Tuesday, August 7, 2007

Inside the Mind of the Hot Group

A hot group…is not a name for another kind of organizational unit. A hot group is not to be confused with a team, task force, panel, board, or committee. It is a state of mind, shared by a group’s members. -- Lipman-Blumen and Leavitt, 1999

Such is one way Jean Lipman-Blumen and Harold J. Leavitt describe the phenomenon known as a hot group. Lipman-Blumen and Leavitt have written extensively on the all encompassing, productive, and unconventional execution that is the hot group in an attempt to explain the business benefits. Businesses, however, may ultimately find an explanation of hot group state of mind in the research conducted by the field of humanistic psychology.

Lipman-Blumen and Leavitt suggest the potential value hot groups bring to organizations in their 1995 Harvard Business Review article, “Hot Groups,” their 1999 CIO Magazine article, “Jammin’,” and in their 1999 book Hot Groups. Lipman-Blumen and Leavitt (1995) begin by providing a definition of hot groups, by stating,

A hot group is…a lively, high-achieving, dedicated group, usually small, whose members are turned onto an exciting task. Hot groups, while they last, completely captivate their members, occupying their hearts and minds to the exclusion of almost everything else. When the conditions are right, hot groups happen, inspired by the dedication of their members to solve an impossible problem or beat an unbeatable foe (p. 109).

Describing hot groups as such, Lipman-Blumen and Leavitt spend the majority of their writings unpacking this definition.

Based on their writings, it can be suggested that hot groups are an alternative to the traditional corporate team structure. Several characteristics of hot groups illustrate this. First, no one can form a hot group or will it into existence. Instead, hot groups form naturally and last only for relatively short periods of time (Lipman-Blumen & Leavitt, 1995). Second, Lipman-Blumen and Leavitt (1995) indicate that the bureaucracy of business distracts members in hot groups. Reports such as expense forms and status reports are deemed unnecessary (Lipman-Blumen & Leavitt, 1995). Members avoid symbols of authority amongst each other and instead focus on communicating freely and casually. They tend to set their own schedules, ignore company policy, and work secretly until it is time to unveil the results of their work (Lipman-Blumen & Leavitt, 1999). As a result many organizations view hot groups negatively, citing the group’s single-mindedness, self-centeredness, and seemingly uncooperative nature as counterproductive to business (Lipman-Blumen & Leavitt, 1995). Ultimately, however, these characteristics are outward expressions of what Lipman-Blumen and Leavitt (1995) feel is the single most defining feature of hot groups, total focus on the task at hand.

Members in a hot group all share this total focus because they feel that the group is doing a task full of meaning, one that is extremely significant to their organization (Lipman-Blumen & Leavitt, 1995). Every thought of every day during the group’s existence is ultimately focused on the task. In fact, the more challenging the task, the more dedicated and focused the members become (Lipman-Blumen & Leavitt, 1995). Lipman-Blumen and Leavitt (1995) state, “Participants in hot groups achieve this level of preoccupation because they always feel that their task is immensely significant both in terms of the challenges it represents and in terms of its intrinsic meaning” (p. 111). In fact, this intrinsic meaning causes members to volunteer for extra work, effectively creating more work for themselves (Lipman-Blumen & Leavitt, 1999).

In describing the internal dynamics of a hot group, Lipman-Blumen and Leavitt (1995) state that members of the group feel more “creative, capable, and productive” as part of the group than at any point of their lives (p. 110). Lipman-Blumen and Leavitt (1995) describe this as a “peak experience” for those members because they feel like they are stretching and surpassing their normal performance abilities (p. 110). It is here that the humanistic approach can shed additional light on the total focus exhibited in a hot group. Unfortunately, Lipman-Blumen and Leavitt provide only a brief mention of the humanistic approach’s influence on the understanding of the hot group. In fact, Lipman-Blumen and Leavitt seemingly minimize the humanistic contribution and place it solely in the context of needs-based fulfillment. While needs-based fulfillment is indeed a central tenet of the humanistic approach, it is not the whole of the humanistic contribution to the understanding of hot groups. In Hot Groups, Lipman-Blumen and Leavitt (1995) state,

Abraham Maslow offered his hierarchy of needs…More recently, Mihaly Csikszentmihalyi developed the concept of flow, the urge in individuals to move forward, to accomplish things worth accomplishing. “The best moments [in life] usually occur,” he writes, “when a person’s body or mind is stretched to its limits in a voluntary effort to accomplish something difficult and worthwhile.” Hot groups don’t help individuals satisfy all their needs, drives, and motives, but they can certainly give us chances to strive toward those “best moments” (p. 219-220).

Such is the extent of Lipman-Blumen and Leavitt’s reference to the humanistic contribution. By confining their research to needs-based fulfillment, they seemingly miss the fact that drives and motives are two integral parts of the hot group mentality. In fact, Lipman-Blumen and Leavitt (1995) define the members of a hot group as being “high-achieving and dedicated,” which are essential to succeeding and surpassing one’s normal abilities.

Surpassing one’s normal performance abilities is a phenomenon that has been studied by humanistic psychologists for several decades. During his career in the mid 1900’s, humanistic psychologist Abraham Maslow described the “peak experience” of psychologically healthy people (Burger, 2000, p. 325). In his explanation, psychologically healthy people are less restricted by the norms of culture, less inhibited, and more spontaneous than the average person (Burger, 2000). These are the people who have peak experiences, which Maslow described as “one in which time and place are transcended, in which people lose their anxieties and experience a unity of self with the universe and a momentary feeling of power and wonder” (Burger, 2000, p. 325). While Maslow’s definition of a peak experience is a bit mystical, it neatly parallels Lipman-Blumen and Leavitt’s assertion that members of hot groups surpass themselves and their abilities. In fact, Maslow’s definition of psychologically healthy people can be applied to the members who are part of a hot group, in that they are a bit unconventional in their ways.

In addition to Maslow’s work on peak experiences, the research of another humanist, Mihaly Csikszentmihalyi has produced some interesting parallels to the total focus described by Lipman-Blumen and Leavitt. In his research, Csikszentmihalyi described what he called “flow in the optimal experience” (Burger, 2000, p. 326). Csikszentmihalyi (1997) defines flow as occurring “when a person faces a clear set of goals that require appropriate responses” (para. 6). In his studies, participants were presented with challenges that demanded full concentration and afterward, they described the events of these challenges as flowing from one step to the next (Burger, 2000). When a goal was reached the participants stated that the process was more pleasurable than the mastery of the goal (Burger, 2000). In addition, participants described these events as being so involving that they became oblivious to everything else (Burger, 2000). This is essentially the same feeling experienced by the members of a hot group. The oblivious state experienced by the participants in Csikszentmihalyi’s studies parallel the total focus that the members of the hot group experience.

Csikszentmihalyi (1997) states that provided the right elements are present, almost any activity can produce flow. In fact, Csikszentmihalyi (1997) feels that these experiences are more likely to occur at work, where skills are required to attend to challenges presented. Indeed, Lipman-Blumen and Leavitt describe the hot group in the workplace environment. Much in the same way that the flow occurs when the right elements are in place, hot groups grow naturally when the corporate environment is ripe and does not inhibit them. It can be suggested that a hot group in Csikszentmihalyi’s terms is a team that experiences flow in the face of a challenge that requires total use of their skills.

It should be noted that the peak/optimal experience and flow do not necessarily correlate to the hot group experience. The total focus found in the hot group parallels the peak/optimal experience and flow, but total focus is not the sole distinguishing characteristic of the hot group. Other characteristics are present, such as the secrecy, unconventional workplace behavior and the like. Moreover, the research of Maslow and Csikszentmihalyi focused on the individual and not the group. The influence however is unmistakable. Even Lipman-Blumen and Leavitt state that the “psychology of the individual is relevant” (Lipman-Blumen & Leavitt, 1999, p. 219). After all, groups are constructed of individuals by definition.

The contributions of humanistic psychology constructs to the understanding of the hot group mentality cannot be underestimated. The parallels of peak experiences and flow to the hot group mentality abound. Just as hot groups are made up of diverse individuals, the psychology of those individuals makes up the unique and incredibly potent experience that defines that of the hot group. By looking to the understanding of individuals who have peak experiences, businesses can come to understand what makes up the hot group and why Lipman-Blumen and Leavitt believe in the value hot groups offer. Only when businesses understand the dynamics of “hot” individuals can the come to understand the dynamics of the hot groups.


References

Burger, J. (2000). Personality. Santa Clara: Wadsworth.

