Wednesday, June 22, 2011

Distribute.IT and modern systemic vulnerability

The disaster that befell Australian firm Distribute.IT and its customers as a consequence of a hacker attack is another reminder of the vulnerabilities of modern IT systems. For those feeling morbid, you can read about the unfolding events on the Whirlpool forum. 

As I read the 73 or so pages of comments and updates, I thought of the Distribute.IT folks desperately trying to get their systems back on line.

The Distribute.IT case is just one of a recent set of examples in Australia and overseas that actually threaten the very reliability of the internet based systems on which we now depend.

The collapse in my own system, while personally annoying, is but a small personal example. My thanks to those who have sent me practical advice.

I did try to do a full back up to my external hard drive just before the system went down. That failed, although I think that another back-up of just my documents may have been successful. I should know this later today.

Looking at the vulnerabilities, and I am only speaking as a small personal user, I start with my emails. It's actually quite hard to back up emails. At least, I have yet to work out how! Yet so much of what I do is linked to emails that their loss is a major problem.

A second vulnerability lies in my dependence on the free systems such as Google. While these are quite wonderful, no one can guarantee their longer term survival.

My own technical competence is a specific issue in trying to manage.. I actually know IT and the internet very well, but I am a technical incompetent when it comes to specific computer operations. Sure, I know how to use a dozen different programs, I have created and managed web sites and blogs, I can do ordinary housekeeping, but I am still a technical ignoramus at the purely practical level.

Let me give a simple example.

A week back I discovered a corruption in the heading of some of my history posts, the transformation in the heading of part of the text to some form of skype ad. This is an example. I went in to the post and checked, redoing the heading, but without success. So this is some form of corruption beyond my control. 

This brings me a second problem, the combination of time and money. Some of the back-up and redundancy solutions involve a fair bit of time and cash, two things in short supply just at present. Even at the simplest level, I need help from Google to resolve the skype example, and that takes time.

In all this, I have come to the view that our present internet systems are actually unsustainable. What can go wrong, will go wrong.

When the National Australia Bank system collapsed recently, a large number of customers were left without cash or access to cash. Last night when I went into the local supermarket, their EFTPOS system was down. I had no cash on me, so left without buying stuff for tea.

Now in terms of our just in time world, we have all become so used to internet based systems and the capacity to get what we want when we want it, that we are not set up to cope when things inevitably go wrong.

Normally, this is just an inconvenience. But for some people including the Distribute.IT customers, some of these outages can be absolutely destructive.

Still musing. let me take another example, the growing multiplicity of passwords. To simplify, most of us actually use just a small number of passwords, often storing them on our computers for ease of reference. Yes, both are dangerous, but they do make for ease of use. But beyond this, what happens if you are incapacitated in hospital for some reason and nobody has access to your passwords?

Where am I going in all this? 

Well, I have come to the view that I need multiple redundancies, including the reinstatement of basic paper based systems for system critical stuff. In some cases I am just going to have to take risks because the internet is just so important and convenient. In other cases, I need to be able to operate without either internet or computer.

This actually involves quite profound changes in the way I work.

I am reinstating my cheque book, for example, because this allows me to pay for some things even when systems are down. I plan to carry more cash, income willing, to avoid EFTPOS delays and crashes. I need to put more time into system maintenance. I am actually using pen and paper a lot more.

 I don't know whether or not I am alone in thinking this way, just a troglodyte in a modern world, but I know that I will feel a lot more in control if I do change the way I do things.   
    

   

10 comments:

Denis Wright said...

As you'll know, the next wars will be fought on and between computers and those who know how to enter other systems. DistributeIT - my domain server - was foolish not to have OFFLINE backup as well as online, but they know that now, too late.

I use what's turned out to be brilliant method of backing up emails. I created a gmail account, and then BCCd every outgoing email to this account. Obviously my attachments are not ridiculously large. I was even able to automatically BCC these emails so I didn't even have to think about it.

Gmail's search function is wonderful. I have been able to find things quickly from years ago, including attachments.

Of course gmail could be taken down but their backup system seems good. Nor does this save incoming emails, but my experience is that mostly I've needed MY outgoing email or attachments. You have to be online to use it. It's not perfect but it's one other method of protecting yourself from loss of data.

Neil said...

I checked your example and the heading I get seems cirrect (Social Change in New England 1950-2000 11: the Aborigines). Did you succeed eventually?

Jim Belshaw said...

Hi Denis and thanks. I did have a yahoo acount as a back-up, but the didn't use it for a while and lost it for non-use including all the email addresses!

I will try g mail as an alternative. I can access my emails on-line via optus and they too save out-going emails, but without the same level of sophistication. I didn't realise that you were with Distribute.IT.

Neil, from your comment it looks as though you can't see what I am talking about. Now I can see it even on dashboard and in fact it is there in your comment. When I click on it, I go through to a Greek skype control pane.

Now it may be that the issue has nothing to do with Google at all but this computer. My wife uses skype to contact eldest in Greece. The problem only arises with a small number of posts that have a very specific numerical combination.

All very odd!

Anonymous said...

Jim

As I see the same as Neil reported, it sounds like your own computer is the problem. I'd be interested to know if each of the 'problem headings' contain a colon in combination with numerics? (Quick test, kill the colon - does it go away?)

There is a google add handler javascript file operating as part of the creation of the html code; it may be the colon is an index point to its string handling.

On your mail, and maybe it is academic now, but looking at an old email of yours from April indicates that you are/were using Microsoft Outlook? if this is so, then the following info page lists the physical locations of your data files (sent, received, address book etc)

http://office.microsoft.com/en-us/outlook-help/outlook-file-locations-HP003082210.aspx

The reason I mention this is that like you, mine are important, so on any new computer system I use one of the first things I put on the desktop is a link to that location, so I can easily backup the files to memory stick.

Famous last words. Better go do it now....

kvd

Anonymous said...

The other thing you could do is make a file/save/"complete web page" copy of the offending page, and send it to a computer guru - preferably somebody under the age of 16 :)

kvd

Jim Belshaw said...

Thanks, KVD. Removal of the hyphen doesn't affect the presentation on this computer. I've noted the other info for later follow up.

Anonymous said...

Sorry to be pedantic Jim, but I actually said the colon ":" not the hyphen.

Blogger uses a : to parse headers - you will note that the http address for the blog entry ends as _27 not :11 for instance, and this is a problem discussed by some of the blogger support gurus.

Anyway, just thought I'd mention it.

kvd

Jim Belshaw said...

Confusion on my part, David. I actually removed the colon and replaced it with a dash.

Anonymous said...

And btw - that was and remains, a very interesting post!

kvd

Jim Belshaw said...

Thanks, KVD! Like many of my posts, its actaully an attempt to resolve my own confusions!