As if the commuting to work in the Washington, DC area isn't terrible in and of itself (it is the second worst in the US after Los Angeles), yesterday two independent computer problems helped make it even less enjoyable.

First, the computerized traffic management system in Montgomery County, Maryland, a northern suburb of DC, had a major problem where over 750 traffic signals would not go into rush hour mode at 0300 Wednesday morning, causing both major morning and evening rush hour traffic problems. As of 2300 Wednesday night, traffic engineers still had not determined what was wrong with the system, but were hoping to have it working before the morning rush hour. The County is also offering free bus rides on the County's extensive Ride On bus system.

On top of that, the Washington Post  reported that at 0245 Wednesday morning, a power failure caused a system-wide malfunction at the Washington Metro headquarters in Northwest Washington. This in turned caused a system-wide communications failure, as well as knocked out the use of the farebox system on buses, silenced Metro train station public announcements, took out Metro's Web site, and kept many commuters from using their debit cards to pay for fares, among other things. While no buses or trains were kept from running, it just added to the day's commuting mess.

Services on the Metro were returning by late morning and early afternoon.

The two incidents serve to highlight the fragility of and dependency on the region's IT infrastructure. In Metro's case, it was a single point of failure for a three-decades old power unit for which it did not have a back-up. In Montgomery County's case, the problem also was blamed by County officials on an aging traffic management system.

The US National Highway Traffic Safety Administration (NHTSA) sent a strong - but also highly ambiguous - message to Toyota yesterday.

In a story reported nationally on ABC World News, the NHTSA said that Toyota's recall of 3.8 million floor mats which can pose a danger of creating a "runaway car" (see my blog posts here and here) did not close the issue:

"This matter is not closed until Toyota has effectively addressed the vehicle defect by providing a suitable remedy.”

The NHTSA also said, according to the report, that it was discussing “what the appropriate vehicle remedy or remedies will be."

The NHSTA did not state what the "vehicle defect" is or the potential remedies, although many owners of Toyota vehicles experiencing sudden unintended acceleration (SUA) speculate that there is something wrong with the software and or electronics that involve their car's throttle control. Some owners involved in SUA accidents have brought lawsuits against Toyota blaming the underlying cause of the accidents on an unspecified computer error; the NHTSA statement yesterday will no doubt spur more lawsuits.

Toyota has vehemently denied software or electronics is the cause (see a video by Toyota Motor Sales Senior Vice President Bob Daly on the subject here), pointing out that the NHTSA has conducted six investigations of SUA and has never found a software or electronic cause.

For Toyota's part, it had better be correct that software or electronics are not involved in the SUA some of its car owners' have experienced. If it turns out to be the case, expect Toyota to suffer a public backlash significantly worse than Ford did during its Firestone tire fiasco.

ABC News has “helpfully” posted a video on how to stop a runaway car here.

Don’t expect this controversy to die anytime soon.

There was a disturbing story in the Baltimore Sun last week about a woman who lost her job because a government background check labeled her "unsuitable" for a low-level security clearance. The clearance was required for a contract her employer, Corporate Mailing Services, won with the US Social Security Administration (SSA).

Problem was the background check was wrong. Seems there was an error in the FBI's National Crime Information Center's (NCIC) database that the SSA used to conduct the woman's the background check.

After the woman was fired, the SSA sent a letter to her employer saying that she was in fact "suitable", and sent another a few weeks later saying that she was approved for the clearance.

However, Corporate Mailing Services refused to rehire the woman, saying first that it was reorganizing her department, and then later that she had work performance problems, something the woman strongly denies.

The woman, who is 58 and has been out of work since July when she was terminated, can't find a new job, has bills piling up, and has little legal recourse as it turns out. Her employer has a right to terminate her and not rehire her, and the neither the SSA or the FBI says it can be held liable or responsible since the error was corrected.

In fact, the story notes that the FBI can't explain why the error happened in the first place. The FBI also says it doesn't "maintain or track error rates."

I would be curious to see whether the NCIC operation has won any quality awards.

