Hiding Yourself In Plain Sight

I remember hearing that sometimes the best way to hide is in plain sight--just where no one would think to look.

Now there is a new clothing line being introduced by Adam Harvey for Stealth Wear that hides you using your own clothes. 

According to Slate (11 January 2013), the clothing line is envisioned to have:

- Anti-drone hoodies and scarfs:  These will be made with special metalized material that can shield you from things like drone thermal imaging technology, and I would imagine could also help against facial recognition along the lines of a prior project CVDazzle that uses face-painting and hair styling for concealment. 

- XX-shirts: These cover your upper body and can shield you from x-rays. I wonder how this will impact TSA scanning at airports?

- Pocket-blocks: A cell phone pouch made from "signal attenuating material" to prevent tracking and interception. 

Don't confuse this stealth wear clothing line with a Canadian company called StealthWear that makes a different type of protective clothing--padding for jackets, forearms, shoulders, torso, and so on for those working in "aggressive educational environments."

The new Stealth Wear, however, is a concept for a high-tech fashion line designed to provide counter surveillance and more personal privacy--in this sense, it's really the anti Big Brother. 

With more and more cameras, imaging machines, facial recognition, drones, and other surveillance tools out there--I suppose it is not surprising to see a cultural backlash in terms of everyday surveillance protection clothing coming to the fore. ;-)

(Source Photo: Andy Blumenthal)

Hiding Yourself In Plain Sight

A Healing Environment

We’ve all been in work environments that make us either feel good about coming to the office in the morning, and those which don’t.

For those that don’t -- is it the mundane and unsatisfying work? Unpredictable work hours and demands? Annoying co-workers? Bullying boss? 

Let’s face it—the environment we work in can make the difference between whether we enjoy a long happy career someplace or whether we want to run out the door screaming. 

At the extreme, I remember a colleague telling me how when they were temping in college they worked in some mind-numbing jobs for some awful companies and they literally lasted in some cases until noon before they couldn’t take it anymore. 

Factors aside from the people can make a person feel good or bad. 

In an interesting article in Fast Company (December 2012/January 2013) called “Spaces That Heal,” hospitals have found that the patient’s room itself can actually be designed to aid in bringing people back to good health.

Research shows that “the color, shape, layout, and accoutrements of a hospital room have a direct effect on health.”

Some design items in the hospital that aid recovery, for example, are:

- Sunnier and brighter spaces with big windows (unless you are having a migraine!)
- Exposure to “nature and art” (I choose nature—the greener, the better)
- Classical music (make mine high energy or pop)
- Colored walls (light blue is relaxing for me)
- Lot of clean circulating fresh air (I like the air conditioner on all year long--even Winter!)
- Presence of family members (well certain family members anyway) :-)

Additionally, rooms wired for smartphones, tablets, and computers and that keep patients busy and engaged are another big positive—I remember when I was in the hospital and my wife brought me a device so I could blog and be me, and I felt like a productive human being again.

New room design in hospitals will also be single rooms (yes, a little privacy and personal space when you’re not feeling well).
They will also have beds at an angle that “face both the window and the media wall”—the media wall is very cool where you can look at everything from digital photos of your kids to watching Netflix or being able to Skype.

Beds will be placed in line of sight of nursing stations for safe monitoring, and bathrooms will have dual accessibility from the patient’s room for doing your business, and from the hall for hospital staff to come and restock it or clean without waking a resting patient. 

The environment we recuperate in matters to how we recover and the environment we work in matters to how we stay healthy, happy, and productive. 

People are not machines, but thinking and feeling beings, and how they are treated physically, emotionally, and mentally all make a world of a difference to their success or failure—and to that of the organization that employs them. ;-)

(Source Photo: here with attribution to Be Live Hotels)

A Healing Environment

Federal Leadership Is A Journey

There were three news articles in Federal Times this week (17 December 2012) that highlighted some disappointments for the time being, but that offer hope for the future:

-   Conflicts of Interest at DARPA: The previous director of the Defense Advanced Research Projects Agency (DARPA) is investigated by the Defense Department Inspector General for conflicts of interest related to the award of “hundreds of thousands of dollars in contracts to a company she co-founded and partially owned.” The hope for the future—the new DARPA director has “sent a full list of her financial assets to all of the agency’s employees.”

-   Missed opportunity for use of mobile devices, BYOD in the Federal workforce: The CIO Council’s report on “Government Use of Mobile Technology: Barriers, Opportunities, and Gap Analysis” was required by the Federal Digital Strategy (May 2012); however, while there is clarity of the need for greater mobility in the workforce, instead of a clear architecture forward, the report calls for more guidance from the administration on “how to handle the tricky legal, privacy, and financial implications.” The hope—the report looks toward  a government-wide or agency policy and guidance to support more flexible use of mobile devices and a cross-functional team to evaluate Bring Your Own Device (BYOD) for the future.

