Resolve in 2016 to stop texting while driving

Distracted Driving

I drive 18 miles of interstate each weekday before sunrise. Ahead of me, lines of fast-moving tail lights stretch into the dark toward the horizon, toward my destination, like glowing breadcrumbs aligned along a well-worn trail.

As I draw near to a set of those tail lights, I glimpse something else: the soft white glow from phone screens as people text or read while they drive. I see even more of them after dusk on the commute home, because traffic is heavier and slower at that time.

The least distracted among these drivers announce their divided attention by veering into other lanes and almost into other cars, or they drive 10-15 mph below the limit amid high-speed traffic with two wheels in another lane the whole time. Those drivers who fail to correct often wind up in a wreck surrounded by emergency vehicles on the roadside.

I see an average of one wreck per day along my short stretch of Interstate 64 in eastern Missouri. Usually, more than one vehicle is involved.

According to the National Safety Council, more than one-quarter of all car crashes result from smartphone use. But that percentage represents confirmed numbers. By my count, 60 percent to 70 percent of the people I can see in the other cars along my 36-mile round-trip commute have their faces angled down at their phones instead of up at the road, so I believe the NSC’s estimate is soft.

What happens when drivers stop looking at the road, even for what they think is only a moment? A study by the Virginia Tech Transportation Institute found that sending or receiving a text requires an average of 5 seconds – the time it takes to drive the length of a football field at 55 mph.

The overall distance is longer when you consider that few of us on the interstates keep the speedometer at 55.

I admit to being one of those distracted drivers until a few years ago when, along the same stretch of I-64 on a cloudless day, an SUV bounced off the concrete divider and careered across all four lanes into my driver’s side door, totaling my car. (My phone was in my pocket at the time.)

Neither I nor the other driver were hurt, but he resisted giving me his name, address, driver license number, or insurance information for my own insurance records, saying the crash was not his fault. This sounded odd considering the road was dry, the weather was perfect, and witnesses at the scene said nobody was near his vehicle when he lost control.

So, I said, “Fine.” Then I turned to the police officer who was interviewing us for the accident report and said, “Either you obtain his cell phone records for your investigation, or I’ll find an attorney who will.”

The driver’s insurance company cut a check for all damages within 72 hours.

Few things in life are certain except these: death, taxes, and the risk associated with distracted driving. Dozens of studies going back more than a decade confirm this danger, underline it, and yet so many drivers still ignore it. This is why I drive Interstate 64 with a grip on my steering wheel that could strangle a garden hose, and I watch not just the other cars but other drivers as well.

I know, the pressure to look at our phones while driving is great. Driving is monotonous, boring, so we use smartphones as a cure. On top of that, each of us perceives ourselves to be superhuman in some way – like thinking we handle driving distractions better than everyone else.

But nine people die every day in the United States from distracted driving, according to the Centers for Disease Control and Prevention, and the chief cause is smartphone use. Resolve to not inflate that statistic in 2016, and repeat that resolution – and stick to it – every New Year’s thereafter.

Avoid holiday phishing attacks by taking these 3 precautions

3 ways to avoid phishingThe season for giving is also the season for taking. Lurking among the people exchanging gifts and glad tidings are shady characters whose only goal is to pluck opportunity from the well of goodwill filled each year during the holidays. For them, a Merry Christmas involves sending malicious messages via email.

Security researchers say these kinds of messages, while not unusual, flourish around Christmastime as family, friends, and workplace colleagues exchange kind thoughts in the spirit of the season. The main vehicle conveying most of these thoughts has been the e-card, which grows in popularity as we widen our circles of digital friends.

Cyber criminals relish this growth because it improves the likelihood they will reel in a sucker when they go “phishing” in this stream of e-correspondence. Recent reports on data breaches say an estimated one in 10 email users wind up getting hooked by a phishing lure.

“It’s easy for busy, distracted consumers to become victims of these schemes,” said Craig Young, a researcher at Portland, Ore.-based Tripwire, a cyber security provider. “But armed with a few basic security practices, they can drastically reduce their chances of being victimized.”