Csikszentmihalyi , M. (1997, July/August). Finding Flow. Psychology Today. Retrieved February 8, 2004, from http://www.psychologytoday.com/htdocs/prod/PTOArticle/PTO-19970701-000042.ASP


Lipman-Blumen, J. & Leavitt, H. J. (1999, November). Jammin’. CIO Magazine. Retrieved February 8, 2004, from http://www.cio.com/archive/110199/jammin.html


Lipman-Blumen, J. & Leavitt, H. J. (1995). Hot Groups. Harvard Business Review, 109-116.


Lipman-Blumen, J. & Leavitt, H. J. (1999). Hot Groups. New York: Oxford University
Press.

Labels: ,


Read the complete text of this post

posted by The Voice at 10:20 AM 0 comments

Monday, August 6, 2007

Bolstering Security by Combining Patch Management with Risk Management

With the recent barrage of attacks on computer software by viruses and worms, it has become increasingly evident that the software organizations employ is insecure. As organizations move almost every aspect of their business to computing environments, the need for reliable and secure software has become paramount. All too often, however, security is lackingin the software that vendors release and this lack of security is the source for most information security breaches. In light of this lack ofsecurity, this paper examines the causes of security flaws and attempts to combine two existing methodologies in order to bolster an organization's defenses against security breaches that result from these flaws.

In the past, most security breaches took place at the servers and firewalls facing the Internet (Nicastro, 2003). As a result, most security efforts focused primarily on hardware. Over time, however, the types of threats and the potential risks both increased and changed to such a degree that organizations can no longer assume that they are secure behind a firewall. Today, viruses and worms can be delivered by various means, suchas through emails and their attachments, effectively bypassing the
protection provided by firewalls (Nicastro, 2003). Additionally, these viruses and worms can search for exploitable flaws on a variety of systems and can be automatically executed (Nicastro, 2003).

To understand why software flaws have become so prolific, one only needs to look into the mindset of the developers of the flawed software. From there, one can see that the flaws are the result of business-driven pressures. Scott Berinato (2003) sheds some light on these pressures, indicating that the vendors view time-to-market as having a higher priority than security. As such, he feels that vendors will continue to ship flawed code as long as they can. Deadlines imposed by vendor schedules cause
developers to work fast while under the continual pressure to add more features (Berinato, 2003). Berinato (2003) relates an old adage among developers that states, "When it comes to software, you can pick only two of three: speed to market, number of features, or level of quality" (para. 13). As a result, the third option is rarely chosen "since, of course, software is so easily repaired later, by someone else" (Berinato, 2003, para. 13).

According to an SEI study, the vast majority of software vulnerabilities result from ten common flaws. These include parameters that were not validated, broken access control, broken session and account management, and cross-site scripting flaws. Others include command injection flaws, error-handling problems, insecure cryptography, remote administration flaws, and server misconfigurations. The most common flaw, however, is that of the buffer overflow (Berinato, 2003). In fact, a
prominent database vendor estimates that 80% of its flaws are the result of buffer overflows. If it were able to eliminate the cost of patching these flaws, the vendor estimates a savings of $12 million per month on average (Austin & Darby, 2003). Thompson and Chase (2003) agree, arguing that if the software running on systems were more secure, the need for patching could be reduced or perhaps even eliminated. Unfortunately, history indicates that as long as dealing with security in code threatens a deadline, the need for patching will remain.


Research Questions


The following questions were posed in an effort to guide the research.

What are the causes for software security deficiencies?

Are the current methods of patch management sufficient as a solution for
these software security deficiencies?

Are there strategies that organizations can adopt to mitigate the risks
associated with these software security deficiencies?


1 Hypothesis

As a result of the security flaws in software, organizations should take a proactive and calculated approach toward securing their systems, one that no longer relies solely on firewalls or the security provided by the software vendors. By adopting a combined strategy of rigorous patch management and risk management practices, organizations can minimize the risks posed by software deficiencies. One solution is not entirely effective.

2 Methodology

To gain an understanding about the mitigation of risks regarding software flaws, research was conducted and consisted of a literature search for several topics in the realm of security and patch management. The topics of software coding deficiencies, patch management, patch management deficiencies, and risk management as applied to information technology were researched.

Much of the current literature dealing with software and patching deficiencies can be found in trade publications, whereas both academic journals and trade publications have provided much of the treatment on risk management. Few publications, however, have looked solely at the role risk management plays regarding the patching of software flaws. Most literature treats risk management in a broader sense, applying it to the information technology field as a whole.

Research Results

2.1 Patch Management Deficiencies

Patching arose as a reactive measure to repair software flaws. It is the predominant way in which organizations combat the threat posed by exploitable software flaws. Historically, however, patching has not always been the panacea for these flaws. Research indicates that the patch management process is cumbersome and requires diligence on the part of those charged with the duties of patching. According to Robinson (2003),the inability to deal with the cumbersome nature of patching has resulted in the overwhelming majority of security breaches in today's computing
environment.

The problems associated with patching begin at the moment of a security vulnerability disclosure. When a vulnerability is disclosed over the Internet, a race begins between the hackers and those trying to patch their systems (Berinato, 2003). "Disclosure basically gives hackers an attack map," says Gary McGraw, CTO of Cigital (Berinato, 2003, para. 24). Nicastro (2003) concurs, stating that the publicity a flaw receives across the Internet increases the risk that hackers could attempt to use the knowledge from the disclosure to compromise vulnerable systems.

Making patches available for these vulnerable systems does not necessarily eliminate the risks of exploits. According to Robinson (2003), patches may not be identified and installed in time to prevent attacks. In addition, some systems may go unpatched during a large-scale patch deployment. Coupled with defective patches that either fail to close vulnerabilities or create new ones, organizations face serious consequences should an exploit occur. These range from cleanup costs to legal liabilities for loss or corruption of data. Organizations may also face a loss of revenue due to outages and possible a loss in consumer confidence (Robinson, 2003).

Violino and Berinato agree that the current state of patch management is untenable for those applying the patches. Violino (2003) points out that patches are generally issued "in a way that's convenient for the supplier but not necessarily for the user" (p. 80). He adds, "There isn't really an integrated, one-size-fits-all tool for patch management" (Violino, 2003, p. 81). Berinato (2003) expands on this notion by stating
that "there's nothing standard about the patch infrastructure or managing the onslaught of patches" (para. 41). He notes that patches lack a standard naming convention, a standard installation procedure, and that there is little record keeping regarding the patch process. Yet, even with all of its flaws, the only way to repair flawed software after it is released is through patches (Berinato, 2003).


3. Case Study: The Slammer Worm


According to Berinato (2003), "Slammer neatly demonstrates everything that is wrong with manufacturing software patches" (para. 23). Echoing McGraw and Nicastro on the notion of disclosure, Berinato (2003) states, "everything about the SQL Slammer was old. It was an old hack that exploited an old vulnerability on an old target, Microsoft software" (p. 60). He indicates that the patch existed six months before the exploits, but "it was so kludgy to install that the patch needed a patch" (Berinato,2003, p. 60).

The Slammer worm was small in terms of computer code size, but enormous in terms of the havoc it unleashed. The 376 bytes of code that made up Slammer fit inside a single data packet that was broadcast across the Internet in January 2003 (Berinato, 2003). It was designed to infect unpatched Microsoft SQL Servers and MSDE, a piece of client software embedded into approximately 130 third-party applications (Berinato, 2003). Once it infected a single server, it generated a random set of IP addresses
upon which it would try to infect. Once it infected another server, the process repeated itself, with each new infection generating new IP addresses to infect (Berinato, 2003). At the height of its efforts, Slammer was scanning approximately 55 million servers per second, reaching this point only three minutes after the initial infection. After ten minutes, it is estimated that Slammer had infected 90% of all possible vulnerable SQL Servers (Berinato, 2003). Some of the more high profile
results included the taking down of the Finnish telephone service and over 13,000 Bank of America ATMs (Austin & Darby, 2003). In the midst of such a large-scale failure of patch management, Berinato finds an element of good in the Slammer worm events by stating,

There won't be a formal announcement of the fact, and no one
really planned it this way, but Slammer has become something of a
turning point. The fury of its 10-minute conflagration and the
ensuing comedy of a gaggle of firefighters untangling their
hoses, rushing out to the scene and finding that the building
burnt down left enough of an impression to convince many that
patching, as currently practiced, really doesn't work (para.
46).



Indeed, Slammer appears to have become a turning point for the industry, causing industry analysts to consider the role of risk management as a potential force in the software security area.

4 Risk Management and Information Technology

To gain a perspective on why some analysts are turning to risk management, it helps to have an understanding of the fundamental concepts of risk management and how they apply to information technology. From there, one can see the how risk management concepts can guide those dealing with software flaws.

