This week in updated military netcentric terminology: "Common operating picture" is out. "User-oriented picture" is in.

“The user is the one who knows what they need,” said Cheryl Roby, deputy assistant secretary of defense for resources. Roby spoke Thursday at the annual Program Executive Office Enterprise Information Systems industry day in Bethesda, Md.

Getting all four services to pool their tactical information so warfighters can have a single identical display of relevant data has been a longstanding goal of netcentric warfare -- the concept that the military should be faster, lighter and even more lethal, thanks to an information edge allowing troops to find and shoot enemies before they attack.

But missing from a common information picture is the notion that users should have access to the information that’s most relevant to them, Roby said. “They want to be able to tailor the information to their culture, their experience, their situation, and dictating by saying ‘Here’s the picture’ is not the way we want to operate in this netcentric culture,” she added.

Also on the outs should be the word "joint", Roby said. Once upon a time, “jointness” between the four services was quite the buzzword around the Pentagon, but it fails to encapsulate the breadth of U.S. military operations, Roby said. For one thing, there’s the rest of the federal government. Then there’s the allies we would work with on military or humanitarian missions. “Then we finally realized there’s a whole world out there,” Roby said. The word that sums it up? "Enterprise."

Being a civil servant is a calling. But keep in mind that no matter how bad it might get, it’s often much worse in the private sector.

Consider what electronic retailer Circuit City is doing. Here's what the San Diego Union Tribune reported this week:

Circuit City said yesterday [March 28] that it had fired 3,400 [about 8 percent] of its highest-paid sales staff and will replace them with lower-paid workers. … The fired workers will receive severance packages and a chance to apply for lower-paying positions after a 10-week delay, said the 655-store electronics chain based in Richmond, Va.

Writes an indignant, anonymous reader of Slashdot: “So: work hard, become the best in your field, and get fired so they can offer you a new job 10 weeks later at a lower salary.”

After nearly two decades at the General Services Administration, culminating in his current stint as acting senior procurement executive and acting director of acquisition policy, Roger Waldron is leaving the agency for private practice. He's the latest in a series of senior exectives to leave the agency this year.

Waldron will be joining the government contracts practice at Mayer, Brown, Rowe & Maw, LLP beginning May 1. He has yet to set a day for his departure from GSA. During his career, Waldron has served as director of the Acquisition Management Center in the Office of Acquisition at GSA's Federal Supply Service and as the agency's counsel.

Google’s ballyhooed venture into Web applications may be suffering a setback.

As InfoWorld has been reporting, Google’s premium online application suite has suffered three significant downtime failures in March.

“Google is having problems keeping its uptime pledge to some paying customers of its Google Apps suite of hosted services, throwing into question the company's ability to offer guaranteed levels of application reliability,” reports InfoWorld’s Juan Carlos Perez.

Information Week reported earlier this month that the FAA might skip a Windows upgrade in favor of Google Web Apps.

In response to a Tech Insider request, Google said they apologized for any inconvenience they may have caused. "While only a small portion of users of Google Apps have been affected, we understand the trust that all of our users place in us by using this service for critical business functions. We are absolutely focused on providing extremely high levels of availability for all users,” said company spokesman Emmanuel Evita.

NASA has announced the winners of its Solutions For Enterprise-Wide Procurement (SEWP) IV governmentwide acquisition contracts. A total of 37 companies made the cut, including 23 small businesses, seven of which are certified as owned by disabled veterans.We'll have more on this tomorrow. In the meantime, see Robert Brodsky's story from last week for full background on the awards.

The United States Patent and Trademark Office is trying out a program to speed up the time it takes to issue a patent.

The Commerce Department agency announced earlier this month that it issued its first patent under an accelerated examination program that began in August 2006.

“In return for cutting the time to obtain a patent decision by 25-75%, the agency asks the applicant for a better application and process. Inventors who want speedy results can get them, so long as they help improve the process,” the PTO notes.

The first patent under the expedited process was issued to Brother International, Ltd, for a printer ink gauge, on March 13. “Average review time for applications in the ink cartridge technology area is 25.4 months. This patent issued in 6 months, a time savings of 18 months for the patent holder,” says the PTO announcement.

Under the expedited process, “applicants are required to provide specific information, known as an examiner support document, so that review of the application can be completed rapidly and accurately. In return, the USPTO issues a final decision by the examiner within 12 months on whether their application for a patent will be granted or denied. …Applicants' submissions enjoy a presumption of patentability.”

(Hat tip: Slashdot)

What's the future of federal IT spending? According to market research firm INPUT, a couple of lean years followed by a steeper growth curve. Overall, agencies' spending will grow 5 percent annually from $79 billion in 2007 to $102 billion by 2012, according to INPUT forecasters. But most of the growth will be back-loaded. This year and next, the firm's market researchers say, spending will be sluggish due to appropriations delays and ongoing disagreements between President Bush and the Democratic-controlled Congress.

Every Thursday, Tech Insider brings computing tips and basic computing info you can put to use right away.

This week: introducing and remembering the OSI Model.

OSI is short for Open Systems Interconnection and is the basic reference for discussing how the Internet works; anybody who uses the Web should at least be aware of it.

Think of the Internet as a seven-layered cake (as opposed to, say, a "series of tubes"). At the bottom layer are the actual physical things enabling your connection -- wires and such.

At the very top are the protocols for things like e-mail and the Web; this is known as the application layer. These applications are not the same as applications as you probably think of them normally, things like Microsoft Word or Excel. (Computer scientists have an annoying predilection for using the same name to describe multiple things.)

Anyway, in between the applications and the physical layer are five other very important sections; from top to bottom, the layers are as follows: presentation, session, transport, network, and data link. Read more about them here.

