Unfortunately, most of the responses (and the ones favored by the Obama administration) are focused on paying insanely large amounts of money to private contractors to create and deploy complex technological solutions in hopes of addressing the threat.

What advocates of this approach fail to appreciate is that (A) most of the actual threat comes from uneducated human operators of the technology in question, and (B) deploying homogeneous, technologically complex solutions often makes us more vulnerable, not less.

Once you get past the flashy headlines and attention-grabbing introductory stories in these articles, meant to scare us into believing how real the threat is (basically, bloodthirsty hacker terrorists are trying to kill us all), each of them seems to come back to one of two recurring themes behind these threats.   Either a human being messed something up, or a piece of technology wasn't secure enough and is now being exploited.

For the first case, it's usually things like "so and so unknowingly downloaded a virus onto their USB flash drive and then plugged into a secure government network - things exploded!" or "an e-mail user clicked on a phishing scam link and had their password stolen."  For the second case, it's usually "Windows machines are insecure, and so they get taken over and absorbed into botnets, which can then wreak havoc through denial of service attacks" or "a security hole is found in a product made by a brand that everyone was supposed to trust, and so it's running EVERYWHERE and OMG we're all going to die."

But in throwing hundreds of millions of dollars at cyberwarfare defense we will most likely see only minimal resources devoted to end-user education and training to defend against social engineering, poor personal security practices, and the related actual vulnerabilities.  The funding will also not include programs to hold hardware and software vendors more accountable for selling more secure products and services to end users.  Instead, it will go toward funding secret surveillance and the further shifting control of the Internet into military hands.

With this approach, in the end we'll be back to where we are right now.  End-users will continue the insecure personal practices that lead to security breaches, and the continued homogenization of hardware and software will amplify the potential impact of every security hole discovered.   This is not helpful.

I recently took the IRS's advice and inquired into enrolling in "EFTPS" - Electronic Federal Tax Payment System.  (It's too bad they didn't call it something really cool like "Maximum Velocity Pay" or "Blue Tiger," but I guess EFTPS is at least accurate.)  The idea behind EFTPS is that it will save you time and simplify payment and filing of federal taxes.  So far, here's what the process has involved:

1. Receiving copious amounts of printed materials sent via postal mail encouraging us to sign up for EFTPS.  There was no obvious option for opting out of these mailings.
2. Visitng the EFTPS website and "enrolling," which meant typing in a bunch of information that the government already has on file and could have looked up using our Federal Tax ID number, which we also provided.
3. Receiving an "Enrollment Trace Number" that we had to write down as a second unique identifier in the process.
4. Waiting 10-15 days to receive a letter in the mail informing us that we've successfully enrolled in EFTPS, and noting that we'll receive a PIN in a separate mailing, for security purposes.
5. Receiving a PIN letter on the same day as the welcome letter, in identical mailing envelopes, so as to make it especially easy for someone trying to intercept the PIN.  And just noting: that's 10-15 days for them to automatically generate and mail out a 4 digit number.
6. The PIN letter says that we must now call a toll-free number to obtain an Internet password, which will require the Enrollment Trace Number and the PIN to generate.
7. I call the number and enter our Federal Tax ID, our enrollment trace number, and our PIN.  The system generates a temporary INITIAL password that we can use to log on to EFTPS for the first time.
8. As a part of the first login, I enter our Federal Tax ID, our PIN and our temporary password.  To generate a new password, I again enter our Federal Tax ID and our PIN, and then enter a new password.
9. Finally, we have access to EFTPS.

Sigh.  I hope I never have to see inside the brain of the person who thought up this process.  "If we just make it complicated enough with enough different numbers, no one will EVER be able to crack it!"  Of course, the end result is a sense that the government wasted taxpayer dollars creating and implementing an overly complex system.  Shocker, I know.

Why not a simpler version?  If being able to safely receive postal mail at the address on file for your business is the linchpin of communicating sensitive information securely (which is NOT a given), we could have done it this way:

1. Visit EFTPS website, enter Federal Tax ID.
2. Receive postal mailing with a sufficiently unguessable PIN
3. Visit EFTPS website, enter Federal Tax ID and PIN, pick a password, enrollment is complete.

