In security circles we often discuss why some individuals and businesses find themselves in a perpetual state of high risk. While there can be complex factors, the bottom line is that many of us make poor risk management decisions in our business and personal lives.

Sometimes a high risk position results because we don’t correctly asses asset values, threats or vulnerabilities. Sometimes the cost of implementing a safeguard exceeds and expected loss, and the decision to accept risk is a logical one. And sometimes we simply make mistakes.

But there are other reasons that we Canadians are often too polite to point out: Laziness, denial, rationalization and risk decisions based upon emotion rather than logic.  The H1N1 ‘flu gives us plenty of examples.

We’re in the midst of an influenza pandemic.  Fortunately we know how to create ‘flu vaccines — we do it every year to combat the seasonal flu. So we have a vaccine, and every credible organization from the World Health Organization down to our local medical officers are recommending that we vaccinate ourselves and our families.

The risk is clear: pH1N1 is a nasty virus that, at best, will make you sick for a week or two.  At worst, it could kill you. The threat is real and much of resulting risk can be mitigated by a simple vaccination.  The Public Health Agency of Canada advises that, “without interventions like a vaccine and antivirals, close to 25 to 35 percent of the population could become ill over the period of a few months.”  Other health organizations have released similar estimates. The vaccine has been tested in Canada as well as other countries, and we know that approximately 1 in 100,000 people will have a serious reaction to it, as with any other vaccine.  (Source: http://www.phac-aspc.gc.ca/alert-alerte/h1n1/vacc/options-eng.php)

From a risk management perspective it doesn’t get much simpler than this. The benefits of the vaccine clearly outweigh the risks, and the cost (a few hours of our time at most) is minimal compared to the potential loss.  And that doesn’t take ethics and social responsibility into account.   Those who choose not to be vaccinated not only may become ill, but could also pass H1N1 on to more vulnerable family, friends and colleagues — including those who can’t be vaccinated due to alergies.

As a result, we continue to see people announce on the Internet that they’re not getting vaccinated. Some quote “facts” that are uninformed myths at best.  Some focus on the 1 in 100,000 serious reaction rate and completely loose perspective.  Others ignore a century or so of medical science and proclaim that they don’t need a vaccination because they are “healthy and take their herbs and vitamins.”

Chances are that you’ve already seen the writings of otherwise intelligent parents who are incapable or making good risk management decisions. Their blog posts usually start with how much they love their kids.  Then they latch on to the one quack that chargers people $50 each to attend a seminar to learn “the truth” and rationalize that “the medical community don’t all agree”.  They focus on the danger of mercury in vaccines, even though the exposure is less than you’d get from eating a can of tuna.  Or they repeat silly claims like suggesting that the vaccine is “untested”.

Some of these people obviously have other agendas.  It’s clear from their writing that they’re simply anti-vaccination shills. They write clever “balanced” articles pitting fact against laughable fiction and seek to “support” others who share their defective logic.

Some see themselves as rebells, not “giving in” to the experts who tell them they should be vaccinated.  The old phrase, “Rebells without a clue” comes to mind.

In others, the barrage of H1N1 information creates neurotic behaviour and they operate on a completely emotional level. They “agonize” (often at length and in writing) about how “difficult” the decision was.  They loose all perspective, and should you dare point out the flaws in their reasoning their feelings are hurt. How dare you suggest that they don’t know what’s best. They behave as if the act of conceiving a child instantly made them more knowledgeable on vaccines than the WHO, CDC, and the medical experts of countless countries, including their own. They have “the right” not to vaccinate themselves and their children, and as emotional people often do, they confuse having a right with it being the right thing to do.

(The Berlin Wall, December 1985.  Photo by Eric Jacksch)

Twenty years ago today the Berlin Wall fell, uniting East and West Germany. Celebrations today include fireworks, concerts, and the toppling of foam dominoes painted by school children. Spiegel Online International has a great collection of historic images and coverage of the 20th anniversary celebration.  They also have published their interview with Lieutenant-Colonel Harald Jäger, The Guard Who Opened the Berlin Wall (in English).

As H1N1 (swine flu) continues to spread, so does misinformation on the Internet. There are several emails in circulation that are simply wrong, and web sites with false information are popping up all over. And scams are starting to emerge.

