Category Archives: Security

History, Security

Do not sit up straight

Leave a comment

When astronauts launch, they never sit up straight. The gravitational forces are apparently better handled in a reclining position. Makes sense, right? So why do people think we should sit up straight? Where does that belief come from?

Oh, what I would do for an office that had a recliner with a monitor suspended above me, like the astronauts…

I always felt like reclining was a more comfortable position and was often scolded in school for my posture. The highlight of abuse came from Mrs. Hebert, a french teacher in high school, who asked me “are you retarded or something” when I slouched in my desk during her class.

Well, research has started to come forward to state the obvious: a reclining position is better for your health.

slouch

They told the Radiological Society of North America that the best position in which to sit at your desk is leaning slightly back, at about 135 degrees.

Experts said sitting was known to contribute to lower back pain.

Data from the British Chiropractic Association says 32% of the population spends more than 10 hours a day seated.

The cost to the economy of the incorrect ergonomics must be significant. How much more rested and ready would staff be if they were allowed to assume a more relaxed position?

Unbelievably, despite all the facts staring us in the face, the most common office furniture today threatens humans with a harmful position.

And what about airplanes? Why not start the flight in a reclining position? Would it really be that hard for people to get out of their chairs in an emergency?

Perhaps the reasons for the upright position are to do with “regal” or “monarchial” habits from western culture — it is more proper to be perpendicular, or even leaning forward, and easier to dethrone a king who sits upright.

One thing is certain, those who are not bound by the past traditions of others and left to establish their own are more inclined to recline.

Poetry, Security

October: National Cyber Security Awareness Month

Leave a comment

Educause has an excellent page with links to video and kits for awareness flyers.

Indiana University, for example, has some funny security slogans that were part of a prepackaged awareness kit:
Password Snatchers

Protect your password – “Invasion of the Password Snatchers”
“Beware of Worms and Viruses”
“Beware of the Phishing Scam”
Be careful when downloading or clicking – “The Thing from the Internet”
Keep your computer free of spyware – “Beware the Eye of the Spy”

Eye of the Spy? Spooky. Nothing like fear and humor to get people thinking.

Security

Industrial Patriotic Hacking

Leave a comment

The title came to me after reading an article in the Guardian about British government officials upset about suspected hacking and relations with China:

“This is happening against a backdrop where, on a whole range of foreign policy issues, the British government is very weak. They seek to appease the Chinese. They should be more robust and indignant.”

The most plausible theories on why the Chinese authorities might choose to foster patriotic hacking were either to test its potential as a weapon or simply to send a signal to other great powers that they have the capability to do so, he said.

In response to a parliamentary question tabled by Mr MacKinlay last year, the then home secretary, Charles Clarke, revealed that the National Infrastructure Coordination Centre had issued a warning in 2005 of “concerted Trojan email attacks from the far east against UK government and business interests”. He said the scale of the attacks as “almost industrial”.

Funny to think that someone would compare the post-industrial efficiency of software and technology in general with industrial output. Is this like using horsepower to describe the output of combustion engines? Should we describe worms in terms of the number of factory workers…?

The article shows how information security has real macro-level issues to deal with, in addition to the usual micro stuff in the news. I have always maintained that international relations was really the study of macro-level security.

The Americans and Germans have also been smarting from Chinese industrial patriot hacking news.

Food, Security

ConAgra Discontinues PopCorn Lung

Leave a comment

It turns out that diacetyl is not the same as butter, although advertising for Orville Redenbacher “Butter” and Act II popcorn might have confused some.

USA Today reports:

The nation’s largest microwave popcorn maker, ConAgra Foods, says it will change the recipe for its Orville Redenbacher and Act II brands over the next year to remove a flavoring chemical linked to a lung ailment in popcorn plant workers.

The decision comes a day after a doctor at a leading lung research hospital said in a warning letter to federal regulators that consumers, not just factory workers, may be in danger from fumes from buttery flavoring in microwave popcorn.

ConAgra’s spokesperson goes on about concern for the safety of their workers, but clearly this latest move comes as a result of the link to consumer safety. The NYT provides a more telling story about worker safety:

Kenneth B. McClain, a lawyer at the Missouri firm that has represented Mr. Peoples [a worker in Missouri] and Mr. Campbell, said he had tried or settled more than 100 cases involving diacetyl and other flavorings and that more than 500 were still awaiting resolution in Illinois, Indiana, Iowa, Maryland, Missouri and Ohio.

At a two-week trial in March 2004, lawyers for the makers of diacetyl products — International Flavors and Fragrances and its subsidiary, Bush Boake Allen — maintained that the additive did not cause Mr. Peoples’s illness and that, in any event, the popcorn company had mishandled the substance. Jurors awarded Mr. Peoples $20 million. His case, like Mr. Campbell’s, was later settled for an undisclosed amount.

Melissa I. Sachs, a spokeswoman at International Flavors and Fragrances, based in New York, declined to comment on the cases. According to its latest annual report, the company has been sued by more than 150 workers in four states.

Who said butter was bad for you? Leave it to the threat of consumer action, long after people have shown unmistakable signs of suffering or even death, for the companies to start to consider changing their formula. Where is the so-called public servant in this story?

Since George W. Bush became president, [Occupational Safety and Health Administration] OSHA has issued the fewest significant standards in its history, public health experts say. It has imposed only one major safety rule. The only significant health standard it issued was ordered by a federal court.

[…]

Instead of regulations, [head of OSHA] Mr. Foulke and top officials at other agencies favor a “voluntary compliance strategy,” reaching agreements with industry associations and companies to police themselves.

National security in decline. Mr. Bush said Iraq’s voluntary compliance strategy was a failure, without any harm linked to Americans, and yet the real deaths of Americans at home caused by unregulated chemicals seem to go unnoticed…except by those suffering and the lawyers who remain independent of the Bush administration.

Speaking of lawyers and popcorn, you might want to take a look at the ConAgra Foods Legal Policy before you browse their website. For a company producing chemicals that cause harm to their workers and consumers, they sure have a lot of regulatory emphasis around access to a simple website:

Users are prohibited from violating or attempting to violate the security of the Site, including without limitation, (a) accessing data not intended for such user or logging onto a server or an account which the user is not authorized to access; (b) attempting to probe, scan or test the vulnerability of a system or network or to breach security or authentication measures without proper authorization; (c) attempting to interfere with service to any user, host or network, including, without limitation, via means of submitting a virus to the Site, overloading, flooding, spamming, mailbombing or crashing; (d) sending unsolicited e-mail, including promotions and/or advertising of products or services; (e) forging any TCP/IP packet header or any part of the header information in any e-mail or newsgroup posting; (f) by using any device, software or routine to interfere or attempt to interfere with the proper working of the Site or any activity being conducted on the Site; or (g) by using or attempting to use any engine, software, tool, agent or other device or mechanism (including, without limitation browsers, spiders, robots, avatars or intelligent agents) to navigate or search the Site other than the search engine and search agents available from ConAgra Foods on this Site and other than generally available third party web browsers (e.g., Netscape Navigator, Microsoft Explorer). Violations of system or network security may result in civil or criminal liability. ConAgra Foods may investigate occurrences that potentially involve such violations and may involve, and cooperate with, law enforcement authorities in prosecuting users who are involved in such violations.

Forging packets bad and strictly prohibited by ConAgra. Producing poisonous chemicals for consumption that violate the security of a person…not prohibited?