409.330.9373 Info@OhainWEB.com
Pick Your Numbers – Pick Your Focus – Don’t Panic

Pick Your Numbers – Pick Your Focus – Don’t Panic

Dave Derosier

I recently wrote about Ethnic Thoughts, where I shared some of my own feelings about prejudice and discrimination today. In the end I referenced a situation where five Democrat lawmakers from the US Congress had accused the COVID-19 virus of being racist.

The basis for their accusations were statistics about how the African American and Latino communities had statically more cases of and deaths from COVID-19, more in relation to their share of the population.

NUMBERS

Based on numbers from the CDC website, as of April 28th 2020, the African American population represented 13% of the population in USA. On that same date, African Americans represented 21% of the COVID-19 deaths in the USA. That’s a 70% bigger share of COVID deaths than of the population. More racism!!!

This became a hot point for the media and rapidly spread through the country – like the coronavirus itself. It was all because of racism – perpetrated by the white community over centuries and that’s what has caused all the hardship on these protected classes of people in our country.

As noted in a previous article, I am neither African American nor Latino. As a result, perhaps I have no right to criticize the use of the race card when it comes to COVID-19.

NOT SO! I am a senior citizen. That puts me in a special class when it comes to COVID-19. Why? Because, from the same CDC website statistics, on the same date, 80% of the COVID-19 deaths were to people aged 65 and older.

I’ll tell you what, when 80% of the deaths are to people over 65 and only 21% of the deaths were to people in the African American community – I think any discrimination is against seniors a lot more than it is people of color. But who can seniors blame? God? Mother Nature? The Devil?

This is a great illustration of how “Figures don’t lie, but liars do figure.”

AGE GROUPS

The CDC website mortality tables referenced above show the number of recorded deaths from COVID-19 as of 4-28-2020.

The age group from birth through 24 years old indicates less than 50 deaths…out of tens-of- thousands! That is a miniscule number. It doesn’t mean that age group doesn’t catch the virus, only that it doesn’t kill them (statistically).  So why are all the schools closed????

If we take the total deaths (USA) from the virus and subtract those age 65+; and we then remove those who are under age 25 because the number of deaths is miniscule, we are left with a population group from age 25 through 64, and that represents only 20% of the deaths from the virus.

When we are talking about re-opening the economy, we should be looking to isolate, one way or another, the most vulnerable people – those 65+ (80% of the deaths). We should not be overly concerned with the school-age kids (all the way through grad school) because even if they get sick from the virus they recover.

FOUR CLASSES

The most important portion of the population to focus on is the 25 to 64 age group. Those are the people to be tested. When tested they could fall into four classes:

  • They have underlying/pre-existing medical problems that put them at high risk;
  • They have no signs of COVID-19;
  • They have the disease currently, with or without symptoms, and are contagious;
  • They have already had the virus and have antibodies to protect themselves,

Once tested, let’s get back to productivity, without a doubt:

  • Place Class 1 people under the same umbrella as the protected seniors;
  • Class 2 needs to take preventative measures (masks, social distancing, etc.) and continued testing until/unless they move on to either Class 3, but in the meantime, they should be able to return to productivity;
  • Isolate Class 3 until they progress to Class 4 with antibodies;
  • And send Class 4 back to work.

With that strategy, the economy will start to regenerate, some people will still get sick, but almost all of them will get over it, and we are protecting the most vulnerable people – who are 65+ or have medical problems that put them at high risk.

Sounds simple doesn’t it?

FOCUS

I guess it’s all in how you pick your numbers as to how the focus goes. Instead of choosing the numbers to pass the blame, let’s encourage our leaders to choose numbers that help us to move forward and do what Americans have always done – meet and beat the challenge.

Please go and tell your elected leaders at all levels how you want them to lead us forward in the face of the COVID-19 challenge. It’s up to you to influence the leaders to do the right thing.

[The CDC website for the data in this article is https://www.cdc.gov/nchs/nvss/vsrr/covid19/index.htm.  It is regularly updated by the CDC and the numbers may have changed since May 1st 2020.]

J David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info

This article was first published in The Orange Leader on May 6th 2020.

Ethnic thoughts

Ethnic thoughts

Dave Derosier

Some of my earlier opinion pieces may have given you a few ideas about how I think. Maybe some of you have even developed a mental image of me. Let me give you a few more tidbits about me as a person, and then identify one of my hot-buttons for you to ponder.

I live in Texas, but I’m from New England. In between I have lived in Europe and Canada. I have worked or just visited all 50 states and 49 countries. I was born in Rhode Island, the smallest state; and I’ll die in Texas, the largest state (or will be when global warming melts the ice in Alaska).

Both of my grandfathers were of French Canadian descent (Canucks). My maternal grandmother immigrated from Salt Hill, a small town next to Galway in Ireland. I never knew my dad’s mother, nor was she spoken of.

My wife’s mother was a Cajun. The Cajun French came from Nova Scotia (means “New Scotland”) in the late 1700s when they were deported by the British. Most ended up in Louisiana. In contrast, the Canuck French migrated from La Nouvelle France (primarily today’s Quebec) to New England for economic reasons.

My wife’s dad was from a Danish family living in Birmingham. I remember meeting her dad’s mother there once, she was a true “Southern Lady”. Once, while in Denmark, I looked up her family name in the phone book…and there were three pages of them.
I grew up in Rhode Island. Most of my friends were either Italian or Portuguese. When I say that, I mean that’s the language that their parents spoke – as immigrants.

Most of the Italians came from Sicily, in the south. The Casa Nostra (Mafia) was an integral part of the Rhode Island culture. The Portuguese came from the Azores off the coast of Africa (“Black Portuguese) or from the mainland (White Portuguese).

