Not in Chicago anymore

Mundane life from rural Minnesota.

Saturday, June 6, 2015

Electronic Health Records

I don't know how much of this article is true. I actually read the followup first. The basic premise is that Electronic Health Records are not working, impeding doctors in doing their job to the point of motivating them to stop practicing, bankrupting small practices, and degrading the quality of care.

I had high hopes for the concept; I still do. Think of how valuable it would be if the doctor examining you right now had access to what all the doctors you've visited have discovered about you. It would improve the level of health care immensely and make life easier for everyone. I've actually seen this in action; as you might expect, Mayo has done a lot to integrate health records for their patients, so when I went to a different location for a checkup the doctor there had access to my records from my usual office. It was useful. In a more urgent scenario, it could have been a life-and-death difference.

But I've also see the gaps pointed out in the article. My local Mayo location actually uses a completely different computer system than is used at Mayo headquarters in Rochester, fifty miles down the road. So, yes, the data is there, but it's very difficult for the doctor to actually use it. Mayo may be at the forefront in health care, but their computer systems are stuck back in the dark ages. And if Mayo is this far behind, I can only imagine the situation in other health care environments. Actually, there are probably providers who are ahead of Mayo (it wouldn't be hard) but I expect that the norm is pretty depressing.

That's too bad. I stand by the idea that integrating health records is a noble goal. But the Information Technology folks have let us down. This is another example of the breakdown between the people who use the system and the people who build the system. And maybe the technology isn't quite here yet. Another aspect is the legal structure that controls protection and sharing of health data. That's a tough area and the current laws are a patchwork of complexity that often do more harm than good.

The article author's premise is that it was happening and that it should have been allowed to happen in its own time. I think there's a compromise position. There's little incentive for the medical profession to make their work available to their competition, even if it might save someone's life. But imposing arbitrary dates when the technology isn't ready isn't the answer. But wait . . . "compromise" is a word that seems to have disappeared from the political arena.

Friday, May 15, 2015

Discussion groups

This article on the Reddit blog discusses a topic that has been around since there were enough people with access to computers to support electronic discussion groups.  That happened back in the 1970s when Usenet and bulletin board systems became popular.  Both of these support an open discussion in which people type their comments rather than speaking them. Other than the mode of interjecting the material, these discussions are much like having a group of people together face to face.

But there are two big differences.

First is the scale.  In some of these large systems like Reddit, it's not unusual to have thousands of people involved in the discussion. This strains the analogy with a traditional in-person discussion.

But the most important difference is the element of being anonymous. People will say things when they can hide behind a computer screen that they would never consider saying to another human face to face. It's actually rather sad.

So you end up with a situation for which there is no perfect answer. Free speech versus an environment in which meaningful discussion isn't possible.

People have been wrestling with this since the beginning of the mode.  In Usenet, one of the first large discussion forums, the situation was address by inventing moderated newsgroups where a human moderator examined each submission and approved it before it was seen by the group as a whole. This concept continues to be used by systems like Reddit in different forms – sometimes every submission is screened, or some members are whitelisted so that they can contribute directly, or articles are removed after submission.

Reddit has done a remarkably good job of handling this problem. The fact that they're still around testifies to that; PostSecret attempted an open discussion system that they finally shut down because they simply couldn't police it (or didn't want to). As you can see from the article above, Reddit continues to wrestle with the issue.

It's interesting to watch the reaction of different systems to this issue.

Sunday, May 3, 2015

Are these guys real?

The day is new and I'm already in awe of our fringe politicians.

There's this article that reports that a number of Republicans have formed a group to try to change the ownership of national park land into state hands. The article reports it as a move to seize land and turn it over to developers, and the actual statement is more of a state's rights "We can do it better than the Feds" theme. I suspect that the truth is somewhere in between. But please . . . the national park system in the US is one we can be proud of. It's not broken. Can we not try to fix it?

As an aside on that article . . .  this quote, "Earlier this week, Bishop attached a provision to a defense spending bill to delay the U.S. Fish and Wildlife Service from protecting the greater sage grouse under the Endangered Species Act for at least 10 years."  This technique of attaching riders to a bill that have nothing to do with the actual purpose of the bill is so sad. If you want to debate the merits of the greater sage grouse, fine . . . but debate it.

Then there's this NPR article about deploying the National Guard to keep Obama from taking over Texas. Really? Well, it is reported by more than NPR, including this article that includes a video of Ted Cruz pandering to this conspiracy theory. I understand the the sources I'm using, like NPR, have no credibility because they are controlled by raging liberals . . . but Ted Cruz is speaking for himself in the video, and what I hear scares me.

Sunday, April 26, 2015


I did a really stupid thing this morning. Using a web site, I made an anonymous donation.

My definition of "anonymous" is obviously outdated. Silly me; I thought that if I made an anonymous donation that "no one" would know where it came from. I am not naive enough to think that "no one" means "not a single human in the universe". It was made using a credit card, so obviously it is linked to me at some level.

Literally within seconds of my hitting the {donate} icon, my phone rang. The donation was earmarked for an individual in a team – one of these deals where the individuals compete to see who can garner the most donations – and the "recipient" was calling to thank me. I was kind of flabbergasted. To me, the whole idea of "anonymous" is that I don't want the recipient to feel somehow obligated to me because I made a donation to the team and she gets credit for it. But no, anonymous does not mean this.

I have subsequently found out that there are many people who know about the donation and exactly who made it. "Anonymous" in the sense used on the web site only meant that my name was not shown in the list of donors on the web site. It could well show up in material published by the organization, in public expressions of appreciation, or anywhere else.

It's not that I am ashamed of making the donation. But I said "anonymous" for a reason, and I am disappointed that my wishes are not being respected. So beware – in today's world, "anonymous" may not mean what you think.

Thursday, April 23, 2015

Stealing WiFi passwords via a web site

I remember when I was in the security biz and attended conferences and training events. Generally the kickoff session was a "What's New" and by the end I would be depressed and distressed based on what the black hats were up to. There was always new stuff, and I always wished that these people could use their huge intellect and imagination to create good instead of bad.

This morning I stumbled on this article that describes how to steal the password for someone's personal wireless network as they are innocently browsing sites on the web.  It took me a while to put it together because the article is not terribly well written, but the basic story is that there is a network-connected speaker that stores the network password in a file, and the instructions describe how to trick the person's browser into returning the contents of that file to the attacker.

This is, of course, just a specific example. It applies only to folks who have Bang & Olufsen speakers attached to their home network. But it's getting to the point that all of us have things connected to our home networks – printers, thermostats, even refrigerators. Is there a similar exploit that could grab my wireless network password from my network-connected printer? Maybe.

The general adage that you're only as strong as your weakest link applies to security. Many of these newfangled gadgets that connect to your home network were not designed with security in mind.

Blog Archive