The Risk Factor

I came across a story last month in the Wall Street Journal about how investors looked at companies that embrace open source software approaches to their products, and whether investors view it as a positive or negative development. Or as the article stated it, "Will investors reward openness by driving up the company's shares -- or punish it by knocking the stock down?"

Oliver Alexy a research assistant and doctoral candidate at the Technische Universität München TUM Business School in Munich, Germany, decided to find out. To do so, he spent a bit of time researching the topic:

"First, I searched through news releases from January 1999, shortly after the start of the open-source movement, to April 2007, looking for announcements that fit the bill. I then weeded out a number of companies, mostly because their announcements contained other news that might affect the stock price. That left 38 announcements from 30 companies."

"Next, I analyzed the companies' stock performance for 125 days prior to the announcement -- to get a baseline for performance -- and then watched the stock activity the day before the announcement and the day of the announcement. (I looked at the day before in case the markets had anticipated the news.)"

The results?

"Companies saw their stock price rise if they met one crucial condition: explaining how they expected their open strategy to bring in short-term revenue. Companies that clearly communicated a short-term revenue model saw an average stock-price increase of 1.6%. Companies that didn't saw an average decline of 1.6%."

Companies, if they are going to embrace open source software, need to have credible short-term plans on how they are actually going to make money going down this path. As Alexy points out, "vague, long-term assurances" aren't going to impress investors; they sound way too much like "trust me."

It will be interesting to see what other bits of information Alexy's research turns up.

Walter Reed Army Medical Center announced that it was "investigating the possible disclosure of personal identifier information through unauthorized sharing of a data file containing the names of approximately one thousand Military Health System beneficiaries."

"Walter Reed officials were notified of the possible exposure on May 21 by an outside company. Preliminary results of an on-going investigation have identified a computer from which the data was apparently compromised. Data security personnel from Walter Reed and the Department of the Army continue to investigate the source and causes for the information compromise."

"The disclosure of this information raises the possibility that individuals named in the file could become victims of identity theft. ... The compromised data file did not include protected health information such as medical records, diagnosis or prognosis for patients."

The Army declined to say how it thinks the breach happened.

In other compromised personal data news, The Bank of New York Mellon Corporation admitted that back-up tapes of customer data were lost twice this year - once in February and again in April. The tapes contained information on over 4.5 million customers and 747 companies.

The bank, per usual, on top of apologizing has promised to improve its security of back-up tapes, will provide 2 years of two years of free credit monitoring, and provide identity theft insurance in the amount of $25,000, among other things.

Of course, the bank didn't say why it didn't take this action after the first tape was lost, but I bet you that the February event was seen by management as a low-probability "aberration" that couldn't possibly happen again.

Surprise!

Last week, the California State Senate approved a bill that would allow pharmacies in the state "to sell confidential patient prescription information to third-party marketing firms working for drug companies," according to news reports.

The idea is being framed by the pharmacies and drug companies as a way to increase the quality of patient care. The drug companies would send patients mailings as reminders to take their prescriptions and to get them refilled. A patient could opt out of the mailings if they so desired.

Of course, the drug companies are lukewarm about having patients opt-in instead, for obvious reasons.

And both the pharmacies and drug companies are playing down how much money they are going to make by being able to directly target patients with advertising.

Expect to see patient medical information increasingly being sold and bought as more and more of it becomes electronic. Expect too to see future attempts to sell confidential information couched in this "increasing the quality of patient care" rhetoric. This currently seems to be a winning approach to overcoming privacy concerns.

My worry is if this becomes law in California which has one of the strongest medical privacy laws in the country, how quickly do you think this idea will spread across the nation?

And how quickly do you think Google and Microsoft will start arguing about the benefits to patients of their selling personal health record information to third parties?

The Organisation for Economic Cooperation and Development (OECD) released a report titled Malicious Software (malware): a Security Threat to the Internet Economy last week on the international state of Internet security.

The report doesn't say anything particularly new from my quick read, but it does nicely pull together a lot of published information around the world that many people may not be familiar with into a single easy to read package.