Immigrants tended to live in their own ethnic communities. Even today, many parts of New England have their ethnic equivalents of Boston’s Italian North End or the South Boston Irish.

So, here I was, growing up through high school with a French-Canadian name and strong Irish heritage, living alongside Italians and Portuguese.

Did I learn new, non-English, words and expressions? Yes. Did I learn to make judgements about people because of their heritage? Yes. Is that natural to do? Yes. For example, to this day I still associate Italian with the Mafia. I still associate being Irish with beer and hot tempers (and maybe red hair).

After high school I went away to college, Boston College in Chestnut Hill, about 40 miles from home. Ever heard of BC? It’s probably the 2nd best known Irish Catholic university in the US, following Notre Dame. It’s run by the Jesuits and sits smack dab in the middle of a well-established Jewish area of Boston. I learned a lot more non-English words and sayings from our Jewish neighbors.

Throughout my early years, ethnic influences have permeated my life. I’ll bet they have yours too.

Did I make ethnic judgements? Yes. Do I think those judgements are still valid today? Some.

A while back I wrote about Hypocrisy in the Anti-Discrimination rules in this country. In that article I defined a few words for clarification of my thoughts:
Stereotypes are oversimplified ideas about groups of people.
Prejudice refers to the beliefs, thoughts, feelings, and attitudes someone holds about a group.
Racism is a type of prejudice used to justify the belief that one racial category is somehow superior or inferior to others
Discrimination consists of actions towards a group of people. Keyword here is action.

Sticking just to ethnic judgements for the time being, let me tell you how my early life relates to these four words.

STEREOTYPES: Yes, I have cultivated ethnic stereotypes, I’ve already talked about some of these, like the Italians and the Irish.

PREJUDICE: This is prejudging a group based on stereotypes. Yup, I have a tendency to still do that on occasion.

RACISM: No, I do not look at ethnic groups as being superior or inferior to others. After decades of international business and living, in order to be successful, one had to live by, “It’s not better or worse, It’s different.”

DISCRIMINATION: No, I do not discriminate against groups. Yes, I DO discriminate between individuals, based on my knowledge of them. I suppose you could say I put people into groupings such as friends, acquaintances, not-friends, and unknowns; and I discriminate by treating them accordingly.

I have two good friends named Debra. Both are women. One is black and one is white. One is active in the bigger public community, the other is not. One is white collar; one is blue collar. They each have lots of differing attributes.

When I think about either of them, I think of her as an individual, as a friend. I do not think of her as a black friend or a blue-collar friend, or any other of her attributes. And, just for the record, I use the word “her” out of respect for her gender, not as a sexist thing.

I’m so sick and tired of all the polarizing that is going on today, especially how easy it is to refer to enemies as being racist – in what I hear (broadcast as well as discussions), in what I read (newspapers and the internet), and in what I see happening especially in the government. Just last month, five Democrat lawmakers even accused the COVID-19 virus of being racist.

Anyone out there have any ideas on how get the rhetoric down to what’s right? And stop blaming the “other side” for what’s wrong? There is no reason to have winners and losers.

Throw the race-card out and let’s all just treat people as individuals, as equals, and search for win-win solutions instead of trying to pick winners and losers based on ethnicity.

 

J. David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info

This article was first published in The Orange Leader on April 22nd 2020.

Balance of powers in our Federal Elections

Balance of powers in our Federal Elections

Dave Derosier

In a recent article I talked about the balance of powers built into our Federal Government by the Constitution. The “balance” part is called States’ Rights. The way in which we elect people to represent us also contains similar balance mechanisms.

At the Federal Level, there are three branches of government:  the Legislative, the Executive, and the Judicial. The Legislative creates the laws (Congress), the Executive administers and enforces the laws (President and Vice President), while the Judicial handles disputes about the laws.

Please keep in mind that this is all within the concept of “States’ Rights” because the Constitution specifically lays out only what the Feds can do, and then says that everything else belongs to the individual states to handle.

In the Legislative Branch, we know that there is a balance between the two “Houses” of Congress – Senate and House of Representatives. In order for legislation to be passed, both Houses must be in agreement, otherwise no law.

Another balance item is that before it actually becomes a law, the President has the right to veto legislation. Even then, another balance item – Congress gets an opportunity to override the veto.

There are exactly two Senators for every state, no more, no less. And they are each elected to a six-year term.

The number of Representatives per state, on the other hand, is based on the population. To add even more balance, this number can change every ten years when/if the national census indicates significant changes in populations by state. Overall, the maximum for all the states combined is set at 435.

Presently, California is the largest state by population and elects 53 Representatives, Texas is number two with 36 seats, while seven states have only one Representative.

Balancing powers in federal elections When it comes to elections for the Executive Branch, the balance made by the US Constitution is that each state gets the same number of votes as it has members in Congress (Representatives plus Senators).  These votes by state are what makes up the “Electoral College”.

This means that each state gets exactly the same say in electing a president as they do for enacting federal laws. But there is a little twist in that balance when it comes to the Electoral College.

The federal government does set the number of votes, but it’s entirely up to the states themselves how those votes are apportioned amongst the candidates themselves. For example, there are two states, Maine and Nebraska, that award each of their electoral votes to the individual Representative and Senator district winners. All the other states have a winner-takes-all rule for electoral votes.

So, California, with 55 electoral votes, gets more than 18 times as many votes as Wyoming, but has almost 61 times as much population. That’s a bit of balancing on the David vs Goliath scale. Texas, which has 48 times more people than Wyoming, gets 38 votes. Notice that with a bigger state, the weighted value of votes can also be higher. Another balancing consideration.

