The DOBlog

Blog

  • Biometric passports… secure or not?

    Also on the Register this morning is a worrisome story where the Daily Mail has done an experiment to see just how secure UK biometric passports are.

    Short answer – not very really. For a start the data on the card can be read wirelessly, but requires a decryption key to read it.

    It seems that the encryption key used to encrypt the biometric chip data is not exactly rocket science to break being made up of the passport number, the holder’s date of birth and the passport expiry date.

    So let’s say my new passport number is XYZ1234, my date of birth is 1977-12-12. Both these pieces of information are available on the passport itself, so if someone has your passport in front of you they can recreate the key without any difficulty.

    Even if they have only scanned your chip (sounds naughty doesn’t it), passport hackers (in the UK at least) have enough clues on the envelope itself to get them some of the way. The one key piece of info that requires effort is the date of birth. So down the Central Registry office with us to get info on that (or google the person to see if they have a Bebo profile of have put info about their birthday on the web anywhere).

    The passport office identifier is on the mailing label and the passport expiry date will usually be within 10 years of the post mark on the envelope. Please note – the envelope has not been opened yet.

    Ahhh says you… “but the hacker will still have to get those facts in the right order to break the code. Even my ATM only lets me try 3 times. This technology is surely more secure than that”.

    Me arse. It seems that Harry the Hacker can keep going until he cracks the code and gets all your details (including photo and other bio-facts) from the chip.

    So, how secure is the Irish system? Do our new biometric passports have a similar vunverability. In my clippings from the Irish Time at home I have a front-page photo of our Minister for Foreign Affairs holding up his new biometric passport when they were launched last year. Clearly visible is his passport number.

    So one piece of data down. His date of birth is pretty easily accessible (www.fiannafail.ie narrows it down for us) and we know that biometric passports came into effect in Ireland in 2006. All I need is a bit of cheap kit and a scanner to steal his passport without touching his pockets.

    Sweet.

  • Crazy yanks

    Found this initially in Metro free newspaper and also on The Register.

    This man is clearly somewhat paranoid about ‘the man’ being able to recover data from his hard-drive. However, as pointed out by the Reg, the misguided belief that deleting any files on your computer removes them from existence is just plain wrong.

    In the past I worked as a LAN admin and occasionally we had to replace old PCs with newer models. The standard operating procedure for ensuring that data on the hard-drives could not be recovered did not involve deleting anything or even a format of the drive. No, we used a nailgun. Two nails into the drive meant it was unusable. Four was overkill but fun.

    The fact that HP, who own Compaq who sold the drive encryption software this gentleman used, seem to have settled tells me either two things:

    1. Either Compaq’s software was not as robust as its marketing claimed
    2. HP’s lawyers decided it was too expensive to litigate and just cut a cheque in full settlement – it is interesting that HP do not appear to have admitted liability

    Why would HP have settled? Perhaps the means by which authorities can circumvent their software represents a proprietary secret that would be come public record if aired in court. Imagine the fun hackers would have if they knew exactly how to get around drive-based security on your machine.

    For the record – this is person sold modified weapons that caused even American eye-brows to raise (a rifle with a silencer – so you don’t wake Bambi while taking out his mother obviously).

  • An idea pinched from Tuppenceworth

    Tuppenceworth have started doing ‘Tag Clouds’ to visualise the frequency of words etc in political manifestos and speeches in the run up to the Irish General Election.

    Ho-hum I thought… wouldn’t it be interesting to do the same on the emerging commercial Information Quality Blogs (and perhaps other commentary in the area – it works on any text) to see what sort of themes emerge in the tags (ie commonly occuring words). The bigger the font the more frequent the occurence. I’m making no inferences based on the ‘cloud’ – I’ll leave that up to you. This one is based on a post by Garry Moroney of Informatica on their blog site.

    created at TagCrowd.com

  • Side effects of the Blog Awards?

    It would seem that the IT thought police in my employer were paying attention to the Blog awards. For a long time our web filters only blocked tools like blogger.com and typepad. Sites like Tuppenceworth who operated their blog on their own domain (like the DoBlog too) flew beneath the radar.

    Not any longer.

    As of today I’ve noticed that the venerable Tuppenceworth has been blocked, as have all incarnations of Twenty Major. It is possible that it is just a co-incidence that this has happened a week after the Irish Blog Awards, but I’m far to cynical to think that. I’m donning the TinFoil Hat of Conspiracy as I suspect that the media profile given to some of the former ‘stealth blogs’ in the run up to the Blog Awards may have alerted some policy makers to the fact that there’s more than one way to blog.

