There was an interesting story by the BBC this week on the Colossus Mark I code breaking computer developed at Bletchley Park, the site of the UK Government's Code and Cipher School.

The Colossus was the world's first large-scale, electronic programmable computer, preceding the ENIAC - which most computer historians had credited with being the first electronic computer - by almost two years. The existence of Colossus was not generally known until 1975 when a picture of it was declassified; in 1983, how it functioned was finally described; and in 1996, the US government - not the UK - declassified exactly what Colossus was used for.

The BBC story has a video interview with Captain Jerry Roberts, the sole surviving member of Testery, a code breaking unit that used Colossus to break wartime codes beginning on the 5th of February 1944. Colossus required 1500 vacuum tubes or "valves" and could process 5,000 characters per minute. A later model doubled that speed.

Professor B. Jack Copeland wrote an article for the 2004 IEEE Annals of the History of Computing called "Colossus: Its Origins and Originators" as well as edited a book called Colossus: The First Electronic Computer which was published in 2006 for those wishing more information.

A total of ten Colossi were eventually built.

Various news reports like this one from the BBC and this one from The Register say that the Greater Manchester Police discovered that their computer system had been infected with the Conficker worm last Friday. As a result, the police had to disconnect from the UK's national criminal database to keep it from spreading for some five days until it was completely eradicated.

While emphasizing that the crime log system was not tampered with and that day-to-day policing wasn't affected, the Greater Manchester police could not run checks on suspects, vehicles or property using the Police National Computer.

While it is not known how the system became infected, the betting is by an infected memory stick.

It was a year ago next week that Microsoft offered a $250,000 reward for information that results in the arrest and conviction of those responsible for illegally launching the Conficker worm on the Internet.

Still no reported takers.

Yesterday, Dennis Blair, the US Director of National Intelligence, testifying before the US Senate Select Committee on Intelligence agreed that Al Qaeda and its affiliates had made it a high priority to attempt a large-scale attack on American soil within the next three to six months says a story the New York Times. His assessment was confirmed by the FBI and the CIA.

What this attack will be was not stated, but there were strong hints that the expectation was that it wasn't going to be a 9/11 type-situation, the Times reported.

CIA Director Leon Panetta said that, "The biggest threat is not so much that we face an attack like 9/11, It is that Al Qaeda is adapting its methods in ways that oftentimes make it difficult to detect."

Director Blair emphasized in his written testimony that the threat of a crippling cyber attack on the US telecommunications and other computer networks and electrical grid was increasing:

"Malicious cyberactivity is occurring on an unprecedented scale with extraordinary sophistication... Sensitive information is stolen daily from both government and private-sector networks, undermining confidence in our information systems, and in the very information these systems were intended to convey."

Director Blair also admitted that some of the attacks have been successful, and that their origins are unknown.

"We often find persistent, unauthorized, and at times, unattributable presences on exploited networks, the hallmark of an unknown adversary intending to do far more than merely demonstrate skill or mock a vulnerability."

Now, given that Director's written testimony amounted to 47 pages of potential threats to the US, a cyber-attack must be placed into some context. But cyber threats and risks were the first topic of his testimony, so my guess is that a cyber-attack is a pretty significant worry.

Making it more so is a story in today's ComputerWorld that while companies and governments are getting better at addressing new cyber threats, old ones are being ignored, unnecessarily leading to compromised systems. ComputerWorld cites a study by security company Trustwave as a source for its information.

ComputerWorld also has a story saying the US House of Representatives will be voting today on the Cybersecurity Enhancement Act of 2009 (HR 4061) which aims at increasing funding for cybersecurity research and to train more cybersecurity experts.

It's probably only a decade or so late.

It is never good for a company to embarrass a government regulator, or ignore a software titan. Toyota has managed to do both.

The on-going saga of Toyota and its runaway cars went into overdrive yesterday when US Secretary of Transportation Ray LaHood very pointedly said,

"While Toyota is taking responsible action now, it unfortunately took an enormous effort to get to this point. We're not finished with Toyota and are continuing to review possible defects and monitor the implementation of the recalls."

The US Department of Transportation (DOT) and the National Highway Transportation Safety Administration have been highly criticized for their perceived lack of leadership, oversight and direction in regard to Toyota customers' runaway car complaints.

