Saturday, May 31, 2008

When the sock comes off the sock puppet

http://www.adelaide.indymedia.org.au/usermedia/image/5/sock_puppet.jpg
Is my IP address showing?

Clerical error exposes Google as anonymous eBay critic
The Australian competition watchdog has accidentally revealed Google as the anonymous source of a submission that is highly critical of eBay's proposal to force its users onto the PayPal payments system.


If a company adopts a business practice that unfairly penalizes your company, just say so. Don't use sock puppets, it is just plain embarrassing, especially if you are a technology company.

Thursday, May 29, 2008

The other Alice Marshall

fuzzco
We’ve recently launched AliceMarshall.com, the site and accompanying newsroom of a sophisticated PR firm in New York City. The main site showcases the firm’s clientèle giving interesting and thoughtful descriptions to go along with “Go Ask Alice”- a special feature offering insider tips to the savvy traveler/consumer.


Go ask Alice; I wish I had thought of that.

Friday, May 23, 2008

Social media as collaboration

Chris Dorobek
I think blogs are part of of the collaborative landscape because they start a conversation -- a conversation among many different parties in a transparent way that can be transformative. My general take with blogs is that they are simply a step in this process. I don't think they are an end in and of themselves, but...they are a step. Frankly, I'm not sure they will be around in five or 10 years, but they are an important part in transforming the way we share information. After all, blogs are the great leveler. And I'll go back to Sun CEO Jonathan Schwartz's point -- suddenly, one can share information across a much broader platform -- very easily. Anybody and everybody can be a publisher. And blogs are transparent. You share the same information with your boss, with your employees, with your partners, with your competitors, with your overseers. It is a big step is the notion that all of us are smarter then any one of us. And, for government, it is an enormous step in transparency, communication and openness.

Blogs can also start a conversation. With any luck, blogs can generate comments -- wisdom of the crowds.


I think business and civil service blogosphere will continue to grow. Social media will become, is becoming, a subset of PR and marketing, and will be so common we will take it for granted. Personal blogs may start to drift away. It is difficult to keep something up if you are not paid for it.

Why there aren't more women in technology

Because every time a woman rises to a position of prominence, however minor, a bunch of mean kids begin to harass her, and those who could take action do nothing. It is a shame, are real shame.

Tuesday, May 20, 2008

New to me legal tech blogs

Litigation Support Industry: Business News and Information Blog: Business information about the litigation support and electronic discovery industry. Including acquisitions & mergers, funding news, significant business successes, new alliances, product announcements and relative links. Please feel free to forward news worthy information to Brad Jenkins

The eDiscovery Paradigm Shift: The rapid increase in the volume of Electronically Stored Information (ESI) has dramatically changed the fabric of the litigation lifecyle and caused a subsequent paradigm shift in eDiscovery and Computer Forensics. This Blog is dediciated to providing a forum to discuss all of the evolving best practices and new technologies that are emerging in an effort to support this new paradigm.


Florida E-Discovery
: The state of electronic discovery in Florida.

Friday, May 16, 2008

Chris Dorobek at the Social Media Club

Chris Dorobek spoke at the Social Media Club last night about the use of social media by federal agencies He said that while adoption is slow, and the civil service is doubly risk averse in an election year, some agencies were moving forward.

Dorobek said it was better to talk about collaborations tools rather than social media. The more I think about this, the more I think he is correct. Social media, social networking, Web 2.0, are scary terms. Collaboration is a familiar term in government circles, and it really the point of social media. Rather than trying to explain that social media is a good thing because it promotes collaboration, it would be better to talk about collaboration tools.

Edit -
Dorobek has his own take on the event.
East Coast Blogging has the video.

Calling all Windows IT Pros: what would you do about the White House email?

Windows IT Pro has an excellent overview of the controversy surrounding the White House email system, filled with links for those who have only just joined the story. They conclude the article with an appeal to their readers:
At Windows IT Pro, we publish articles and information about products regularly for systems administrators concerned about staying compliant with a myriad of laws concerning email retention. Exchange administrators: What are your thoughts on the White House's archiving process? Do you have any advice for how they could do better? We want to hear from you!


