Government Executive's Robert Brodsky reported today about how the Environmental Protection Agency may have wasted millions of dollars in extra fees to contractors for meeting performance thresholds. "EPA regularly gave contractors ratings of 'exceeds expectations' or 'outstanding,' which facilitated the higher incentive fees, according to" an EPA inspector general report.

Brodsky cites one of the nine contracts the IG analyzed, in which a high rating "was justified only with the following comment: 'The project management was excellent with no problems encountered and costs were within scope of work.' A project that merely encountered no problems or stayed within budget should have earned a grade of satisfactory, the IG said."

Since government projects typically miss deadline and come in over budget, encountering no problems and keeping costs within scope may seem like quite an accomplishment. Others may view it it as simply doing your job.

Headlines from around the Web for Friday, Feb. 29, 2008
Compiled by Melanie Bender

ITIL Adoption Increases in U.S., Proficiency Still Lacking
NetworkWorld
A survey of CIOs across five contients showed the number of U.S. CIOs using ITIL and other best practice frameworks is gaining on the global adoption rate, but less than 10 percent of those polled in the U.S. consider themselves "true practictioners."

RFID May Track, Safeguard Global Blood Supply
ComputerWorld
Researchers at the University of Wisconsin-Madison are hoping to use radio-frequency identification technology to create a way to better track blood supplies around the world -- a practice that could lead to better handling and fewer instances of patients receiving the wrong blood.

Violating Internet, E-Mail Policy Will Get You Fired
ComputerWorld
A study found more than a quarter of companies have fired employees for violating company e-mail and Internet policies. While most employees terminated workers for accessing pornography or other inappropriate content, as many as 34 percent of managers in the study said they let go of workers for excessive personal use of the Internet.

Officials Split on Viability of Border-Fence Project
The New York Times
Federal officials can not seem to agree on the effectiveness and functionality of the Department of Homeland Security's virtual fence test on the border between Arizona and Mexico.

Google Sites Challenges CIO's Authority
CIO Insight
With the launch of Google Sites, Web-accessible collaborative software that promises to ease the sharing of data, CIOs will lose some of their control over what applications are being used in their companies.

FAR Council Issues Final Security Configuration Rule
Federal Computer Week
The Federal Acquisition Regulations Council issued its final rule, stating contracting officers must include the requirements to use the Federal Desktop Core Configuration for Microsoft Windows XP and Vista in all applicable procurements.

Malicious E-mails Spoof DOJ Address
Government Computer News
A trickle of phony e-mails purporting to be from the Justice Department and carrying apparently malicious attachments has been found by security researchers from MX Logic, an anti-spam company.

Lawmakers Criticize Security Clearance Practices
WashingtonTechnology
Lawmakers at a House Intelligence Committee hearing said many potentially good candidates may have their clearance applications rejected because of outdated policies. However, officials at OMB and and OPM said they've made improvements in the efficiency of the process.

High Voter Turnout Prompts Resource Concerns for Nov.
USA Today
Record turnout in this year's presidential primaries has election officials worried about possible shortages of machines, ballots and poll workers in November.

Florida Touch-Screen Voting Machines to be Recycled or Resold
St. Petersburg Times
A Tampa company will recycle or resell most of the 29,000 touch-screen voting machines in Florida after less than six years of use, the secretary of state said Thursday.

The Federal Bureau of Investigation reported today more than 400 seizures of counterfeit Cisco equipment and labels worth more than $76 million filtering into the United States from China.

The effort, which has been ongoing since 2005, is being driven by DHS and FBI. Immigration and Customs Enforcement, and the Customs and Border Protection conducted 28 investigations and managed six indictments and four felony convictions, with more than 74,000 fakes seized, while the FBI’s portion of the initiative, dubbed Operation Cisco Raider, resulted in 36 search warrants with approximately 3,500 counterfeit network components identified, and a total of 10 convictions.

So why is government focusing on Cisco? Because the counterfeiters do. They go where the money is, and in terms of networking gear, which many regard as commodity items that can be easily copied, no manufacturer rakes in more revenue than Cisco. It’s the same reason that hackers focus on Microsoft: Market saturation.

The government is among the most profitable markets for Cisco. That makes federal agencies as susceptible as any to getting duped. Check out what happened to the Navy in 2004 for example, when counterfeit Cisco switches landed in one of its secure facilities. (You can read the whole sordid story at GovernmentVAR.com). One contractor involved was recently found liable, and now the circumstances are being investigated by the Navy’s Acquisition Integrity Office.

The lesson learned? Check those serial numbers.

The Government Accountability Office released Feb. 14 a report on the state of information security in the federal government. On page 21 is a pie chart that shows the types of security incidents agencies reported to the U.S. Computer Emergency Response Team in 2007.

GAO notes that "the three most prevalent types of incidents reported to US-CERT in fiscal year 2007 were unauthorized access, improper usage, and investigation." The first two accounted for 44 percent of the incidents.

But the investigation category is the most telling, and not fully discussed by GAO. GAO defines investigations as "unconfirmed incidents that are potentially malicious or anomalous activity deemed by the reporting entity to warrant further review." That's another way of saying, "We have no idea what it is."

Agencies can't immediately identify nearly one-third of the cyberattacks they experience -- that's one-third. They believe something is going on, but they just can't put their finger on it. That nearly matches what CIO Magazine and PriceCoopersWaterhouse found when conducting its 2007 security survey of public and private sector organizations. About 32 percent of respondents said they couldn't identify the type of cyberattack that hit them.

The other question GAO could have asked agencies is: Do you know how many cyberattacks your systems experienced? If federal IT managers were honest, GAO would find that 40 percent of agencies had no clue. That’s the figure reported by the CIO/PWC survey.

The scary thing is that those are the cyberattacks that we know of. The real malicious attacks are the ones that occur under agencies' intrusion detection radar screens and are never detected.

The following item was posted by Anne Laurent, former executive editor of Government Executive magazine.

The folks over at Evolution of Security, the Transportation Security Administration's new blog, want you to know just how much nasty language and how many mean-spirited attacks they've suffered through. So, starting today, they've added a ticker showing how many posts to the blog its moderator has decided not to let see the light of day. The meter stood at 105 on opening day and will be updated weekly.

Just beneath it on the blog appears a link to the evil doing that will get you blocked, such things as personal attacks, profanity and threats, of course, but also, long embedded url strings, sensitive information and the ever pesky off-topic comment. Author "Glen" says that other than the proscribed topics, "all's fair in love and blogging."

