Glossophobia–or the fear of speaking in public–has long been said to be the number one phobia, with 75 percent of people suffering from a form of it. However, a new fear–nomophobia–is said to be rising and may soon replace glossophobia as our greatest fear.

What is nomophobia? According to a 2008 survey of 2163 adults in the UK by YouGov plc underwritten by the UK Post Office Telecoms who coined the term, it is supposedly “the fear of being out of mobile phone contact,” i.e., a no mobile phone phobia.

(Note, "nomophobia" is not a recognized phobia by the Diagnostic and Statistical Manual of Mental Disorders, however.)

According to a Daily Mail article at the time,

“Experts say nomophobia could affect up to 53 per cent of mobile phone users, with 48 per cent of women and 58 per cent of men questioned admitting to experiencing feelings of anxiety when they run out of battery or credit, lose their phone or have no network coverage.”

Apparently, the nomophobia survey findings so concerned the UK Post Office that it created a nomophobia memory guide (pdf) with all sorts of helpful ways to improve your memory so as to not lose your phone.

A recent Daily Mail article now reports that nomophobia affects 66 percent of UK adults. The signs of nomophobia, according to the Daily Mail are:

• An inability to ever turn your phone off
• Obsessively checking for missed calls, emails and texts
• Constantly topping up your battery life
• Being unable to pop to the bathroom without taking your phone in with you.

The Daily Mail cites a 2012 survey by the security company SecurEnvoy that states that young people aged 18-24 are the most nomophobic (77 percent), while those in the 25–34 age group are second at 68 percent. In addition, some 41 percent of those surveyed carry two (or more) phones to make sure they are never out of contact.

Furthermore, people on average check their phone 34 times a day the SecurEnvoy study claims (as comparison, this New York Times article cites a study from 2008 that reports that a “typical information worker” checks his or her email program more than 50 times a day).

SecurEnvoy undertook the study in part to see how important securing their phone is in case of it being stolen or lost, which apparently happens a lot. Unsurprisingly, some 46 percent of those surveyed don’t use any type of security on their phones, while 41 percent use a four pin access code, 10 percent encrypt their phones and the remaining 3 percent use two factor authentication technology.

So, do you suffer from "nomophobia," and does it extend to other mobile devices (iPadaphobia or Kindophobia?) as well?

The Victorian state government finally decided last week to throw in the towel on the nearly decade-long implementation of its HealthSMART e-health record system project after recognizing that the "e" actually stood for an "extravagance" it could no longer afford.

In 2003, Australia’s Victorian government embarked on an ambitious modernization of the state’s health IT infrastructure. The idea was to combine its health-related financial systems with its patient record management systems through the creation of a comprehensive, Victoria-wide electronic health record (EHR) system. The original HealthSMART project budget was $A323 million and a completion date was set for June 2007. However, by the end of 2007, while some 57% of the money had been spent, only 24% of the project had been completed. Projected costs to complete had risen to $A427 million, and a roll out date was estimated to be sometime in late 2009. There was talk at the time of cancelling the project, but the government decided to keep the effort alive given what it believed to be its significant potential benefits.

By late 2010, questions were again being raised, especially by the newly elected Baillieu government about whether HealthSMART should indeed be cancelled. The completion date had now slipped to sometime late in 2012, and the project costs were still rising, with at least another $A100 million being seen as needed to finish the job. The government decided, after lobbying by the Australian Medical Association Victoria and others, that it was in a “In for a penny, in for a pound” type of situation, so it held its collective nose, and soldiered on.

However, by early this year it became increasingly apparent that the end of the EHR effort was still not in sight, even though $A566 million had now been spent on it. So last week, the Victorian government decided it was no longer going to “throw good money after bad,” ZDNet Australia reported. It scrapped the project, but announced a new plan to set aside $A100 million to help individual hospitals improve their health IT. Health Minister David Davis was quoted in the ZDNet story as saying that:

“In those hospitals where it has been put in place or partially put in place, health services will make their decisions from that position, but going forward, beyond that, health services will be able to examine what is appropriate for their particular service.”

Shades of what happened in the UK with its national EHR program.

That said, at the national level, the Australian government is still continuing its support of the controversial personally controlled electronic health records (PCEHR) system, which is supposed to begin its roll out across Australia this July. Prime MInister Gillard's government has recently even allocated $A233 million in this year’s budget (on top of the original appropriation of $A466 million) to bolster the effort's probability of success.