We share this planet with people who still believe the earth is flat, lunatic conspiracy theorists who claim that the 1969 moon landing didn’t happen, and criminals bent on separating us from our money however they can. So it’s not much of a surprise that there are some people who “don’t believe in vaccinations” despite overwhelming evidence that the benefits clearly outweigh the risks. Or that some criminals don’t care who they hurt along the way.

If you find yourself reading these emails and web sites, please take a moment to remember that anyone can write an email claiming to be whomever they wish, and anyone can create a web site. It doesn’t make anything they say correct, honest or credible.  Surf on over to snopes.com and you’ll find many examples of emails that have circled the globe for years, often evolving as people take it upon themselves to embellish, edit and reattribute misinformation. Most of us have been taken in by at least one of them.  But what’s truly frightening is that some people could make important health decisions based upon fiction.  Don’t be one of them.

We will undoubtedly see a lot of H1N1-related scams as criminals seek to profit from fear. Some of these will be appeals for cash, and they are sure to tug at our heartstrings. Others will offer bogus insurance to protect those who become ill. And sadly we will probably see fake vaccines and bogus cures for sale as well. Don’t fall for it. Delete those emails and point your web browser to reputable sites for solid information.

Here are some links to get you started:

General Information

Australian Government

British Government

Public Health Agency of Canada

US CDC

World Health Organization

H1N1 Vaccine Information

Pandemic (H1N1) 2009 Vaccine

British swine flu vaccination programme

Health Canada Arepanrix™ H1N1 Vaccine FAQ

US CDC 2009 H1N1 Influenza Vaccine Info

The events Monday night in Toronto have the media and net buzzing.  (If you haven’t read about it yet, this Toronto Star article will get you started). While facts, opinions, observations, and premature conclusions dribble out in response to seemingly insatiable public curiosity, there is a question few are asking: What would you do?

Incidents like this are complex and journalists have a difficult job. The facts are difficult to ascertain and they must try to make sense of what they can learn. Only one person could have told us, for a fact, exactly what happened on Monday night. Unfortunately he was allegedly intoxicated at the time and died shortly afterward. The other party obviously knows the details of his own involvement, but not the history. And since he’s been charged with a crime it would be silly for him to discuss it with anyone other than his lawyer.

Many Canadians are under false the impression that our criminal justice system is about determining the truth.  It isn’t.  Truth, if found, is a by-product, not the primary objective.  Our criminal justice system considers only the evidence produced in court. The Crown tries to introduce sufficient evidence to prove guilt beyond a reasonable doubt, while the individual may or may not introduce evidence in support of their innocence. And in the end, the accused is found either “guilty” or “not guilty”.  The verdict of “innocent” doesn’t exist in our system.

Our criminal justice system also operates after the fact. Our laws tell us what we must not do, but rarely provide practical guidance. In fact, they are often such a complex mix of statue and precedent that even lawyers don’t agree on what the law actually is. And when the proverbial fertilizer hits the rotary bladed object, nobody is thinking about that anyway.

I’m not going to contribute to the speculation on what happened. Instead, I’m going to ask you to discard whatever preconceptions you have and consider three hypothetical situations:

1. You’re a police officer called to a minor disturbance. The person who appears to be causing it is somewhat intoxicated and has a bicycle, but hasn’t broken the law, at least not seriously. You determine that he should go home. What would you do?
2. You’re an alcoholic who has fallen off the wagon. The police have told you to go home, you’re riding your bicycle drunk, and you have a minor collision with a guy in a Saab. He’s angry with you and you’re angry with him. You exchange words and he begins to drive away. What would you do?
3. You and your wife are driving home from an anniversary dinner in a convertible. You’re involved in a minor collision with a cyclist.  He doesn’t appear hurt, just angry. Drunk and angry. He picks up his bike and throws it on the ground and slams his bag on your hood. You decide to drive away to end the confrontation, but he chases after your car and grabs on to the driver’s door. What would you do?

We don’t know for sure what happened on Monday, and before we speculate on whether Michael Bryant should be punished for it, we should be asking not only what happened, but also what we would do in his shoes.

A small group of cyclists in Toronto appear very polarized around this event. They’re trying to turn this into a cyclist vs. motorist issue. Understandably, many cyclists feel that drivers don’t respect their right to be on the road and point to this as an example.  On the other hand, many drivers are frustrated by cyclists who on one hand demand to be treated as equals on the road, yet ignore the rules of the road when it suits them. Then there are those of us who have driven cars, trucks, bicycles and motorcycles – and we’ve literally seen it from all angles.

