Risk Factor iconRisk Factor

2006 Jeep Commanders Recalled for Software Flaw

It is being reported that Chysler is expanding the recall of its Jeep Commander SUVs to repair engine stalling caused by a flaw in the automatic transmission software that could, according to the National Highway Traffic Safety Administration (NHTSA) "could cause a crash without warning."

In March, Chrysler recalled 1,338 of the 2008 Jeep Grand Cherokee and Commander SUVs to repair a stalling problem in the vehicles. The NHTSA reported at the time that the â''the front control module may have been incorrectly manufactured. This could cause the engine to stall while driving or nor to start.â''

This month, Chrysler expanded the recall to include 24,461 Jeep Commanders equipped with the 4.7 liter engine and built before 11 January 2006.

As a point of reference, GM expects its cars to have about 100 million lines of software in them by around 2010. Software reliability issues will undoubtedly increase in cars from sheer numbers if nothing else.

Having bought a new car in the past month, I sometimes feel that it is more computer network on wheels than anything else. I am still climbing the learning curve on how to operate all the gadgets in the car.

Car manufacturers, unfortunately, seem to have taken on the same attitude of many manufacturers in the computer and electronics space - make the operating instructions to their tech toys as confusing and contradictory as possible. Car manufacturers may claim in their automobile commercials that they are spending a lot on the human factors engineering side, but from a software systems perspective, I don't see much value being created for all the money being spent.

London Heathrow Boeing 777 Crash Update


Yesterday, the UK Air Accident Investigations Branch (AAIB) released an interim report on the British Airways Boeing 777 that crashed at London Heathrow last January. The report indicates that the AAIB suspects that the plane's fuel flow became restricted somewhere between the engines and the fuel tanks, causing the plane's engines to become starved of fuel.

The report says, "The evidence to date indicates that both engines had low fuel pressure at the inlet to the HP pump. Restrictions in the fuel system between the aircraft fuel tanks and each of the engine HP pumps, resulting in reduced fuel flows, is suspected."

The report also says that the focus of the investigation "continues to be the fuel system of both the aircraft and the engines, in order to understand why neither engine responded to the demanded increase in power when all of the engine control functions operated normally."

One area of investigation is whether an area of very cold air through which the aircraft flew was a culprit, although the indications are that it should not have been a concern.

"During the flight there was a region of particularly cold air, with ambient temperatures as low as -76ºC, in the area between the Urals and Eastern Scandinavia. The Met Office described the temperature conditions during the flight as â''unusually low compared to the average, but not exceptionalâ''. The lowest total air temperature recorded during the flight was â''45ºC, and the minimum recorded fuel temperature was -34ºC. The specified fuel freezing temperature for Jet A-1 is not above â''47ºC; analysis of fuel samples taken after the accident showed the fuel onboard the aircraft complied with the Jet A-1 specification and had a measured fuel freezing temperature of -57ºC. The aircraft was operated within its certified flight envelope throughout the flight."

Discovering the reason(s) for the crash has proven much harder than anyone expected, given that the plane was much more intact than in most crash investigations. As one expert was quoted in a story in the Washington Post:

" 'This is a great mystery, and I never expected this accident to be this difficult to solve, given the state-of-art tools on the plane and the fact that the aircraft was largely intact,' said Bill Voss, president of the Flight Safety Foundation, an organization that advocates for improving aviation safety. 'This has potentially broad implications that go beyond this one airplane, depending on what they find.' "

I'll let you know what the final report says.

The Software Issues Behind Heathrow's T5 Meltdown


It now appears that the baggage problems at London Heathrowâ''s Terminal 5 were caused in part to a bit of test software that wasnâ''t removed properly.

According to a story in ComputerWeekly, British Airways (BA) Chief Executive Willie Walsh claims that "the main IT problem with the baggage system was a software filter that was mistakenly left in place after the system - designed by BAA (the airport operator) - went live. Walsh said the filter was used during the testing period to ensure the messages generated were restricted to the BAA operation, and were not sent out further than that. But because it remained in place after the terminal opened, it interfered with the messages coming into the system, meaning the system could not recognise a number of bags.â''

â''One other IT problem at the terminal concerned server capacity. Walsh said the servers had not been able to cope with the â''significant increasesâ'' in the volume of bags going through. The amount of messages the servers were coping with was significantly more than the amount run on them during modelling, and more server capacity is still required.â''

Willie Walsh also admitted in testimony reported in the London Guardian before the Commons Transport Committee that he had considered delaying the move to Terminal 5 right up until a few weeks before the opening because he knew things were very dicey, but decided to go ahead anyway.

