Tag: computers

Loose lips (still) sink ships

Frozen Solid Security Monkey by Monkey River Town

I suspect many of our readers will already have seen something about this, but just in case it hasn’t gotten a lot of U.S. press, Chancellor Alistair Darling (a very high ranking member of the British government) announced today in the House of Commons that 2 discs (CDs or DVDs – I’m not sure) were lost that contained highly confidential information for 25 Million Individuals. This data included names, dates of birth, insurance numbers, and (in some cases) bank account details — essentially all the toys you’d need to execute identity theft and fraud on a massive scale. The kind of stuff that an organized crime outfit would probably pay mucho top dollar for.

And the data was unencrypted.

Yup.

Unencrypted.

Makes you want to cry.

(In fairness, the discs were “password protected”, but no one seems clear on what that actually means. Given that most password systems for discs and files are child’s play to get through, without solid encryption on the other end “password protected” doesn’t offer much comfort.)

Unfortunately, as several of the talking heads pointed out, this is at some level inevitable as governments, corporations, and educational institutions move to larger and more centralized databases. Consider, for example, last year’s leak of the search histories of half a million AOL users.

The U of M at least tries to take these things seriously, but they don’t always get the stick by the right end. There’s a lot of noise, for example, about whether faculty like myself should be able to hold confidential student data (including things like homework grades) on our office computers or (far worse) on laptops or home computers. This is partly a security concern (stolen laptops are always a risk, who knows how well I’ve configured and updated my computers), and partly a data protection concern (how often do I actually backup my data). If they seriously go down this road, however, then one consequence is that all this grade data for the entire University is in one place. At the moment, if my computer gets lost or destroyed or stolen, there’s not much exposure. It would be painful and unpleasant for me and several dozen students, but the ripples would stop pretty quickly. If all that data is centralized, however, then the risk is arguably much greater, especially if it’s not managed well.

In reality, I’m not their real problem. I just don’t have access (and rightly so) to enough data to mess up very many people’s lives. There are admin and support staff, however, that have access to enormous amounts of sensitive information. Are they able to burn a couple of DVDs full of the stuff? Probably (but hopefully not easily). Are they trained on why that would be a really dumb idea? I think so.

But then I would have thought that staff at Revenue and Customs over here would have had that sort of training.

And apparently I would have been wrong.

Thanks to the fine folks at MonkeyRiverTown for the great photo.

Tags: computers, data protection, Education, Politics, privacy, security

Related posts

A wonderfully different way to thing about computing

One Laptop Per Child logo
One of my constant struggles as an educator in computer science has been helping students see a bigger picture, look past the mundanities of yesterday’s “help wanted” page, and see what the world could be rather than what it has been.

One way this has often played out has been in debates over programming languages and development tools. Students are (quite legitimately) concerned with their near term employment prospects, and so they tend to focus what they’ve heard of, and what they see in the job web sites. Unfortunately that is almost always an exercise in looking backwards in time. When I started in 1991, the problem was getting students out of Pascal and C and start thinking about objects. Now we’re working to add things like Ruby and Python to our Java-heavy toolkit. Constant throughout has been the difficult task of getting them to take (semi-) functional languages (Scheme, Haskell) seriously or, in fact, any language doesn’t have a “For dummies” book at their local mega-bookshop.

I need to be fair, though, and make it clear that we’ve always had students who could see the bigger picture, and have often pushed us faculty to open some important new doors. I suspect that we’ve actually been luckier in that respect at UMM than many other programs. That said, you still get groaners (often very vocal) who never seem to be happy unless you’re emphasizing whatever tool or language they’re firmly convinced is their only road to employment.

This is one of the reasons that it makes me so happy to see the list of programming languages used in the One Laptop Per Child project:

We will support five programming environments on the laptop: (1) Python, from which we have built our user interface and our activity model; (2) Javascript for browser-based scripting; (3) Csound, a programmable music and audio environment; (4) Squeak, a version of Smalltalk embedded into a media-rich authoring environment; and (5) Logo. We will also provide some support for Java and Flash.

OK, we can debate the details (and I’m sure people have and will), but let’s skip all that shall we? Let’s instead note that none of these was a “heavy hitter” 5 or 10 years ago, and there are plenty of people who would (wrongly in my opinion) argue that none are terribly important today. How many data structures classes in the U.S., for example, (a key “bread and butter” course in most computing curriculums) use any of these languages? I’m sure there are a few (especially Python), but proportionally I bet it’s pretty tiny. (Try searching either Amazon or the web for textbooks for such a course, for example.)

It’s also worth considering impact here. Sure, I doubt that anyone’s likely to start building inventory control systems in Logo, but should that be the issue? What’s the real opportunity for impact here? How do I change the world? By building accounting systems? Or by contributing to a project that plans to put computers and software in the hands to millions of kids all around the world?

You want to make the world a better place? You want to really fight terrorism? Then give people hope, a chance to grow and make their world better. Give them something to protect. Contribute to a project like this.

And, if you’re contributing to this project, you apparently program in Python, JavaScript, CSound, Squeak and Logo.

So let’s put an end to the whining about these not being “real” programming languages and nobody building “real” programs with them. I’ve written a crapload of Java code in my day that only a handful of people will ever use. Some bright bulbs used Squeak to build Scratch, which I suspect will be used by millions. Hmmm … which do I find more impressive?

Tags: change, computers, culture, Education, One Laptop Per Child, programming, programming languages, software, software development

Related posts