In truth, Evolution of Security isn't bad for government work. One post details the story of the priest with razor blades in his Bible and others reveal the growing presence of security "zip lanes" that allow travelers with only carry-ons that will fit under the seat to "zip on through." What's more, TSA fearlessly links to Schneier on Security the blog of security guru and self-proclaimed curmudgeon, Bruce Schneier, as well as to Homeland Security Watch, neither of which are always complimentary.

In a positive step for those of us who support greater public release of Congressional Research Service (CRS) reports, Sen. Joe Lieberman, I-Conn., has shown that he is committed to making it easier for senators to release them.

Following up on his resolution (S. Res 401) to provide the public with greater access to CRS reports, Lieberman called on Senate Rules Committee Chair Sen. Dianne Feinstein, D-Calif., to ensure that a complete system be crafted that allows members to make many reports accessible to the public rather than one that takes detailed effort from congressional staff to make individual reports available.

CRS provides important in-depth, non-partisan research to Congress on a wide range of issues. These taxpayer funded, unclassified documents have never been made readily accessible to the public by Congress. Despite being created with taxpayer funding and not copyrighted, they are regularly sold by information brokers.

Meanwhile, the best way for non-Hill staff to get access to these documents for free is OpenCRS an interactive project that provides the public with access to a portion of the CRS reports that have been released by various members of Congress through the cooperation of groups and individuals who have requested the reports release via members of Congress.

The Billboard Liberation Front, a group of so-called "culture jammers" who, among other acts, alter the wording of billboard advertisements to make a political or anti-corporate message, have hit again. The group has claimed credit for altering an AT&T billboard in San Francisco to protest AT&T's collaboration with the National Security Agency's warrantless wiretapping of Americans' phones and Internet usage.





















The billboard was a bit too late to influence the telecoms, who've announced this past week to continue the surveillance program.

Hat tip: boingboing

Headlines from around the Web for Thursday, Feb. 28, 2008
Compiled by Melanie Bender

Security Skills of IT Workforce Lacking, Survey Finds
NetworkWorld
While nearly three-fourths of 3,500 technology professionals polled in a recent survey identified security, firewall and data privacy as the IT skills most important to their organization today, only 57 percent said they believed their IT employees were proficient in such skills.

Can IT Alleviate the Pain of Those Miserable Commutes?
ComputerWorld
Between trains that seem incapable of running on schedule and bumper-to-bumper traffic, there aren't many people who can claim to love to commute. But government and grassroots efforts are attempting to make the experience more tolerable. For example, The Massachusetts Bay Transportation Authority recently began a pilot Wi-Fi program on its Worcester line.

Researchers Transmit Optical Data At 16.4 Tbps
InformationWeek
Alcatel-Lucent researchers at the Bell Labs in Villarceaux, France, announced Wednesday their successful transmission of 16.4 Tbps of optical data over 2,550 km. New technologies they used in their test may pave the way for 100 Gbps transmissions.

For Sale: Passwords To Fortune 500's Servers
InformationWeek
More than 8,700 FTP login names and passwords are being sold online through a sort of eBay for stolen data, a security company revealed this week. Some of the FTP credentials grant access to Fortune 500 Company servers, another set to a state court Web site, according to Finjan, the computer security company in Israel that made the discovery.

Tech Problems Delay ‘Virtual Fence’ on Border
The Washington Post
Technical problems discovered in a 28-mile pilot project have led the Bush administration to scale back plans to quickly build a "virtual fence" along the U.S.-Mexico border. Authorities confirmed that Project 28, the initial deployment of the Secure Border Initiative network, did not work as planned or meet the needs of the U.S. Border Patrol.

Pass Card Contract Talks Stall
Government Computer News
The State Department and General Dynamics, the leading company in the vendor team the government originally chose to carry out critical aspects of the Pass Card program, have "reached an impasse" in talks about how to carry out the job. Pass Cards are intended to serve as cheaper alternatives to passports for use by citizens re-entering the country via land ports.

Concerns Rising About Requiring a Paper-Ballot Election in Colorado
The Denver Post
Despite sponsorship of party leaders in both chambers, a handful of legislators have reservations about Colorado moving to paper ballots for the upcoming election. One legislator wondered why counties can't be allowed wide use of their electronic voting terminals, all of which have now been recertified.

China Still Years From Competing Against U.S. IT
eWeek
China is closing the technology gap with the U.S. every year, but it will be many years before it challenges the U.S. for dominance of the technology market, according to Fred Hu, co-head of Investment Banking for China at Goldman Sachs.

Governor Promotes Connecticut's Long-Term Care Web Site
Government Technology
Recognizing a growing need to provide easier access to comprehensive information on long-term care for people of all ages, Connecticut has launched a Web site that, as Gov. M. Jodi Rell said, "aims to help improve the lives of people needing long-term care now and to help those who will need it in the future -- meaning most of us -- plan ahead."

Google Unveils Low-Cost Collaboration Platform
Government Computer News
Google Sites is intended to be a low-cost alternative to Microsoft SharePoint and other commercial collaboration packages. Unlike other collaboration packages, Google's offering should not require IT staffs to provide significant training and maintenance.

Army Recognizes Conventional Warfare a Thing of the Past
WashingtonTechnology
In a climate of insurgencies and unstable peace, the Army must be more nimble. The Army Capabilities Integration Center hopes to chart the course for creating forces capable of using technology to handle modern conflicts.

Healthcare Organizations See Cyberattacks as Growing Threat
InfoWorld
Healthcare organizations feel under increasing attack from the Internet, while security incidents involving insiders and disappearing laptops with sensitive data are piling up. On top of that, there's now the prospect of a surprise audit from the federal government agency in charge of overseeing the HIPAA security and privacy rules.

There are reports that the IRS as well as tax authorities in other countries including Canada, Germany, Australia, Italy, Sweden, Spain, the United Kingdom, and New Zealand have purchased stolen information detailing confidential bank accounts in Liechtenstein. Liechtenstein has very strict banking privacy laws, and it is seen by all the above countries as a safe haven for tax evaders. The country, which is a tiny principality next to Switzerland, is one of three countries (Andorra and Monaco being the other two) listed by the Organization for Economic Cooperation and Development as being "uncooperative tax havens."

How did the countries get this information? In one news report, it was said that, "Heinrich Kieber, a 42-year-old computer expert, offered the information for sale to several countries, including Germany, which paid about $6.3-million for it. (Mr. Kieber is said to be hiding in Australia under a new identity.)"