-   NASA doubts commitment of getting to an asteroid: NASA, which has been criticized by some for not having a clear direction, has been charged with “sending astronauts to an asteroid by 2025,” yet there is not consensus that this is “the next step on the way to Mars.” The hope—NASA can restructure, engage in cost-sharing partnerships, or otherwise increase budget or decrease scope to right-align and achieve clear focus on the next great goals for outer space.

Lesson learned: leadership does not have all the answers nor do they always do everything right, but leadership is a journey. So while today, we may not always be making the best acquisitions for advanced research, achieving clarity of a mobile strategy, or landing people on Mars—we are on the way—through one small step for leadership, one giant leap for the rest of us.

(Source Photo: here with attribution to NASA) 

Federal Leadership Is A Journey

I'm Looking At You Looking At Me Looking At You

Almax, the Italian maker of mannequins has a new high-tech version that does more than stand around and look pretty.

The EyeSee Mannequin has a camera built into its eye that watches you while you shop. 

According to Bloomberg BusinessWeek (6 December 2012), the EyeSee Mannequin sells for about $5,130 and it conducts consumer profiling--using technology to identify criminals--it determines your age, gender, and race and tracks your shopping patterns. 

Newer versions of EyeSee will likely have a sensor for hearing you as well, so it can "eavesdrop on what shoppers say about the mannequin's attire."

Next to these mannequins, you have to consider who are the real dummies, when everything you do and say can be monitored. 

Next time, you're peering at that mannequin, be careful, it may be peering right back at you--and when it says something be ready to jump. ;-)

(Source Photo: Andy Blumenthal)

I'm Looking At You Looking At Me Looking At You

Autocomplete: Do Zombies (What)?

The autocomplete feature in search engines can tell us a lot about what people are thinking and asking about.

According to the New York Times (21 November 2012) "sites like Google and Bing are showing the precise questions that are most frequently asked."

Autocomplete suggests the rest of your search term based on the most popular things that others have asked for, so it speeds up your search selection by anticipating what you are looking for and by reducing spelling errors in your search terms.

Another advantage to seeing popular searches is to understand what the larger population is thinking about and looking for--this gives us insight into culture, norms, values, and issues of the time. 

I did a simple google search of "do zombies" and as you can see the most popular searches are about whether zombies: poop, exist, sleep, "really exist," and have brains. 

Even more disappointing than people asking whether zombies really exist is that the #1 search on zombies is about whether they poop--what does that say about our lagging educational system?

I would at least have imagined that the preppers--those infatuated with the end of the world and with preparation for survival--would at least be searching for terms like:

Do zombies...

pose a real threat to human survival?

have (certain) vulnerabilities?

ever die?

have feelings?

have children?

beat vampires (or vice versa)?

I suppose autocomplete is good at crowdsourcing search terms of what others are thinking about, but it is only as good as those doing the ultimate searching--our collection intelligence at work. ;-)

(Source Photo: Andy Blumenthal)

Autocomplete: Do Zombies (What)?

Voting Firsts

With voting, this was the first time I've ever:

- Voted early--even though it was on the last early voting day.

- Had to wait on any sort of real line to vote--this one was about 30 minutes long!

- Waited outside in the cold on a line snaking around the building--until the election volunteers had a heart and let us all in and out of the cold. 

- Had electioneering occurring right outside at tables and people handing out "information" until maybe 25 feet before the doors of the polling center--in the past, this activity was always kept far away and and they didn't have the nerve to approach you as you were literally going inside the polling stations. 

- Got to sit down at a voting machine--always had to stand up previously, but from the sitting position and the "ergonomics" of the voting machine, you could hardly see them properly. 

- Had virtually no voting privacy--the machine faced the walls with the touch screens facing inward towards everyone else in the auditorium.

Despite all these voting firsts and most of them disappointing, the one voting first that I would have liked to see and didn't was Internet voting, where we would usher voting into the 21st century with ease of voting, convenience, and privacy. 

For some reason we can bank, shop, and pay taxes online, but to vote, we're still stuck in the dark ages and it seemed like overall it was getting darker. 

(Source Photo: Andy Blumenthal)

Voting Firsts

Hospital Wake Up Call

So recently, I was in the hospital for something. 

G-d, I hate hospitals, but this time something was going on and I knew I had to go. 

I admire all the doctors, nurses, and other health professionals that work there helping people--it is definitely not an easy job.

I watched the other patients--on gurneys, in wheelchairs, laying in the hospital beds, and getting various procedures--and it is eye-opening. 

