1. Technology is a Two-Edged Sword

2. Total Information Awareness

3. The King is Dead...Long Live the King(s)

4. Email Encryption

5. How public is your telephone number?

6. Resource for software practitioners

7. Resource for speakers

8. Software Development Conference

9. Wacky Website

10. Not so fun fact

1. TECHNOLOGY IS A TWO-EDGED SWORD - Don't get cut on the back swing

"Technology ... is a queer thing. It brings you great gifts with one hand and stabs you in the back with the other." Or so says C.P. Snow.

I recently had an exquisite example of exactly what Snow was talking about. I recently purchased a new car, and I added a navigation system - one of those gizmos that use the Global Positioning system (GPS) to keep track of where you are and tell you how to get to your destination. Now, I'm pretty good with directions, but the first night I had the new car, I had to go out into the country a ways to pick up some paperwork for my son's soccer team - to a location and area which I'd never visited.

It was 7:30pm, dark and foggy, and I figured this was a good time to try out the navigation system. I punched in the address and started off, listening to the generic female "phone voice" as she told me how to get to my destination.

It worked flawlessly. There were several blind corners and quick turns out in the middle of nowhere, but the sweet "Next Left Turn" voice got me to the house with no false starts.

Once I had the paperwork, all I had to do was push the "Go Home" button and I was on my way - again flawlessly.

In that respect, the system was excellent - it "brought me a great gift", in Snow's terminology.

The downside - the "stab in the back" -- is that I have absolutely no idea of how to get to this place again! In other words, I am completely dependent on the navigation system for this address, unlike situations where I don't use the navigation and can get back to the same location after only one time of finding my way there.

An interesting question is: If I continue to use the navigation system, will I lose the ability that I have to find my way to places and avoid getting lost?

What do you think?

2. TOTAL INFORMATION AWARENESS - I'm from the government and I'm here to help you!

You've probably heard something about this already: retired Rear Adm. John Poindexter (the same John Poindexter who lied to Congress about the Iran-Contra affair) is leading a new government effort supposedly designed to track down terrorist activity. In short, this new operation -- dubbed Total Information Awareness (TIA) -- is designed to "Detect - Classify - ID - Track - Understand - Preempt" transnational threats. It will do this by: (1) collecting information from a huge array of sources, including Transactional Data (Financial, Education, Travel, Medical, Veterinary, Transportation, Housing, ... and others), and Authentication Biometric data (fingerprints, face, gait, iris, ...); (2) creating extremely large scale "Automated Virtual Data Repositories" to organize the information; (3) creating analytical models to look for activity patterns in behavior; and (4) facilitating "Collaborative, Multi-Agency" operations and support that can lead to preemptive decisions against terrorist threats. Check out (http://www.darpa.mil/iao/TIASystems.htm) for the public website for this program.

The potential for abuse is tremendous, whether or not such a system (and this is a very ambitious system) can even be built. However, it has funding and has a fair amount of backing, although Senator Diane Feinstein does plan to "introduce legislation to ensure that TIA does not infringe on the privacy rights of Americans." (San Jose Mercury News, 11/23/2002). Couple this with the recently-signed Homeland Security legislation and the previously-enacted Patriot's Act, and the picture is clear: more secrecy and protections for government and corporations and less privacy for individuals.

Check out the Electronic Frontier Foundation (http://www.eff.org) for more information. As I was writing this article, TIA was front page news for them. Also, check out the NY Times Editorial on November 18, 2002, entitled "A Snooper's Dream", which quotes Poindexter as saying that "the technology can be designed so as to 'preserve rights and protect people's privacy...'" Given our past record for implementing system safeguards, I have to wonder about the reality of that statement.

More recent events have seen Congress put some safeguards in place, with Senator Feinstein making good on her plans to legislate privacy. However, such safeguards may not be sufficient. As one example, the Gainesville Sun reported on March 7, 2003, that the FBI "...recklessly misled judges to get search warrants that were used in making more than 100 arrests." US District Judge Denny Chin (New York) called the "...intrusion by the government 'potentially enormous'". Thousands of individuals would be subject to search, their homes invaded and their property seized, in one fell swoop, even though their only activity consisted of entering an e-mail address into a Web site from a computer located in the confines of their own homes," he wrote.

