« December 2007 | Main | February 2008 »

Security and the Myth of the Superuser Mon 28 Jan 08

Lock_amagill_2 Bruce Schneier runs a great blog, Schneier on Security and I stumbled across a post of his from last May entitled The Myth of the Superuser.  In a very understated way Schneier refers to what he describes as  a "very interesting law journal paper".  It certainly is.  The paper in question is The Myth of the Superuser: Fear, Risk, and Harm Online by Paul Ohm, Associate Professor of Law and Telecommunications at the University of Colorado Law School.

The abstract states:

"Fear of the powerful computer user, "the Superuser," dominates debates about online conflict. This mythic figure is difficult to find, immune to technological constraints, and aware of legal loopholes. Policymakers, fearful of his power, too often overreact, passing overbroad, ambiguous laws intended to ensnare the Superuser, but which are used instead against inculpable, ordinary users. This response is unwarranted because the Superuser is often a marginal figure whose power has been greatly exaggerated.

The exaggerated attention to the Superuser reveals a pathological characteristic of the study of power, crime, and security online, which springs from a widely-held fear of the Internet. Building on the social science fear literature, this Article challenges the conventional wisdom and standard assumptions about the role of experts. Unlike dispassionate experts in other fields, computer experts are as susceptible as lay-people to exaggerate the power of the Superuser, in part because they have misapplied Larry Lessig's ideas about code.

The experts in computer security and Internet law have failed to deliver us from fear, resulting in overbroad prohibitions, harms to civil liberties, wasted law enforcement resources, and misallocated economic investment. This Article urges policymakers and partisans to stop using tropes of fear; calls for better empirical work on the probability of online harm; and proposes an anti-Precautionary Principle, a presumption against new laws designed to stop the Superuser. "

Don't let the "law journal" label scare you away.  This really is a very interesting and thought-provoking read.  Although phrases like "exaggerated attention to the Superuser"  and "overbroad prohibitions"  mind lead you to think that Ohm is downplaying the risk of lax computer security but upon careful reading I don't think he is.  Rather what he is suggesting is a more balanced and reasoned approach to security.

Continue reading "Security and the Myth of the Superuser" »

Tell A Friend Tell a Friend    View blog reactions   Bookmark    rss RSS Feed

Book Review: "I’m on Facebook – Now What???" Mon 21 Jan 08

Facebookbig My good friend from Jibberjobber (a great site for you job seekers by the way), Jason Alba has done it again.  He's followed up his book I’m On LinkedIn - Now What??? by co-authoring another great book on social networking.  He and Jesse Stay have partnered up to write I'm on Facebook­Now What???' . [Update February 17, 2008 their book is now available on Amazon.]

By teaming up Jason and Jesse bring a unique perspective to this book.  The book's website describes Jason as a "career management Evangelist".  Having known Jason for a while that is a very accurate description.  He recognizes that a good career doesn't just happen, it has to be managed.  Through his website, and both of these books he helps you do this by providing you with the tools you need.  Jesse rounds this out with technical expertise and experience using Facebook having developed popular Facebook applications.

Jesse_stay_s Jasonalba In the book's Introduction they describe what is about as "helping you figure out how to derive professional, business and career benefits from participating in Facebook", and they deliver on this.  We in IT often use the terms "instruction manual" and "user guide" interchangeably.  However Jason and Jesse have written a user guide in the truest sense of the word.  They not only talk about the "how" of using Facebook but the "why" in regard to using it.  Like I'm on LinkedIn - Now What??? this book is refreshingly honest about Facebook.  They describe what works well and what doesn't and what you should look out for.  This book is much more than a technical manual, it is a true guide for getting what you need from Facebook.

Continue reading "Book Review: "I’m on Facebook – Now What???"" »

Tell A Friend Tell a Friend    View blog reactions   Bookmark    rss RSS Feed

Clean Out Your Inbox Week Wed 16 Jan 08

Inbox_2 In early December I wrote "Getting Control Of Your Email - Break The Addiction" and I mentioned Marsha Egan's list of tell-tale signs to see if you are addicted to email and her book, "12 Steps to Curing Your Email E-Ddiction".  Egan's company is focused on working with individuals and companies to make the most of email and to regain lost productivity.

As part of this, Egan has proclaimed January 28 - February 1 as Clean Out Your Inbox Week.  As she states in her press release announcing this:

Every January, we set personal goals and attempt to make a fresh start and begin the New Year with our best foot forward in both our personal and professional lives. In the spirit of this fresh start, email productivity expert Marsha Egan is challenging businesses everywhere to take control of their email overwhelm by participating in “Clean Out Your Inbox Week.” 

Whether you use Egan's kit (commercial product) or just try to do it yourself the idea of cleaning out your inbox certainly sounds like a good way to start the year.

If this topic was of interest, you might also like these:

"Inbox" photo by Mike Schaffner (looks like I've got some cleanup work to do)

Tell A Friend Tell a Friend    View blog reactions   Bookmark    rss RSS Feed

"No News is Good News" --- Wrong! Mon 14 Jan 08

E_a_karroozi At the end of November we purchased some new furniture from Ethan Allen and also arranged for them to reupholster some chairs.  We naively asked if we might get them by Christmas and were told it might be possible but not likely that we would receive the new furniture but they would probably receive the fabric and pick up the chairs for reupholstering before Christmas.  We finally received the new furniture last weekend and they came to pick up the chairs for reupholstering this past Saturday.  Although this will eventually work out and we'll be happy with the furniture the whole process has been rather unsatisfactory.

