19 Nov
Posted in: National - Australia
By    Comments Off on Is this for real?

Is this for real?

As a devotee of IT Security (and, somewhat of an expert in the space), I watch with droll amusement the dog and pony show of people running around talking about CyberThreats, but then reverting to comments like Password strength, and malware, and so on.  The recent revelations that Nation States have been conducting ongoing espionage of each other, suddenly seems to be “new news” even though we all grew up reading the James Bond books, apparently, not believing them to be true.

Of course, much of the mechanics of communications is now within the private sector. And as such, there comes an arms length (of sorts) engagement between that private sector and the government, but that implies that there is at least the vague-est level of knowledge amongst those concerned.

I refer to the following discussion, from Australian Federal Senate Committees. LUDLAM is a West Australian Federal Greens Senator, on the ICT Committee. Seittenranta was the CIO of Parliamentary Services, i.e. the Person ultimately accountable for the information security around our most senior politicians.

What I find stunning is a) the “no we are not aware that our major Software Provider has provided back doors to a foreign intelligence agency, into our  systems”,  b) the “our plan to deal with this (the intrusion by a software supplier (Microsoft) is to make sure we are up to date, on all of the software patches from said company”, and c) we lack the ability to delve more deeply into this.


Senator LUDLAM: I figured.

We know that Microsoft software contains a back door which is utilised by the US NSA and Microsoft has been very active in assisting the NSA to circumvent the company’s own encryption standards. What can you tell the committee about the network-level security threats posed by using Microsoft software given that it has been backdoored by foreign intelligence agencies?

Ms Seittenranta : I would have to take that on notice.

Senator LUDLAM: Why is that?

Ms Seittenranta : It is not a level of detail that I am familiar with.

Senator LUDLAM: I am not sure that I would call it detail. For example, do we provide for a specific patch against that back door, or is the parliament’s network open to intrusion by the US government?

Ms Seittenranta : We implement the patches provided by the Microsoft organisation to their systems based on malware that they are aware of. We do not get specific advice on vulnerabilities that may or may not be built into the software.

Senator LUDLAM: Okay, but you are aware that Microsoft is under a legal obligation to allow the US NSA access to its servers and its hosting services.

Ms Seittenranta : We are aware that there are rumours to be things like that around, yes.

Senator LUDLAM: It is not a rumour; we have primary source documentation and know that is correct.

Ms Seittenranta : We do not have capabilities to create any patches for vulnerabilities of that nature. We are dependent on what the industry provides us and advice that we might get from the Australian Signals Directorate.

Senator LUDLAM: So should parliamentarians and staff working in this building assume that we are exposed to that level of intrusion.

Ms Seittenranta : Yes, I suppose you should be able to assume that. Also, it probably should be noted that our network is not a protected network. It is unclassified.

Senator LUDLAM: Yes. What about ministerial?

Ms Seittenranta : For ministers their home departments provide their IT. Each minister has access to the parliamentary computing network in the same way as backbenchers.

Senator LUDLAM: I would have to chase the departments around this building one after another to see what they do, wouldn’t I?

Ms Seittenranta : To see what they do.

Senator LUDLAM: Okay. But, as far as the work of ordinary MPs-everybody sitting around these tables and most of the people behind-that back door is in effect? You have not taken any actions to remedy that security hole that has been opened by the NSA?

Ms Seittenranta : No, we would not have taken a specific action?

Senator LUDLAM: Is there any reason why not? Could I request that you might take that action on behalf of all of us?

Ms Seittenranta : We would be dependent on somebody being able to provide us appropriate patches to close that. We do not have the technical skills to create patches to close that nature of vulnerability, so we would have to take that on notice to work with the Australian Signals Directorate.


4 Nov
Posted in: Technologies, VOIP
By    Comments Off on VOIP – It’s a wondrous (but not new) thing

VOIP – It’s a wondrous (but not new) thing

It must have been around a decade ago. I was in the USA on an education exercise finding out about the various large scale data centres around the traps, and one of the sites was Cisco. Looking around their centre, they had a demonstration phone with an invite to phone anywhere for free. I was working for a telco at the time, and didn’t realize that this was really my first exposure to VOIP.

Several years later, I was chatting online (using VAXNotes or VMSphone – technology that predates most of you “pups”)nwith John Covert, who I had worked with when I was in the US many years before (pre-dating even the trip that I spoke of), and Bob Bowles (or Bubbles, as I called him) both of whom were telephony gurus, They introduced me to the world of Asterisk. An old PC (a Pentium III/1Ghz with 512MB of RAM and a 40GB disk), and I was rolling – oh, and a Cisco ATA186, as well.

John, being one of the smartest software engineers I have known, was a purist, and believed in hand-coding the complete Dialplan management himself. While interesting, this was not fun, as the “DialPlan Language” is, in my opinion, non intuitive – possibly a legacy of the “old days of telephony”.