Many people, who are otherwise strong and able-bodied, are reduced to needing help with feeding, going to the bathroom, getting around, and some even just turning over in bed.

I watched the people out of their everyday clothes and forced into hospital gowns--one of the most awful things in terms of our human modesty and dignity.

Then there is the need to have to ask for everything and being reduced to poking, prodding, and vitals checkups at all hours of the day and night. 

In one case, they even woke someone up to give them a sleeping pill, true. 

Also, when you have to share a room with a stranger with their own various ailments, the quiet time and the privacy to deal with your issues is even less. 

Hospital are not a great place for getting rest or for feeling confidant in your abilities--let's face it, you're confronting very helplessness itself.

In these circumstances, I found myself getting down about the circumstances and my wife, G-d bless her, said something really smart to me. 

She said, "You are better than this," and I looked up at her feeling physically lousey and emotionally spent, and she repeated, "You are better than this."

I stopped to not just hear what she was saying, but to really listen--and it was amazing. 

She was right, there was nothing to feel bad about. I needed to have faith and believe that all was for the best, and that I was stronger than this test. 

A short time has passed, but I will never forget my wife's words to me--she gave me a great gift and I will always be grateful what she did for me. 

(Source Photo: Andy Blumenthal)

Hospital Wake Up Call

2 Heads Are Better Than 1

My daughter brought this incredible video to my attention--conjoined twins Abby & Brittany--age 22--share a body from the waist down.

They have 2 heads and necks, 3 lungs, 2 hearts, 2 gallbladders, 2 stomachs, 1 liver, 1 large intestine, 1 small intestine, 2 left kidneys and 1 right, 1 pelvis, 1 pair of ovaries, 1 uterus, 1 bladder, 1 vagina, and 1 urethra. 

The video asks, what happens if:

- 1 gets sick?
- 1 dies?
- Who is the biological mother, if they have a child?
- How do they handle boyfriends?

I understand that 1 controls the left side of the body and 1 the right side--leaves you to imagine the unbelievable coordination issues to do everyday activities like walk, drive, type, swim, and so on that we take for granted.

Yet, despite their life challenges, they are actually staring in their own reality TV show on The Learning Channel (TLC), which premiered on August 28.

Here is a link for more information about these incredible women. 

Some of the things that I think about when I watch Abby & Brittany--are not the physical, but more the emotional, psychological, and spiritual issues, such as:

- Do they ever feel lonely?
- How do they handle the need for privacy?
- Are they introverts or extraverts or one of each?
- What are their personalities like?
- Do they like each other?
- Do they fight often and how do they resolve conflict with each other?
- Do they like/dislike similar things?
- Do they share the same religious beliefs?
- Do they feel responsible for each others actions (like if one hits someone or says something hurtful to another)?
- Do they believe in an afterlife?
- Do they intuitively share thoughts, dreams, ambitions (or only when they articulate these to the each other)?
- Do they consider their condition a random occurrence, a "freak act" of nature, a test, a punishment, or something else?

I imagine that they are hugely inspirational and am looking forward to hopefully watch the show tonight at 10 pm with my daughter and learn and marvel how they do it!

2 Heads Are Better Than 1

Choke Points to Checkpoints

This is some promising biometric technology from AOptix. 

Enrolling in the system is the first step and means just seconds of standing in the capture field of the slender tower, and the device scans both iris and face of the person. 

The scanning captures images within seconds and the software converts the images into binary code. 

It then subsequently scans and matches the person's biometrics against the database for positive identification. 

The beauty of this system is that it is simple and fast and can be used for passenger screening, immigration, or any other access control for entry/egress for a building, location, or even to a computer computer system and it's information.

According to Bloomberg Businessweek, the Insight Duo Towers sells for $40,000 each.

Eighty of these are currently in use at all air, land, and sea borders in Qatar.  Further, Dubai International Airport has been piloting this at a terminal that handles 40 million people per year, and it has cut immigration waiting times from 49 minutes to 22 seconds. 

This technology has obvious important applications for military, law enforcement, and homeland security, as well as even more generalized security use in the private sector.

And while very impressive, here are some concerns about it that should be addressed:

1) Enrollment of Biometrics and Personal Identification--registering for the system may only take a few seconds for the actual scan, but then verifying who you are (i.e. who those biometrics really belong to) is another step in the process not shown.  How do we know that those iris and face prints belong to Joe Schmo the average citizen who should be allowed through the eGate and not to a known terrorist on the watch list?  The biometrics need to be associated with a name, address, social security, date of birth and other personal information.

