December 21st, 2007

Demo: ClusterSeven's Enterprise Spreadsheet Manager tightly monitors spreadsheet integrity

Posted by David Berlind @ 6:49 am

Categories: General, Government, IT Management, Legal, Reviewcasts, Software Infrastructure, Video

Tags: Monitor, Spreadsheet, Cell, Productivity, David Berlind

How many times have you stared at the bottom line of a spreadsheet that’s full of formulas knowing exactly what figures should be there, only to find that there’s a different set of numbers staring back at you than the ones you expected. You know there’s an offending cell somewhere, but the spreadsheet is too complex to find it and, with some deadline looming, out of exasperation, you start replacing formulas with hard coded numbers just to get it fixed, at least until after the deadline when you’ll have more time to figure out what went wrong. What’s the harm? Right? After all, the people looking at the final product might only be looking at a printout or a PowerPoint slide.

Well, given today’s compliance laws, the harm could be huge because of how those numbers can easily bubble up into an quarterly or annual earnings report. If such over-ridden cells end up corrupting some bigger picture report, the results could be disastrous (literally and figuratively). To help organizations and auditors keep spreadsheets from inadvertently (or even purposely) running amok, ClusterSeven has come up with a solution called Enterprise Spreadsheet Manager (ESM). In the attached video, ClusterSeven’s vice president of product marketing Ralph Baxter demonstrates how ESM can be configured to keep a watchful eye over any cell or range of cells in any spreadsheet.

As the contents of those cells change, ESM keeps track of when the changes were made, what the new values are, and who made the changes. In other words the audit trail is extremely tight. As you can see in the demo, one of the cool things ESM does is it monitors if cells are switching from their original programming type to another: for example from a formula to a hard-coded number (a sure sign that a spreadsheet and anything that depends on it could end up in a state of corruption).

ESM also graphically presents trends in cell and spreadsheet integrity. The advantage, which Baxter shows at the end of the video, is that those charged with compliance or auditing can build a single graph that includes trend lines for dozens or even hundreds of spreadsheets. Where a cell exceeds company-set thresholds for integrity (eg: varies from some number by a certain percentage, or a formula is suddenly overridden with hard-coded numbers), the trend-line fluctuates from its steady state wildly (making it easy to spot). Why would this be helpful? Well, if your annual report doesn’t look right but it depends on data coming from 100 or 1000 spreadsheets scattered throughout the organization, a single graph that monitors the integrity of all the spreadsheets that feed into that annual report can help spot the needle in the haystack that’s causing the problem. Otherwise, auditors and financial analysts might have to manually sift through every spreadsheet — a process that could take days or weeks.

All this whizbang functionality would be of limited help if it couldn’t be attached to an alerting mechanism. According to Baxter, there are ways to connect it to e-mail, internal LAN-based alerts (like Netsend) and SMS. ESM supports other spreadsheets beyond Excel (Google Spreadsheets for example). It also doesn’t come cheap with the average starting price ranging between $50K-$100K. But for some large companies where compliance is king, that could be pocket change given the sort of risk it mitigates. Finally, it requires the installation of two servers: Windows Server and Microsoft’s SQL Server 2005.

December 17th, 2007

Chartered to protect the henhouse, has the FTC turned into a fox?

Posted by David Berlind @ 3:47 pm

Categories: General, Government, Legal, Security

Tags: ZIP Code, Bureau, Database Company, FTC, E-mail, Government, Databases, Online Communications, Enterprise Software, Software

I rarely get e-mail from the USA Today’s Byron Acohido (who from time to time interviews me for my opinions on tech). But today, Acohido drew my attention to a story that he has co-authored with Jon Swartz under the headline FTC under fire as credit bureaus sell consumers’ data.

The story draws attention to a complex Web of potentially conflicting interests involving Federal Trade Commission Chairman Deborah Platt Majoras, the law firm she used to work for, her husband who still works for it, how that law firm represents one of the big three credit reporting bureaus, and whether or not the FTC has morphed into an agent of the credit reporting bureaus’ success from the consumer guardian that The People have entrusted it to be.

While the targets of this follow-the-money like inquest deny any impropriety, I can certainly understand the position of Robert Kuttner, author of The Squandering of America: How the Failure of Our Politics Undermines Our Prosperity who, who in response to the USA Today inquiry, said:

Federal agencies that are supposed to be looking out for the consumer are really protecting the companies that do bad things the agencies were set up to prevent.

I felt precisely this way when virtually all the real teeth were removed out of the proposed legislation that eventually turned into the Can Spam Act. At one point, the legislation included language that prevented senders of bulk commercial e-mail from sending that e-mail to anybody but those individuals with which they had pre-existing relationships. In other words no blind prospecting or solicitations of your inbox.