At the same time, the government has also been trying to dampen down expectations about the PCEHR system, saying that it will take years before it will actually be useful. But the government predicts that the changes it will make in the way medical data is handled will eventually save Australia $A15 billion in government-related health costs by 2030. Given the current state of the PCEHR system and the lukewarm support of it by the Australian populace and medical profession, that amount sounds more like political wishful thinking that an estimate grounded in economic reality.

If you are a Delta Sky Miles frequent flyer member and purchased an airline ticket in the past three weeks, you may want to see whether you overpaid for your ticket by a significant amount.

According to Minneapolis, Minnesota, television station WCCO, passengers purchasing Delta plane tickets via their online Delta Sky Miles accounts during that period were shown airfares that were sometimes hundreds of dollars more than those listed when the passengers didn’t use their Sky Miles account numbers.

WCCO reported that customers who complained to Delta about the issue were told by reservation agents that, “that’s the way the system works.”

However, when reporters from the station started to investigate the complaints, Delta quickly looked into the matter and belatedly admitted that the issue was the result of a computer error. An AP story states that Delta has been working on “upgrading elements of its website for more than a year. An upgrade less than three weeks ago to its flight search engine caused the fare discrepancies.”

Despite knowing that a software glitch is causing some of its most loyal customers to be fleeced, Delta said that it “wouldn't be notifying customers of the problem but if travelers call, they will look into it on a case-by-case basis.”

How very nice of them. I guess this is what Delta means when it states on its website:

"So many privileges just waiting for you with a free SkyMiles account."

You would think that irritating your best customers is not in your best interests, but that seems never to enter the business equation—at least not in the airline business.

By now, most of us know not to click on those links in unsolicited e-mails. But apparently Internet fraudsters are still finding plenty of victims.

The number of complaints reported to the U.S. government rose 3.4 percent in 2011, to 314 246, according to a recent report (pdf) by The Internet Crime Complaint Center (IC3), a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). The crimes resulted in financial losses of US $485 million last year.

And the victims aren’t just unsuspecting consumers, but sometimes sophisticated professionals you’d think would know better. The IC3 reports that law firms have been defrauded of millions of dollars in various debt collections scams. The firms are typically contacted via e-mail for help with debt collection, a divorce settlement or real estate purchase. The firms receive checks for large sums, usually $100,000 or more, from the alleged debtor and are told to wire the money, minus the firm’s fee, of course, to the purported client’s bank, usually located in Korea, Ireland, China or Canada. The original checks turn out to be counterfeit, and the law firm is out tens of thousands of dollars.

That’s a twist on one of the most common types of Internet scams, which asks for help in moving large amounts of money and sends a large check to the victim first, which tends to convince the victim it’s legitimate. Indeed, who hasn’t at some point received a desperate plea from a wealthy Nigerian desperately trying to transfer his millions out of the country. In fact, the IC3 reports that a court in Lagos, Nigeria, has granted the extradition of Emmanual Ekhator to the United States. Ekhator allegedly defrauded U.S. law firms of more than $29 million using such schemes. He is scheduled to stand trial in Pennsylvania.

The lesson here is obvious: if someone’s sending you money, be very suspicious. The government has set up a website to check for the most common scams: http://www.lookstoogoodtobetrue.com/

Other popular types of scams reported to IC3 include:

• Convincing a victim to pay for goods or services in advance, then never delivering.
• Stealing personally identifiable information and using it to commit crimes (identity theft).
• Posing as an FBI agent to defraud victims.

Apparently, people drop their fraud guard when an e-mail comes from a government entity, something that criminals take advantage of. Although the report says that “government agencies do not send unsolicited e-mails,” that’s not exactly true. They do, however, send unsolicited regular mail, like tickets issued when a camera catches your car speeding or running a red light. And few people will draw a distinction between print mail and e-mail. The IC3 got more than 70 complaints over a four-month period last year from New York state residents who’d paid traffic tickets they’d received by e-mail from a spoofed web address for the New York State Police. The e-mail told victims to print the ticket and mail it along with payment to an address that was supposedly a courthouse. It’s bad enough getting caught by those camera speed traps and being sent a legitimate ticket. How mad would you be if the whole thing was a fraud? Best to call the police before mailing it in.

Clocks on VCRs were once considered too difficult for the average person to program properly. Now, apparently, so are new automobile dashboards.

According to a story at the Wall Street Journal last week, auto manufacturers are strongly encouraging their dealers to add a “technology specialist” to their staff, whose purpose is to help customers figure out how to use all the digital technology packed into new cars. The Journal says that the automotive manufacturers are worried that the increasing level of technology found in new vehicles is creating a “skills gap” between what a typical customer understands and their car’s digital capabilities.

