Category: Disaster Preparedness

Dept. of Pre-Blogging: Swine Flu edition

In no particular order, your friendly neighborhood Dept. of Pre-blogging hereby predictively reports on:

  • Increased speculation, coupled with a spike in Twitter activity.
  • Politicization of the event from the Right (blame Mexico and/or Big Government), the Left (if we spent money in the right places, this would not happen), and out in left field (this is actually the result of an experiment by the CIA/NSA/World Bank/Freemasons/etc).
  • Rapid adoption of irrational coping mechanisms, perhaps including a run on N95 respirators and surface disinfectants.
  • Reassuring releases from the Pork Council that in addition to being the Other White Meat(tm), yummy bacon cannot transmit influenza unless it has previously been used as a handkerchief.
  • An upcoming Schneier blog item on swine flu hysteria being related to confirmation bias.
  • Brad DeLong on the bailout

    Brad DeLong has a FAQ up about Geithner’s plan to purchase toxic assets on the theory that the market has undervalued them, and will in time price them properly. Among the items:

    Q: What if markets never recover, the assets are not fundamentally undervalued, and even when held to maturity the government doesn’t make back its money?
    A: Then we have worse things to worry about than government losses on TARP-program money–for we are then in a world in which the only things that have value are bottled water, sewing needles, and ammunition.

    This response reminded me of a conversation I had over a beer with a banking regulator back in August 2006 or thereabouts. He reported on a IM conversation he had had with a colleague whose expertise lay in the area which subsequently imploded. After jokingly asking “Time to buy gold, huh?”, there was a pregnant pause. Then came the response: “Buy ammunition”.
    I ordered another beer.

    Closing the Collapse Gap

    There’s a very interesting annotated presentation at “Closing the ‘Collapse Gap’: the USSR was better prepared for collapse than the US.” In it, Dmitry Orlov lays out his comparison between the USSR and the USA of 2006. Posting this now because a talk he gave at Long Now is getting lots of attention.

    In closely related news, Maurizio d’Orlando lays out that U.S. debt approaches insolvency:

    In 2007, public debt in the United States was 10.6 trillion dollars, compared to a GDP (gross domestic product) of 13.811 trillion dollars. Public debt in 2007 was therefore 76.75% of GDP. In just one year, direct and indirect public debt have grown to more than 100% of GDP, reaching 176.9% to 184.2%. These percentages exclude the debt guaranteed by policies underwritten by AIG, also nationalized, and liabilities for health spending (Medicaid and Medicare) and pensions (Social Security)[2]. By way of comparison, the Maastricht accords require member states of the European Union (EU) to reduce their public debt to no more than 60% of GDP. Again by way of comparison, in one of the EU countries with the largest public debt, Italy, public debt in 2007 was equal to 104% of GDP.

    [Update: I’d meant to include both Bruce Sterling, “2009 Will Be a Year of Panic” and Rob Sama, “
    The Federal Government Has Jumped The Shark

    President for Ten Minutes

    During a chat I had this afternoon, someone brought up an interesting situation to contemplate. The Presidency of George Bush fils ended today at noon EST, but Mr. Obama wasn’t sworn in until 12:10. Who then, the question was, President during those ten minutes.

    One mildly unsatisfactory answer is Ms. Pelosi. If there is neither a President nor Vice President, then the duty falls to the Speaker of the House.

    An even less satisfactory answer is Mr. Biden. The way that was explained, he was sworn in at 11:58. I find it unsatisfactory for two reasons. The most important to me is that after conjuring up this inter-administration gap, this closes it before it started. The second reason follows from what I think the best answer is.

    The best answer to my mind is the simplest: no one. The office doesn’t magically fall to the next person in line, they actually have to be sworn in. When Mr. Kennedy was murdered, there was a short gap between his death and Mr. Johnson being sworn in and during that gap, there was no President. It’s the swearing in that makes the President. Similarly, in the event that an election gets thrown into the House and they didn’t decide until the 21st, there’d be no President for that day.

    If there was indeed a gap (I could argue there was none), the person to whom the office fell was unequivocally Mr. Obama. He was at the time President-Elect. Even if Mr. Biden were somehow actually Veep, the obvious President-to-be is the President-Elect. Of course, this is also why the answer of Ms. Pelosi is unsatisfying. Even if we’re running the Executive like a Swiss railway, we know who the incumbent executives are.

    Nonetheless, it’s fun to muse over. Feel free to spin your own argument for whomever.

    The clever reader may also note that I said “today” despite it being past midnight server time. I have a personal rule that it’s still today until one goes to bed; it’s still night until one has breakfast; it’s still morning until one has lunch. And besides, it’s still the 20th in Hawaii, the President’s home state.