The SSA admits that "it is a horrible situation" for the woman, but that it can't do anything to make the employer rehire the woman.

A congressman, Representative Roscoe G. Bartlett, the Sun reports, has tried to help the woman without much luck, and is now considering legislation "to address future similar situations where inaccurate government criminal background checks are the cause of action for loss of jobs for government work."

It couldn't come soon enough, given that NCIC as well as other government databases have known data quality problems. At the very least,  NCIC should be forced to maintain and track its error rates.

I think there should also be redress in any case where incorrect government information causes material harm to a person, plain and simple.

As noted in the story in the Washington Post last week, 1,600 people are added daily to the FBI's terror watch list, which now contains over 400,000 unique names and over 1 million entries.

Not surprising, there are known errors in Google Maps. Streets are mislabeled, businesses are shown in locations that are incorrect, etc. For example, problems with the map of Toronto can be found here, including the inclusion of two CN Towers  standing next to one another in street view.

Rarely are things completely fouled up.

There was an neat little story in London Telegraph over the weekend about Google maps and the town of Argleton, Lancashire, England, postcode L39. Turns out you can find the town on the map, along with views of various homes, job listings and even dating listing.

Trouble is, there is no such town: only an empty field occupies the space.

The listed information is real, but belong to people, businesses, etc. who live in another part of the L39 postcode.

The Telegraph story says, "Google and the company that supplies its mapping data are unable to explain the presence of the phantom town and are investigating."

A spokesperson for the Dutch company Tele Atlas, which provided the information to Google said that, "Mistakes like this are not common, and I really can't explain why these anomalies get into our database."

The Telegraph, however, says that," 'Argle' echoes the word 'Google', while the phantom town’s name is also an anagram of 'Not Real G', and 'Not Large'."

One explanation is that the town was placed there as a "trap" to see who might be copying Google maps and violating its copyrights. Sometimes maps contain "trap streets" just for this purpose.

Another explanation is that is really the future location of England's Area 51 or possibly the "real" location of Hogwarts (apologies to Alnwick).

All other explanations are welcome - let the conspiracy theories begin!

Last year I wrote a story for Spectrum on in-flight entertainment systems and how airlines use them not only to attract new business but also to relieve the stress of passengers cooped up in a confined space for hours on end. However, an article in today's Bloomberg News indicates that providing passenger creature comforts may have gone a step too far, at least in regard to the Airbus A380.

As noted here and here, Airbus has had trouble producing the A380, which was delivered 2 years behind schedule and double its originally estimated $6 billion cost. French and German engineers used different software tools which led to early production planes having to be rewired. 

According to the Bloomberg story, another production problem has been that Airbus has allowed the airlines to extensively customize the A380. For instance, airlines in addition to installing state-of-art in-flight entertainment systems, have added showers, enclosed suites and bar lounges which have proved popular with both passengers and the airlines but have caused problems for engineers in trying to ramp up production.

Bloomberg quoted Rupinder Vig, an analyst at Morgan Stanley in London, as saying, "They [Airbus] customized the plane to death, and that’s preventing them from reaching the production levels they'd talked about."

Airbus Chief Executive Officer Thomas Enders admitted to Bloomberg that customization has proved to be "a big challenge" - i.e., a big headache, especially to the Airbus production engineers who are trying desperately to increase production line efficiency. The Bloomberg article says the engineers are "irked" by all the changes.

Boeing, the article goes on to say, limits the amount of airline customization in its 787 Dreamliner by having a pre-set number of different customization packages available for airlines to choose from. Then again, Boeing's 787  doesn't have much cabin space to play with as an Airbus 380. Airbus markets this extra space as "more room to breath" in.

Probably the only saving grace is that the world-wide recession has slowed the demand for the A380, with 13 of the 16 airlines who ordered the aircraft pushing back their desired delivery dates. Lufthansa announced just yesterday that it was deferring delivery of 15 of its order of A380's, for example.

However, as the article notes, the additional costs incurred by the mass customization haven't helped Airbus' bottom line, and there are doubts about whether the plane will ever turn a profit.