But, arguing that benefits of unsolicited commercial e-mail (aka SPAM) outweighed the harms, lobbyists for the advertising and marketing industry fought tooth and nail to get that piece of the legislation removed and succeeded. It my mind, it was the ultimate selling-out whereby the government ended up representing the interests of big business rather than those of us in consumer-land who must endure those harms — the worst of which today is that we have no idea whether our e-mails are reaching their intended recipients due to over-zealous spam filters on the other side. It’s a mess.

According to the story:

In February, the National Association of Mortgage Brokers lambasted the FTC for giving the credit bureaus tacit approval to keep selling listings — called “trigger lists” — containing personal and financial data of prospective borrowers. Some unscrupulous lenders used trigger lists to contact people who recently filled out a loan application, and then pitched them subprime mortgages, higher-priced loans aimed at people with spotty credit histories but also marketed to borrowers with good credit.

I have been wondering for a while why, during the earlier part of this year, I received so many solicitations promising to beat my current mortgage rate and how these outfits that I never heard of managed to get a hold of the data that was intimate to me. Now I know. In other words, this is unquestionably one of those data stories involving the thorny question of who gets to control what happens to our personal data when. What this story demonstrates (that’s not readily apparent to the naked eye) is the role that the government can play in protecting us, or perhaps giving the companies it’s protecting us from the carte blanche they want to take advantage of us.

Earlier today, in response to a blog post I wrote earlier this year about the waning anonymity of cash (and how we are sometimes accosted for personal information at the point of sale the way Radio Shack used to do) and how I didn’t mind terribly being asked for my zip code, one ZDNet reader wrote to me:

I used to think this information was used so that stores could figure out where there customers were coming from. But I’ve learned a lot about data aggregation companies like Axciom, Experian, etc. and I’ve learned exactly how the zip code is used.

The zip code is most useful to the retailer when you use a credit card. Because they have your name from the card, and also have your zip code now, you are generally findable on the massive consumer databases housed at Axiom, InfoUsa, etc. For instance, there is probably only one Keith Goodman in my zip code of 20001. The retailer now has a valuable piece of information that they can sell to a consumer database firm: your purchase history. I don’t think they sell the information about the specifics of what you are purchasing, but the general category you purchased. For instance, if you buy something at a sporting goods store, the store probably reports to the database firms that you are “A purchaser of sporting goods.” Don’t be surprised if you start getting LL Bean, Cabellas, and similar catalogs since the consumer database firms are selling your purchase history to buyers.

Well. Now I have a little bit more insight into why trees are dying to fill my mailbox (snailmail box) with catalogs that I never requested. And they are. I have back pain to prove it (back pain from carrying a recycling bin full of heavy stock catalogs to the curb). All of these stories (including the recent FaceBook Beacon debacle) fall into the same category of APD Syndrome: Abuse of Personal Data. The question is, what will be that next evolutionary step that resets things so that we have the final word on such sensitive information.

December 4th, 2007

Did the W3C acknowledge CDF's potential as an office format (vs ODF) in newly public e-mail?

Posted by Dan Farber @ 12:10 pm

Categories: General, Government, Legal, Office 2.0, Open Source, Personal Technology, Software Infrastructure

Tags: W3C, Microsoft Corp., E-mail, OpenDocument Format, IBM Corp., CDF, Edwards, OOXML, OpenDocument Format (ODF), Emerging Technologies

Last week, after interviewing most of the players involved in a controversy regarding the future of the OpenDocument Format (a controversy mostly rooted in the confusion of two nearly identical but very different acronyms: ODf and ODF), I noted that some of those players — IBM, the World Wide Web Consortium (W3C), and the principals of the now-defunct OpenDocument Foundation (ODf: an organization that, despite its name, was never the official or even un-official chaperone to the OpenDocument Format standard) — had very different recollections of certain conversations.

On one side were the principals of the shuttered ODf (again, an organization that’s not to be confused with “the Format”) who claim that in conversations or e-mails, both IBM and the W3C have, independently of each other, validated the notion that the W3C’s Compound Document Format specification (CDF) could play a role in storing and retrieving productivity (a.k.a. “office) documents (word processing, spreadhsheets, presentations, etc.).

Gary Edwards and Sam Hiser, two of the principals behind the former ODf (Foundation) — an outfit that was once a proponent of ODF (Format) — now claim ODF to be inviable as a global open standard for office documents and that CDF is the better strategic target as for such a standard. They claim that, in private conversations with IBM officials, they learned of how IBM shares this vision; so much so that a derivation of CDF (what Edwards call CDF+) is one of the linchpins to Big Blue’s grand strategy when it comes to the office productivity and collaboration tools coming out the company’s Lotus division. They also claimed that despite public comments to the contrary, the W3C also agreed that CDF could serve in a capacity that ODF (Format) has been designed for.