That's at least one fewer postal mailings (and the paper and postage required), at least one less phone call (and all of the phone menu infrastructure required to support that call), and at least a few minutes saved on the part of EVERY SINGLE FEDERAL TAX PAYING BUSINESS IN THE U.S.

I think I'll suggest it to the IRS.  Via e-mail, subject line: "Proposal for Blue Tiger."

And then I'll probably go back to walking checks down to the bank.

Basically, the guy took an application ("pre-approved credit line - just sign here and return!"), cut it up into many pieces, reassembled it with tape, filled it out with a change of address and change of phone number, mailed it in, and got the approved, ready-to-use credit card back in the mail at the new address.

Most people probably don't tear those things up, let alone shred, incinerate and bury them like I prefer to.  And while I don't want anyone constantly living in fear that their identity will be stolen, there are some reasonable precautions to take.  After all, it's not paranoia if they're really after you.

1) Apparently, all you have to do to throw off the facial recognition software that protects us from identity theft or worse, is smile:

The Indiana Bureau of Motor Vehicles is restricting glasses, hats, scarves -- and even smiles -- in driver's license photographs. The new rules imposed last month were deemed necessary so that facial recognition software can spot fraudulent license applications, said BMV spokesman Dennis Rosebrough.

And then he had the gall to spin it as an improvement, since it would be horrible to admit that humans had done a better job:

The new technology represents an advancement of what the BMV already was doing, Rosebrough said. BMV employees always have looked at the old photo of a person to see if it looked like the person seeking a new license.

FAIL.

2) I was at a local video store yesterday, trying to rent a video using Anna Lisa's account. I gave the cashier her phone number and name, and he said he'd have to call her to verify that it was okay for me to rent on her account. When she didn't pick up, I offered to call her on my cell phone (in case she wasn't picking up the call from an unknown number), and the cashier said, "okay, yeah, just ask her if it's okay and then you can tell me what she said."

FAIL.

As his team prepares a final judgment on whether he can keep using e-mail, perhaps even in a read-only fashion, several authorities in presidential communication said they believed it was highly unlikely that he would be able to do so.

Diana Owen, who leads the American Studies program at Georgetown University, said presidents were not advised to use e-mail because of security risks and fear that messages could be intercepted.

“They could come up with some bulletproof way of protecting his e-mail and digital correspondence, but anything can be hacked,” said Ms. Owen, who has studied how presidents communicate in the Internet era. “The nature of the president’s job is that others can use e-mail for him.”

Surely there's some middle ground to keep a President as tech-savvy as Barack Obama from being forced off of e-mail altogether? I mean, this is the guy who announced his VP pick by SMS text message, for crying out loud.

Here are some scenarios to explore:

It's clear that the President could probably not have a public e-mail address that was directly addressable from any other e-mail account, and that was expected to be read by the President himself. It would be flooded hourly with requests, comments and threats from around the world, and instantly become useless as a form of effective correspondence.

The White House does already have a public e-mail address, comments@whitehouse.gov, but they make it clear that they probably won't respond, and that you can't even send graphics or attachments. (How the heck are we supposed to share funny photos of our cats, then!?) I suspect that they have some serious hardware and network capacity dedicated just to receiving and processing mail sent to that address - there's no way that much or any of it will make it's way to a laptop on the President's desk.

Here's one option: the President could have a private e-mail address that is directly addressable within the executive branch of the U.S. government, using a private domain (e.g. president@whitehouse.gov.private) and set of mail exchangers. This would allow Barack Obama to e-mail with other government officials who have established addresses, taking advantage of the utility of e-mail for more direct conversations and unfiltered access to information. Anyone wishing to reply to his messages could send e-mail like usual, and as long as they were on that private network, it would go through.

When the President wanted to send e-mail outside of this private network of addresses to a regular e-mail address, his message would be intercepted by a correspondence manager who could insure that the message was free of sensitive information, and that it would not be a source of embarrassment for anyone if delivered to the wrong hands.