The reason for the dissatisfaction?  Simply it was communication or more correctly the lack of communication.  A number of times we called to find the status of our order but were told the sales associate that sold us the furniture was on leave but someone would get back to us but no one ever did.  Finally in the last week of December I called and was told it was scheduled to be received by the store during the first week of January and that we would be contacted to arrange delivery of the new furniture.  I asked about the pickup of the chairs for reupholstering but was told that another department handled that and some one would contact us.  The delivery of the new furniture went as they described but we still couldn't get any information on the chair pickup.  Finally, at the beginning of the second week of January my wife called the store manager (and had to leave a voice mail) and indicated that if we didn't hear something by this week we would cancel the order for the reupholstering.  This apparently got their attention and the chairs are being upholstered now. They're due to be done in two weeks,  I'll let you know if they come through on this promise.

[Update January 27th - they missed their self-imposed 2-week delivery time with no communication that it would be late - looks like we will have to call yet again.]

[Update February 2nd - they called us early in the week (we didn't have to call them) and at our request delivered it this weekend.  Although we are satisfied with the furniture their customer service is so bad we would have to thing twice about going back there.]

It's rather disappointing that a store such as Ethan Allen with its reputation for a quality product (for which it receives a premium price) has such poor customer service and indifference to customer concerns.

Interesting you say, but this is a blog about IT.  So where's the connection?

Continue reading ""No News is Good News" --- Wrong!" »

Tell A Friend Tell a Friend    View blog reactions   Bookmark    rss RSS Feed

The Importance of Integrating Acquisitions Quickly Wed 02 Jan 08

Huchas_damianvila A close friend from Chicago knowing my IT connection sent me the following story thinking I might find it interesting.  I certainly did!  Enough so that with the permission I am posting as something of a guest post (anonymously at their request).

My daughter and I had an interesting  experience yesterday, which you might find amusing in your IT world.  She had two checks that she wanted to deposit in her Bank of America account.  Since October 1, when BofA formally acquired LaSalle Bank, they have been advertising that they are one bank and retail customers (the reason BofA wanted to buy LaSalle) could do their business at either bank, regardless of where their accounts were.  The closest BofA facility is about 10 miles away which as you recall can be a long drive in Chicago traffic.  So my daughter goes into the local branch of the LaSalle (a stand-alone bank building, with a parking lot for at least 30 cars) with her BofA card and her checks....to be told that the 'infrastructure' is not set up for them to take any deposits for BofA accounts. (Mind you, she can, with her deposit slip from the checking account, deposit those checks in ANY ATM sponsored by any bank.)  The LaSalle people also mentioned in response to her surprise that the BofA/LaSalle 'infrastructure' was not working smoothly enough for the employees to get their checks in a timely manner, either. (I guess, treating employees badly is a good reason for customers to overlook bad customer service?)  And this is happening in Chicago, the home base of the LaSalle operations--I wonder what happens elsewhere?)

So we go off to Dominick's [a Chicago area supermarket chain] with the checks in her purse.  At Dominick's there is a Chase "office" of about 120 square feet--barely room for a desk, three chairs. the bank officer's computer,  and an ATM. I say to my daughter, "let's try something..."  We tell the bank officer that we have a Chase checking account, but we do not have any Chase cards with us, don't know any account numbers, don't have a deposit slip, but would like to deposit two checks...can she help?  No problem...my daughter entered her SS number into the hand-held device that brought up our accounts on the bank officer's screen, she asked for a photo id to verify that she was the same person as listed on her screen, took the checks, and two minutes after we walked in on the way to the produce counter, the checks were deposited.

I do realize that mergers are a lot more complicated than running off-site locations, but BofA won the LaSalle bank in early summer/late spring 2007 even if it did not get closed until 9/30/07.  That was enough time to get their ad campaign out about it being "one bank" but insufficient time to  merge the IT systems that are the lifeline of their business.

Oh well,..........

I find this interesting for a number of reasons:

Continue reading "The Importance of Integrating Acquisitions Quickly" »

Tell A Friend Tell a Friend    View blog reactions   Bookmark    rss RSS Feed


tell_a_friend Tell a Friend About Mike's Blog

Creative Commons License 
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 2.5 License.

My photos on
Mike Schaffner's items Go to Mike Schaffner's photostream

Free Subscriptions
  Free RSS Subscription

Free RSS Subscription

For An Email Of New Articles
Enter your email address:

Read On Your Mobile Device


Join the Conversation
Subscribe to Comments
  Free RSS Subscription

For New Comments Email
Enter your email address:

This is the personal blog of Michael W. Schaffner. The opinions expressed in this blog are soley mine and those of commenters. You should not infer that these opinions are the opinion of or have been endorsed by any current or former employer.

Please review the Privacy Policy.   I do love comments and trackbacks but I do reserve the right to remove any that don't comply with the Comments and Trackback Policy.  Rather than clutter up the front page with badges and statistics that are of little interest to anyone other than me I thought it would be best to establish a separate page for statistics and rankings.

Copyright © 2006, 2007, 2008, 2009 Michael W. Schaffner       You may copy or quote sections of this blog if you provide an attribution consisting of a reference to the Michael Schaffner and ''Beyond Blinking Lights and Acronyms" along with a hyperlink (if a web reference) to the blog posting.     

Creative Commons License 
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 2.5 License.