Stung by the criticism aimed his way, Secretary LaHood publicly blasted Toyota executives in Japan during an interview with AP for dragging their feet, for being "safety deaf" to the problem, and said that the US had to remind Toyota of its "legal obligations." He also said that it may be the largest safety issue ever faced by DOT.

"This is a big deal, this is a big safety issue," Secretary LaHood said.

Secretary LaHood all but said that Toyota can expect a large civil fine for how they have handled the situation. The current cost of the recall is estimated to top $900 million.

And it may climb.

DOT investigators are now going to seriously look to see whether there are any electronic throttle control problems which may be causing runaway cars, which Toyota strongly denies is the case.

However, Toyota's denials were undercut yesterday when word leaked out that Toyota officials had told US congressional investigators that "causes of unintended acceleration are ‘very, very hard’ to identify" and that sticking pedals are "unlikely to be responsible" for runaway cars traveling faster that 60 mph.

To cap off another bad day, Apple co-founder Steve Wozniak went public with a story that was carried internationally about his Prius that also sometimes does a runaway when he uses his cruise control. He said that he tried to get both US safety regulators and Toyota's executives to listen to his complaints, but they ignored him. So Mr. Wozniak decided to go public and state his belief that a software problem is behind it.

Mr. Wozniak better hope his brakes work.

Today, the Japanese government ordered Toyota to investigate possible brake defects in its Prius cars.

Mr. Wozniak owns four Priuses.

There was an amusing story in last week's London Daily Mail about a Birmingham, England council-owned parking garage that has a ticket dispenser that switches from English instructions to German instructions on its display screen when the parking garage is full. Locals are apparently not amused.

According to this story a few days later, the city of Birmingham changed the parking garage's software in December when the city hosted its Frankfurt Christmas Market.

Unfortunately, the exact nature of the change was changed is not explained - I assume it was for the expected German visitors' benefit. For instance, were the parking garage's instructions now given in both German and English instead of just English? If so, was it for a specific period of time, since German instructions now seem only to appear when the parking garage is full. 

If the parking instructions were not given in both German and English, it would seem to be a bit silly to have a software "upgrade" so that the instructions were in English only when the parking garage was not full and in German when it was.

What, did the ticket dispenser's software designers think that German visitors are able to read and understand English when a British parking garage is empty but lose that ability when it is full?

The Daily Mail story shows a photo of the dispenser with a little paper sign attached to it that says helpfully that, "If display shows German writing it means car park is full. Please wait until display returns to English before obtaining ticket."

Plans are in the works to fix the software.

Toyota USA officially announced yesterday that it had found a solution for "sticking" accelerator pedals that prompted it to recall millions of its vehicles last week and stop production of those vehicle models at its plants.

According to Toyota's press release, "Toyota’s engineers have developed and rigorously tested a solution that involves reinforcing the pedal assembly in a manner that eliminates the excess friction that has caused the pedals to stick in rare instances.  In addition, Toyota has developed an effective solution for vehicles in production."

Parts are being shipped to Toyota dealers which will be working around the clock literally to install them on the affected recalled vehicles, the company says.

Toyota believes that the fix and the replacement of car mats will solve the dual problems of sticking accelerators and sudden unintended accelerations (SUA) that have been reported in its vehicles.

Others are not so sure. There still remains a strong suspicion by many Toyota owners and others that there is also problem with Toyota's electronic engine control technology. A story in yesterday's Detroit Free Press has likely served to increase that suspicion.

The story says that theoretically, a cell phone, satellite radio or even a restaurant's large microwave could cause an electronically controlled car's accelerator to surge out of control.

The story quotes John Liu, a Wayne State University professor of electrical and computer engineering, who consults to the auto manufacturers as saying, "This problem is well-known to all automakers. If you can solve this problem, you would be a multibillionaire." 

Professor Liu, the story says, compares it to the problem with the jamming of signals on military aircraft.

"The problem is, the expertise for preventing signal jamming rests in the Department of Defense, not the automakers or their suppliers,' Professor Liu says. 

Of course, proving that electronic interference is causing SUA in some Toyota vehicles is another story.

Yesterday, Toyota's U.S. president Jim Lentz was asked by ABC News whether there were any electronic problems with Toyota cars, and he said, "I'm confident that there are no electronic problems."

Today, Executive Vice President Shinichi Sasaki, who oversees quality control at Toyota, also said there were no electronic problems in Toyota's vehicles.

