Discussion on:

Power User

I think jon has identified a key characteristic of a number of Mac users - perhaps even a majority. That is, a capacity to accept that any problem that arises with their computer is just another nice design feature of an inherently superior product.
The number of people who believe this, as well as being willing to pay more for such a product, is fairly limited. Which goes some way to explaining why the Apple share of the notebook and desktop PC market share has rarely, if ever, exceeded 5% in the last decade or so.
Nevertheless Apple has been able to charge this small segment of the market a lot for its products - and this segment of consumers has exhibited an unnerving and enduring willingness to pay a premium for being thought of as "different" to the purchasers of generic IBM compatible PC stuff.
The American social scientist and economist Thorstein Veblen termed this type of behaviour "conspicuous consumption" ie. the desire to advertise your wealth, or perhaps superiority, by obviously wasteful spending. This is also evident in other areas of present day consumer behaviour that could be considered "irrational" including such things as "truck based" four wheel drive vehicle purchases by city dwellers.  
But what does this mean for Apple in the long term? Will Apple's focus on tactical product releases and lack of strategic planning make any difference?
I'm almost certain that Apple has been a design company - specialising in certain types of technology products - for at least a decade now. And it has prospered by charging more for its products than its direct competitors - price discrimination on the basis of perceived differences in design and quality. Technical issues heve never been a critical factor for its target market. 
The move to Intel, and even Boot Camp, are evidence that Apple sees itself in this way as well. Although probably inevitable, and d espite the hyperbole, there isn't a lot of evidence to suggest that the market for Apple's products is going to change that much as a result of these technical moves. Most Apple users, in common with computer users generally, just don't care about these things.
So what will Apple look like a few years down the road? I don't think it will be "just another generic computer company." I suspect it will be a business a bit like Virgin - a well recognised brand that is marketing "shorthand" for a products that attempt to satisfy a discrete set of consumer wants. It won't be for everyone - but it will continue to "produce" things that its group of loyal followers - as well as some hangers on - will love (eg. iPod).  
Whilst it will never be another Microsoft, or even IBM, I don't think this is the plan. I expect that, freed of the burden of trying to maintain "technical supremacy", Apple will continue to produce well designed products for a particular type of consumer. Regardless of what Steve Jobs decides to do next.    

WildBlue Follow UP  

After excellent initial service from the new WildBlue 2-way
satellite Internet service as described in my Right Tool entry, I have
experienced increasing problems, some hardware related, others which tend to
indicate that management expanded too quickly.



First the billing problems, then see how long it takes to
get a down system working again.







My first credit card bill for WildBlue service turned out to
have a major error, a second bill for the single service I had ordered.





I quickly challenged this with both the credit card company
and WildBlue?s billing department but it took three months and my own personal
investigation to get it all resolved ? for details, read on... Each month my bills from AMEX showed two WildBlue service
charges placed at the same time, one for my correct amount and the second for
the next higher level of service.  



But my WildBlue bill only showed a single invoice amount ?
for the correct bill ? nothing relating to a second bill.  

After several months of having AMEX withhold that second
payment and no help of any sort from WildBlue except for them to tell me they
had no idea what was going wrong (despite my providing them with the
transaction details from my AMEX bill) I finally had some time and started
probing myself.



I found that someone in another state was getting free
WildBlue service because I was being billed for their connection as well as
mine.

 

Now I didn?t loose any money on this, and I still don?t know
how the error occurred, all I know is that it couldn?t have been my fault
because I never heard of that other person, never even drove through their town.

 

So, why didn?t WildBlue take more interest in this problem
and track down why my credit card was being double billed until I had tracked
down the problem myself?



>This is a troubling question.







  But there are worse things than a disputed bill, such as not
having access to the Internet for an extended period. See the next blog entry for that sad tale. I'd post it now but the story isn't complete so I don't know the ending yet - I am
now 10 days into no WildBlue service and counting with no uplink in sight. 

I certainly don?t want to be the kind of person to say ?I
told you so.?