Risk is defined as the "net negative impact of the exercise of a vulnerability, considering both the probability and the impact of the occurrence" (Stoneburner et al., 2001, p. 1). Strauss and Stummer (2002) concur, declaring that the "two essential characteristics of risk are the probability of occurrence and the magnitude of the damage" (p. 252). Risk management, therefore, is the "process of identifying risk, assessing risk, and taking steps to reduce risk to an acceptable level" (Stoneburner et al., 2001, p. 1).

Siegel et al. (2002) defines the risk management process as a "cycle of assessment, mitigation, insurance, detection, and remediation" (p. 34). Assessment involves the conducting of a comprehensive evaluation of security, which aids in determining the tools necessary for mitigation. Stoneburner (2001) adds that the risk assessment performed should enable an organization to determine the extent of the potential for threats and risks associated with an information technology system. The outputs of the process should enable management to identify the appropriate measures for the reduction or possible elimination of risk in the mitigation process.

One of the principle ways to measure risk during the assessment is to develop a risk scale and a risk-level matrix. Multiplying the ratings assigned for threat probability and the threat impact derives this matrix (Stoneburner, 2001).

Applying the risk scale and risk-level matrix allows an organization to easily determine which risks should be given priority and develop mitigation strategies to avoid such risks. It is the responsibility of the organization to determine the values it places in these tables regarding the threat likelihood.

During risk mitigation, Stoneburner (2001) holds that information technology managers are responsible for using the "least-cost approach" and should "implement the most appropriate controls to decrease mission risk to an acceptable level, with minimal adverse impact on the organization's resources and mission" (p. 27). Mitigation consists of the steps an organization takes to reduce risk, limit the possibility of incidents, and limit the impacts of breaches that do occur (Siegel et al., 2002). Shouldbreaches occur, insurance procured by an organization acts as a risk transfer mechanism, reducing any negative impact through finances and indemnifying if damage is detected. Such detection involves consistent and constant monitoring as a proactive means of discovering vulnerabilities and remediation is the response to any vulnerability that are discovered (Siegel et al., 2002).

According to Stoneburner (2001), the main goal of any risk management process for an organization is the protection of the organization and its ability to carry out its mission. Managers need to decide which risks are likely to materialize and which could cause the most harm, spending money where it will be most beneficial. In addition, technicians should not be making the decisions at this level. Instead, the general managers, who tend have more experience with risk management, should be the ones who "assess the business value of their information assets, determine the
likelihood they they'll be compromised, and then tailor a set of risk abatement processes to particular vulnerabilities" (Austin & Darby, 2003, p. 3).

4.2 Risk Management and Patch Management

Performing such risk analysis on software vulnerabilities is exactly what led Peter Tippett, Vice Chairman and CTO of Tru Secure, to declare, "With patching, we're picking the worst possible risk-reduction model there is" (Berinato, 2003, para. 56). Based on data he collected over twelve years, Tippett concludes that only 2% of vulnerabilities ever result in exploits. In fact, he claims, "more than half of Microsoft's 72 major vulnerabilities last year will never affect anyone ever" (Berinato, 2003, para. 56). As a result, Tippett suggests that organizations should improve their security policies, lock down unused ports on their firewalls, and pay
third party companies to "figure out which patches are necessary and which ones you can ignore" (Berinato, 2003, para. 56). In effect, he is making the case for a strong risk management process at the patching level.

Tippett is not alone in his opinion that patch management can be made more tenable through the application of risk management. In fact, Chad Robinson, in his CSO Analyst Report for the Robert Francis Group, states that information technology executives should evaluate services offered by providers that identify and deploy patches. He argues that the executives should evaluate these vendor solutions "to determine whether it would be possible to mitigate the cost associated with patching vulnerable systems without sacrificing response times to vendor alerts or thoroughness in identifying required patches" (Robinson, 2003, para. 4).

Robinson, however, does not off-load the entire risk management process to third parties. He leaves this to the information technology executives, much in the same way as Austin and Darby. These executives are charged with the responsibility to develop a matrix similar to that presented by Stoneburner. The matrix should be used to profile each software package employed by the organization and their sensitivity to vulnerabilities. The matrix should include the risk to the business should
a breach occur, the allowable periods of downtime for patching, and the risk vulnerability at each level (Robinson, 2003).

From this matrix, one can see the similarities to the matrix offered by Stoneburner. Although it is structurally different, it effectively adapts the notions of low, medium, and high and applies it to patch management accordingly. In addition, it provides timeframes during which the patching should take place.

Robinson (2003) provides an additional matrix that applies to patch management procedures. Such a matrix clearly identifies the procedures with the corresponding
owner of each. This matrix includes a notification column as well. Robinson feels that no one step should be considered complete without written notification. Such notification provides a means of identifying the events of the patching process and resolves the lack of documentation raised by Berinato.

The ultimate goal of applying risk management to the process of patch management is to define which servers are most important to the organization and to use the matrices to determine the schedule in which these servers are patched, while minimizing the cost and time to complete the process of patching (Robinson, 2003).

Discussion

With each new patch release, the notion that software is insecure becomes increasingly evident. Research indicates that poor coding practices are the main cause of software security deficiencies. To combat these deficiencies, the practice of patch management has been developed, but has seen mixed success. The research conducted on issues of patch management revealed that patch management, as currently implemented and practiced, is not sufficient as a solution for software deficiencies due to its cumbersome nature.

In an attempt to discover if standard risk management methodologies could bolster security defenses, it was hypothesized that risk management practices could allow an organization to minimize the risks posed by software security deficiencies when paired with patch management. The data gathered supports the hypothesis, in that, risk management practices can be combined with patch management policies to form a security strategy for organizations. Robinson's CSO Analyst Report effectively outlines such a strategy and, on these terms, the hypothesis can be accepted. In effect,introducing risk management to the patch management process makes good
business sense, effectively eliminating Berinato's "comedy of a gaggle of
firefighters" by providing structure. It does not protect an organization, however, as it merely serves to bring the process under control. Essentially, the introduction of a combined approach decreases or defers the patch management workload for those who must patch the systems.

Conducting further analysis, however, illustrates that the nature of software deficiencies makes any patch management process untenable on a practical level and reveals the limitations of such an approach. As an illustration of these limitations, consider the Slammer worm's affect on MSDE applications. Applying the risk management approach suggested by Robinson calls for the immediate patching of critical servers with high-risk levels, such as SQL Servers. This practice, however, would not have
prevented Slammer infections within an organization due to the vulnerabilities of the MSDE engine. As noted, this engine is embedded into desktop applications, and as such, would not have been immediately patched in accordance with Robinson's Sample Business Application Patching Matrix. As "Medium-Business Risk" systems, desktop products would have remained unpatched for several hours at best, providing a wealth of time for Slammer infections. Due to Slammer's self-replicating nature and its ability to generate network traffic, the organization would feel the effects of such
an infection almost immediately.

This presents an opportunity for further research regarding the creation of these software deficiencies. If the combination of patch management and risk management cannot resolve the issue of software deficiencies in a reactive fashion, then perhaps the responsibility to prevent such flaws should fall on the developers themselves. Research could be conducted to understand the pressures developers face and perhaps
develop ways to reduce the number of coding errors that result in software flaws.

The software that vendors ship is riddled with flaws that are the result of insecure code developed under intense pressure. In light of this, it was hypothesized that the combined approach of patch management and risk management could provide a means for an organization to protect itself. Ultimately, the hypothesis must be rejected on the basis of its inability to address the software deficiencies at a practical level. While the application of risk management to patch management does lend structure
to the process of patch management, it does not appropriate any additional security defenses by reducing risk for an organization.


References

Austin, R & Darby, C. (2003). The Myth of Secure Computing. Harvard Business Review, 1-7.

Berinato, S. (2003, May 15). The Bugs Stop Here. CIO, 60-68.

Berinato, S. (2003, August). Patch and Pray. CSO. Retrieved September 25, 2003, from
http://www.csoonline.com/opinion/links/1556.html.

Nicastro, F. (2003, November). Security Patch Management. Security Management
Practices, 5-18.

Robinson, C. (2003, October). Patch Deployment Best Practices in the Enterprise. CSO.


Retrieved October 25, 2003, from http://www.csoonline.com/analyst/report1837.html.


Siegel, C., Sagalow, T., & Serritella, P. (2002, September). Security Patch Management. Security Management Practices, 33-49.


Stoneburner, G., Goguen, A., & Feringa, A. (2001). Risk Management Guide
for Information


Technology Systems. Washington, DC. (NIST No. SP 800-30).