While the dialog that may ensue about how motorists and bicycles can best share the road might prove productive, that’s not what this case is about. They’re separate issues. This case is about two men who had an encounter that I wouldn’t wish on anyone. One of them, Michael Bryant, stands charged with a crime and at best will be forced to spend a small fortune to defend himself. The other, Darcy Allan Sheppard, is dead.

And the question remains:  What would you do?

I remember watching the web go mainstream back in the mid 90’s.  Web servers and the Internet had existed for a few years, but URLs began appearing on billboards and product packaging literally overnight as a critical mass was reached.

Today we’re approaching another critical mass.  Blogs and social networking sites have been around for years, and many consider them mainstream.  Over the past few years some leading businesses have adopted blogs as a tool to communicate with customers.  People from all walks of life converse on Twitter, and businesses are starting to take note.  Major corporations, small businesses and individuals alike have recognized and are leveraging the power of social media to market their products, services and selves.

To gain insight into this phenomenon I did what any journalist would do in 2009: I posted to a site used by media and PR professionals indicating that I wanted to speak to an expert on social media marketing. I had about a hundred responses within two hours.

One of those experts is Jeremy Epstein, a Washington-based guru with one of the best elevator speeches I have ever heard, “I help clients build and ignite their customer communities to create outrageously effective word-of-mouth marketing programs.” Jeremy changed the way I thought about social marketing with a great analogy. Social media, he explained, is like going to a dinner party where you don’t know people. You sit down, shut up and listen. Then add relevant comments. If people are interested, they’ll ask. Epstein’s approach to “community driven marketing” involves creating and identifying raving fans, building relationships with them, and then having them market you to others. (There’s much more on Jeremy’s blog, ignitingtherevolution.com)

Brian Reich, Principal at Cambridge, Massachusetts-based EchoDitto Inc. and author of Media Rules! graciously took the time to explain the underlying principles. He explained that participation in social media is based upon of our natural desire to learn more and be connected to others. The technology simply removes barriers like geography and allows people to seek out those with shared interests. With media like Twitter, one can drop in and out of conversations as they desire, and “marketers have an unprecedented opportunity to be in conversation with their audience.” However, he pointed out that audiences have very high expectations that many marketers are failing to understand. His advice is to understand one’s audience and their expectations – to talk to them and listen.

Dallas Lawrence, VP of Digital Media at Levick Stategic Communications and author of bulletproofblog.com contributed a different perspective. His firm is a leader in crisis communications and he explained that digital media provides the power of immediacy and the ability to engage in conversations going on about your brand. And while he advocates direct engagement with bloggers, Dallas cautions that communication must be accountable and transparent. He pointed out that social media provides the most effective early warning system of issues involving a brand, and that an issue raised on one blog can quickly propagate throughout the blogsphere, YouTube, Twitter, social bookmarketing sites like Digg, and quickly find its way onto CNN in about 12 hours. In an interesting twist, bloggers now often drive traditional media and hold it accountable. Dallas advises his clients to know which bloggers are influential in their industries, listen to what they say and proactively reach out to them during a crisis.

Shelly Milam, Social Media Program Lead at Page One PR in San Francisco began by talking about the importance of metrics. Lots of people are doing social marketing, she explained, but that they’re not measuring its impact. For example, she could tell me that the use of social media had increased web site traffic 3500% for a major product launch. Shelly’s firm originally focused on open source clients and helping them to build communities. Today they also have clients like Cisco and Wine.com, who want to know the return on investment of their marketing activities. At the risk of oversimplifying, Shelly’s approach is to help clients define their message, determine how to measure it, and choose the best channel. (According to Shelly the top three are Twitter, Facebook, and LinkedIn.) Her advice to those new to social marketing is to start small, pick one tool based upon the audience you want to reach, identify the key influencers and engage them in conversation.

My sincere thanks to the pros that took the time to speak with me, as well as the hundred or so others that responded to my query. I would have liked to speak to each and every one of you. And perhaps, through the power of social media, I may be able to do exactly that.