Both IBM and the W3C went on record with me last week to say that Edwards and Hiser’s version of events were grossly misleading. As a result, near the end of my analysis, I wrote:

As for the differences over what was said, I don’t want to say anyone is a liar. I wasn’t in the room or party to the relevant threads. So all I have to go on is what everyone on both sides of the debate is telling me. I can repeat that here (which I’ve done) and leave the decision as to which one of the three following things is true to you: (1) Hiser and Edwards are accurately representing their interactions with the W3C and IBM and the people they communicated with like IBM’s Heintzman and the W3C’s Schepers are part of a well-organized conspiracy to discredit them, (2) Hiser and Edwards are purposefully misrepresenting the content of their communications, (3) it’s all a big mix-up — an honest misunderstanding.

Why all the fuss over something that’s seemingly so obscure in nature? Especially when it involves just two people out of the thousands that stand behind ODF (Format) at organizations like OASIS (the consortium that oversees ODF’s technical evolution) and the Open Document Alliance? The stakes are unbelievably high. In fact, if there’s one industry battle that could be classified as a modern day Armageddon, the war between the backers of ODF (Format) and Microsoft which has put forth an alternative to ODF called Office Open XML (OOXML) is it.

In one corner are companies like IBM, Sun, Google, and Red Hat that believe the key to loosening Microsoft’s grip on the desktop lies in the file formats behind Microsoft Office. The way the thinking goes is that if the world’s addiction to Microsoft’s file formats can be broken, then so too can the world’s addiction to Microsoft Office and from there, then the addiction to Windows — thereby paving the way for organizations and consumers to consider competing productivity and collaborative solutions such as IBM’s Lotus Symphony, the open source-based OpenOffice.org, Sun’s StarOffice (essentially, a commercial implementation of OpenOffice.org), and Google Apps, all of which are compatible with Microsoft’s Windows but none of which require it.

For example, Google Apps which includes a word processor, a spreadsheet, and a presentation solution runs in a browser, thereby freeing customers to choose among desktop operating systems. Conversely, although Microsoft offers Mac-based versions of Microsoft Office, most businesses that standardize on Microsoft Office also run it on Windows because of how the Mac version often lags in support of important features. Case in point? Although the OOXML file formats are now natively supported in the last three versions of Microsoft Office for Windows (2003, XP, and 2007), not only doesn’t the current version of Mac Office support it natively (Mac Office 2008, due in 2008Q1, is scheduled to natively support OOXML), Microsoft’s only solution for bridging compatibility in Mac Office — a downloadable converter — is still in beta (v0.2).

Although Microsoft is loathe to acknowledge the threat that ODF (Format) poses to its franchise, actions speak louder than words. While the company has contributed resources to an open source-based ODF conversion utility, it doesn’t natively support ODF in any version of Microsoft Office. Should Microsoft choose to support ODF in Office, it would be Read the rest of this entry »

November 29th, 2007

OpenDocument Format community steadfast despite theatrics of now impotent 'Foundation'

Posted by Dan Farber @ 1:17 pm

Categories: General, Government, IT Management, Legal, Office 2.0, Open Source, Software Infrastructure, Web technology

Tags: W3C, OpenDocument Format, IBM Corp., OpenDocument Foundation, ODf, Matusow, OpenDocument Format (ODF), Emerging Technologies, David Berlind

When in mid-October 2007, the OpenDocument Foundation (ODf, yes, that’s a little “f” that’s not to be confused with the OASIS- and 400-member strong OpenDocument Alliance-backed big F-ODF: the OpenDocument Format) announced that the World Wide Web Consoritum (W3C)-backed Common Document Format (CDF) was the heir-apparent to what it believed was a dead-on-arrival OpenDocument Format, many confused the ODf to be one in the same with the ODF and the latter to have one foot in the grave. Given the striking resemblance between the names and acronyms of the Foundation and the Format, that mistaken obituary was an easy one for casual observers to write. Especially given the way Microsoft, the company whose Office empire is probably more threatened by ODF than most people realize, capitalized on the confusion by spreading its own FUD on the story.

But that and other FUD couldn’t be further from the truth. Based on dozens of interviews that I’ve conducted over the last few weeks, the OpenDocument Foundation, whose three principals are Sam Hiser, Gary Edwards, and a legal eagle who goes by the nickname “Marbux,” went out on a very thin limb where no one else — not the vendors behind ODF, not OASIS (the consortium that hosts the technical committee responsible for the standard’s development), and not the World Wide Web Consortium (chaperone to the Common Document Format [CDF] standard) — was willing to join them.

Not only does it appear as though they were on a thin limb with their opinions that ODF should be buried and that CDF should take its place, they crawled out even further when they publicly disclosed that the W3C and IBM shared those opinions as well. Any statements corroborating the ODf’s position from either organization, particularly IBM given the millions of dollars it has invested and continues to invest in ODF, could very well have cast a dark shadow on the productivity document standard that just recently earned its stripes as an international standard from the International Organisation of Standardisation (ISO). It’s an honor that Microsoft’s competing Office Open XML (OOXML) has so far been denied (but it is up for reconsideration next year).