Among the practices that Young and others advocate:

  • Avoiding email from unknown addresses, or email with undisclosed recipients, and not opening the attachments in these emails. That includes e-greeting cards. If possible, confirm who sent the greeting before opening it.
  • Watching for bad spelling and poor grammar in email subject lines. Cyber criminals focus on results, not quality, because they send thousands of messages at once hoping for just a few responses. A subject line containing errors is strong proof that opening the email would be an even bigger mistake.
  • Running anti-virus software and keeping it up to date. The protections within these programs may be enough to ward off threats in emails that are opened by accident.

Businesses are particularly vulnerable due to multiple users in corporate accounts – and multiple approaches to answering email among those users. That is why employees must be made part of the solution, instead of being left to become part of the problem.

“Enterprises … need to place more reliance on employees to help them defend their organizations,” said Rohyt Belani, CEO and co-founder of PhishMe, a threat management company based in Leesburg, Va. “Consistent training turns employees into informants that can spot attacks before they turn into catastrophes.”

Dive into the Deep Web (but watch where you swim)

Deep Web Image

If you ever watched the rain fill a hole in the ground, then you can understand where the term Deep Web comes from.

For the past 10,000 days – the approximate age of the World Wide Web – we’ve poured gallon after gallon of content into that vast networking structure known as the Internet and watched as that content seeped into every crevasse of our lives. And the number of sources is as vast as the structure itself; none of us truly knows where all that content originates.

Now, imagine that, instead of overflowing, the hole gets deeper and deeper to contain the content pouring into it. You can see across the surface and maybe a little below it. But other content submerges to where you need special tools for access.

Search engines such as Google and Yahoo! and web browsers such as Firefox merely skim this surface, collecting indexed information from its source. These kinds of tools probe only about 5 percent to 10 percent of the Web’s content.

Deep-Web diving, on the other hand, reveals the immense amount of information not indexed by standard search engines. Much of it is exchanged through peer-to-peer networks and resides on databases, unregistered websites, query-sensitive dynamic pages, limited sites, non-HTML sites, broken or hidden web links and backlinks, scripted content, and web archives, among other sources.

The list of useful deep-diving tools is long, but among the most common tools are Freenet, IceRocket, I2P, SurfWax, the WWW Virtual Library, a series of search applications provided by Deep Web Technologies, and the Tails operating system. There are also customized tools targeting specific caverns nestled in the Deep Web.

A word of warning, however: The deeper you go, the darker the Web gets. This is why in recent years the terms “deep” and “dark” have become conflated regarding the Web. At Deep Web’s bottom layer, there be dragons who dabble in questionable or outright illegal behavior. Using Tor, a free browser designed to protect the user’s anonymity, deep divers can peer into portions of this darker area.

Granted, not everyone at this depth wears a black hat. Good guys dwell down there, too, such as journalists, law enforcement, the military, and whistleblowers. But like anywhere else, trouble can be found if you go looking for it. So, exercise the same caution swimming in the Deep Web as you would in deep water. Keep a lifeline handy like this one (accessible through Tor) and enjoy the voyage.

Colin Powell: Digital transformation success requires leadership

2008 photo of Colin Powell

Colin Powell in 2008. (Photo by Rob Reed / Creative Commons)

Digital transformations rely on much more than technology and investment to succeed; they require buy-in from everyone involved, from the board room on down. Ensuring that buy-in requires strong leadership.

No less an authority on leadership than Colin Powell insists as much. The former U.S. Secretary of State and chairman of the Joint Chiefs is on the record as a firm believer in digital transformation.

In today’s digital society, “if you do not get at the front of change, change will override you,” he said recently. “(The world) has gone from analog to digital, and we are in up to our ears.”

Powell’s acknowledges his motives in this regard are more personal now; he says he stays abreast of the latest tech to keep up with his grandchildren. For a large portion of his career, however, Powell lived at the nexus of both war and peace, first as an Army four-star general, then as the nation’s top diplomat.

In both roles, he led large numbers of people through times of significant transition. The Cold War ended on his watch, supplanted by a globalized economy driven by economics and the information revolution. Two monolithic institutions, the U.S military and the State Department, suddenly needed to change course, and Powell was in the driver’s seat.

He admits being intimidated at first by the size and scope of the disruption. Yet Powell believes that his years of Army training prepared him for the challenge of quelling it.

“When I became … a general, and I was running wars and large military operations, I was surrounded by hundreds of people who were experts in their fields: communicators, artillery men, you name it, and I drew on their expertise,” Powell said in 2009. “It was important to know what they think.