I use a lot of Adobe products. Lightroom, Photoshop, Premiere and Acrobat to name some. So, when blogs started buzzing about an Acrobat vulnerability, they grabbed my attention. And, when my distinguished colleague Larry Seltzer at eWeek.com wrote that “It May Be Time to Abandon Adobe”, I began to wonder if the sky was falling.

Adobe deserves a Colbert-style wag of the finger and I can understand why Seltzer is frustrated by the delay in obtaining a patch. But his suggestion that companies consider dumping Adobe in favour of other third-party pdf readers — that he himself admits also have a track record of security issues — just doesn’t make sense.

Let’s take a look at what happened.

In February, a vulnerability in several versions of Acrobat was discovered.  In summary, it is possible to manipulate a pdf document so that your system becomes infected when you open it or under certain circumstances, when your computer indexes it (more on that later).

Things appear to have been quiet until Feb 19th, when various security researchers and vulnerability databases picked it up.  Adobe released an advisory the same day and updated it on Feb 24th.  The advisory stated that a patch will be available on March 11th.  They worked with antivirus vendors to protect customers, released a patch and have information on their blog.

Yes, Adobe had a security defect in their code and took a few weeks to release a patch.  Yes they need to be more careful and respond faster.  But that’s only part of the story.

Aside from the overly sensationalistic and unbalanced journalism, much of the buzz had to do with the fact that, as Stevens points out in his blog post, infection can occur, “…on a Windows XP SP2 machine with Windows Indexing Services started and Adobe Acrobat Reader 9.0 installed…And the bug happens in a process running with Local System rights!”  Nasty indeed, but that is only partially Adobe’s fault.

No process interacting with user data, including an indexing service, should be running with system privileges.  It’s the type of stupidity that should cause first year computer science students — and experienced IT writers — to point their finger and laugh.  No process indexing a user’s files should have the right to change operating system files. Ideally, the process also should not be able to write to any of the files it is indexing.  It doesn’t need those privileges to do the job and it shouldn’t have them. It’s called the Principle of Least Privilege.  If the operating system was properly designed, the impact of this code defect would have been significantly decreased.

If we really want to see fewer security vulnerabilities, we need to start better architecting software and operating systems and building-in security, rather than considering it as an afterthought.  We need to design systems to tolerate code mistakes without breaching security.  It can be done but software developers won’t do it until the market demands it.

Or, I guess you could just take Seltzer’s advice. Dump Adobe, and move to Foxit. That product hasn’t had a security vulnerability announced in two days. And look, it’s the same issue as Adobe. Or take Seltzer’s advice and try Sumatra PDF, an open source solution that has about 200 open defects, some of which are from 2007.

Adobe may not be perfect and the company could have reacted faster. But put away the pitch forks. Or, at least, aim them in the right direction.

A recent count case in Minnesota poses an interesting question. In summary, a man accused of impaired driving says he should be able to review the source code of the breathalyzer used to gather the evidence against him.

On the surface, the man’s request seems reasonable. As I understand it, the primary evidence against him is that he exhaled into a box and it displayed a number. And that number was too big.  In fact, everyone who drives, impaired or not, presumably has an interest in the accuracy of the device.

But the manufacturer, CMI, Inc., and the State of Minnesota apparently disagree, and they have convinced both the trial and appeal judges that handing over the source code would be “unreasonably burdensome.” So unless the defendant launches another appeal — or perhaps buys one and sends it to a lab for analysis — he appears to be out of luck.

I’m inclined to believe that the accused is simply looking for any possible way to have the evidence against him excluded. But that’s the way the system works. To be convicted, the accused must be proven guilty beyond a reasonable doubt. He has the right to cross examine human witnesses, so it simply doesn’t make sense that he’s not allowed to examine the functioning of the machine that says he was over the legal limit.

What could go wrong

There are a number of things that could go wrong with an electronic breathalyzer.  Presumably, aging or failing components that change the readings would be picked up during calibrations, so there are likely some procedural safeguards. But what if the developer made a mistake or took shortcuts?  Converting the output of an optical sensor into alcohol in the breath into blood alcohol levels must involve some math. What if there is a bug in the math libraries that hasn’t been discovered?

Then there are issues such as version control. Did the right software get loaded onto the device? Has it been upgraded? Can the vendor reproduce the exact code loaded onto devices sold several years ago? Has it been modified?