For instance, a couple of items in the report:

In 2005, "only one in seven computers in Australia use a firewall and about one in three use up-to-date virus protection software."

"One association of banks in the United Kingdom estimated the direct losses caused by malware to its member organisations at GBP 12.2 M in 2004, GBP 23.2 M in 2005, and GBP 33.5 M in 2006, an increase of 90% from 2004 and 44% from 2005."

In 2006, it was "estimated that 59 million users in the US have spyware or other types of malware on their computers."

In 2007, it placed the estimated "annual loss [from malware] to United States businesses at USD 67.2 billion."

If you are looking for a compendium of the international impacts of Internet security problems, this a report that you should have as a reference.

There is a story in today's Wall Street Journal about the bi-partisan congressional effort that "would take a carrot-and-stick approach that would first grant doctors additional Medicare payments if they adopt digital-prescribing technology, then in later years dock their fees if they have failed to make the shift."

The story notes that that only about 35,000, or less than than 10%, of U.S. doctors use e-prescribing. The advantage to e-prescribing is that it can reduce administrative overheads as well as look for dangerous drug interactions.

The idea is that since most doctors see Medicare patients, this approach would create momentum not only for e-prescribing for all patients but for electronic health records.

Although the details are not yet finalized, it is likely that Medicare payments to doctors would be increased 2% in 2009 and 2010, then less over the next three years for those who use e-prescribing, while for those that don't use would see their payments cut by 1% in 2011, ramping up to 2% (and probably more) for 2013 and beyond.

I suspect that this same approach will be used for electronic health records as well.

The UK National Audit Office released a report on the UK Ministry of Defence (MoD) effort that, according to London Times, "has spent more than £500 million (so far) on eight Chinook helicopters that have never been flown" since the MoD accepted them from Boeing. For the past seven years, the MoD has been trying to make the Chinooks airworthy.

Edward Leigh, chairman of the Commons Public Accounts Committee described the situation as of “one of the most incompetent procurements of all time."

The Mk3 Chinooks were ordered from Boeing in 1995 at a cost of £259 million for special forces operations and were delivered to the MoD in 2001

As described in the Times story, "The major difficulty with the purchase arose when the MoD discovered that it had neglected to include in the contract a clause that would provide access to the source codes for the highly complex software. Without them, RAF specialists were unable to check whether the adapted helicopters passed Britain’s strict airworthiness criteria."

"Boeing was reluctant to hand over the codes since no request had been made for them in drawing up the contract. So the RAF said that the Chinooks could not be flown except in the most clement weather. The sky had to be cloudless and the pilots would have to operate from at least 500ft so that they could navigate by landmarks.'

Kind of makes the helicopters pretty useless for special forces work, one might conclude.

To overcome the problems, in 2004 the MoD decided to have Boeing upgrade the avionics software at a cost of £215 million, but that effort was canceled in 2006 because of the desperate need for Chinooks to support British troops in Afghanistan. However, the cancellation cost the MoD some £90 million in termination fees, almost double the £53 million it originally thought.

So the Chinooks are now being downgraded in capability to become vanilla troop-carrying utility helicopters at additional cost.

“The MoD’s programme to make airworthy the eight Chinook Mk3 helicopters . . . has been a gold-standard cockup," Edward Leigh added.

What is it with 1960 era helicopters and avionic software improvement programs?

Feeling guilty about your carbon footprint when you fly? Well, then the new airline Derrie-Air is the airline for you.

The airline's ad copy appearing in today's Philadelphia Inquirer and Philadelphia Daily News reads:

"Welcome to Derrie-Air, the world's only carbon-neutral luxury airline, where you don't have to choose between living the high life and saving the planet. Nine out of ten scientists agree—we need to reduce our carbon emissions or perish from the face of the earth. Air travel is one of the biggest sources of carbon emissions and global warming. Derrie-Air will be the only airline that plants trees to offset every pound of carbon that our planes release into the atmosphere."

