Quotulatiousness

November 14, 2013

How the internet was “weaponized”

Filed under: Government, Technology, USA — Tags: , , , , , — Nicholas @ 07:45

In Wired, Nicholas Weaver looks back on the way the internet was converted from a passive network infrastructure to a spy agency wonderland:

According to revelations about the QUANTUM program, the NSA can “shoot” (their words) an exploit at any target it desires as his or her traffic passes across the backbone. It appears that the NSA and GCHQ were the first to turn the internet backbone into a weapon; absent Snowdens of their own, other countries may do the same and then say, “It wasn’t us. And even if it was, you started it.”

If the NSA can hack Petrobras, the Russians can justify attacking Exxon/Mobil. If GCHQ can hack Belgicom to enable covert wiretaps, France can do the same to AT&T. If the Canadians target the Brazilian Ministry of Mines and Energy, the Chinese can target the U.S. Department of the Interior. We now live in a world where, if we are lucky, our attackers may be every country our traffic passes through except our own.

Which means the rest of us — and especially any company or individual whose operations are economically or politically significant — are now targets. All cleartext traffic is not just information being sent from sender to receiver, but is a possible attack vector.

[…]

The only self defense from all of the above is universal encryption. Universal encryption is difficult and expensive, but unfortunately necessary.

Encryption doesn’t just keep our traffic safe from eavesdroppers, it protects us from attack. DNSSEC validation protects DNS from tampering, while SSL armors both email and web traffic.

There are many engineering and logistic difficulties involved in encrypting all traffic on the internet, but its one we must overcome if we are to defend ourselves from the entities that have weaponized the backbone.

November 12, 2013

Useful answer sheet for new technology effects

Filed under: Humour, Media, Technology — Tags: — Nicholas @ 09:06

Every time a new technological gizmo comes along, there are some questions which immediately start to be asked (usually by non-tech-savvy journalists). Here’s the XKCD summary sheet of simple answers for technology questions:

Simple Answers

November 11, 2013

The newest menace of the waterways – private submarines

Filed under: Australia, Business, Technology — Tags: , — Nicholas @ 12:24

Keeping up with the Joneses has always been a popular hobby among the nouveau riche, and topping the neighbours’ fancy car is only the start of it for some people. If your particular Jones just bought a lovely new pleasure boat, here’s a possible riposte — the Seabreacher J:

Seabreacher J

The Seabreacher J was designed and engineered exclusively for the recreational boating market. This model incorporates a jet drive for increased safety and better surface performance. The J model is able to be registered as a conventional powerboat. It is powered by a Rotax engine which is available in 155hp or 215hp supercharged variants. The engine and jet drive can be easily maintained at any personal watercraft dealership, making it a very basic watercraft to own and operate. The Seabreacher J combines the thrill of flying a submersible watercraft with the practicality and dependability of a conventional personal watercraft. The J model can be custom built with a host of available options that can personalize your Seabreacher to your desires.

The Seabreacher J isn’t a true submarine, but it’s priced for a larger market. To see what they look like in use, a quick Google Image Search turns up lots of “action shots”. True submersibles are also available for more wealthy customers, as Strategy Page explains:

Since the 1990s there have been a lot of recreational submarines. Luxury boat builders have even built submarine yachts. Submarine construction technology has come a long way in the past century, and it’s possible to build these boats at an affordable ($10-200 million) cost. They are safe and there are over a hundred of them out there.

A few companies have gained a lot of experience building subs for non-military underwater operations (academic research, oil exploration), which has created a body of information and cadre of technicians who can build these recreational subs. One of the largest civilian submarine yards is in Dubai, where dozens have been built so far and construction continues. Another large operation in the U.S. has built most of the scientific subs over the last two decades.

The submersible pleasure craft look like streamlined yachts while on the surface. The upper deck, including the bridge, is outside the pressure hull. When submerging, everyone goes below and the upper deck gets flooded. If you get close to one of these yachts it becomes obvious that they are built to dive. Military subs are still not used to encountering this civilian traffic underwater. The military boats have the right of way, but military boats are now warned to exercise extra care when approaching coastal areas used by civilian subs.

