Risk Factor iconRisk Factor

IT Security Gets a Double Whack

In today's New York Times, there is a story about how a group led by a Princeton University security researcher Edward Felton has found a rather simple way to access information on encrypted devices: freeze the device's memory chip.

As the Times reported, Felton wrote on his blog that, "Interestingly, if you cool the DRAM chips, for example by spraying inverted cans of â''canned airâ'' dusting spray on them, the chips will retain their contents for much longer. At these temperatures (around -50 °C) you can remove the chips from the computer and let them sit on the table for ten minutes or more, without appreciable loss of data. Cool the chips in liquid nitrogen (-196 °C) and they hold their state for hours at least, without any power. Just put the chips back into a machine and you can read out their contents."

You can go to the group's website for a technical paper and the blog for discussions about the limitations of the technique.

Also today in ComputerWorld, there is a story about two researchers, David Hulton and Steve Muller, who claim they have found an expensive way to break the encryption on GSM phones, allowing calls to be easily listened to. They claim that by using about $1,000 worth of field-programmable gate array-aided computer equipment and a frequency scanner, they can crack a GSM phone's security in about 30 minutes. Spend $100,000, and you can crack it in 30 seconds is the claim.

Baggage Meltdown at Heathrow

Luggage.gif

A computer malfunction in the baggage system at London Heathrow's Terminal 4 has caused chaos for over 4,000 passengers flying British Airways (BA) and several others over the past several days. It appears that about noon Tuesday, a software upgrade to Terminal 4's computerized baggage handling system caused the the belts that route and or transfer luggage from check-in desks to specific aircraft luggage loading and off-loading areas to stop working.

As a result, BA told all of its economy class passengers who were leaving Terminal 4 (which handles long-haul flights to other countries) or transferring to other flights at the terminal that they could not check in anything but a small carry on bag. Business class and first class passengers were not affected (a travel class-specific software bug - how interesting). It must have been very thrilling for those passengers who were already on long-haul flights and landed at Heathrow only to be told they could go, but their luggage had to stay.

BA economy passengers were told they could try to ship their luggage to their destinations by other means, wait for some future BA flight when the system was working, try to get on another airline (BA said it would try to get other airlines to honor their tickets) or get a refund. Of course, I guess you could always upgrade if there was room.

The other airlines like Qantas, KLM and Air Malta that also use Terminal 4 quickly decided to manually moved passenger luggage, and therefore were only temporarily affected. BA claimed that the sheer quantity of their luggage meant this was not possible except for the aforementioned business and first class passengers.

As of today, the baggage system seems to be working again, except for transfer passengers. Heathrow has always been an awful place to transfer flights - this latest problem just adds to its notoriety, and a desire of experienced passengers to avoid Heathrow (and BA) at all costs.

According to reports, this is the 10th baggage system breakdown at Heathrow since last May.

In what could have been better timing for BA, while this situation was unfolding, it was announced that BA was the second worst airline in Europe for losing bags: 26.5 bags for every 1,000 passengers. Only TAP, the Portuguese carrier, lost more, some 27.8 bags per 1,000 passengers.

BA next announced a £12 fuel surcharge increase. As the Telegraph once more reported, that from "Monday, the surcharge for long-haul flights of less than nine hours will rise from £96 for a return flight to £106. For return long-haul flights of more than nine hours, the charge will increase from £116 to £128."

BA, with more exquisite timing, unveiled its new Terminal 5 to the press, which is supposedly going to solve the passenger baggage system problem once and for all. As the Telegraph reported, "Gary Ranns, lounges manager at British Airways, said: 'Terminal 5 will be a fantastic experience. It will make travelling a pleasure again and not a chore.' " Given what was happening over at Terminal 4 at the time, Ranns might have chosen better language.

And finally, to add to the positive publicity, BA pilots also have decided today that they would go on strike over the coming Easter holidays, and just before when Terminal 5 is supposed to open on 27 March.

Of course, BA apologizes for any inconvenience.

UPDATE: Friday, 22 February, BA announced everything was back to "normal" at Terminal 4 - which means routine chaos rather than computer enhanced chaos.

End of Wired Phones in Sight?

Yesterday, it was reported that both Verizon Wireless and AT&T Mobility announced (for example, here) new flat-rate plans costing $99.99 per month that eliminate not only long-distance and roaming charges, but also any time limitations on calls.