I will be interested to see what they get. I am not persuaded that we are dealing with a technical problem, but I look forward to reading about the technical solutions.

Edit -
CatabBlog has some thoughts about the case.

Wednesday, May 14, 2008

e-discovery blogs and wikis

Via E-Evidence Information Center:

BLOGS

Windows Incident Response
Harlan Carvey

int for(ensic) {blog}
Andreas Schuster

Computer Forensics Blog
Jamie Morris

Computer Forensics/E-Discovery Tips/Tricks and Information
Mark McKinnon

Computer Forensics, Malware Analysis & Digital Investigations
Lance Mueller

Forensic Incident Response
Hogfly

Didier Stevens on Forensics
UserAssist Research

8 bits Forensishc [in Dutch]
Use Google Translate to view

A Day in the Life of an Information Security Investigator
Chief

Oracle Forensics
Paul M. Wright

Computer Forensics and Incident Response
Bill

Forensic Pagefile
Not much yet; hopefully...

Forensic Computing
Mike Murr

Ride the Lightninng
Sharon Nelson

http://geschonneck.com
Alexander Geschonneck

Forensic.Secure.Net
Mariusz Burdach

MySecured.com Blog
Marwan Al-Zarouni and Salvatore Fiorillo

Volatility - Volatile memory analysis research
AAron Walters

World of Replicants
Bill Ethridge

A Geek Raised by Wolves
Jesse Kornblum

Andrew Hay’s Blog
Check out the 'Suggested Blog Reading'

e-Discovery Team
Ralph Posey

Electronic Discovery and Evidence
Michael Arkfield

Cyb3rCrim3
Susan Brenner

Network Observations/Security Forensics
Network Instruments

WIKIS

Forensics Wiki
Created by Simson Garfinkel

Computer forensics
From Wikipedia

Sanderson Forensics/Digital-Detective
Registration Required

[Computer] Forensics
From SecuriWiki

New to me local legal tech blog

EDD Blog Online, An insiders look into the ever evolving landscape of legal discovery to include but not limited to computer forensics, electronic discovery, email archiving, online review and proactive management.

Added to the Tech on the Potomac RSS reader.

How to place an opinion piece in the newspaper

Yesterday I went to a very interesting workshop put on by the Federal Communicators Network and sponsored by the local chapter of the IABC.

My main take is that while it is difficult to place a piece in the Washington Post, WSJ, and the LA Times, the NYT is invitation only. It seems you are better advised to try for an editorial briefing, or cultivating a relationship with a syndicated columnist.

Interestingly enough, editors are not very interested in hearing form parties to high profile litigation. They would rather hear from policy experts who can examine the larger issues involved. Clearly it pays to cultivate your relationships with think tanks and academics. So much of public relations has nothing to do with media relations.

A state of wealth destruction

That is how George Soros characterized our economy in his interview on the NewsHour. Judging from the interview, Soros shares my view that regulations exist for a reason and that regulatory authorities need to be willing to act. In particular, they need to enforce margin requirements in the early stages of a bubble.

Soros has a new book out, The New Paradigm for Financial Markets: The Credit Crisis of 2008 and What It Means. It sounds promising. His book, Age of Fallibility: Consequences of the War on Terror, is well worth reading.

Tuesday, May 13, 2008

How to persuade corporate management to fund an electronic records management system

Bill Neale, of IBM Enterprise Content Management, presented to NCC-AIIM May Meeting. Neale is on the AIIM board of directors and represents AIIM at the International Standards Organization.

Neale opened with some general observations about records and the virtues of an automated records management system. He spoke about the risk of keeping records you don’t need as well as failing to comply with records management laws (probably not necessary for a Washington audience, here in the land of investigation, litigation, and e-discovery).

According to Cohasset Associates, 90% of records are born electronically. Obviously, as much as possible, it is preferable to keep them in electronic format, rather than on paper.

65% of all of an enterprise’s information is subject to records retention requirements. 50% of records are retained longer than legally required. Neale pointed out that what is retained is legally “discoverable,” which is why it is wise to destroy records once the legal requirement for their preservation has expired. The NCC AIIM audience understood this instantly, because so many of its members work as government contractors.