This may not seem like an unusual news story, but an Oklahoma City woman was accused this month for violating the Health Insurance Portability and Accountability Act (HIPAA) of 1996, the federal law that requires companies to properly secure personal medical records of patients and employees, or face fines or criminal prosecution. What's unusual about this story is that in the nearly 12 years HIPAA has been around, the number of HIPAA violations and criminal cases has been extremely low -- almost non-existent.

Consider that a large portion of American corporations -- as much as 40 percent back in 2006 -- were not in compliance with the law, a lone violation seems even more incredulous. The reason for the non-compliance, privacy and security experts say, is because it pays not to comply. The risk of being caught is so low compared with the cost of compliance, which is high, that the business case argues for not complying. The return on investment for securing private health data just isn't there. Privacy experts may have a different point of view.

Headlines from around the Web for Tuesday, Feb. 26, 2008
Compiled by Melanie Bender

IT Services Fall Short of Greatness, CIOs Say
NetworkWorld
In a January survey conducted by Omniboss, nearly 80 percent of 125 CIOs and senior IT directors polled said a lack of senior representation at the board level had a direct impact on their ability to deliver great -- rather than just good -- IT services.

'Cold Boot' Encryption Hack Unlikely, Says Microsoft
ComputerWorld
In light of research conducted by Princeton University showing cooling down a computer's memory offers thieves a larger window of time in which to steal data, a Microsoft product manager said the vulnerability can be minimized by changing some settings in Windows.

Bush's Double-Edged Cyber-Security Plan
Forbes
To keep cyber-spies and hackers away from sensitive government information, the Bush administration may have to do some spying on the private sector, such as military contractors, according to former federal employees.

Healthcare CIOs Worry About Medicare Cuts Hurting IT Budgets ComputerWorld
Since President Bush proposed reductions in federal healthcare programs, healthcare IT executives worry hospitals will fear pressue to make cuts in programs creating electronic medical record systems and computerized orders that can reduce medical errors.

FBI Says To Ignore E-mail Death Threats
InformationWeek
The FBI says emails purportedly from a hired assassin requiring recipients to pay $20,000 or face death are a hoax. While jaded Internet veterans might scoff that anyone would take such a threat seriously, the scheme appears more credible than it might otherwise because of its use of personal information to make the message more intimidating.

D.C. Special-Ed Getting New Computer System, Staff
The Washington Post
D.C. State Superintendent of Education Deborah A. Gist announced the school system plans to purchase a computer system designed to keep track of special education students' academic life, replacing several systems plagued by bad data and an inability to communicate with one another.

Bill Shifts Votes to Paper Ballots in Colorado
The Denver Post
A bill filed on Tuesday sponsored by the majority and minority leaders in both chambers calls for a return to paper ballots in Colorado. While admitting it's low-tech, one state senator said, "But low-tech means it's less likely there will be computer problems." The bill also has Gov. Bill Ritter's backing.

Wireless Broadband Mesh Network Test Launched in San Carlos, Calif.
Government Technology
Convad Communications Inc. Wireless Unit will deploy a wireless broadband test network in San Carlos, Calif., as part of the 'Concept City' phase of Wireless Silicon Valley. Convad, which already serves business customers in the San Carlos area, will layer a new wireless broadband mesh capability onto its existing fixed wireless broadband service.

Los Angeles County to Count Flawed 'Double Bubble' Ballots
San Diego Union-Tribune
The Los Angeles County Registrar's office will try to count about 50,000 improperly marked nonpartisan ballots from this month's presidential primary election. The ballots of Independent voters who did fill in a bubble for both the party they were voting for and the candidate they were supporting could not be read by the scanning machines.

Tech Group: Increase US Gov't Research Funding
InfoWorld
The Technology CEO Council sent a letter to congressional leaders Monday, urging congress to keep the promises it made in the America Competes Act of 2007, legislation that focuses on improving U.S. science and technology programs. Three federal agencies combined fiscal 2008 budgets were $918 million short of targets promised in the legislation.

As noted on Government Executive's Web site, the Government Accountability Office has found that only two federal agencies -- the Treasury and Transportation departments -- have been able to demonstrate that they have implemented the Office of Management and Budget's issued guidance in 2006 and 2007 reiterating governmental agency responsibilities under the Privacy Act of 1974, the E-Government Act of 2002 and the Federal Information Security Management Act of 2002. OMB's guidance drew particular attention to agency security and privacy requirements associated with personally identifiable information. Some 18 agencies met the guidance to some degree, while two -- the Small Business Administration and the National Science Foundation -- didn't meet any of the guidance.

I am so glad to see federal agencies care so much about your or my personal information.

OMB reissued the guidance two years ago in the wake of the many data breaches then occurring throughout government, but especially those that happened at the Veterans Affairs Department.

The San Francisco Chronicle posted a story late yesterday about a contract employee at the NASA Ames Research Center pleading guilty to storing child pornography on his government computer. The odd thing about this story, as the paper points out, is that it is the third time in a little more than two years that an Ames employee has been caught with child pornography on a government computer. The paper makes it a point to say that the latest infraction is "at least" the third time.

Headlines from around the Web for Tuesday, Feb. 26, 2008
Compiled by Melanie Bender

Microsoft's Drive for Interoperability Means More Bugs, for Now
ComputerWorld
Security researchers said Microsoft's decision last week to let everyone examine its software secrets means vulnerabilities and exploits will almost certainly climb in the short term. Those same researchers said this move should translate into better security for everyone in the long run.

Gartner: Global RFID Market to Top $1.2B This Year
ComputerWorld
Gartner Inc. has released a report predicting worldwide revenue for radio frequency identification technology will eclipse $1.2 billion this year, marking an almost 31 percent increase over last year.

New York City to Help Doctors Track Patients’ Records Electronically
The New York Times
In what New York Mayor Michael Bloomberg said is just the beginning of an effort to provide better care to people before they get sick, New York City is ready to equip doctors with computer software that can track patients’ medical records. Among other features, the new system will share data with other doctors and provide information about the current best practices for treating illnesses.

Demand for Hybrid Driver's Licenses High in Washington State
Federal Computer Week
The Enhanced Drivers License program, started by Washington state in conjunction with the Homeland Security Department, has issued more than 2,000 new hybrid drivers license-passport cards since it began issuing them Jan. 22. The identification cards enable Washington State residents to travel freely across the U.S. land border with Canada. They are being marketed as a low-cost alternative to passports.

E-Vote: Judge Strikes Down Union County, Ohio, Voting Machine Directive Challenge
Government Technology
Franklin County Common Pleas Court Judge Eric Brown, in a 25-page decision, struck down a county's challenge to Ohio Secretary of State Jennifer Brunner's Jan. 2, 2008 directive requiring backup paper ballots by boards of elections using touch-screen voting machines in the March 4 presidential primary election.