The last question should send shivers down a Judge’s spine. The device is in the custody of the same person who laid the charges and, therefore, has an interest in seeing a conviction. While the vast majority of police officers play by the rules, we are obliged to ask the question: What checks and balances are in place to stop that one bad apple from tampering with the device? Without appropriate safeguards, you too could be just one firmware mod away from a criminal conviction.

What should be done

An objective third party can examine all aspects of the software development life cycle, the software, the hardware, field maintenance and related security controls. If the manufacturer has done its job, the third party report will depict a reliable and trustworthy device. In fact, if the manufacturer has done its job, it should welcome the notion of an objective third party doing just that. On the other hand, if the manufacturer hasn’t done its job, we’ll all know that, as well.

According to Bill Collins, sales manager at CMI, the product was thoroughly tested by the National Highway Traffic Safety Administration, part of the United States Department of Transportation, prior to sale to law enforcement agencies. Individual States also test the device and it has been subject to other third party examinations prior to being generally accepted by the courts.  He made another very good point: Source code is only one part of the device and, to draw a meaningful conclusion, one would have to examine the entire device including both hardware and softwar.

Preserving defendant rights

While I sympathize with the company and understand its desire to keep the proprietary source code confidential, impaired driving is a crime and a conviction can have major implications, including restrictions on employment and travel. Criminal defendants must be allowed to examine the evidence against them. Intellectual property concerns are a red herring – courts have long had procedures in place to allow the examination of sensitive information in a controlled manner.

If a defendant wants to retain an expert to conduct such an analysis, he or she must be allowed to do so. If the product is solid, defendants will quickly find out that they are simply throwing their money away. Some American states including Florida agree and have upheld the defendant’s right to examine the code.

In the words of English jurist William Blackstone, “Better that ten guilty persons escape than that one innocent suffer.”  Allowing any black box to produce evidence is a slippery slope that we can’t afford, and product vendors should take note. It won’t be long until other devices like digital recorders are subject to the same scrutiny. Until we illuminate inside, outside and around the box there is no justice.

Businesses, transit users and those of us who drive to work all suffered during Ottawa’s transit strike.  However, we can learn valuable lessons about business continuity planning that are equally applicable to an influenza pandemic, severe storm or even a terrorist attack.

There is a segment of our population who simply must get to work: Police officers, fire fighters, teachers, bankers, assembly line workers and those in the health care, retail and hospitality sectors. But many of us can — or could, with the right solution — work from anywhere we have access to a computer and telephone rather than sitting in traffic.

Now, before I give you the wrong impression, I do live in the real world.  Face-to-face meetings are often more desirable than teleconferences, and some companies aren’t set up to support remote workers.  Some corporate cultures are such that working from home is seen as a euphemism for a day off and having one’s buttocks pressing upon a chair for the requisite number of hours is considered far more important than actually getting work done.  As a result modern day office martyrs drag themselves to the office when ill and consider sprinkling their viral load amongst colleagues a badge of honour.

When we step back and look at the issues from a broader point of view, it’s clear that during a transit strike we would all benefit by keeping the roads clear for those who must go to work and spending our time working instead of sitting in the car.

From a business perspective, not only are there advantages during transit strikes and severe storms, but the capability also allows the organization to function despite other emergencies such as fires, building evacuations and localized power failures.  Enabling employees to work at home also helps to retain top talent by promoting a better work-life balance. And less commuters is a better thing for the environment as well.

Enabling remote work — like any other infrastructure change — does have security implications.  Some organizations already have fundamental components in place such as laptops with VPN connectivity and the ability to forward phone lines.  For those who don’t, products are available to specifically address the issues.

One company seeing increased interest in their products is Route1, the Toronto-based firm that developed the MobiKEY product. “The user simply plugs MobiKEY into any computer with Internet access and within seconds they are able to access their home or office computer through the TruOFFICE service,” explained Tanieu Tan, Director of Marketing.  “With MobiKEY, all information remains behind the corporate firewall and no footprint of the work session is left on the guest computer. In the event that there is malware on the guest computer, it can not be introduced into the corporate network, making this a very secure solution.”

The product also offers other features to facilitate secure access to Web portals or specific applications instead of an entire remote desktop environment.  These solutions also tout a high level of security by eliminating dependence upon applications on the user’s local computer.