How do you make all these layers stick in your mind? Try this handy mnemonic device:

How’s it work? Easy: Physical, Data link, Network, Transport, Session, Presentation, Application.

For a more detailed look at networking basics, see this Cisco paper.

What if the next time the government must meet a sudden upsurge in Internet capacity (say after another hurricane or during the next war), it can send an entire data center contained within a 20-foot data shipping container?

Microsoft architect James Hamilton says it can be done.

He proposes that chilled-water cooled servers packed into durable shipping containers could act as a self-contained data center with enough redundancy to last three to five years.

Hamilton says the impetus for the creation of such units will be not so much emergency response as the emerging popularity of software as a service. But he notes that shipping data centers whole would be an enormously agile solution to sudden scaling needs. It would also cut down on administrative costs and eliminate system outages caused by human error. For an ever-thrifty federal government, they may be worth investigating.

(Hat tip: Geeking With Greg.)

Before his trial started, indicted ex-Qwest head Joseph Nacchio indicated his defense against insider trading charges was going to rest on possibly classified information. Nacchio is on trial for 42 counts of insider trading in Denver federal court. The former chief executive officer sold $100.8 million worth of Qwest stock in 2001 just before the company's shares dropped.

Now former Qwest Chief Financial Officer Robin R. Szeliga has given jurors a hint about Joe’s Big Secret: fiber optics.

As AP reports:

At a time when Qwest faced challenges in meeting 2001 financial targets, Joseph P. Nacchio, then its chief executive, described the government’s need for fiber optic network capacity and hoped the company would win lucrative contracts to meet that demand, a former Qwest finance chief testified Tuesday.

She said Mr. Nacchio told her that he could not explain because the information was classified, but that he had access to it through his membership on a government telecommunications panel. A defense lawyer, Herbert J. Stern, described the government’s capacity need as “mind-blowing, mind-boggling.”

One reason, of course, why Qwest's stock plummeted was its overexpansion into fiber optics.

Computer manufacturer Dell will offer preinstalled Linux on desktops and laptop computers, according to two corporate spokesmen.

As we’ve blogged before, some federal agencies are reportedly thinking about skipping Windows Vista in favor of open source operating systems.

Dell spokesmen David Lord and Dean Kline didn’t offer many specifics, other than to say that Dell “will preinstall Linux on certain systems in the future.” Linux has multiple versions (called distros), making it tough for manufacturers to pick and support Linux.

“There are quite a lot of offerings out there, we can’t cover all of them, but we do want to make sure that we want to cover the largest part of the market,” Lord told Tech Insider. Linux users are predisposed to find their support within the open source community anyway, the Dell spokesmen said.

A Wednesday posting on Dell’s corporate blog offers some particulars on how the company plans to roll out Linux, a least on the computers Dell ships with no pre-installed operating system:

For device types where a choice exists between a component with a non-Free driver and one with Free driver availability, in our Linux offering we'll opt to bundle the component with the Free driver. Wireless network adapters is one such example; Printers are another. We recommend Linux users buy our printers which have PostScript engines in them, as opposed to those which don't and for which no Linux drivers are yet available. The Tech Specs tab for each printer on Dell.com show if it has PostScript or not.

The news is just not getting any better on Veterans Affairs data security. AP reports that an inspector general audit shows that the VA can't account for more than $35 million spent on equipment and supplies under a security contract awarded in 2002 to VAST, a Texas joint venture. VA officials increased the scope of the contract several times, boosting its value from about $100 million to a potential $250 million -- turning it into an "open checkbook," the IG reported. Click here to see the full audit, which was issued in February and first reported by McClatchy newspapers this week.

If your agency has implemented a malicious code security policy based on restricting certain URLs, it's probably not going to work. At least that's the conclusion you could draw from a new study issued by Finjan, a San Jose, Calif.-based cybersecurity company.

In an analysis of Web traffic in the United Kingdom, Finjan found that 90 percent of Internet addresses containing embedded malicious code were located on servers located in the United States or United Kingdom -- not the wilds of Nigeria or Eastern Europe.

Also, malicious code “is just as likely to be accessed through legitimate Websites ... as through what might be considered disreputable Websites,” the study found. Most malicious code is embedded with advertisements on sites, the study says.

U.S. News and World Report's "News Desk" blog reports that in the wake of the U.S. attorneys firing scandal, many aides to President Bush have "stopped using the White House [e-mail] system except for purely professional correspondence." That sounds like a prudent practice, and one that they might have been well-advised to start using about six years ago.

Looks like long-awaited word on the award of the multibillion-dollar Networx federal telecommunications contract is finally coming. There will be an "announcement tomorrow morning" on the contract, according to the GSA press office.

The United States military is going on the offensive in the cyber war. The Defense Department has been quietly expanding its capacity to attack terrorist networks online, USA Today reports. The move represents a shift from simply monitoring terrorist websites to trying to shut them down. The Air Force Research Laboratory is spending $40 million over four years on contracts aimed at developing the military's ability to attack computer networks.

The Justice Department today sealed its first criminal conviction of a major defense contractor under a law that forbids companies to export sensitive military technology, and collecting a $100 million fine from the company for doing so, according to a Justice Department press release.

For violating the Arms Export Control Act, ITT Corp., a leading manufacturer of night-vision equipment for the U.S. military, will pay a $2 million fine, will forfeit $28 million to the federal government, and must pay an additional $50 million or invest that amount in research and development of new advanced night-vision technology. ITT also will pay a $20 million fine to the State Department.