Ford is taking a lead role in encouraging its dealers to hire someone for the specialist role. Why? Ford is getting nervous, says the Journal.

“The auto industry is motivated in part by fear. Ford Motor Co. last year was jolted when Consumer Reports panned its MyFord Touch system, echoing customer complaints that it was annoying to operate. Ford is now accelerating efforts to persuade dealers to dedicate more time and personnel to hands-on technology training.”

And customer annoyance quickly can turn into a financial issue:  the industry is worried that “failing to educate customers eventually will hurt profits.” As one executive at Mercedes Benz U.S., which is also working on ways of how to best educate its customers, told the Journal, “How are you going to get people to pay for it [new technology] if sales people can't articulate the benefits?”

Lexus is another car manufacturer that is investing significant funds into training and digital tools to help its own dealers understand how its cars electronics work, the Journal article states.  In fact, Lexus is now mandating that all its dealers must spend more time training customers on the technology present in Lexus vehicles. You may recall that the US congressional investigations into Toyota’s sudden unintended acceleration problems were sparked in part by an accident several years ago involving an off-duty California Highway Patrol officer who was killed along with his family because he could not figure out how to turn off their borrowed Lexus ES 350 electronic ignition after a floor mat becoming stuck in the car's accelerator pedal.

Of course, it might help if car designers spent a little more time with their human factors counterparts to make the operations of the electronics more transparent and easy to use. There has been several occasions where I would have been more than pleased to explain in detail to the designers of several of the electronic systems on my Toyota Sienna how they got it dreadfully wrong. Needing a couple of hundred page manual  to explain how to use my car’s electronics is a symptom of the problem.

The good news, however, is that I expect the issue will finally go away once we are all in our autonomously driven cars, at which point we will have unlimited available time to figure our car’s electronics.

For many people, cellphones aren’t just a mode of communication, they’re lifelines. Sure, we laugh or roll our eyes at stories about people who are seemingly addicted to their "Crackberries," and get annoyed at the loud talker on the bus or the gem of a person who’ll answer calls in a movie theater. Still, it’s clear that cellphones solve more problems than they create. That is, unless you desperately need to make a call and find yourself in a dreaded dead zone.

That was the tragic situation that befell Arthur and Madeleine Morris, an elderly New York City couple whose vehicle fell down an embankment near the end of the driveway of their vacation home in New York’s Catskills region. After it became clear that the car was stuck, they made five unsuccessful attempts to call for help.  Calls to 911, Madeleine’s son, and a neighbor failed to connect because of spotty cellular reception in the sparsely-populated rural area. From what investigators have been able to piece together, Arthur Morris then attempted to climb out of the vehicle, but got wedged between the bottom of the door and the ground. He soon died of asphyxiation. His wife managed to get out, but four additional attempts to use the cellphone proved fruitless.

After giving up on technology, she walked to the home of their closest neighbors. Finding them already gone, and unsure of what else to do, Madeleine covered herself with a tarp to protect herself against the rain, but died of hypothermia after nighttime temperatures dipped into the forties.

Two sentences in a CNET News article encapsulate the level of faith (misplaced or not) we’ve come to place in technology:

“…their grandson had bought them a phone from AT&T, in the belief that a network from such a large carrier would offer the best chance of a signal in that remote area. But locals reportedly say no carrier has much of a signal in those mountains.”

As someone who lives less than an hour from where the Morrises’ were unable to reach out and touch someone (as AT&T prompted people to do years ago in its commercials), I fully understand frustration over spotty coverage. When I’m at home, my handset (with service through a different carrier) can receive calls and text messages on alternate Thursdays—but only when I stand on one foot while facing the sun.  On cloudy days, well, it’s good to have a landline.

For its part, AT&T responded to the CNET article with a brief statement:

“Our thoughts and sympathies go out to the Morris family during this extremely difficult time. Wireless coverage in mountainous and remote areas is an industrywide challenge, and AT&T, along with other carriers, are continually striving to improve service levels in those areas.”

In other words, don't hold your breath waiting for AT&T or any other carrier to erect cell towers simply for the public good. If they cannot justify that cost in terms of the number of customers on their subscriber rolls or potential customers they can add, don't look for them to surmount that "industrywide challenge" anytime soon. 

On this blog, we write a lot about cybercriminals defeating organizations’ online security measures (often because they’re woefully inadequate) or tricking consumers via some phishing or social engineering scheme. But sometimes you have to wonder whether the people responsible for other people’s personal information could make a bigger mess if they were intentionally trying to divulge the data.