In fact, Walsh said that he knew as far back as last September that â''the building programme was not 100 percent completeâ'' and would likely not be by the opening on 27 March.

But, given the costs of delaying for six months (the minimum time Walsh said was required), he decided to take a â''calculated riskâ'' to open anyway.

As a London Telegraph story put it, â''The upshot was that a planned six-month testing period to familiarise 15,800 BA staff with the new terminal and iron out glitches in baggage and other systems, could not be completed as intended.â''

Only 80% of the BA staff actually had the required training.

â''â''My regret is we did compromise on our testing programme. But we did this with our eyes open. It was a calculated risk,â'' Walsh said.â''

Walsh also said, â''If we did it again, we would do things differently.â''

Well, he will get another chance soon when BA plans to complete its move to Terminal 5 later this year.

Walsh also tried to play the same "forgive me for my relative bad behavior" game my children play with me. Walsh referred to other baggage system problems at Denver, Hong Kong and Barcelona as excuses for why BA's problems should not be seen in a bad light. Of course, he didnâ''t mentioned that other airports, like Singapore's and Beijingâ''s were able to open their new terminals without problems.

Finally, there are now rumors that BA is looking to replace Walsh, especially now that the Terminal 5 fiasco has caused tens of thousands of passengers to avoid flying BA. Better late than never.

Fun With Windows


There is a story in ComputerWorld that according to posts to a Microsoft support forum Windows XP Service Pack 3 has been sending some PCs into an endless series of reboots. According to the story, the problem has been tentatively identified as being a problem involving only machines using processors from Advanced Micro Devices Inc.

As the story notes, "This isn't the first endless reboot problem Microsoft's faced in relation to a service pack recently. In February, the company pulled a Windows Vista SP1 prerequisite update from automatic delivery because it was crippling some machines."

I haven't had the reboot problem. Instead, I have had to try multiple times on my Intel-based machines to get SP3 loaded properly. One machine took three attempts, another five, and the third is at seven and still counting. I won't bore you with the details, but needless to say, it has been a barrel of fun trying to determine where the conflicts reside.

My admiration for Microsoft just continues to grows whenever I have to update its software - it really does.

Your Face as Password

I get bombarded with press releases, most of which don't interest me much, but I did receive an interesting one concerning new PC log on software from XID Technologies. According to the release, â''Face LogOn Xpress uses a simple web camera to ensure the identity of the user by providing biometric verification in an automatic, continuous process, based on XIDâ''s award winning face recognition technology. The new software uses XIDâ''s Face Recognition artificial intelligence technology and learns each time a user enrolls his or her face, enabling Face LogOn Xpress to develop high accuracy in varied conditions.â''

â''Targeted to computer users seeking to control access to their machines by verifying identity while logging on in a simple and convenient way, Face LogOn Xpress can be customized to allow users to control the applicationâ''s sensitivity levels. This control ensures accurate face recognition to address different lighting conditions. Additionally, Face LogOn Xpress compensates for extreme conditions such as complete darkness by allowing users to access the PC through the use of a default password instead of the camera.â''

There is a video of its use here, and there is a free 30-day trial of the software available.

I like the idea of having my face be my password. I donâ''t think too many people look like me (although I have been told I have a passing semblance to Richard Dreyfuss) and I generally remember what I look like each day. My only concern is that I look a lot different after a couple cups of coffee in the morning.

Don't Do Software Updates in Prime Time


Foxtel, a cable company in Australia made its customers very unhappy last week when it decided to send a software update to its cable boxes during prime time. Viewers claim they lost cable from 15 minutes to a half-hour, while Foxtel claimed that the outage only lasted five to eight minutes.

â''Due to a system issue last night subscribers' service was temporarily affected by a software update," a Foxtel spokeswoman said.

â''This meant subscribers may have needed to come out of standby mode on their set-top unit once the update finished to restore service. We apologise for any inconvenience.â''

Of course, I suppose that every Foxtel subscriber should be able to recognize instantly that their cable went out due to a software update, and once the update was complete, that they needed to get their cable box out of standby mode to get their television back.