At NIH Center, Software Manages Pneumatic Delivery
Government Computer News
Unable to mail or allot the manpower to move thousands of blood products, biological samples, medications and medical devices every day between patient care units and the pharmacy, laboratories and other departments at its Clinical Research Center, NIH employs a system of pneumatic tubes with proprietary software that schedules and routes the carriers.

Service-Oriented Architecture Spending Up Despite Unclear Benefits
InfoWorld
A new research report from analyst firm AMR Research cites The number of companies investing in service-oriented architecture has doubled over the past year in every part of the world, with a typical annual spend of nearly $1.4 million. However, the AMR survey found that most companies don’t really know why they are investing in SOA, which Findley said makes long-term commitment iffy.

Intelligence Sharing Still Lacking
The Wall Street Journal
The Department of Homeland Security is stumbling in its efforts to coordinate the gathering and sharing of domestic intelligence with state and local officials, one of its core responsibilities, according to an internal report.

In the ironically-labeled memorandum M-07-11 (feeling lucky?), officials at the Office of Management and Budget say that adopting standardized configurations for Windows desktops in federal agencies will somehow create a situation in which “[i]nformation is more secure, overall network performance is improved, and overall operating costs are lower.” Each of these claims is questionable, but the essential truth is that standardizing desktop configurations will have tiny security impacts, will entail enormous unfunded costs and will potentially make federal networks less secure.

This is not to say that configuration management practices in the federal government are beyond reproach, but we need to admit a few realities:

Yesterday's Greenpeace Heathrow protesters reminded us that governments are working hard at the magician's trick of redirection: "Everyone pay careful attention to the long lines, uniformed attendants and electronic technology at the passenger-screening station. Pay no attention to the unlocked/unmonitored doors and gates that provide direct access to the aircraft." Also see Bruce Schneier on this topic. Bruce also spotted this, which should really give you pause.

Anne Laurent, former executive editor at Government Executive magazine, writes in her blog, The Agile Mind, about the recent unclassified report released by the Office of the Director of National Intelligence on report unveiling the Reynard project, conducted by the ODNI's Intelligence Advanced Research Projects Activity to spy on players in virtual worlds to see if they can, as Laurent quotes, "identify the emerging social, behavioral and cultural norms in virtual worlds and gaming environments" and then "apply the lessons learned to determine the feasibility of automatically detecting suspicious behavior and actions in the virtual world." Her post highlights just how quickly technology is moving as compared with Congress' ability to understand it. Her point:

DNI archly informs lawmakers that they won't be getting much real information about intelligence community data mining because they asked for the wrong thing. The law [the 2007 Data Mining Reporting Act] defines data mining as "a program involving pattern-based queries, searches or other analyses of 1 or more electronic databases" to "discover or locate a predictive pattern or anomoly indicative of terrorist activities." But that's not the kind of data mining DNI uses most, the report says.

"Analysis performed within the ODNI and its constituent elements for counterterrorism and similar purposes is often performed using various types of link analysis tools [which] start with a known or suspected terrorist or other subject of foreign intelligence interest and use various methods to uncover links between that known subject and potential associates or other persons with whom that subject is or has been in contact," the report says. But "the Data Mining Reporting Act does not include such analyses within its definition of 'data mining' because such analyses are not 'pattern-based." Note to Congress: Catch up. Fix your definitions.

Headlines from around the Web for Monday, Feb. 25, 2008
Compiled by Melanie Bender

The Road To Making Business Intelligence Available To Everyone
InformationWeek
For BI to be used by more employees and by employees in a wider range of job types within a company, several roads must converge, and IT professionals must work with businesses more closely to make that happen.

The Challenges of Retrofitting PCs with a Standard Configuration
Government Computer News
While some agencies have made significant progress complying with the Federal Desktop Core Configuration, others -- like the Agriculture Department, where field employees are given administrative rights to their laptops -- are experiencing considerable challenges to quickly complying with the new security rules.

Electronic Recyclers International CEO Explains 'All Things eWaste'
Government Technology
VideoJug, an online video encyclopedia of life that features professionally made 'how-to' and expert advice clips, is featuring chairman and CEO Of Electronic Recyclers International John S. Shegerian in a series of clips on electronic waste, why it is an environmental hazard and how to properly dispose of it.

New Funding to Protect Cyberassets Catches Industry Attention
WashingtonTechnology
Given the current attention the public is paying to cyber espionage and attacks, cybersecurity contractors are expecting a fresh wave of federal business opportunities. However, exact details on opportunities are hard to pin down.

USPTO Reveals Plans for 2008 IT Procurements
Federal Computer Week
The U.S. Patent and Trademark Office plans to issue four requests for proposals for five competitive IT procurements, covering systems and network engineering, database management and help desk support. The potential contracts would replace existing contracts.

The Common Cold of IT Security
Government Computer News
Like the common cold, IT experts find they can treat buffer overflows, but can't cure them. A stack buffer overflow is one of the oldest tricks used by hackers to take control of a computer. When a malicious program writes excess data to an address on the call stack of an application with a fixed length buffer, the corrupted stack can make the application run improperly.

Airlines Shift to E-Ticket Only Starting June 1
The Washington Post
The International Air Transport Association, a trade group representing 240 airlines and accounts for 94 percent of air traffic, announced its members will use only electronic tickets beginning June 1. Emphasizing the bottom line, the IATA spokesman noted how much cheaper e-tickets are to produce than paper tickets. The switch will save the industry $3 billion a year.

Idaho Lawmakers Consider 'Digital Repository' for Documents
The Idaho Statesman
Idaho officials seeks to replace an ineffective, costly and often ignored law requiring 20 copies of each state document be sent to libraries around the state. As so many state documents exist only in digital format, under the new system, one electronic copy of every state publication would go to the state Commission of Libraries to be preserved in the new digital library.

Colorado Airline Passengers Eye Fast Lane
The Daily Camera
The Clear security fast pass has been in use at the Denver International Airport since January. Cardholders bypass the unpredictable waits at airport security stations by registering personal information with the Transportation Security Administration. Thus far, travelers using the service have been pleased with the guaranteed no more than four minutes of waiting at airport security.

The idea that government should not be in the business of business was first articulated by the Bureau of the Budget during the Eisenhower administration in the 1950s. BOB was the predecessor to the Office of Management and Budget, which was created in 1970 during the Nixon administration.