"But not only will we do our part to protect the environment, we will expect you, our passengers, to do your part as well. The magic comes from our one of a kind "Sliding Scale'—the more you weigh, the more you'll pay. After all, it takes more fuel—more energy—to get more weight from point A to point B. So we will charge passengers based on how much mass they add to the plane. The heavier you and your luggage are, the more trees we'll plant to make up for the trouble of flying you from place to place."

You can fly from Philadelphia to LA for $2.25 per pound, Philadelphia to Chicago for $1.40 per pound, Philadelphia to Dallas for $1.60 per pound, and so on.

Your weight is computed as being both your own weight and that of your luggage. But for that, listen to what airline promises:

"First of all there will be no class distinctions inside of a Derrie-Air jet. Every passenger will be treated like royalty. Every seat will be first class. There will simply be too many extras and treats on our flights to list here, but highlights will include: gorgeous air hosts and hostesses, golden-age Rat Pack films, top-shelf vodka Martinis, on-demand video blackjack, spacious private washrooms outfitted with porcelain fixtures and gilded faucets, gourmet snacks, on-board masseuses, loofah scrubs and, of course, digital cable!"

Sounds to good to be true, right?

The US Air Force reported that the February crash on take-off of the $1.4 billion B-2 stealth bomber called the Spirit of Kansas was caused by moisture interfering with the operations of 3 of the aircraft's 24 air pressure sensors. The sensors were all on the port side of the aircraft. The moisture problem was found to skew the data being fed into the aircraft's flight control computers.

According to news reports, "The aircraft crew believed the bomber had reached the takeoff speed of 140 knots when in reality it was traveling ten knots slower and rotated for takeoff. The mis function also meant that the sensors showed the plane to be in a nose down position, causing it to command a high level of pitch, around 30 degrees. This, combined with the low takeoff speed, caused the aircraft to stall and veer to the left."

The pilot and co-pilot ejected successfully, although the co-pilot was hurt.

What the Air Force noted was that the crash could have prevented by more effective risk communications.

Again, according to the story, "The vulnerability of the sensors to moisture was first detected by air crews and maintenance staff in 2006, at which time it was discovered that turning on the 500 degree pitot heat prior to sensor calibration would evaporate the water and cause a return to normal readings. However, this was never formally noted and so the pilots of the aircraft were unaware of the potential problem or its solution."

In fact, another B-2 had to abort a takeoff at the same base because of the same problem apparently last year, but the pilots of the B-2 that crashed hadn't been briefed about it.

On a personal side, the B-2 belong to the 509th bomb wing, my old outfit. I was an avionics tech back in the early 1970s, and I find it strange that the problems with the sensors were not logged, nor that when an abort happened, the causes were not formally briefed. I also find it interesting that the information about heating the pitot at the very least wasn't informally spread among the very small B-2 pilot community. If memory serves me correctly, the problem back when I was in the Air Force was that pilots complained about everything - even if a system worked as designed but didn't work the way they wanted it to - on their aircraft during after-flight debriefs, which were all noted, filed, cataloged and analyzed. No issue was too small not to make note of.

Video of the crash can be found on the crash investigation website.

The Washington Post reported in an interesting story over the weekend that the Hatch nuclear power plant near Baxley, Georgia was forced on the 7th of March into an emergency shutdown for 48 hours after a company engineer installed a software update on a computer operating on the plant's business network.

The story in the Post says that, "The computer in question was used to monitor chemical and diagnostic data from one of the facility's primary control systems, and the software update was designed to synchronize data on both systems. According to a report filed with the Nuclear Regulatory Commission, when the updated computer rebooted, it reset the data on the control system, causing safety systems to errantly interpret the lack of data as a drop in water reservoirs that cool the plant's radioactive nuclear fuel rods. As a result, automated safety systems at the plant triggered a shutdown."

As outlined in the story, company technicians were aware that there was full two-way communication between some of the computers on the plant's corporate and control networks. However, the engineer who installed the update was not aware that that the software was designed to synchronize data between machines on both networks, or that a reboot in the business system computer would force a similar reset in the control system machine.

