Update on ABN Amro (Lasalle Bank) tape

Lasalle Bank’s tape of mortgage-related information on 2 million customers has been found by DHL. (Thanks to Adam for the heads-up)
No word on whether the tape was in a container which would show evidence of tampering, so this doesn’t foreclose (pardon the pun) the possibility of PII being stolen:

[…]the tape had been located and returned to the company’s Chicago data center from the same DHL facility where it was lost last month. DHL informed the company the package was found without the original airbill.
ABN Amro Mortgage said it had no evidence of misuse of data from the tape but would continue to investigate the incident.
ABN Amro Mortgage Group said it was extending a 90-day free credit monitoring program for customers to one year.

Even More on the $100 Laptop

I’ve discussed the $100 laptop in “Freedom To Tinker, Freedom to Learn,” and “More on ‘Freedom To Tinker, Freedom to Learn’.” In “Tech Delusions and The Trouble with Christmas,” Kerry Howley discusses many reasons why this is a bad idea:

For now, OLPC plans to sell only to governments of poor countries, not individuals here or anywhere else. (The minimum order for the stripped down computer is a hefty 1 million machines.) The laptops will thus be sold at $100 a pop to cash-strapped governments and distributed for free, which is as top-down a way to deliver the internet to kids as has ever been proposed.

I was curious: How does that $100 million compare to the wealth of nations? It turns out that, the CIA World Factbook has the data, and for ten nations, it exceeds their GDP:
Falkland Islands,
Wallis and Futuna,
St Pierre and Miquelon,
Saint Helena,
and Tokelau.

There’s always been a special place in the cypherpunk heart for island nations, subsisting on regulatory arbitrage and exporting financial privacy. I just had a great time learning about these. Other interesting links for these nations include the Lonely Planet guidebook online, and the World Factbook.

Getting back to the point, these nations also couldn’t reasonably order a million laptops between them, because they might have 200,000 residents all told. A full half of whom are in Kiribati. Perhaps more interestingly, for another 30, including Liechtenstein, Grenada, Dominica, and East Timor, $100 million would exceed 10% of their annual GDP.

Emergent Properties of the Long Tail

Chris Anderson warms the cockles of our heart as he discusses the psychological acceptability of “The Probabilistic Age:”

When professionals–editors, academics, journalists–are running the show, we at least know that it’s someone’s job to look out for such things as accuracy. But now we’re depending more and more on systems where nobody’s in charge; the intelligence is simply emergent. These probabilistic systems aren’t perfect, but they are statistically optimized to excel over time and large numbers. They’re designed to scale, and to improve with size. And a little slop at the microscale is the price of such efficiency at the macroscale.

He’s right. Emergent systems are hard to accept. Even when they’re derived from human success, it is often a series of mistakes and lucky accidents that enable them. Nick Szabo bemoans this point in his discussion of “The Origins of Value:”

Nor are contributions to corporate law of the Catholic Church, municipalities, and guilds in the Middle Ages (not to mention Western law schools, which first appeared then), long before Dutch East India Company, mentioned. Indeed, most of the important legal issues that must be solved to make modern capital markets possible are just not addressed, despite the vast documentary record of legal codes and decisions from Babylon, Rome, medieval Europe, and other places where such legal breakthroughs were made.

It’s hard to see the set of precursors and enablers that make these systems work. (Neal Stephenson makes this point as well, with the last of the challenges that Little Nell goes through in The Diamond Age.) So Chris Anderson’s work in examining why that’s hard is quite important stuff.

Software Usability Thoughts: Some Advice For Movable Type

I’d like to talk a bit about usability as it intersects with software design. I’m motivated by three things:

  • Firstly, my own attempts to be comprehensible and understandable, not only in this blog, but also in software whose design I participate in. Years ago, Steve Karkula provided me the phrase “design from interface” while doing due diligence on Netect. It’s quite powerful, both as an approach, and as wordsmithing to describe the approach. Start with customer stories, and design an interface that helps them accomplish goals. Everything else, everything else, everything else flows from that: Technical architecture, database design, market approach. Screen mock-ups become a powerful tool for interacting with prospects, and communicating stories about the intended software product. (I’d love to be able to talk more about some of the recent ways I’ve used this.)
  • Secondly, I’m motivated by Tim Bray’s post “Adium is the Future.” His discussion starts with beauty, which is deeply true. A new bit of personal software has maybe 15 seconds to live up to the promise that causes you to try it. If the promise is sufficient, you might work through ugliness. Attention to beauty is a declaration that the creators care enough to sweat the details.
  • Finally, I’m motivated by a job description sent to me by the lovely and talented Lisa, who helps with the technical end of wrangling the Movable Type software that acts as a facilitator for bringing our thoughts to you. As part of that, Lisa also listens to me rant about usability issues with a focus usually reserved for co-workers and customers. She sent me a link to Six Apart’s User Interface Positions. In reading the job description, this is very clearly an engineering job, not a design job.