The company was charged with sending classified technical specifications to night-goggle component manufacturers in Singapore, the People’s Republic of China and the United Kingdom. ITT also lost track of “numerous pieces of state-of-the-art night vision equipment” and then attempted to mislead the State Department, according to Justice.

As a result of the misleading statements, ITT paid an $8 million penalty in 2004, but did not admit any wrongdoing. This time, however, Justice says ITT will consent to a plea agreement to be filed in U.S. District Court in Roanoke, Va., in which company officials plead guilty to one count each of exporting defense articles without a license and omission of statements of material facts in arms exports reports.

U.S. attorneys argued that U.S. night-vision technology is superior to other nations' technology, giving it "an enormous advantage on the battlefield," and sending the technology overseas "threatens our national security in the most direct way." To read what advancements in night-vision-goggle technology that a U.S. company has made, click on "Night-Vision Goggles Now in Color."

Put on night vision goggles and the world goes green. For military medics, this can be a problem because the color of blood appears as the same color as water. But now new technology, developed by Tenebraex Corp., which has developed vision protection systems for the military since 1992, has developed night-vision goggles that display in color, The Boston Globe reports. The company wants to sell the goggles to the military for about $6,000 each.

The company produces the color by using a standard night-vision scope overlaid “with a pair of rotating filters that vary the intensity of light coming from different colored objects. The brain interprets these variations as differences in color, enabling the viewer to recognize red and blue objects obscured by the green glow of today's night scopes,” the Globe reports.

To see an image of the goggles (courtesy of The Boston Globe), click view image

Hat tip: Roland Piquepaille's Technology Trends

The General Services Administration will not issue an award today on the multi-billion-dollar governmentwide telecommunications contract, Networx, says a GSA spokesman.

GSA chief Lurita Doan said last week that GSA would award within "the next few days" the much anticipated contract, valued at between $20 billion and $50 billion.

In testimony she plans to give Wednesday morning before a House oversight committee, General Services Administration chief Laurita Doan lists her accomplishments in creating a more efficient agency and defends some of the controversial decisions she has made since taking over the agency, according to a copy of the testimony obtained by Tech Insider.

Rep. Henry Waxman, D-Calif., chairman of the House Oversight and Government Reform Committee, asked Doan to testify before the committee to answer allegations of mismanagement.

In the testimony, in which she calls herself "a woman of action," Doan says that she welcomes "this opportunity to set the record straight" and that "GSA has turned around and created a positive relationship with the Judiciary and the Defense Department." She also says she has "tightened all financial controls, instituted sound financial management and inspired federal employees to find better and more innovative ways to improve all out operations."

With regards to a controversial extension of a Sun Microsystems' contract, Doan says that much of the documentation is proprietary and protected, and she urges the committee to not make it public.

Doan also answers allegations that she undermined the GSA Office of Inspector General by cutting its budget increase, saying she was attempting to "bring a little sunshine to all GSA spending decisions" and to "strengthen the internal oversight of all spending in an effort to make sure that all decisions were cost efficient and duplicative operations were eliminated." She says that she was not trying to intrude on the IG's authority and independence, but improve management of the office's $47 million budget.

She says that the IG made spending decisions that seemed hard to justify and that there was a "complete breakdown in any oversight or review." She cites as examples the office's information technology program and its "unchecked and unaccountable human resource process responsible for promotions and the awarding of bonuses for SES employees."

Later in the statement Doan denies comparing IG employees to terrorists and says that she wants to change the "perception that the OIG fosters a hostile work environment."

On her attempt to award a sole-source contract for public relations services to a longtime friend, Doan says she "made a procedural mistake in my zealous efforts to promote small and disadvantaged businesses ...."

The federal government has given permission to Intel Corp. to build a $2.5 billion chip-manufacturing facility in China, the company's first large facility in Asia, the New York Times reports.

“Intel’s facility, which is scheduled to open in 2010, probably will not give away any big secrets,” the Times states. The facility “will produce only so-called chip sets, or chips that work to support microprocessors. Intel officials say they will not produce the company’s core technology here, the powerful microprocessing chips.”

The federal government regulates the export of advanced technology through the International Traffic in Arms Regulations.

Microsoft Corp. issued a warning that a specific Internet attack could be used to divert Web traffic through a malicious proxy server, InfoWorld reports.

Windows Server 2003 and Windows 2000 SP 4 servers that use a Microsoft protocol called Web Proxy Automatic Discovery for automatically locating a data file (Wpad.dat) that browsers use to locate the proxy server may be in danger, according to Microsoft, which posted on its support site how administrators can configure servers to avoid the problem.

Proxy servers are often used by organizations as gatekeeper devices to the Web to enforce content use policies.

In the latest string of stolen laptops, an Army laptop containing names, social security numbers, and payroll information was stolen from a privately owned car at Ft. Monroe, Va., according to a statement by the public affairs office for the U.S. Army Training and Doctrine Command.

The personal information for as many as 16,000 civilian employees at the command, located at Ft. Monroe, could be affected. The laptop was password protected and Army officials say no bank account or routing numbers were stored on the laptop. The command did not report on whether the laptop was encrypted or not. The Army plans to notify by letter the civilian employees whose personal information was on the laptop, the station reports.

With so many concerns about protecting privacy, it is surprising to learn that a Swedish Web site allows visitors to search for "the income and address of everyone living in Sweden," according to the Swedish English-language newspaper The Local.

Swedish tax authorities say they’ll crack down on the site, called Ratsit, The Local reports. The Swedish tax authority apparently sends the data to the site, and the information is “passed on to credit rating agencies, which [tax authority head Mats] Sjöstrand said have a legitimate interest in obtaining the information."