The company has now physically removed the connections between the control and business systems.

The story notes the on-going problem of creating secure infrastructure IT systems that were designed nearly thirty years ago without security in mind.

There were three interesting inter-related stories today, one appearing in the Wall Street Journal, one in the USA Today, and the third one in the LA Times. The USA Today story is about the warning being given by national security agencies to business executives and federal officials planning to attend the Beijing Olympic Games on the need for securing their laptops and other electronic devices. These unnamed agencies, it is claimed, are warning that Chinese agents are likely to attempt to steal secrets or plant malware in US visitors electronic devices in order to be able to hack into US computer networks.

As I noted a short time ago, this is thought to have happened to Commerce Secretary Carlos M. Gutierrez's laptop on a trip to China last year.

The Chinese state that the accusations are baseless fabrications.

The Wall Street Journal's story is about the increasing demand for counter-spy technology. It says that in April of this year, "car maker Porsche AG disclosed it had found a baby-monitoring device concealed behind the hotel sofa of its president and chief executive Wendelin Wiedeking, last fall during his trip to Wolfsburg, Germany, for meetings with executives at Volkswagen AG."

By one account, demands for counter-spy sweeps have increased by 25% per annum over the past two years, and that about 10% of the time, something is found.

In addition, as told in the story,

"Companies also are increasingly worried about economic and industrial espionage by foreign governments and companies. Kroll Inc., a risk-control consulting company that is a unit of insurance brokerage Marsh & McLennan Cos. Inc., says inquiries in Japan have doubled in the past year. Associate Managing Director David Nagata, who is based in Tokyo, counsels visitors to have their hotel rooms swept for listening devices prior to check-in and make sure they're secured from unauthorized entry. For super-secret matters, he suggests closed-circuit cameras to monitor hallway traffic and an alarm that beeps when someone approaches the room."

The story also notes that in spite of all these elaborate precautions, they're often "undone by executives chatting on unsecured cellphones with Bluetooth headsets and tapping on unencrypted laptops."

The best laid plans ... which brings me to the LA Times story. This one is about a study released today by Verizon Communications Inc. claiming that two-thirds of the "thefts of sensitive information from corporations occur when the victimized companies don't know what data they have, where they have it or who has access to it."

The study also claims that "criminal gangs are targeting individuals inside call centers, because they have access to hundreds or thousands of companies."

David Pogue, the New York Times technology columnist, has a very useful blog today on blocking cell phone spam. A few weeks ago, he blogged about his and his wife's Verizon cellphones getting spam text messages, and his apparent helplessness about being able to do anything about it.

After Pogue wrote his blog rant, he heard from an AT&T representative telling him how AT&T helps its cellphone customers from getting spam. He then found out that Verizon also has spam-filtering capabilities as well for its cellphones.

I highly recommend reading Progue's blog entry on this subject. There he lists the information you need to find out how to set up spam filtering for AT&T, Verizon, Sprint, and T-Mobile.

Thank you, Mr. Pogue.

I plan get a spam filter block myself. I'll be interested to see if it blocks the text spam I get from AT&T itself on my phone.

As hopefully most of you know, the broadcast of analog television signals by all full power TV stations in the US will cease at midnight of the 17th of February 2009. Those who own an analog television set and depend upon over-the-air broadcast signals will need a converter box to continue to watch television on their set, unless they are near a low power TV station, which aren't being affected.

The US government has set aside $1.5 billion dollars to help US households with the transition.

Beginning January 1, 2008, each US household became eligible to request up to two $40 coupons (online at www.DTV2009.gov or by phone at 1-888-DTV-2009) toward the purchase of eligible digital-to-analog converter boxes. One problem with the coupon program, however, is that many of the coupons are only good for a short time (they are only good for 90 days, and once expired, you can't ask for a new one) and there appears to be a shortage of converter boxes in some areas.