Owners of these luxury subs tend to be secretive, and the builders have agreed to some government oversight, especially to make sure militarized subs, that can carry torpedoes or mines, are not built. But there is no law against anyone owning one of these submarines, and it’s feared that it’s only a matter of time before drug dealers, gun runners, or even terrorists, get their hands on some of them. Some police officials believe this has already happened, but no one is saying much. The civilian subs don’t dive as deep as military subs and are not built for combat. They have staterooms and large windows. But they do have carrying capacity, and that could be put to criminal uses. Already, Colombian gangs have been caught trying to build subs, using Russian advisors initially and later just employing the same tech used for recreational subs. Over a hundred submersibles (a sub that travels just below the surface) have been caught carrying cocaine. The age of privately owned subs is here.

November 9, 2013

Barack Obama on the difference between private enterprise and government

Filed under: Bureaucracy, Business, Government, Technology, USA — Tags: , , , — Nicholas @ 11:43

Ann Althouse finds it amazing that President Obama clearly understands why his campaign website was so effective and why the Obamacare website fails on so many levels, but can’t generalize that knowledge to the whole public/private sphere:

In yesterday’s interview with Chuck Todd, Obama said:

    You know, one of the lessons — learned from this whole process on the website — is that probably the biggest gap between the private sector and the federal government is when it comes to I.T. …

    Well, the reason is is that when it comes to my campaign, I’m not constrained by a bunch of federal procurement rules, right?

That is, many have pointed out that his campaign website was really good, so why didn’t that mean that he’d be good at setting up a health insurance website? The answer is that the government is bad because the government is hampered by… government!

    And how we write — specifications and — and how the — the whole things gets built out. So part of what I’m gonna be looking at is how do we across the board, across the federal government, leap into the 21st century.

I love the combination of: 1. Barely able to articulate what the hell happens inside these computer systems, and 2. Wanting to leap!

    Because when it comes to medical records for veterans, it’s still done in paper. Medicaid is still largely done on paper.

    When we buy I.T. services generally, it is so bureaucratic and so cumbersome that a whole bunch of it doesn’t work or it ends up being way over cost.

This should have made him sympathetic to the way government burdens private enterprise, but he’s focused on liberating government to take over more of what has been done privately. And yet there’s no plan, no idea about what would suddenly enable government to displace private businesses competing to offer a product people want to buy.

November 6, 2013

Taiwan suffers espionage leak

Filed under: China, Military, Technology, USA — Tags: , , , , — Nicholas @ 09:17

Strategy Page on the most recent intelligence coup by the Chinese military:

Taiwan recently admitted that it had suffered some serious damage when it discovered that one of its air force officers (identified only as “Major Hao”) sold many technical details of the new E-2K AWACS (Airborne Warning and Control System) aircraft to China. Hao did it for money, and Taiwanese counterintelligence found over a dozen other Chinese intel operatives during the investigation that uncovered the E-2K leaks. Since the E-2K contains mostly American technology and is based on the E-2C use on American aircraft carriers, this intelligence disaster is going to cost America a lot as well. Since China now knows the details of how the E-2 electronics work, they can develop better ways to deceive and disrupt E-2 operations.

Earlier this year Taiwan received the last two of four E-2K aircraft from the U.S., where they have been sent for upgrading to the E-2C 2000 standard. The first two E-2Ks were sent in 2009. The upgrade cost about $63 million per aircraft. Taiwan bought two E-2Ks new in 2006 as well.

The Taiwanese E-2K is very similar to the American E-2C, which is being replaced with a newer model. In 2010 the U.S. Navy received its first E-2D aircraft. This is the latest version of the E-2 Hawkeye radar aircraft that was originally introduced in 1964. The two engine, 24 ton E-2 was never produced in large quantities (fewer than a hundred are in use). Six years ago the E-2 fleet reached a milestone of a million flight hours.

[…]

The U.S. usually does not export the latest versions of electronic equipment. Thus the Taiwan leak means the older American E-2C is compromised but not (to a great extent) the most recent E-2D model. But the Taiwanese are justifiably afraid that there will be even more reluctance by the United States to sell Taiwan the latest versions of anything because of the successful Chinese espionage efforts in Taiwan. Then again, maybe not. That’s because that espionage works both ways. The Taiwanese have been very successful using the same tactics (offering cash or using blackmail and other threats) against the Chinese. While the American and Taiwanese tech is more valuable (because it is more advanced) it’s useful to know the details of the best stuff the Chinese have.