2) Rights versus Recognitions--rights to access and recognition are two different things. Just because there is iris and facial recognition, doesn't mean that this is someone who should be given access rights to a place, system or organization.  So the devil is in the details of implementation in specifying who should have access and who should not. 

3) Faking Out The System--no system is perfect and when something is advertised as accurate, the question to me is how accurate and where are the system vulnerabilities. For example, can the system be hacked and false biometrics or personal identification information changed?  Can a terrorist cell, criminal syndicate, or nations state create really good fake iris and facial masks for impersonating an enrollee and fooling the system into thinking that a bad good is really a good guy. 

4) Privacy of Personally Identifiable Information (PII)--not specific to AOptix, but to this biometric solutions overall--how do we ensure privacy of the data, so it is not stolen or misused such as for identity theft.  I understand that AOptix has PKI encryption, but how strong is the encryption,who long does it take to break, and what are the policies and procedures within organizations to safeguard this privacy data.

5) Big Brother Society--biometrics recognition may provide for opportunities for safe and secure access and transit, but what are the larger implications for this to become a "big brother" society where people are identified and tracked wherever they go and whatever they do. Where are the safeguards for democracy and human rights.

Even with these said, I believe that this is the wave of the future for access control--as AOptix's says, for changing choke points to checkpoints--we need a simple, fast, secure, and cost-effective way to identify friends and foe and this is it, for the masses, in the near-term.

Choke Points to Checkpoints

The Privacy Slope

I read with interest Ronald Bailey's book review of Privacy by Garet Keizer in the Wall Street Journal ( 16 August 2012). 

In a nutshell, privacy is founded in the Constitution's 4th Amendment: "the right of the people to be secure in their persons, houses, papers, and effects against unreasonable searches and seizures, shall not be violated."

I would define privacy as the freedom--to think, to feel, and to act as ourselves (within ethical boundaries) without fear of intrusion, revelation, or reprisal. 

In other words, it should only be our business who we love, what we are interested or believe in, who we vote for, what we choose to do with our lives, and more. 

I think in grade school, the children generally sum it up well when they playfully chant: "Mind your own BI," where BI is used for business (or biziness). :-)

According to Keizer, the danger to privacy come into play from two main sources: 
- Commerce--who want to sell you something and
- Government--that needs to surveil for security and law enforcement purposes 

After 9/11, their was a perceived need for greater surveillance to enhance homeland security, and with advances in technology and communications (smartphones, Internet, social media, etc.), the ability to snoop became far easier.

In 2002, the DoD program for Total Information Awareness (TIA) was an attempt to know everything (i.e. total) about those who would do us harm, but fears about this capability being used against the innocent, quickly required a rethinking or perhaps, just a rebranding. 

Some say that the new NSA mega data center in Utah is the fulfillment of the TIA dream--according to the Washington Post, already in 2010 NSA intercepted and stored "1.7 billion emails, phone calls, and other types of communications." Further, law enforcement demanded records from cellphone carriers on 1.3 million subscribers "including text messages and caller locations" over just the last year's time. 

Keizer cautions that "the ultimate check on government as a whole is its inability to know everything about those it governs"--i.e. without the people holding the cards, there is the risk of spiraling into a Big Brother totalitarian society--goodbye democracy!

I think Keizer perhaps oversells the fear of government surveillance and underemphasizes intrusion from business--his thinking is that "If consumers are annoyed with a merchant's monitoring, they can buy elsewhere." 

But what Keizer misses is that industry as a whole has moved toward the use of technology--from club cards and promotions to use of Internet cookies, RFID, and more--to systematically track consumers and their buying behavior and that information is readily captured, packaged, used, and sold for marketing and sales--as well as to the government!

As a common practice now, where is a consumer to go that will shield them from hungry business looking to capture market share and earn nice profits?

At the same time, while government surveillance can certainly be misused and abused with terrible consequences for individuals society---there are potentially a lot of people looking over the shoulder of those carrying out public programs--and this "sunlight"--where and when it shines--can help to prevent bad things happening. 

The problem is that the system is not perfect, and there are always those program people who act of out of bounds and those watchers who are ineffective and/or dishonest.

Overall, it's a zero sum game, where those that hype up security and capitalism, can tramp down on privacy, and vice versa.
In totality, we can never just assume everything will be okay when it comes to privacy and how information is used, but we have to be active citizens helping ensure that right things are done, the right way. 

For regular, hardworking, decent citizens, there is a definite need to safeguard privacy--and technology can be helpful here with anonymizers, encryptors, and other shielding tools.

For the bad guys, I would imagine, no question, that the government will continue to develop the means to thwart their secrecy and planning to inflict harm on the American people. 