I soon found that there were a number of “package environments” coming out to run Asterisk, and each of these has progressed towards making it simpler to implement. Trixbox was an open source environment, but when it was acquired by Fonality, the “Open source” motivation, sort of disappeared, and the “Free version” became a poor second cousin to their paid version. I moved towards Ward Mundy (et al) and the PBXinaFlash variant. It still has a level of secrecy about how some of it hangs together, but the group (including Ward) maintaining it, are far more responsive, and innovative with respect to new features and enhancements. This couple with the folks at “Freepbx” who have built a beautiful XML based, Database-backended system for configuration management, has made for a reasonably stable, yet dynamic environment.

I worked with Ben Sharif, author of a number of ebooks on this technology, in a range of areas, and have deployed Asterisk for a few other people. I am looking to build a “package” environment around it and some other software as a commercial product (and that’s all I am going to tell you about that, as I plan to make money from that). In addition, I have designed multiple Large Scale Asterisk environments and currently in the process of implementing yet another.

Enjoy the world of VOIP, and if I can elaborate on anything, please let me know.

2 Nov
Posted in: Politics, Technologies
By    Comments Off on eGovernment in Australia – are they really serious?

eGovernment in Australia – are they really serious?

In conjunction with the “Magic” NBN and various other efforts we keep hearing about eHealth and eGovernment and so on. eHealth is a whole separate “other story”, so let’s focus on eGovernment, or the “Big Picture”, although Health will come into the discussion.

In the United States we are starting to see a massive movement towards eGovernment. When they first started out, there were but a handful of applications, now the US Government datasets (and applications being built from them), are running into the hundreds. Here in Australia, there are a mere handful. Possibly one of the notable in the US, is the NY state Senate – it has opened up almost everything, and actively canvasses for mashups and so on.

I have a particular “beef with government” on this issue.  I was inspired when I saw, the “google transit” Project.   You may already know that Google “do” maps. If you are watching closely, you will see that their maps include the ability to present directions – how to get from a to b, and with a number of variations, like graphically forcing a slightly different route (to pick up something on the way). Equally, you can specify to Google Maps that you want to walk – I am not sure what the differences are in terms  of route selection, with this (I am assuming, walking across parks and gardens rather than around them, and so on).   But the most often understated component of google maps is Google Transit.  Google have an open specification for data formats which they keep at. The bue

Other areas of eGovernment, that just aren’t happening in Australia, must include the mammoth efforts of NEHTA. The National Electronic Health Transition Agency, has to be one of the most ultimately ineffective bodies associated with our government. It has drawn a budget in the billions of dollars, over the course of the last half dozen years – It has staff in the hundreds. It’s brief was to develop standards for e-health, and after much delay and fanfare – they just adopted an international standard – SNOMED-CT (Systematized? Nomenclature of Medicine – Clinical Terms). This takes hundreds of people? How so?

It is the epitome of “non-delivery” with Doctors billing for things that it hasn’t even made yet, such as
Phantom payments. There is a reasonable assumption that if you are meant to be the peak body for Medical IT Standards in the Country, that you would be keeping track of such things.

But then, the track record in our medical system in general isn’t all the flash. There has been an IEEE standard for Medical Device Management for over a decade. IEEE11073, as I recall. Oximeters and Infusion pumps typically have compatible connectors for this standard – and how many of our hospitals that we have spent billions in IT on, have networks capable of connecting and monitoring all of these…

And then you have simple things like tides data. You can get it for all sorts of locations around the world. But try to get it in a raw format to feed into a program, from the Boreau of Meteorology. Nope they have to print up tide books and charge for them (again and again). In this day and age, an app on an IPhone to do the same, would make so much more sense.

Or there is the ABS (Bureau of Stats) – Tons of Data, but very little of it, in a manipulatable format.

18 Oct
Posted in: Humanitarian
By    Comments Off on Humanitarian Projects – often about doing it smarter

Humanitarian Projects – often about doing it smarter

Anyone that knows me well, will know of my association with the beautiful island of Bougainville in Papua New Guinea. I spent many of my formative years there, and still regard it, as much as, if not more so, as home. My life there was as a result of my father, Paul Quodling, O.B.E. serving in a variety of roles, but ultimately as the Managing Director of the Bougainville Copper Mining Operation. It is well known that therewas an uprising and civil war on Bougainville – while the Mine was used as a mechanism in the conflict, it was a pawn, in the process as the main disagreement, was about money, in that the Central Government of PNG was making significant tax revenue from the mine, but returning very little of it to the people of Bougainville, rather using it as a Country Development fund fro the rest of PNG. While constrained by the rules of law, my father did everything he could to make sure that there was still local benefit. These included the implmentation of a trade training school (Certification from which, still ranks as one of the “higher” accreditations recognized within PNG), through to setting up the Panguna Development Foundation, which underwrote many local businesses to be developed (even though a number of them were never actually profitable).

It is, in part in honor of the efforts of my father that I maintain an involvement in Bougainville. I have some very close personal friends who are Bougainvilleans, and believe that I have earnt their trust and respect just as my father did.