It would have been obvious to me.

Yeah, right.

Or should I say crikey?

HM Revenue and Customs Taxpayer Snooping


Last December, I wrote about the 219 Internal Revenue Service (IRS) employees disciplined for snooping into taxpayer records last year.

This week, the UK's HM Revenue and Customs (HMRC) which suffered a major data breach last year, announced this week that it had disciplined 600 of its staff over the past three years for inappropriately accessing customer records. There were 238 people disciplined in 2005, 180 in 2006, and 192 in 2007.

I guess the temptation to peek is just too great for many people in these organizations.

More Airbus 380 Troubles?


Airbus is preparing its customers about a further delay to the Airbus 380 the London Times reports. The Times reports that Airbus is still having trouble with fitting the aircraft with the 311 miles of cabling it requires. For the last two years, Airbus has been rewiring 26 A380s that had cables installed incorrectly.

Boeing, which has seen its share of troubles lately on its 787 Dreamliner, announced this week that it should be able to hold to its revised April schedule.

The only possible monkey wrench is that Boeing's two largest unions, the International Association of Machinists' Seattle-based District 751 and the Society of Professional Engineering Employees in Aerospace are threatening to strike in September and December respectively. According to one report, the unions see that they have leverage over Boeing given the 787 delays, as well as the major future revenue the 787 promises.

Should be an interesting autumn for both Airbus and Boeing.

Virginia Pilots Web Safety Courses for Kids


The Washington Post ran a story over the weekend about Virginia's pilot program to teach students about safe Internet practices. Beginning this September, students in all grades will be taught about Internet safety. Virginia's program is the first in the nation that is mandated by law.

While I was aware of the program when it got signed into law in 2006, I kind of lost track of its status until the Post article. With two young children in Virginia public schools this fall, I will be interested in what they are taught and how much it sinks in. My older child has an occasional computer class, but she hasn't said anything about the program to me. Nor do I recall seeing any announcements from her school. When I quizzed her about whether her teachers had taught her about safe Internet practices, she didn't seem aware of any instruction being given in relation to the program itself.

This has made me curious about how effective the program will be, since the according to the Post story, "The state initiative calls for including parents. One chapter in a state resource book covers 'What Parents, Grandparents, and Caregivers Need to Know.' " The story does say that in some jurisdictions, there has been a move to get parents involved - I just don't know how widespread it is. It hasn't reached me yet.

I'll let you all know what transpires when the Fall school session starts. I think it is a good idea - the ultimate value, however, will be in its implementation.

Practice Safe Computing - Or Else

There is a report in the London Times that says UK banks are likely to start getting tough on customers who fall for phishing attacks. New rules to the Banking Code (these cover how banks must treat their customers) that came into effect last month state that â''victims of online fraud must have up-to-date antivirus and antispyware software installed, plus a personal firewall, to claim redress from their banks,â'' the Times story says.

If a person fails to have the required safeguards in place, the banks can refuse any claim for a refund.

The onus is on the individual to prove that they have these safeguards in place at the time of the hack. I see a small boon to an enterprising company that develops a software program to keep a log of the total state of the security profile of a person's computer. The company could even suggest, for a small additional fee, to keep the log on its central system to prove to the banks that the profile wasn't tampered with in any way.

There is a problem, of course, in that a person's personal information may have been hacked months before it was used in an attack, but that is another story.

At least one of my banks has a similar "redress" policy. This bank makes it very clear every time you sign on that protection of the information that allows access to my accounts through its website is my responsibility, and that the bank will not be liable in any way if that information is used by an unauthorized third party due to my negligence.

How I can prove that some future unauthorized access wasnâ''t due to my negligence is not spelled out in any way (What, do I have to get the hackers to tell the bank where and how they got my information?), so I have started to stay away accessing my bank account information through this bankâ''s website. I suspect some bank customers in the UK faced with a similar dilemma may decide to do the same.

UK banks, like those in the US, want their customers to do more on-line banking to reduce their personnel and other overhead costs - I am going to be interested in seeing what happens if the banks start refusing to pay refund claims from hacked (off) customers.


Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Willie D. Jones
Load More