The Risk Factor

There is a story in ComputerWorld that according to posts to a Microsoft support forum Windows XP Service Pack 3 has been sending some PCs into an endless series of reboots. According to the story, the problem has been tentatively identified as being a problem involving only machines using processors from Advanced Micro Devices Inc.

As the story notes, "This isn't the first endless reboot problem Microsoft's faced in relation to a service pack recently. In February, the company pulled a Windows Vista SP1 prerequisite update from automatic delivery because it was crippling some machines."

I haven't had the reboot problem. Instead, I have had to try multiple times on my Intel-based machines to get SP3 loaded properly. One machine took three attempts, another five, and the third is at seven and still counting. I won't bore you with the details, but needless to say, it has been a barrel of fun trying to determine where the conflicts reside.

My admiration for Microsoft just continues to grows whenever I have to update its software - it really does.

I get bombarded with press releases, most of which don't interest me much, but I did receive an interesting one concerning new PC log on software from XID Technologies. According to the release, “Face LogOn Xpress uses a simple web camera to ensure the identity of the user by providing biometric verification in an automatic, continuous process, based on XID’s award winning face recognition technology. The new software uses XID’s Face Recognition artificial intelligence technology and learns each time a user enrolls his or her face, enabling Face LogOn Xpress to develop high accuracy in varied conditions.”

“Targeted to computer users seeking to control access to their machines by verifying identity while logging on in a simple and convenient way, Face LogOn Xpress can be customized to allow users to control the application’s sensitivity levels. This control ensures accurate face recognition to address different lighting conditions. Additionally, Face LogOn Xpress compensates for extreme conditions such as complete darkness by allowing users to access the PC through the use of a default password instead of the camera.”

There is a video of its use here, and there is a free 30-day trial of the software available.

I like the idea of having my face be my password. I don’t think too many people look like me (although I have been told I have a passing semblance to Richard Dreyfuss) and I generally remember what I look like each day. My only concern is that I look a lot different after a couple cups of coffee in the morning.

Foxtel, a cable company in Australia made its customers very unhappy last week when it decided to send a software update to its cable boxes during prime time. Viewers claim they lost cable from 15 minutes to a half-hour, while Foxtel claimed that the outage only lasted five to eight minutes.

“Due to a system issue last night subscribers' service was temporarily affected by a software update," a Foxtel spokeswoman said.

“This meant subscribers may have needed to come out of standby mode on their set-top unit once the update finished to restore service. We apologise for any inconvenience.”

Of course, I suppose that every Foxtel subscriber should be able to recognize instantly that their cable went out due to a software update, and once the update was complete, that they needed to get their cable box out of standby mode to get their television back.

It would have been obvious to me.

Yeah, right.

Or should I say crikey?

Last December, I wrote about the 219 Internal Revenue Service (IRS) employees disciplined for snooping into taxpayer records last year.

This week, the UK's HM Revenue and Customs (HMRC) which suffered a major data breach last year, announced this week that it had disciplined 600 of its staff over the past three years for inappropriately accessing customer records. There were 238 people disciplined in 2005, 180 in 2006, and 192 in 2007.

I guess the temptation to peek is just too great for many people in these organizations.

Airbus is preparing its customers about a further delay to the Airbus 380 the London Times reports. The Times reports that Airbus is still having trouble with fitting the aircraft with the 311 miles of cabling it requires. For the last two years, Airbus has been rewiring 26 A380s that had cables installed incorrectly.

Boeing, which has seen its share of troubles lately on its 787 Dreamliner, announced this week that it should be able to hold to its revised April schedule.

The only possible monkey wrench is that Boeing's two largest unions, the International Association of Machinists' Seattle-based District 751 and the Society of Professional Engineering Employees in Aerospace are threatening to strike in September and December respectively. According to one report, the unions see that they have leverage over Boeing given the 787 delays, as well as the major future revenue the 787 promises.

Should be an interesting autumn for both Airbus and Boeing.

The Washington Post ran a story over the weekend about Virginia's pilot program to teach students about safe Internet practices. Beginning this September, students in all grades will be taught about Internet safety. Virginia's program is the first in the nation that is mandated by law.

While I was aware of the program when it got signed into law in 2006, I kind of lost track of its status until the Post article. With two young children in Virginia public schools this fall, I will be interested in what they are taught and how much it sinks in. My older child has an occasional computer class, but she hasn't said anything about the program to me. Nor do I recall seeing any announcements from her school. When I quizzed her about whether her teachers had taught her about safe Internet practices, she didn't seem aware of any instruction being given in relation to the program itself.