Census-defined rural areas made up 97 percent of the country’s land as of 2010. However, 80 percent of the population lived in the 3% called urban areas. That statistic alone should point towards the need for balance.

For my local readers, Orange County Texas is mostly rural, yet 65% of the people live in incorporated cities – urban areas. If you live in the cities you cannot use fireworks. If you live in the unincorporated areas, you may use fireworks. Suppose the cities were able to call the shots on everyone, how do you think the 35% that live in the rural areas would feel? How would little New Hampshire, whose state motto is “Live Free or Die”, feel if big California, whose motto is “Eureka”, got to call the shots up in the White Mountains?

And one last thing on Federal Elections. The Federal Government does not set the rules for elections within the states, other than for issues such as discrimination. Each state sets its own rules for elections within the state, regardless of whether the office is at the federal level, state, regional, or local levels. The actual rules come under States Rights.

And then of course, there are political parties, and not just Republicans and Democrats, lots of others too. They each have some sort of Primary Election for someone to represent the party in the General Elections. Each party sets its own rules, for their own state. As an example, for Presidential Elections, Iowa is known for its caucus system while New Hampshire is known for its primary voting.

Lots of things built into our political systems to guarantee balances. Most of them are based on balancing out the differences between a David and a Goliath. They are there for goodness.

Don’t let anyone try and talk you into thinking they are bad. If someone tries to do that, most likely it’s because they consider themselves as being on the Goliath side…and they lost.

 

 

  1. David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info
Balance of powers in our Federal Government

Balance of powers in our Federal Government

Dave Derosier

Did you know that the United States is actually a Federal Republic? I’m sure most people have heard these words, and I’m also sure that most people don’t really know what they mean.

Let’s start with “Republic”. In a Republic, the power is held by the people and administered through their elected representatives; in addition, the top leader is elected rather than a monarch.

 Ok. Republic is rather straight forward, how about “Federal”? We often talk about the Federal Government when we are referring to our national government. That’s because our country is made up of different geographic areas, each of which have rights of their own.

 Everyone knows there are 50 states and one federal district (District of Columbia). There are also five major self-governing territories (Puerto Rico, Guam, American Samoa, Northern Mariana Islands, and US Virgin Islands) and several island possessions.

 For Federal Elections we will be looking just at the 50 states and DC. Going back to colonial days, the 13 colonies united to become a federal republic so that they could present a single face to the world, while retaining their individual autonomy within the new country. That’s where the term “States Rights” comes from.

 Our constitution was written to specifically define the powers delegated to the federal government by the states. All other powers, those not delegated to the feds, are reserved for the individual states. This also holds true for other federal republics, such as Switzerland and Australia. On the other hand, our neighbor to the north, Canada, has a constitution that delegates powers to the states (provinces) and reserves all the rest of the powers to the national government.

 So, a small state, like New Hampshire, regulates its people in the way that it feels is right. And New York, a large neighboring state, does it their own way. The whole idea is that, except for things that really need the unity (like military and international diplomacy) the big guys cannot bully the small guys. 

 At the federal level, the US Congress is our Legislative Branch and has two houses. In the Senate, every state gets 2 senators – that means every state gets the same weight when voting. However, in the other branch, the House of Representatives, each state is allocated seats based on their population, with a minimum of one vote in every state. California has the most representatives with 53, Texas is second with 36. Iowa has 4, while New Hampshire has 2.

 The House has a total of 435 reps. Every ten years, the apportioning of reps to each state is adjusted based on the national census. Some states may get more reps while others less, depending on how their populations have changed.

 The Senate on the other hand, stays fixed at 2 per state. If we add another state, we add 2 more senators.

 The House selects its own leadership, usually based on which political party has the most reps. The Senate does not get to choose; the leader of the Senate is the Vice President. Since there will always be an even number of Senate seats, the Vice President is allowed to vote to break a tie.

One more thing, to further the balance of power in the Federal Government, the #2 guy in the Executive Branch (vice president) is the first in line to succeed the President if needed. If the VP cannot do it, the leader of the House of Representatives is next in line.

 The Legislative Branch creates the laws and the Executive Branch administers the laws.

 There is also a third branch of our government, which is the Judiciary Branch. Their role is to provide a balance between Executive and Legislative, and to decide which side is right when there is disagreement.

 We have a federal government to do things that reflect the country as a whole. It is balanced by each of the states governing themselves for everything else. We have a constitution that provides for a balance in representation for the states at the federal level with two houses – one with proportionate representation and one with equal representation for each state. We even have a third branch of the federal government for balance when the two other branches are in disagreement.

 Next time we’ll look at the balances in the electoral process that continue these basic concepts when it comes to electing people to office in the federal government.

David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info

 This article was first published in The Orange Leader on January 15th 2020.

Divide and Conquer

Divide and Conquer

Dave Derosier

 The term “Divide and Conquer” has been around for thousands of years, often attributed to Julius Caesar in the first century BC. Russia uses that same strategy today, in the 21st century.

DISINFORMATION

Russia’s goal is to prey on and capitalize on existing philosophical divisions within populations, such as USA, and increase an overall mistrust and paranoia against democratic institutions. In the process, justice systems are portrayed as corrupt, inept, and hypocritical using disinformation.

 Actually, the word “disinformation” has been derived from the Russian term “dezinformatsiya” which was first used by Josef Stalin in 1923 as the name of a KGB black propaganda department. This disinformation strategy is a commonly known fact within the worlds of national security and cyber security.

 Another word for it in common use today is “fake news”. The purpose is to drive even deeper the wedges that divide different factions within a population. This could be conservative vs liberal, Christian vs Muslim, good vs bad, religious vs secular, right-to-life vs woman’s choice; it goes on and on. The end goal, just as with Julius Caesar is to Divide and Conquer.