    Hopefully I’ll be able to keep updating the DoBlog and the IQNetwork site after hours from the office. Failing that I’ll just have to trawl for some wireless broadband connectivity.

    In the mean time…

    ###Updated###
    Tupp’worth isn’t blocked anymore… looks like a random burp from the web filters. Twenty is still barred though, more’s the pity.

  • Count down to an Information Quality clash?

    Daylight Savings time starts in the US on the 11th of March – that’s next week. DST doesn’t start in Ireland or the UK until the 25th of March. The US change comes about under an Energy Protection Act passed last year.

    Microsoft are warning people in the US that their PCs won’t automatically update (not that mine ever did) and are assuring people that VISTA already handles it.

    So what will happen if your PC has the incorrect locale settings (data)? Will that have triggered it to download the various patches for Windows and Outlook? Have European firms checked that they have no dependencies on US daylight savings time in other software or calculations?

    I’m probably fretting over nothing but seemingly innocuous base data can, if not managed correctly, have a big impact on business processes and on people’s lives.

    My advice – check your locale settings even if you’re using a Mac.

  • Back again… and with a new face too.

    The DoBlog is back again, and in the style of Bond villains it has another new face. The old one was functional-ish and quite search engine friendly but it was a tad bland and ugly and didn’t wrap text very well. Frankly I put my failure to be nominated for any of the Irish Blog Awards down to the poor design 😉 . Next year I am hoping to wrestle TwentyMajor for a 2 litre bottle of Um-Bongo – well done to Twenty for winning again.

    I’ve been busy with the IQNETWORK website (www.iqnetwork.org) getting it bang up to date and also running the 4th Information Quality Forum in DCU. I’m also lecturing in DCU as well, so I have very little time for this blog which is still more of a hobby than a way of life.

    Must also try and find time to get back into training with the Aikido club…. (sorry Sensei).

    So much to do… must set up a category for ‘time management’….

  • In My Life…

    Perhaps it is that I am now on the cusp of my fourth decade as Daragh O Brien that I am getting a bit sentimental. Perhaps it is the early onset of a mid-life crisis that has me pondering how I have come to this point in my life as the person that I am. At least I hope it is an early onset mid-life crisis; the alternative means I’d need to get the finger out pronto and start achieving things.

    Maybe I’ve been listening to too much Talking Heads and I am wondering “who am I and how did I get here”, a question we all ask at least Once in a Lifetime. Perhaps I’ve too much Beatles going through my head when I think of the title for this post.

    So who am I? It seems that I’m a nice guy, who people respect and trust to do important things. Like being a husband, or a friend, or a manager of complex and sensitive projects. I’m someone that people come to for advice and to try and help them solve problems. At least, that’s the sense of me that I have gotten in the last week or so since I crossed over into a new demographic. My friends or family will surely comment below and deflate any ego that I may have here (that’s why they’re my friends and family).

    I seem to have wound up a noted (and possibly respected) contributor to the global community of Information Quality Management professionals. I am a teacher. I am a student. Above all else I am one who seeks to learn and seeks to understand the why and the root cause of significant outcomes.

    I may even play my music on the run, who knows.

    From my point of view, my life as it is now is a significant outcome. And how did I get here? How have I travelled from being the nerdy jock (I vividly remember in my 5th year of high school running from captaining a national league basketball team in crucial game (that we won) to captaining my high school debating team in a national semi final debate) to being the person I am today?

    It has been, in the words of Pete Townshend, “an amazing journey”. I’ve meditated and pondered on this for a few days. I realised I was doing that when the answer popped into my head – a bit like spam from the Universe.. “You have won a nugget of enlightenment and a soupcon of self-awareness. To claim your prize…”. The answer isn’t quite what I would have expected if I had expected to have asked the question and had a concious expectation. I know that that last sentence is a bit Rumsefeldian and could rank as a known unknown (you know I’ve said it but you are buggered if you know what it meant). I apologise.

    Who I am now and what I am achieving boils down to a few small things, and one or two big ones. Most surprisingly to me is the layer of connections between things I am and I do now and experiences, events and people from my past. And the overwhelming urge I have is to say thank you.

    I could start right back at the beginning with my parents in the early spring of 1975 (I’m a January 1976 baby). But that would make me the Kevin Costner of blogs with a production rich in detail but lacking in toilet breaks. ‘Dances with Nerds’ how are ye. 😉

    Instead I’ll start at the now and work back. Right now, I have a network of friends and acquintances all of whom have helped shape me as much as my family might have had. I have ‘strong ties’ and I have ‘weak ties’ and a sizeable number of ‘middling ties’. Not all of these people are my generation. Some are older. Some are younger. All of them are precious to me as people because of the gifts they have given me.

