North Coast Connections

Government Technology Magazine had an interesting article on the newest scam to steal personal identities called "pretexting." What's particularly disturbing is that this method if identity theft is not even technically a crime, at least until the information stolen is used to defraud someone. To address the problem in California, a legislative bill, SB1666, has been introduced by Senator Debra Bowen (D, Redondo Beach) to ban the practice, but it's a lot more widespread than most people know.

Simply put, pretexting is impersonating someone to gather confidential information about them. The most visible pretexting of late is used to obtain cell phone use records that are then posted on websites for sale to the public. It's frightening how easy it is to use one of these sites to get detailed records on someone else's cell phone calls, including what calls were made to whom, where and from what location. If the information was only used for pranks or by suspicious spouses, that would be one thing ... they are also used by defendants in domestic violence criminal cases to track down victims to do further harm.

Pretexting is not only used to mine cell phone records; it's also used to swipe bank account, credit card, insurance, medical and employment records that either become the basis for identity theft or the records are used directly for fraud. How is it done? All a rat has to know is enough information about you to call an information holder and fool them into thinking it's you.

Think this is small potatoes? This month, California Attorney General Bill Lockyer filed a $10 million lawsuit in San Diego against a company called Data Trace Inc. that used pretexting to fraudulently obtain cell phone records that were subsequently sold on the Web.

I had the pleasure of working with then-Assemblymember Bowen when I was a court manager, and it was refreshing to know a lawmaker with a working knowledge of technology. We still keep in touch, and I have written letters of support for some of her past legislative initiatives. She is largely responsible for a lot of the e-government laws that allow business transaction online that used to require original signatures and a trip to city hall.

All of us should be aware of the dangers of identity theft and take precautions to safeguard our privacy. Encourage your bank, cell phone company or insurance company to ask you for a secret question-and-answer to verify your identity. In the case of cell phone records, contact them and demand that your records not be released. Subscribe to Equifax, Experion, TransUnion or a credit reporting agency of your choice to monitor inquiries about your credit worthiness, opening/closing of your accounts and large fluctuations in account balances. It's worth the expense.

Pretexting wasn't the first and won't be the last scam that is used to separate you from your money. In this, as in many of life's perils, an ounce of prevention is worth a pound of cure.

Chris Crawford
www.justiceserved.com

Posted by Chris Crawford at 09:28 PM | Permalink | Comments (0)

There may be a difference of opinion as to who was the first to make effective use of the Internet for political campaigns, but in my opinion it was a two-way tie between Jesse (the Body) Ventura's run for Minnesota governor in November 1998 and Howard Dean's presidential bid in 2004. Regardless of who is named the cyber-political pioneer, it is clear that websites and Internet campaigns are reshaping political campaigns in national, state and local races.

Here in Humboldt County, there is a dizzying array of websites advocating for and against development of the Balloon Tract. A quick search of Humguide, the granddaddy of local web portals, shows 13 listings of various political groups and causes under POLITICS, and that doesn't county political parties.

I admit to being a political website junkie, having run for county supervisor in 2000 and using a campaign website to help spread the word. In fact, I still offer www.1stDistrict.com for lease to political campaigns since there are so many potential 1st District campaigns, especially on the North Coast (Ronnie Pelligrini, Jimmy Smith, Patty Berg and Mike Thompson are all in 1st Districts). We also used a campaign website in Rex Bohn's run for Eureka City Council in 2004, which I chaired.

I'm jumping back into the water with a new campaign website, www.MeasureTNO.org to defeat Measure T that would attempt to control local elections by shutting businesses out of political campaigns.

Once a novelty, political campaign websites are now expected by voters wanting to research issues/candidates or wanting to get involved. Only walking door-to-door or only using direct mail to engage voters is not very effective in today's information-intensive world. E-campaigning is a much better way to reach the electorate and a great way to spread the word.

The high degree of Internet use for political campaigns on the North Coast is as much an indicator of the sophistication of local voters as it is a statement about the intensity of our local politics. If you want to hear both sides of an issue, you shouldn't have to go very far to find the information you seek.

An informed voter is a responsible voter.

Chris Crawford
www.justiceserved.com

Posted by Chris Crawford at 09:31 PM | Permalink | Comments (3)

Hurricanes, terrorist attacks, earthquakes and other catastrophic events take a large toll in human life, property damage and a reduction (if not elimination) of government service delivery. To be sure, our "first responders" such as police, fire fighters and medical personnel are critically dependent upon effective communication tools at times like these. After reading and hearing first hand about recent experiences in New Orleans, New York and Texas, I thought I'd pass along some interesting and sometimes surprising observations about the effectiveness of wireless communications during a crisis.

I have the privilege of serving on the board of directors for the Humboldt #1 Fire Protection District. Aside from the use of radio transmission, I noticed that the fire fighters and management rely a lot on pagers for communications. After further research, I discovered that pagers are used extensively by police, hospitals and other emergency personnel, as well. I found this odd because I was under the impression that pagers are too low tech to function adequately considering the likely scenarios that I thought would play out during a disaster. Turns out I was wrong.

A recent article in Government Technology Magazine confirms that in most disasters a pager will prove to be more effective compared to a cell phone, Internet connection or even radio transmission. The reason is attributed to the network architecture that makes pagers work. Most paging networks use digital satellite signaling instead of using land lines to reach transmission facilities and towers. Therefore, recovery during a disaster does not require extensive repairs to re-establish connectivity to the outside world. Depending on the particular circumstances, paging service may not go down at all in a disaster if the transmission facility itself is still operational and has electric power. Yet the same transmission facility would not be functional if it relied on outside lines to receive and send signals.