In July, I wrote about Secretary of Veterans Affairs Eric K. Shinseki taking the unheard of decision to temporarily halt 45 information technology projects which are either behind schedule or over budget. These projects, Shinseki said, would be reviewed, and he and the VA's CIO Roger Baker would then determine whether individual IT projects should be continued or scrapped.

Government Computing News (GCN) reports this week that 15 of the 45 IT projects are going to be stopped or have their funding cut. Another 17 have committed to meeting milestones to deliver new functionality to customers, while the final 13 have been re-planned or restarted.

GCN quotes W. Scott Gould, Deputy Secretary of the VA., as warning the 17 projects that,

 "... basically you've got 60 days. You tell us what that new schedule is and if you don't make it we're going to shut you down,... Many projects, frankly, are challenged by the inability to meet basic cost and schedule performance measures."

Gould made the remarks at the Executive Leadership Conference in Williamsburg, VA sponsored by the American Council for Technology and the Industry Advisory Council.

Bravo!

It is about time an organization held IT projects - government and contractor-led - accountable for their promises.

Secretary Shinseki, Deputy Secretary Gould and CIO Baker deserve praise for courage under what has been no doubt some political fire. I am quite certain that all three have been fielding phone calls from disgruntled US Congressman and Senators demanding to know why their constituent's IT project was canceled.

Let's hope their idea spreads across government, as well as into the commercial sector where too many projects are also abject blunders.

An article this week at The Register states that between November 2008 and September 2009, there were 356 self-reported data losses this year by UK companies and government departments. In the same time frame a year before, there were 190 such incidents reported.

The information was compiled by Software AG, which used a Freedom of Information Act request to get the data from the UK Information Commissioner's Office.

After a rash of commercial and especially government data losses last year and in 2007, the UK government promised that data security would be improved, including the encryption of personal data..

The data released by Software AG show otherwise.

Here the US, ComputerWorld reports that CalOptima, an integrated health care system that administers health insurance programs for Orange County, California children, low income families, and persons with disabilities, announced last Friday that 68,000 of its members personal information including member names, home addresses, dates of birth, medical procedure codes, diagnosis codes and member ID numbers, and an unspecified number of Social Security numbers may have been compromised.

The information, CalOptima stated, was on several unencrypted CDs that were sent by a claims processing vendor to CalOptima by US Postal certified mail. The mail package containing the CDs showed up, but the CDs were missing.

CalOptima will be sending out notices soon to those affected.

Last month I blogged the University of North Carolina School of Medicine at Chapel Hill discovering in late July that one of its servers had been hacked into, and that the social security numbers of 163,000 women participating in a UNC medical study were at risk.

In a follow up story in the Winston-Salem Journal  a few days ago, many of the women who had their personal information hacked into did not know that their private medical information was being used in a federally mandated study.

It turns out that, as the W-S Journal, notes, "Federal regulations allow radiologists to submit the information to the registry without getting permission from their patients because it is a population-based study dealing with large amounts of data, officials say."

As electronic medical records become more prevalent, it will be "interesting" to see what happens in terms of hacker activity when tens of millions of records start to become aggregated for federal government research programs. They would certainly make highly lucrative targets to go after.

There was also a story earlier this week about hackers penetrating the Swiss foreign ministry's computer systems, forcing elements of it to shut down for several day. The AFP story says that "well hidden" hacking software was found on the 22nd of October.

In addition, a story in the London Times late last week, said that Zurich Insurance had admittedly losing a tape a year ago containing the confidential personal details of 51,000 of its British, 550,000 of its South African and 40,000 of its Botswana customers. A Zurich spokesperson was quoted as saying that the loss was "unacceptable." 

Also, a Washington Post story in Brian Krebs' Security Fix blog reports that hackers have stolen over $40 million from 205 small and mid-size US businesses over the past four years. The attacks have the same general modus operandi: use malware infected spam to get inside the business's computing systems to steal banking credentials. Then once captured, the hackers use them to steal from their victim's chunks of money in amounts under $10,000 to avoid alerting the bank's anti-money-laundering reporting requirements.