This has made me curious about how effective the program will be, since the according to the Post story, "The state initiative calls for including parents. One chapter in a state resource book covers 'What Parents, Grandparents, and Caregivers Need to Know.' " The story does say that in some jurisdictions, there has been a move to get parents involved - I just don't know how widespread it is. It hasn't reached me yet.

I'll let you all know what transpires when the Fall school session starts. I think it is a good idea - the ultimate value, however, will be in its implementation.

There is a report in the London Times that says UK banks are likely to start getting tough on customers who fall for phishing attacks. New rules to the Banking Code (these cover how banks must treat their customers) that came into effect last month state that “victims of online fraud must have up-to-date antivirus and antispyware software installed, plus a personal firewall, to claim redress from their banks,” the Times story says.

If a person fails to have the required safeguards in place, the banks can refuse any claim for a refund.

The onus is on the individual to prove that they have these safeguards in place at the time of the hack. I see a small boon to an enterprising company that develops a software program to keep a log of the total state of the security profile of a person's computer. The company could even suggest, for a small additional fee, to keep the log on its central system to prove to the banks that the profile wasn't tampered with in any way.

There is a problem, of course, in that a person's personal information may have been hacked months before it was used in an attack, but that is another story.

At least one of my banks has a similar "redress" policy. This bank makes it very clear every time you sign on that protection of the information that allows access to my accounts through its website is my responsibility, and that the bank will not be liable in any way if that information is used by an unauthorized third party due to my negligence.

How I can prove that some future unauthorized access wasn’t due to my negligence is not spelled out in any way (What, do I have to get the hackers to tell the bank where and how they got my information?), so I have started to stay away accessing my bank account information through this bank’s website. I suspect some bank customers in the UK faced with a similar dilemma may decide to do the same.

UK banks, like those in the US, want their customers to do more on-line banking to reduce their personnel and other overhead costs - I am going to be interested in seeing what happens if the banks start refusing to pay refund claims from hacked (off) customers.

Last week, it was reported that London Heathrow's Terminal 5 problems have greatly abated, but they haven't gone away, and may flare up again. British Airways (BA) Chief Executive Willie Walsh admitted at a conference at London's Institute of Directors that the baggage system was still not working properly.

BA ended the first quarter of 2008 with the most lost bags of any European airline (270,106 bags). BA lost 28.9 bags per 1,000 passengers, up from 22.4 bags per 1,000 passengers in the last quarter of 2007. The odds given for losing a bag on BA was said to be 1 in 34.

Walsh blamed the problems on Terminal 5's disastrous opening and the crash of its Boeing 777 at Heathrow in January. He also said another reason was because BA took baggage handlers from its other Heathrow Terminals (1, 3 and 4) over to Terminal 5 to train on the new baggage system there: "Staffing levels were lower than usual in Terminals 1, 3 and 4 because we were running test and training operations in Terminal 5."

In that case, the total number of lost bags attributed to Terminal 5 should be both the ones lost both during the chaotic opening, and those lost due to staff training. It's also too bad Walsh didn't tell all BA passengers that their bags were at higher risk of being lost during that training period, which started the previous September.

The problems of lost baggage has gotten so acute not only for BA but for other European airlines as well that the Association of European Airlines announced that it would be providing lost baggage statistics only on a half-yearly basis, not quarterly as it has always done before. It claims that this isn't to hide embarrassing bad news, but that people (i.e., the press) were giving too much significance to the numbers.

Right.

It isn't an IT story, but I came across this article in the LA Times today about a light bulb in a Livermore, California firehouse station that is still working after 107 years. According to the story the light bulb has been on for almost 1 million hours, and the firemen dare not turn it off because they are afraid it won't come back on.

You can see the light bulb for yourself at www.centennialbulb.org.

I do wonder, though, how many software programs will still be running after a hundred years. Maybe some of the COBOL programs at the Social Security Administration?

There was an interesting little Associated Press story over the weekend about researchers at Hampshire College in Amherst, Massachusetts using a robot squirrel named appropriately "Rocky" to help "decode squirrels' communication techniques, social cues and survival instincts."

The researchers use a computer and a set of binoculars to control the home-made robotic squirrel as it infiltrates the local gray squirrel population. The squirrel is equipped with appropriate squirrel sound recordings to "speak" to the other squirrels in attempts to get their attention.

The researchers are trying to figure out whether squirrels "react more strongly to Rocky's noises or movements or a combination."

The story also mentions the use of fake lizards and sage grouse by researchers to gain more insights into animal behaviors.

What I would really like is a robo-hawk or owl to help keep the hyper-active squirrels around my house who think it is their house away.