Here's a hard part: should that recipient with a regular e-mail address be able to reply? If it's to some other regular e-mail address, e.g. "barack.obama@whitehouse.gov," then that just wouldn't do, because the address would eventually leak out and become just as much a target for a flood of messages as "comments@" might be now.

BUT, a variation on that might work. The President's outgoing message could be dynamically rewritten to appear to come from an address that had an expiration date, and that used a unique hash token to prevent guessing it - this is common in software like TMDA and other special e-mail submission systems. So instead of

From: barack.obama@whitehouse.gov

it might be

From: barack.obama-JLK23ADSF23423K@whitehouse.gov

and it would only work for, say, up to 70 hours (or a week, or...). The next time the President responds, it comes from a different address, which also only works for 70 hours. In this manner, correspondents of the President with regular e-mail addresses could carry on an e-mail conversation and not worry about the address becoming public in a way that mattered. If someone tried to e-mail the expired address, they'd get a bounce back saying, "sorry, please e-mail comments@whitehouse.gov."

For someone with a regular e-mail address to initiate a conversation with the President, we'd have to take a slightly different approach - the addresses would essentially need to go on a pre-approved list of correspondents whose messages would be allowed to go to "comments@whitehouse.gov" and be automatically filtered straight on through to the President's internal (not publicly addressable) account.

So, to initiate an e-mail conversation with the President, you'd either have to be a known associate with a known e-mail address, or you'd have to be an employee of the Federal government with an established e-mail account. Better than nothing, right?

Another pitfall: the President would still generally have to consider any content sent via e-mail, whether it was to a private internal address or not, as up for public scrutiny. Until whomever controls Presidential records passes a law identifying some kinds of Presidential communications as truly private, it's just the reality of the thing. And even if that did happen, we all know how easy it is for an e-mail that wasn't meant for you to make it into your hands, so it's probably just safe to assume that's happening anyway.

From the article:

For all the perquisites and power afforded the president, the chief executive of the United States is essentially deprived by law and by culture of some of the very tools that other chief executives depend on to survive and to thrive. Mr. Obama, however, seems intent on pulling the office at least partly into the 21st century on that score; aides said he hopes to have a laptop computer on his desk in the Oval Office, making him the first American president to do so.

Well, that's my brain dump on how it might work to let the President of the United States of America have an e-mail account he can actually use. What do you think?

Anna Lisa was traveling in the northwest to visit some friends, and we'd had sporadic contact via cell phone, e-mail and text message.  One day when I hadn't heard from her in a while and was unsure of her specific travel plans, I decided to sit down and write her an e-mail, but before I could, a text message from her came in:

Hi Wachya doing

I didn't think too much of the uncharacteristically poor grammar (even for a text message), and wrote back, "Writing to you, actually!  And you?"

What are you wearing?

Hmm, okay, a little odd and flirtatious response (especially since we've had the talk about what's acceptable and not acceptable to communicate electronically given who's listening in), but I'll go along with it: "Green shorts and a black shirt - why?  Are you leaving tomorrow?"

I just ________ __ ______ ______.

To keep this post family friendly, let's just say that the message described an intimate act of personal hygiene, and used slang that I wasn't quite familiar with.  And now I'm trying to figure out what the heck is wrong with her.  Me: "What does that mean?"

I am ___ _____ down there.  _____ __ ___ ____!

More explicit commentary and suggestions that went beyond hygiene and appropriateness.  I was annoyed, and tried to end the conversation, but the messages kept coming, each one more crude and inappropriate than the one before.  I didn't get it.

Until I checked my e-mail, and read this waiting message from Anna Lisa:

> so, i lost my phone today. ugh. i retraced my steps, but
> don't think i'm going to find it...

Ah.

Phew.

Indeed, the phone had been stolen, and the person who now possessed it was apparently sending text messages to contacts in Anna Lisa's mobile phone addressbook.  I suggested she call her mobile provider ASAP to get that turned off.

The key moral for me was that you can rarely trust that a given electronic communication is actually coming from the person you think it is, although most of us do. In fact, we often make significant life decisions based on the information we receive electronically, sometimes getting really emotional or even upset with someone, sometimes costing millions of dollars, sometimes ending a life.  I'm glad that I didn't make any lasting judgments about Anna Lisa's character or our future relations based on those false messages, but that's only because I found out in time, perhaps narrowly avoiding a Shakespearean-style tragedy.