That may indeed be the case. However, other statements by Mr. Lentz makes one wonder if there are not some other problems in Toyota's cars that haven't been discovered yet.

In statements to the press yesterday, Mr. Lentz repeatedly and very carefully said, "These two fixes solve the issues that we know of."

Hmm.

Last year, Toyota said replacing car mats and shaving some gas pedals would solve the problem. Now it says it is car mats on some cars along with pedals wearing on others.  I guess the pedal wearing problem was not a "known problem" late last year, even though the issue was raised by safety regulators in at least 2007.

As I mentioned a few days ago, the House Energy and Commerce Committee of the US Congress announced that it would be holding hearings on Toyota's problems on the 25th of February. In a bid to garner the political limelight, the House Committee on Oversight and Government Reform has decided to hold a hearing on the 10th of February.

Toyota executives as well as the US National Highway Transportation Safety Administration leadership can expect a hostile reception by both committees.

A story in yesterday's London Sunday Times that will not amuse the Chinese government says that the UK security service MI5 is claiming that undercover intelligence officers from the Chinese People’s Liberation Army and the Ministry of Public Security have approached UK businessmen at trade fairs and exhibitions with the offer of "lavish gifts" such as cameras and not so lavish gifts such as memory sticks that contain malware meant to remotely access their computers.

The Times says that the information is in a 14-page MI5 document it has seen. According to the Times, the document states that the Chinese government "represents one of the most significant espionage threats to the UK," and that, "Any UK company might be at risk if it holds information which would benefit the Chinese."

The Times also says that the Chinese are also targeting UK businessmen the good old fashion way as well - i.e., through offers of sex and money.

Accepting free memory sticks at trade fairs - international or otherwise - is pretty dumb, and I am surprised that companies at trade fairs even offer them any more because of the obvious risk. You may recall that a few years ago, thumb drives with malicious code were found lying around the US Department of Justice just waiting for some curious person to plug them into the DOJ's network.

I suppose that some people just can't pass up something that is "free."

News reports say that the two owners of a 7-Eleven franchise in Daytona, Florida "earned" an extra $4.9 million by way of a computer error in their favor. Allegedly, the two were erroneously reimbursed for credit card transactions made at their convenience store that should have gone to 7-Eleven corporate.

According to this news story in the Orlando Sentinel, when the owners took over the franchise from 7-Eleven in July 2007, 7-Eleven corporate made an accounting computer error which allowed the franchise owners to mistakenly receive a transaction fee in their bank account for every credit card used at their store.

From October 2007 until November 2008, the franchise owners received nearly $5 million dollars in credit card fees that should have been sent to 7-Eleven corporate. The only reason 7-Eleven ever found out was that new billing software was installed at the store in November 2008 and the error was discovered.

In the meantime, the franchise owners hid the money among some two dozen different accounts across the state of Florida and refused to turn it over to 7-Eleven corporate when it asked for its money back. As a result, the owners were arrested.

What is a bit surprising is how poor 7-Eleven's internal corporate financial controls were that no one there noticed they were short a few millions of dollars from a franchise with a solid source of revenue. 
 

As most of you probably have heard by now, Toyota Motors has announced several more recalls this week on top of the one the company announced last week in regard to accelerator problems with a number of its vehicles.

On Tuesday, Toyota announced that it was going to suspend the production and sales of the Camry, Corolla and Avalon sedans, Matrix wagon, RAV4 crossover, Tundra pickup, and Highlander and Sequoia sport utility vehicles "until a remedy is finalized" in regard to their defective accelerator pedals.

Next, on Wednesday, Toyota announced that it was expanding the recall list of vehicles with the potential for "pedal entrapment" to now include the 2008-2010 Highlander, 2009-2010 Corolla, 2009-2010 Venza, 2009-2010 Matrix and the 2009-2010 Pontiac Vibe.

Then yesterday, Toyota announced a recall of its cars in Europe and in China.
 
Also yesterday, the US House Energy and Commerce Committee of the US Congress announced that it would be holding hearings on the 25th of February to look into the whole sudden unintended acceleration issue involving Toyota vehicles. The Committee is going to want to know when Toyota knew about the problem and why it has taken so long for the company to address it.

For instance, according to this report, Toyota has known about the problem with sticking accelerators since at least March 2007.