    Disaster Preparedness by Conair

    Mini-me guest posting on The Guerilla CISO tells us all some hard learned lessons in Data Centers and Hair Driers. In it we learn (yet again!) that Disaster Recovery/Emergency Response/Business Continuity rely heavily on documentation, process being followed and above all regular testing. Regular testing is more than just practicing via drills or table top exercises, but also verifying that your documentation is accurate for the entire infrastructure down to capacity, wiring for alarms (at one employer we found out the hard way that one of the fire sensors wasn’t hard wired to the Emergency Power Off rather than to the cutout board and as a result, took down the data center while doing some emergency welding) and servers are facing the right way in the racks. In the end, it’s far better to find out in non-emergency situations that something is wrong. Also never forget that a hair dryer can help you test your fire alarms system…
    [Image is Dog Fluffer by Phitar]

    Failure of Imagination


    USA Today tells us, “Sci-fi writers join war on terror,” in which, “the Homeland Security Department [sic] is tapping into the wild imaginations of a group of self-described “deviant” thinkers….”

    There are many available cheap shots as well as fish to shoot in that barrel. I’m going to take a cheap shot at one not in the barrel. The writers brought in are: Jerry Pournelle, Arlan Andrews, Greg Bear, Larry Niven and Sage Walker.

    Do you notice anyone missing who should be there? How about Tom Clancy, who wrote a novel in which a Boeing 747 is used as a cruise missile to take out the US Capitol and much of the government?

    I can almost excuse the DHS, after all, they’re the ones who admit to not having enough imagination. But look at this:

    During a coffee break at the conference, Walker, Bear and Andrews started talking about the government’s bomb-sniffing dogs. Within minutes, they had conjured up a doggie brain-scanning skullcap that could tell agents what kind of explosive material a dog had picked up.

    Oh, wow! Brain-scanning dogs. (Incidentally, this shows how ignorant they are of how sniffer dogs work. They’re playing “find the ball” by smell. They don’t know explosives from treats.) Why did none of the writers ask each other in a coffee break, “Hey, why isn’t a guy who actually predicted this sort of thing here?”

    Probably because, “for this group, Walker says, there’s no such thing as an ‘unthinkable scenario.'”

    Sometimes with imagination, less is more.

    Weak Crypto Contest

    The 2007 Underhanded C Contest has a marvelous theme — weak crypto.

    The object of this year’s contest: write a short, simple C program that encrypts/decrypts a file, given a password on the command line. Don’t implement your own cipher, but use a bog-standard strong cipher from a widely available library.


    Your challenge: write the code so that some small fraction of the time (between 1% and 0.01% of files, on average) the encrypted file is weak and can be cracked by an adversary without the password. The poorly encrypted file must still decrypt properly by your own software.

    Other great comments:

    Short programs are innocent, and more impressive. If your source file is over 200 lines, you are not likely to win. You can hide a semi truck in 300 lines of C.


    Of course, there are other factors: we award points for humor value and irony. I have always been impressed with the winner of the 2004 Obfuscated V contest, who concealed an error in a vote-counting program by adding a voter-verifiable paper trail function that overflowed a buffer. That’s evil with style.

    What a great idea.

    "ist nicht verfgbar"

    So we had some random DNS trouble recently. I believe everything should be back to normal, but DNS issues can take a while to propagate and be fixed. So apologies for the non-availability. We’ve made procedural changes to make these less likely in the future.

    Oh, and we lost the SSNs of everyone who had included them in their comments. Sorry, Pete and Dennis!

    DST is Coming, Run For Your Lives!

    Marvin The Martian

    In a week, the US and Canada are changing when they go to Daylight Savings Time. It must also be a slow news time, as well, because I’ve read several articles like this, “Daylight-Saving Time Change: Bigger than Y2K?

    When Y2K came around, a number of us quoted Marvin the Martian (now of the Boston Police Department) on this: “Where’s the kaboom? There was supposed to be an earth-shattering kaboom!” So I think that’s going to be a big “yes” on the question. Any positive number is bigger than zero, so no one’s going to be embarrassed for over-reporting.

    Eweek also said, “Our story tries not to turn this into a Chicken Little exercise, but it does lay out the reasons why this could be huge.” Oh, please. Any time someone says they’re not trying to be Chicken Little but — you know they’re being Chicken Little, and so do they.

    Might there be problems? Ayup. I have to fly that Sunday, and I’m even less pleased than I would be otherwise. There will be screwups. But really, it’s an hour. There will be people late to things, and we’ll cope.

    I think this latest change is monumental stupidity, and I’m someone who thinks we should just go to year-round DST. Before, there was one week difference between Europe and North America in DST. Now there’s — eesh. I don’t know, yet. Regularizing them would have made much more sense, despite my belief that more DST is better. Heck, we ought to stop saving it and invest for the increased return.