Furthermore, estimates are that a little less than 10% percent of 112.8 million US households, or 10.6 million households, may be unprepared for the transition. Most of these are thought by the US Government Accountability Office (GAO) to be households that rely solely on over-the-air television signals.

Another issue is that even with a converter box or HDTV, people may not receive as many over-the-air stations as they did before without also buying a new antenna. As noted in a recent Washington Post story,

"Digital signals typically do not travel as far as the old analog signals, according to research by Oded Bendov, who is president of TV Transmission Antenna Group and who will replace broadcast antennas on the Empire State Building. Every city will experience different reception challenges, he said, depending largely on the local landscape. Bendov said that about half of the viewers who now receive analog channels would not reliably receive all of their digital replacements and that viewers more than 40 miles from a broadcast tower would probably need new equipment."

"Consumers may have to adjust their antennas to point them in the direction of the TV station's broadcasting towers. That's because digital signals need more precise positioning than analog signals, said David Donovan, president of the Association for Maximum Service Television, a broadcast industry group."

The government is now saying that those who need converter boxes need to get their coupons now and buy their boxes by the end of summer, or risk not being able to buy them later in the year when it expects demand to really start to peak.

As I said, mid-February 2009 should be interesting.

Paul Coby, the chief information officer at British Airways (BA) reportedly made a public apology at the Forrester IT Forum in Lisbon last week for the problems that happened during the opening of London's Heathrow´s Terminal 5 in March.

Coby said that the problems had "seriously damaged" BA's reputation.

BA apparently has learned at least some lessons from it earlier problems. Last weekend, BA successfully moved an extra 30 BA flights to Terminal 5 from Terminal 4, bringing the total of daily flights to 424. The extra flights add another 7,000 passengers and 4,000 bags a day to Terminal 5, an increase in passenger flow of about 15%. More moves are planned for later this year.

While those passengers using Terminal 5 are probably happier than before, the trip in and out of Heathrow in general has become more difficult for everyone. Over the first quarter of 2008, only 56% of flights left or arrived on schedule. Last year it was 76%. All those flights canceled because of the problems at Terminal 5 don't count in the figure, because cancellations are not part of the on-time equation.

One aviation consultant said "that the deterioration in punctuality at Heathrow might not cause a sharp drop in passenger numbers because the airport already has a bad reputation."

Well, I guess that is one way to positively spin the situation.

The London Telegraph reported recently that the UK government is designing a new sign for lorry drivers in an attempt to stop them from driving down roads that are not suitable for their size or weight. The story noted that "Ena Wickens, 79, has spent £20,000 repairing her home in Mereworth, Kent, which has been repeatedly struck by lorries sent down her narrow lane."

The new sign is believed to show "a lorry with a red line through it and will not include any words." I think the one shown on the blog that also depicts the sat nav itself is a better design, myself.

Interestingly, there is no penalty whatsoever for ignoring the new sign, so some are questioning the usefulness as well as future effectiveness of the exercise.

I have my own beef with sat nav systems - or at least the one that came with my new car. It is user unfriendly to say the least. I knew something was up when I saw that the system's user manual was 240 pages long and in places the instructions were about clear as mud on a spring day. I have found that the nav system is very use if you already know the route, want to use the system as a means to generate verbal reminders for upcoming turns, or when you want to know where there is a gas station or someplace to eat along the way.

However, if you want to take an alternate route other than the three it suggests, you have to spend so much time trying to work around the system constraints (the GPS is very insistent that it knows best) that when you get done, you become so frustrated that you want to have the system taken out of the car and your money refunded. Also, you had better be a USA county expert, because many town names are omitted from its database, although all counties seem to be represented.

I haven't been sent off a cliff yet, but I have faith, given the antagonistic relationship I am quickly developing with it, that sooner or later my sat nav system will undoubtedly try.

The Wall Street Journal (WSJ) has an article today on the new "Battle of the Overhead Bins" that will be taking place soon on airplanes across the nation as airlines like American, US Airways and United begin imposing fees for checking in some passengers' first bag. The story notes that American and United "will station airline employees or hired contract workers at entrances to security screening lanes to intercept customers exceeding the carry-on limit of one bag small enough to fit in an overhead bin and one 'personal item' like a purse or briefcase."