November 4, 2013

QotD: Software quality assurance

Filed under: Business, Government, Quotations, Technology — Tags: , , , — Nicholas @ 10:13

The fundamental purpose of testing—and, for that matter, of all software quality assurance (QA) deliverables and processes — is to tell you just what you’ve built and whether it does what you think it should do. This is essential, because you can’t inspect a software program the same way you can inspect a house or a car. You can’t touch it, you can’t walk around it, you can’t open the hood or the bedroom door to see what’s inside, you can’t take it out for spin. There are very few tangible or visible clues to the completeness and reliability of a software system — and so we have to rely on QA activities to tell us how well built the system is.

Furthermore, almost any software system developed nowadays for production is vastly more complex than a house or car — it’s more on the same order of complexity of a large petrochemical processing and storage facility, with thousands of possible interconnections, states, and processes. We would be (rightly) terrified if, say, Exxon build such a sprawling oil refining complex near our neighborhood and then started up production having only done a bare minimum of inspection, testing, and trial operations before, during and after construction, offering the explanation that they would wait until after the plant went into production and then handle problems as they crop up. Yet too often that’s just how large software development projects are run, even though the system in development may well be more complex (in terms of connections, processes, and possible states) than such a petrochemical factory. And while most inadequately tested software systems won’t spew pollutants, poison the neighborhood, catch fire, or explode, they can cripple corporate operations, lose vast sums of money, spark shareholder lawsuits, and open the corporation’s directors and officers to civil and even criminal liability (particularly with the advent of Sarbanes-Oxley).

And that presumes that the system can actually go into production. The software engineering literature and the trade press are replete with well-documented case studies of “software runaways”: large IT re-engineering or development projects that consume tens or hundreds of millions of dollars, or in a few spectacular (government) cases, billions of dollars, over a period of years, before grinding to a halt and being terminated without ever having put a usable, working system into production. So it’s important not to skimp on testing and the other QA-related activities.

Bruce F. Webster, “Obamacare and the Testing Gap”, And Still I Persist…, 2013-10-31

Living in a Surveillance State: Mikko Hypponen at TEDxBrussels

Filed under: Liberty, Technology, USA — Tags: , , , , — Nicholas @ 00:01

November 1, 2013

Let’s hope badBIOS is an elaborate Halloween hoax

Filed under: Technology — Tags: , , , , , — Nicholas @ 08:05

Dan Goodin posted a scary Halloween tale at Ars Technica yesterday … at least, I’m hoping it’s just a scary story for the season:

In the intervening three years, Ruiu said, the infections have persisted, almost like a strain of bacteria that’s able to survive extreme antibiotic therapies. Within hours or weeks of wiping an infected computer clean, the odd behavior would return. The most visible sign of contamination is a machine’s inability to boot off a CD, but other, more subtle behaviors can be observed when using tools such as Process Monitor, which is designed for troubleshooting and forensic investigations.

Another intriguing characteristic: in addition to jumping “airgaps” designed to isolate infected or sensitive machines from all other networked computers, the malware seems to have self-healing capabilities.

“We had an air-gapped computer that just had its [firmware] BIOS reflashed, a fresh disk drive installed, and zero data on it, installed from a Windows system CD,” Ruiu said. “At one point, we were editing some of the components and our registry editor got disabled. It was like: wait a minute, how can that happen? How can the machine react and attack the software that we’re using to attack it? This is an air-gapped machine and all of a sudden the search function in the registry editor stopped working when we were using it to search for their keys.”

Over the past two weeks, Ruiu has taken to Twitter, Facebook, and Google Plus to document his investigative odyssey and share a theory that has captured the attention of some of the world’s foremost security experts. The malware, Ruiu believes, is transmitted though USB drives to infect the lowest levels of computer hardware. With the ability to target a computer’s Basic Input/Output System (BIOS), Unified Extensible Firmware Interface (UEFI), and possibly other firmware standards, the malware can attack a wide variety of platforms, escape common forms of detection, and survive most attempts to eradicate it.

But the story gets stranger still. In posts here, here, and here, Ruiu posited another theory that sounds like something from the screenplay of a post-apocalyptic movie: “badBIOS,” as Ruiu dubbed the malware, has the ability to use high-frequency transmissions passed between computer speakers and microphones to bridge airgaps.

October 31, 2013

A garage of historical significance

Filed under: History, Technology, USA — Tags: , , — Nicholas @ 08:28

In The Register, a remarkably blasé report on the designation of the house where Jobs and Wozniak created the first Apple computers:

The house where Steve Jobs built his first computers has been added to a list of historic buildings in Los Altos.

The Los Altos Historical Commission voted unanimously to add the home at 2066 Crist Drive as a historic resources, since its hallowed garage was where Jobs made his first computers and co-founded Apple, the San Jose Mercury News reported.