Citing specific interactions (conversations, emails, etc.) with the W3C’s lead contact for CDF Doug Schepers and Doug Heintzman, director of strategy for IBM’s Lotus Division (where IBM’s collaboration technologies are developed), Edwards claims that both organizations were supportive of his and Hiser’s belief that, at the expense of ODF, CDF should be the strategic target for anyone seeking to store their documents in a file format that was universal, open, and that provided a clear transition path from formats that predispose or lock customers into certain applications like those (formats, applications) from Microsoft.

It is true that Edwards and Hiser interacted with both the W3C and IBM. Unfortunately for them however, this is where Edwards’ and Hiser’s recollections of those interactions varies wildly from those of Schepers (W3C) and Heintzman (IBM).

One thing that’s important to keep in mind about how standards are set (and how decisions are made in technical committees at consortia like the W3C [CDF] and OASIS[ODF]) is that the process often involves vociferous debate among those involved. To the extent that many of the participants who contribute to technical committee meetings are also employees of vendors with some interest in the standards associated with those committees, part of their roles in the process is to represent those interests. Since not all vendors’ interests are aligned, disagreement and debate comes with the territory. They’re to be expected. But so too is a willingness to compromise. At some point, in the name of progress, everyone who participates in the standards setting process knows they may have to give-in on certain issues that may be of import to their employers.

Representing the OpenDocument Foundation, Edwards and Hiser were both participants in the Open Document Format technical committee work at OASIS and respected ones at that. But somewhere along the line, their beliefs regarding ODF and CDF could not be reconciled with the positions of the other committee members. Pretty much everybody I spoke to agreed that this was one of those disagreements that happens in the standards setting process where someone wasn’t going to get their way. It happens. It’s a part of the process. But what happened next is not nearly as common. Claiming that the OpenDocument Format wasn’t nearly as “open” as its supporters claimed it to be, the ODf walked off in a huff.

If IBM or Sun, two of the OpenDocument’s Format’s biggest supporters walked away in such a “huff,” it probably would have meant the end of the OpenDocument Format. But in the bigger picture of the OpenDocument Format, between its backers at both OASIS and in the OpenDocument Alliance, the OpenDocument Foundation’s irreconcilable differences with the rest of community were just that: irreconcilable differences that lacked any potence to affect the momentum or direction of the Open Document Format. Unfortunately for the OpenDocument Format community, the ODf’s “huff” was a molehill that became a mountain when, in addition to the ODf<>ODF naming confusion, Edwards and Hiser not only became very vocal about their convictions (convictions that are voluminously documented in easy to find passages around the Web), they cited the W3C and IBM as having tacitly endorsed those convictions.

This is where Schepers (W3C) and Heintzman (IBM) as well as others in both organizations feel as though Edwards and Hiser are grossly misrepresenting the content of their interactions. According to W3C spokesperson Janet Daly, when Schepers first heard of the Foundation’s interest in CDF, he did what the W3C often does — he reached out to the Foundation with an invitation to further the conversation. According to Daly, “Any time it looks like a third party may be doing interesting work with one of our recommendations (that’s W3C-speak for “standards”), it’s not unusual for us to want to learn more.” But this is where the W3C’s account of that “conversation” and Edwards’ account differ. Whereas the W3C viewed the “conversation” as par for the course outreach, Edwards’ e-mails to me describe the ODf’s interactions with the W3C as more of a relationship that had to be kept secret from OASIS. Wrote Edwards to me via e-mail:

….When the Andy Updegrove published his article (W3C’s Chris Lilley: CDF Not Suitable for Use as an Office Format Can’t Replace ODF), a member of our team sent a copy of earlier eMail exchanges with our W3C contacts to Updegrove arguing that Andy’s article mis-characterized both our relationship with the W3C and, the work we were doing with CDF and WICD. All of which is true.

There were however a couple of problems with this action. For one thing, we were not authorized by our W3C contacts to share these discussions with anyone, let alone the lawyer for OASIS who had already declared a hostility to anything the Foundation might do….

….I hope you can understand our reluctance at this point to discuss this issue in detail or provide evidence certain to compromise the positions of innocent and sincere bystanders.

The implication of Edwards’ note is that the conversations with the W3C had matured far beyond a level of basic outreach and involved a relationship that saw merit in the Foundation’s thinking about CDF as a better strategic format for universal document interoperability than ODF.

The W3C however has a different version of its interactions with the Foundation. The reference to Andy Updegrove’s interview with the W3C’s Chris Lilley (who is also intimately familiar with CDF) is significant. In that interview, Lilley flatly rejected the idea that CDF should be the target in the world’s search for an open, universal file format for productivity applications:

So we were in a meeting when these articles about the Foundation and CDF started to appear, and we were really puzzled. CDF isn’t anything like ODF at all – it’s an “interoperability agreement,” mainly focused on two other specifications - XHTML and SVG. You’d need to use another W3C specification, called Web Interactive Compound Document (WICD, pronounced “wicked”), for exporting, and even then you could only view, and not edit the output.