The battle for bin space has become been pretty intense over the past few years, as airline baggage handling has gone from bad to worse. Then, as the airlines have reduced their number of flights to save money, open overhead space has become even tougher to find as airplanes are flying full. Now, with this additional fee, things will start to get even uglier, especially on planes with small overhead compartments (anyone know for certain which aircraft have the smallest overhead bins?).

I wonder how long it will be before a fight breaks out on an airplane over overhead space, or at security when the "baggage police" try to enforce carry-on baggage rules. If not this summer, I think at least one incident on an airplane will occur during the winter months when coats begin to compete with carry-on luggage for overhead space.

The WSJ story also mentions that passenger check-in times at airline ticket counters will likely grow as ticket agents need additional time to charge passengers the new baggage fee. Passengers who require to check their luggage need to think about arriving even earlier than "normal."

For those airlines like United which has severely cut back on the number of ticket agents over the past few years as it rolled out automation to make passenger check-in more self-service, the new fee is likely to increase the level of customer dissatisfaction way above where it stands now. United ticket agents aren't going to be too happy either, as their stress level will climb even higher dealing with unhappy passengers.

The airlines haven't talked about from what I have seen or read about whether the bag fee will be refunded if your checked luggage doesn't make it to your destination. I doubt that they will, but if you have to pay for your bags separately now, I think its only fair that passengers get their bag fee refunded when their luggage doesn't arrive with them.

American Airlines claims the new fee will generate $350 million in new revenue, but I suspect that this is more a hope than anything else. I don't doubt that airlines, given that overhead bin space is valuable real estate, are thinking about how to charge passengers who board the airline first to pay for the privilege. I also suspect that as fuel costs continue to rise, it will only be a matter of time before some airline says that carry-on luggage will be weighed and passengers charged accordingly.

The days of Derrie-Air may not be too far off.

Various news outlets ran stories on the New England Journal of Medicine's (NEJM) survey results published yesterday regarding doctors' usage of electronic health record (EHR) in the US. The survey, which involved 2758 doctors, found that while doctors who use EHRs overwhelmingly believe that they improve the timeliness and quality of patient care, less than 20% of all doctors actually are using them.

However, the NEJM survey found that only 4% of US doctors have access to what would be considered to be a "fully functional" EHR system as opposed to a "basic" EHR system. The survey report noted that, "The principal differences between a fully functional system and a basic system were the absence of certain order-entry capabilities and clinical-decision support in a basic system."

The report breaks down usage by medical practice size. Doctors working in medical practices having 50 or more doctors, some 50.5% of those practices have installed EHR systems. Those with 11 to 50 in the practice, the percentage drops to 29.3%. Those medical practices consisting of 1 to 3 doctors, the percentage which have installed EHR systems is only 8.6%.

Unsurprisingly, the main reason for the low EHR adoption rate is mainly financial, although other factors were cited in the NEJM survey report: "Among physicians who did not have access to an electronic-records system, the most commonly cited barriers to adoption were capital costs (66%), not finding a system that met their needs (54%), uncertainty about their return on the investment (50%), and concern that a system would become obsolete (44%)."

Without major financial incentives, I don't see the wide-spread adoption of EHR systems in the US anytime soon, and definitely not by the 2014 deadline President Bush set out in 2004.

The UK’s third largest grocer Sainbury’s has finally fixed a software problem that brought down its on-line grocery service, according to Vnunet.com. The problem which kept Sainsbury's from being able to process customer orders, started the evening of the 17th of June. Customers who had placed orders discovered that they were canceled, which left many rather unhappy.

As reported by the Independent, “Sainsbury's delivers to 90,000 customers a week and their average spend is thought to be about £80 per transaction… the technical glitch has already cost the grocer well over £1m in lost online sales.”