The commission’s report said that it had been reviewing the property for potential designation for the past two years due to its “association with an event and an individual of historic significance”.

From other discussion on the topic, this will require the current owner of the property (Patricia Jobs, the sister of the late Steve Jobs) to get the commission’s advance permission to do any kind of work on the house … including ordinary maintenance. No funds from the municipality go along with this designation: once your house has been so designated, you no longer exercise full rights of ownership, but you still are required to pay for any work the commission deems necessary or desirable. Ms Jobs apparently still has a right to appeal, but I don’t know what her chances of success might be.

The drug-running submarine squadron

Filed under: Americas, Law, Technology — Tags: , , , — Nicholas @ 07:25

Strategy Page reports that the set of almost-complete submarines built by a drug cartel in Colombia were much more sophisticated and capable than first thought:

The leader (Mauner Mahecha) of the project was a guy in his early 30s with no boat building experience but excellent organizational and leadership skills.

Mahecha had a huge budget and used it to find and hire men with the needed skills or experience with submarines. Mahecha also quickly recruited additional specialists as needed and obtained whatever materials the builders called for. His project built three submarines, and the project was shut down because one of the men recruited (an experienced engine mechanic working for the Colombian Navy) managed to tip off the Colombian Navy intelligence and then the U.S. about the project.

[…]

The Mahecha submarines, when closely examined by experts, turned out to be more sophisticated than first thought. The outer hull was made out of strong, lightweight, Kevlar/carbon fiber that was sturdy enough to keep the sub intact but very difficult to detect with most sensors. The hull could not survive deep dives but this boat didn’t have to go deep to get the job done. The diesel-electric power supply (up to two-hundred and forty-nine lead-acid batteries), diving and surfacing system, and navigational systems of captured subs were all in working order. Those who built these boats apparently borrowed much from recreational subs. The sub builders also had impressive knowledge of the latest materials used to build exotic boats.

The three fiberglass/Kevlar submarines were obviously built to transport cocaine to North America and the existence of a building effort had been detected by intel agencies. For several years before the submarine boat yard was discovered the U.S. Navy, in cooperation with some Central and South American navies, have been looking for these subs, at sea and on land. While these submarines didn’t run very deep (less than twenty meters/sixty-two feet), they are invisible to most sensors when completely submerged. These subs were designed to run on batteries for up to eighteen hours, before having to surface and recharge. When they are at sea, they usually operate their diesel engines. These are noisy. Sonar can pick up this noise over a long distance. By capturing these subs it was possible to run the engines and get a sound profile of this type of boat and equip American sonar systems with this data. These subs had a range (on internal fuel) of about twelve-thousand kilometers. Thus, the boat could get from Colombia to southern California and back. These drug gangs spent over two million on each of these subs.

The most potent weapon the U.S. Navy has against these tiny (less than thirty-four meters/one-hundred foot long) subs is heat sensors, but even that may have had limited effectiveness. That’s because one of the subs captured had a snorkel type device (a tall structure extending from the conning tower, which contained pipes allowing diesel exhaust to escape and fresh air to be brought into the submerged boat.) It’s this heat that airborne sensors can detect. All surface (or semi-submerged) ships at sea display this kind of “heat signature”, and capturing working examples of these cocaine smuggling subs makes it possible to get a better idea of what the airborne heat sensors should be looking for. A snorkel, however, puts out less heat that a sub running on the surface would and is harder to detect. When running on batteries there is no heat to detect.

October 29, 2013

What happens when you challenge hackers to investigate you?

Filed under: Law, Technology — Tags: , , , , — Nicholas @ 09:13

Adam Penenberg had himself investigated in the late 1990s and wrote that up for Forbes. This time around, he asked Nick Percoco to do the same thing, and was quite weirded out by the experience:

It’s my first class of the semester at New York University. I’m discussing the evils of plagiarism and falsifying sources with 11 graduate journalism students when, without warning, my computer freezes. I fruitlessly tap on the keyboard as my laptop takes on a life of its own and reboots. Seconds later the screen flashes a message. To receive the four-digit code I need to unlock it I’ll have to dial a number with a 312 area code. Then my iPhone, set on vibrate and sitting idly on the table, beeps madly.

I’m being hacked — and only have myself to blame.