The one thing I’d really want your readers to know is that CDF (even together with WICD) was not created to be, and isn’t suitable for use, as an office format.

In a subsequent e-mail to me, Sam Hiser argued that the Foundation’s words had been twisted and that it never suggested that CDF would take the place of ODF. However, in both e-mails to me and posts to the Web, Hiser and Edwards have made it clear that the day that ODF-supporter and Massachusetts CIO Louis Gutierrez resigned was the day that ODF died, in their estimation. In his e-mail to me, Hiser wrote:

It’s unfortunate you’re pointing to the Updegrove|Lilley statements. They are as confusing as can be…Right about now Andy’s bloated corpse may be floating down [Boston's] Charles [River] and Chris [Lilley] is doing his best to shade for his W3C colleagues his 180-degree incorrect statements.

On November 10th, in a public thread on the OpenDocument Fellowship’s Web site, Edwards wrote:

Chris Lilley’s comments are in direct opposition to those we received a week ago from Doug Shepers, the head of the CDF Workgroup. doug however asked that we not publicise his comments until Sir Timothy has had a chance to weigh in.

In my interviews, not only does the W3C reject the reference to W3C director Sir Tim Berners-Lee as a fabrication of the facts and stand behind Chris Lilley’s statements 100 percent, the W3C also remains emphatic that its conversations with the Foundation were never more than cursory in level. In fact, Read the rest of this entry »

November 16th, 2007

Dan Egerstad's Tor exit nodes get him arrested and proves a point I made in July

Posted by David Berlind @ 2:54 pm

Categories: General, Government, Legal, Security, Software Infrastructure, Web technology

Tags: Google Inc., Facebook, Password, Tor, E-mail, Online Communications, David Berlind

It’s late at night and you’re using the anonymity feature of the Tor “cloud” to mask the fact that your surfing porn. When you’re done at 3am, you go to bed thinking “Ha! Fooled ‘em again. No one has any idea.”

Think again.

Back on July 11th, I wrote a blog under the headline: Are you the only one with access to that password you recovered? Think again. In that post, I wrote:

A few weeks ago, I was contacted by the CEO of a company whose Web service I’ve been playing around with under non disclosure. She noted that my test account had been inactive for a decent stretch of time and was wondering what was up. “I’ve been real busy” I said. “Besides, I’m not sure I remember my password.” Within seconds, she said “Is this it?” and went on to bark my password across the phone line.

The big deal isn’t that she used an easily wiretapped phone to convey confidential information to me. The big deal is that she had such quick access to my password. We had a conversation about this.

You don’t have to be using Tor to anonymize your surfing habits to understand how the story of Dan Egerstad’s (thanks Bruce Schneier for the link) arrest just proved the point I made back then in spades. According to The Sydney Morning Herald:

IT WASN’T supposed to be this easy. Swedish hacker Dan Egerstad had infiltrated a global communications network carrying the often-sensitive emails of scores of embassies scattered throughout the world. It had taken him just minutes, using tools freely available for download on the Internet.

Without going to deeply into what Tor is, Egerstad was operating some Tor nodes. Anyone, including you or me can do it and pretty soon, all sorts of traffic will start flowing through the systems under your command. Tor dusts up the trail you leave behind. When you browse a Web site through Tor (and many people do), no one has any idea where you or your computer are because of how Tor anonymizes your IP address. But that doesn’t mean the payload is safe. For example, the user IDs and passwords being used to access inboxes on mail servers. Most such access is not done over secure protocols — especially when it’s browser-based access — and Tor does nothing to secure those payloads. You’re IP address might as well be coming from Mars. But if you’re transmitting user IDs and passwords over unencrypted links, does your IP address really matter?

Yesterday, via e-mail, Dave F wrote to me:

I read your posts earlier this year about email security and secure password recovery with interest. Some commenters noted that most web based email systems only provide an SSL connection for the sign-in page and then go to a insecure page to display your emails. I’ve also noticed that you’ve mentioned Facebook recently.

Have you ever noticed that Facebook’s sign-in page is not SSL secured? I’m no expert but it seems to me that our passwords are being transmitted over the Internet in the clear. This concerns me mostly because your Facebook user name has to be an email address. I’ll bet that 90% of web based email users who also use Facebook use the same user name and password for both services. Find out my Facebook password and you can also sign in to my Gmail, Google Finance, Google Calendar, Google Docs and anything else that starts with Google.

Good friggin’ question Dave. One small note of comfort: Some services, FaceBook included, offer an SSL-login option. When going to the login page, try prefacing the URL with “https:” instead of “http:” and see what happens. This works for GMail and Google Apps. It also appears to work for FaceBook’s login page. But for those of us who are unaware of this option (FaceBook certainly doesn’t default to it and I wish it would), most don’t realize is that humans still have access to the path our data takes, even when that path cuts through the Tor cloud. At that point, many of us are blindly entrusting our senstive information to whoever has access to that path.

