Risk Factor iconRisk Factor

DNA To Predict Your Future Behavior?


There was an interesting and disturbing article in Sunday's Washington Post about the increasing use of DNA to predict a person's future behavior or life possibilities (e.g., longevity) in court. The article said that, "... defense attorneys are asking judges to admit test results suggesting that their clients have a genetic predisposition for violent or impulsive behavior, adding a potential 'DNA defense' to a legal system that until now has held virtually everyone accountable for their actions except the insane or mentally retarded."

The article goes on, "Some gene tests are even being touted for their capacity to help judges predict the likelihood that a convict, if released, will break the law again -- a measure of 'future dangerousness' that raises questions about how far courts can go to abort crimes that have not yet been committed."

In addition, courts are being asked to reduce or increase civil awards because a person's DNA make them genetically disposed to certain diseases. For example, "In once case, a mother sued a doctor and a hospital, claiming that negligence during her labor and delivery caused her daughter permanent brain injuries. A geneticist suspected that the girl had Angelman syndrome, a rare disease caused by a defective chromosome. The trial court ordered a DNA test, but the mother refused, resulting in her not only losing the case but also being held in civil contempt."

While it may take a while, the article suggests that courts may in the future routinely allow a person's DNA to "testify" about them - for good and bad.

That potential trend creates a set of risks that haven't been fully addressed by governments engaged in creating DNA databases of its citizens. The UK has been actively involved in creating DNA databases, and there are some there who are advocating that every person's DNA be recorded in it.

The US government has just changed its policy to collect DNA not only on those convicted of a federal crime, but also arrested for a felony (in the UK anyone arrested can have their DNA collected). Thirteen states already do so now and turn the data over to the government, and many others are considering following suit.

Anyone care to speculate on how long it will be before some government decides to use their DNA database to identify people prone to "future dangerousness?"

And if they do, will they require them to wear some sort of brain-activity box which will indicate when they are contemplating something the government dislikes?

Like bloggers who ask these types of questions?

Georgia Health Insurance Records On Web For Weeks


The New York Times reported that on the 12th of February, WellCare Health Plans Inc inadvertently posted the names, Social Security numbers, birth dates, and dates of eligibility for some 71,000 adults and children enrolled in Medicaid or PeachCare for Kids insurance programs in Georgia. WellCare Health Plans was hired by the State of Georgia to administer health benefits for low-income patients.

The information was on the web for seven weeks. WellCare was notified on 28 March that the information was publicly accessible, but it took another 5 days for the information to be removed.

WellCare Health Plans, which has sent out letters to those patients affected, is offering to pay them for credit monitoring services for a year.

This is the second time that Georgia's Medicaid and PeachCare for Kids participants have had their data compromised. Last year, Affiliated Computer Services lost a computer disk in the mail containing data on 2.9 million recipients.

UK Child Database to Track Chaotic Lifestyles


The London Times last week reported that the new UK childrenâ''s database which is part of the Every Child Matters program "will contain details of relatives with drinking problems and of relationship difficulties between parents. The register is intended to identify and help youngsters felt to have problems holding them back at school. It is not designed for children at risk of harm but for those with any health, learning or general wellbeing problems."

What's more the story says that, "The common assessment scheme will encourage professionals such as teachers and doctors, who have contact with children, to pass on concerns to assessors who will then talk to families about a childâ''s homelife."

The details that are going to be put into database "include 'family routines', evidence of a 'disorganised/chaotic lifestyle' and 'any serious difficulties in the parentsâ'' 'relationship' " as well as "signs of mental illness or alcohol misuse by relatives, quality of accommodation and 'ways in which the familyâ''s income is used' " according to guidance the UK government is providing.

Is this a recipe for trouble or what? How soon do you think it will be before loads of teenagers, angry after being disciplined by their parents, decide to use this scheme as a way to get back at them?

And exactly what objective standards are going to be used by assessors? For example, how does one measure a disorganized/chaotic lifestyle?