The FBI, which provided the information, says that small and mid-size businesses need to be increasingly aware of this problem, which apparently is growing.

This is probably good advice. This story last week in Government Computer News says that over the last few months, there have been repeated spikes in computer viruses that are not being detected by major antivirus software programs. The information from the story comes from a report by the security firm Commtouch.

Virus writers are moving to guerrilla hit-and-run tactics, distributing massive outbreaks of a variant of a single virus in hopes of compromising a large system somewhere before the antivirus companies can react.

Lovely.

There was a story in yesterday's Chicago Sun-Times about the US electronics retailer Best Buy's decision to start selling the Insignia Little Buddy Child Tracker which, the article says, "... combines global satellite positioning and cellular technology to signal the child's whereabouts to a computer or smartphone."

The ad at the Best Buy site goes on to say, "Customizable safety checks allow you to establish specific times and locations where your child is supposed to be - for example, in school - causing the device to alert you with a text message if your child leaves the designated area during that time. Additional real-time alerts let you know when the device's battery is running low so you can take steps to ensure your monitoring isn't interrupted."

Parents, the ad says, can fit the device "easily into a backpack, lunchbox or other receptacle."

Hmm, a digital handcuff without the messiness of a handcuff.

The price is $99.99 and comes in blue or green. This report says that the Little Buddy has drawn so much interest it is on backorder already.

The pictures accompanying the ad also seems to show that the location is mapped to a satellite photo and provides a distance accuracy measurement (e.g., 378 yards). You can also see how one can set up a safety zone which will trigger an alert if the child wanders out of it at a specified time. It might get interesting if the zone is drawn too small for the accuracy of the device.

I can see this not only being attractive to helicopter parents, but other adults who will likely be buying these things to spy on, err, keep track of their spouses, boyfriends or girlfriends as well. Maybe employers will buy them too?

Would you buy one to keep track of your children, grandchildren, or significant other?

At the very least, Best Buy is starting a price war in low cost personal tracking devices, which typically run two to three times its $99.99 offering.

As you all probably know by now, the two Northwest Airlines pilots who flew 150 miles past the Minneapolis International Airport have had their licenses revoked by the US Federal Aviation Administration (FAA) for 

"... violations of a number of Federal Aviation Regulations. Those include failing to comply with air traffic control instructions and clearances and operating carelessly and recklessly."

The pilots claim that they had lost track of time while they were working on their laptops trying to figure out their flying schedules. Others believe they had fallen asleep and refused to admit it.

Northwest Airlines said using the laptops was in violation of company policy and it would seek to terminate their employment there. Many airlines also ban any distractions including reading material while a flight is in progress.

On top of the obvious, "What the hell were they thinking?" question, is another about the role of automation and its seductive powers. Accepting the pilots' story on the face of it - which I admit I am skeptical of - it does show a remarkable confidence in the aircraft's automated flight systems, to the point of nonchalantly ignoring them.

There was a video story on yesterday's ABC's World News called "Automation Addiction" that tried to address this issue. Essentially, the story says that many pilots find it hard to not let themselves become complacent or distracted because the aircraft systems are so capable and reliable.

For instance, a story in the Wall Street Journal last week said,

"Commercial pilots are finding they have less to do during routine portions of flights as engines, navigation devices and automated flight-management systems have become more sophisticated and reliable.

"Equipment malfunctions occur so rarely that one of the biggest worries among safety experts is how to keep pilots engaged in monitoring flight instruments. Crews, meanwhile, look for ways to fill idle time on long flights, sometimes leading to spells of inattention."

The ABC News story said that on the new Boeing 787 Dreamliner, pilots will get a written alert and then an alarm will sound if activity isn't detected in the cockpit after a certain amount of time.

Maybe what is needed is for airline pilots to be required to push a button every few minutes like many train engineers have to do to show that they are awake. Although has Homer Simpson showed in the episode, King-Size Homer, ways can be found around that as well.

In a follow-up story to the one the paper did last week (and one I also discussed) concerning the fatal sudden acceleration crash involving a Toyota LexusES 350, the Sunday edition of the LA Times said that a National Highway Traffic Safety Administration (NHTSA) investigation into the accident found that the car's gas pedal design may have been a contributing factor.