 DISTRIBUTION

Methods used by Russia to distribute disinformation have included its Kremlin-controlled mouthpieces, Sputnik News and television outlet Russia Today (RT). The 2016 annual report of the Swedish Security Service, in reference to disinformation, stated: “We mean everything from Internet trolls to propaganda and misinformation spread by media companies like RT and Sputnik.”

 Now, in the 21st century, Russia uses social media platforms such as Facebook and Twitter to spread disinformation. Facebook believes that as many as 126 million users have seen content from Russian disinformation campaigns on its platform.

Twitter has said that it had found 36,000 Russian bots spreading tweets related to the 2016 American election. One only has to look at the Mueller Report for more details on Russia’s involvement in the 2016 elections.

 Elsewhere, Russia has used and continues to use social media to destabilize former soviet states such as Ukraine and other western nations such as France and Spain.

 Russian disinformation campaigns constitute information warfare and seek to plant seeds of doubt and distrust; to confuse, distract, polarize and demoralize.

Existing Philosophical Divisions

A report released by the US Senate Select Committee on Intelligence in October 2019 offers a most comprehensive look at the efforts of the now-infamous Russian propaganda factory known as the Internet Research Agency (IRA).

The IRA made over 61,500 Facebook posts, 116,000 Instagram posts, and 10.4 million tweets, all aimed at sowing discord and inflaming tensions among Americans, says the report.

More than any other group, the IRA aggressively targeted black Americans on every social media platform before and after the 2016 election. More than 95 percent of the content the IRA uploaded to YouTube focused on “racial issues and police brutality,” the report notes, and five of the top 10 IRA accounts on Instagram targeted “African-American issues and audiences.”

Russia’s attempt to exert influence over our 2016 election was but one part of a “broader, sophisticated, and ongoing information warfare campaign” designed to divide America by inflaming cultural, political, and social tensions. The influence operations began long before 2016 and remain active today, the report says.

It’s not just the Russians

As Commander-in-Chief of American military, President Trump approved an American airstrike that killed top Iranian military commander Gen. Qassem Soleimani in Baghdad. Trump proclaimed the pre-emptive strike as being defensive against an enemy that was actively developing plans to attack American diplomats and service members in Iraq and throughout the region.

Critics of the President argue that it could lead America to a war with Iran. Although they are entitled to their opinions, when they start publicly attacking the Commander-in-Chief and accuse him of illegally making decisions that, by law, he is responsible for, they are planting seeds of doubt and distrust, to confuse, distract, polarize and demoralize the voters solely because an election is coming up.

Russian Operatives

In other words, these critics are doing exactly what the Russians would gladly pay them to do. If the Mueller Investigation were still going on, they could be accused of being Russian operatives, just as many other Americans were. They are aiding and abetting the Russian strategy of Divide and Conquer.

When are these supposedly smart politicians in Washington going to learn that they too are being manipulated into doing exactly what our enemies want them to do?

Sowing the seeds of hatred and racism are not going to help this country. We do not need more divisiveness. We need our community to work together in spite of our differences. We especially need our elected leaders to work together in spite of their differences…and stop acting like Russian operatives.

If they can’t, they should be replaced – regardless of which side of the aisle they sit on.

 

David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info

 

This article was first published in The Orange Leader on January 8th 2020.

Bulk Equipment Interference

Bulk Equipment Interference

I remember a time when encryption standards were controlled by the government. The respective national information security agencies would not allow the export of software (or hardware) that contained new encryption algorithms (formulas) unless the software/hardware maker could provide the agency with a “key” to break the code.

The intent has always been national security. For example, if an adversary from outside the USA were using encryption that the NSA could not break, that became a breach of national security.

Those days are gone. Computers have progressed so much that hackers can create their own encryption algorithms on the fly without any outsiders being given a key or an export license.

Back in the days of analog signals, each communication was carried over one frequency (channel). Today, digital signals are so much faster and narrower (bandwidth) that many, many signals can be carried through the same space that a single analog channel used.

For these (and other reasons), encryption has become ubiquitous. In my last post, I talked about how Google is forcing encryption on the Internet by marking sites without HTTPS encryption as unsecure.

This widespread use of encryption is turning the traditional targeted listening of the National Signals Intelligence Agencies obsolete! NSA would record and listen to every phone call that left the USA, and then they added faxes, then emails. Now, all of those are encrypted.

So, how do the Signals Intelligence Agencies stay in business if things have changed so much? How do they gather the intelligence they need if the signals are encrypted? The answer is actually rather simple – they collect meta-data, which if oversimplified means data-about-data.

Ever heard of meta-data? If you have a digital camera in your phone, you probably use it to take pictures. Maybe even transfer them to your computer. Each photo has an ID, it also has the date and time, and information about the camera that took it, might even have the location if GPS was enabled on your phone. All of that information is meta-data, digital data about the digital data that makes up your photo. It’s in the digital file of the photo but not in the photo.

Let’s say they want surveillance data (intelligence) on you and you’re in the Golden Triangle (SETX). Someone quietly follows you around recording the meta-data. NOT JUST YOURS! Everyone’s meta-data is collected in bulk. They hack the systems (like an AT&T cell tower) and record everything. If they can’t follow you in person, they’ll use a drone or a satellite (depending on how important you are).

They even may need to interrupt your phone conversion with a call-drop so that you’ll re-register with the nearest tower and send more meta-data.

It’s called Bulk Equipment Interference. Go look it up on the internet. Could be some scary stuff. Of course, what they’re been recording for decades can also be some scary stuff.

Careful what you say, where you go, who you talk to, or…like with Facebook, don’t worry about it, everyone else is doing it.

Don’t forget to go to the internet and look up “Bulk Equipment Interference”.