Fear of Flying

You've probably heard of the screening system planned for air passengers: now called CAPPS-II (Computer Assisted Passenger Pre-Screening System - II). The system has been proposed by the Transportation Security Administration (TSA - http://www.tsa.gov). It purports to build a profile of passengers, with the end goal being the calculation of a "risk score" for every passenger. Generate too high a risk score, and you could be precluded from flying.

How does the system arrive at this risk score? By examining data to be supplied by the airlines (name, address, telephone number, and date of birth) which is then combined with credit and other personal data obtained from government and commercial databases. Supposedly, the system will be able to collect and analyze this data in less than 5 seconds.

The Electronic Privacy Information Center (EPIC - http://www.epic.org ) and the American Civil Liberties Union (ACLU - http://www.aclu.org), part of a coalition of privacy and civil rights groups, sent a letter to Congress asking some key questions. (1) What information will be kept and who will keep it? (2) What oversight mechanisms will be implemented? (3) What other agencies or private organizations might have access to the information? You can find the letter at: http://www.epic.org/privacy/airtravel/capps_letter_032503.html. Other articles are located at: http://www.internetnews.com/bus-news/article.php/2013781 and http://www.internetnews.com/bus-news/article.php/2170311,

Security at what price?

The Justice Department is drafting legislation to follow the USA Patriot Act. The new law would be called the Domestic Security Enhancement Act (DSEA). Although not yet made available to Congress for review & comment, a working copy is available from the Center for Public Integrity at:

http://www.publicintegrity.org/dtaweb/report.asp?ReportID=502&L1=10&L2=10&L3=0&L4=0&L5=0.

Some of the more troubling aspects of this potential legislation include: (1) Increased options to eavesdrop on communications; (2) Establish a national database of "suspected terrorists" (very broadly defined); (3) Access to software/network encryption keys from software makes and Internet Service Providers (ISPs); and (4) Authorization to revoke the citizenship of US-born, natural citizens for suspected terrorist acts.

Keep an eye on this - it's only one of a variety of issues that threaten to seriously reduce individual privacy and civil liberties in this country. The extent to which the civil liberties and freedoms have already been eroded in this country should give you pause to consider how long some of those liberties will be around.

Criminal Justice?

I put the finishing touches on this issue yesterday (Saturday, April 5, 2003). This morning, Dan Gillmor of the San Jose Mercury News ran a piece in the San Jose Mercury News titled: "Why we may never regain the liberties that we've lost." (www.sjmercury.com, www.dangillmor.com) In it he covers two of the three points I've just made (he didn't mention the Domestic Security Enhancement Act or DSEA), and added a fourth that is equally frightening. The Federal Bureau of Investigation (FBI) has been notified by the Justice Department that the FBI is no longer required to maintain the accuracy of the National Crime Information Center (NCIC). The NCIC is a national database containing information about "...terrorists, fugitives, warrants, people missing, gang members and stolen vehicles, guns or boats." (See ABCNews.com for an original account: http://abcnews.go.com/wire/Politics/ap20030324_2121.html) Accidental or improper use of the information in this database has already resulted in innocent citizens being harassed or improperly detained. Bad information in this database can lead to innocent individuals being denied a job, for example.

What if you let anyone in your family - including the kids -- enter information into your QuickBooks system and no one was responsible for ensuring the accuracy of the data? Do you think you could trust your checking account balance for long? Now expand that thought to the NCIC database with 80,000 agencies (each with numerous individuals working on the data) entering information into a database with 39 million records and no one responsible for ensuring the accuracy of the data? Do you think you could trust that data for long? I don't and I can't imagine that you would either. For more information about this chilling lapse in the responsible use of information technology, see the Electronic Privacy Information Center at http://www.epic.org/actions/ncic). Or to sign a petition (not the email myth kind but a real, online petition) go to http://www.petitiononline.com/ncic/petition.html.

There is always a delicate balancing act between the powers of the government and the rights of the people - at least in this country. However, the increasingly ubiquitous nature of information technology, the relative ease with which it can be used or abused, and the lack of broad understanding of what technology can and cannot do is threatening to upset that balance.

Information Technology is increasingly embedded within our society, with the potential for pain as well as benefit. If the pain is merely too many Windows(r) crashes, that's one thing. But if the pain is an innocent life shattered, that's another thing entirely. GET INVOLVED.