Two months earlier I challenged Nicholas Percoco, senior vice president of SpiderLabs, the advanced research and ethical hacking team at Trustwave, to perform a personal “pen-test,” industry-speak for “penetration test.” The idea grew out of a cover story I wrote for Forbes some 14 years earlier, when I retained a private detective to investigate me, starting with just my byline. In a week he pulled up an astonishing amount of information, everything from my social security number and mother’s maiden name to long distance phone records, including who I called and for how long, my rent, bank accounts, stock holdings, and utility bills.

[…]

A decade and a half later, and given the recent Edward Snowden-fueled brouhaha over the National Security Agency’s snooping on Americans, I wondered how much had changed. Today, about 250 million Americans are on the Internet, and spend an average of 23 hours a week online and texting, with 27 percent of that engaged in social media. Like most people, I’m on the Internet, in some fashion, most of my waking hours, if not through a computer then via a tablet or smart phone.

With so much of my life reduced to microscopic bits and bytes bouncing around in a netherworld of digital data, how much could Nick Percoco and a determined team of hackers find out about me? Worse, how much damage could they potentially cause?

What I learned is that virtually all of us are vulnerable to electronic eavesdropping and are easy hack targets. Most of us have adopted the credo “security by obscurity,” but all it takes is a person or persons with enough patience and know-how to pierce anyone’s privacy — and, if they choose, to wreak havoc on your finances and destroy your reputation.

H/T to Terry Teachout for the link.

Obamacare’s technical issues

Filed under: Government, Technology, USA — Tags: , , , — Nicholas @ 07:48

A comment at Marginal Revolution deservedly has been promoted to being a guest post, discussing the scale of the problems with the Obamacare software:

The real problems are with the back end of the software. When you try to get a quote for health insurance, the system has to connect to computers at the IRS, the VA, Medicaid/CHIP, various state agencies, Treasury, and HHS. They also have to connect to all the health plan carriers to get pre-subsidy pricing. All of these queries receive data that is then fed into the online calculator to give you a price. If any of these queries fails, the whole transaction fails.

Most of these systems are old legacy systems with their own unique data formats. Some have been around since the 1960′s, and the people who wrote the code that runs on them are long gone. If one of these old crappy systems takes too long to respond, the transaction times out.

[…]

When you even contemplate bringing an old legacy system into a large-scale web project, you should do load testing on that system as part of the feasibility process before you ever write a line of production code, because if those old servers can’t handle the load, your whole project is dead in the water if you are forced to rely on them. There are no easy fixes for the fact that a 30 year old mainframe can not handle thousands of simultaneous queries. And upgrading all the back-end systems is a bigger job than the web site itself. Some of those systems are still there because attempts to upgrade them failed in the past. Too much legacy software, too many other co-reliant systems, etc. So if they aren’t going to handle the job, you need a completely different design for your public portal.

A lot of focus has been on the front-end code, because that’s the code that we can inspect, and it’s the code that lots of amateur web programmers are familiar with, so everyone’s got an opinion. And sure, it’s horribly written in many places. But in systems like this the problems that keep you up at night are almost always in the back-end integration.

The root problem was horrific management. The end result is a system built incorrectly and shipped without doing the kind of testing that sound engineering practices call for. These aren’t ‘mistakes’, they are the result of gross negligence, ignorance, and the violation of engineering best practices at just about every step of the way.

October 28, 2013

Nothing fails as big as Big Government

Filed under: Bureaucracy, Government, Technology, USA — Tags: , , , — Nicholas @ 09:05

In USA Today, Glenn Reynolds points out that even Obama detractors can’t say he didn’t do a good job in his last election campaign, but that the size and structure of government prevent him from being as successful with Obamacare:

Unlike Norris Dam, [opened within three years of the TVA Act passing congress] the Olmsted Dam and Locks on the Ohio River were authorized by Congress in 1988, but a quarter-century later the project is only half-done. It has also overrun its budget by a factor of four.

Meanwhile, most of the interesting stuff being done in outer space are being done by private companies. (In fact, President Obama’s space policy approach, which emphasizes private enterprise, is one of his greatest policy successes.)

As it’s gotten bigger the federal government appears to have gotten less competent. Apollo was a success on its own terms, but the big government policies that followed — the War On Poverty, the War On Drugs, the War On Cancer — have all been pretty much failures, sometimes disastrous ones.