GAO: Software Causes Defense Cost & Schedule Problems

The US Government Accountability Office (GAO) recently released its sixth annual assessment on major defense system acquisitions. It states that, "Since 2000, the Department of Defense (DOD) has roughly doubled its planned investment in new systems from $790 billion to $1.6 trillion in 2007, but acquisition outcomes in terms of cost and schedule have not improved. Total acquisition costs for major defense programs in the fiscal year 2007 portfolio have increased 26 percent from first estimates, compared with 6 percent in 2000. Programs have also often failed to deliver capabilities when promised."

One of the reasons the cost increases is software.

"Programs continue to have difficulty managing software development for weapon systems. Roughly half of the programs that provided us data had more than a 25 percent growth in their expected lines of code since starting system development."

The report says that programs like Future Combat Systems (FCS) has seen code increases of 300% while others like the Expeditionary Fighting Vehicle program have experienced major software reliability problems that have contributed to their cost and schedule delays.

Software has been the long pole in the tent on defense acquisitions for the past 30 years, and given DoD's aim of building system of systems, the pole will only get longer.

Hacking Economics: Prices of Stolen Data Continue to Drop


The Boston Globe had a story on latest twice-yearly Internet Security Threat Report from Symantec Corp. released last week.

The story said that Symantec is reporting that credit card numbers were selling for as little as 40 cents each and access to a bank account was going for $10 in the second half of 2007. In addition, the company "detected 711,912 new threats last year, 468 percent more than in 2006, when it found 125,243 - and almost two-thirds of all 1,122,311 Symantec has cataloged since 2002."

Last September, I noted that prices for stolen information had started to fall then. As I also remarked, with the falling prices, it was a good time for authorities to follow Gresham's Law and deliberately flood the Net with bogus stolen credit information and such to drive the prices down even further, and force hackers to spend energy trying to determine what is real from what is bogus information.

Still seems like a good idea to me.

Heathrow's Baggage Blame Game


The UK press is reporting that British Airways chief executive Willie Walsh has fired two BA executives as a result of the Heathrow Terminal 5 opening week problems. The two are Gareth Kirkwood, the operations director who handled the logistics of the transfer to Terminal 5 from Terminal 4 and David Noyes, the customer services director who supervised training for all customer-facing staff. Both were asked to leave immediately, and it was clear from the BA press release that they are being blamed for the disaster. Walsh says he will take over both jobs, as well as his own, until someone can take over both jobs which will be combined into a central operations manager position.

Of course, Walsh made a big deal about accepting responsibility for the problems, but obviously, that "acceptance" has a hard limit.

In a bit of double-speak, BA said that firing the two executives meant that Walsh was indeed taking responsibility: " 'He [Walsh] has said from the beginning and on Friday that the ultimate responsibility is his. That's why he has taken interim charge of these two areas until the chief operations officer is appointed. That is taking responsibility.' "

It was also reported that many insurance companies are now stopping coverage for lost luggage or delayed flights for passengers going through Terminal 5. They say that they will restore coverage when conditions at the Terminal improve.

Finally, the Financial Times is also reporting that it may take until October, instead of June, for BA to move all of its flights from Terminal 4 to Terminal 5.

I bet insurers don't offer Terminal 5 baggage coverage until November, at the earliest.

Ada Still Lives On


There is a very well done story in Government Computer News on the update to the FAA En Route Automation Modernization System (ERAM) that was successfully completed by Lockheed Martin last October.

The ERAM update, which consisted of 1.2 million lines of code, was delivered on budget, six months ahead of schedule and met its technical requirements, which is unusual in this business. What makes it more interesting is that the software consisted of 1.2 million lines of Ada code.

In June of 1983, the Department of Defense (DoD) issued its first official policy on Ada directing its use for all DoD mission critical systems. This began the Ada-programming wars in earnest in the software engineering community, which ended in April 1997 when DOD reversed course and removed the Ada mandate.

While many defense programs moved quickly away from Ada, the language has continued to live on especially in the aviation/space software community and a few others where reliability (and now security) is important. For instance, nearly 90% of the code for the F-22 Raptor is in Ada, and it is used on the F-35 Lightening II, Boeing 777 and 787, and on the Airbus 380. Maybe someone out there has a more complete list.

I was once deeply involved with Ada in my early career in government and later as an employee of SofTech, so I felt a wave of nostalgia as I read the story. I doubt a revival of Ada is in the winds, but it is still a very worthy programming language that unfortunately never found sufficient support outside and especially within the government.