Neale observed that in order to achieve compliance, an enterprise has to establish controls, reports, and a documentation process. Once procedures have been established, the enterprise must be able to prove compliance. Keep in mind that records management is a continuing process; systems must be acquired with the thought of future migrations in mind. Will the software be available? Are the storage media appropriate for long term records?

I asked about open source systems, where the buyer would have the source code, and whether this was an important consideration in purchasing a records management system. Neale agreed that access to the source code was a consideration in acquiring a system.

He gave a list of the different kinds of required compliance:
Sarbanes Oxley (Sox)
Turnbull
Tabaksblat/a>
Basel II
CFR 21 Part 11
The Patriot Act
The Freedom of Information Act
Personal Information Protection and Electronic Documents Act
HIPAA
Operational Risk Management

Neale pointed out that a good automated records management system would record the metadata in a manner that would be invisible to end users. A document’s metadata tags would be automatically attached without special effort by the end user. Metadata would enable businesses to monitor and analyze business processes.

He reminded the audience of the obvious; good policies are not enough. Policies must be communicated through good training and properly enforced.

Manual systems are unsatisfactory, because business workers make mistakes, so that information is not captured and cannot be audited. There is also a significant loss of worker productivity. Neale emphasized that records managers making a business case for an automated system need to include these costs when they go to management.

Neale reviewed the results of an ARMA study on the return on investment of an automated system:
  • compliance
  • the relationship between collaboration, document management, and electronic records
  • the relationship between message archiving and electronic records
  • the role of electronic records in Web Content Management implementations
  • collaboration between records management, IT, legal, and business professionals

He emphasized that records appear across the enterprise: statements, asset management, loan documents, and other kinds of transaction documents. For meeting the demands of tracking an ever increasing volume of documents, Neale observed that automation was the obvious, cost effective, choice. Records managers need to emphasize the negative and the positive, the risk of litigation, and the positive of improved business intelligence. In his presentation, Neale spoke only of the possible civil liabilities and loss of corporate reputation. I will add the obvious, in some cases, failure to comply carries criminal penalties. Your corporation will pay a hefty fine, but if you are a CEO, CFO, or here in Washington, an agency director, you could be looking at jail time. Something to keep in mind.

An automated records system can create a workflow from a single metadata tag. For example, the date tag could create a report for records destruction five, seven, or ten years hence, depending upon your state and the legal requirements for records retention. Almost all records should be destroyed. A few, such as articles of incorporation, must be kept for the life of the enterprise, but most should be destroyed. Storage costs money; destroying expired records saves money.

Neale reviewed a series of slides that documented the soaring cost of manual records management as the number of employees and the number of records generated grows.

Monday, May 12, 2008

Don't touch my Mac

A burglary victim helped police catch suspected thieves by logging on to her Mac remotely and snapping photos with its Webcam.

Remote access and a Webcam helped police catch two people suspected of stealing a laptop.

Thieves stole a Westchester, N.Y., woman's laptop and then accessed the Internet with the stolen computer, according to a report in The Journal News. A friend of the victim was online and noticed that it appeared the victim was logged onto the Internet. The friend called the victim to ask if that was the case. The victim, an Apple Store employee, was not online.

She logged on to her computer remotely using the Back to My Mac program. She discovered that someone was shopping online with her computer, police said. She activated the Webcam and waited for the suspects to appear in front of the monitor. The victim snapped photos of the suspects and turned them over to the White Plains Police Department.


Of course simple masking tape over the camera lense would defeat this, but still.

The humble press release, alive and well

The Evolution of the Press Release
Over the course of the last several months, BusinessWire and PRNewswire have consistently ranked in the top 100 sources for news in Techmeme's Leaderboard.

And, according to a recent Outsell study, over 51% of IT professionals reported that they get their news from press releases in Yahoo and Google news over trade journals.


Maybe the boring press release isn't so boring, maybe editors should take a second look.