The US Congress will also no doubt be asking Toyota about whether there is an engine electronic throttle-control system (ETCS-I) problem on top of the floor mat and pedal linkage problems it has admitted to, which some are blaming as yet another problem with Toyota vehicles.

Congress will also no doubt ask Toyota why it didn't install a brake override system as standard equipment in its vehicles like other car manufacturers have done.

And after Congress finishes its turn at questioning Toyota executives, the lawyers are then going to get their turn. Lawsuits involving Toyota vehicles and sudden acceleration are springing up like mushrooms after a summer rain.

Toyota's competitors are also getting into the act, with GM and Ford offering incentives to Toyota owners to switch to their vehicles. Other car companies will no doubt be doing the same soon.

The problems with Toyota are also reported to have begun to undermine the confidence of Japanese consumers in the company, something once thought unthinkable.

Toyota no longer looks like the company that could do no wrong. It could be a long while before Toyota gets its reputation for outstanding quality and safety back.

The whole episode is starting to remind me of the problems the US Navy had with fixing its Mark XIV torpedoes in  World War II. For the first 18 months of the war, submarine commanders were reporting that there were a high number of faulty torpedoes.

There were, in fact, multiple flaws with the torpedo design, but the Navy's Bureau of Ordinance stubbornly refused to believe the submarine commanders' reports of reliability problems with the Mark XIV. Instead, it said submarine commanders were using the supposed problems with their torpedoes as an excuse for their own poor seamanship.

It took some time to overcome the opposition of the Bureau of Ordinance, but the flaws were eventually discovered and fixed one at a time and the Mark XIV became a reliable weapon.

There was an article posted on OregonLive.com this week about the continuing problems the city of Portland, Oregon is having with its new $48 payroll and internal operations IT system that went live last June. According to the story, the $19 million over budget, 10-month late system is creating "inscrutable paychecks."

The Portland Police Association, for example, says that half of its members spend on average two hours every week trying to understand if they have been paid correctly. Other city workers' paychecks apparently have missing vacation time or child support payments incorrectly taken out.  Just last Christmas, 1,466 city workers were underpaid anywhere from $0.34 to $3,400.00 while some 134 were overpaid.

Nevertheless, city administrators say that the problems are just normal "teething problems" and state that, "There is a learning curve and anyone who has implemented a system this big knows it takes 18 months to stabilize, and we're only at six." As far as they are concerned, the project is a success.

I do wonder, though, whether an 18 month teething period was explicitly included in the current project plan.

However, what really struck me in the story was this line, "Talk to public employees in Portland and some liken the city's new payroll system to a computer fiasco worse than the great water billing mishap of 2002."

The "Great Water Billing Mishap of '02"?

Growing up in New England, one got used to hearing repeated (and soon to be boring) stories from your parents or grandparents about their experiences during the Great Flood of 1936, the Great Hurricane of '38,  as well as the Great Blizzards of '88 (1888 that is), or '78 or '87 (the latter two I experienced and which I bore my children to tears with stories about - hey, it's tradition!).

Now apparently, we have reached a milestone in the societal impacts of computing that people can now comparing current IT system problems to some other ones they experienced.

I supposed it will only be a matter of time before there are heated arguments over bragging rights regarding whether the IT failure you experienced was really as bad as the one I just went through. And we will no doubt soon begin boring our children with stories of the great IT failures or mishaps we have experienced in our lives.

For the curious, the "Great Water Billing Mishap of '02" in Portland involved the city's water billing system project that was contracted for in 1997 at a cost of $6 million and which was supposed to be operational by December 1998.

In February 2000, after missing numerous go live dates, and with staff warnings of significant defects in the billing software that still had not been fixed, Portland's Water Bureau executives decided to go live with it anyway. Billing problems immediately arose with 40,000 of the Bureau's 186,000  customers.

It takes several years (and another $10 million in direct costs and an estimated $20 -30 million in lost revenue due to faulty customer billing) before the system becomes semi-reliable in its operations. 

In January 2004, Portland decided to scrap the system and begin again (the city was at least able to get the contractor that developed the software to pay the city back $7 million).

You can also read about the development problems experienced with Portland's current payroll system in this 2008 story by Michael Krigsman over at ZDNET.com.

But having read the story, all I can say is that the problems described don't come close to the IT project problems I have encountered. I distinctly remember this one project in 1977 ...