Government should not be in the business of business. What this principle means is that there are broad areas of business activity that should lie outside the domain of government effort, e.g., providing food service, manufacturing, advertising, and offering medical services.

When Ronald Reagan took office in 1981, one of his top priorities was to shrink government. He believed that many of the activities carried out by civil servants could best be executed by the private sector. So he instructed the Office of Federal Procurement Policy (OFPP) to aggressively implement OMB Circular A-76, a government directive geared toward privatizing government activities.

According to a briefing by Vice Chairman, Joint Chiefs of Staff Gen. James Cartwright, the recent successful shoot down of the wayward spy satellite was not a test of the missile defense system. While the Missile Defense Agency was helpful in netting all the sensors needed together, according to Cartwright,

the missile itself is a standard missile in the Navy inventory; the ship is a standard ship in the Navy inventory. We added a lot of instrumentation. We made some modifications to the software to be able to go after a satellite.

You know, this is a one-time mod. It is -- if you put this mod in, we can't use the ship or the missile for another function without taking the mods out. So it's not something that we would be entering into the service in some standard way.

Yet, Defense Secretary Robert M. Gates said the shot proves that missile defense works.

I think, actually, the question of whether this capability works has been settled. The question is: Against what kind of a threat (do we employ the technology)? How large a threat? How sophisticated a threat?

So, is this shot "proof" of missile defense, or just a one-off highly constrained, albeit successful, experiment?

So yesterday I got two letters from BENEFEDS (the company that administers the Federal Employees Dental and Vision Insurance Programs, also known as FEDVIP). Each letter explained that I had an "outstanding balance" on my insurance programs (I have both Dental and Vision) and that my monthly annuity would be adjusted to cover the deficit.

Reasonable enough, until you learn that one balance was 2 cents and the other was 7 cents!

Now it cost BENEFEDS something to print and mail each of those letters, and it cost the Office of Personnel and Management something to send me two letters explaining that my annuity would be adjusted downward by 9 cents. (They will send me two more next month giving me the good news that my annuity has skyrocketed 9 cents.)

Surely, it would make more sense for someone in there simply to write off the amount (or wait until an account was out of balance by more than the cost of collecting it).

Or do you think auditors would identify such reasonableness as inadequately circumspect?

Google engineering manager Alan Newberger blogged yesterday about the software giant’s pilot program with Cleveland Clinic, which integrates patients’ electronic health records with their Google accounts. The initiative seems the first step in a long-term goal to provide citizens with universal access to their medical histories, and the ability to quickly exchange information with insurance plans, medical groups, pharmacies and hospitals.

Patients don’t have to participate in the program. Those that opt in will give authorization via Google’s “AuthSub” interface. Still, the initiative is sounding the alarm bells for privacy rights groups – the same groups that have spoken out against a national health network and other government-sponsored electronic health efforts.

Maybe a watchful eye on how Google handles the situation, including the very real privacy and confidentiality concerns, will provide the federal government a clue on how to get their own initiatives moving. It certainly wouldn’t be the first time industry paved the road.

Headlines from around the Web for Friday, Feb. 22, 2008
Compiled by Melanie Bender

A Problem IT Can't Fix: Getting Students, Faculty to Sign Up for Campus Alerts
ComputerWorld
In a random check of five schools in the United States, participation rates range from about 31 percent at the University of California, Los Angeles (UCLA), to about 50 percent at New York University and the University of Tennessee at Knoxville. Boston College and Florida State University logged in with much higher participation rates -- about 68 percent and 85 percent, respectively.

Study: More U.S. Broadband has $134 Billion Economic Impact
NetworkWorld
A 7 percent increase in broadband adoption would create 2.4 million U.S. jobs, would save $662 million in health-care costs and $6.4 billion in vehicle mileage, among other savings.

Researchers Find Hard Drive Encryption's Achilles heel
ComputerWorld
Researchers at Princeton University have discovered a way to steal the hard drive encryption key used by products such as Windows Vista's BitLocker or Apple's FileVault. With that key, hackers could get access to all of the data stored on an encrypted hard drive.

Server Shipments Up Despite Fears of Economic Slowdown
InformationWeek
Worldwide server shipments climbed 11 percent in the fourth quarter of last year and revenue was up nearly 3 percent, despite fears of an economic slowdown, a market research firm said Thursday. There was no change in the rankings of the top vendors.

Colorado: Flap Over Electronic Voting Heats Up
Rocky Mountain News
The cloud over Colorado's electronic voting and tallying machines grew darker Thursday, as voting activists accused Secretary of State Mike Coffman of violating state law during his review of the equipment.

Army to Lift Ban on Public Access to Online Library
Federal Computer Week
Shortly after sealing off public access to the Web-based Reimer Digital Library, the Army has reversed its decision, according to the Federation of American Scientists.

FAA Sets Cybersecurity Center Buildup
Government Computer News
The Transportation Department's Federal Aviation Administration is preparing to recompete Northop Grumman's existing contract to operate the agency's IT security management center, which helps safeguard systems across the department. FAA plans to expand and improve the center so it will be able to provide IT security services to agencies outside the department.

State Workers in Ohio Back to 8-to-5
The Columbus Dispatch
Reversing a 1990 downtown traffic-congestion relief plan, Ohio's new personnel policy requires most state employees to work 8 a.m. to 5 p.m., Monday through Friday, with an hour for lunch, unless there is a job-related reason for a different schedule.

Politcal Opposites in PA Join to Fight Real ID
The Morning Call
One of the General Assembly's most conservative members and one of its most liberal have teamed up in a bid to block a federal program they say would put the personal privacy of millions of Americans at risk by creating a national identity card.

When the Congress attempts to regulate behavior or dictate outcomes within or beyond the republic, it has few effective tools for direct control. Making an activity illegal does not stop the activity; it just changes the risk-reward calculus for anyone contemplating such an act. Rewarding certain economic choices with favorable tax treatment nudges the economy in certain directions (not always those wished for by the tax tinkerers).

The Federal Information Security Management Act (FISMA) is a wonderful example of Congress and the executive branch using blunt tools to bludgeon reality into a new path. The problem is clear: FedWorld doesn’t do a world class job of protecting sensitive information on either side of the Potomac. But the congressional response was to institute annual reporting, to empower (but not fund) inspectors general to provide independent assessments of the basis of such reports and to empower (but not fund) the National Institute of Standards and Technology (NIST) to develop standards for non-classified information.