Even Obama himself is evidence of this problem. His 2012 presidential campaign was famous for its mastery of technology, building up an electronic campaign infrastructure in just a few months that helped him win the election. But, of course, it wasn’t a government operation. Obama without the government — a technological success. Obama within the government — a technological embarrassment. The difference between success and failure here, as even Obama-haters will have to admit, wasn’t Obama. It’s more likely that a political campaign has clear goals, and lots of freedom to improvise, while a federal program is much more encumbered by law and bureaucracy.

Whatever the cause, it remains indisputable that the federal government isn’t very good at delivering on big projects. The obvious response is to not entrust the federal government with big projects on which it can’t deliver. Instead, they should be left to those who can.

Mark Steyn on the Obamacare software

Filed under: Bureaucracy, Cancon, Government, Technology — Tags: , , , — Nicholas @ 07:22

Mark Steyn’s weekend column touched on some items of interest to aficionados of past government software fiascos:

The witness who coughed up the intriguing tidbit about Obamacare’s exemption from privacy protections was one Cheryl Campbell of something called CGI. This rang a vague bell with me. CGI is not a creative free spirit from Jersey City with an impressive mastery of Twitter, but a Canadian corporate behemoth. Indeed, CGI is so Canadian their name is French: Conseillers en Gestion et Informatique. Their most famous government project was for the Canadian Firearms Registry. The registry was estimated to cost in total $119 million, which would be offset by $117 million in fees. That’s a net cost of $2 million. Instead, by 2004 the CBC (Canada’s PBS) was reporting costs of some $2 billion — or a thousand times more expensive.

Yeah, yeah, I know, we’ve all had bathroom remodelers like that. But in this case the database had to register some 7 million long guns belonging to some two-and-a-half to three million Canadians. That works out to almost $300 per gun — or somewhat higher than the original estimate for processing a firearm registration of $4.60. Of those $300 gun registrations, Canada’s auditor general reported to parliament that much of the information was either duplicated or wrong in respect to basic information such as names and addresses.

Sound familiar?

Also, there was a 1-800 number, but it wasn’t any use.

Sound familiar?

So it was decided that the sclerotic database needed to be improved.

Sound familiar?

But it proved impossible to “improve” CFIS (the Canadian Firearms Information System). So CGI was hired to create an entirely new CFIS II, which would operate alongside CFIS I until the old system could be scrapped. CFIS II was supposed to go operational on January 9, 2003, but the January date got postponed to June, and 2003 to 2004, and $81 million was thrown at it before a new Conservative government scrapped the fiasco in 2007. Last year, the government of Ontario canceled another CGI registry that never saw the light of day — just for one disease, diabetes, and costing a mere $46 million.

But there’s always America! “We continue to view U.S. federal government as a significant growth opportunity,” declared CGI’s chief exec, in what would also make a fine epitaph for the republic. Pizza and Mountain Dew isn’t very Montreal, and on the evidence of three years of missed deadlines in Ontario and the four-year overrun on the firearms database CGI don’t sound like they’re pulling that many all-nighters. Was the government of the United States aware that CGI had been fired by the government of Canada and the government of Ontario (and the government of New Brunswick)? Nobody’s saying. But I doubt it would make much difference.

October 25, 2013

The glamour of big IT projects

Filed under: Government, Technology, USA — Tags: , , , , — Nicholas @ 00:02

Virginia Postrel on the hubris of the Obamacare project team:

The HealthCare.gov website is a disaster — symbolic to Obamacare opponents, disheartening to supporters, and incredibly frustrating to people who just need to buy insurance. Some computer experts are saying the only way to save the system is to scrap the current bloated code and start over.

Looking back, it seems crazy that neither the Barack Obama administration nor the public was prepared for the startup difficulties. There’s no shortage of database experts willing to opine on the complexities of the problem. Plenty of companies have nightmarish stories to tell about much simpler software projects. And reporting by the New York Times finds that the people involved with the system knew months ago that it was in serious trouble. “We foresee a train wreck,” one said back in February.

So why didn’t the administration realize that integrating a bunch of incompatible government databases into a seamless system with an interface just about anyone could understand was a really, really hard problem? Why was even the president seemingly taken by surprise when the system didn’t work like it might in the movies?

We have become seduced by computer glamour.

Whether it’s a television detective instantly checking a database of fingerprints or the ease of Amazon.com’s “1-Click” button, we imagine that software is a kind of magic — all the more so if it’s software we’ve never actually experienced. We expect it to be effortless. We don’t think about how it got there or what its limitations might be. Instead of imagining future technologies as works in progress, improving over time, we picture them as perfect from day one.

« Newer PostsOlder Posts »

Powered by WordPress