Anyone can anonymously request the income of any Swedish citizen by calling the tax authority, but "Sjöstrand did not indicate any plans to change this practice,” the article concludes.

Hat tip: Smart Mobs.

While so much is written about how government fails to deliver on IT projects, here comes an article from MSNBC that reminds us how government computer analysts hit the tourist jackpot. In the 1970s, the Mexican government assigned some of its computer analysts "to scour the coastline ... and pick a location with the ideal ratio of sun to sand to magnificent vistas," according to the site. The computer picked a "sleepy little dot of a fishing village," which would later grow into one of the most popular tourist destinations called Cancun.

It's no secret that government agencies and the contractors that work for them find it hard to attract young workers with information technology skills. Another reminder of just why appeared in an article in today's Washington Post.

The newspaper interviews Michael Gagnon, a 23-year-old George Mason University student who works at a Fairfax, Va., research lab, about job opportunities he is considering. Although the Post cites stats that show the Washington, D.C., area as a haven for IT workers, halfway through the article Gagnon talks about how he is likely to turn down the many software development and programming jobs he has been offered in Washington (the jobs "bore him," he says) in favor of a job-scholarship package at the Massachusetts Institute of Technology, where he can focus on information security. Gagnon says his classmates, who also are sifting through many job offers from local companies, are considering leaving because "they are also looking for 'more innovative work,'" the Post quotes Gagnon saying. "I don't think people like me will stay here if they aren't offered as stimulating opportunities as there are elsewhere," Gagnon told the Post.

For years, the federal government has found it a challenge to attract and keep young talent because of varying reasons, threatening federal programs and the innovation needed to support them. The Washington Monthly reported on some of those reasons back in 2000.

This tax filing season more taxpayers are filing online through the IRS' e-file program. (For a recent Tech Insider item on the success of e-file, click here.) What's behind e-file's success is focusing on convincing users to adopt an innovative process, argues Stephen Holden, a former IRS executive now teaching at the information systems department at the University of Maryland, Baltimore County.

In his September 2006 report, "A Model for Increasing Adoptions: Lessons Learned from the IRS e-file Program,” Holden writes that successful innovation adoption involves four sequential steps: external factors; investing in innovation; promoting and advertising; and measuring impact. (view image).

A factor not essential to innovation adoption is cutting edge technology. Rather, Holden argues that creating an organization focused solely on the program helps lead to successful e-government programs. Overall, Holden lists five lessons learned from working on e-file:

• Create an organization focus.
• Develop collaborative partnerships with stakeholders.
• Invest in innovation.
• Shift from a “Field of Dreams [e.g., ‘build it and they will come’]” mentality of marketing to proactive outreach.
• Use program performance data to drive decisions.

Humans naturally tend to exaggerate or underestimate modern risks, argues cybersecurity guru Bruce Schneier in a draft paper on the psychology of security posted last month.

Humans downplay familiar risks but inflate those that are not so familiar. We are much more frightened of spectacular risks such as terrorism than more pedestrian security risks such as food poisoning, even though the latter risk kills far more Americans per year than terrorism. (Click view image to see Schneier's table of typically exaggerated and downplayed risks.)

We react to exaggerated risks with palliatives, which Schneier calls “security theater” that make people feel more secure but can block actual security improvements. If the theater is coupled with real improvements, that’s good; if not, it’s dangerous, Schneier writes. Do removing our shoes for screening at airports and carrying onboard no more than 3 ounce liquid containers make us any safer versus other actions?

“Perhaps by understanding how our brains process risk, and the heuristics and biases we use to think about security, we can learn how to override our natural tendencies and make better security trade-offs,” Schneier concludes.

Google’s venture into hosted software certainly has generated some excitement. (Information Week reported that the FAA Chief Information Officer David Bowen is considering skipping a Windows upgrade in favor of Google’s Web apps.)

Google is not the first company to promote the idea of running applications on a remote server rather than on your local hard drive. Oracle tried it twice during the 1990s, and failed both times.

“The personal computer is a ridiculous device," Oracle Chief Executive Officer Larry Ellison proclaimed in 1999, predicting that Microsoft would yield to the Web application-fueled computer. Ellison called it the "Networked Computer."

Ellison's vision may not have panned out at the turn of the millennium, but technology, of course, has advanced a lot since then. Internet connections are faster and more reliable, for starters.

What’s your opinion? Are you ready to have all your application and data stored on a remote server while you access them through a scaled-down computer that’s essentially nothing more than a browser machine?

General Services Administration chief Lurita Doan yesterday said GSA would award the massive governmentwide telecommunciations contract, Networx, in "the next few days" but don't expect the award today.

A GSA spokesman said the Networx contract will not be released today, but he added that he could not rule out the possibility that GSA would award the contract this weekend.

The Office of Management and Budget's deputy director for management recently signed a memorandum to all agency heads directing them to follow a standard security configuration for Microsoft computer operating systems. Clay Johnson's directive backs up a memo that Karen Evans, OMB's administrator of e-government and information technology, sent to chief information officers this week asking them to deliver plans to OMB on how they intend to implement the policy by May 1.

Johnson's memo lays out the reasons for the standard this way:

The recent release of the VistaTM operating system provides a unique opportunity for agencies to deploy secure configurations for the first time when an operating system is released. Therefore, it is critical for all Federal agencies to put in place the proper governance structure with appropriate policies to ensure a very small number of secure configurations are allowed to be used.

DoD has worked with NIST and DHS to reach a consensus agreement on secure configurations of the VistaTM operating system, and to deploy standard secure desk tops for Windows XPTM. Information is more secure, overall network performance is improved, and overall operating costs are lower.