  Oh, wait, yes, I DO want to say that because it's TRUE .



  Just days after I asked whether Microsoft was in big trouble
the stock market discovered the same basic problems and cut the value of the
company by 30 Billion dollars in a single day.



  Say what you will about the stock market (and this certainly
isn?t a stock advisory blog), when the big money boys cut the value even of a
company the size of Microsoft by $30B, they must see something they don?t like.



  The specific trigger was Microsoft?s announcement that the
company was going to spend a lot of money in a game of catch up trying to pull
users away from Yahoo! and Google.



  But the more general cause was the fact that Microsoft has
had a very poor track record when it tried to expand into new businesses beyond
the company?s OS and fat client model which was so successful.



  Apparently I wasn?t the only one who thought so.



  Sure, Microsoft has a vast amount of cash to spend, but the
question is whether they CAN build a search engine the equal of Google or a
community as happy as Yahoo!?s loyal fans?



  And, not only that, but can they develop search and
community/portal services which are so much BETTER than those already offered
by Google and Yahoo! that people will take the time and trouble to switch?



  Personally I doubt it.



  But Microsoft has no choice other than to try and battle
Google ? Google is betting on the thin client which could kill Microsoft?s cash
cow permanently.

Well, some idiot has done
it again (carelessly handled other people's private information) and this time someone needs to serve some serious prison time if only
to set an example and put an end to this absurd situation where schools,
hospitals, and government all demand our personal information before rendering services and then hand out our information to anyone who bothers to pick it up.

The Associated Press is reporting that a Veterans
Affairs employee took files (probably unencrypted files or the FBI wouldn't be so excited about it) home with him/her, where they were
promptly stolen.



So what has happened to the idiot? Is he/she in jail? Ya
gotta be kidding, he/she works for the federal government so they are on leave ?
the statement didn?t say, but I bet it is on full paid leave.



What will it take to stop this rampant careless handling of our private information?







I favor drawing and quartering, perhaps during a prime-time TV special, but that may be a bit too
draconian for these kinder, gentler days, after all, it only costs those
who have had their identity stolen 6 months to 5 years, to forever to
straighten out the problem. Even if nothing bad happens, people will worry and have to spend time watching their accounts closely because they know they have been made vulnerable.  Why should federal employee actually get punished for causing such problems for millions of people? I think that if the VA employee doesn?t serve serious prison
time (and you know they won't), he/she should just be named, complete with his/her birth date, mother?s
maiden name, and SS# of course.

Yea, come to think of it, that's the perfect punishment for such people, whether they are in government, academia, or private companies - if your dumb carelessness exposes people to identity theft then YOUR personal information should be posted on a Web site.

What do you think? I'll volunteer to run the Web site.

People make me angry. I agree that the information should be encrypted on the medium. I don't think that we can extrapolate the concern of the FBI to mean that the data is not encrypted. However, we can extrapolate the idiocy of management to conclude that the information was not encrypted. The encryption issue is the kind of thing that I would encounter in business all the time. The management can be expected to have said that encryption of the data was not necessary because the medium could not be removed from the building. Hah!!! I hate managers so that is why I expect this scenario to have happened, IF anyone thought of encryption at all. Actually I'm only upset with one class of people ... others. Yes other people make me angry. (I borrowed that from a comedian whose name I cannot remember.) I agree that the employee should ALREADY have been fired and should be charged with one or more serious crimes immediately. This person should go to prison. I don't agree with your comment about making this person an example. This type of crime should ROUTINELY result in prison time. You know that the Federal Government (federal government?) cannot keep its data safe. We often hear of military computers used to store secret military information or confidential personal information being compromised by some high school kid. I can only make sense of it when I think of an incident that I personally experienced. About a week after the 9/11/2001 attack on the World Trade Center in NYC I found that a system administrator was keeping his backups of company data on site. I asked him how he expected that the business would recover if an airplane crashed through the window of our building. He replied that if an airplane crashed into our building then he wouldn't survive so he wouldn't be the one to try to recover the business information. In other words he simply felt that it wasn't his problem. This was at a mutual fund company. Some of the information under this guy's stewardship was financial account information of individuals. He didn't care if these people lost their money due to his lack of concern about doing a good job. When it came to encrypting backups, just forget about it. This guy couldn't be bothered to do that either. This lack of interest in doing a good job is prevalent throughout the American work force. People just want to do as little work as possible while they're trying to look busy at their desks. The same thing applies to cashiers at retail stores, store assistants at large department stores, assembly line workers, and all other types of work. The worst perpetrators are managers. Until people start to take pride in their workmanship instead of considering doing a good job as being a "brown nose" then we will continue to suffer problems from people doing a poor job. Years ago this simply meant that employees would be rude to customers, wrong items would be shipped to customers, and tasks would be left undone or poorly done. Now with all of our personal information being collected by everyone and stored on computer media we face considerable harm from people doing a poor job.As I said, people make me angry.