For business, it's okay to capture consumer information and sell, but pour it on to thick and people will think twice about your company's ethics and brand--and even a lawsuit may be in the making. 

Yes, privacy is a slippery slope, and not only can a person's self be revealed or used inappropriately, but the voyeur can get burned too if they overdo it. 

(Source Photo: Andy Blumenthal)

The Privacy Slope

The Information Is On You

There was a fascinating article in the New York Times (17 June 2012) called: "A data giant is Mapping and Sharing the Consumer Genome."

It is about a company called Acxion--with revenues of $1.13 billion--that develops marketing solutions for other companies based on their enormous data collection of everything about you!
 
Acxion has more than 23,000 servers "collecting, collating, and analyzing consumer data...[and] they have amassed the world's largest commercial database on consumers."

Their "surveillance engine" and database on you is so large that they:

- "Process more than 50 trillion data 'transactions' a year."
- "Database contains information about 500 million active consumers."
- "About 1,500 data points per person."
- Have been collecting data for 40 years!

Acxion is the slayer of the consumer big data dragon--doing large-scale data mining and analytics using publicly available information and consumer surveys.

They collect data on demographics, socio-economics, lifestyle, and buying habits and they integrate all this data.

Acxion generates direct marketing solutions and predictive consumer behavior information.

They work with 47 of the Fortune 100 as well as the government after 9/11.

There are many concerns raised by both the size and scope of this activity.
 
Firstly, as to the information itself relative to its:

- Privacy
- Security

Secondly, regarding the consumer in terms of potential: 

- Profiling
- Espionage
- Stalking
- Manipulation 

Therefore, the challenge of big data is a double-edged sword: 

- On one hand we have the desire for data intelligence to make sense of all the data out there and use it to maximum affect.
- On the other hand, we have serious concerns about privacy, security, and the potential abuse of power that the information enables. 

How we harness the power of information to help society, but not hurt people is one of the biggest challenges of our time. 

This will be an ongoing tug of war between the opposing camps until hopefully, the pendulum settles in the healthy middle, that is our collective information sweet spot. 

(Source Photo: Andy Blumenthal)

The Information Is On You

Electronic Health Records, Slow But Steady

The best article I have seen on the subject of Electronic Health Records (EHR) was in Bloomberg BusinessWeek (21 June 2012) called "This machine saves lives so why don't more hospitals use it."

What I liked about this article was how straightforward it explained the marketplace, the benefits, the resistance, and the trends.  

Some basic statistics on the subject of EHR:

The healthcare industry is $2.7 trillion annually or ~18% of GDP.

Yet we continue to be quite inefficient with only about half of hospitals and doctors projected to be using EHR by end of 2012.

Annual spending on EHR is expected to reach $3.8 billion by 2015.

Basically, EHR is the digitization of our medical records and automation of medical services so that we can:
 
- Schedule medical appointments online
- Check medical records including lab and test results
- Communicate with our doctors by secure messaging/email
- Send prescriptions into the pharmacy electronically
- Automatically keep track of dosage and refills
- Get alerts as to side effects or interactions of medication
- Analyze symptoms and suggest diagnosis
- Receive prompts as to the latest medical treatments
- Recognize trends like flu outbreaks or epidemics
- File and speed claim processing

So why do many doctor's seem to resist moving to EHR?
 
- Cost of conversion in terms of both money and time
- Concern that it can be used against them in medical malpractice suits
- Potential lose of patient privacy
- Lack of interoperability between existing systems (currently, "there are 551 certified medical information software companies in the U.S. selling 1,137 software programs"--the largest of which are from GE and Epic.)

The government is incentivizing the health care industry to make the conversion:

- Hitech Act (2009) "provides $27 billion in financial incentives" including $44K from Medicare and $63K from Medicaid over 5 years for outpatient physicians that can demonstrate "that they are using the technology to improve care."
- Patient Protection and Affordable Care Act (2010)--a.k.a. Obamacare--calls for "accountable care organizations" to receive extra money from Medicare and Medicaid for keeping patients healthy, rather than by procedure--"they are expected to do so using computers."

The big loophole in EHR right now seems to be:

- The lack of standards for EHR systems from different vendors to be compatible, so they can "talk" to each other.
- Without interoperability, we risk having silos of physicians, hospitals, labs, and so on that cannot share patient and disease information.

So, we need to get standards or regulations in place in order to ensure that EHR is effective on a national, and then even a global level. 

A number of months ago, I went to a specialist for something and saw him a few times; what he didn't tell me when I started seeing him what that he was retiring within only a few months.
Aside from being annoyed at having to find another doctor and change over, I felt that the doctor was not too ethical in not disclosing his near-term intentions to close up shop and giving me the choice of whether I wanted to still see him. 