Strauss, C. & Stummer, C. (2002). Multiobjective Decision Support In IT-Risk Management.


International Journal of Information Technology and Decision Making. 1, 251-268.


Thompson, H., & Chase, S. (2003). Red-Team Application Security Testing. Dr. Dobb's
Journal, 28(11), 18-25.


Violino, B. (2003, August 1). Patching Things Up. CIO, 79-82.

Labels:


Read the complete text of this post

posted by The Voice at 4:47 PM 0 comments

Finding the Exit

The decision to discontinue a project is often difficult to make. It can be even more difficult to make when the entire project team believes in the viability of the project and its inevitable success. Management is often faced with the decision to funnel more money into an unsuccessful project or to cancel it outright. In such cases, one or more individuals are needed to conduct an objective analysis of the project to determine its viability. This role is often called the “exit champion” or “stopping-champion.” Based on a literature review, this paper examines the reasons why unsuccessful projects are pursued, highlights specific strategies for coping with these projects, and then analyzes the role of the exit champion.

Reasons for Supporting Unsuccessful Projects

Managing a project to its successful completion has proven to be a challenging prospect. Any number of problems can arise which can alter the course of the project. When such problems do arise, the project team must be able to objectively make decisions regarding the continuation of the project. More often than not, however, the project team either feels pressured into continuing a project or the team vehemently believes in the ultimate success of their project, making it difficult to consider termination. Barry M. Staw and Jerry Ross have conducted research on the forces that compel the continuation of unsuccessful projects. In addition, the work of Isabelle Royer has focused on the momentum that can build to continue an unsuccessful project, despite signs of failure. Together their research lends insight into why unsuccessful projects are supported.

Four Factors that Influence the Continuation of Unsuccessful Projects

To understand why project teams continue supporting projects that are unsuccessful, it is useful to look at the situations in which project team members find themselves. In their 1987 Harvard Business Review article, “Knowing When to Pull the Plug,” Barry M. Staw and Jerry Ross highlight four factors that drive project teams to continue pursuing an unsuccessful project.

The first factor that influences the project team is the project itself. Staw and Ross (1987) point out that minor setbacks and issues tend to encourage team members to continue pursuing the project. In fact, some team members may view these setbacks as the cost of conducting business. In addition, Staw and Ross (1987) indicate that the salvage value of a project may cause the team to continue its support. They state that if the project exit is too difficult and the expenditures are not recoverable, the team will continue its support. If the exit is easy and the team can recoup the expenditures, there will likely be less opposition to ending the project (Staw & Ross, 1987).

The second factor highlighted by Staw and Ross is the manager’s motivations. There is a tendency to celebrate the success of those who have persevered despite hardship. Knowing this, project teams may continue in the hope that the project will turn around (Staw & Ross, 1987). Managers may also be motivated to continue a project if they have a biased view of information. They may only see the positives and ignore the negatives (Staw & Ross, 1987). In addition, they may try to prove that the project will be a success by continuing the project, believing that, in time, the project will succeed. Staw and Ross (1987) call this self-justification.

Social pressure is the third factor influencing decisions to continue with unsuccessful projects. Staw and Ross (1987) state that no one wants to appear incompetent or admit mistakes to the organization. Coupled with the fact that persistence is viewed as strength and withdrawal is viewed as weakness, Staw and Ross (1987) believe that few would be motivated to withdraw.

The final factor is organizational pushes and pulls. This primarily consists of administrative inertia, which Staw and Ross (1987) define as “all the rules, procedures, and routines of an organization as well as the sheer trouble it takes for managers to give up day-to-day activities in favor of a serious operational disruption” (p. 4). Such inertia may include the wishes of governing bodies, budget committees, and political groups who are controlling the project’s backing (Staw & Ross, 1987).

The Collective Belief

In her 2003 Harvard Business Review article, “Why Bad Projects are So Hard to Kill,” Isabelle Royer presents additional reasons why project teams continue to support unsuccessful projects. Rather than focus on a myriad of individual factors that may influence decisions, she theorizes that a single “fervent and widespread belief” exists among managers (p. 6). This “collective belief,” which is a belief in the inevitable success of their project, originates within one individual, usually the project champion (Royer, 2003, p.6). As it spreads throughout the organization, it has the potential to lead rational organizations to make irrational decisions and can blind the project team from seeing negatives and setbacks (Royer, 2003).

Royer (2003) states that the collective belief often starts out as the project champion’s hunch and is not usually based in fact or evidence. The belief then permeates through the organizations based on the champion’s credibility and the belief’s alignment with people’s desires. Once the belief begins to perpetuate itself, it gains the power to silence skeptics, resulting in failure warnings being ignored (Royer, 2003). Once ignored, the skeptics usually stop asking questions and this ultimately bolsters the false sense of security cultivated by the collective belief. Royer (2003) states that the greatest danger of the collective belief is that even if problems are acknowledged, they will not be seen as signs of failure or issues that must be resolved. Instead the momentum of the belief pushes the project forward.

Royer’s analysis is largely based on the findings of her research on two French organizations, Essilor and Lafarge. In both studies, a skeptical team member raises concerns about the viability of the project. These concerns are readily discounted due to a lack of experience or credibility and the momentum of the collective belief. Years pass and millions of Francs are spent with little success. Eventually, when company turnover causes some team members to be replaced, the projects are re-examined with fresh eyes and are cancelled (Royer, 2003). These examples neatly illustrate much of Royer’s theory and Staw and Ross’ ways to avoid supporting unsuccessful projects.

Avoiding Support for Unsuccessful Projects: Recognizing Over-commitment

Staw and Ross have developed suggestions for how to avoid the tendency to support unsuccessful projects. These suggestions consist of changing the company or organization by recognizing over-commitment on a project and taking action.

One step in changing the organization is attempting to improve the information system (Staw & Ross, 1987). This consists of encouraging candid reporting of the project’s progress and by improving the honesty of reporting throughout the organization (Staw & Ross, 1987). Another step organizations can take is to turn over the project team (Staw & Ross, 1987). Although this may be costly and disruptive, it can be quite effective, as was illustrated in both of Royer’s examples.

According to Staw and Ross (1987), recognizing over-commitment is difficult. Managers must be able to define project failure and must not let such failure radically change their opinion of themselves. In addition, managers must be able to hear the concerns of others, put the organization before the project, and realize that life continues even when a project ends.

Finally, Staw and Ross state that managers should step away from their projects for a brief time and return to look at the projects from a fresh perspective. Managers should ask themselves if they would support or terminate a project if they picked it up in its current state, thereby assuming the role of an exit champion (Staw & Ross, 1987).

Avoiding Collective Belief

Echoing Staw and Ross to some degree, Royer offers three suggestions on how to avoid the collective belief and its resulting blind faith in a failing project. These suggestions consist of avoiding self-selected teams, establishing early warning systems, and recognizing the role of the exit champion.

Royer (2003) feels that project teams are often self-selected and as a result, the missteps and misunderstandings that often prove fruitful when disparate team members come together never take place. In addition, she feels that skeptics should be included as part of the project team and over time, various members of the team should be rotated out in order to provide a fresh view of the project (Royer, 2003). Such was the case in her Essilor and Lafarge examples, albeit involuntarily.

Her second suggestion states that the organization needs to ensure that the proper controls and procedures need to be put in place in order to evaluate the project at every stage. These controls and procedures must be rigorous, clearly defined, and deployed (Royer, 2003). In the cases of Essilor and Lafarge, these controls were largely ignored.

Finally, she details the role of the exit champion, which Staw and Ross touched on in their suggestions. Royer (2003) believes that the exit champion should be a countervailing force on the project team. When concerns are raised, exit champions must seek objective evidence to substantiate their concerns (Royer, 2003). This allows them to then take action to either validate the concerns as reasons for discontinuing the project or to dismiss them and continue with the project. Royer (2003) feels that exit champions must be recognized as a defined role by the organization’s senior staff. They must also have the freedom to challenge the project at any stage without fear of repercussions (Royer, 2003).

In her 2001 report, “Stopping-champions of Failing Projects,” Royer provides a detailed comparison of the project champion (champion of innovation) and the exit champion (stopping-champion). She states in her report that “at a general level, champions of innovation and stopping-champions share the same characteristics, are needed for the same reasons, and rely on the same tactics to achieve their goals” (p. 18). In addition, she highlights three differences between the two types of champions. First, the champion of innovation can be ambiguous regarding the project’s viability, especially at the outset of a project. Stopping-champions must remove ambiguity (Royer, 2001). Second, champions of innovation face the threat of being wrong in the long-term outcome of the project. Stopping-champions face an immediate threat of being wrong when they cancel a project (Royer, 2001). Finally, champions of innovation do not need to possess the level of credibility when starting a project that stopping-champions must possess when canceling a project (Royer, 2001). Aside from these differences, champions of innovation and stopping-champions are largely similar.