Sainsbury’s competitors were quick to jump on its problems, with ASDA, for example, offering “free delivery on home shopping when [customers] enter a promotional code.”

The embarrassment factor of the problem was also magnified as a result of some unfortunate timing. Sainsbury’s chief executive Justin King was boasting to City analysts about the growth of its online site during a first quarter results presentation on the morning of the 18th of June, just as the problem was becoming public.

“The online operation is continuing to perform well, with sales growth at over 40 per cent,” King reportedly said.

I am sure King was rather incensed not to be informed about the problem before he gave his presentation.

Sainsbury’s has offered the approximately 20,000 shoppers affected by the problem a £10 voucher as compensation

Tom Shoop's blog at Government Executive magazine (where I also blog occasionally), has an interesting post that I have been meaning to write about. Tom found posts (JOHO the Blog, BoingBoing) about a recent Enterprise 2.0 conference in Boston where two CIA officials gave a presentation called "From the Bottom-Up: Building the 21st Century Intelligence Community" that focused on Intellipedia.

Apparently, during the presentation, the officials referenced the Office of Strategic Services (OSS) 1944 field manual on sabotage techniques. The purpose of the manual was to provide OSS agents with "simple sabotage" methods involving the "human element" that "frequently is responsible for accidents, delays, and general obstructions even under normal circumstances."

The manual goes on to say, "The potential saboteur should discover what types of faulty decisions and non-cooperation are normally found in his kind of work and should then devise his sabotage as to 'enlarge the margin for error.'"

The types of things that the saboteur should look for? (I cribbed this mostly from Tom who copied it verbatim from the manual)

Under section 11, General Interference with Organisations and Production, the OSS manual lists several approaches to consider, such as, for:

(a) Organizations and Conferences

(1) Insist on doing everything through "channels." Never permit short-cuts to be taken in order to expedite decisions.
(2) Make "speeches." Talk as frequently as possible and at great length. Illustrate your "points" by long anecdotes and accounts of personal experiences. Never hesitate to make a few appropriate "patriotic" comments.
(3) When possible, refer all matters to committees, for "further study and consideration." Attempt to make the committees as large as possible — never less than five.
(4) Bring up irrelevant issues as frequently as possible.
(5) Haggle over precise wordings of communications, minutes, resolutions.
(6) Refer back to matters decided upon at the last meeting and attempt to re-open the question of the advisability of that decision.
(7) Advocate "caution." Be "reasonable" and urge your fellow-conferees to be "reasonable" and avoid haste which might result in embarrassments or difficulties later on.
(8) Be worried about the propriety of any decision — raise the question of whether such action as is contemplated lies within the jurisdiction of the group or whether it might conflict with the policy of some higher echelon.

You just have to love government thinking.

The inspector general of Social Security, Patrick P. O'Carroll, released a report this week that called for the removal of Social Security numbers from Medicare cards that are used by more than 40 million Americans. O'Carroll wants the numbers removed because they pose a risk of identity theft.

As quoted in the New York Times, O'Carroll said, "Displaying such information on Medicare cards unnecessarily places millions of individuals at risk for identity theft. We do not believe a federal agency should place more value on convenience than the security of its beneficiaries' personal information."

So how do Medicare officials respond?

It tells the inspector general to go take a hike.

"Charlene M. Frizzera, chief operating officer of the Centers for Medicare and Medicaid Services, played down the risk of identity theft from the misuse of Medicare cards. If the government suddenly issued new Medicare cards or identification numbers, she said, it could startle or alarm beneficiaries. 'We don't want to scare them,' Frizzera said," in the Times story.

I wonder what studies Medicare did investigating "senior fright" when social security numbers are replaced by some other number. Virginia has been removing social security numbers from driver licenses for the past few years - maybe Medicare can conduct a survey of how frightened seniors became when that change-over happened.

The real reason, of course, is that Medicare thinks making the change would be too costly.

According to the story:

Frizzera said that "issuing new Medicare cards would be 'a huge undertaking.' The agency would need three years to plan such a move and eight more years to carry it out, she said."