For other thoughts on the security memo, click here.

Some agencies are reportedly thinking about skipping Windows Vista in favor of an open source operating system. That makes this commentary from Jack Schofield, computer editor of the London newspaper The Guardian, very pertinent for the federal market here. He writes about whether Dell, the world's second-largest global computer manufacturer, should offer pre-installed Linux on its mass-market PCs. He says it shouldn't.

The arguments against it include the many Linux distributions (“everyone seems to want a different one,” Schofield writes), and the cost. Linux support doesn’t come cheap. "Saying 'Linux is just a kernel, so that's all we support' isn't going to work, but where in the great sprawling heap of GNU/Linux code do you draw the line?" Schofield writes.

Pre-installed Linux systems actually cost more than Wintel machines, Schofield adds. "This is partly because Linux has high overheads on minuscule sales, and partly because of the fees that PC sellers collect for bundling ISP connections, free antivirus and multimedia software, browser toolbars and so on," he writes. "The great collection of crapware that comes with a home user's Windows PC probably knocks at least £20 [about $40] off the price, maybe much more."

Hat tip: Slashdot

In a speech at the annual FOSE conference, General Services Administration chief Lurita Doan said that "change is in the air" and that "innovation and new ideas" are everywhere at the agency. Doan said change began 10 months ago. (Doan started her tenure at GSA in June 2006.)

"GSA, in case you've been asleep, is getting its groove back," Doan told the audience.

More from her speech:

Not too long ago, 11 months, the criticism was that GSA had lost touch with our customers, we were complacent, we were timid, we were unwilling or unable to meet our challenges directly. Well not anymore. You told us that it was taking too long to execute simple contracts and we have moved to fix that.

Earlier Thursday, Doan appeared on Federal News Radio and responded to a GovExec article posted Tuesday about top executives leaving the agency. Doan said that she would "argue with the fundamental premise" of the article, saying that the chart, which accompanies the article, shows that the number of departures is "no different than in any year."

Click here to view the chart and judge for yourself: View image

Doan added that the departures are part of "normal turnover when you have new energy and change in an agency."

I think that you'll find that the attrition that they talk about is perhaps the natural attrition that happens in any organization which changes its focus and renews its energy. There is a new energy and a new way that we do things at GSA. And naturally change has changed.

Doan also said that working at GSA is "like eating ice cream" on some days and on other days it is truly challenging.

Doan is scheduled to testify before the House Oversight and Government Reform Committee on Wednesday. The panel's chairman, Rep. Henry Waxman, D-Calif., plans to question her regarding the allegations of misconduct that have arisen during her tenure as GSA administrator.

Welcome to another edition of Tip Thursday, a weekly Tech Insider feature that offers useful computing tips you can apply right at your own desktop or laptop.

This week: Focus your Google searches.

Searching on Google seems straightforward: Type the words you want to search for into Google's query box, and hit return (or click on "Google Search"). Google returns results sorted according to a proprietary algorithm, which ranks sites according to popularity and relevance. But results often can be overwhelming. Google can return thousands, or sometimes millions, of results pages long.

How about narrowing the search down a bit? Start by excluding terms you don’t want to search for. You can do this by using a minus sign, followed directly (using no spaces) by the term you want to exclude. If you want to exclude a multi-word term, put the term in quotes.

Say you want to search just on a particular domain (.com, .gov, .mil, .org, etc.). Easy. You specify a domain by typing in site:[domain name here]. For example: site:.gov. You can get more precise by specifying the Web address, as in site:govexec.com.

Maybe you want to search just for cached sites, because what you’re looking for has been taken off-line. Type in cache:[search term here].

Needless to say, these tips are only a few ways you can fine-tune your Google searches. As a company, Google does a poor job promoting these search tips, but if you want more, go to their web page, which goes into more detail.

Look for more on Google in later Tip Thursday submissions.

The CNews network in Canada reported yesterday that Alberta's Agriculture Department is investigating an email apparently sent from a government computer that calls supporters of the Canadian Wheat Board "communists who can't deal with the fact their industry is dying."

News about employees sending emails that are embarrassing or release proprietary information has given rise to a cottage industry selling email monitoring tools, as SC Magazine in Australia points out in an article published last month. However, not sure if the word "communist" would be offensive enough to trip a monitoring tool's sensors to inform the sender that the email does not comply with agency email policy.

States are increasingly opposing the federal Real ID Act, according to an article posted today by The New Standard.

The New Hampshire House Transportation Committee unanimously voted Tuesday to pass out a bill that "would prohibit the state’s participation in the Real ID program and any similar federal initiative in the future. The one-page bill, which now goes to the full House, states that Real ID 'is contrary and repugnant,'" reports The New Standard. An opinion piece published this month in New Hampshire's Concord Monitor argues against the Real ID law.

Congress passed the Real ID Act in 2005 to tighten national security by requiring states to invest in data systems and processes that would make it harder to forge or fraudulently apply for state drivers licenses. The new licenses will eventually be required to board planes; enter federal government offices, including courthouses; and receive federal assistance and benefits, including Social Security.

State officials argue the law does not increase security, puts individuals' privacy at risk and costs too much. The Department of Homeland Security, assigned to oversee the implementation of the law, estimates the cost to states to be more than $14 billion over 10 years. A DHS official said yesterday that states' privacy concerns over Real ID are misplaced and that the law will improve privacy. DHS released this month the Real ID proposed rules that states must follow to comply with the Real ID law.

New Hampshire follows Maine, which in January, "became the first state to pass anti-Real ID legislation, approved overwhelmingly in both houses of the legislature," The New Standard reports. "At least 20 other states have similar legislation pending, according to the American Civil Liberties Union, an opponent of the federal program."