I think we can assume that the data was not encrypted.  23 States have passed laws requiring public disclosure of data security breaches.  One stipulation in most cases, is that if the data is encrypted, you are not required to provide public disclosure.   www.privacyrights.org
I think these types of incidents require that the individuals responsible face serious jail time.  As these incidents occur more and more everyday, the american public will eventually demand that their data is protected. 
I love your idea of posting the personal info of the dumbass that lost (or sold) the CD of information.  Atleast then people might think twice about the damage they could do to others with their carelessness. 
 

Actually, I don?t think
posting their private information will teach them anything. That sort of person simply isn't capable of learning social responsibility. But it would
destroy their finances to the point where they probably couldn?t get
a responsible IT job and doing something similar again!



It is sort of like impounding the
vehicles of chronic drunk drivers and putting child molesters in jail forever ?
it doesn?t actually ?cure? them, but it does help keep them from harming
others again and again ? unlike small fines or a few days in the slammer.

I think Vlad the Impaler had an approach that would be a useful lesson here. Mount a pole on the National Mall in DC, install the idiot who took the data home, as well as the thief, if s/he can be found, and let them slide.  Broadcast same on national TV.
Lessee:  A goverment employee all but gives away 26+ Million veterans information, but the same government wants a CALEA box on every network so they can gather more information?  From a security standpoint, these people are not qualified to pour pee out of a boot with instructions written under the heel.  (I love that movie!)

Vlad, Yea, perfect punishment for a government blood sucker!

Although I suspected we weren?t being told the whole story simply
because I was a Washington-based reporter, I didn?t want to say it without
evidence but apparently the VA delayed telling the local police about this and,
when they did, they made it seem like a tiny incident by saying only a few
hundred personal records were stolen.



It took weeks before the VA finally notified the FBI and
owned up to the vast size of the theft.



Some commentators have suggested that these
records might be worth upwards of $200 to $500 million to crooks. I now modify my demand for hard prison time for the idiot who lost the data by suggesting that the people responsible for delaying the police investigation and attempting to hide the seriousness of this security breach be given even more prison time than the fool who took the files home. Of course we all know what will REALLY happen. The fool will be re-assigned and probably never get another promotion while the bosses who concealed the theft for so long will continue their illustrious careers and keep getting promotions and pay raises.

I agree that the individual should be punished. Not only MUST they loose their job, they should be restricted from ever being allowed to handle files of this nater ever again.
However, the main culprit is the organisation that allowed this to happen. Safeguards should be in place to prevent this data from being copied and therefore being removed from the premesis.
Everybody on the list should file against the Veterans Service for not securing their personal data.

Why would an employee be taking that kind of information home anyway? No one should we walking around with that type of personal information!  I think we need to look deeper and see what controls were in place to safeguard the information.

26 million? Yes that's a bunch and based on the reports, I'm one of them.
This just happens to be an extreme example of data theft, (someone stole it, either the alledged burgler or the employee).  If you really want to get pissed off, look at this: http://www.privacyrights.org/ar/ChronDataBreaches.htm
They list 86+ million as a minimum in the past 16 months since the Choicepoint disclosure.
According to this list, the US Gov't is not the worst offender, universities and medical institutions are worse.
 