I am a “big picture” type of person and as such, whenever I see a problem, I also see a solution, so when I was talking with my friend  Sione Pa’Asia, son of the traditional chief of the Mortlock Islands, about problems there, my mind quickly slipped into gear.

The Mortlocks are a small atoll of islands over 200 kms off the coast of mainland Bougainville. There is a population of some 1200-2000 people there, mostly of Polynesian descent, even though Bougainville is Melanesian in it’s population. They live a simple life, eating fish, coconut and Taro, and if they are lucky a ship will visit with other goods once or twice a year.

Recently, there has been concern about salinity of the soil. It is argued that the sea levels are rising as a result of Global Warming, it has also been suggested that the islands are sinking for Geological reasons. I am not here to debate that, what immediately struck me, was the reduction in the available food for the people. This was also compounded by the comment that Sione made, that people were dying and, more often than not from relatively basic ailments. The treatment of these was suffering from the fact that there are no qualified medical personnel on the islands (the islanders have been looking for sometime for aid to send some of their people for medical training, but that has fallen on deaf ears).

But, I noticed that many of the ailments that he spoke of were in part as a result of dietary factors. Lack of consumption of fruits, green leafy vegetables, and all of those things that our mums insists that we have lots of.  There has been some “Aid” from, I believe both the PNG government and Ausaid, but this has been restricted to nothing more than shipping Rice to the island, when it is possible.

About that time, I was watching a documentary about the d’Vineripe company  building a $30M tomato greenhouse at Two Wells, near Adelaide, using Hydroponics. I also saw mention of the fact that during the antarctic winter, staff at the McMurdo Base, grow fresh vegetables in a hydroponics lab, sufficient for a few meals a week for a few hundred staff.

It struck me, that an island, just south of the Equator, with plenty of sunshine, lots of water (albeit salt), should be able to sustain a Hydroponics Operation.

So, what is needed for this process.

1. It’s important to understand the “mix” of foods needed – as such it would be appropriate to send medical staff there to assess the condition of the people and what ails them, and as such work out what is needed to improve their diet. Of course, while these people are there, they can be providing basic training and perhaps medicines and equipment for a local group of Paramedics.

2. Fresh Water. Yes, the Mortlocks are surrounded by an Ocean of Salt water. Desalination is the best thing to do, here. I started researching desalination. While it would be feasible to possibly build a passive (i.e. driven by Sunlight) desalination plant, it would be low volume. The Water “Problem” really struck home, when I asked Sione how much water they had there. He recalls a 5,000 litre tank that is fed by Rainwater runoff from the small school house. Needless to say, making more fresh water rather than “just enough”, would have great benefit to the local community.

Finding a source of desalination,  I was inspired by stories of Unicef’s Efforts in the Maldives, after the Indian Ocean Tsunami. They had delivered 23 Portable Desalination Plants (each about the size of a box-trainer) and each costing about USD 75,000 designed and built by an Israeli company, and capable of producing around 10,000 litres of fresh water in an 8 hour cycle.  Compared to what the Mortlocks have, this was “Mind-blowing”.

Of course, the thing to do was to have “storage” but then, given that one can get 30,000 litre tanks of various materials here in Australia, that shouldn’t be an issue.

Logically if we can procure these desal machines, it makes more sense to have say, three running in parallel for two hours a day.(Less wear and tear). These machines are typically run on diesel, but there has been great success on bougainville producing a viable biodiesel from Coconuts, and the Morlocks have plenty of those (Modification of Engines may be necessary).

3. The next factor is nutrients. There are several potential sources for this. The most northern of the islands in the Atoll is known as “Bird island”  for obvious reasons… It is a natural source of Guano, a natural fertiziler, equally there are plenty of fish in the oceans and fishmeal can provide some appropriate nutrients to the growing process. Finally, I asked Sione, what happens to Human Waste – it “feeds the fishes” was the response. With some level of processing, this could be turned into a viable fertilizer source.

4. What is left? Plumbing, construction, instruction, and seed stock for propogation.

I haven’t done a detailed “Bill of Materials” for this, but in the order of $500,000 would see it all well established and operational. When compared to the $5,000,000 of Rice that is distributed each year, it seems to be a whole bunch smarter.

But, the best laid plans of mice and men. I have run this past PNG government officials, Australian Government Officials (with Pacific Island responsibility) and anyone else that will listen. If perchance, you a) foudn my blog, b) foudn this article, and c) know of Philanthropic Sources (or even pro-bono expertise in hydraulics, diesel engines, Medicine, or hydroponics, not to mention access to Shipping in the area, please let me know. The people of the Mortlocks would be eternally grateful.

21 Jul
Posted in: Project Management
By    Comments Off on Project Management – a disappearing craft

Project Management – a disappearing craft

A repost from a previous blog entry of mine, but one of those observations that remains timeless.

I was reading through an old text “Project Management with CPM, Pert and Precedence diagramming ISBN 0442254156” and was struck by two things, from reading this.