But what made matters worse is that I got a letter in mail with the notification--not even in person--along with a form to fill out to request a copy of my medical records at a cost per page, so that I could transfer them--hardcopy--elsewhere. 

Of course, this was also the doctor who hand wrote prescriptions still and wasn't able to get test results online. 

To me, seeing someone with a great amount of experience was really important, but the flip side was that in terms of organization, he was still in the "dark ages" when it came to technology. 

I look forward to the day when we can have both--senior medical professionals who also have the latest technology tools at their disposal for serving the patients. 

In the meantime, the medical profession still seems to have some serious catching up to do with the times technologically. 

Let's hope we get there soon so that we not only have the conveniences of modern technology, but also the diagnostic benefits and safeguards. 

(Source Photo: Andy Blumenthal)

Electronic Health Records, Slow But Steady

Video Chat TMI

This is a new video chat service from Airtime and the music and video make it look pretty good, but I have my sincere reservations. 

Airtime connects as an app from Facebook and according to Bloomberg BusinessWeek (11-17 June 2012), "users can then talk to their Facebook friends, search for someone with similar interests, or just hit the 'next' button to find a random chat partner."

While, I find the idea of randomly engaging online with someone intriguing, I also more find it more than a little scary not knowing who they really are--there are plenty of fraudsters, charlatans, and perverts out there that you would not want to be talking to. 

The not so funny thing is that the precursor to Airtime called Chatroulette--was truly, as the name implies, a gamble and many times a bad one at that, with some unscrupulous users availing themselves of the video to expose themselves online. 

Frankly, it seems that many people may be using these applications more as swingers to hook up, have a fling, and engage in flirtatious or even sexual behavior than for developing any sort of real meaningful relationships. 

Furthermore with Airtime, based I assume on people's Facebook profiles, "as two users converse, Airtime suggests interests and common friends they may have in common"--with these actually popping up on your screen!

Whatever happened to any sort of privacy and discretion in sharing and letting conversations and relationships evolve naturally and over time between people rather than forced and in your face!

To me even the concept of having to use video when chatting is over-rated! I think most people do not feel all that comfortable in front of the camera and are actually more at ease talking without being viewed every moment through a lens.  

I have seen cameras deployed for desktop computers that were hardly ever used. And even with Apple's Facetime application built right into the iPhone, I rarely ever see anyone actually using this--do you? 

I think this is a clear lesson with technology that just because we can do something, doesn't mean we should. 

We need to take into account people feelings and their comfort zone, especially when it comes to privacy, and not just put them in front of every camera and float their personal interests and friends randomly or regularly. 

"Discretion is the better part of valor" and it's time to appreciate technology and social media companies and applications that recognize this and roll out services that are respectful of people privacy, security, and right to have some control over their lives.

Video Chat TMI

SDLC On Target

I found this great white paper by PM Solutions (2003) called "Selecting a Software Development Life Cycle (SDLC) Methodology."

The paper describes and nicely diagrams out the various SDLC frameworks:

- Waterfall
- Incremental
- Iterative
- Spiral
- RAD
- Agile

It also provides a chart of the advantages and disadvantages of each framework. 

Finally, there is a simple decision cube (D3) based on time horizon, budget, and functionality for selecting an SDLC framework. 

This is a very useful and practical analysis for implementing SDLC, and it aligns closely with the guidance from the National Institute of Science and Technology (NIST) Special Publication (SP) 800-64, "Security Considerations in the Systems Development Life Cycle" Appendix E that states:

"The expected size and complexity of the system, the development schedule, and the anticipated length of a system's life may affect the choice of which SDLC model to use."

While NIST focuses on the time horizon and complexity versus the PM Solutions Decision Cube that uses time horizon, budget, and functionality, the notion of tailoring SDLC to the project is both consistent and valuable. 

Just one more resource that I found particularly good is the Department of Labor IT Project Management guidance (2002)--it is a best practice from the Federal CIO website.

I like how it integrates SDLC, IT Project Management, IT Capital Planning and Investment Control (CPIC), and security and privacy into a cohesive guide. 

It also establishes project "thresholds" to differentiate larger or more significant projects with greater impact from others and calls these out for "more intensive review."

Even though these these resources are around a decade old, to me they are classic (in a good sense) and remain relevant and useful to developing systems that are on target.

(Source Photo: Andy Blumenthal)

SDLC On Target

Facebook IPO--Love It, But Leave It

With the Facebook IPO scheduled for this week, valuing the company at as much as $96 billion, many investors according to Bloomberg BusinessWeek (11 May 2012) see this as overvalued.

Facebook will be the largest Internet IPO in history, and would be about 4 times as much as Google was valued at its IPO at $23 billion in 2003.