While wireless carriers like T-Mobile have been trying to convince people that they don't need a wired phone, these announcements to their respective customer bases by two major wireline carriers to basically do the same marks a major shift in strategic positioning. With one of these plans, you don't need a wireline phone, except, of course, if your connectivity and reliability pretty much stinks, like mine does regardless of carrier.

Anyway, T-Mobile which last year let its customers call free and use Wi-Fi connections at their homes or elsewhere, said it will also offer unlimited calling and messaging for under $100 per month.

I wonder how long it will be before the wireline carriers really start to jack up their landline connection costs, citing increased operational and overhead costs.

London Crash - Still Unresolved

Boeing.gif

Investigators are still stumped why the Boeing 777 crashed at Heathrow airport last month. The prevalent theory about ice in the fuel seems not to be able to stand scrutiny. Excessive water or other contaminants in the fuel was not found.

Investigators still being the problem is in the fuel system. The latest speculation now seems to be that the plan encountered "unusually low" temperatures that dipped to minus 76 Celsius (minus 105 Fahrenheit) between the Ural Mountains and Scandinavia. This may have affected the operation of the high-pressure fuel fuel pumps.

Boeing 787 Dreamliner - More Delays in the Works?

Boeing.gif

In a Chicago Tribune story this morning, Boeing's Randy Tinseth, vice president of marketing for commercial airplanes, was quoted as saying that while Boeing was confident of its new delivery schedule, it wouldn't rule out further delays.

Tinseth further said, "We have not finished the production plan yet. We are waiting until the end of the first quarter to finish the production plan and then we can make better projections on deliveries for 2009 and beyond. It is a reasonable plan but you never know."

Is this just being realistic, or is this a warning flare to Wall Street analysts that not to jump down Boeing's throat if another slip is announced? Just a month ago, Boeing was saying after the latest slip, everything "no worries" we got it covered.

To now publicly sow some doubt - well, my take is to expect another slip announcement. And I bet the software guys continue to be happy.

Secrets Behind the UK Electronic Health Record System Decision

Ear-examiner.gif

Tony Collins, over at ComputerWeekly, has written a fascinating story about the secret (until now) political decisions to create the UK National Program for IT (NPfIT), the UK's attempt at creating a national electronic health record (EHR) system, similar to what Sen. Hillary Clinton (my apologies for not using her proper title before) is currently advocating, and what President Bush wants in place by 2014.

In papers obtained by the UK Freedom of Information Act, it appears that former Prime Minister Tony Blair in 2002 wanted a full fledged EHR system by early in the year 2005, before the next general election he would have to call. Even an EHR system operational by the 2005 date was seen by Blair as taking too long!

It is apparent that the potential for improved patient health care that EHRs promise was cavalierly traded off for immediate political gain - not a big surprise, of course. The haste and lack of concern for the technological implications in which the NPfIT decision was made is still breath-taking, nevertheless.

Best guess is that it will be 2013 before NPfIT is fully up and running; however, doctors aren't particularly supportive of it; nine out of ten doctors don't believe that the UK government can protect patient data; many doctors and privacy advocates are suggesting patients opt of of it; and support contractors are thinking of pulling out.

As I have mentioned, politicians seem to believe that they are the most brilliant and clever IT system architects that exist.

E-Voting Problems Worse Than This?

voting-box-1.jpg An article in today's Los Angeles Times tells the story of how, "Six years ago, Los Angeles County began using a ballot for nonpartisan voters that had a little-noticed design flaw. Confusion over how to mark the ballot, critics say, caused tens of thousands of votes to go uncounted in three elections between 2002 and 2006."

The story goes on, "At the time, election officials knew that some votes were not being counted but saw no need to make changes. After all, the missing votes went unnoticed in the three primary elections and no one complained."

However, a grass-roots advocacy group complained about it on the day before the 5th of February presidential primary in California. The advocacy group argued that "the ballot was defective because it required nonpartisans wanting to vote in a party primary to mark an extra bubble designating which party they were choosing."

Many voters would likely miss the bubble, and therefore invalidate their vote. Now it appears that about 50,000 voters did miss it, and didn't have their votes counted.

Needless to say, lots of folks are ticked off.

There may be flaws with e-voting systems which California has severely limited, but are they worse than this?