Taxdueday Headaches for LAUSD Employees


For those still working on their taxes, my sympathies. However, my real sympathies go out to those 3,400 LA Unified School District (LAUSD) employees who received incorrect W-2 forms. As I mentioned previously, the number of employees affected by the payroll system fiasco may be greater than 3,400 because many more employees than that have pay stubs that don't match their W-2s.

While the LA Daily News reports that the LAUSD promises to cover any additional costs incurred by employees because of the payroll problems, such as tax penalties because of an incorrect or late filing or fees for tax preparers, I doubt this has brought total peace of mind to LAUSD employees.

As a footnote, sometime this month a new estimate will be given on how much the LAUSD payroll system will cost over the next 15 years, which is the time frame they plan to key the system.

Less Punishment for Doctors Who Snoop In Electronic Medical Records?


The LA Times reports that the California Department of Public Health faulted the UCLA Medical Center in Westwood, its Resnick Neuropsychiatric Hospital and a sister hospital in Santa Monica for two privacy breaches involving Britney Spears. The first occurred when Spears gave birth to her first son in 2005 and again when she was hospitalized in Resnick's psychiatric unit earlier this year.

The Times said that "at least 53 UCLA staffers, including 14 physicians, sneaked a peek at Spears' medical records on the two occasions, even though they were not treating her, according to statistics from the state and UCLA officials."

As a result, 18 non-doctors resigned, retired or were dismissed after the snooping was discovered. However, not one of the 14 physicians resigned or were fired.

The Times asked why the staff were dismissed but the doctors allowed to stay on, "Kathleen Billingsley, deputy director for the California's health department's Center for Healthcare Quality, said, 'I can't speculate as to why.' "

The chief executive of the UCLA Hospital System, Dr. David Feinberg, promises that things will change in the future. He also promises that more security will be built into its electronic medical records system to protect patients' privacy.

As I noted in an earlier post, UCLA has claimed that such snooping on patients was rare, but in another LA Times story, it appears that snooping has been going on since at least 1995. The records of Tom Cruise, Mariah Carey, Dom DeLuise and George Harrison were among those looked at. Worse, the hospital knew about the unauthorized snooping, but senior management didn't see fit to take any decisive action to stop it.

Given its track record, any promises from UCLA hospital management to protect patient privacy have to be taken with a large grain of salt.

British Airways Burns Other Airlines and Lost Luggage


British Airways (BA) decided in consultation with BAA, the airport operator, to delay moving the remainder of its flights from Terminal 4 to Terminal 5 to June instead of from the end of this month as planned. According to press reports, the move would have meant the number of passengers handled at Terminal 5 doubling from 40,000 to 80,000 a day. BA and BAA felt that it wasn't ready to handle the expanded number of people just yet, as some elevators were still not working, and the baggage system still needed some "fine tuning."

Per usual, both BA and BAA apologized for the decision - something they have been doing a lot lately.

The other 54 airlines who were expecting to move among the other Heathrow terminals once BA vacated Terminal 4 in a game of complicated musical chairs are, to say the least, extremely unhappy.

There are still some 7,000 bags that have not yet rejoined their owners, and many may be burned, which has not made BA passengers happy, either. According to the Evening Standard, Giovanni Tinelli, from Onboard Express in Milan, which has a £5 million a year contract to sort lost BA bags, is quoted as saying, "All our BA bags that are untraceable are sent back to BA and then they are destroyed in an incinerator."

And just to make sure BA passengers stay unhappy for another few months, because BA had planned to have all of its Heathrow flights operating out of Terminal 5, BA designed its May 2008 onward schedule under that operating assumption. Thus, the new schedule assumed that less time would be needed for passengers transferring between BA flights since everyone would be arriving and departing at the same terminal.

Well, now, that assumptions has been knocked into a cocked hat. Some BA passengers transferring between flights, if they have to transfer between Terminals 4 and 5, now may not have adequate time to be able to make their flights. BA is offering to refund tickets or rebook the affected passengers.

It is going to be a longer summer at Heathrow.

The only good news is that Terminal 5 check-in and baggage systems seem to be now operating without any major disruptions.


Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Willie D. Jones
Load More