According to a CNET article published in January, "Bills pending in Georgia, Massachusetts, Montana and Washington state express varying degrees of opposition to the Real ID Act.

"Montana's is one of the strongest. The legislature held a hearing on Wednesday on a bill that says 'The state of Montana will not participate in the implementation of the Real ID Act of 2005' and directs the state motor vehicle department "not to implement the provisions."

When the Office of Management and Budget issued a mandate Tuesday that forces agencies to use a standard configuration of the Windows operating system, its main goal was to improve information security within government. The theory is that OMB, by way of the Department of Homeland Security, can send out mass security patches for newly found vulnerabilities that agencies then can quickly apply, securing systems en masse.

But some critics say this strategy may not significantly improve security.

The problem is the inherent insecurity of Windows operating systems. Microsoft's new operating system Vista is supposed to be more secure, but it has its security problems. That is why the market for anti-virus software, intrusion detection systems and firewalls is so huge, says Eugene Spafford, a professor and executive director of the Purdue University Center for Education and Research in Information Assurance.

Moreover, Ben Fathi, the former head of Microsoft's security group and now the chief of development in the Windows core operating system group, said at the RSA Conference 2007 in San Francisco last month that if Vista had half the security vulnerabilities that Windows XP had, he would consider Vista reaching a "great goal."

"In the first year after Windows XP debuted in October 2001, Microsoft posted 30 security bulletins pegged to the Home version of the then-new operating system," with more than one vulnerability sometimes appearing in a single bulletin, ComputerWorld reported last month.

In a discussion of security experts appearing in the same ComputerWorld article, Graham Cluley, senior technology consultant for Sophos PLC, said:

[I]n the last five years, the number of hackers and researchers who are examining Microsoft's code for vulnerabilities with ever greater intensity has increased. Furthermore, we have seen a number of legitimate security companies (including some who may have a vested interest in debunking Microsoft's status as a security player) put efforts into finding flaws in Microsoft's code.

What isn't in doubt is that there will continue to be flaws found in Microsoft Vista.

Curt Kolcun, vice president at Microsoft Federal, said that agencies are looking to migrate to VISTA due to its improved security features. Agencies are looking to move "in a planned way," Kolcun says. "They'll slipstream this into their build process."

Kolcun estimates 50 percent of the government will move to VISTA by the end of calendar year 2008.

Do you think OMB's mandate will make government IT systems measurably more secure or is Microsoft's Windows platforms too vulnerable? Click on the "Comments" link below to let us know.

We’ve posted a couple of items recently (here and here) about how vital disater recovery plans and independent verification are for the success of IT systems. We came across another example that highlights the pitfalls of poor safety planning -- and sometimes the dumb luck that comes into play to avoid them.

In his cheeky autobiography, Noble Prize-winning physicist Richard Feynman recounts how, when the United States worked on the Manhattan Project during WWII, he was sent to verify safety procedures at the Oak Ridge uranium processing plant. He found the facility on the verge of exploding (he nearly read the riot act to them). When Feynman returned to the plant several months later, he toured the facility with a military escort. The two entered a room, where there were "these two engineers and a loooooong table covered with a stack of blueprints," Feynman wrote.

The engineers explained that the plant had been designed to have backup safety valves so if any one valve failed, the backup valve would take over and avoid disaster. Feynman looked over the blueprints, and, relates, "I’m completely dazed! Worse, I don’t know what the symbols on a blueprint mean! There is some kind of a [symbol] thing that at first I think is a window."

Feynman points to one of the mysterious window-like symbols and asks the engineers what happens if that valve gets stuck, thinking that the engineers will tell him that that symbol is not a valve, it’s a window. Instead the engineers eye each other and start discussing what would indeed happen.

The engineers "turn around to me and they open their mouths like astonished fish, and say, ‘You’re absolutely right, sir,'" Feynman wrote. "So they rolled up the blueprints and away they went and we walked out."

Feynman’s military escort demanded to know how on Earth he could have known that one part of the blueprint design was faulty. Feynman wrote, "I told him, you try to find out whether it’s a valve or not."

Will the Semantic Web, which will allow applications to share personal data, ever be real? According to blogger Stephen Downes, it won’t.

The Semantic Web has supposedly been the next big Internet thing for a few years now, but mostly it’s been notable for its lack of adoption. (Here's an early article on it co-authored by Tim Berners-Lee.) More than a few dedicated govvies in the Semantic Interoperability Community of Practice (SICoP) are trying to make it happen too. But the idea will never make it in the real world, says Downes, who works at the National Research Council's Institute for Information Technology in Moncton, New Brunswick, Canada. Downes specializes in online learning, content syndication and new media, according to his web site.

To understand what the Semantic Web can do, consider this example from Berners-Lee's article:

The entertainment system was belting out the Beatles' "We Can Work It Out" when the phone rang. When Pete answered, his phone turned the sound down by sending a message to all the other local devices that had a volume control.

The system was smart enough to realize that listening to loud music and talking on the phone are incompatible, so it adjusted things accordingly.

That cooperation is its fatal flaw, Downes says. “The Semantic Web will never work because it depends on businesses working together:"

... [T]he big problem is they believed everyone would work together: - would agree on web standards (hah!) - would adopt a common vocabulary (you don't say) - would reliably expose their APIs so anyone could use them (as if)."

We'd like to hear from Semantic Web supporters in government or industry why Downes may be mistaken about the future of this new technology. Please use the comments link below.

(Hat tip: Slashdot)

Citing national security issues, the Navy yesterday refused to handover to a court information about its use of sonars, which an environmental advocacy group says kills whales, the AP reports today.