Okay, I'm going to take a different approach.  Being a government employee (state, not federal), I'm aware of the increasing workload being placed on us to 'do more with less' because the budget just won't sustain the number of employees that are needed to do the job.  Now, here's the story as I understand it:
An employee (IT relating to database administration) took home a laptop with the information on it so that he/she could work on it from home.  Someone broke into his/her home via a broken window and stole the laptop.  There have been numerous break-ins in the area where the employee lives.  Whoever stole the laptop is probably not aware of the information that he/she holds.  VA officials have stated that the employee didn't have authority to take the information home.
My guess is that the employee's supervisor probably gave him/her an unrealistic deadline and told him/her to do whatever was necessary to make sure that the project was completed on time.  Now the same administration is trying to make a scapegoat out of the employee by saying that he/she didn't have authorization to have the data outside of his work area (hmmm, sounds a lot like the Lewis Libby situation). 

Responsibility for this should run uphill starting with the one who took the records home and flow up to and through the chain of command. Whether there were no safeguards or no controls to assure the safguards were followed; someone else is just as responsible for the theft of the data as the employee who was careless and the thief who took it. If one of my techs is careless and that carelessness results in a loss, it is my bad as well.

As a retired fed I too know what demands managers place on employees and steps employees have to take outside of work time to meet these demands.  Most times the employee is totally uncompensated and unappreciated so that his manager or above can get a larger bonus or move up the ladder over the backs of those he/she could not compete with.
While the employee that took restricted data home should face punishment, at minimum loss of job and any claim to benefits accrued, we also most demand appropriate punishment for management.  Management has always been aware of the steps that their employees must go through, including taking sensitive and restricted data home as well as government computer equipment, managers have choosen to look the other way as long as their deadlines were met.  It is time that they lost pay and beneifits for thier part in all of this.  In fact the managers at VA and any other department involved in similar situations need to be named in civil class action law suits and suffer the consequences when thier agency disavows.  It is only just punishment.
I for one am already discussing with various attorneys the possibility of a class action law suit against the employee, his/her managers, VA officials and the VA.  Regardless of any victory these idiots must be made to suffer as have all of us who have served. 
And do not forget the greatest indignity in all of this, most of those involved in screwing us through loss of our data never wore the uniform of this country and in all likelihood some may only be resident aliens.   

I don't think that's fair punishment for anyone.  Currently, at least in some states that I'm aware of, convicted felons have all of their information - birth date, full name, SS#, etc. - listed on the internet on publicly accessible Department of Corrections websites.  Regardless of their reasons for being in prison, there is no reason to make it easy for identity thieves to ruin their lives further.  Many former felons are productive members of society who made their mistakes and paid for them.  They're trying to live normal lives and that is being compromised because the DoC wants to post their information online.
Some people make mistakes that compromise the safety and security of others.  Agreed, they should see consequences for their actions.  I think there are many other ways to effectively accomplish what you're saying without doing the same thing this person did.  A short DoC term and a permanent mark of "misappropriation" from the Federal Government should make this person's life more than difficult enough without continuing the cycle of identity theft and vulnerabilities.

Amen !!

I am a disabled vet.  I don't know if my information was "stolen", but for all those that put their life on the line, I think the punishment should "run uphill".. not down. 
I am outraged that they had no security measures in place, and why, this employee should take this information home is beyond me.  They should only be able to work at their computers AT work.  Deadline or not.