PS: Who are these agencies? Friendly agencies with prime responsibilities for Signals Intelligence, often referred to as SIGINT, include NSA (United States), CSE (Canada), GCHQ (United Kingdom), ASD (Australia), and GCSB (New Zealand). These countries make up what’s called the Five Eyes – friends who share intelligence among themselves. And, of course, many of the other 200 +/- countries in the world also have SIGINT capabilities and concerns.

J. David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info

How do hackers get in?

How do hackers get in?

Governments and most major companies have installed extensive cyber security defenses. However their weakest links are the contractors and independent devices that have links into their computer networks.

These smaller contractors often do not invest in cyber security at the same levels and many of the independent devices have little or no security.

As a result, hackers who want to get the big fish will most often go after the little fish first to gain access to the big fish. The big fish are referred to as “hard targets” and the little fish as “soft targets”.

Most people think of hacking as someone breaking into computers to steal information. In fact, hacking is not just aimed at computers (or phones).

The big players go after communications networks and often leave “malware” behind for surveillance of everything on the network. Smaller players may just wreak havoc as they go about their work. What’s new in the game are the various ways in which hackers can gain access.

Internet of Things (IoT)

The Internet of Things refers to things connected to the Internet that are neither computers nor communications devices in and of themselves, rather they communicate over the Internet (Wi-Fi) for control purposes. The IoT can include household appliances all the way up to widgets in our petro-chemical plants. For example, security cameras, refrigerators, and even Alexa devices.

AquariumAquarium

An example was given at the Wall Street Journal’s CEO Council annual conference in December. According to Nicole Eagan, CEO of Darktrace, a cyber security company, a casino was hacked through a thermometer in an aquarium in the lobby. The thermometer was connected to the casino’s network to control the water temperature.

Alexa

I was talking just last week with a friend that lives in Orangefield. He was commenting on getting an Echo device from Amazon for Christmas. The Echo device can play music, turn the lights on, or order stuff from Amazon, apparently under the direction of Alexa, who is always waiting for someone to call her name with a request.

When you say the word “Alexa”, she recognizes the word and starts recording your voice. When you have finished speaking, she sends this recording over the Internet to Amazon. Alexa needs the internet to work; Alexa needs the internet to send your recorded words back to Amazon. Alexa provides a listening device right in your own home, one that is programmed to record what it hears and sends it on to a third party.

What do you think Amazon can do with your words? Almost anything they want! And this was not placed in your home by the CIA, you purchased it yourself. Just another piece of the IoT.

Houston Rodeo

Disappointed concert goersJust last week, the Houston Chronicle reported on how computer robot software (“bots”) impersonated customers and tried to order concert tickets for the Houston Rodeo. Their ticket company shut down the offending server and quarantined about 838,000 bots.

In the meantime, up to 2,000 actual customers may have been kicked off the website while in the middle of buying tickets. Those that got kicked off probably couldn’t get back on in time to get tickets before the two concerts that were targeted got sold out. I’ll bet there are some unhappy Rodeo fans out there right now.

WOW! A thermometer, Alexa, even software robots causing denial of service at the ticket office.

Think about the vulnerabilities you may be introducing into your digital environment. Some might be able to come back and haunt you in the future.

David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info

 This article was first published in The Orange Leader on January 16th 2019.

Do you use Google Chrome?

Do you use Google Chrome?

Have you noticed that many of the smaller websites you visit using Chrome now carry the admonition of “not secure”? These websites have not changed, Chrome has changed.

Google wants the world to believe that it is truly concerned with the security of its customers, and has chosen one of its flagship products, the Chrome internet browser, to show the world that it is a leader in cyber security.

First, let’s look at how your computer accesses websites. You give your computer an address (domain name) which it locates on the internet and copies the page (or file or whatever) down to your computer. Then it disconnects from the internet. What you see and what you do is on your own computer…until another internet access is needed. If you go from the website’s home page to another one, the same process happens, only now you have copies of two pages on your computer. And so on.

The browser software on your computer uses an application (app) called a protocol. For decades these apps used HTTP (HyperText Transfer Protocol) to communicate. When websites started collecting personal information (like credit card numbers and passwords), a modified protocol named HTTPS (“S” for secure) was created which encrypted the communications to protect the privacy.

Before, whenever your browser encountered a website that used HTTPS, it would show you something like a padlock icon to let you know that SSL (Secure Socket Layer) was being used and your data was encrypted.

Today most browsers still do that, but not Google Chrome. Google now calls any website with the old HTTP as being not secure. If no personal information is sent to the website, does it make any difference? Technically, no. However, in the perception of the user, Google has just said the website is bad, maybe you shouldn’t go there.

Google is trying to come across as the market leader that is protecting the public. And it’s not just adding those two words, “not secure”. Google also penalizes the website in its search engine rating so it may appear lower in a Google search. More like bullying to me.

However, they are big enough to get away with such bullying and we are now advising our clients that they have an option to switch to HTTPS if they would like.

All of the other major browser makers are starting to follow suit, encouraging websites to change over to HTTPS. One cannot win against these cyber bullies.

How does a website change over? Your website provider or hosting service can acquire a special certificate for your web pages that says you are legitimate. Today, there are three levels of certification – at the domain level, the organization level, and at an extended level.

The SSL certificate verifies that the website really is who it says it is – either an individual or an organization. The certificate confirms the identity of the website owner and vouches for its authenticity.

At its lowest level, domain validation, the certifying authority (CA) only checks whether the applicant actually owns the domain for which the certificate is to be issued.

At the next level certificate, called organization validation, in addition to domain ownership, the CA examines relevant information, such as company public filings. Information that has been vetted is accessible to website visitors, which boosts the site’s transparency. The somewhat demanding nature of this certificate means that it can take longer and be more expensive to issue.