On a scale of importance, where would you rank the following: taxpayer personal information, plans for weapons systems, pre-decisional legal or enforcement deliberations, names of informants in this or other countries, results of drug trials, pre-award procurement information, blueprints of government facilities, schedules of surprise enforcement actions (immigration, food safety, etc.), unpublished minutes of the Federal Reserve Board Open Market Committee, and official travel schedules of government officials in countries with active terrorist cells?

Because I am a government annuitant and a participant in various federal health benefit programs, you can bet I am concerned that the Office of Personnel Management and its contractors maintain the highest standards in protecting personal, banking, and health information about me and my family. But it is clear to me that other government information is worthy of even higher standards of protection.

Apparently, in FedWorld, personal information must be far more important than any other type of data, because protection of personal information appears to be the sole focus of attempts to “fix” the Federal Information Security management Act (FISMA).

Then I remember that none of the other information types vote, so every elected official is elbowing others on the way to the microphone to proclaim his dedication to privacy principles … and the Office of Management and Budget is standing in line at the microphone to announce a new reporting requirement.

Billy Graham used to have a fellow who traveled everywhere with him whose sole responsibility was to detect when the Rev. Graham was getting carried away with himself or his mission and yell "bullsh**." I believe the U.S. government needs just such a person to keep the legislative and executive branches focused on protecting our most precious assets (including information). I would volunteer but the ceaseless shouting would be more than my aged body could stand.

Since retiring from the federal government in 2007, I have watched with a mixture of alarm and amusement as the Office of Management and Budget, Congress, the National Institute of Standards and technology, the inspectors general, the Government Accountability Office and agencies have continued to miss the point of information and mission assurance while enriching consultants and printer manufacturers by producing mountains of increasingly meaningless paperwork.

I intend to bring to readers’ attention various issues I believe deserve more critical thinking than is typically available in the federal enterprise (which I will henceforth call FedWorld).

I also believe:

• Information protection is better than security plans
• Privacy protection is better than privacy plans or impact statements
• Intrusion prevention beats the pants off intrusion detection
• Personnel security has almost nothing to do with HSPD-12
• Cybersecurity is only marginally related to information security
• … and so on.

Please remember my point of view before you comment on something I’ve written by chiding me that the Federal Information Security Management Act (FISMA) has it otherwise, that OMB guidance points in another direction, or that an IG will write me up. I no longer live in FedWorld so those customs and folk beliefs seem quaint.

The FDA announced that for the coming flu season, the flu shot will be made up of three new flu strains: Brisbane/10, a version of the H3N2 flu; a second new Type A strain known as H1N1/Brisbane/59, and a newer Type B/Florida strain. The reason is that this year's vaccine has proven to be only 40 percent effective, rather than the 70 percent to 90 percent that is more usual.

Since it takes a long time to create a flu vaccine, scientists have to make their best risk estimate of what next season's predominant viruses are going to be nine months in advance. Most times, they get it right, but sometimes not, like this year.

The Washington Post had a recent story on the problems at the Census Bureau, a story that Editor Allan Holmes has written extensively about in Government Executive. The problem is that the Census Bureau is relying on capturing census data using handheld wireless devices, but the project has had cost, schedule and technical difficulties. Congressional leaders and their staff were briefed last week by Commerce Secretary Carlos M. Gutierrez and Steve H. Murdock, new director of the U.S. Census Bureau, on the status of the project.

The Census Bureau thinks that it can work out the problems and be ready for the 2010 Census. Marc Raimondi, a spokesman for Harris, the contractor, said, “It's a large IT system integration program. It's not unusual for a program to have challenges.”

Not risk, mind you, but challenges. There are many, myself included, who think some pretty extensive contingency planning is needed in case these "challenges" aren’t able to be surmounted, but the Census apparently believes that isn’t necessary. We won’t have to wait much longer to find out whose right.

Henry Kissinger supposedly said that even the paranoid can have enemies. Government Executive.com columnist Bob Brewin recently wrote somewhat whimsically, about the various conspiracy theories about who might be behind the cutting of the four undersea fiber-optic cables serving the Middle East, India and Pakistan. He noted at the time, “All these cuts could just be a coincidence, albeit a mighty strange one.”

Now there is word out that the United Nations is looking closely at the idea of sabotage: “Damage to several undersea telecom cables that caused outages across the Middle East and Asia could have been an act of sabotage, the International Telecommunication Union said on Monday.

“We do not want to preempt the results of ongoing investigations, but we do not rule out that a deliberate act of sabotage caused the damage to the undersea cables over two weeks ago,” the UN agency’s head of development, Sami al-Murshed, told AFP (Agence France-Presse).

One of the cable owners, FLAG Telecom, thinks the whole flap is nonsense, and was probably caused by anchors or fishing trawlers, and anyway, it won't happen again because they are going to lay a new cable that is "fully resilient" against cuts and will "provide a diversity in routes."

I don't know that any of the cut cables are a result of sabotage, but the event was at the very least a low probability, high consequence risk that has now occurred. If it happens again, well, then ... outsourcers to the Middle East and Asia better make sure their contingency plans are up to snuff.

Government Executive published a nice article called On Top Of IT in the 1 February issue that dealt with the need for strong contract management in IT programs and projects. However, I was a bit surprised after reading the article that neither the words “risk” nor “risk management” were used at all in the article, although their fingerprints were all over the piece.

The contract is the primary IT project risk management vehicle – it defines by the choices made (and not made) how much risk is acceptable by both parties to the agreement. In essence, a contract is the cornerstone risk analysis and management document, setting out the objectives, assumptions, constraints, risk thresholds, etc., that define what is and is not acceptable performance, and remedies in the case of failure.

If you look at the examples of poor contracting mentioned in the article, i.e., the Coast Guard's Deepwater and FBI’s Virtual Case File project, effective rather than pro forma "tick in the box" risk management was sorely missing in both of these cases.

If you want to stay on top of IT contracts and contractors, you better have a clear understanding of the risks involved, and who is best able to manage them effectively.

With the resignation of David M. Walker, head of the Government Accountability Office, the federal government loses a thoughtful and out-spoken government enterprise risk manager. Walker has continually warned about the need for increased federal government fiscal responsibility, given the mandatory spending on Medicare, Social Security, and interest on the U.S. debt.

It will be unfortunate if Walker's successor does not take on the mantle of the government’s enterprise risk manager, providing a realistic assessment of U.S. finances and actively stating the risks of not making hard choices among competing needs in the midst of scarce resources.

First, it was the scare that electro-magnetic radiation emitted by computer monitors may cause skin rashes and abnormal pregnancies. Now you have to worry about catching a virus or staph infection from your computer keyboard or mouse (the pointing device).