The research of Allan Barnes largely supports Royer’s comparisons. He defines the exit champion as someone whose role is to “gather the hard facts that remove any ambiguity about the success or otherwise of the project” (Barnes, 2004, para. 32). In addition, he notes that exit champions are not hired by management to deliberately terminate a project. To the contrary, the exit champion’s role is to provide the necessary objective assessment for management to continue its support of the project (Barnes, 2004). To Barnes, the exit champion is the complement of the project champion.

Discussion

Making the decision to cancel a project can be difficult. For a variety of reasons, managers and project teams are reluctant to cancel projects. Sometimes personal motivations play a role. Other times, the momentum of the collective belief plays a role. Often, combinations of these elements can dissuade a team from canceling the project. Regardless of the reasons, the literature detailing the support for unsuccessful projects indicates that more often than not, the projects are not cancelled.

The results of Staw and Ross’ research and the results of Royer’s research are interesting. They conducted their research separately and by different means, yet they developed similar suggestions. One could suggest that the studies performed by Royer lend a degree of credibility to the suggestions of Staw and Ross regarding recognizing over-commitment. Indeed, Staw and Ross’ suggestions match the actual events that took place in the case studies of Essilor and Lafarge. In addition, it can be suggested from the similarities found in both bodies of research, that the need for exit champions is indeed valid. The results of the research of both Staw and Ross and that of Royer underscore the validity of this need.

The application of the exit champion, however, poses some problems. It is seemingly counter-productive to formally define this role in a project team, but that is what Royer seems to suggest. Further complicating the issue is Royer’s indication that the exit champion can “emerge” from the project team. This seemingly contradicts her statement that “senior executives need to recognize the exit champion as a defined role” (Royer, 2003, p. 12). Additional clarification is needed in this area. One could suggest that the ideal situation is, in fact, a combination of these two statements. The exit champion should emerge from within the project team at signs of trouble, and once this occurs, should be recognized as a specific role by senior management.

When signs of trouble appear, the decision to cancel a project can be difficult to make. A failing project can compel team members to continue supporting the project hoping to make it successful. A multitude of reasons exist that would compel a team to do so, but at some point, a decision must be made to continue or discontinue the project. The research of Staw and Ross and the research of Royer indicate that this decision should be objective and well researched. The magnitude of such a decision has prompted the researchers to define a new role for this decision making process. Despite the confusion in Royer’s definition regarding the time when an exit champion should materialize, the goal of the exit champion is clear. An objective analysis must be conducted to ensure the viability of the project. Although this role of “exit champion” may not be as prestigious or dynamic as that of the project champion, it is as every bit as crucial.


References

Barnes, A. (2004). True Believers and Their Sceptical Foes. Position Magazine. Retrieved May 1, 2004 from
http://www.positionmag.com.au/POS/content/2004/POS10/pos10_feature/pos10_feature_2.html.


Royer, I. (2001). Stopping-champions of Failing Projects. Academy of Management
Confernece. Washington, D.C.


Royer, I. (2003). Why Bad Projects Are So Hard to Kill. Harvard Business Review, 5-12.


Staw, B. M. & Ross, J. (1987). Knowing When to Pull the Plug. Harvard Business Review, 1-7.

Labels:


Read the complete text of this post

posted by The Voice at 3:31 PM 0 comments

Friday, August 3, 2007

Privacy Policies and eGovernment

Maintaining the trust of its customers is a major concern for any ecommerce site. Customers willing to conduct business and transfer sensitive data electronically have a reasonable expectancy that the site has taken the proper precautions to assure the safety of the data. Securing the data, however, is only half of the responsibility of the site. The other half, ensuring the customer’s privacy, is perhaps even more important. Customers expect that their shopping patterns, interests, and other profile-specific data be treated with the utmost respect and that this data remains private. In response to this expectancy, many sites have successfully implemented privacy policies. These policies have become a common practice and have been integral parts of ecommerce activities for some time.

As time has passed, governments have realized the promise of taking government services online. While relatively young compared to ecommerce, egovernment has the potential to transform government services much like the way ecommerce has transformed commerce. In fact, egovernment shares many similarities with ecommerce, including speed, convenience, and cost savings. Egovernment also shares the same security and privacy issues and the protection of this privacy seemingly takes on an even greater importance for egovernment due to the sensitive nature of the data. Unfortunately, egovernment has not always followed the example provided by ecommerce when it comes to privacy policies.

It is the issue of privacy that Ellen Perlman (2003) suggests can either make or break an egovernment initiative. In her article, “Trust Busters,” she raises the notion that state and local governments must make it a priority to protect and ensure citizens’ privacy while still allowing for the convenience and efficiency enabled by placing information online. While she stops short of offering her own specific suggestions, she does cite several approaches chosen by various states and their varying results.

Perlman begins by contrasting the past with the present. In the past, governments stored sensitive data in file cabinets, placed in locked rooms behind security guards equipped with logbooks. Today, governments are increasingly moving toward electronic storage (Perlman, 2003). She notes that few people were concerned about their privacy when the physical security and “rigidity of file cabinets, locked doors, and 9-to-5 office hours” (Perlman, 2003, p. 32) were in place. Even if the data was considered to be publicly accessible, it was often tedious and time-consuming to obtain such information. With online storage, this is no longer the case and she feels that the inherent security risks could “stymie egovernment and the efficiencies it offers” (Perlman, 2003, p. 32).

To better understand the value of egovernment efficiencies, it is helpful to understand the goals of egovernment. The Federal government provides some insight into the purpose of egovernment. Its purpose is to encourage “interagency IT initiatives that, while improving customer service, also consolidate redundant systems, decrease paperwork, increase productivity, and save money” (Datz, 2003, p. ). To achieve this goal, “more data is collected and shared among agencies” (Datz, 2003, p. ). Sharon Dawes (2003), the Director of the Center for Technology in Government at the State University of New York in Albany, feels that such sharing and transfer of data is what raises the concerns about privacy. Referring to the data, she states that citizens expect that the “government won’t share it, won’t put it on public websites, will keep it in secure systems and that people will be trained in how to handle information of a confidential nature responsibly” (Perlman, 2003, p. 32).

If the government fails to uphold these expectancies, serious privacy issues can result. Perlman (2003) raises the concern of the public’s use of the data once it is available, stating, “It is no longer much of an effort for, say, nosy neighbors – or people with malice in their motive – to use browsers to try to check out personal details” (p. 32). Such fears were aroused in Nassau County, New York, when state officials posted names, addresses and assessments online for property comparison purposes (Perlman, 2003). Eventually the names were removed when concerns mounted, but other states, such as Maryland, maintain citizens’ names and addresses online with its “Real Property Data Search.” This search allows anyone with an Internet connection and a street name to locate homeowners, property value, and deed reference numbers for that particular street. This data can be viewed as a service to the public, but in the hands of malevolent individuals, this data could be the basis for a number of attacks.

Bob Freeman (2003), the Executive Director of the Committee on Open Government in New York, provides some insight into these attacks. He states that “the real issue of privacy is not the names and addresses. The reality is that with a good search engine, you can take my name and address and combine it with other information about me and come up with a profile” (Perlman, 2003, p. 39).

Perlman (2003) cites several other cases in her article regarding what some states have done in their attempts to handle these privacy issues. These include Washington State’s Gary Locke, who issued an executive order prohibiting the use of personal information on state Web sites, and New York and Alabama’s placing of court documents online. In each of the cases, there is a recurring theme about how much data should be placed online and whether data should be posted just because governments are capable of doing so. It is here that perhaps governments could borrow from their ecommerce lineage. Ecommerce sites have had to deal with customer privacy for years and have developed privacy policies that, in most cases, clearly state how information will be collected, used, and transferred among other sites.

Perhaps one of the most detailed strategies comes out of Microsoft. In an interview with the Harvard Business Review, Microsoft’s Director of Corporate Privacy, Richard Purcell, provides a five-point plan that attempts to provide a solution. He feels that it is “critical to have a single place where knowledge resides about the way customers’ information is handled and where policies are set for collecting and using on-line and off-line data” (Fusaro, 2000, p. 1). In an effort to do so, Microsoft designed an “ethical framework” for customer data. This framework consists of the five elements of notice, choice, access, security, and enforcement. Essentially, this means that ample notice should be provided that data is being collected and that customers should have the choice to determine how data is used, the length of time it is kept, and the circumstances under which it may be transferred to other companies. Data should also be protected, but remain available to the customer to make changes as necessary. In addition, Microsoft feels that some form of enforcement should be in place to hold itself accountable to ensure that it is adhering to its policies (Fusaro, 2000).