    Interestingly, many of these people have come into my life and hung around in circumstances that link them to some big stresses and traumas in my life. For example, the friend who encouraged me to first publish writings on the Web and who constantly challenges my thinking on things in good ways is a guy I met through a mutual friend who I went out with for a while in college.

    Through that person I started hanging around in the office of the college newspaper that Simon wrote for. That relationship ended….hmmmm… awkwardly. Due to other baggage in my life I didn’t take it too well and became a less nice person for a while and, in hindsight, abused people around me as much as I abused myself with drinking and acting the bollox and basically not being someone you could rely on.

    However, the friendship with Simon endured because we had hit it off. Simon eventually went on to set up Tuppenceworth.ie and encouraged me to publish my first piece there back in 2001 – “The Celtic Tiger Ate My Chocmallows“. I then went on to bore Tuppenceworth’s readers with guff about the impact of poor data quality in the electoral register elections and referenda in Ireland back in 2002 – a theme that has dominated this blog since last summer.

    I think it is unlikely that Simon and I would have become such good friends if we hadn’t had that link. Although we share many interests, I was a proto-hack’ in college – immersed in the shallow end of college politics, debating societies and the petty chicanery that that entailed. Simon was more honourable than that and would probably have (rightly) dismissed me as yet another gobshite if we hadn’t had the chance to share a few million laughs in a tiny office under the stairs in the Arts Block.

    So thank you to that mutual friend who linked us, now long gone.

    Anita was a young woman I also met in College through two muppets I had known from school (one from primary school and the other from high school). Anita and Simon. met, fell in love, and I had the pleasure of being a groomsman at their wedding a few years ago. Now they’re awaiting the arrival of their first child.

    And all because Anita met two guys who knew me and as a result bumped into Simon who I hung around with. So, thank you to Trev and Sully for seeking me out as some sort of Oracle of knowledge about how college worked. I think I pulled that off for about 20 minutes and then it just became coffee and smokes in the common areas a dozen times a day.

    The best man at the wedding was Fergal. He is another guy who challenges my thinking. He has written some stuff with me and has presented at an international conference on Information Quality with me. He has helped me refine my understanding of the law as it applies to the management of information quality – a theme that I keep coming back to in lectures, articles and conference presentations and which is taking me to the UK (again) and possibly the US later this year to present. He is Simon’s best friend since childhood. While Fergal was a debater from another college, without Simon vouching for me as a friend, he probably would have dismissed me as just another L&H gobshite hanger-on and gotten on with his life.

    (more…)

  • Information Quality in Ireland

    Two quick nuggets on IQ in Ireland…

    Firstly, the IQ Network are reporting that  we have had a Court ruling that may have implications for Information Quality… we’ll track them and keep you posted.

    Secondly… The electoral register is still snafu’d despite the efforts of the Minister for the Environment. Again, expect to see more on that here and at www.iqnetwork.org. The Sunday Tribune had some good stuff on this over the weekend, so I’ll be linking to that and posting a commentary.

  • In rememberance of those who have gone before us

    A disturbing thing happened to me this evening.

    I was out for a few drinks with an associate and his wife (who suffered through an evening of nerdvana as we discussed data quality and Dr Who). Nothing too disturbing there.

     However, at one point in the night I caught a glimpse of myself in the mirror of the bar we were in. What I saw was a round and smiling head perched atop a suit, a shirt and tie and a v-neck jumper. But what pushed my mental gears into over-drive was the tell-tale clip of a Parker pen in my suit jacket pocket.

    All men fear that one day they will turn into their fathers. I seem to have bypassed that by turning into my grandfather.

     And, much like Marcel Proust’s madeleine cakes, it was the little detail of the Parker pen that gave me that “oh shit” moment.

    For all that he gave me, and all that I should have taken while I had the chance, I thank my parental grandfather.

    For the rest… I thank god that I only inherited a genetic dress code from my paternal side, and that my love of music and playing music I can still share with my maternal grandfather.

    Have any of you dear readers had similar moments of “o jaysus I’ve turned into… “?

  • Sorry I’ve been away

    the DobBlog has been neglected of late. I have been busy upgrading and tweaking the website of the IQ Network (www.iqnetwork.org), a Community of Practice of the IAIDQ run in partnership with the IAIDQ (www.iaidq.org).

    Please toddle over there to take a look – the IQ Network has a very full calendar of events for 2007 in the pipeline and we’re looking forward to another year of delivering value to our members.

    Our first event is on the 22nd of February in DCU… see www.iqnetwork.org for details!