The Natural Resources Defense Council has sued the Navy to compel it to use sonar in such a way as not to harm whales. U.S. District Judge Florence-Marie Cooper ordered the Navy to provide information on when and where it has used sonar since 2003, the AP reported.

The Navy does not dispute whether the sonar may hurt whales, but it claims that it takes precautions, such as looking out for whales. The Congressional Research Service reported last year that Navy sonar had been responsible for six whale deaths and other unusual behavior.

The General Services Administration takes an average of 120 days to issue a schedule contract to a company seeking to do business with the federal government. But GSA has issued its first schedule contract to a company under a program aimed at cutting that time drastically.

At the beginning of her tenure last summer as head of the GSA, Lurita Doan issued a mandate to award GSA schedule contracts within 30 days. Using the Multiple Award Schedule Express Program, launched in January, GSA gave Mity-Lite, a chair and table company based in Orem, Utah, a Schedule 78 contract (for sports and promotional equipment) in just 12 days. No word yet on whether IT schedule-seekers have received similar treatment, but GSA says that a second company has received a schedule under the express program and a third is pending. Under the program, which is in a pilot phase, only those IT companies that provide hardware and repair and maintenance services are being considered for the fast-track status.

Sources say that Doan's decision to choose 30 days as the time within which to award schedules was arbitrary and that she did not consult other agency officials about what time frame may be workable and best serve businesses. A GSA spokesman said that Doan chose 30 days because the time frame is a typical calendar cycle that businesses use for planning purposes. Doan wanted "a revolution, not an evolution" in reforming the way schedules are awarded, the spokesman said.

Mike Sade, assistant commissioner for acquisition management in GSA's Federal Acquisition Service, said the 30-day challenge forced officials to re-engineer the process for awarding schedules. Under the express program, a company's proposal is examined quickly to see if it contains the basic requirements and if it doesn't, the company is asked to correct the problems, Sade said.

The clock on the 30 days does not start until after companies have corrected the application, Sade said. Companies interested in participating in the express program also must complete an education program.

Economic development officials from the Caribbean island and U.S. territory of Puerto Rico are in Washington, D.C., promoting their island as an information technology outsourcing haven for federal IT work.

Puerto Rican officials hope to take advantage of restrictions that prevent government agencies from outsourcing to popular -- and money saving -- offshoring venues India and other Far East countries. Exporting and citizenship requirements do not allow federal agencies and contractors to outsource to any company based outside the United States. But federal agencies and contractors can outsource to Puerto Rico, whose inhabitants have been U.S. citizens since 1917 and has commonwealth status, according to Boris Jaskille, executive director of the Puerto Rico Industrial Development Company (a commonwealth entity). Puerto Rico's low labor and tax rates, combined with an educated workforce, make it an attractive outsourcing destination, Jaskille says.

Puerto Rican companies have conducted business with the U.S. government, mostly in manufacturing military clothing. But the federal IT business would be a new one for the commonwealth, one they’ve only just decided to start chasing. Last year, after an internal reorganization of its economic development organization, Puerto Rico officials decided to pitch its IT outsourcing business.

Island officials believe they can compete in software development, network management and help desk services, says Marcos Polanco, PRIDCO’s director of information and communication technologies. Puerto Rico's costs for those services are about 30 to 40 percent lower than what U.S.-based firms charge, Polanco says.

PRIDCO officials say the University of Puerto Rico system is a source of local talent and they have a business-friendly environment.

Would you as a government manager or contractor consider offshoring IT work to Puerto Rico? Why or why not?

If you need another reason to institute that disaster recovery plan, what happened to the Alaska Department of Revenue might just convince you to do it sooner rather than later. Last July, a computer technician, while conducting routine computer maintenance, accidentally erased a hard drive containing information on a $38 billion account that distributes oil revenue payments to Alaska residents, according to a USAToday article published online yesterday.

That was strike one.

The technician then mistakenly reformatted the disk, rendering the data irretrievable. Strike two.

Hoping it had another swing at the disaster recovery plate to retrieve the information, Alaska turned to its backup tapes. But the tapes were unreadable. Strike three.

"Nine months worth of applicant information for the yearly payout from the Alaska Permanent Fund was gone: some 800,000 electronic images that had been painstakingly scanned into the system months earlier, the 2006 paper applications that people had either mailed in or filed over the counter, and supporting documentation such as birth certificates and proof of residence," the newspaper reported.

But Alaska had a fourth chance to recover the data. The state called in more than 70 Alaska state workers and temps over the following two months (working weekends and evenings) to rescan the paper documents (300 cardboard boxes in all) to rebuild the account. The cost: $200,000. The story ends happily, with each Alaskan resident receiving the $1,106.96 oil-fund check on time.

Alaska pulled victory out of what could have been disaster because the state had a disaster recovery plan, albeit a rudimentary one. But many companies and government agencies don't. About one out of three organizations report they do not have a disaster recovery plan in place and nearly two out of three admit their plans have significant vulnerabilities, according to a recent study.

As Alaska found out, a disaster recovery plan with multiple redundancies (which includes keeping the paper documents filed in cardboard boxes) is the way to go.

Tell us your stories of disaster recovery, or just disaster.

John Backus, who developed the Fortran programming language, which many government systems were built on, died Saturday at age 82. Backus developed the language in the 1950s when working for IBM and computing missile trajectories, "paving the way for modern softare," the Seattle Times reports. Backus said he wanted an easier way to program computers, which at the time required the laborious task of hand coding.

Photo of Backus: View image

As if you didn't have enough to worry about, a report released last week links sitting down for long periods at work -- i.e. in front of a computer -- to an increased risk of death from blood clots.