The highest level of SSL certification (today) is called extended validation and has the most extensive authentication level. This process requires company information to be even more thoroughly scrutinized. This exhaustive review should additionally increase the website’s credibility. This certificate is also the most cost-intensive of the three.

In addition to the actual certificates, software may review the website to make sure it works the way it says it should. For example, does contact information collected actually go to the owner of the certificate? These are things one should expect from a “secure site”.

The cost to upgrade to HTTPS varies with the level of certification and how well the website was developed in the first place. As you can expect, the higher the level the higher the cost.

For existing sites, the cost to convert can be minimal if you do it yourself, or up to several hundred dollars if you use a professional. Usually there are also additional costs to be included in your periodic hosting fees when HTTPS communications are used.

For a new website, the developer will probably build the cost for SSL and HTTPS into the overall price of the website and hosting.

Does a website really need HTTPS?

In the past, if the website didn’t collect sensitive data, like credit cards or social security numbers, the owner may not have needed an SSL certificate. However, with the new browser notices, it’s becoming more important to ensure that a website has an SSL certificate and is loaded via HTTPS.

It’s up to the owners to figure out how they want their visitors to perceive the security of the website. It’s up to the visitors to figure out if there is any perceived decrease in value without it. I’ll bet most people never even noticed the “not secure” notice from Google Chrome.

J. David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info

This article was first published in The Orange Leader on January 3rd 2019.

David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info.

Elections and Cybersecurity

Elections and Cybersecurity

In my last column I talked about propaganda and election influencing in the USA by foreign governments, as well as the US doing it to others. My basic take was, so what; if others want to meddle, they always will. Just be sure to lock the barn door before the horse (data) escapes. We need to stop complaining and be prepared for when they try.

99% of votes in the USA are either cast or counted by computers.

We have invested in computerized elections because they reduce miscounts, help voters with disabilities, improve access to voting for rural voters, and speed up delivery of results. That’s goodness.

Unfortunately, we have NOT invested in strong security for our computerized elections. The average state election cybersecurity grade in a recent report was only a C-. The average grade for states with toss-up Senate races in 2018 is an F!

 Without question, our computerized election system is vulnerable to cyber threats!

 Let’s take a look at four areas of our computerized elections:

  1. Campaigns, overall risk: severe

Cyber-attacks on campaigns have been used for selective release of private documents in which adversaries release potentially compromising data on candidates and campaigns. These attacks have undermined the credibility of candidates, exacerbated social, economic, and political divisions among the US Electorate, and fueled fears of corruption and abuse by government officials.

So far in 2018, cyber-attacks by Russians have allegedly targeted multiple Congressional campaigns, including Senator Claire McCaskill of Missouri, as reported in TheDailyBeast.com.

Cybersecurity practices for political campaigns remain inconsistent, although efforts by Homeland Security and the FBI to provide cybersecurity training have had some effect. Extremely tight budgets, mostly-volunteer staffs, poor cybersecurity awareness, and the issue of distributed, ad-hoc systems by campaigns have made improving campaign security difficult in spite of significant publicity around attacks on campaigns and campaign officials, particularly for local and state elections.

  1. Voter registration and election management systems, overall risk: serious

Attacks on voter registration systems and e-poll books could be used to steal data on American voters, or affect Americans’ ability to exercise their right to vote if their voter registration is manipulated. Blocking certain voters from the polls could even alter the results of an election.

Voter registration systems in at least 21 states were targeted by Russian hackers in the 2016 election, although there is no evidence that voter rolls were actually changed.

Voter registration systems remain vulnerable to cyber-attacks, but progress is being made on basic cybersecurity standards and training, and Homeland Security is coordinating information sharing and incident response exercises with state election officials.

  1. VOTING SYSTEMS, overall risk: serious

Cyber-attacks on voting systems could be used to disrupt the voting process, or even to directly manipulate votes, perhaps the most widely-feared form of election manipulation.

There has been no evidence of foreign tampering with US voting systems in 2018, but known vulnerabilities have been demonstrated in many of the most widely used voting systems in the USA.

Vulnerabilities in voting machines and vote counting systems have received a lot of attention since 2016, but most voting systems are not connected to the Internet, and getting physical access to such a large number of machines would be challenging, particularly for a foreign adversary. Furthermore, most states have plans to replace aging voting systems and implement a paper audit trail for all votes.

  1. ELECTION NIGHT REPORTING, overall risk: serious

While attacks on election night reporting systems cannot affect the actual outcome of the election, if reported vote tallies are manipulated it could call the real results into question even if they are ultimately verified.

No evidence has emerged of foreign tampering with election night reporting systems, but exploitable vulnerabilities in official election websites, traditional and social media platforms could be exploited by foreign actors.

Secure election night reporting has received comparatively little attention and resources relative to voter registration and voting systems, and known vulnerabilities in official election night reporting websites, traditional and social media platforms remain unaddressed.

Without question, our computerized election system is vulnerable to cyber threats, and foreign adversaries want to exploit our vulnerabilities. 

Areas with the greatest risks are 1) Influence operations, 2) cyber espionage against campaigns/ candidates, and 3) attacks on voting systems. Influence and espionage are much bigger threats than sabotage.

What countries pose the greatest overall cyber threats to US Elections? Russia (81%), China (10%) Iran (2%).

The good news:

Progress is being made. Today, Basic Best Practices for cybersecurity are currently in place for information sharing (50 states), access control (46 states), and regular vulnerability analysis and intrusion detection (43 states). 9 states are using voting machines more than 10 years old; 33 states perform post-election audits, and (to me at least) most important – 36 states have a paper-trail audit for all voters.