3. THE KING IS DEAD...LONG LIVE THE KING(s) -- Printers aren't what they used to be

For quite some time now, HP has been the undisputed king of the printers; see http://www.hp.com/go/printexpertcenter. Their laser printers are eponymous and ubiquitous - particularly in the corporate world. They are the IBM of printers... you know what I mean, "No one ever got fired for buying HP printers." I've always been an HP supporter, installing them in my office and for my clients, primarily based on the features and the reliability.

Well, the times they are a-changing and I'm no longer an HP bigot. It crept up on me rather quietly when one day I looked around and realized that my last 4 printers were non-HP and that I had started out trying to buy an HP printer in all those cases.

I now have four printers besides my 4-year old HP LaserJet: two Brother MFC models for FAX/printing/scanning, an Epson 825 for photographic printing, and a Minolta QMS for color laser printing in the office. I'll tell you how I got here but the bottom line is this: price, features, performance.

My first non-HP printer was the Brother MFC 9500; see http://www.brother.com/usa/printer/printer_cntr.html. I had been using an HP FAX 300 machine for several years and I had been very happy with it. I figured to go look at the new HP machines and continue with another HP multi-function FAX machine. Not so. I spent some time reviewing what was available and finally settled on the Brother. The reason? It was less expensive than the HP and provided significantly more functionality. I did try out the HP machine, clinging to my HP dependency but when I found out that I could network the Brother and not the HP, my choice was made. For about $200 less, I got higher print resolution, higher color scan resolution, a networkable printer, and a direct video feed for printing from video. Just as important, I got separate ink cartridges for each color, so that I would not throw away usable ink just because one color had run out. At the time, HP appeared clueless on this issue. This feature alone is pretty much a driver for me when it comes to ink jet printers, although you'll see later that it can be overridden by other factors. This machine is still my primary company FAX machine and the machine I use for all my scanning, with the Visioneer software (by ScanSoft) that was included as part of the package. This software, as it turns out, has been worth most of the purchase price by itself, since it has allowed me to easily organize documents scanned for legal cases which are given to me.

When my wife needed a printer/FAX machine, I went back to HP and got one of their 800 series, but we weren't satisfied with the output or the reliability. So, we got another Brother MFC - this time a black and white laser machine. It has worked well, although there has recently been a problem with feeding letters in the envelope feed slot. In spite of this issue, we have better quality, faster printing, and overall equal reliability as we would have gotten from the comparable HP printer - and it can be networked.

Recently, I wanted a photographic printer (I have a Kodak Digital Camera which I love). Again, I looked at the HP and their competitors and the HP lost out. HP still doesn't offer much in the way of single-color ink cartridges while Canon, Epson, Brother and others make this a regular option. Secondly, HP's competition almost always provides higher print resolution, which makes a real difference in photographic printing. I spent quite a lot of time carefully printing samples and comparing them from the various printers and I finally reduced it down to HP and Epson; see http://www.epson.com/cgi-bin/Store/index.jsp. I liked the default colors from HP just a touch better, but the resolution was visibly better on the Epson. I was leaning towards the HP (I really am oriented... towards HP, even still :). However, when I showed two 8.5 x 11 prints to a photographer friend of mine, she immediately picked the print done by the Epson (I didn't tell her the source, just in case she had her own biases) as the hands-down winner. "You can always correct the color in Photoshop, but you can't increase the resolution!"

My final foray into printers was about two months ago. Following my election to the ranks of Certified Management Consultant, I wanted to send out an announcement and looked into the possibilities. The price simply floored me. To do 100 engraved announcements would cost about $750 dollars! Being the techie that I am, I immediately wondered if I could purchase a color printer and produce my own for the same price, leaving me with a color laser printer to produce my marketing materials. The Minolta QMS 2300 DL was available for $799 (see http://www.minolta-qms.com/products/index.asp), while the comparable HP Color LaserJet 2500 printer was available for $999. The Minolta came with a built-in ethernet connection, while the HP did not (that old "networkable" issue again). The quality was the same. The speed was the same. Well - what would you do? I bought the Minolta.

I still think that HPs are good printers. But, their price/performance is falling and has been for some time. If you ask me (and even if you didn't :), I think that HP is sitting on their laurels these days. They used to set the standard. Now that they are the standard, I guess they feel that they no longer have to push the envelope. I expect that approach will cause them grief. It's one thing to pay a little more for a printer that does the same as the competitors, but when it consistently does less, there's no longer the same incentive.