Borrowing and adopting privacy policies from the world of ecommerce might provide some direction for egovernment and perhaps alleviate some of the inconsistencies that currently exist. Charles Bacaraisse (2003) notes that state and local governments are clearly looking for direction. He states that the problem egovernment faces is that “there is no state statute, no Supreme Court guidance” (Perlman, 2003, p. 36) regarding public access to data and the protection of privacy online. Compounding the issue is the fact that all citizens are currently subject to egovernment’s placing of their information online, whereas consumers voluntarily submit their information to ecommerce sites. In states such as New York and Maryland, citizens are not given the option to opt-out of having their tax assessment data placed online with their names and addresses.

Ecommerce sites and egovernment initiatives share many similarities. From convenience to cost savings, the technology behind both ecommerce and egovernment provides many features of which the public can take advantage. Unfortunately, some take advantage of egovernment information in ways that were not meant to be taken. Some of this behavior could be prevented if privacy policies are developed for the posting of citizens’ data online. Privacy policies are somewhat lacking, if not non-existent in egovernment. It is this difference that separates ecommerce for egovernment as it stands today. If egovernment is to see the acceptance that its older sibling ecommerce has seen, privacy must be given the proper attention it deserves.


References

Datz, Todd. (2003, May 1). A More Perfect Union. CIO Magazine. Retrieved September 30, 2003, from http://www.cio.com/archive/030103/union.html.

Fusaro, Roberta. (2000). Chief Privacy Officer. Harvard Business Review, 1-3.

Perlman, Ellen. (2003, September). Trust Busters. Governing, 16, 32-39.

Labels:


Read the complete text of this post

posted by The Voice at 10:41 PM 0 comments

An Alternative to Counting Lines of Code

Software has become integral to almost every facet of life. From computers to automobiles, software plays an important role. When such importance is placed on something such as a product, it is important to make the correct judgments when cost, schedule, and the deployment of resources are concerned. Such is the case with software development. In response to the constraints placed on software development by cost, schedule, and resources, system software metrics have been developed. Such techniques can be useful in the selection and rejection of projects by a business. Many techniques exist, two of which are counting lines of code and Function Point Analysis. Based on a literature review of the theory behind these two techniques, this paper presents an analysis of counting lines of code, its flaws, and why Function Point Analysis offers an alternative.

The Need For Accurate Estimates

To understand the need for accurate estimations, one can look to statistical data gathered on the success and failure rates of software development projects. In their 1999 PM article, “Curing the Software Requirements and cost Estimating Blues,” Major Mike Nelson, James Clark, and Martha Ann Spurlock indicate that a large number of software development projects were not accurately estimated. The results of the 1995 Standish Group survey of 8380 software applications indicate that only 16% of projects stayed on schedule without exceeding their budgets, while 31% were cancelled, and 52.7% were completed with schedule and budget overruns (Nelson et al., 1999). In addition, the average budget overrun was 189% and the average schedule overrun was 222% (Nelson et al., 1999). A survey of the completed projects showed that the developers had to reduce features and functionality to 61% of the original requirements just to meet their schedule (Nelson et al., 1999). From these statistics, it is clear that accurate cost and schedule estimates are needed to avoid these failures. While Nelson et al. does not indicate if the Standish Group recorded the estimation techniques used by those surveyed, or even if those in the survey practiced an estimation technique, the predominant technique employed at the time of the survey was counting lines of code (Ferens, 1998).

Counting Lines of Code

The technique of counting lines of code involves counting the number of compiled source code lines in a program to estimate the size, cost, and effort required (Nelson et al., 1999). According to Nelson et al. (1999), the flaws associated with this technique result in a dramatically high error rate, sometimes reaching 400% of the original estimates. Nelson et al. (1999) notes that the software development industry lacks a standard definition for the measurement of source lines of code. Ferens (1988) concurs and adds that there is a large discrepancy between organizations as to what types of code statements constitute source code. He notes that most estimations include executable lines of code, but some do not include statements such as comments, test data statements, and declarative statements (Ferens, 1988). Compounding this issue is the proliferation of programming languages, which can achieve the same execution with differing numbers of executable statements. Moreover, Sean Furey, in his 1997 IEEE Software article, “Why We Should Use Function Points,” states that object-oriented programming languages make estimation difficult because “applications or major pieces of applications can be created with virtually no countable lines of code” (p. 28). Finally, Nelson et al. (1999) notes that estimates are often produced prior to the determination of the programming language used on a project.

Function Point Analysis

The need to produce estimates prior to programming language selection is perhaps one of the reasons A.J. Albrecht developed the Function Point Analysis technique, which was released to the public in 1979 (Jones, 1999). Since then, several variations of Function Point Analysis have been developed. These include the Symons Mark II version and several revisions developed by the International Function Point Users Group (Furey, 1997).

Function Point Analysis “is a measure of software complexity derived from five attributes of a program” (Jones, 1999, p. 165). Function points are computed by calculating the number of inputs, outputs, inquiries, master files, and interfaces in a program. Under the Version 4.0 rules set by the International Function Point Users Group, the five attributes are assigned a numeric value, weighted according to their complexity, and then are summed. With the sum calculated, adjustments are then made to this value by comparing it to a set of pre-defined criteria. The end result enables managers, developers and even users to estimate the relative size of a program in terms of cost and effort, terms the business, not just developers, can understand (Jones, 1999).

Advantages of Function Point Analysis

Function Point Analysis allows program managers to accurately estimate software size in terms that the business can understand because function points are based on a logical understanding of the software rather than a physical, or line count, view. This enables managers to make informed choices about their software development more objectively (Furey, 1997).

Furey (1997) states that “Function points are technologically independent, consistent, repeatable, and help normalize data, enable comparisons, and set scope and client expectations” (p. 28). In fact, function points allow the focus to be placed on the required functionality of the users, and therefore, also measure the software requirements. As a result of having a basis grounded in functional requirements, function points have an advantage over counting lines of code, in that, function points can be counted earlier in the development process (Furey, 1997).

Perhaps the greatest advantage of Function Point Analysis is that this technique has been ratified as an international standard, embodied in the International Function Point Users Group (Furey, 1997). As such, Function Point Analysis has an established set of rules and is independent of any programming language or changes in languages (Nelson et al., 1999).

An Example of the Benefits of Function Point Analysis

Furey (1997) provides an example of how Function Point analysis can allow managers to make more accurate judgments. In his example, two teams each develop an application that contains the same level of functionality and features, with two different languages. The first team develops the application with COBOL, writes 4000 lines of code, and finishes after ten months of work. The second team develops their application in Smalltalk, writes 900 lines of code, and finishes in five months. Under the lines of code counting technique, the first team is considered to be more productive because they produced more lines of code. However, when Function Point Analysis is applied, the second team was more productive because they developed an application with equal functionality in only half the time (Furey, 1997).

Disadvantages of Function Point Analysis

Ironically, the greatest advantage of Function Point Analysis, can be, at times, its greatest disadvantage. Having an established set of rules is advantageous only when those rules are followed. Barbara Kitchenham (1997) elaborates on this in her 1997 IEEE Software article, “The Problem with Function Points.” She argues that there is a need to understand the limitations of Function Point Analysis. In her analysis, she limits her discussion to Albrecht’s rules and Symons Mark II, citing their respective popularity in the United States and the United Kingdom (Kitchenham, 1997).

Keeping in mind that she is only analyzing Albrecht’s and the Symons techniques, she states that problems can be encountered when using function point measurements as the basis for negotiations and contracts between organizations (Kitchenham, 1997). She cites Albrecht’s use of an ordinal scale of “simple, average, and complex,” rather than a numeric scale, noting that the ordinal scale is vague in its descriptions of systems (Kitchenham, 1997).

Regarding the Symons Mark II technique, she notes that individual function point counts are transformed into weighted counts. She feels that this introduces issues because it assumes that all counts are equivalent measures, when standard conversion factors for these counts do not exist. In addition, she feels that function point counting involves the judgment of the person performing the count, and subsequently introduces variances and discrepancies in counts conducted by different people (Kitchenham, 1997).
Discussion

Accurate software metrics are crucial to the goals of staying on budget and on schedule. Without accurate measurements, serious budget expenses can be incurred and product releases can be delayed. Such failures to deliver could have serious repercussions for those developing the software and those managing the projects.