As a result of the crash, Toyota recalled 3.8 million Toyota and Lexus cars last month to remove their floor mats which could jam the gas pedal in the full throttle position (also called "floor mat entrapment").

The LA Times article says that while the NHTSA has not drawn any conclusions about the cause of the San Diego car crash that killed California Highway Patrol Officer Mark Saylor and three members of his family, investigators did find that in regard to the design of the Lexus' accelerator, 

"Beyond the main pivot, the lever is not hinged and has no means for relieving forces caused by interferences,"

The LA Times noted that Toyota is considering a redesign of its gas pedal as a solution to its current floor mat problem.

The NHTSA also said in its report that instructions for turning off the Lexus while it is engaged were "not indicated on the dashboard."

As I mentioned before, to turn off the Lexus ES 350 which has a electronic pushbutton ignition, you must hold down the start button for three seconds. The current Lexus ES 350 user's manual does state this fact, but I don't believe there is any requirement for placing a warning about this procedure on the dashboard, as far as I know.

For those readers who own or have driven cars with electronic ignitions, let me know if there is (or is not) any warning label on how to turn your car off in an emergency on the dashboard, if you would. Please include the make and model of the car.

A couple of tidbits of extra information related to this story I found in doing some background research.

Runaway cars has been a problem for at least thirty years, and has happened so often that it has a formal name:  "sudden unintended acceleration" or SUA. A San Diego Union-Tribune story says that there have been over 24,000 consumer complaints to the NHTSA regarding SUA over the past ten years involving almost every car manufacturer. The NHTSA has conducted some 20 investigations over that time and has ordered over 30 SUA-related recalls.

According to this blog post in the New York Times, in March 2007 the NHTSA undertook an investigation of 2007 model Lexus ES 350 after receiving SUA complaints from five drivers. As a result of their investigation, in September 2007, Toyota issued a recall of 30,500 2007 and early model 2008 Lexus ES 350 and 24,500 2007 and early model 2008 Toyota Camry optional All Weather Floor Mats because they could lead to possible accelerator entrapment.

The New York Times post said that the NHTSA continued after the recall was issued looking at the SUA problem in Lexus cars, and found that they could not find any electronic nor magnetic field source for the reported SUA. What they did find, however, was that the car's accelerator design allowed it to easily become entrapped by driver side floor mats when they were not secured properly.

In addition, the NHTSA found braking issues once a Lexus ES 350 experienced SUA: "With the engine throttle plate open, the vacuum power assist of the braking system cannot be replenished and the effectiveness of the brakes is reduced significantly;" stopping distance "increased from less than 200 feet to more than 1,000 feet."

More interestingly, the New York Times post says that the requirement to depress the start button 3 seconds to stop a Lexus ES 350 once it was moving apparently was not in the car's user's manual until the 2009 model.

It is in the 2009 Lexus user manual, but I would think that Toyota might want to send a notice to drivers of their older model cars.

A story in USA Today seems to provide an explanation as to why this wasn't done previously.

It turns out that Toyota engineers choose the 3-second requirement on purpose. They didn't want drivers accidentally turning off the car's engine by inadvertently hitting the start button, which would make the car difficult to control because power to steering and other controls would be lost.

The USA Today story quotes a Toyota spokesperson as saying, "That feature [the 3-second deactivation requirement] is a safety feature in (and of) itself. We want to make sure the engine is not shut off inadvertently by touching the button."

However, the other half of the safety equation - desiring to deliberately shutting the engine off - apparently seemed to escape whoever was responsible for approving the Lexus user's manual.

The USA Today story also says that Toyota does not currently have plans to put a warning label near its starter buttons, and also that the NHTSA currently believes that it sees nothing intrinsically wrong with push button starters.

USA Today quotes an NHTSA spokesperson as saying that, "It's a new technology that drivers need to familiarize" themselves with.

I guess it would help if manufacturers bothered to explain fully how this feature and others did and didn't work to drivers of their cars.