By the way: Check out PC Magazine (http://www.pcmag.com/article2/0,4149,669240,00.asp, December 3, 2002) - they rated the Minolta QMS against the HP Color LaserJet 2500 and gave the Minolta an "Editor's Choice" over the HP.

Wake up, HP!

4. EMAIL ENCRYPTION - Who is using it?

I'm curious.

Our society is getting more security conscious and we all know - or should know - that our email messages are sent in "clear text" format. That is, what you type is what gets sent and anyone that can intercept your email can read it.

So... is anyone encrypting their email? There have been products on the market for quite some time, including the grand-daddy of them all, Pretty Good Privacy (PGP).

Are you really using these products, or are you still waiting for them to hit critical mass?

"Critical mass" (or the "Tipping Point" as eloquently described in Gladstone's book by that name) is really important with new technology - especially for technology that requires two people to use it. If not enough people are using it, then people won't bother to buy it, and if people don't buy it, there won't be enough people using it, and... The price stays high since there are no economies of scale, and people won't make the switch since there aren't enough uses for it.

FAX machines are an excellent example. Contrary to popular belief, I don't necessarily jump to any new technology just because it's there. Many years ago when FAX machines were coming into play, I resisted getting a FAX machine for several years. One, I didn't like the curly thermal paper that those machines used, and two I didn't believe (still don't) in trying to use a PC as a FAX machine while trying to use the PC for anything else. So I waited ... and waited ... and waited. On occasion, I'd get the question: "Do you have a FAX machine?" and I'd explain that I didn't and we'd move on to other topics. I never failed to get the information I needed because I didn't have a FAX machine. FAX machines were simply not a requirement yet.

Then one day, a potential client asked me: "What is your FAX number?" I went out and bought a FAX machine that day because it was clear that we had reached some level of critical mass! I may have been an early purchaser of a FAX machine, but not until it had reached the tipping point.

I see the same situation with email encryption. The critical mass issue becomes extremely important when the use of the technology requires two or more people to have acquired the technology. FAX machines only work when BOTH people have the machines.

[TUTORIAL SIDEBAR FOR THOSE WHO DON'T KNOW HOW ENCRYPTION SYSTEMS WORK. Today's encryption systems generally use a mathematical algorithm to encrypt your data. This algorithm is constructed so that it uses two keys: one of the keys (the "Public Key") is used to encrypt the data and the other (the "Private Key") is used to decrypt the data. The Public Key is, as you would guess, made public. Anyone wanting to send you an encrypted message uses your Public Key to encrypt the message. As the recipient, you then use your Private Key - that only you know - to decrypt the message.]

No one is asking me "Do you have a public key", or "What encryption system do you use?", much less the tipping point question, "What is your public key?" OK, OK, I know that public keys are publicly available through the encryption system that you use, but you know what I mean!

So: here are some questions for you, my readers. Even if you have never used an encryption system, please give me your "No" response.

1) Do you use an email encryption system?

2) What system do you use?

3) How long have you been using it?

4) How frequently do you use it? [Daily, Weekly, Monthly, Yearly, I've used it but I can't remember when]

5) How many people do you communicate with using this encryption?

6) How would you rate your experience with encryption? [Awesome, Good, Neutral, Poor, Awful]

7) Any other comments?

Assuming sufficient response, I'll publish the results. I'm even willing to conduct some limited tests if there is anyone out there who wants to try it out. Maybe we can even be part of reaching the tipping point for this technology.

If you're curious about email encryption systems, check out the following links:

PGP (Pretty Good Privacy - the granddaddy of them all; Free; Linux, Mac, Windows, plus...): http://www.pgpi.com

GnuPG (Free Software Foundation; Free; Linux, Mac, Windows, plus...) - http://www.gnupg.org

QDPGP (for Pegasus Mail; Free; Windows): http://community.wow.net/grt/qdpgp.html

Top Secret Messenger (Encryption Software Inc; $15; Windows (Outlook), plus...): http://www.encrsoft.com

Encryption Plus (PC Guardian; Price unknown; Ms Outlook, Notes): http://www.pcguardian.com

PrivyPad (SlavaSoft, Inc.; $20; Windows): http://www.slavasoft.com/privypad

If you know of others, please let me know.