Just for the record, my father was a federal employee - he never violated anyone's trust. My wife was a federal employee - she would have been fired instantly and probably arrested if she had been caught even taking a blank CD-ROM or floppy out of the building. She retired in good standing - you can probably guess where she worked. Sorry, I don't care how "busy" you get, there is absolutely no excuse for exposing this sort of information. Feds get GREAT pay and benefits, not to mention being almost impossible to fire - if you aren't prepared to put up with some job pressure AND still serve the public interest, you should get a job in telemarketing  or the fascinating drive-up food service industry instead. Staff (and supervisors) should be fired instantly just for taking that sort of data home, even if it was returned safely - and we all know how difficult it would be to PROVE no copies were made. Even if it "appears" that the data was simply destroyed, ALL these people will have to worry about the possibility of identity theft for the next decade. Let the responsible manager and staff worry about how they will pay for their next meal.

Equifax has a special page fpr everyone who may have
been affected

http://www.equifax.com/siteAssets/productPromos/veteran/veteran_breach.htm

 

To place an initial fraud alert on Equifax credit reports,
phone 877-576-5734

V.A. Sec. Jim Nicholson is currently testifying before the
Senate?s joint oversight hearing. Hear it online (CSPAN-3) at:

 

http://www.c-span.org/watch/index.asp?Cat=TV&Code=CS3&ShowVidDays=30&ShowVidDesc=&ArchiveDays=30

First.gov, the Federal information portal hosts a page
titled:

 

?Latest Information on Veterans Affairs Data Security?

 

http://firstgov.gov/veteransinfo.shtml

 

Unfortunately I checked it this morning (May 25 1100 hours East Coast Time) and
the ?Latest? information was posted on May 22.

NEWS FLASH - Teddy Kennedy just found out from one of his gardners that the worker in question was an undocumented alien. Armed with this information Ted made an impassioned plea on the floor of the senate to right this terrible wrong. Realizing that the job description had never been provided to the employee in spanish meant that he could not be expected to understand that taking a computer home (with or without the intent to bring it back) was not right. As a result Ted argued that we the regular people should offer a written apology (written in both English and spanish) and he also felt it would be appropriate to provide a merit promotion and a state of the art laptop. Senator Clinton offered an amendment to not buy a new laptop for the worker if he had stolen one in the past 30 days. Hillary later recounted  her  amendment when she realized that it was unlikely that the employee would still have the computer after that much time. Rigardless, not even after severalb hours of debate no acceptable political solution has been forcoming. And you didn't think it could happen here. In any system of ZERO ACCOUNTABILITY anything can and usually does happen.

While it certainly wouldn't help in an instance such as this one, I think that what we need is a mass movement of "little guys" refusing to share our personal information (such as SS numbers) with ANYONE until such time as the Powers That Be learn to handle such information responsibly. Laws need to be enacted at the Federal level requiring ALL personal data be encrypted ALL OF THE TIME, and that no such data be allowed to be removed from the legitimate premesis UNDER ANY CIRCUMSTANCES what-so-ever.Hang 'em all !!

Sec. Nicholson Dodges responsibility despite saying he took
responsibility.



  Listening to the VA Secretary?s self-serving testimony made
me physically ill.



  Although he began by stating that he was ultimately
responsible, he kept repeating over and over, and over again that this incident
was due to the actions of only ONE employee.



  How absurd!



  The years of bad grades given to the VA?s IT
systems' terrible security were not earned by this single bad apple, it is a culture of
irresponsibility fostered by the way these government employees are never held
truly responsible for their stupidity and cupidity.



  It reminded me forcefully of someone in The White House who
always ?says? he is responsible for things, but then immediately starts blaming
others. I wonder if anyone has recently told Secretary Jim Nicholson: "You're do'in a hell of a job Jim!"

Does anyone else think it's strange that the night this clown took the data home it was stolen? Does the idea of a theft ring come to mind? 

Fire the person who took the computer home. Find the thief and prosecute him to the fullest and include the death penalty in the sentence. Then clean house starting with each and every manager in that department. Fire them all AND prosecute to the fullest!
Only then will other managers take notice and do the job that they were hired and paid to do.
Hold each and everyone in government responsible for the actions they cause... and don't just put a statement in their file saying they made a "little" mistake. Publish ALL their mistakes on the web for all to see. *** for tat!
 