Friday, May 09, 2008

Because sometimes bad press happens

eWeek’s Channel Insider blog -

The news release in question came from a company called PressReleasePros.com, which is pitching a way of using Search Engine Optimization (SEO) "to bury negative blog postings" about a client's company. So if your company has been the object of ridicule by a blogger, or perhaps deserved criticism, the brain trust at PressReleasePros.com is presumably going to show you how to prevent people from finding those blog entries.


Sometimes you get bad press and negative posts. Sometimes it is because your company messed up and deserved it; sometimes it’s because someone has an ax to grind. In either case it is possible to improve the results, and putting out press releases on one of the established wire services is PART of the solution.

The first rule of social media is to make friends before you need them. That is why I encourage employee blogging. The collective power of your employee’s blogs will give you a cushion when bad news breaks.

You should also encourage your subcontractors to blog and link to their blogs from your corporate site. That will create a constellation within blogosphere that revolves around your company.

When bad news breaks you should begin by addressing the basics of corporate reputation repair: acknowledge the problem and address the public's legitimate concern, and take corrective action. Without the basics, nothing else will work.

Having addressed the basic issue, putting out favorable press releases on wire services will give your search results a bump. Don’t instruct your employee bloggers to link to those press releases (that will just make their blogs boring and no one will read them) but make sure your employees know about them.

Employees should be encouraged to use social tagging sites such as del.icio.us to tag positive news stories (stories running in actual news publications rather than press releases on wire services) in order to give them a bump. The purpose of this is not merely to increase the visibility of such stories to search engines, but also to give a bump in page views for the reporter and publication concerned. Publications will be more likely to write about your company if they know they can attract additional reader traffic.

Wednesday, May 07, 2008

Linking federal IT professionals

Federal Information Management alerts us to the establishment of the LinkedIN Federal IT Group and eGov Community.

Public Relations and the Fourth Amendment

Fourth Amendment
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.


Internet Archive founder breaks gag order, detailing FBI's secret demand for user's personal information and the resulting lawsuit challenging the subpoena
The U.S. Federal Bureau of Investigation has withdrawn a secret demand that the Internet Archive, an online library, provide the agency with a user's personal information after the Web site challenged the records request in court.

The FBI sent a national security letter, or NSL, to the Internet Archive in November and included a gag order barring site founder Brewster Kahle from talking to anyone other than his lawyers about the request. Kahle, the Electronic Frontier Foundation (EFF), and the American Civil Liberties Union (ACLU) filed a lawsuit to challenge the subpoena, arguing that the NSL program is unconstitutional, and the FBI withdrew the NSL on April 22.

The settlement between the FBI and the Internet Archive allowed Kahle to break the gag order, a standard part of an NSL request. The Internet Archive's challenge of the NSL is only the third case that the ACLU is aware of in which an NSL has been challenged in court, said Melissa Goodman an attorney for the civil liberties group's National Security Project.


Resisting a request for information from the federal government is an extremely serious matter. In general I would advise against it in the strongest possible terms. However, there comes a time when it is painfully obvious that the government is abusing its power. Others, more gifted that I, will speak to the political, constitutional, and moral, aspects, of this case. I will confine myself to the PR of such resistance. By this act, the Internet Archive has established itself as the faithful keeper of information and its proper use. It's conduct stands in stark contrast to the shameful conduct of Telecommunications companies.

Peabody and Sherman would be proud.

Great moments in asset tracking

US State Department loses a lot of laptops
It has surfaced that the US State Department can't account for up to about 1,000 laptops, perhaps as many as 400 of which belonged to the department's Anti-Terrorism Assistance Program. ...

Internal auditors found that the department lost track of US$30 million worth of computer equipment, "the vast majority of which... perhaps as much as 99 percent," were laptops, according to one official.


So what are the procedures on asset tracking at the State Department?

Streamlining Java EE Development

Northern Virginia Java Users Group Meeting, May 14, 2008
If you've ever had to sit through a five minute build/deploy cycle to test a one-line code change, or wait several days for a schema change before you could move forward with new development, here are some techniques for streamlining Java EE development you're sure to appreciate. This presentation will show how to leverage design patterns and some of the built-in capabilities of modern IDEs to help eliminate annoying delays while improving the flexibility and testability of your application.