5. HOW PUBLIC IS YOUR TELEPHONE NUMBER? -- Limit your exposure

You've all heard, I'm sure, that the term Google is morphing into a verb? As in "I've been Googled," meaning someone has looked you up in Google. Besides the simple approach of looking up your name (try it on yourself and see what you come up with!), folks can now type in a phone number and get information back about the person or business connected to that phone number.

If it's your business number, that's probably OK, but you might not want your home phone to be so listed (again, try it out on yourself and see what you get - you may see your name and address pop up at the top of the list with a special icon that Google uses to identify a phone listing that looks as if it were pulled out of a telephone book).

If you like it, then you don't have to do a thing.

If, however, you don't like that kind of exposure, Google has provided a mechanism to take your name off the list. It won't remove web page links that have your name on them, but it will remove the telephone listing itself. Here's how.

Go to the URL http://www.google.com/help/pbremoval.html, fill out the form, click the "Submit Form" button, then go back and test the phone number - you should find that it no longer shows up in the Google phone listing format.

I took my home number off - I may want my business number to show up, but not my home phone.

6. RESOURCE FOR SOFTWARE PRACTITIONERS -- "The DOD Software Tech News"

This is a free quarterly publication from the Data & Analysis Center for Software (DACS) that describes what's new in the DOD's (Department of Defense) software world. According to their website (http://www.softwaretechnews.com), "The DACS is the DOD Software Information Clearinghouse serving as an authoritative source for state of the art software information and provides technical support to the software community." But it's more than just news. The November 2002 issue focuses on "Return On Investment from Software Process Improvement" (SPI) and includes several well-researched articles on real-world benefits achieved through SPI. The article by Solon and Statz ("Benchmarking ROI for SPI") highlights some interesting correlations between software process rigor, software process maturity, and productivity. Register for your free copy at (http://www.softwaretechnews.com/awareness/newsletters/listing.shtml) or download the articles from this and previous issues. RECOMMENDED.

7. RESOURCE FOR SPEAKERS - "Presentations" Magazine

This is a free magazine (http://www.presentations.com) that targets people who give presentations professionally, usually in a corporate environment. As such, it provides articles about speaking, How-To's on making better presentations (usually using MS PowerPoint), and reviews on products. Last month they gave their "Standing Ovation" awards for the best hardware and software for presenters. One interesting product that they described was a "remote control" device for controlling your presentations from afar - something that really can make life easy if you don't want to be tied down next to your laptop when you're giving a presentation. Once you've used such a device, I'll bet that you won't want to go back to presenting without it.

I've used several such products in the past few years for presentations and recently purchased a new device from Remote Point by Interlink Electronics at http://www.interlinkelectonics.com. It's pricey ($169), but it had the combination of features that I wanted. These features included several different programmable functions and the option of using the device without having to install any software at all (I have too much experience with Windows to believe that I can just install "one more small program" and still have everything work right!). It has a laser point built in, the device is extremely comfortable to hold and use for a long period of time, and it worked flawlessly the first time out of the box. Not only that, but the wireless connection is only marginally directional, so I don't have to accurately "aim" the device at the antenna connected to the PC - I just wave it in the general direction and it works. HIGHLY RECOMMENDED

8. SOFTWARE DEVELOPMENT CONFERENCE - STC 2003

Check out "The Fifteenth Annual Software Technology Conference", being held in Salt lake City, UT, from April 28 - May 1, 2003. It's put on by those folks at Hill Air Force Base (the Software Technology Support Center) that publish the excellent CrossTalk software development magazine. To find out more about the conference, see http://www.stc-online.org. Or call 1-800-538-2663.

9. WACKY WEBSITE - Creative...

Check out http://www.huhcorp.com. All I can say is: "Huh?" and thanks to Allen Peterson for this gem.

10. NOT SO FUN FACT - Lost technology jobs

"The United States has shed about 560,000 high-tech jobs since 2001, putting 10 percent of its technology employees out of work and potentially diminishing the industry's political clout. Last year alone [2002], about 236,000 high-tech jobs were cut."

SOURCE: American Electronics Association, Tech Employee Update, as reported in Silicon Valley Biz Ink, March 28, 2003.

.