The literature regarding software estimation reveals two prevalent issues. First, the software metric used by organizations must produce accurate measurements of size, cost, and schedule. The second issue involves industry-wide acceptance of a standard so that organizations can properly make comparisons using their estimations.

Measuring software by counting lines of code has been, and is some analysts’ estimation, will continue to be, the standard software metric. Unfortunately, there is little that can be considered standard about counting lines of code. In fact, the discrepancies are so great that there is little consensus on whether a comment is a line of code. Within an organization, these discrepancies may have little impact. Across the industry, however, the differences in estimation could have serious impacts on the development contracts between organizations.

In terms of estimation accuracy when compared to counting lines of code, it can be suggested from the literature that any Function Point Analysis technique has definite advantages, all of which provide the potential for more accurate estimations. Some empirical studies, such as those conducted by Kermerer, corroborate this suggestion (Kermerer, 1987). The advantages include technological and programming language independence, earlier estimation in the life cycle, and data normalization. In addition to these advantages, Function Point Analysis has the benefit of international standardization. This, however, only applies to the technique developed by the International Function Point Users Group. Albrecht’s original technique and the Symons Mark II technique are not internationally standardized and as such, places Function Point Analysis in a similar situation as the lines of code counting technique in terms of universal acceptance. The fact that Kitchenham neglects the International Function Point Users Group version of Function Point Analysis seemingly underscores this situation and points to the larger issue of a need for function point standardization.

Estimating software to determine cost, schedules, and effort is clearly an important activity for software developers and managers. Making the correct estimations can have serious impacts on a projects success or failure. The technique of counting lines of code does not appear to be providing organizations with the accurate estimates that they require, but by the same token, it would be unfair to characterize Function Point Analysis as the absolute solution to all problems. Even with its flaws, Function Point Analysis can, however, be a valuable alternative to the technique of counting lines of code.


References

Ferens, D. V. (1988). Software Size Estimation Techniques. Proceedings of the IEEE, 701-705.

Furey, S. (1997). Why We Should Use Function Points. IEEE Software, 28-30.

Jones, C. (1999). Software Sizing. IEE Review, 165-167.

Kermerer, C. (1987). An Empirical Validation of software Cost Estimation Models. Communications of the ACM, 416-429.

Kitchenham, B. (1997). The Problem With Function Points. IEEE Software, 29-31.

Nelson, M., Clark, J., & Spurlock, M. (1999). Curing the Software Requirements and Cost Estimation Blues. PM, 54-60.

Labels: ,


Read the complete text of this post

posted by The Voice at 10:34 PM 0 comments

Wednesday, August 1, 2007

The Demise of the Desktop?

Update: Since I originally wrote this paper in November 2006, Microsoft announced its "Surface," and Apple released the iPhone and announced "stacks" in the soon to be released Mac OS X Version 10.5 Leopard.

Metaphors in Computing

Recognizing, understanding, and remembering are essential parts of intelligence and metaphors may play a significant role is such tasks. In fact, Marx (1994) holds that metaphors have substantial explanatory power when it comes to learning and that “anything new must be learned by metaphorically extending existing knowledge” (p. 379). Leveraging the power of metaphors enables designers of interfaces to provide users with a “head start” as it pertains to learning a new interface (Marx, 1994, p. 379).

In general, two kinds of metaphors exist in user interfaces. These are individual metaphors and systemic/over-arching metaphors. Individual metaphors pertain to specific user interface controls, such as radio buttons. Systemic or over-arching metaphors allow for a thorough understanding of a system, such as that which is understood via the “desktop metaphor” for operating systems such as Windows and the Mac OS. (Marcus, 1998, p. 46).

The Desktop Metaphor

The desktop metaphor is the dominant metaphor used in today’s commercial operating systems. Popularized by Apple and then by Microsoft, it contains references to items in the modern office and building structures. These items and structures include the desktop, files, documents, folders, trash cans, and windows (Marcus, 1994, p. 13). According to Gozzi (2002), the desktop metaphor “asserts that the computer screen is like a real desktop” (p. 425).

It has been argued that the desktop metaphor has successfully allowed novice users to acquaint themselves with the computing environment. Its success can be attributed to the highly familiar concepts of the office and the similarity between the metaphor and the real world. In general, documents look and act like real documents (Madsen, 2000). Johnson et al. (1985) states that the desktop metaphor approach is “intended to facilitate one’s use of the system by making the manipulation of information in the system analogous to the manipulation of physical objects on a desktop” (p. 548). Ravasio et al. would concur. In fact, Ravasio et al. (2004) suggests that with the release of the Xerox Star in 1981, computers were finally understandable to non-expert users.

With its twenty-plus years of existence and its current status, once might argue that the desktop metaphor is the standard for a reason. In general, the desktop metaphor holds up well against Marcus’ criteria for successful metaphors in user interfaces. Marcus (1998) states that a metaphor should use concepts familiar to the user, prepare the user to transfer the content domain model into the user’s mental model, and increase the ease of learning, memorization, and use. Proponents of the desktop metaphor would argue that it does these reasonable well. Even critics of the desktop metaphor, such as Gentner and Nielson, seem to agree.

Shortcomings of the Desktop Metaphor

In The Anti-Mac Interface, Gentner and Nielson (1996) concede that they do not think the Macintosh interface, and to a greater extent, the desktop metaphor, are bad by any means. They do, however, offer many criticisms about the desktop metaphor. As will be seen, they are not alone in their assertions.

Hudson (2000) notes that the desktop metaphor is most often cited as the primary failure of metaphorical design. In Hudson’s opinion, one of its greatest features is also one of its most negative aspects. It is often found to be too restrictive and helpful only to new users (Hudson, 2000). Additionally, he describes some of the more confounding features by stating,
"I think the desktop metaphor on our computer screens has drifted too far from the original office domain. Microsoft Windows, for example, hides the in-tray and out-tray in an e-mail application, variously called Mail, Inbox, Outlook, or Outlook Express depending on the age and configuration of the system. The desktop is confusingly covered by wallpaper, and printing documents by dragging them to a printer does not work reliably. The Macintosh does not fare much better: it has the odd feature of allowing users to drag the floppy disk to the wastebasket (“Trash”) to eject the floppy. From the office domain it’s obvious that the effect of that action (if any) should be the same as discarding a document or folder" (p. 13).

Indeed, he raises some interesting points. Such examples, while seemingly trivial, might confuse the very users for which the system is intended to serve.

Gentner and Nielson (1996) take a much broader stance, claiming that the interface is stuck in a “WIMP (windows, icons, menus, pointer)” model (p. 70), offering little innovation. Madsen (2000) refers to the desktop metaphor as a “straitjacket” (p. 167), echoing Gentner and Nielson’s (1996) statement that the desktop metaphor only serves to cripple the interface “with irrelevant functions” (p. 72). Furthermore, Gentner and Nielson (1996) state that the desktop metaphor limits the designer’s ability to develop more powerful interfaces.

Gentner and Nielson (1996) acknowledge that the desktop metaphor’s intention is to save time by leveraging a user’s knowledge of the traditional office, much like the assertions of Hudson. They, however, feel that the desktop metaphor may hinder the productivity of the next generation of users who will grow up using computers and may have little knowledge of the office domain (1996). Gentner and Nielson (1996) recommend that new paradigms be developed “based on the structure of computer systems and the tasks users really have to perform” (p. 74).

Johnson et al. (1985) feels that the desktop metaphor “fails to recognize that user dexterity in manipulating simulated objects on a computer screen is not as high as it is in the physical world” (p. 548). In addition, he feels that users are handcuffed by trying to accomplish digital goals using the metaphor of the physical world (Johnson et al., 1985, p. 548). In other words, he feels that the computer’s functionality may be limited by attempting to perform the actions of the physical world due to the imposition of the desktop metaphor (Johnson et al., 1985).

Attempts at Enhancing the Desktop Metaphor

In “Not a Desktop, Not a Metaphor,” Gozzi (2002) suggests that the desktop metaphor is not a metaphor for our desks at all. In addition to pointing out that real desks “lack window close boxes,” he says that his “real desk is much messier” than what can be found on his computer desktop and that “the computer screen has nothing like ‘an intuitive pile of stuff’ on it” (Gozzi, 2002, p. 426). While such a literal comparison may be true today, attempts are being made to enhance the typical desktop metaphor with features such as “piles” and task-based functionality.