Speaker:

Jonathan Lehr is President of About Objects, Inc., a Reston, Virginia firm that specializes in Java EE, Alfresco ECM, and Cocoa training and consulting. He is the coauthor of two books on J2EE web frameworks, Jakarta Pitfalls (Wiley), and Mastering JavaServer Faces (Wiley), and has been a speaker at ApacheCon and No Fluff Just Stuff. Jonathan is also the founder and lead architect of the Semblance Project (https://semblance.dev.java.net ) which houses the StrutsLive framework as well as a number of other useful Java EE components. StrutsLive has been used by consulting companies such as Booz Allen Hamilton, Sapient Corp., and MarketLive to develop major, production B2B and B2C websites, including http://www.theshoppingchannel.com , http://www.enbridge.com, http://www.armaniexchange.com, and many others.


Location:

Freddie Mac
Permanent Home Office (PHO I)
8200 Jones Branch Drive
McLean, VA 22102-3110

Tuesday, May 06, 2008

Electronic Communications Preservation Act

Bill targets messy e-records
A bill introduced by House Democrats would preserve e-mail messages whose loss could create gaps in the country’s historical record and leave agencies vulnerable to legal actions, some policy observers say.

The legislation introduced last month would require federal agencies to preserve electronic communications in an electronic format and put the National Archives and Records Administration in charge of overseeing compliance.


Putting NARA in charge of records administration is the key to preventing the fox from guarding the hen house.

Joe TechBlogReader

CMS Wire has an interesting analysis on who reads tech blogs. It mirrors the results of my own informal and very unscientific poll. Of the tiny sample who responded, 30% said they don't read any blogs. Of those who read blogs, the most popular ones, in descending order, were:
Slashdot
Tech Crunch
Joel on Software
Java Ranch
Scobleizer
Read/Write Web
Boing Boing
Jeff Atwood
Scott Hanselman
InfoQ
The Server Side
Sramana Mitra on Strategy
WebbAlert
Geeking with Greg
SiliconAlley not sure of the URL
Presto Vivace
raibledesigns.com
Altima not sure of the URL
arstechnica

Business you should never bid on

FBI raids special counsel's office
Investigators say Bloch is suspected of hiring an outside company to scrub his computer amid a federal investigation of alleged misconduct in his office.


He hired an outside company because there isn't a civil servant in the entire federal government dumb enough to go to jail for Bloch. The private company which did this has a name, I have no doubt we will be learning its name in the near future.

This is a great time to be in e-discovery and records management, because the investigations into this maladministration will produce business for years to come.

It is also a good time to be a government IT reporter, because one else will have the unique combination of knowledge or politics, the civil service, and technology that will make it possible to tell these stories. Entire careers are going to be made out of this.

Edit -

The Legal Times and Project on Government Oversight comment.

Edit ii
FireDogLake: The Bloch Raid: A Mafia Turf War?

Saturday, May 03, 2008

Mysteries of RSS

I have put my collection of local tech, PR, and marketing blogs Blogdigger and Technorati. Both feeds are supposed to have most recent posts float to the top. So why are there different results?

Tech on the Potomac Blogdigger edition

Tech on the Potomac Technorati edition

Why do they currently have different posts floating to the top? And why are some blogs favored over others? Clearly it has something to do with their RSS feeds; but what?

For my process improvement readers

The Agile Edge
An intense, one day Agile education event that will provide attendees a world class framework for breakthrough performance and organizational transformation.
May 22nd in McLean, Virginia

Thursday, May 01, 2008

Local .Net and SQL user groups

.net DEvHammer

Are you looking for a .NET or SQL Server User Group? I'm hoping to make your task a little easier by adding a handy user group map to my blog. If you go to the homepage of my blog, and look in the section entitled "My Stuff," you'll find a new widget containing a Virtual Earth map of the active .NET and SQL Server user groups in the Mid-Atlantic area (if I missed yours, don't fret, just drop me a note, and I'll add you). If you click on the Expand link, it'll enlarge the map for better readability. You can also see the map in a larger size here.