So, whether you blamed the City, OCTranspo workers or, perhaps, both, we did get a great lesson in business continuity planning.  Acting now can better enable you and your company to cope with similar events in the future.

What would you think if you searched the Internet after the Canadian federal budget is presented tomorrow and every article you could find about it was positive? How would you feel if you attempted to visit the blog of an outspoken critic and the site was suddenly gone?

More than 2000 years ago the ancient Chinese strategist Sun Tzu wrote about controlling and manipulating information. Politicians, military leaders and advertising agencies (to name just a few) have spent much of the time since refining their techniques. For example, during the cold war, nations such as the Soviet Union and East Germany used high-power transmitters to jam western radio and television broadcasts to prevent their citizens from watching and listening to them. At the same time, western countries used shortwave radio stations to broadcast programming specifically intended for the eastern audiences.

While radio frequency jamming continues in some parts of the world, the battle is now mostly online. Canadians can fairly expect to read all sorts of opinions on the budget but citizens of some other countries, notably China, aren’t so fortunate: Their government operates extensive filters in an ongoing attempt to suppress opposing viewpoints.

Other countries are more subtle. For example, at last report Australia was still moving forward with its “Clean Feed” project, which would require Australian Internet Service Providers to implement mandatory filtering. The filter was initially touted as a “cyber-safety” measure for homes with children. However, according to Electronic Frontiers Australia, “Recent comments by experts have revealed the existence of a second, secret black list that would apply even to homes that managed to opt out of the child-safe filtering scheme.”

The problem with all these schemes is who gets to decide what content is filtered and how the decision is made. Child pornography is universally unacceptable and proponents of filtering thus often use it as an example and a justification. Material such as hardcore pornography, information on how to make bombs and the words of those who propose policies such as genocide also have few public defenders. Then there’s nudity and violence. Some people find nudity offensive in itself, while others perceive the human body as beautiful. Some parents allow their young children to watch violent cartoons while others hope to never expose them to Elmer Fudd, the madman with the shotgun, or Wile E. Coyote and his nasty dynamite habit.

Government-imposed or Government-controlled Internet censorship is extremely dangerous. Once filters are implemented, politicians and bureaucrats will be under constant pressure by special interest groups to block additional content. Adding a Web site to the blacklist will always be a safer political decision than not adding it. Pornography will be first because very few people are willing to publically support it, followed shortly by any form of nudity. Religious groups will quickly organize and apply massive pressure to censor Web sites about abortion, contraception, homosexuality or that dare question the existence of God. You might disagree, and perhaps you personally might have the courage to stand fast against such groups. Now put the same decision into the hands of a group of people concerned about being re-elected and see how quickly the blacklist grows.

Of course once the filters are in place, there will be other uses for them. Fighting with terrorists? Block their Web sites to protect your citizens. Find complaints about the goings on in Gaza politically costly? Just flip the switch. Let there be no misunderstanding: These filters allow Governments to choose what we can and cannot read, to curb discussion and to silence dissent. And, no matter how noble the initial intent may be, they will be abused.

On December 10, 1948, the General Assembly of the United Nations proclaimed the Universal Declaration of Human Rights.  Article 19 reads:

“Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers.”

Whatever we think of the UN’s effectiveness today, the fact remains that, a few years after the end of the Second World War, a majority of the countries around the world saw fit to include this principle alongside other fundamental human rights. We must not allow short-sighted politicians to take this right away.

The Messaging and Mobile Media division of VeriSign is estimating  a record 1.4 billion mobile messages will be sent on Inauguration Day. But President Barack Obama probably won’t be sending or receiving any of them. At least, not on Inauguration Day.

Obama and his Blackberry on the campaign trail.

There has been an onslaught of articles posing questions such as, “Is the BlackBerry secure”  and probing issues like access to the President’s email.  But there are much larger issues here.

As a Canadian, I have only a passing familiarity with the American legal system, so I won’t pretend to understand issues related to congressional access to Presidential email.  However, if the President of the United States doesn’t have the right to exchange private personal emails with friends and family, something is seriously wrong and it is not a technical problem.