Further, Facebook could be valued at offering at 99 times earnings.

This is more than the price earnings ratio of 99% of companies in the S&P Index, yet even with some estimating sales of $6.1 billion this year, Facebook would only rank about 400 in the S&P 500.

True Facebook has amassed an incredible 900 million users, but the company's revenue growth has slowed for the 3rd year in a row.

Another article in BusinessWeek (10 May 2012) describes a new social networking contender called Diaspora.

Unlike Google+ which is predominantly a Facebook copycat, Diaspora is bringing something new and major to the table--they are addressing the privacy issues that Facebook has not.

Diaspora is a distributed (or federated) social network, unlike Facebook which is centralized--in other words, Diaspora allows you to host your own data wherever you want (even in the cloud).

Each of these independently owned Diaspora instances or "pods" (dispersed like in the Diaspora) make up a true social "network"--interconnected and interoperable computing devices.

With Diaspora, you own your own data and can maintain its privacy (share, delete, and do what you want with your information), unlike with Facebook where you essentially give up rights to your data and it can and is used by Facebook for commercial use--for them to make money off of your personal/private information.

When it comes to personal property, we have a strong sense of ownership in our society and are keen on protecting these ownership rights, but somehow with our personal information and privacy, when it comes to social networking, we have sold ourselves out for a mere user account.

As loss of personally identifiable information (PII), intellectual property, identity theft, and other serious computer crimes continues to grow and cost us our money, time, and even our very selves in some respects, alternatives to the Facebook model, like Diaspora, will become more and more appealing.

So with social networks like Facebook--it is a case of love it, but leave it!

Love social networking--especially when privacy is built in--and others don't have rights to what you post.

But leave it--when they are asking for your investment dollar (i.e. IPO) that could be better spent on a product with a business model that is actually sustainable over the long term.

(Source Photo: here with attribution to Allan Cleaver)

Facebook IPO--Love It, But Leave It

Don't Throw Out The Pre-Crime With the Bathwater

The Atlantic (17 April 2012) has an article this week called " Homeland Security's 'Pre-Crime' Screening Will Never Work." 

The Atlantic mocks the Department of Homeland Security's (DHS) Future Attribute Screening Technology (FAST) for attempting to screen terrorists based on physiological and behavioral cues to analyze and detect people demonstrating abnormal or dangerous indicators.

The article calls this "pre-crime detection" similar to that in Tom Cruise's movie Minority Report, and labels it a  "super creepy invasion of privacy" and of "little to no marginal security" benefit.

They base this on a 70% success rate in "first round of field tests" and the "false-positive paradox," whereby there would be a large number of innocent false positives and that distinguishing these would be a "non-trivial and invasive task." 

However, I do not agree that they are correct for a number of reasons: 

1) Accuracy Rates Will Improve--the current accuracy rate is no predictor of future accuracy rates. With additional research and development and testing, there is no reason to believe that over time we cannot significantly improve the accuracy rates to screen for such common things as "elevated heart rate, eye movement, body temperature, facial patterns, and body language" to help us weed out friend from foe. 

2) False-Positives Can Be Managed--Just as in disease detection and medical diagnosis, there can be false-positives, and we manage these by validating the results through repeating the tests or performing additional corroborating tests; so too with pre-crime screening, false-positives can be managed with validation testing, such as through interviews, matching against terrorist watch lists, biometric screening tools, scans and searches, and more. In other words, pre-crime detection through observable cues are only a single layer of a comprehensive, multilayer screening strategy.

Contrary to what The Atlantic states that pre-crime screening is "doomed from the word go by a preponderance of false-positives," terrorist screening is actually is vital and necessary part of a defense-in-depth strategy and is based on risk management principles. To secure the homeland with finite resources, we must continuously narrow in on the terrorist target by screening and refining results through validation testing, so that we can safeguard the nation as well as protect privacy and civil liberties of those who are not a threat to others. 

Additionally, The Atlantic questions whether subjects used in experimental screening will be able to accurately mimic the cues that real terrorist would have in the field. However, with the wealth of surveillance that we have gathered of terrorists planning or conducting attacks, especially in the last decade in the wars in Iraq and Afghanistan, as well as with reams of scientific study of the mind and body, we should be able to distinguish the difference between someone about to commit mass murder from someone simply visiting their grandmother in Miami. 

The Atlantic's position is that  terrorist screening's "(possible) gain is not worth the cost"; However, this is ridiculous since the only alternative to pre-crime detection is post-crime analysis--where rather than try and prevent terrorist attacks, we let the terrorists commit their deadly deeds--and clean up the mess afterwards. 