By 2020, 46 states will either have or be in the process of implementing a Voter Verified Paper Audit Trail. (Look up VVPAT with an Internet Search Engine.)

More is needed.

A paper audit trail is a key first step in establishing resilience if computerized election systems are compromised.

Current funds are helping to implement basic security practices, but the full cost of robust security systems is much higher. Many states and counties have developed plans to upgrade or replace vulnerable systems but lack funding to implement them.

Attacks on campaigns and election night reporting systems cannot directly disrupt of change the outcome of an election, but they can undermine the credibility of American democracy, and comparatively little money or effort is being put into securing these systems.

Campaigns and election officials should leverage every available opportunity to partner with the government and with cyber security professional s and pro bono initiatives to continuously improve security on our election systems.

Hopefully we made it through the 2018 elections without any major glitches turning up. Let’s hope we’ll be much more ready two years from now.

[Most of the information contained here was distilled from papers published by the Technology Program of the Center for Strategic & International Studies in Washington DC.]

David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info.

Will the Russians again meddle in the upcoming American elections?

Will the Russians again meddle in the upcoming American elections?

Propaganda and election influencing by USA.

Did you know that the United States created Radio Free Europe as an overt propaganda effort during the Cold War, partially funded by CIA? Did you know that Radio Free Europe continues to this day with headquarters in Prague, a corporate office in Washington, D.C., and 17 local bureaus in countries throughout their broadcast region, broadcasting in 25 languages to 23 countries including Armenia, Russia, Iran, Afghanistan, and Pakistan. (www.RFERL.org).

The U.S. has meddled in presidential elections in other countries as many as 81 times between 1946 and 2000, according to a database amassed by political scientist Dov Levin of Carnegie Mellon University (www.dovhlevin.com/).

From Radio Free Europe to influencing elections, USA has a well-documented history of meddling in other countries’ affairs.

KremlinThink the Russians are going to try and interfere again?

I’m sure they will.

And why shouldn’t they? Especially when we do the same thing all the time.

So, if YOU think the Russians are going to try and interfere again, is that a problem?

What is the problem?

In an earlier article I wrote that problems cannot be solved…until they are broken down into issues to define the problem.

In this case, the problem is not that the Russians want to meddle in American elections; the problem is that apparently we do not have adequate counter-measures to stop them.

There is no question that we have equal or better offensive capabilities than our adversaries. We need to put more effort into having better defensive capabilities – cyber defenses in the Digital Environment. And, we should stop complaining about others, like Russia, doing what we’re doing. Just be quiet and don’t let it happen.

The Digital Environment

The Digital Environment is exploding exponentially in terms of its breadth and capabilities, and will continue to do so (I touched upon this in my article on “Changing Technology “).

Our lives are becoming increasingly dependent on the health and security of the Digital Environment.

Automation, machine learning, artificial intelligence, the Internet-of-Things (IoT), and many other advances bring tremendous opportunities…and also tremendous challenges to the Digital Environment.

Today the push is to protect privacy in the Digital Environment. That’s all well and good. However, we need to do a lot more in optimizing the security of the Digital Environment for Americans, not just privacy.

When governments collaborate with criminal hackers, such as mentioned above, it allows the governments to distance themselves from the direct perpetrators. This makes it more and more difficult to pinpoint the blame…and to point the finger at them.

We need to lock the barn door before the horse leaves, not point fingers afterwards.

On other topics…

  • REMEMBER – KNOWLEDGE IS POWER. GET OUT AND VOTE…for or against the Bond Issue and for candidates.
  • Congratulations to my friend and former mayor, Essie Bellfield, for being recognized once again for her contributions to Orange. Salem UMC is naming an education building after Ms. Bellfield, a longtime member of the congregation.
  • My next article will address strategies being discussed and put into place at the national level in the Digital Environment to add more security for Americans and our allies.

 

David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info.

Problems cannot be solved…

Problems cannot be solved…

Dave Derosier

…without breaking them down into issues.

Like so many other things in life, problem solving activities have an “80-20 Rule”. To correctly address problems, spend 80% on your time on the problem and 20% of your time on the solution. Most people do it the other way around.

Picture this, a business meeting where it is announced that, “Sales are down and the company is losing money”. Immediately someone in the group says, “We need to increase sales.” The group agrees and they go ahead with efforts to do that, happy that it was so easy to solve the problem.

Do you think that was a good way to solve the problem?

The folks at this meeting jumped on a knee-jerk reaction and then implemented it. Like most people they spent all of their time on the solution. “We need to increase sales.”

If they had spent more time on the problem, they might have found out that their selling costs were so high that they lost money on every sale. Increasing sales would just increase the losses!

The first step in addressing problems is to answer the question, WHAT IS THE PROBLEM?

In this case, what they thought was the problem, “sales are down”, was not the problem at all. The real problem was that they were losing money.

Problem diagnosis requires getting from the “simple why” (often just a symptom) to the “real why”. The real why searches out the causes of a problem. These causes usually go beyond technical reasons. Causes are best found by the repeated asking of “why” as we dig deeper and deeper into a problem.

Problem diagnosis means seeking answers to factors that could have affected or contributed to the problem. For example:  When does the problem occur? Where does it occur? Who is involved in the problem? Are the people involved carefully selected, trained, and motivated? What equipment and facilities are involved? What events or conditions are connected to the problem? What were the hints of an impending problem? What calamities, crises, and/or unusual events may be contributing?

Solving problemsThe answers to these real why’s are the issues (factors) surrounding a problem. Not all issues contribute to the problem and some don’t need to be addressed, but always assume that there can be multiple contributing issues do contribute to the problem.