“After listening to all the experts, I was supposed to use that expertise to inform my instinct. … It is an educated, informed instinct that is daily shaped by my experts, but at the same time you’ve got to apply judgement to it. That’s where the human dimension comes in.”

The same strategy applies to digital transformation in the business world. Transformations are large engagements requiring risk and resources. A well-informed CEO will understand how to balance the two.

“You’ve got to have CEOs who not only apply their experience but are willing to take the risks that your data people and subordinates aren’t willing to take, because that’s not their job,” Powell said.

Good CEOs also train their staffs properly, recognize good performance, correct poor performance, allow staff autonomy, and remembers to treat everyone with respect and compassion, Powell says. Each of these elements factors into effective digital transformations along with the technology. Remaining mindful of all of them allows business leaders to stay ahead of the digital curve.

“You can’t just match change,” Powell said. “(Competitors) will be somewhere else by the time you match them, and you will still get left behind.”

11 programming languages that will improve your life

11 programming languages you should learn nowNot long ago, I wrote a piece for Perficient describing how learning to write computer code can improve one’s life, no matter who you are or what you do. I explained code writing’s value beyond being a marketable skill – that it promotes technical literacy and instills a sense of community, and that it heightens critical thinking and teaches us how to deal with failure. The piece was well-received, and the feedback suggests readers return to it periodically for review.

Soon after it published though, people asked the inevitable follow-up question: “If I have to invest the time and money into learning a programming language, which one should it be?”

I thought about issuing a quick response, then hesitated – for weeks. What seemed like an easy question lost that quality as I realized no single answer exists; programming benefits each person differently, and at peak effectiveness no one language stands alone. In my early programming days, the languages one learned were created to communicate simple instructions to a computer. Now, programming languages are created to make our lives and the world around us better. How you work or play, or how you mix the two, determines which languages are optimal.

Currently, a dozen programming languages sit atop most should-learn lists. Some are broadly practical; some apply to specific needs. All of them interact with other languages, so learning two or more is wiser – and potentially more profitable – than sticking with one. In alphabetical order, they are:

C – A general-purpose language developed in the early 1970s, C retains market popularity and usefulness due to its small size and robust nature. Numerous other languages borrow from C, which makes it a bedrock language and the first for anyone who plans to develop operating systems or create embedded applications.

C++ – Designed in the 1980s to enhance C, this language now qualifies as a general-purpose language used to build application software, systems software, server and client applications, and video games, and is central to Adobe programs and Firefox, among other software.

C# – This newer language, pronounced “C sharp,” utilizes principles from C and C++ and was developed by Microsoft to build enterprise applications for the company’s .NET initiative, making it essential to Microsoft platforms and services such as Azure.

Java – Developed by Sun Microsystems in the 1990s, this language has gained a huge following because it was designed to work across multiple platforms. Java is considered a standard for games, mobile apps, and web-based content, and it is the main reason programs written for Mac platforms can run on Windows.

JavaScript – Despite the name similarity with Java, this language has C at its core and runs only on browsers, whereas Java can run at the machine level. Every modern website with interactive or animated features uses JavaScript, and it appears in game development and desktop applications.

Objective-C – This popularity of this general-purpose language was waning until it became a key building block for development of Apple systems. It powers not just OS X and iOS, but also is important for creating iPhone apps.

PHP – A server-side scripting language like JavaScript but with general-purpose programming capabilities, PHP (known also as Hypertext Processor) is essential to dynamic websites and content management systems such as WordPress because it can be embedded into website markup language instead of sitting in an external file. PHP appears on most of today’s data-driven websites.

Python – The true beauty of this server-side scripting language is its simplicity; programmers can do more things with fewer lines of code than other programs, making Python a good language for beginners to learn. Google and Yahoo use Python a lot, and it is useful for sifting through giant data sets.

R – This language is important in the statistical computing and graphics environments, and can be found anywhere the need for statistical analysis arises. If you enjoy math and deal with heaps of data, this language ranks high on your should-learn list.

Ruby – No, this does not refer to the gemstone or anyone in Donald Fagen’s playlist. Ruby is a dynamic though simple object-oriented language that lies beneath the Ruby on Rails framework. It has the power necessary for developing websites as well as web apps, and is gaining popularity among tech startups for its versatility and ease of use.