In an age, when terrorists will stop at nothing to hit their target and hit it hard and shoe and underwear bombs are serious issues and not late night comedy, we must invest in the technology tools like pre-crime screening to help us identify those who would do us harm, and continuously work to filter them out before they attack. 

(Source Photo: here with attribution to Dan and Eric Sweeney)

Don't Throw Out The Pre-Crime With the Bathwater

A Word Indeed

The information in your smartphone and managed by your telecommunications carrier is available and accessible to others with today's tools and following the right processes. 

Bloomberg BusinessWeek (29 March 2012) reports on a new tool for law enforcement that captures your data from smartphones. 

It is called the Cellebrite or Universal Forensic Extraction Device (UFED).

As the video describes it works with almost every mobile device out there--over 1,800 of them. 

And when attached to a smartphone, it can extract everything from your call log, emails, texts, contact list, web history, as well as photos and videos. 

The forensic tool can even retrieve deleted files from your phone. 

Your smartphone is a digital treasure trove of personal information and the privacy protection afforded to it is still under debate. 

The article cites varying court opinions on "whether it's fair game to examine the contents of a mobile phone without a warrant," since it is in the suspect's immediate possession. 

According to law enforcement sources quoted in the article, "we use it now on a daily basis."

Aside from the contents on the phone itself, Bloomberg BusinessWeek (29 September 2012) earlier reported that telecommunications companies are also storing your personal data for various lengths of time.

For example, detail call records and text contacts are retained for up to 7 years and phone location information indefinitely, depending on the carrier.

This data is available too under the processes specified in the Electronic Communications Privacy Act. 

While the technology is constantly getting better for us to electronically manage our information and communicate with each other, the reach and life cycle of digital information can certainly be far and long.

As we should all by now know, working remotely, digitally, in cyberspace, and encrypting, deleting, or even attempting to destroy data files does not ensure their ultimate privacy. 

In that respect, both digital and non-digital information are the same in one very important facet and that is as we all learned early in life that "a word once said cannot be taken back."

A Word Indeed

Which Big Brother

About a decade ago, after the events of 9/11, there was a program called Total Information Awareness (TIA) run out the Defense Advanced Research Projects Agency (DARPA).

The intent was develop and use technology to capture data (lots of it), decipher it, link it, mine it, and present and use it effectively to protect us from terrorists and other national security threats. 

Due to concerns about privacy--i.e. people's fear of "Big Brother"--the program was officially moth-balled, but the projects went forward under other names.  

This month Wired (April 2012) reports that the National Security Agency (NSA) has almost achieved the TIA dream--"a massive surveillance center" capable of analyzing yottabytes (10 to the 24th bytes) of data that is being completed in the Utah desert. 

According to the article, the new $2 billion Utah Data (Spy) Center is being built by 10,000 construction workers and is expected to be operational in a little over a year (September 2013), and will capture phone calls, emails, and web posts and process them by a "supercomputer of almost unimaginable speed to look for patterns and unscramble codes."

While DOD is most interested in "deepnet"--"data beyond the reach of the public" such as password protected data, governmental communications, and other "high value" information, the article goes on to describe "electronic monitoring rooms in major US telecom facilities" to collect information at the switch level, monitor phone calls, and conduct deep packet inspection of Internet traffic using systems (like Narus).

Despite accusations of massive domestic surveillance at this center, Fox News (28 March 2012) this week reported that those allegations have been dismissed by NSA. The NSA Director himself, General Keith Alexander provided such assurances at congressional hearings the prior week that the center was not for domestic surveillance purposes, but rather "to protect the nation's cyber security," a topic that he is deeply passionate about. 

Certainly new technologies (especially potentially invasive ones) can be scary from the perspective of civil liberties and privacy concerns.

However, with the terrorists agenda very clear, there is no alternative, but to use all legitimate innovation and technology to our advantage when it comes to national security--to understand our enemies, their networks, their methods, their plans, to stop them, and take them down before they do us harm.

While, it is true that the same technologies that can be used against our enemies, can also be turned against us, we must through protective laws and ample layers of oversight ensure that this doesn't happen. 

Adequate checks and balances in government are essential to ensure that "bad apples" don't take root and potentially abuse the system, even if that is the exception and not the rule. 

There is a difference between the big brother who is there to defend his siblings from the schoolyard bully or pulls his wounded brother in arms off the battlefield, and the one who takes advantage of them.

Not every big brother is the Big Brother from George Orwell's "1984" totalitarian state, but if someone is abusing the system, we need to hold them accountable. 

Protecting national security and civil liberties is a dual responsibility that we cannot wish away, but which we must deal with with common sense and vigilance.  

(Source Photo: here)

Which Big Brother