I attended a court technology conference recently and the representative from New Orleans said he was shocked when his cell phone, email and land phone connectivity vaporized after Hurricane Katrina hit. He told a story that would be amusing under most circumstances if it were not for the seriousness of the problem ... his boss called an emergency staff meeting to assess the extent of damage to the court and to come up with business recovery options. The problem was that the boss sent out the notice by email using a satellite connection provided by the military. Of course no one showed up because none of the recipients had Internet service, electricity or functioning laptops.

Actually one other person showed up ... the fellow relating the story. How did he find out about the meeting? He was in the middle of emergency cleanup at home and observed his young daughter using her cell phone to text message her school mates. Being a high tech guy, he used a Blackberry, which doesn't have text messaging, and being an older guy, he didn't know or appreciate the art of text messaging. He soon discovered that text messaging uses low frequency transmission and even though most of the cell towers were not working, the few that were could carry text messages but not cell phone signals. He quickly learned how to text message, started contacting others and somehow found out about the meeting.

The lessons here are that low tech will sometimes trump high tech, and things are not always as they appear. So the next time you hear someone's pager go off and think, "boy, is this guy behind the times," you might make a mental note to look him up when the local Internet, cell phone, telephone and wireless connections go down. He may be one of the few that is still online. And you better hope it's a cop, fire fighter, ambulance driver or emergency room staff.

Chris Crawford
www.justiceserved.com

Posted by Chris Crawford at 09:15 PM | Permalink | Comments (0)

E-government is a refreshing trend to make government services available on the Internet. It is becoming a lot more widespread since the federal and many state governments have encouraged and even mandated web-delivery of services and information. The next frontier of e-government is the use of so-called "social software" that makes communication with customers a lot more dynamic.

What is social software? It's the use of blogs (web logs), RSS (Rich Site Summary), Wikis and online file collaboration to promote two-way "conversations" with customers instead of merely publishing information on a website that customer visit.

To be sure, the best kind of e-government is when customers can actually conduct business online. The ability to fill out forms, pay fines/fees using a credit card, file documents, apply for permits, order services and interact online is what adds value to customer relations by effectively using the Internet. In my business, I interact with a lot of courts and justice agencies. I encourage the use of court websites to allow customers to pay traffic tickets, attend traffic school, postpone jury service, file cases, look up case files and view court calendars online. In fact, my company issues annual Top 10 Court Website awards that have become famous worldwide as a valuable repository of best practice models for good web delivery of court services.

Using social software, government agencies (including courts) can improve the customer relationship by "pushing" information to those who need it using RSS subscription feeds, and collaborating with customers through blogs and wikis. A blog is an online journal of sorts in which the author posts commentary and visitors can add their views. A wiki is a web page or online resource that allows users to add and edit content collectively. In the justice world, for instance, some courts offer RSS feeds to calendars so attorneys and interested parties can subscribe to regular updates in general, or for specific cases. For regulatory agencies, wikis can be used to post proposed rule changes and allow comments, suggested revision and collaboration by stakeholders.

I know this stuff sounds far fetched, but the trends and values are real ... customers are geographically separated and requiring travel to appear personally for routine business is not feasible. If older customers are not familiar with the technology and fail to take advantage of the improved accessibility, younger customers are rapidly stepping up and even demanding these enhanced services. To be fair, the fastest growing technology users are seniors who recognize the value of the Internet to shop, improve healthcare, communicate and avoid unnecessary travel.

When you hear of local initiatives to make government services available on the web, please lend your encouragement. We have large segments of our population that are tech savvy and the high price of gasoline makes it difficult to have to drive to city hall or the courthouse every time we need to conduct business. If they build it, we will come!

Chris Crawford
www.justiceserved.com

Posted by Chris Crawford at 03:59 PM | Permalink | Comments (0)

I attended a fascinating presentation last month in San Francisco in which Peter Tippett, Chief Technology Officer for Cyber Trust, debunked several myths about information technology security, especially as it relates to the Internet. Peter was part of the team that developed the product that eventually became Norton Utilities and anti-virus software, now marketed by Symantec.

Aside from being an engineer, Dr Tippett is also a medical doctor. His presentation was both enlightening and entertaining, and took a largely contrarian view of computer security. Here are a couple of his observations:

ANALOG VS DIGITAL
Most IT professionals are linear thinkers who favor concrete, technology-based security solutions. In reality, the bad guys trying to hack into your systems are humans, and therefore analog. It is much more effective to combat analog attacks with analog solutions. As an example, most IT experts require at least a 6-8 character password that is changed often, which theoretically reduces the chances of a hacker "cracking" into a system. However, deciphering larger passwords with today's criminal tools means a few added seconds; additionally, crooks usually first look for password master files which make the exercise useless. To make matters worse, legitimate users are constantly losing the longer and frequently changed passwords, costing significant amounts of help-desk time and adding to the security risk by excess use of crib notes and reissued passwords.

100% SOLUTIONS
Similar to the analog vs digital argument, IT professionals tend to look for 100% solutions. Aside from being impossible to achieve 100% protection, these solutions tend to be expensive and take too long to implement. Tippett suggests instead the adoption of a series of 40, 60 and 80% solutions that together will offer nearly 100% protection. These smaller solutions are much easier and simpler to implement. For instance, putting safeguards in place to prevent downloading of ZIP, EXE and similar file types will eliminate more than 80% of likely attacks. However, since left-brain thinking IT professionals see this as a less than 100% solution, it is often ignored.

It was clear from the presentation that the threats and risks are real. The number of attacks on company and personal computers is steadily growing and users should take precautions to prevent intrusion. The trick is to take a few reasonable security measures instead of looking for the most expensive, technology-based solutions.

Since CyberTrust's clients consist of Fortune 500 companies, government and the military, I took the advice seriously.

Chris Crawford
www.justiceserved.com

Posted by Chris Crawford at 11:23 PM | Permalink | Comments (0)