In addition, "Medicare officials estimate that it would cost $500 million to change their computer systems if they issued new ID numbers to beneficiaries. Doctors, hospitals and other health care providers use those numbers in filing claims with Medicare, which pays a billion claims a year."

Hmm, it would take 11 years to fully make the change? And Medicare is worried that seniors would be "startled" by the "sudden" change?

Given the current life expectancy of many of those currently on Medicare, no doubt many would be dead before they ever saw their numbers change given this project schedule.

And other organizations, like Blue Cross and Blue Shield, who cover 100 million individuals, stopped using Social Security numbers years ago. They didn't need 11 years or $500 million that I know of.

According to the story, only Congress can force Medicare to make the change. Maybe it needs to before the wave of baby boomers like me really begin to retire.

BTW, I for one, promise not to be scared if Medicare makes the change. And I'll even pay a one-time $20 fee towards the conversion when I sign up for Medicare.

A few months back, I wrote about how the Illinois State Toll Highway Authority was sending violation notices to the wrong addresses, leaving some drivers to miss out on the opportunity to pay their fines before the fines dramatically increased or their driver's licenses were suspended.

Now the Toll Authority's new computer system used to check vehicles traveling on the Illinois tollway using the I-PASS (electronic toll payment transponder) was found to have a software problem that affected Wisconsin drivers.

According to an AP story, Wisconsin I-Pass users whose transponders didn't register when going through a toll (as sometimes happens) didn't match up properly during a tollway enforcement system validation cross-check between Illinois and Wisconsin I-Pass records. As a result, the Wisconsin drivers got a fine for using an "expired" I-Pass transponder or for not owning one at all.

The root cause of the problem was, according to the story, that "the new Illinois computer system allowed Wisconsin drivers signing up for the I-PASS to identify their vehicle as a 'passenger' car. But Wisconsin records listed the license plates as an 'auto.' " The incompatibility was why the databases didn't sync up when checked and Wisconsin drivers got whacked even though they had working I-Pass transponders.

Why the incompatibility existed in the first place wasn't explained.

No one seems to know how many Wisconsin drivers have been affected, either, and it will take at least another six months before the situation can be cleared up.

Today’s New York Times had a story on the problems the US government is having in attracting young engineers and computer scientists into defense work. As I noted a while ago, engineers and computer scientists would rather work in the commercial sector than in government.

The article interviewed Dr. Paul Kaminski, the former Undersecretary of Defense for Acquisition and Technology from 1994 to 1997, about the brain drain which has become a “big factor in a breakdown in engineering management that has made huge cost overruns and long delays the maddening norm.”

The loss of expertise from the retirement of engineers/computer scientists has coincided with the inability to recruit replacements. As a result, both the engineering and management talent needed in defense programs is lacking.

Kaminski also highlighted in the article the critical deficiency in systems engineering expertise found in defense programs. He recently headed a National Academy study on systems engineering (or better put, the lack thereof) in the US Air Force which resulted in a report published earlier this year titled, “Pre-Milestone A and Early-Phase Systems Engineering: A Retrospective Review and Benefits for Future Air Force Acquisition.”

So what happens when systems engineering expertise is missing?

Kaminski noted a military satellite system, for instance, that was “designed to detect foreign missile launchings that ... [which] was inexplicably designed with two sensors that cannot operate simultaneously on the same spacecraft without extensive, costly shielding to prevent electromagnetic interference generated by one from disabling the other.”

Another? How about “a complex network of communications satellites that the Pentagon started building without a coherent plan for integration with an existing system or a consistent set of requirements to accommodate the needs of the four military services.”

Obviously, when these types of basic elements are missing, program costs and schedules increased dramatically, and the systems don't deliver what was originally promised or expected.

As a side note, I interviewed Dr. Kaminski among many other former and current defense acquisition officials for an upcoming article on defense acquisition which is scheduled for publication in IEEE Spectrum this fall. He is a very fascinating person to talk to as well as one who is universally and very highly respected by his peers in both industry and government.