SQL – Called “Structured Query Language,” this special-purpose lingua franca is good for relational database management systems and quite effective at extracting small details from large data sets through its “query” function.

Ted Cruz is wrong about Net neutrality

Net neutrality logoThe last thing any of us need is someone in a position of influence explaining Net neutrality but who doesn’t understand or doesn’t care to understand Net neutrality.

Yet, Ted Cruz has decided to do it anyway.

The junior Republican senator from Texas trumpeted his mischaracterization of the issue last week in the Washington Post opinion piece, “Regulating the Internet threatens entrepreneurial freedom,” in which he champions the idea that online innovation suffers unless the Internet is devoid of federal oversight.

The term “devoid” is not overstatement. Cruz prefers that Washington leave the Internet entirely in the hands of the legislative process, where service providers, market forces and special interests hold sway. To this end, he urges nullification of all Internet regulation, now framed within Section 706 of the Telecommunications Act.

In Cruz’s mind, Net neutrality “would put the government in charge of Internet pricing, terms of service and what types of products and services can be delivered, leading to fewer choices, fewer opportunities and higher prices.”

In fact, Net neutrality refers to the Internet as it is now: a place where service providers and government agencies treat all online data equally and access is unlimited; a place where the powerless have as much influence as the powerful; a place where startup businesses can grow into corporations without monopolistic interference.

The issue became a big deal in April when the Federal Communications Commission agreed to consider a two-tiered system where Internet providers can set arbitrary rules on access. Then in May, the FCC also agreed to consider reclassifying broadband as a telecommunications service, which would prevent providers from threatening to reduce access in exchange for fees.

U.S. Sen. Ted Cruz, R-Texas (Photo by Getty Images)

U.S. Sen. Ted Cruz, R-Texas (Photo by Getty Images)

President Obama supports reclassification. Cruz however believes the providers should be in control because reclassification is just a nice way of saying the government will levy an Internet use tax. He has even gone as far as calling Net neutrality “Obamacare for the Internet,” a catchy little phrase that possesses a certain rubbery, pejorative quality certain to help it bounce around the Web for a while.

Never mind that it misrepresents both Net neutrality and Obamacare; Cruz is a Princeton and Harvard grad, a champion debater and a loyal partisan toady. Conservative straw polls rank him high among likely GOP presidential nominees in 2016.

It would tarnish Cruz’s carefully honed image for him to appear on the same side of an issue as the president. So, it makes more sense for him to mangle Net neutrality’s definition than risk political capital.

To be fair, the term “Net neutrality” is sufficiently vague enough that anyone with a flair for drama and self-promotion can abuse it with ease. One could easily argue that the term also means you’re indifferent about what happens to Internet.

If only it had a better name. Comedian John Oliver suggests that maybe Net neutrality’s working title should be more honest: “Preventing Cable Company F**kery.”

But that might be too honest for Ted Cruz.

7 essential security tips for using free Wi-Fi networks

Image courtesy of iStockphoto

Fear is an excellent deterrent. It saps our confidence, curtails our energy and tempers our judgment. It forces us to change our direction and our thinking.

Rarely though do we let it change our behavior. The consequences of fear must be palpable, looming, for that to happen.

A recent article by Maurtis Martijn for the Dutch crowdfunded site De Correspondent reminds us however that even when a threat is real, our response to it can be irrational.

Martijn wrote at length this month about the danger we face when joining unsecured public wi-fi networks — those that do not require a password to join. To demonstrate that danger, he strolled through central Amsterdam with self-described “ethical hacker” Wouter Slotboom — not the snooper’s real name — looking for cafés that provide free wi-fi.

At each location, Martijn and Slotboom sat at any table. Then Slotboom pulled from his backpack a small black device that he placed on the table and obscured with a menu. He then linked to the device with his laptop and in moments discovered the identities of every other laptop, smartphone and tablet used by every customer in the café.

Moments later, Slotboom obtained the network identity of those customers and with that was able to discover personal information about each.

“All you need is 70 euros (for the device), an average IQ, and a little patience,” Slotboom told Martijn.

The marketplace affords Slotboom and shady sorts of his ilk plenty of potential. More than half the U.S. population of 316 million owns a smartphone or laptop, and the number of tablet owners is catching up to both. All of those devices have connected to an open wi-fi network at least once, often without a device owner’s knowledge (the default on mobile devices is set to discover available networks).