Thirty-four percent of all patients suffering from deep-vein thrombosis, the potentially fatal condition of blood clots formed after long periods of inactivity, reported having sat for hours at a time at work, according to the Medical Research Institute in New Zealand. Some of the patients reported having sat for 12 to 14 hours in one day.

"The 34 percent finding is far higher than the 1.4 percent of blood-clot patients who recently traveled on long-haul flights, and the study showed a clear link between travel and work-related thrombosis," according to an article posted on Wired News.

An organization called the "Coalition to Prevent Deep-Vein Thrombosis" provides a self-assessment risk tool to measure your risk for DVT. The National Institutes of Health's MedLinePlus advises to "minimize immobility of the legs" to lower your risk.

Customers are much less satisfied with the service they get from call centers, the 1-800 service you contact when trying to get answers to questions about a product or service, according to a report released today and reported on by ComputerWorld. The satisfaction rate with call centers fell dramatically to 68 percent in 2006 from 82 percent in 2005, according to the Global Contact Centre Benchmarking Report. Dimension Data, which conducts the annual survey, attributed the large drop to companies instituting better processes to measure the performance of call centers. In other words, call centers are not doing as good a job as they thought they were.

Call centers in the federal government, particularly at the Social Security Administration, have scored high in satisfaction surveys in the past when compared to private-sector call centers. But more could be done to improve call center performance, concludes the Government Accountability Office.

Computer programmers and network administrators are used to operating behind locked doors, which, at times, can have quite sophisticated entry-control systems, such as biometric scanners. The locks are usually there for a good reason: to keep unauthorized employees (including non IT managers) away from databases that store private information and critical applications that run the agency. (Take a tour of the Social Security Administration computer network at its Baltimore, Md., headquarters to understand how serious the agency takes physical security.)

But some federal IT employees may lock the door to the IT department for other reasons that have nothing to do with security, according to an article posted today by Ralph Smith at FedSmith.com. Smith writes about a case that came before the Federal Labor Relations Authority concerning a locked door at an agency's IT office. According to the case proceedings, Smith wrote, the union argued that the agency's IT employees locked the door because "it kept anyone from 'tattling to management about what is [or] is not being done,'" and an open door would subject the IT staff to a "'hostile working environment' leading to interruptions and 'snide remarks from other [agency] personnel.'"

The FLRA sided with management, who wanted the door open.

Apparently, the union did not offer any security reason for locking the door. That's odd, because almost any security expert will tell you that locking the doors to the computer room is a basic step an organization should take to protect networks from unauthorized employees (i.e. non-IT employees), who may want to steal or sabotage data. (Smith did not say what the IT employees did behind the locked door.) A brief example of why doors need to be locked from CSO Magazine illustrates the point.

Last week was Sunshine Week, which is sponsored annually by the American Society of Newspaper Editors and designed to generate awareness about open government and freedom of information.

Over the years, Freedom of Information Act requests have given the public insight into how its government operates and what it is up to, including this link to John Lennon’s FBI file, which was first made public through a FOIA request. The FBI keeps Lennon’s file online with about 50 other luminaries’ files, ranging from Cesar Chavez to Eleanor Roosevelt. (For an alphabetical list of FOIA files that the FBI keeps online, click here.)

The Reporters Committee for Freedom of the Press has an online FOIA letter generator for the public to use. The Justice Department's list of principal FOIA contacts at federal agencies can be found here. Also, catch the latest on Congress' efforts to expand FOIA.

The FBI began investigating (some would say “harassing”) the former Beatle when the bureau learned that Lennon contributed $75,000 to a group planning to disrupt the Republican National Convention in 1972. To see an excerpt from what the G-Men learned, click the "view image" link below.

View image

Starting over doesn’t have to be expensive.

“You can become a brand new American,” for as little as $14, Alfred Huger, vice president of the Symantec Security Response, told the San Jose Mercury News.

According to security company Symantec's semiannual Internet Security Threat Report, "an identity, including a U.S. bank account, credit card, date of birth and government issued identification number, was available for between $14 - $18." This latest edition of the security threat report covers the six months from July 1, 2006, to Dec. 31, 2006.

The report concentrates on threats to data confidentiality, integrity and availability from malicious hacks but acknowledges data loss also occurs from the theft and loss of computer hardware, such as downloading the records of 26.5 million vets onto a laptop and carrying it home where it can be stolen in a routine burglary. In fact, most data theft and loss results from employee error. More than 54 percent of companies reported that they lost data or suffered a breach because of an employee error compared with 34 percent of companies reporting that loss data was the result of an outside hacker, according to a Palisade Systems' report and reported on last year by consumeraffairs.com. Another survey, and there are many, conducted by Vontu "concludes that a main reason for corporate data security breaches is that many companies simply don't know where their sensitive or confidential business information resides," CNet reported last year.

Check out our reporting on cybersecurity exercises at WestPoint Academy for an example of how one organization focuses on what most data theft experts agree is the primary vulnerability threat: users.

The percentage of federal employees who say they have the option to telework increased to 44 percent this year compared with 38 percent in 2006, according to the third annual telework survey conducted by CDW. Growth of the telework option in the private sector lags far behind, with only 15 percent of private-sector employees saying they have the option to telework. (However, 24 percent of private-sector employees said they did not know if they had an option to telework compared with only 9 percent in the federal government.). Federal telework options have been driven largely by law and the Defense Department's policy to offer telework options in order to retain employees, CDW reported. Do you have an opinion as to why telework is far more popular in the federal government than in the private sector?

Clark Kelso, the chief information of