Add yet another employee related problem:
"Red Cross warns blood donors of possible ID thefts in Midwest:" source Computerworld 5/25/06
<http://cwflyris.computerworld.com/t/552557/352110/20553/0/>
I agree that managers should also be held accountable, if not by legal prosecution, then by reduction or termination.

Civilian government agencies will always have data security vulnerabilities. As a contractor for federal government, I have seen many of these physical data access vulnerabilities.
There is not enough money budgeted for IT security in cilvilian agencies to fix all of the flaws. Write your congressman. 

Here is an old fashioned and maybe weird thought.
Get all sensitive data on any media - properly classified - which must not leave the office premises. Period !
If it has to move physically, then get Brinks Security Services or their competitors with their Armoured Trucks to transport the laptop / computer / Flash drives / Jump Drives / Hard Drives or whatever to its destination. This data is as precious, if not more than cash.

As a military disabled retiree who depends almost entirely on my meager retirement benefits, I personally think the individual(s) responsible for this atrocity should be brought before Federal tribunal, convicted of treason, and executed by public firing squad! Being an expect marksman I volunteer to be a member of that firing squad. This is just another case of total disregard of the procedures in place to prevent such incidents from occurring. And another blatant example of what seems to be a prolific worsening trend attributable to the Bush Administration and its total disregard for the elders, disabled and poor of this once fine and proud country.A profoundly angry Vietnam VETERAN...

I think that accountability should be the issue: The individual that took the CD home, his supervisor, the TSO (security wonk), and the administrator of the facility should share in the cost of making this right. Billed for the man-hours utilized, the 800 lines, the re-vamping of security procedures (if followed, they'd be fine.)
Maybe then incidents like this and the Los Alamos incident (classified nuclear research) wouldn't get out the door...or at least they'd charge the buyer appropriately.

Whereas,  the thief(ves) probably didn't know what they had when they stole the computer... How could they not know now??? Ka-Ching, Ka-Ching!

My observation is that no one in government is ever responsible for anything that happens. We live in a culture of victims.
Don't expect the issue to get better until someone steals the President's identity....

BFilmFan Oh come on, WHO would WANT HIS identity? (GRIN)

"Stupid is as STUPID DOES!" - F. Gump
  Don't just stop with jailing/prosecuting the laptop user.  Obviously, it was "OK" for 3 yrs. for him/her to do so!  If only one head rolls, then the system has failed - Again!

This person has 34 years of Federal service.  They are retirement eligible, either under CSRS or FERS.  They will be asked/told to retire.


Also, it's not *identity theft* until your identity has actually been stolen.  It is instead a careless security breach.  Both are bad, but there is a difference.
My guess is the laptop is in a dumpster in Maryland somewhere.  If the crook is dumb enough to 'fence it' and put it out on eBay or something, I would guess he would get caught; otherwise, very unlikely.

After reading these many blogs reference to theft of millions Veteran?s records, I firmly believe that no one really knows how the government works. Having served in the Armed Forces for 24 years and as a Civil Servant for 15 years. Just in the last 11 years when the government started moving into the realm of internet connectivity and the FULL aspect of data sharing across networks. The general information (example these records) would not be encrypted because they in themselves would have to be available for the manipulation to a massive amount of users. Also there seems to be question of the exact type of media that these records were stored on, my experience leads me to believe this was not just a CD.
 
Lets face facts just about everyone would not take a CD with no label or even with a label unless it is an original copy of a favorite product of Windows, Office, or something with a price worthy of the theft, but raw data I do not think so. The government employs unique applications for data collections, which are not off the shelf products sold at your favorite best buy store.
 
  This theft was more and likely an Uncle Sugar machine (possibly a tricked out DELL workstation with at least a 80 Gb hard drive).   This he/she person if a longtime worker bee for the government whom I suspect to be a dedicated and caring professional, doing the job 24/7 with years of Ole School ?Attention to Detail?, but falling short on the new technology and it?s ramifications, took his/her workstation home and could not connect it without help invited in the wolves and now the result.
 