Egerstad had access to that path for some number of Tor users. The result? He sniffed the wire and found out all sorts of confidential information. He wasn’t caught red-handed in the act. He apparently notified a bunch of countries of his discovery. “Yes yes Daniel… thank you very much… go back to whatever World of Warcraft fantasyland you came to us from and have fun.” So Daniel published a bunch of his surreptitiously gathered data onto the Web. THAT got the governments’ attention. The authorities too. He was arrested. My gut tells me that the theory that he was actually onto hackers (who else would anonymize their access to the email accounts of government officials?) is a good one.

But even more sure is the gut feeling that a lot of us are transferring sensitive data through systems that we don’t know exist, and that are under the control of people who are only human, if you get my drift.

October 10th, 2007

After authentication of senders, ending spam requires a relationship managment protocol

Posted by David Berlind @ 6:16 pm

Categories: General, Government, IT Management, Legal, Security, Software Infrastructure

Tags: Spam, Authentication, E-mail, Online Communications, David Berlind

One thing that virtually every e-mail security expert agrees on is that there’s no silver bullet to the spam problem. But if there’s the equivalent of a hollow point bullet that can do the most damage (what you want on the first shot), then authenticating an e-mail sender’s identity (establishing that the e-mail actually came from the place it claimed to have come from) is probably that bullet. Unfortunately, it’s not enough. Particularly when the other weapons in your arsenal — for example laws — fall into enemy hands.

And that’s basically what happened when the government passed the now infamous Can Spam Act. Whereas some of the proposed anti-spam bills insisted that an e-mail sender must have a pre-existing relationship with a recipient before the sender could send unsolicited mail to that recipient, the bill that became law essentially legalized unsolicited e-mail so long as it conformed to certain conditions. For example, for unsolicited e-mail to escape the spambusters, it must contain a functioning means for the recipient to unsubscribe. But unsubscribe from what? E-mails sent by that sender? That organization? That server? That domain? You get the picture. To the extent that recipients consider unsolicited e-mail to be spam, the Can Spam Act might as well have been the Promote Spam Act.

In response to my last antispam blog post (which dovetailed my video) about the collaborative multilateral action that Google, AOL, Microsoft, and Yahoo! must take to imbue the Internet with a defacto approach to sender authentication (ANY defacto approach.. just pick/establish one) , ZDNet reader Peter Bittle wrote/asked:

……I agree that a specific authentication framework, whichever flavor might win, would be the better solution. A question that arises, though, is how would legitimate unsolicited mail be sent, i.e. updates from an ad agency retained by one of your active vendors? Just like the DoNotCall.gov list doesn’t include companies you already have accounts with, e.g. your phone company or long distance, would there also have to be some sort of exceptions within this framework?……

And here’s a slightly edited version of my response (excuse the disjointedness):

Your question regarding “legitimate unsolicited mail” is a great one that I’ve talked a lot about. Some people see unsolicited mail as spam no matter what. Others may want to see certain pieces of unsolicted mail. Personally, I think there’s another layer of relationship and permission management technology that can work in combination with whatever authentication approach ends up getting used.

Start for example with the idea of unsubscribing. The Can Spam act has already legalized unsolicited mail as long as it isn’t fraudulent and under the requirement that recipients can unsubscribe. However, unsubscribing is too non-standard of a process. There should be an unsubscribe protocol that works much the same way e-mail works, supporting a store-and-forward architecture and built-into that protocol are a series of return messages. For example,

1. unsubscribe me from the list that resulted in me getting this e-mail.
2. unsubscribe me from all lists on this server.
3. unsubscribe me from the domain altogether

I’m just scratching the surface, but this is really more about managing your relationship with a domain than it is about unsubscribing. Then, let’s say I receive an e-mail from your list server… the first thing my email server does is a check (sort of like “FINGER“) that asks, “Does the sender support the relationship management protocol?” If not, the e-mail is simply turned away. Instead of just being used as a convenient way of unsubscribing, REPORT SPAM buttons can be more about managing the reputation of some sending domain as respecting this protocol. It can’t be hard to test and it’d be way better than subjective RBLs.

End user systems could be optionally configured by the user to require a pre-established relationship. Perhaps the first time you want to blast me with unsolicited mail, you first must do an equivalent of a knock on my door. First, using the authentication protocol, I verify that you are who you say you are. OK, you past the first test. Next, I get an elevator pitch. “So and so” wants to enter your inbox to tell you about shoes. Then, I can pre-emptively decide to allow it (whitelisting on both sending and receiving servers). This is the equivalent of an “OK, you have my permission.” The idea is that unsolicited senders of mail have to earn my trust. It’s not assumed (the way the Can Spam Act assumes it) and when you give me the elevator pitch, it had better be honest or I’ll turn your domain off altogether.