Grand Challenges - A Little Bit of Software Needed

Erico Guizzo has an interesting post at the Tech Talk blog about the National Academy of Engineering 14 grand challenges:

* Make solar energy economical

* Provide energy from fusion

* Develop carbon sequestration methods

* Manage the nitrogen cycle

* Provide access to clean water

* Restore and improve urban infrastructure

* Advance health informatics

* Engineer better medicines

* Reverse-engineer the brain

* Prevent nuclear terror

* Secure cyberspace

* Enhance virtual reality

* Advance personalized learning

* Engineer the tools of scientific discovery

Notice how many will require major improvements in software development and computer technology. These could be the long pole in the tent, but I don't see this as one of the grand challenges. I wonder why?

Death of HD DVDs

gravestones.gif Kyodo News agency reported Saturday that Japanese electronics maker Toshiba may withdraw its HD DVD next-generation video format. This comes after Wal-Mart announced that it would only sell only Blu-ray DVDs and hardware and no longer carry HD DVD offerings.

Toshiba's decision effectively puts the kibosh on HD DVD.

Also, midnight a year from today, analog TV ends, and digital TV takes over the US. The US Congress created the TV Converter Box Coupon Program for households wishing to keep using their analog TV sets after February 17, 2009. The Program allows U.S. households to www.dtv2009.gov to get yours), each worth $40, that can be applied toward the cost of eligible converter boxes.

So now you can feel safe to invest in Blue-ray discs to watch on your new digital TV.

UPDATE: It is now official - Toshiba is scrapping its HD DVDs, a little more than a month after it released its second generation players. So much for its "early lead" in the market place "proving the strength of the HD DVD format."

Engineering at Smith College: Bit of Hope for the Future?

There is an interesting article in the Christian Science Monitor (CSM) this week on the introduction of the first engineering program at a women's college. It is particularly relevant to some of the discussion (here and here, for example) on the potential future state of US high-tech.

The article says,

"The first women's college to offer an engineering degree, Smith is forging new paths in a field that's eager to swell its ranks in the United States. Women receive only 20 percent of bachelor's degrees in engineering, according to a new report by the National Science Board (NSB). Like a handful of other liberal arts colleges, Smith is producing graduates who've had a different type of engineering education â'' one that goes beyond technical training to focus on a broader context for finding solutions to humanity's problems; one that emphasizes ethics and communication; one so flexible that about half the students study abroad, which is rare, despite the multinational nature of many engineering jobs."

It also sounds like Smith has gone and hired some very gifted instructors, such as Professor Glen Ellis, who the CSM writes arrived "at his engineering class dressed as a mountain climber. He hooks a rope to the ceiling, projects snow-capped scenery on the wall, and asks a volunteer to join him in a mock ascent." Needless to say, the students pay attention to the lecture and get a broader view of what engineering as a subject means.

Ellis makes the point in a speech in accepting his US Professor of the Year award last November from Carnegie Foundation for the Advancement of Teaching and the Council for Advancement and Support of Education that,

"It is just not good enough to teach the way that we were taught. We know that doing so in engineering will surely exclude many of the young people we need to attract."

Amen to that.

The CSM article goes on to state that, "Much research in recent years points to the idea that the teaching of science, technology, engineering, and math, known collectively as STEM, is crying out for improvement. ... The NSB report says that 83 percent of professors still use lecture and discussion as their primary methods in undergraduate classes."

The trick is, of course, how to compete for the attention of young minds among all the other possibilities and get them interested in STEM without dumbing it down into becoming a clown college atmosphere. I don't think there are a lot of extroverted, innovative or self-confident STEM professors like Glenn Ellis's out there, or STEM departments that encourage this approach either. Maybe what is needed is a graduate school for STEM professors (and their Deans) to learn how to teach these subjects more interestingly to students who are increasingly skeptical of the value of these fields.

BTW, the NSB has several reports on the state of STEM education and the workforce that may be of interest. The reports are the above referenced Science and Engineering Indicators, Moving Forward to Improve Engineering Education, A National Action Plan for Addressing the Critical Needs of the U.S. Science, Technology, Engineering, and Mathematics Education System, and The Science and Engineering Workforce: Realizing America's Potential.

A lot of good thoughts in the NSB reports; unfortunately, not a lot of movement, money or care that I can see from those in position to make a lasting difference on the ground.

Smith is to be congratulated for its approach, but it is only a small college in Massachusetts. A lot more needs to be done.

Advertisement

Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Contributor
Willie D. Jones
 
Advertisement
Load More