Working as a government IT professional and systems data administrator I try to catch and publicly castrate in a loud, ugly and proficient manner anyone I catch taking the Uncle Sugar property home.
 
When I used to perform PC repair house calls it was noticed that on average PC owner had a lesser of a stature equivalent than their work office counterpart, so bringing work home not always had a successful outcome.
 
Being a Veteran I just hope my name is not one of the million. Now knowing from my own example, the keeping of my Vet data - up to date and accurate is not on my priority listings of things to do, by the teachings of experience. It is better to remain invisible as a simple dust particle in a mountain of dust, thus being hidden.
 
Now there is and has been a remedy in place for some time, that know one seems to want to grab the bull by the horns ? we license every dangerous vehicle we use, but why not a ?computer? average users can buy them ? use them ? exploit them ? and cause harm with them.
The result after the fact, we want to punish whom ever when something goes wrong. On their face value organizations ask as a part of employment that an individual has computer experience or skills but offer ?No Training Requirements or Standards for Proper Use and Management?. How many would lie if asked this question to get a JOB?   This theft result shows the continuing lack of good judgment and common sense and starts at the very top.
As a punishment, if we employed the falling dominos theory (knocking down the one gets them all).   Perform this method enough times and there would be NO MORE lapses of judgment or attention to detail.  

According to Rick Maze of The Air Force Times , " Secretary of
Veterans Affairs James Nicholson should resign for not being upfront
about the theft of private information for 26.5 million veterans, says
Rep. Bob Filner, D-Calif."

Those of you
who are following the Bird Flu threat and are considering my suggestion that
you get your company prepared for telecommuting on a massive basis should take note that time may be short.

If the
pandemic hits (and it may not, but planning would also prepare you for a major terrorist attack or natural disaster) and if you want your company to survive begin planning NOW! 13 deaths have been reported this
month.

An entire family in Indonesia ? one which doesn?t keep poultry, has been infected
with H5N1 ? all but one are already dead.



This incident illustrates two
vital concerns I have been expressing.



>The World Health
Organization?s plan to block a pandemic by rapidly responding to an outbreak
and treating everyone in the area with Tamiflu is bound to fail ? the Indonesian
government has blocked efforts to learn more about the dying family and now,
three weeks later, six are dead and there is still nothing but denials out of
the government.



The likelihood of
a pandemic is increasing. Having seven members of a single family who don?t
raise chickens become infected at the same time is a powerful indication that a strain of H5N1 has developed
which can move directly from human to human ? possibly jumping the final barrier to becoming a
devastating pandemic.



If you are concerned, now is
the time to plan for how your company will operate when half the employees are
out sick and many businesses as well as government services simply stop. That
is what will happen if we encounter another pandemic similar to the one which
hit the world during WWI.



Make plans for telecommuting.



Consider banning anyone other
than essential IT staff from the building(s) so they can operate relatively
safe from infection and keep essential services running for telecommuters.



Consider stocking some
inexpensive N95 filter masks for employees ? it will make them feel better
about going to work and also provide considerable protection.



No mask will block the virus,
but N95 or N100 grade filters will block the aerosol from coughs and sneezes
which carry the virus.



Also prepare information for
employees ? this is no more easy to catch than the flu we deal with every year,
it is just much more dangerous if you do catch it.



Hand washing and similar
precautions can prevent many infections.



Unfortunately the current
strain is most deadly to youngsters and those with strong immune systems
because fatalities are mostly caused by healthy immune systems triggering
Cytokine production and consequent lung failure.



For updates, you can check my free www.helpdotcom.com site.

Full information is finally seeping out and it turns out that
the records were mostly of veterans and families of veterans discharged after
1975.



Although I suspected we weren?t being told the whole story simply
because I was a Washington-based reporter, I didn?t want to say it without
evidence but apparently the VA delayed telling the local police about this and,
when they did, they made it seem like a tiny incident by saying only a few
hundred personal records were stolen.