In the absence of suitable authentication mechanisms for everyday digital communications (which are available but are not in widespread use, especially not for SMS messages), I think I'll always tend to be a little skeptical of what I'm receiving and who it's really from.  I certainly won't make any major life decisions based only on a text message - I hope you'll do the same.

Recent media reports, including a March 10th article in the Wall Street Journal, show us how much information spy agencies are allowed to legally collect and monitor:

• Recipient and sender address, subject line, timestamp of e-mail messages
• Internet sites visited and searches conducted
• Incoming and outgoing numbers dialed on cell and regular phones, length of calls, where you physically were when a cell phone call happened
• Pretty much everything about your financial transactions

Makes you wonder what's actually happening beyond the law's provisions. Again, I'll generally assume the worst.

1. The price of a gallon of regular unleaded gasoline in the U.S. will hit $6 a gallon sometime this Summer, and perhaps $10/gallon or more by the end of the year. Measures will be taken by the federal and state governments to temporarily alleviate the financial burden on some people, but nothing sustainable. Some people will not be able to get to work at all, while others will have to carpool more, take the bus, ride their bikes, and walk.
2. The U.S. will initiate military action against Iran, probably in the form of heavy air-strikes. There will be no clear notion of victory or desired outcome other than to significantly destroy the country's own infrastructure, especially targets related to nuclear facilities. This action might be justified to the American people by...
3. An apparent attack on one or more U.S. locations, resulting in significant loss of life or infrastructure.
4. The U.S. airline industry will significantly cut back or even cease flight schedules as we've known them, and air travel will (once again) become a privilege reserved for the rich and famous who can afford private flights. Any frequent flier miles you've accumulated will become worth near nothing.
5. Most grocery stores will significantly scale back their inventories and restocking schedules, and significantly raise prices on what remains. Obtaining food from non-local sources, even basic staples, will be difficult at best, and most communities will begin to take emergency steps to feed their residents.

Hey, look, I don't like the thought of these things happening any more than the next person, but perhaps there's some value in naming what might be, even if it seems a bit outlandish or gruesome. Maybe if we believe these things are possible, we might feel more prepared to prevent or deal with them if they do happen.

What do you think? Too cynical? Worse? What are some other scenarios?

• The Secret Life of Bees by Sue Monk Kidd. A great, compelling story that is so rich and enjoyable. Reminds me of how I felt reading A Prayer for Owen Meany or To Kill a Mockingbird. I can also recommend Monk Kidd's The Dance of the Dissident Daughter.
• The Soul Tells A Story: Engaging Creativity With Spirituality In The Writing Life by Vinita Hampton Wright. I couldn't enjoy this one as much, perhaps because it seemed to define spirituality a little too differently than I do, and the resulting instructions/advice just didn't feel as applicable. It also wasn't as tightly structured as I would expect a book on creative writing to be.
• Secrets and Lies: Digital Security in a Networked World by Bruce Schneier. My review of Secrets and Lies is at the Summersault Weblog.
• The Golden Compass by Philip Pullman. Another really fun book that will appeal to fans of the "Narnia" and "Harry Potter" style of adventure-telling. Also coming out in December on the big screen as a motion picture starring Dakota Blue Richards and Daniel Craig - worth a see.
• The Assault on Reason by Al Gore. My review of The Assault on Reason is in my last weblog entry.

Now reading:

• Thinking Points: Communicating Our American Values and Vision and Whose Freedom?: The Battle Over America's Most Important Idea, both by George Lakoff. If you read this blog with any regularity, you already know I'm a fan of his stuff.
• Codes, Ciphers, Secrets and Cryptic Communication: Making and Breaking Sercet Messages from Hieroglyphocs to the Internet by Fred B. Wrixon. Nothing gets me up in the morning like a Bifid Cipher.
• The Woman and the Ape by Peter Hoeg. Highly recommended by Anna Lisa, and I've always enjoyed books with large primates as main characters.

I'll post reviews of these as I can. Your own reviews, recommendations and comments welcome!