March 24, 2010 By Dan Lohrmann
In my twenty-five years as a security and technology professional, I have never seen so many hot headlines around technology issues. Whether you are reading the papers, watching TV or surfing the web, the tech headlines are almost rivaling March Madness and the Health Care stories. Let's jump right in:
Google Pulls Out of China : Of course, this is the hottest story out there right now, with daily updates. The stakes are high on so many fronts, and all aspects of this story are being reported by many sources. Here are a few perspectives:
Newsweek described the situation as An Unstoppable Force Meeting an Immoveable Object .
Here's an excerpt: " Google's bottom line won't be greatly harmed in the short term, as only an estimated 1 to 2 percent of the company's revenues currently come from China. But if Google departs China for good, the losses are incalculable. With 400 million Web users and climbing, China is far from a fully tapped market . Baidu, Google's biggest Chinese rival, today has roughly 65 percent market share, and will now lengthen its lead even more."
The Washington Post focused early on the Google users who worried that they might lose an engine of progress . However, some reported that the Chinese Internet users would not care much.
Others are speculating on what comes next , which will likely be a pattern for many months to come.
Changing subjects, many people are talking about a CIO.com article which declares that we'll all be working for tech vendors one day (soon). While this is another take on outsourcing and the commoditization of IT, the topic is not new. (I said something similar over 18 months ago in an article on cloud computing.) And yet, it seems to be popular right now, so I encourage you to read the article.Lastly, the Wall Street Journal is reporting that the U.S. Aims to Bolster Overseas Fight Against Cybercrime (WSJ). Here's the first paragraph: The alleged Chinese cyber attacks on Google have spurred proposals at the State Department and on Capitol Hill to establish an ambassador-level cybersecurity post and to tie foreign aid to a country's ability to police cybercrime. Why cover three topics quickly like this? Mainly to give you a view into what I read over the past few days, but also to show how the world is a-changing - and technology is at the center. What are your thoughts on these headlines?
March 13, 2010 By Dan Lohrmann
I read a very interesting CNET article yesterday entitled, "Why no one cares about privacy anymore." I urge you to take five minutes and read it. If you have ten minutes more, continue on and read the comments.
Here's an interesting excerpt:
"Norms are changing, with confidentiality giving way to openness. Participating in YouTube, Loopt, FriendFeed, Flickr, and other elements of modern digital society means giving up some privacy, yet millions of people are willing to make that trade-off every day. Of people with an online profile, nearly 40 percent have disabled privacy settings so anyone may view it, according to a Pew Internet survey released a year ago. The percentage is probably higher today."
Or how about this intriguing interview with appeals court judge, senior lecturer and author Richard Posner: "As a social good, I think privacy is greatly overrated because privacy basically means concealment. People conceal things in order to fool other people about them. They want to appear healthier than they are, smarter, more honest and so forth." That isn't a defense of snooping as much as a warning of the flip side of privacy--concealing facts that are discreditable, including those that other people have a legitimate reason for knowing."
There is no doubt that many young people have different views on these topics than the baby boomers. One key question revolves around the defaults in "opting-in" versus "opting-out" of various privacy settings. Like so many other aspects of technology, anonymity can be used for good or for evil.
So why do I mention this now? There are thousands of implications to thought-provoking questions on privacy. We build laws around protecting medical records, family data and more, but what if people freely give away very personal information about themselves? How do we know where someone obtained personal information about someone else? Should we be building laws, rules and regulations for the most private person in society or the majority or multiple different systems for different viewpoints?
Yes, these are hard questions to answer. But as these articles and interviews point out, many leaders are forging forward without asking for permission. No doubt, they are pushing the envelope, asking for forgiveness when necessary, but not slowing down.
As a security and privacy advocate, I am in no way suggesting that we can ignore nor diminish the importance of protecting legally protected records. We all know that credit cards, social security numbers and medical records are legally protected. But we can also expect to see cases where medical records were freely shared by patients on social networking sites. Our challenge will be to deal with those who want to share and those who don't and to give them options - which is harder than a one size fits all.
As we write or modfiy our polices on social networks at work, protect our sensitive records, build cloud computing with new interfaces and engage our citizens in the 21st century, the definition of privacy will be constantly changing. Government technology professionals need to be aware of the various perspectives.
What are your thoughts on where privacy is going?
March 1, 2010 By Dan Lohrmann
Microsoft is warning that the extended support phase is ending for Windows 2000 (server and client), on July 13, 2010 . In addition, other products with lapsing service include: Windows XP Service Pack 2, Vista RTM, and Windows Server 2003.
Here's what GCN was reporting : " On Wednesday, a Microsoft lifecycle support blog post hinted at grim prospects for those who don't upgrade before that time. Simply put, the end of extended support for those products means that no more security updates will be delivered to patch vulnerabilities in those operating systems. Support articles will remain online, but just for a year.
Microsoft customers who can't upgrade when extended support ends have another option: They can request "custom support" from Microsoft, which will cost extra."
Yes, this is a big deal for many state and local governments. As anyone who suffered through the migration off of Windows NT will tell you, upgrading operating systems can become quite challenging for a long list of reasons. Applications need to be tested in the new environment, and there never seems to be enough time to get systems migrated. These projects required time, resources and priority.
So what if you stay put? The cost is very expensive to buy continued support on Windows 2000 after July 13, according to my sources. However, if you do nothing with your Windows 2000 servers, you will open up your enterprise to numerous malware threats and other problems.
Within the state of Michigan, we still have dozens of servers on Windows 2000, and we have kicked off a project to virtualize and upgrade these boxes. No doubt, the simpler thing to do is to just get off of older hardware; however, we are utilizing a variety of tools to help upgrade the OS at the same time. This project is sure to cause some unexpected challenges.
What are your plans for Windows 2000 servers? (Feel free to go ahead and brag if you're totally off of this OS.)
Building effective virtual government requires new ideas, innovative thinking and hard work. From federal stimulus projects to enterprise architectures to cloud computing, Dan Lohrmann will discuss what's hot and what's not in the world of technology infrastructure.