Take for example California’s Department of In-Home Supportive Services (IHSS), which reported late last week that more than 700 000 records containing personal records of caregivers and patients were either lost or stolen. The department, which organizes and oversees the provision of home attendants and visiting nurses for elderly and disabled people, says that Hewlett Packard, with which it contracted to manage the data, notified it that a package containing microfiche with payroll data was missing from a package it sent via the U.S. Postal Service. Among the items were 375 000 workers’ names, Social Security numbers, and wages, plus the names and state identification numbers of care recipients. The package, which HP sending to California’s Compensation Insurance Fund arrived with the container damaged and some of the records missing.

A Los Angeles Times article quoted Michael Cox, a spokesman for the Service Employees International Union, the labor union that represents hundreds of thousands of home care workers in the state:

"[The fact that such] primitive security measures are still in place is inexplicable.”

I think Cox’s characterization was a bit generous. It doesn’t seem out of place to look at a cardboard box containing pictures of unencrypted records and ask: What security measures? I have no idea whether California law allows it, but it would be perfectly just for the people whose information was handled so carelessly to sue the state. Perhaps the pain in the state’s purse strings will cause it to set the bar for maintaining or distributing sensitive data a little higher.

In March, computer storage devices containing the names, Social Security numbers, and other private records of about 800 000 adults and children were lost in transit between an IBM facility and the California Department of Child Support Services. See if this sounds familiar: a container holding the memory devices broke during shipping, allowing some of them to spill out.

A reporter for The Wall Street Journal appears to have hacked a popular crowdfunding website last week, exposing a security gap created during a software update. The reporter, Jeremy Singer-Vine, was able to access a massive amount of private information before Kickstarter hurriedly fixed the problem on Friday 12 May.

Kickstarter is a place for artists and gadget-makers to present their projects to the public and ask for monetary backing in exchange for rewards. It could be a $1 pledge to a documentary with satisfaction as the reward, or a $200 pledge to back the next iPad accessory in exchange for the new toy.

Singer-Vine and the Journal downloaded almost 77 000 unpublished projects.

According to Kickstarter, one of its engineers found the so-called bug. Not the case, says the Journal. Singer-Vine, who is a computer programmer as well as a reporter, didn’t say what he was doing snooping around Kickstarter’s innards. But it appears that he discovered the problem, then he told Kickstarter about it—maybe so they could fix it, maybe so he could get a quote (which, by the way, he didn't).

Kickstarter had updated its website with some new features and a new software interface on 24 April, in honor of its third birthday. The updated software included a back-end way to look at projects that weren’t ready for consumption. That private information wasn’t readily accessible from the site, but outsiders, such as the Journal’s reporter, apparently were able to access the site's internal data feed for about three weeks.

Users of the site never provide credit card information to Kickstarter itself—it uses Amazon for payments—so no financial information was divulgled. But the reporter was able to access project photos, videos, locations, descriptions, fundraising goals, planned rewards for project backers, and user names.

An invasion of privacy in a creative space may be less of a concern than a financial incursion or a medical records breach, but the fact that no one at the company was aware of the security hole for three weeks is disconcerting. Still, very few people actually exploited the breach, Kickstarter says. Only 48 projects were looked at, including those accessed by programmers to fix the bug. Except, of course, for the thousands of projects accessed by the reporter.

Updating a website is often necessary for rapidly growing start-ups. Kickstarter is prime example. In 2011, users pledged almost $100 million to over 27 000 projects. In the last month, users pledged over $10 million to just one project: Pebble, the fabled smartphone-enabled watch. But, clearly, mistakes can be made during an upgrade.

Keep an eye out for our June video on Kickstarter crowdfunded Apple accessories.

The decision last year to finally cancel the UK’s National Program for IT (NPfIT) effort to implement a nation-wide integrated electronic health record (EHR) system because of its spiraling cost and complexity  is looking better all the time. According to a recent  story in Computer Weekly, roughly 60 percent of London National Health Service (NHS) hospital trusts are operating without IT disaster recovery systems in place. The startling news was delivered at a health informatics conference by a program manager at the London NHS Commercial Support Unit. The speaker said her group is trying to determine why such a high number of hospitals don’t have these basic systems in place, and whether the trusts that lack them are planning on implementing any of them soon.