In attempts to explain the security properties of most email, many have written that email is like sending a postcard. In reality, it’ s worse.  It is unlikely that someone working at a postal sorting facility could automatically copy every post card flowing through the system and walk out with it at the end of the day. Sadly, that’s all too easy with email. While larger ISPs have internal security and privacy processes in place, it still remains trivial to intercept copies of email, especially in the case of smaller Internet service providers. Email also leaves another trail: Virtually every mail server maintains a log file that shows the source and destination of every email message that passed through it.

The impact of this issue depends largely upon who you are. I, for one, would be flattered to hear that thousands of system administrators across the world searched their mail logs for my email address. However, such searches are guaranteed to happen within minutes of President Obama’s email address becoming known and the mere fact that Obama sent someone an email makes them interesting. Interesting enough that at least some system administrators will open the mailbox to have a look. And interesting enough that a number of organizations, both domestic and foreign, would be happy to pay for it.

The underlying issue is that, while the technology required to secure our email has existed for almost two decades, we don’t use it. Tools like PGP and the S/MIME capability built-in to Outlook are relatively easy to use but only an infinitesimally small number of people use them. And ask them what percentage of their total email is protected and you’ll quickly hear that most of their friends don’t have the capability to exchange encrypted email.

Yes, there are some issues with the BlackBerry, most notably that the encryption technology used in the device should be improved. But we need to keep the vulnerabilities in perspective. For most of us, our BlackBerry is not the weak link because intercepting the data and decrypting it is expensive, complicated and illegal. On the other hand, I would expect at least a dozen countries to spare no expense to monitor the President’s personal email. Put in security terms, few of us face a threat agent with sufficient resources and motivation to intercept the radio communications to and from our BlackBerry and break the cryptography. But the President does and the beauty of intercepting radio waves is that nobody can see you do it.  While personal emails may be benign, they can give some insight into what a leader is thinking, what other people are telling him and who his friends are.

Other issues exist, including the fact that any mobile phone, BlackBerry or otherwise, can be used to tell where someone is located when it is turned on. I won’t repeat the countless scenarios that people are posting to the net. They don’t matter. We already know where the President is. Anyone who needs his BlackBerry signal to find the Presidential motorcade isn’t much of a threat. And, after all, the devices do have an off switch.

But there’s another force at play that has nothing to do with security. Obama’s BlackBerry provides him with a direct path to the Internet that bypasses his advisors. Email, web, and telephone that they don’t screen or control. Just imagine the President asking a friend, former senate colleague, or anyone else for their opinion via email or instant messenger. This type of connectivity has the potential to change the White House and I’m sure that at least some people don’t like that.

I hope that President Obama keeps his BlackBerry. Ensuring that the President remains plugged in is a good thing. I also hope he assigns someone a new job: Fix email security. While few of us face the same threats as the President, given the economic climate and widespread economic and industrial espionage facing virtually all developed countries, we would all benefit from more secure email. I also hope that Canadian-based Research In Motion, maker of the BlackBerry, seizes the opportunity to increase the security provided by their products. We’ll all benefit from that, as well.

Years back, we used to joke about virtual reality gaming and what would happen if a total virtual environment like Star Trek’s holodeck was really invented. As I recall, our consensus at the time was that those who couldn’t separate virtual and real worlds would probably die of starvation. While we’re fortunately not quite there yet, blogs and traditional media have been buzzing about a British couple who divorced over an alleged virtual affair in Second Life. There’s part of me that really hopes this is an elaborate publicity stunt but, sadly, it is probably not.

Second Life is a cutting edge online game. It allows three dimensional movement, people can create buildings and objects that have a realistic aspect to them — and it has an economy. Not only can players trade virtual currency but that currency can be converted into real-life dollars through official and unofficial currency exchanges. So, you can play for free, you can use real money to buy virtual property and you can also, if you have enough time on your hands, earn virtual money and sell it for dollars. In some ways, people have been doing that for years by playing games long enough to build up a character to the point that others would buy it from them instead of starting the game from scratch. But the formalized money exchange makes Second Life somewhat unique. And, while I call it a game, some people take it much more seriously. After all, it is conceivable that some people might be able to make a living working in this virtual world.

On Second Life, you create an ‘avatar’, or what most gamers refer to as a ‘character’”. It’s a thing that you control. You choose its gender, what it looks like, what it wears and where it walks, jumps, sits — or flies. It might look like you or it might not. You might choose your own gender, or perhaps the other. It’s the virtual equivalent of what kids do with stuffed animals, dolls and action figures. It’s way less real than the game piece I move around the board playing the Disney Princess version of Monopoly with my daughter. Second Life is a virtual world existing only inside a computer.