The original theft occured on May 3.  It took weeks before the VA finally notified the FBI and
owned up to the vast size of the theft.



Some commentators have suggested that these records might be
worth upwards of $200 to $500 million to crooks.



But I don?t want to be nasty, perhaps everyone concerned in the
attempted cover up should spend one day in prison for every person whose
private information they exposed to identity thieves.



Certainly if the data falls into the hands of crooks it will
cost every one of those veteran?s and their families more than a day to fight
the system and attempt to fix the problem.

VA Secretary Jim Nicholson has refused to name the original employee, so let's add him to the "should be in prison" list. Since the VA has been criticized for years for poor security, the only innocents in this are the veterans and their families. The Washington Post had this quote: ""VA has not been able to effectively address its significant
information security vulnerabilities and reverse the impact of its
historically decentralized management approach," acting Inspector
General Jon A. Wooditch wrote in a November 2005 report."

My comment is more of a question. Why was the data allowed out of the facility in the first place? Every year there are statistics related to Identity Theft but why is it costing us taxpayers? When you go after the crooks, the items were illegally purchashed. If this were a bank heist, the items would have been returned to get the bank money back. The same should apply to this. Also, the sentence should be stiffer. I don't think a slap on the writst is sufficient. I think some serious jail time sould be imposed especially for repeat offenders. For those who feel the need to further their criminal records by being repeat offenders should have a bee line to death row. What's the use of putting someone in jail if all he/she will do is get out and commit more crime? Though my comments may sound far out there, I'm sure anyone who's gone through identity theft will agree with me. We have to do the paper work, we have to file the reports, and we then have to "fix" our once good credit, while the criminal goes free to burden another victum. And in the end, it's the criminal who gains, not the consumer. We are told to beware, to look over our sholders, to protect our passwords, and IDs. But no one is sending a message to the crook that harsh sentences are waiting for them should they decide to cross the line. I believe the victum should dictate the sentence of the criminal when caught, not our jury system. They can not feel the pain we feel and most of the time, the criminal goes free inspite of a long history of criminal behaviour.

V.A. Sec. Jim Nicholson is testifying before the Senate?s
joint oversight hearing. Hear it online (CSPAN-3) NOW at:

 http://www.c-span.org/watch/index.asp?Cat=TV&Code=CS3&ShowVidDays=30&ShowVidDesc=&ArchiveDays=30



  The audio and video feed will also probably be available in C-SPAN archives later.

_______________________ Equifax has offered special services to everyone who may have
been affected

http://www.equifax.com/siteAssets/productPromos/veteran/veteran_breach.htm



To place an initial fraud alert on Equifax credit reports,
phone 877-576-5734





____________ First.gov, the Federal information portal hosts a page
titled:



?Latest Information on Veterans Affairs Data Security?



http://firstgov.gov/veteransinfo.shtml



Unfortunately I checked it this morning (May 25 1100 hours East Coast Time) and
the ?Latest? information was posted on May 22 so take that with a grain of salt.

V.A. Sec. Jim Nicholson:



?This only came to my attention recently?



?I am the person responsible?



Paraphrased:



The incident occurred May 3 (local law enforcement notified immediately)

I (Sec. Nicholson) was notified on May 16



Outraged at the reckless action of the employee and at the
delay in my being notified.



[MY COMMENT ? Why did it take from May 16 until May 22 for
the Secretary of the VA to let the public know????]



19.6 million SS# and some medical disability/diagnostic codes
for some were also exposed.



Having the diagnostic codes could allow someone to calculate
benefit check size. _______________________

Sec. Nicholson (continued)



[Repeated many times that he was upset and that he wouldn?t
tolerate this sort of thing - but obviously he does because there were many warnings that this sort of thing could happen.]



I was asked by law enforcement to delay release of the
information to assist in the investigation.



VA IG notified on May 10. The GAO gave the VA a failing grade last year for information security procedures.

The IG has given the VA poor IT security ratings every year
since 1999.