In a related story, the Guardian reported earlier in the month that the North Bristol NHS trust’s effort to roll out its Cerner-based electronic health record system has overrun its budget by nearly 100 percent. Apparently, the trust severely underestimated how challenging the data migration effort would be, not to mention the level of staff support needed to operate the system once it was in place. Issues with the EHR roll-out led to a series of clinical incidents; the trust cited the Cerner implementation ”as the causal factor” in 16 of them, the Guardian stated. Fortunately, none of the incidents created a hazard for patients.

The definitive history of the failure of the NPfIT has yet to be written. The closest that exists is the Dossier (pdf) of concerns that professor Brian Randell of Newcastle University has compiled over the years. Now, another useful historical contribution has been written by professor Geoffrey Sampson of the University of South Africa, who provides his own view of the debacle.

Like Randell, Sampson was one of the “Gang of 23” computer professorswho wrote an open letter to the UK government in April 2006 questioning its NPfIT strategy and implementation approach, and calling for an independent technical review of the effort. The letter caused a stir at the time, but ultimately did not cause the government to change its NPfIT approach one iota, other than to double down in its defense of its plans. As in most situations of denial of the obvious like this, all that was needed for the approach to fail was time.

Sampson’s observations of the NPfIT debacle are interesting, especially in regard to the lessons that those involved in government IT need learn from it. He writes, for instance, that:

“Government and computing are bound to mix badly, because the two domains are founded on contrary assumptions. In the government world, it is a given that sufficient authority will elicit any desired action. In the world of informatics, authority is impotent. Bring as much pressure as you like to bear on a flawed software system, and what you will get is a worse-flawed system.”

In addition:

“If governments hope to make IT serve their purposes, as since the turn of the century they have increasingly been aiming to do, then they have got to learn to defer to information-technology realities. Human beings bend to government will. Software development does not take orders.”

Maybe Katie Davis, the interim Managing Director of NHS informatics, should keep that in mind the next time she thinks about reiterating her claims about the future of the NHS and technology. For example, insists that NHS has an 80 percent chance (if not better) of having “world beating” health informatics in place across the country within the next 5 to 10 years, although that statement is based on nothing more than the "enthusiasm" the government has for health information technology.

Members of the hacktivist group Anonymous have been active this week, striking out at Virgin Media, Vladimir Putin, and, allegedly, a Twitter spammer.

The Wednesday attacks on Virgin Media and Vladimir Putin were denial-of-service hacks that temporarily brought down the sites. The motivations in these incidents were clearly stated. 

According to a Reuters report, Anonymous took credit for the Putin hack, a follow-through on a threat that the group would target Russian government websites in support of opposition protests, via the Twitter account @Op_Russia. Details of the kremlin.ru attack were less clear. Reuters said it went down for several minutes on Wednesday. But the RT network reported that the site was down for almost an hour, and that other government sites were also attacked, though not as successfully. Several Russian media sites also experienced denial-of-service hacks, but Anonymous members did not claimed responsibility for those, RT said. 

The Virgin Media denial-of-service hack was retaliation over the takedown of The Pirate Bay, a massive file-sharing site, Daily Tech reports. “#Anonymous have just taken down #VirginMedia website again because of their involvement in the #Censorship of The Pirate Bay,” @AnonUK tweeted Wednesday. Virgin Media had decided to cooperate with the U.K. High Court’s order to block the site.

Earlier in the week, hackers claiming to be from Anonymous took credit for publishing a list of 55 000 Twitter handles and passwords on Pastebin. Many of the accounts listed were spam handles. Many, though, were duplicates, bringing the total closer to 35 000.

It appears that Twitter was not hacked—a spammer was hacked, and that list was released by another hacker. Or perhaps a spammer posted the list in retaliation against Twitter for cancelling some of the accounts on the list, suggests The New York Times. An eWeek columnist went so far as to speculate that the cache of passwords were a honeypot laid out by Twitter itself to catch hackers intent on nabbing Twitter's user files.

In a debate about the list on Y Combinator’s Hacker News, the consensus was that it was a white hat hack: an attempt to force Twitter to close a long list of fake accounts. When the handles and passwords went public, Twitter reset all of the passwords and sent out email notifications. That would kill a fake account, as the emails aren’t real.

But not all of the accounts posted in the Twitter list were fake. One Y Combinator user, felipe_csl, hacked into a real person’s Twitter account, then into that person’s Hotmail, and then emailed the owner to tell them their password had been posted online. Some users denounced felipe_csl's actions as illegal and invasive, while others called him conscientious.

This week’s hacktivist events may not be over. The BBC reports that tweets from Anonymous hackers have threatened a weekly repeat of Saturday's denial-of-service attack on United Kingdom’s Home Office website, in which the site was taken down for several hours.