Determine any constraints you may have for solutions (like the cost, legality, etc.), then analyze the issues, and come up with possible solutions. Evaluate each possible solution and select one or more. Develop a plan and implement it. Problem solved.

Remember that fixing a symptom doesn’t cure the problem. For example, an offer of a ride from a neighbor doesn’t solve the real problem of a vehicle not starting in the morning. Another example would be failing grades at school – that’s a symptom; the problem is kids not learning.

All of these steps work on addressing bigger complex problems, like failing school grades, or choosing a new job, or a business that’s losing money. But what about the small simple problems? What can we do to simplify finding solutions? There are many “shortcuts” that can be used.

Everyday Techniques like these are simple:

  • Pros and Cons: Listing the advantages and disadvantages of each option, popularized by Plato and Benjamin Franklin.
  • Simple Prioritization: Choosing the alternative with the highest probability-weighted utility for each alternative.
  • Satisfying: using the first acceptable option found.
  • Acquiesce to a person in authority or an “expert”, just following orders.
  • Flipism: Flipping a coin, cutting a deck of playing cards, and other random or coincidence methods

…and of course, prayer, tarot cards, astrology, revelation, or similar methods.

One other thing to remember in problem solving – learn to differentiate between a PROBLEM and a FACT OF LIFE. “My mother has Alzheimer’s” is a fact of life. There are no solutions to facts of life, learn to adapt yourself and move on. When you encounter a fact of life, treating it like a problem will make you miserable as you search and try fruitless solutions.

On the other hand, “my mother has Alzheimer’s and she is going to need constant care” is a problem for which problem solving is needed.

I hope this brief exercise helped a lot of you in addressing problems at home or at work, even at play. In future columns I will be making references to some of these tools in addressing some big issues. Please stay tuned in.

David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info

This article was first published in The Orange Leader on 10 October 2018.

Knowledge is Power

Knowledge is Power

Dave DerosierMy last post departed a little from the usual technology topics, although it did stay with the principal theme of trust.

I wrote about the grades that were earned by West Orange-Cove CISD (WOCCISD) from the State of Texas. Just like the schools give out grades based on student performance, the State gives out grades based on school performance. Ten out of 11 subjects got “F” grades.

The purpose of the article was to shed light on how the WOCCISD schools are doing. Not enough people know that the schools themselves get grades from the State, even fewer know how bad the grades really are. An awful lot of comments on social media were like, “I knew there were problems but I didn’t know it was that bad”; others were in denial, making excuses for the poor performance; others took the words personally and were offended that their kids were being labeled as bad learners.

Now they know, and knowledge is power.

The article was successful in that people started talking about subjects that were not so public a few weeks ago. Dialogue is spreading – both pro and con. That was the intent of shedding some light on the subject matter.

With new knowledge, hopefully more people will go to WOCCISD meetings and participate. Ask questions, share your opinions. If light can be shed on all these failing grades then the public stakeholders – parents and taxpayers – can choose whether or not to accept it or demand change.

The power is in the people.

For at least the last 10 years WOCCISD schools have been on the State’s “List of Worst Schools in Texas”. It could go back further but I stopped downloading the documents at 2006.

We can’t blame hurricanes for more than a decade of poor performance, nor can we put full blame on the current administration that has only been at the helm since 2015.

Kudos to the Orange Leader for providing a public forum in which this and other critical community issues can be brought to light and debated by the public. Also to Facebook and other social media for the forums in which a lot of that debate occurs today.

Is WOCCISD alone?

Not really. Beaumont ISD had problems and the state stepped in and took over.

Last May, ten people were killed and 13 wounded in a shooting spree at Santa Fe High School, south of Houston. Like WOCCISD, Santa Fe ISD was not technically rated by TEA for the 2017-18 school year after applying for an exemption due to Hurricane Harvey, if they had been rated, they would have received an “F.”

A Houston paper reported that family members of Santa Fe victims admonished the school board last week for the district’s poor academic performance on the Texas Education Agency’s Accountability Rating System.

“ ’What this tells me is Santa Fe is not providing an environment conducive to education; it’s providing just the opposite,’ said Steve Perkins, whose wife, Ann, a substitute teacher, was killed in the Santa Fe High School shooting. Many of those at the meeting wore T-shirts emblazoned with the letter ‘F’, for the failures reported by TEA grades for the district.”

Santa Fe failed four out of the eleven subjects mentioned in my last article. Compare that to ten out of 11 failures for WOCCISD and yet parents are not attending school board meetings and not speaking up which they have a right to.

Who cares?

According to minutes, in the last year only one outside person has taken the opportunity to present their opinion at a school board meeting, that person was Larry Spears, the Mayor of Orange.

Any presentations to the board are supposed to be recorded in the minutes of the meeting. However, it is not always an easy thing to find because, on average since the beginning of 2017, it took 5 months (147 days) before the minutes were presented to the board and approved. For example, the minutes of the November 17th 2017 meeting were on the agenda for the September 24th 2018 board meeting – nine months after the meeting happened.

You, the parents and taxpayers, have the right to speak out at the Board meetings. Go and exercise your rights. As citizens, you also have the right to vote in WOCCISD elections. Go and exercise your rights.

Knowledge is PowerYou also have the right to remain silent…and accept the status quo.

How will YOU vote for the $25 million bond issue? Where are YOUR priorities? What’s important to you as a parent, and/or a taxpayer? Early voting starts in just a few weeks on October 22nd.

Knowledge is power – exercise your rights.

David Derosier consults with small business on planning and marketing issues, and provides web design and hosting services through OhainWEB.com, an accredited business with the Better Business Bureau that is rated A+ by BBB. He can be reached at JDAVID@Strategy-Planning.info

Originally published in the Orange Leader on Wednesday September 26th 2018.