And as the mobile market grows, more doors open for hackers. The threat intelligence firm Risk Based Security, Inc. estimates nearly 1 billion records — credit card information, medical records, passwords, social security numbers, etc. — were breached in 2013, with 65 percent of the activity occurring in the United States.

Risk Based Security says we’re on a pace to suffer well over 1 billion breaches this year.

The numbers are new but the rationale for them is not; stories about wi-fi security predate the advent of public hotspots. Yet many of us disregard the threat or expect strangers to respect our personal security. We choose convenience over caution. We invest trust where none was earned.

Such behavior today borders on irresponsible; lax personal security compromises the security of others if their information is on our devices. And the threat is not looming or imminent — it’s here, happening now, via unsecured wi-fi networks across the country.

It may even be happening to you now while you sip your latte.

So, curtail the risk and subdue your paranoia by taking these small, simple steps:

Choose the correct network — During Slotboom’s staged “man-in-the-middle” attacks, he created fictitious wi-fi networks on his computer for café customers to join, and dozens did. This simplified the task of discovering passwords and account numbers; people typed them directly into his network thinking it was legitimate. Slotboom often named the networks after real businesses to make them appear authentic. He urges users of free wi-fi to verify the network, either by asking the proprietor or checking the address on signs that promote the service, to avoid joining rogue networks by mistake.

If the option exists to pay for access to a secure network, take it. A little fee trumps a big headache.

Choose ‘htpps’ — That “s” extension after the “http” at the beginning of a Web address indicates the connection is secure and the connection to the Web server is authentic. Not all websites have this; still others provide both. Even so, only certain amounts of traffic are encrypted, not all of it. Regular users of unsecured networks help themselves by doing homework on whether the sites they visit have this layer of security before surfing in public, and they should never, ever, shop or do anything online involving a credit card while using unsecured wi-fi.

On some sites, you can add the “s” yourself. The Electronic Frontier Foundation distributes a browser extension called HTTPS Everywhere that encrypts communications between major websites and is available for Windows, Mac and Linux.

Use ‘two-step’ authentication — Many email providers and commercial websites have the option of a second login, where users receive a texted code they must type after their initial login to gain access. Two-step or two-factor authentication reduces the chance a hacker can gain access to an account with just the password.

Use a password manager — Sometimes we feel as though there is only enough RAM in our heads to get us through the day. This leads us to concoct simple or repeated passwords for the many websites we use that require a login. A password manager program generates unique and complex passwords for each site and keeps them locked up with one master password. Password managers also guard against keylogging — the surreptitious recording of keystrokes by hackers — by automatically filling in a site’s password field.

Turn off sharing; turn on firewalls — The sharing feature allows mobile devices to connect with other devices and networks. Free wi-fi users should disable this feature when not in need of sharing. (The instructions are different for Windows and Mac.) At the same time, make sure the device’s firewall (Windows/Mac) is active and working.

Invest in a VPN — A virtual private network, or VPN, encrypts traffic between devices and designated VPN servers, thus creating a private network across a public network. VPNs run shared data through a point-to-point connection that shields the data from unwanted interference much like an umbrella shields you from the rain. Many businesses employ VPNs to let employees access company networks remotely.

The best VPNs cost a small fee for full protection. VPNs also slow down page-load speeds somewhat. Still, they add an element of confidence in an uncertain environment.

Update all software — Finally, make sure your antivirus and anti-malware programs are up to date, and install all the latest operating system upgrades. These upgrades not only enhance overall performance, they also contain patches and fixes that help hold back the most recent security threats lurking across the Web — or across the room.

(Editor’s note: This post first appeared on Net Worked, the technology blog for the Society of Professional Journalists.)

Journalism conference avoids Opryland controversy

Wi-Fi logo

(This post originally appeared on Net Worked, the technology blog for the Society of Professional Journalists.)

The Internet service controversy that warranted a federal fine against owners of the Gaylord Opryland Resort and Convention Center in Nashville, Tenn., did not affect Excellence in Journalism 2014 last month.

Joe Skeel, SPJ’s executive director, says wi-fi access was generally good for the 950 or so members of the Society of Professional Journalists and of the Radio Television Digital News Association who attended the three-day conference, Sept. 4-6.