Now, its entirely possible that Six Apart has employees already who will address what I’m about to say, and that they anticipate the need for multiple engineers who will implement something like what I’m about to talk about. Now, let me say that the only reason that I don’t go and either take these jobs, or hit someone with a crowbar is that between MarsEdit and Lisa, I rarely need to interact with the Movable Type UI.

The remainder of this post is an extended critique of a single screen of that user interface. If you design software, or think about its use, you may well get something out of it.

Continue reading

I'll have to check with my manager

If you watch “The Simpsons”, you’ve probably seen “Puberty Boy“, the pimply-faced kid who appears in many episodes in a variety of menial jobs.
Well, it looks like he may be working for the NSA:

Q If FISA didn’t work, why didn’t you seek a new statute that allowed something like this legally?
ATTORNEY GENERAL GONZALES: That question was asked earlier. We’ve had discussions with members of Congress, certain members of Congress, about whether or not we could get an amendment to FISA, and we were advised that that was not likely to be — that was not something we could likely get, certainly not without jeopardizing the existence of the program, and therefore, killing the program. And that — and so a decision was made that because we felt that the authorities were there, that we should continue moving forward with this program.
Q And who determined that these targets were al Qaeda? Did you wiretap them?
GENERAL HAYDEN: The judgment is made by the operational work force at the National Security Agency using the information available to them at the time, and the standard that they apply — and it’s a two-person standard that must be signed off by a shift supervisor, and carefully recorded as to what created the operational imperative to cover any target, but particularly with regard to those inside the United States.
Q So a shift supervisor is now making decisions that a FISA judge would normally make? I just want to make sure I understand. Is that what you’re saying?

Source: The White House
Did you catch that? We didn’t try to get the law changed because certain people in Congress told us we’d fail. Oh, and this is no biggie because a shift supervisor plays the role of a federal magistrate. Comedy gold!

Legal Analysis of the Wiretaps

One of the really cool things about blogs is that very smart, knowledgeable people can offer up their opinions on topics of the moment. In this case, it’s Orin Kerr and Daniel Solove offering up extended legal analyses of the wiretaps. (Well, extended from the lay perspective, anyway.) Professor Kerr has posted “Legal Analysis of the NSA Domestic Surveillance Program” and Professor Solove, “Beyond His Power: Bush’s Authorization of Warrantless NSA Surveillance.”

Solove compares them by saying “[Kerr’s] post is a lot longer and more detailed than mine (which is quite long itself), so read mine for a broader overview and Orin’s for the treatise-length account.”

Snarfer RSS Reader

Some friends have just launched Snarfer, a new Windows RSS reader, designed to be fast, efficient, and easy to use. Check it out!

If you’re not familiar with RSS Really Simple Syndication, it’s a way to bring lots of content, like blogs, into one place. If I didn’t have NetNewsWire (a Mac client) I couldn’t keep up with a third as much data. So even if you’re already using an RSS reader, why not give Snarfer a try?

OSVDB Needs Programmers

The Open Source Vulnerability DataBase (OSVDB) is in need of additional programmers. If you’re not familiar with it because you’ve been hiding in a cave somewhere, OSVDB is a tremendous project that dramatically enhances the quality and availability of vulnerability information. Today, they posted a teaser, “OSVDB is Closing:”

That said, OSVDB could substantially benefit from one or two developers before any such closing. Ideally we need a couple folks with solid PHP coding experience, PostgreSQL database manipulation, and the willingness / desire / time to work on the project. We can promise you fortune and fame! Ok not really. What we can offer you…

I should disclose that some of the projects they’re talking about are things that I’ve been discussing with Jericho, and so I’m eager for them to find great talent that will advance those projects.