t exactly the best when it comes to documenting their work. And “self-documenting code” really isn’t, unless the reader is quite technical. The legacy stuff, well, the stuff that’s actually documented, turns out to be the best documented stuff there is. Created by people whose job it was to make it so.

Now here’s the punchline. To this very day, if you dig deep enough, through the shiny, new Web-enabled, SOAPed and serviced layers, you could very well discover dependencies upon some bit of legacy code or another that *nobody* understands, code for which there’s *no* source code, *no* documentation…

This is a good time to end the story, as we sit and sip our morning coffee, pondering the sinking feeling in the pit of the stomach of some poor sod somewhere whose unfortunate lot puts them near one of those bits of code.

Blather

Automatic Trust Revisited

Leave a comment

I got a distressing email from a friend earlier this evening. He wrote of picking up a trojan on his personal laptop. It was asking for money to undo the shenanigans. And my friend was asking for advice before he reformatted and reinstalled.

First thing I did, like any of you would do, was upload some useful tools to one of my servers for him. But now I’m sitting here thinking…

We all send attachments back and forth in email and there are certain people that you trust. Instead of the trash, instead of treading carefully, the automatic trust thing (and the all-too-human trait of being in too much of a hurry) makes us open, run, visit or whatever.

Perhaps that trust is misguided. My friend’s one of the folks I trusted that way. But as I write I’m running checks on his recent attachments!

Will his box be clean tonight? Tomorrow? Next week? What will he do, what will he run before sending something else? Multiply the risk by the number of people with ‘trusted’ status.

I feel like I dodged a bullet.

As it happens I’ll be seeing my friend tomorrow. This will certainly be one topic of conversation.

Blather

Data For Sale – Laws and Lies

1 Comment

I buy medications for my Dad. He suffers from some chronic conditions that require a daily drug regimen. For a while I used my usual credit card when I visited his pharmacy, but I stopped. Today these transactions are strictly cash-only.

An odd pattern had developed in the advertising that appeared in my incoming streams. Affecting both snail mail and email, it was almost as though my health had taken a serious turn for the worse. Drugs, facilities and other products related to various diseases, diseases which I do not have, had been increasing in frequency dramatically!

I brought my concerns to the head pharmacist, the management of the company (it’s a chain) and my credit card issuer. Their response was universal. Sharing the data isn’t allowed. [We] do not do it. It is not done. I must be mistaken.

So I took to using cash. And when asked to sign when picking up the medications I use something else – an X, some scribbles or a line – whatever comes out of my hand at the time. If questioned I tell them why.

After quite a while – six months, maybe more – the marketing trailed off. Today the patterns I noticed no longer exist. (I suppose they all figure me for dead, finally succumbed to one disease or another.)

I brought my findings to the pharmacy and credit card issuer and asked again about marketing and data-sharing. Again, each defended their practices. I must be mistaken.

The traffic in my inbox is of little importance. What’s more worrisome is how else the data might be used. I can easily imagine, for example, an insurance company increasing their rates, or maybe denying coverage altogether, because I have a history of purchasing prescription drugs associated with a disease I haven’t reported to them. Legal? Not today. But since when has that stopped anything?

Watch your data trail, dear friends!