Category Archives: Internet risk management strategies

Wireless Cook County

A densely populated county goes wireless:
Cook County, Ill., is among the local governments jumping on the wireless bandwagon in a big way – in fact, it may well be the first county in the United States to go all wireless for its public safety communications system with help from IBM.
The suburban Chicago county has tapped IBM Global Services technology and systems to build a wireless government communications system that covers the county and all of its 128 municipalities.
“Their desire was to be the first wireless county in the country, and I believe that is the case,” says Diana Hage, director of wireless services at IBM.
Cook County Goes All Wireless with IBM, By Karen Brown, WirelessWeek, November 1, 2005
That last part isn’t true; since as we’ve seen multiple counties in Oregon participate in a wireless network. Funny how big metro regions always think they’re first, even if a rural area has already done it. Nonetheless, it’s good to see a densely populated county doing this. They plan to use it for emergency communications. And for video from patrol cars, which raises various interesting questions, such as whether individual citizens will start doing video from their cars.

-jsq

Home on the Wireless Range

What is reputed to be the largest wireless cloud in the U.S. is in Oregon. Conventional wisdom has it that only densely populated metropolitan areas can support wireless Internet services. This CNN story matches what I’ve seen here in Texas. Texas spent $200 million a year to start rural Internet projects (which is another story), but the only successful rural wireless ISPs I know of (two of them headquartered within 12 miles of my house) never took a cent of government grant money and ignored the conventional wisdom. They seem to be doing fine.

The Oregon WISP is taking government money, but not grants.

Continue reading

US: Broadband Backwater

It’s been the fall follies in U.S. ISPs. Two major ISPS (Level3 and Cogent) depeered each other. SBC raises DSL prices and brags about how it’s going to charge companies that want to use its bandwith for fast applications:

How concerned are you about Internet upstarts like Google (GOOG ), MSN, Vonage, and others?

How do you think they’re going to get to customers? Through a broadband pipe. Cable companies have them. We have them. Now what they would like to do is use my pipes free, but I ain’t going to let them do that because we have spent this capital and we have to have a return on it. So there’s going to have to be some mechanism for these people who use these pipes to pay for the portion they’re using. Why should they be allowed to use my pipes?

The Internet can’t be free in that sense, because we and the cable companies have made an investment and for a Google or Yahoo! (YHOO ) or Vonage or anybody to expect to use these pipes [for] free is nuts!
At SBC, It’s All About "Scale and Scope" CEO Edward Whitacre talks about the AT&T Wireless acquisition and how he’s moving to keep abreast of cable competitors, BusinessWeek, 7 November 2005

Meanwhile, back in Japan, NTT and others provide the pipes, and multiple application providers provide VoIP, video, and numerous other services on top of them. End-user speeds in Japan are typically 50 megabits per second over DSL, with 100 megabits per second available over fiber to the home (FTTH), both at prices less than what the average U.S. DSL customer pays. Why can Japan (and Korea) do it while the U.S. can’t?

Hint: the answer is not population density, nor government subsidies.

Continue reading

When the cyberlevee breaks

Interesting article about what to do when traditional Internet security measures fail:
The Internet today is in the same position as New Orleans was before the hurricane, a heavily fortified resource of incalculable economic and cultural value whose protections will one day inevitably fail.
What will you do when the cyber-levee breaks? Opinion by Bruce Levinson, ComputerWorld, SEPTEMBER 21, 2005
The article recommends distributed backups and diversified communication methods. It even recommends what it calls plenipotentiaries, i.e., someone in each office of a company who can act without checking with the home office. Those are good ideas. And I’m not sure why that last shouldn’t be more widely used; distributed agility should lead to more productivity in any case. And it’s been 200 years now since Admiral Horaio Nelson had his sailors trained so well that his orders before the battle of Trafalgar consisted of “England expects that every man will do his duty.”

Yet there’s something missing in the article’s recommendations. Continue reading

A Patent for Trouble

At Techsummit 2005 one of the big topics was software patents. Pretty much everyone knows there are problems with them; for example, a British firm recently tried to patent hyperlinks (I believe that one was rejected by a court), and many dubious patents have been approved by the U.S. Patent and Trademark Office (USPTO), the most famous of which are probably Amazon’s One Click Shopping patent and one for online credit card authorization. Such patents promote monoply and thus monoculture, which makes software, computers, the Internet, and the economy brittle and at risk. You can fight such patents after the fact, as EFF is doing, or perhaps more radical solutions are called for.

Continue reading

3-Way MessageLevel

In a previous item we were discussing two-factor authentication for banks, as recommended by U.S. federal oversight bodies, and Axel pointed out that it’s not enough to authenticate the user once; really every transaction needs to be authenticated, as apparently is already the practice in Europe.

Here’s another per-transaction authentication system, this one for electronic mail, by MessageLevel. Banks and other entities that do business online want to be able to send invoices and other auditable financial information via electronic mail. That’s difficult, partly because of phishing, which makes everyone distrust mail. MessageLevel offers a three-way handshake to deal with this problem. Continue reading

Relief Box

I’ve often wondered why government disaster agencies and non-governmental relief organizations don’t have a box they can drop into a disaster area to provide connectivity and other vital services. After all, the sun was shining brightly on New Orleans while the waters were rising.

It seems such a thing does exist. Jamais Cascio provides a description of components that add up to power via solar and other sources, satellite telephone, satellite Internet access, WIFI Internet, and water purification. Pack the other parts along with some food into SkyBuilt Power’s Mobile Power Station and drop by parachute: instant relief in a box!

Now to make lots of things like this much smaller and cheaper so you can litter the landscape with them, and make them find each other and build an Internet mesh….

-jsq

The Spanish Armada: Control of Commerce Through Decentralization

At the Texas Regional Infrastructure Security Conference last week, I heard Howard Schmidt speak. He mentioned the Spanish Armada.

Doubtless you all remember that in 1588 King Philip II of Spain sent a huge fleet of ships to conquer the England of Elizabeth I (130 ships and 30,000 men), but weather and other circumstances intervened and the invasion failed. Many factors led to this invasion, ranging from Elizabeth not having married Philip like her sister Mary had done, to Elizabeth like her father Henry VIII being a Protestant and Philip being a Catholic with authorization from the Pope to go take back England for Holy Mother Church, not to mention the usual great power land-acquisition game that was popular at the time; Philip already owned large chunks of Europe through the inheritance and marriage policies of his Hapsburg family, and large parts of the New World through conquest.

Howard Schmidt went straight to an even more basic reason: control of commerce. Continue reading

Good Intentions Are Not Security

Cringely has a PBS column of 4 August 2005 about The New Robber Barons that revolves around the Sarbanes-Oxley Public Company Accounting Reform and Investor Protection Act (SOX) and other recent legislation. The key to his argument is that:

These laws, especially the Gramm-Leach-Bliley Act of 1999 (GLBA), now make the victim of cyber theft into a criminal. And under Sarbanes Oxley, directors are held liable and can be sent to jail.
So suppose you’re a small financial institution, such as a credit union. It’s hard to keep track of everything, and eventually you’re likely to have some information stolen. You can try to keep it from the public, but you can’t keep it from your accounting firm. Continue reading