But have no fear, a newsletter -- Washable Keyboard News -- just announced that it will "keep industry stakeholders abreast of current information that will help them to equip their home or work environments with appropriate technology for mitigating the transmission of these germs."

Unotron's Washable Corded Standard Keyboard

The newsletter is published by Unotron, "an emerging company that designs and manufactures high quality, washable data input and security devices that can be easily cleaned and disinfected to maximize user safety and minimize risk in nearly any environment," according to its Web site. Unotron tells us this unsettling factoid: "PC keyboards harbor more than 3,000 microbes per square inch - as compared to toilet seats' 49."

The site also has individual sections for health care, education, commercial and government. Seems as if viruses are sector specific, although the copy for each section is identical. Although we learn that the company will soon introduce smart card readers and fingerprint readers will soon use the company's SpillSeal® technology. Just in time for HSPD-12.

Spending on information technology to support federal health care is expected to increase 40 percent to $4.5 billion in the next five years, according to a report released today by the federal market research firm Input. The 7 percent compounded annual rate increase may be even larger once standards for the electronic health records are adopted and as more medical records are digitized, Input analysts report.

But the path to electronic health records won't be -- and hasn't been -- easy. As William Hammond, professor emeritus of community and family medicine at Duke University, was quoted in IEEE Spectrum magazine:

We’ve been talking about medical standards harmonization and cooperation for 20 years. Yet no one has defined all the standards needed to support a national health information network, and no one has identified what’s missing.

However, the departments of Defense and Veterans Affairs have been one of the leaders in electronic health care. On Feb. 27, Bob Brewin, Government Executive's editor at large, will conduct a webinar with Lt. Col. Edward Clayson to look at how the Army has brought electronic health care to the front lines in Iraq. The Battlefield Health IT webinar will start at 2 pm.

There is increasing evidence that management of the federal government may actually become a key issue in the candidates' debates and the upcoming presidential election. The most recent issue of The Economist features Sen. Obama on the cover and asks “But could he deliver?” Of course, for different reasons, Sens. Clinton and McCain are asking a very similar question. Government Executive's own Tom Shoop noted in a recent article, “the debate is shaping up to be not just a battle of sound bites, but a genuine discussion about how to improve the government's underlying capability to address the challenges facing the country.” So it may be useful to take a look at the top candidates as they have begun to lay out their plans for “reforming government” and “cleaning up Washington.”

On the Democratic side of the spectrum, Sen. Clinton co-sponsored legislation to create a U.S. Public Service Academy -- the equivalent of West Point or the Naval Academy -- for civil servants. The measure would dedicate $205 million to fund a 5,000 student institution aimed at producing high-quality federal employees. Last spring, she delivered a major policy address at Saint Anselm College in New Hampshire, where she laid out a 10 point agenda for government reform. One of those drew most of the attention: cutting back the government's contract workforce by 500,000 people. But there is much more in the speech, including making it possible for virtually every government service and transaction to be paperless. Sen. Obama has outlined an aggressive technology agenda to make government more transparent, place much more government information online and to create a government chief technology officer with real authority over government services and infrastructures.

Republican presidential contender John McCain delivered a speech in Oklahoma City, Okla. -- also last spring -- where he outlined a comprehensive platform for government management reforms, describing steps he would take to boost federal pay, speed firings, tie program funding to yearly evaluations and toughen acquisition rules.

All of these positions and speeches can be found on the candidates' Web sites. One can also look at the site created by Professor Donald Kettl of the University of Pennsylvania to track management issues in the 2008 campaign.

Headlines from around the Web for Thursday, Feb. 21, 2008
Compiled by Melanie Bender

Privacy Group Sounds Alarms Over Personal Health Records Systems
ComputerWorld
In some cases, people whose health care information is stored in online personal health records (PHR) systems may be exposed to serious data privacy risks, according to a warning issued by a privacy advocacy group. That's because not all PHR systems are covered by the federal Health Insurance Portability and Accountability Act, the World Privacy Forum said in a 16-page report released Wednesday.

Malware's New Mantra: Think Globally, Steal Locally
InformationWeek
The era of global malware, characterized by threats like Blaster and MyDoom, is drawing to a close. Malware authors have taken to designing malicious code for local markets. A report that McAfee plans to release on Thursday describes how malware creation over the past few years has transformed from a mass market endeavor into a regional one.

March Rollout for FBI’s Data Sharing System
Government Computer News
The FBI's Criminal Justice Information Service (CJIS) plans to launch the first increment of its National Data Exchange (N-Dex) law enforcement information sharing system March 19, according to program manager Kevin Reid.

Responders, Managers Team to Control IT Incidents
Federal Times
They may be government information technology managers, but they talk like members of a SWAT team. Information security incident response teams — quick responders who stomp information technology emergencies in their tracks, dissect the attacks and blockade future badness — are in high demand these days.

Candidates Not Tuned in to Cyberthreats to Campaigns
Government Computer News
Using the Internet in an election campaign is not a new idea, but would-be presidential candidates have embraced the concept in this election cycle like never before. But along with the newfound power of the Internet comes equally significant threats, said Oliver Friedrichs, director of emerging technology at Symantec Security Response.

D.C. Cameras Have Cut Violence, Study Says
The Washington Post
The use of surveillance cameras by D.C. police has lowered violence in some areas of the city and helped to identify suspects and solve crimes, police say in a report released this week. But some remain skeptical, and a council member is questioning whether the $4 million supply of cameras merely shifts crime away from the lenses.

DOD to Test System to Improve Intergovernmental Transactions
Federal Computer Week
The Defense Department’s Business Transformation Agency (BTA) will test a better way to transfer funds with other agencies in the next seven months. BTA Director David Fisher said Feb. 19 that after a successful internal DOD pilot program last year, officials want to expand the intergovernmental transfers trial with nonmilitary agencies.

Education Needed on Importance of Broadband to Rural Areas
Arkansas News Bureau
Enticing private companies to invest in extending expensive broadband Internet infrastructure into rural areas of the state may not require government incentives, but instead the education of Arkansans, industry officials said Wednesday. "The reason people don't have a demand for broadband primarily is because they don't understand what broadband can do for them," Arkansas Broadband Advisory Council Chairman James Winningham told members of a legislative committee on advanced communications and information technology.

Security Issue Tied to Chinese Investor Remains Unresolved
The Boston Globe
Bain Capital Partners' $2.2 billion deal for 3Com Corp. is on the ropes after Bain and 3Com failed to satisfy a federal agency that the transaction wouldn't harm national security. The deal, proposed in September, would take 3Com private and give a 16 percent stake in the company to Huawei Technologies, a company with close ties to the Chinese military.