But despite the fact that it doesn’t exist, apparently some people manage to immerse themselves in Second Life to the point that it becomes real to them. According to media reports, this couple met online, at some point got married and, apparently, it went downhill from there. The husband’s virtual character allegedly had a virtual encounter with a virtual prostitute and his wife’s virtual character girlfriend left him. But, in real life, they stayed together. Then she allegedly hired a virtual private detective to set up a virtual ‘honeypot’ trap. Things went well. Her virtual character decided to trust his virtual character, and they subsequently had a splendid virtual wedding. Then she apparently found his virtual character ‘chatting affectionately’ with another virtual character and filed for a real-life divorce.

There is no mention as to whether any of the virtual characters required a visit to the virtual doctor for virtual tests or virtual antibiotics but one thing is certain: Some people apparently need to log off Second Life, turn off their computer and spend some time in their First Life for a change.

If your smoke alarm started beeping for no reason, you’d probably head out to the hardware store and buy a new one. Indeed, as part of the City of Ottawa’s “Wake Up! Get a Working Smoke Alarm” program, residents are urged test their smoke detector and change the battery twice a year. But apparently it took a $562,000 fine to wake up City staff.

In this case, it wasn’t about smoke detectors but, rather, the alarm system that would have alerted staff as 764 million litres of sewage poured into the Ottawa river.

According to the recent report by Ottawa’s Auditor General Alain Lalonde, in August 2006 sewage continued to flow into the Ottawa river for twelve days after a storm ended. It only stopped when a staff technician noticed an anomaly in the flow monitoring data.

So what went wrong? City management blatantly ignored best practices. Nearly 40 years ago, the American Public Works Association (APWA) reported that the type of equipment used by the City required, “a continuous preventive maintenance program in order to function properly,” and and made two recommendations:

• Inspections once per week and after each storm, and in no case less frequent than twice per month; and,
• After each storm.

Despite these recommendations, in 2001, following Ottawa’s municipal amalgamation, inspections were reduced to once per month and none after rain events. And, as if ignoring recommended inspections wasn’t bad enough, the auditor general points out another shocking problem:

“The former Regional Municipality of Ottawa-Carleton (RMOC) had a system of alarms on these regulators. The alarms were connected to the pagers of the program managers and supervisors in the sewer maintenance system. The alarms would go off frequently and a number of false alarms occurred. Shortly after amalgamation, the alarm system was allowed to fail and was never repaired. During interviews for the audit, the Manager, WDSD and Program Manager, Sewer Maintenance acknowledged responsibility for the decision to reduce the frequency of inspections and to not replace the alarm system.”

From a security perspective, this type of scenario is far too common: Best practices were ignored, security controls were removed and the combination resulted in a high level of risk that was not recognized until it was too late. While the managers involved should obviously have known better (and, since three of them were subsequently fired, it would appear that someone at the City agrees), incidents like this are usually indicative of a much larger problem — and that’s unfortunately where Lalonde’s report falls short.

If the City of Ottawa had a good risk management framework in place these critical changes would have triggered an updated risk assessment, the increased risk would have been immediately obvious and action would have been taken to reduce the risk. Accidents happen but this was no accident. The City of Ottawa failed its citizens on several levels. Hopefully, they’re awake now.

Justice Paul Perell of the Ontario Superior court ruled yesterday that Bell ExpressVu’s administrative charge to customers who fail to pay their monthly bill on time is illegal. In summary, the $25 late fee was found to violate the Canadian Criminal Code provision that makes it illegal to charge an interest rate in excess of sixty percent. As the Vancouver Sun article points out, this ruling sends a strong message to other companies that charge similar fees.

My piece on Notre Dame High School banning the use of personal electronic devices on school property is on page 15 of today’s Ottawa Sun.  If you don’t have a paper copy, you can read it online.

In summary, our schools need to do more educating and less banning.  Pushing a social problem off school property by banning technology may be easier for the school, but it benefits neither society nor students.

I’m out of town on business for a few days, so I haven’t seen it yet, but I’m told that my article on firearms appears in today’s Ottawa Sun.