So, too, was the price SPJ paid for a dedicated network.

“We didn’t hear complaints directly,” Skeel said in an email to Net Worked about attendees accessing the Internet in the conference meeting space and the hotel rooms. “There was some early chatter on social media, but that seemed to subside once we increased our bandwidth.”

On Friday, the resort’s owner, Marriott International Inc., announced it had agreed pay a $600,000 civil penalty ordered by the Federal Communications Commission for its practice of blocking access to personal wireless hotspots created by Gaylord Opryland guests, thus forcing them to pay for access to the resort’s dedicated networks. The complaint that spawned the penalty dates back to March 2013.

The resort also was accused of charging individuals, small businesses and exhibitors up to $1,000 per device for access to those networks.

“It is unacceptable for any hotel to intentionally disable personal hotspots while also charging consumers and small businesses high fees to use the hotel’s own wi-fi network,” the FCC said in a statement.

Marriott International responded by saying it defended Gaylord Opryland’s actions as a means of protecting the resort and its customers “from rogue wireless hotspots that can cause degraded service, insidious cyber-attacks and identity theft” and asked the FCC to clarify its policy.

Besides the civil penalty, Marriott International must cease all wi-fi blocking at Gaylord Opryland and come up with a better way to monitor network security at all of its 4,000-plus properties.

EIJ15 is scheduled for the World Center Marriott in Orlando, Fla.

Skeel said SPJ contracted for free dedicated wi-fi for EIJ14 and the overall cost for that amount of service at Gaylord Opryland was significantly less than at previous EIJ venues. He declined to disclose the contract’s terms.

“Given that SPJ negotiated free wi-fi in guest rooms and meeting space for attendees and exhibitors, I don’t see how this issue came into play for EIJ14,” Skeel said. “If an attendee was blocked from using a personal hotspot, she would have had access to our network — free of charge. I’m not excusing Opryland from the practice. But I don’t think it was an issue for us.”

Mizzou researchers create a tool that makes Twitter more powerful

Mizzou assistant professor Sean Goggins (left) and doctoral student Ian Graves developed software that measures the context of words in Twitter. (Photo courtesy of the MU News Bureau)

Mizzou assistant professor Sean Goggins (left) and doctoral student Ian Graves developed software that measures the context of words used in Twitter. (Photo courtesy of the MU News Bureau)

Twitter already is a powerful news aggregator and microblogging platform. Now, two University of Missouri researchers think they know how to improve it.

Their thinking stems from new software the pair developed that they say considers the context of tweets, not just the quantity. At present, a topic is popular or “trending” on Twitter if there are a high number of related keywords and hashtags that are associated with it.

But the software, developed by Mizzou assistant professor Sean Goggins and doctoral student Ian Graves, can be programmed to pick out words and analyze their placement within tweets.

Goggins and Graves said they tested their concept on a flurry of tweets from the Super Bowl and World Series and assigned tags to words they predicted would be common in the two broad conversations. The software scrutinized where the words were located in each tweet, thus giving the researchers notions on the words’ contextual importance and allowing them to see how conversations evolved.

“When analyzing tweets that are connected to an action or an event, looking for specific words at the beginning of the tweets gives us a better indication of what is occurring, rather than only looking at hashtags,” Goggins said in a Mizzou news release.

In tracking word placement, the researchers were able to determine the nuance attached to each Twitter discussion. They could discern the action on the ball field between pitches and on the gridiron between plays.

“The program uses a computational approach to seek out not only a spike in hashtags or words, but also what’s really happening on a micro-level,” Graves said. “By looking for low-volume, localized tweets, we gleaned intelligence that stood apart from the clutter and noise” associated with each event.

Goggins and Graves believe their software will help make Twitter more effective for monitoring community safety and tracking disaster relief, and improve understanding of cause and effect in major events such as the bombings at the Boston Marathon and the protests in Ferguson.

Although less than 5 percent of Twitter traffic is actual news, much of the dialog that drives retweets and hashtags relates to newsworthy events.

Goggins teaches in the School of Information Science and Learning Technologies at Mizzou. Graves is a student in the Computer Science and IT Department at Mizzou’s College of Engineering. Nora McDonald, a graduate student at Drexel University, contributed to the study, which appears in the journal New Media and Society and was funded by a grant by the National Science Foundation.