I could keep going. But some protocols for handling subscription, unsubscription and permission to solicit would be another step in building a different Internet e-mail system. RSS could also play a role. For example, I should have a choice of receiving mail from you via standard Internet mail methods or by way of RSS. Any and all unsolicted mail must knock first. If I look through the peep hole and like what I see, I subscribe to your RSS feed through which you deliver your unsolicited mail. The minute you spam your feed, I turn you off. This way, solicitors never have unbridled access to my inbox.

Does this proposal need work? Absolutely. Is it perfect? No. Does something like this make sense given where we are today? I think so.

I consider this framework to be about putting the control over relationships and permissions in the hands of the recipients rather than the senders (as it essentially is today). If the laws are going to let us down (it’s pretty hard for them not to), then the technology shouldn’t. It needs to empower us not with something as simplistic as today’s REPORT SPAM buttons or the Can Spam’s “required” unsubscribe mechanisms, but rather something that’s baked into the underlying e-mail protocols so that senders of e-mail, unsolicited or not, must pass the most important trust tests of all: yours.

October 8th, 2007

Beyond a shadow of a pornographic doubt, don't rush to judgment

Posted by David Berlind @ 2:05 pm

Categories: General, Government, Legal, Security, Software Infrastructure, Web technology

Tags: Declan McCullagh, Web, Interpol, Termination, PC, Story, Computer, No., Productivity, Workforce Management

Have you seen this man?

Known only as “Vico,” Interpol is apparently looking for him. According to the Register:

Interpol says he appears in about 200 photographs of child abuse taken in Vietnam and Cambodia. His face had been “swirled” in the pictures in a bid to conceal his identity.

Interpol Secretary General Ronald Noble said the images of the man abusing young boys had been circulating on the internet for years. International inquiries have failed to identify him, however, and it’s the first time the agency has made such an appeal.

“We have very good reason to believe that he travels the world in order to sexually abuse and exploit vulnerable children,” he said.

My wife and I have watched TV documentaries of the sex slave trade and recently saw one on 48 Hours that involved children. Before I had children of my own, stories like these might have saddened me. But once you come to understand the depth of child’s innocence through the eyes of your own children as I have through my three kids, it’s hard to hold back the tears. As I write this right now, somewhere, living in absolute fear of what will happen next are hundreds if not thousands of children being victimized by a global sex trade.

So, when I read the news on The Register’s Web site and determined to some degree of my own personal satisfaction (based on the information provided) that the digital trail left behind by this “Vico” person was indeed a smoking gun, I thought it would be worthwhile to help the cause (by reprinting his pictures).

But at the same time, this story should serve as a reminder that not all digital trails are equally incriminating, beyond a shadow of a doubt. In “Vico’s” case, there are apparently pictures of him with his victims. If proven authentic, these proverbial smoking guns can serve as irrefutable evidence that the man they’re looking for is probably guilty of the crimes he’s accused of.

In other cases however, it’s not so black and white. In 2004 for example, I told the story of immigrant whose life was ruined because of the graphic images found on his computer at work. He lost his job, was incriminated as a sex offender and threatened with deportation. The courts were unsympathetic. When the possibility of child pornography consumption is raised, the court system slips into some sort of guilt-until-proven innocent trance. Given how reviling child pornography is, it’s not hard to understand why. In the last year or so, I heard from him again; depressed, disenfranchised — his life completely destroyed by the entire episode. He lost everything. The man — who only identified himself to me as Jack — had been asking me to tell his story for quite some time when a another story regarding some disciplinary action taken by an government organization in the UK surface. Back then, I wrote:

Last week, the Register reported that “More than 200 civil servants in the [UK] Department of Work and Pensions (DWP) have been disciplined for surfing the Web for porn during office hours. In the last eight months the staff accessed over 2 million pornographic images, including 18,000 involving child abuse.” Nineteen of the staff members were fired, according to a commentary by ZDNet UK editor Andrew Donoghue.

In this particular case, the DWP was also looking to downsize. Was the timing coincidental (”We need to downsize…let’s look for people with porn on their systems first”)? It’s hard to say. But in Jack’s case, he swore to me that was innocent of the crimes he was convicted of and explained how there were those he worked with who had the motive and the means to place incriminating evidence on his PC. Was his PC guarded 24 hours a day? No. Is it easy to get something onto a PC’s filesystem without the right credentials? A piece of cake (scary, but very true). Can malware play a role in loading a system with questionable material? Absolutely. If any of this happened surreptitiously to your system, would you know to even look for it? Except for the most anal of us techies, probably not.

Is Jack’s case an isolated issue? Last week, News.com’s Declan McCullagh reported on a similar story involving David Farr, a respiratory therapist at St. Francis Hospital in Indianapolis, Ind. Wrote McCullagh:

In July 2005, Farr’s supervisor informed him he was suspended from work because pornographic entries were found in his “Favorites” file, apparently a reference to Web sites bookmarked. Farr denied being responsible and said he was rebuffed when he asked for details about the allegations.

