« May 20, 2003 | Main | May 22, 2003 »
May 21, 2003
Open Source as Competitive Advantage
Ideal Technology was at the Open Source in eGovernment conference that I attended in March. They've now landed a government contract for $65,000 according to GovExec.com and credited open source as a competitive advantage:
Jacobs believes his firm won the contract because of Ideal's expertise with "open source," a type of software that includes code that can be examined, modified and copied without threat of copyright infringement.
08:34 PM | Recommend This | Print This
Product Management in eGovernment
This article in Federal Computer Week talks about how various state and federal agencies manage projects. My thoughts on product management are included at the end of the article. I feel very strongly that product management is an important discipline for eGovernment that is separate from project management. Dave Fletcher was also interviewed in the article and wrote about the Utah Product Management Council in his blog.
02:00 PM | Recommend This | Print This
OK, I'm an Idiot: A Public Apology
Last week I did something stupid and I think its important to own up
to it in public---both as a means of penence and as a way of
recording mistakes so that they can be avoided in the future by
myself and others.
I was testing a piece of security software called WebInspect from SpiDynamics. WebInspect tests web sites for a large number of known security vulnerabilities. The tool inventories the contents of a site and then checks against a set of known vulnerabilities in Web applications. Its a very interesting application and I'll write more about it later. I played around with WebInspect on my own machines for a bit and got to understand a little (read: not enough) about how it worked. Here's where the stupid part comes in. Wanting something bigger to test and having always had some curiousity about the security of utah.gov while I was CIO, I pointed the tool at utah.gov.
I know what you're thinking. In the stark light of day, it seems pretty stupid, but late last Thursday night it struck me as perfectly reasonable. Given the tool's behavior on my much smaller sites, I figured it would run for an hour or so and give me a nice report that I could share with the State and we'd all get something out of it. I forgot about it until the next day when I realized it was still trying to run. Trying because the folks at Utah Interactive, who run utah.gov, had blocked my IP address. I guess I'm pretty dense because even at that point, I failed to see the seriousness the situation. I figured, I'd been trapped by the intrusion detection software on the State network and I'd send a short note to own up to my mistake and we'd get the IP unblocked.
That's when things went downhill: my Internet service stopped working. I called my ISP and realized that someone was taking this much more seriously than I was. Well, to make a long story short, after thinking about it over the weekend, I called Amy at Utah Interactive yesterday and offered her my apology for being a bonehead and causing her organization trouble. From talking to her, I think some people thought it was a denial of service attack, but that's not what the tool does. After my conversation with Amy, I decided that a public apology was in order.
I had no idea that the tool would be as aggressive as it was, but I should have known better than to use it on a production site in any event. My actions were born of ignorance, not malice. Nevertheless, I caused some people quite a bit of trouble and I want to take responsiblity for that and say "I'm sorry."
08:21 AM | Recommend This | Print This
Office Hours Today and Friday
I'll likely be 15-20 minutes late for office hours today. Friday, I will have to miss office hours all together. If you were planning on coming in, please send me an email and we'll find a way to get together.