Federal Government Falling Short on Cybercrime
SearchSecurity
The federal government is falling farther and farther behind its fight against cybercrime and, despite an increase in the amount of resources being allocated to address the problem, it will continue to struggle without a lot of help from law enforcement agencies at the state, local and international levels, current and former government security officials say.

In the last month, SRA International has lost two top executives with deep government information technology experience. Dan Chenok, formerly branch chief for Information Policy and Technology at the Office of Management and Budget, considered one of the top IT management posts in the White House, announced he was leaving his senior vice president position at SRA to join Pragmatics Inc., which works with federal agencies to provide integration and information security solutions. Chenok was instrumental in creating OMB's IT and e-government policy and budget.

In January, Mary Ellen Condon, a former director of information management and security for the Justice Department working on information security, left her post at SRA to join federal consulting firm Booz Allen Hamilton as a principal in the Assurance and Resilience Service. At SRA, Condon was vice president and director of strategic services. Condon also held senior-level IT positions at the Agriculture Department, the Immigration and Naturalization Service (now part of the Citizenship and Immigration Services in the Homeland Security Department), and the Energy Department. She also is a founding member of the federal Chief Information Officers Council.

A lesson in how the law has yet to catch up to the Internet era is playing out in San Francisco. A federal judge there has ordered the domain registrar for a Web site that allows users to post leaked confidential information in the hopes of "discouraging 'unethical behavior' by corporations and governments, according to a New York Times article. The case involves a former employee for a Cayman Islands bank who provided the Web site (Wikileaks.org) with documents that violated a confidentiality agreement and banking laws. The documents show the bank allegedly involved in money laundering and tax evasion.

While the order has been portrayed as a test of First Amendment rights in the Internet Age (and for the Web site, called ), it's also an example of how unsuitable judicial authority is when it comes to the Internet. As the Times points out:

Judge White ordered [domain registrar] Dynadot to disable the Wikileaks.org address and “lock” it to prevent the organization from transferring the name to another registrar.

The feebleness of the action suggests that the bank, and the judge, did not understand how the domain system works, or how quickly Web communities will move to counter actions they see as hostile to free speech online.

The site itself could still be accessed at its Internet Protocol address (http://88.80.13.160/) — the unique number that specifies a Web site’s location on the Internet. Wikileaks also maintained “mirror sites,” or copies usually produced to ensure against failures and this kind of legal action. Some sites were registered in Belgium (http://wikileaks.be/), Germany (http://wikileaks.de) and the Christmas Islands (http://wikileaks.cx) through domain registrars other than Dynadot, and so were not affected by the injunction.

Fans of the site and its mission rushed to publicize those alternate addresses this week. They have also distributed copies of the bank information on their own sites and via peer-to-peer file sharing networks.

Headlines from around the Web for Wednesday, Feb. 20, 2008
Compiled by Melanie Bender

Most Federal Workers Can Work From Home, But Don't
InformationWeek
If all federal employees eligible for full-time telework did work from home, the employees could save a total of $13.9 billion on commuting costs and stop 21.5 billion pounds of pollutants from entering the environment each year, according to a recent study. However, many employees are unaware of their federal agencies' telework policies, and even fewer know if they are eligible to work from home.

Panel: Securing Cyberspace Among Top Technological Challenges of 21st Century
NetworkWorld
A National Academy of Engineering panel of big thinkers, including Google co-founder Larry Page, has identified 14 top technological challenges for this century and securing cyberspace is among them.

Firm Gets U.S. Nod for Quick Passenger Data Checks
C-Net News
A company owned by international airlines on Wednesday said it has won approval from the United States for a system providing passenger details to U.S. border authorities almost instantaneously.

IT Career Paths You Never Dreamed Of
ComputerWorld
Software developers eager to advance should consider looking for product architect roles. Network and security administrators may want to start looking for positions as electronic privacy specialists. If business analytics is your area of expertise, your next promotion might be to the job of information architect. Just don't expect to be part of an IT department.

Sabotage Eyed As Possible Cause Of Undersea Cable Cuts
InformationWeek
Officials refuse to rule out sabotage but believe that fishing nets or ship anchors are the likely cause of the damage to the five undersea telecommunications cables.

New Computers Delaying Food-Stamp Applications
Austin American-Statesman
New state data show that only 48 percent of Texas food stamp applications processed using the updated computer system, known as TIERS, are completed within the 30 days the federal government requires. State officials say one of the problems is there aren't enough workers trained in the new system.

NIST Releases Results of Latest Fingerprint-Matching Tests
Government Computer News
Only one of five biometric smart-card vendors participating in a federal test of on-card fingerprint matching managed to meet the accuracy standards set for the federal Personal Identity Verification card, according to the National Institute of Standards and Technology.

DARPA Procurement Plan Shows Pentagon's IT Research Priorities
Government Computer News
The Pentagon seeks to fund information technology research projects in technology arenas that reflect the military's emerging warfare challenges, especially those flowing from combat in South Asia and conflict in cyberspace, as outlined in a recent procurement plan.

Survey: IT Spending Set for Slowdown in Q2
InfoWorld
Twenty-three percent of respondents to a ChangeWave Research study said their companies will reduce or halt IT spending in the second quarter of this year, results that underscore recent concerns about a U.S. recession. Only 15 percent of respondents said spending would increase in the second quarter, a nine-point drop from the company's previous survey in November.

Most States Give Green Light to Tamper-Proof IDs
USA Today
Forty-four states are moving ahead to comply with a law requiring more secure driver's licenses, according to the Department of Homeland Security — despite privacy concerns and worry that the new documents will be too expensive.

Barack Obama’s presidential campaign is out a chief technology officer. Just before Super Tuesday, Kevin Malover reportedly joined private equity firm GTCR Golder Rauner in Chicago as chief information officer, according to Investment Dealers Digest.

Prior to joining the campaign trail, Malover helped with travel site Orbitz.com and an online real estate company he cofounded. He can be credited for helping to craft Obama’s strategic use of text messaging and social networking sites such as MySpace.com and Facebook.com, and developing an interactive web site that allows Obama followers to find events and volunteer opportunities, register to vote, and call citizens in contested states to drum up support. The Web site's ability to reach out to voters via mass emails has been mentioned as one of the reasons for Obama's success this campaign season. At the time this blog was written, the call function was not available due to “overwhelmed” ser