Farr was fired in August 2005. An e-mail message from the hospital’s lawyer at the time claims to “have evidence that provides us with reasonable belief that he was accessing pornographic Web sites on his work computer.”

After losing his job, Farr went through the formal grievance process listed in the hospital handbook and met with no success. He filed a lawsuit after the grievance committee upheld his termination in December 2005.

What makes this case relevant to Police Blotter is that Farr claims that “St. Francis failed to install and update effective antivirus protection on its computers” and that any pornographic bookmarks were inserted by malicious software. He also claims that antivirus software was required by Health Insurance Portability and Accountability Act.

Farr even retained a computer forensics specialist who concluded: “No one had intentionally loaded the list of Web sites on the computer. Rather, the list was placed on the respiratory therapists’ computer by a common and well-known Internet virus that promotes fee-generating pornographic sites.”

That is plausible. One of the malicious programs known to inject porn bookmarks is CoolWebSearch, also called CWS or CoolWWWSearch, and it’s been around since 2003. Some reports have estimated that 5 million sites are infected with it and that more than 60 strains of it exist.

McCullagh goes on to write about the story of Julie Amero, a substitute teacher who was arrested and convicted after a computer she and her students had access to started to display porn ads. It sounds almost like a modern day story out of Salem, Massachusetts and it was. Thankfully, Amero’s conviction was overturned and she was granted a new trial in June.

McCullagh ends his report with excerpts from the Judge’s opinion in the case of David Farr and although I’m not a lawyer, it appears as though Farr made some legal mistakes in trying to connect his discharge with the hospital’s failure to comply with a provision of the Health Insurance Portability and Accountablity Act (HIPAA). Even so, it doesn’t change the chances that he may have been wrongfully terminated if the basis of that termination was the appearance of pornographic material or linkage on his PC.

If you’re an employer, these cases should serve as reminder that not all digital trails are created equal and that the Devil (no pun intended) is so much in the details of those trails that your first thought should be “restraint” before jumping to conclusions when you discover potentially incriminating digital evidence. Some action is of course required in all cases. Particularly given the legal exposure (re: statutes regarding sexual harassment in the workplace) should employees become offended by content that turns up on someone’s PC or in the corporate e-mail system.

But, sooner or later, the legal system will wisen up to the realities of hooking PCs to the Internet and the likelihood that nefarious activity could be just as much if not more to blame for the appearance of questionable material than the user itself. When that happens, some precedents will be set and the stakes in terms of wrongful termination suits will be raised to the point that you won’t want your own rush to judgment to trigger a series of catastrophic legal events that puts an end to your business (or causes a significant financial setback). At some point in the future, it very well could.

September 27th, 2007

A no-fuss, no-cost, charitable way for organizations to recycle batteries, phones

Posted by David Berlind @ 7:29 am

Categories: General, Government, Green, Hardware Infrastructure, Mobile, Personal Technology, Telephony

Tags: Phone, Battery, Organization, RBRC, Collection Box, Engineering, Corporate Communications, Marketing, David Berlind

If this blog entry isn’t something you can do something about, then make sure you pass it along to someone who can.

Who said you can’t get nuthin’ for free? If your company or organization (schools, non-profits, municipalities, etc.) is either looking into ways to become more eco-responsible or it’s already well along the path but always on the look out for new programs to help save the Earth and you’re not already working with RBRC.org, then perhaps you should be. RBRC stands for Rechargable Battery Recycling Corporation — an organization that’s funded by the battery manufacturing industry. Not only does the not-for-profit RBRC take rechargeable batteries from notebook PCs, cordless drills, etc, it also takes cell phones, many of which it refurbishes and resells. The proceeds of those sales go to the National Center for Missing and Exploited Children and the Boys and Girls Clubs of America.

As you can see from my video interview of RBRC spokesperson Julie Grandstaff above, it’s pretty much a no-brainer for organizations to reach out to RBRC if they haven’t already because there is no cost whatsoever to participate. RBRC will work with you to set up your organization’s collection boxes and when those collection boxes are full, all someone has to do is seal them up and call UPS. The UPS shipping fees are prepaid.

So, for you, the question is, do you recognize the collection boxes that are shown in the video. Is there one already located in some high traffic location at your place of work, school, or other organizational premises. If not, then, working with RBRC isn’t a question of why, it’s a question of why not. Right now, I have about 10 old, dead rechargeable batteries (from notebooks, my cordless drill, video cameras, etc.), not to mention several old cell phones and I’ve been wondering what to do with them. Now I know.

Now, if you’re an individual who doesn’t want to get involved in getting an RBRC program started at whatever organizations you’re associated with, there are other ways to get your batteries and phones shipped back to RBRC. Across the US and Canada, there are thousands of public drop off locations at retailers like Best Buy, Home Depot, Radio Shack. When I searched RBRC’s online database of drop off locations by zip code, I found out that my local city hall was already participating.