Ravasio et al. (2004) points out that researchers such as Malone have been studying the electronic office for many years. Research from the early 1980s suggests that there are two fundamentally different styles of filing. The two styles are that of neatly organized file folders and piles (Ravasio et al., 2004). Mander and Rose included piles in their systems designs in 1993, focusing on the idea of casual desktop organization (Ravasio et al. 2004). Mander et al. discovered that people preferred piles because piles did not require “detailed categorization” and information “could be more easily reordered” than it could be with a “folder and file system” (Mander, 1992, p. 628). In addition, “seemingly disordered piles were often sensible to the person who created them” (Mander, 1992, p. 628).

Agarawala and Balakrishnan (2006) are exploring adding physics simulation to virtual desktops in combination with “piling instead of filing as the fundamental organizational structure” (p. 1283). The goal is to mimic the information, feel, and visual clues provided by the spatial information on a real desktop (i.e. proximity indicates urgency). Their BumpTop prototype “presents users with a 2 _D view onto a planar desktop surface tilted 25 degrees” (Agarawala & Balakrishnan, 2006, p. 1285). Users can pile documents and other items on this surface. While their research is ongoing, it has been discovered that piles do not scale well once they become large (Agarawala & Balakrishnan, 2006).

Other research efforts have focused on task-based enhancements to the desktop metaphor. The “activity theory” has “resulted in task-centered approaches” (Ravasio, 2004. p. 161). The impetus for this approach stems from the assertion that “the desktop metaphor has inadequate support for task switching” (Robertson et al., 2000, p. 495). According to Bomsdorf and Szwillus (1998), “knowing the user’s tasks enables the designer to construct user interfaces reflecting the tasks’ properties” (p. 201). In their “Task Gallery,” Robertson et al. have designed a “window manager that uses interactive 3D graphics to provide direct support for task management and document comparison” (p. 494). In this enhancement to the desktop metaphor, users’ tasks are hung on walls much like an art gallery. Tasks are defined as a “collection of documents and applications organized around a particular user activity” and task management takes into account “creating, locating, and bringing tasks into focus” (p. 494). Their design attempts to use human spatial memory capabilities by relying on the location of tasks on the gallery walls (Robertson et al., 2000).

Gentner and Nielson (1996), however, have a distinctly pointed view about these new attempts at revitalizing the desktop metaphor. They feel that interfaces that try to emulate virtual reality in a 2D space introduce “clunky interactions” (p. 72). In addition, they find these interfaces to be “navigationally cumbersome” and “interactionally cumbersome” (p. 72). They suggest developing “new interface paradigms based on the structure of computer systems and the tasks users really have to perform” (p. 74). According to Marcus (2002), analysts such as David Gelerntner, Don Norman, and George Robertson “are calling for the end of the desktop metaphor” (p. 8). In Gozzi’s (2002) words, “the desktop metaphor is apparently on its way out” (p. 427).

Tangible Interfaces

If the desktop metaphor is on its way out, it must be replaced by something else. Marcus (1994) states that future interface designs need to strike a balance between mental models, presentation, interactions, metaphors, and navigation. With Gentner and Nielson recommending new paradigms and computer systems based on tasks and with the observations about spatiality and piles, it seems that tangible user interfaces may be the solution.

Fitzmaurice et al. are credited with distinguishing tangible user interfaces from all others when they coined the term “graspable user interfaces” (Sharlin et al., 2004, p. 338). Ishii and Ullmer are credited with coining the term “tangible user interfaces” and define them as “devices that give physical form to digital information, employing physical artifacts as representations and controls of the computational data” (Sharlin et al., 2004, p. 338). Although in their infancy, these interfaces may be the answer to providing highly functional, intuitive computing environments (Svanaes and Verplank, 2000).

Svanaes and Verplank (2000) feel that it is now time to “go beyond the GUI interface” (p. 121). They define tangible user interfaces as “systems that allow for the user to interact with the computer through physical objects (other than mouse and keyboard)” (p. 121). They provide Durrell Bishop’s Marble Answering Machine as an example, where the manipulation of marbles manipulates phone messages (p. 122).

Ishii and Ullmer’s (1997) research is attempting to make digital information tangible as well. Their designs include interactive surfaces (walls, desktops, ceilings, windows, and doors), coupled bits and atoms, and ambient media. Their goal is to turn “everyday architectural spaces into ‘interfaces’ between people and information” (p. 235). The design calls for “allowing users to ‘grasp and manipulate’ foreground bits by coupling bits with physical objects, and enabling users to be aware of background bits at the periphery using ambient media in an augmented space” (p. 235). As an example, they provide the “Clearboard,” which integrates the ability to draw on a wall with distributed computing. This “active surface” allows a person across distances to interact with another person. Other examples that use this technology include the metaDESK, transBOARD, and ambientROOM, all which seem to have enormous potential.

In “A Taxonomy for and Analysis of Tangible Interfaces,” Fishkin (2004) discusses the role metaphor can play in tangible user interfaces. He states, "We believe that metaphor is particularly appropriate for TUIs, as opposed to other interfaces, due precisely to their physical tangibility. Once parts of an interface are made physically tangible, a whole realm of physically afforded metaphors becomes available. A designer can use the shape, the size, the color, the weight, the smell, and the texture of the object to invoke any number of metaphorical links. Mithen [40] argues that ‘‘the most powerful [metaphors] are those which cross domain boundaries, such as by associating a living entity with something that is inert or an idea with something that is tangible.’’ Tangible interfaces, which can have exactly these properties, therefore, have this potential" (p. 349).

Indeed, it is conceivable that the power of metaphor can extend beyond the desktop interface into the realm of tangible interfaces and affect them in much the same way.

Discussion

One concept seems to permeate the whole of the research is the physical desktop’s influence on our designs. At first, this notion may seem to be a given; an obvious statement. The fact is, however, that our computing designs have largely been influenced by the way we worked prior to the advent of computers. It seems natural to transfer the sum of our experiences in the analog environment to the digital environment via the desktop metaphor. Granted, the desktop metaphor as implemented today may be flawed. Perhaps a little fine-tuning or enhancement is in order. While the actual implementation may change, the idea of the desktop seems to remain an integral part of way we use computers. The research has shown that humans naturally think metaphorically, and we have defined our work structure in such a way.

Perhaps those conducting the research are correct. Perhaps it is time to eschew the desktop metaphor. Perhaps it is time for the augmented desktop. At first glance, it seems that a desktop augmented with digital capabilities and computational power would be of great benefit to humanity. Indeed, it has much potential. Research into the desktop metaphor seems to be converging in this direction. Alignment of human skills and computing power appears to be the goal. Tangible interfaces seem to hold the key.

In a tangible computing world, Johnson would have users manipulating data with great dexterity, Gozzi’s physical desktop would actually be a messy computer screen, and piles of digital documents would serve as the normal filing strategy. Perhaps in the future, we’ll look back at the history of the desktop metaphor and reminisce about the progression from physical desks, to computer desktop interfaces, to digital desks. Does the physical desktop hold this much influence over our designs? Perhaps it does.

It seems that after twenty years, the desktop metaphor has aged well. While it may not be perfect for everyone, it has certainly been a functional tool that has served the majority of personal computer users well. Whatever its fate, the desktop metaphor has played an integral role in the advancement, development, and shaping of personal computers and computer users alike. Its influence will continue to pervade our understanding of computers for years to come.

References

Agarawala, Anand & Balakrishnan, Ravin. (2006). Keepin’ It Real: Pushing the Desktop
Metaphor with Physics, Piles and the Pen. Proceedings of the SIGCHI conference on
Human Factors in computing systems CHI '06, 1283-1292.

Bomsdorf, Birgit & Szwillus, Gerd. (1998). From Task to Dialogue: Task-Based User Interface
Design. Conference on Human Factors in Computing Systems, 201.

Fishkin, Kenneth P. (2004). A Taxonomy for and Analysis of Tangible Interfaces. Personal
and Ubiquitous Computing, 8, 5, 347-358.

Gentner, Don & Nielson, Jakob. (1996). The Anti-Mac Interface. Communications of the ACM,
39, 8, 70-82.

Gozzi, Raymond, Jr. (2002). Not a Desktop, Not a Metaphor. ETC: A Review of General
Semantics, 59,4, 425-428.

Hudson, William. (2000). Metaphor: A Double-Edged Sword. Interactions, 7, 3, 11-15.

Ishii, Hiroshi & Ullmer Brygg. (1997). Tangible Bits: Towards Seamless Interfaces Between
People, Bits, and Atoms. Conference on Human Factors in Computing Systems, 234-241.
Johnson, Jeff A., Smith, David C., Ludolph, Frank E., Irby, Charles H. (1985). The Desktop
Metaphor as an Approach to User Interface Design. Proceedings of the 1985 ACM
Annual Conference on The Range of Computing, 548-549.

Madsen, Kim H. (2000). Magic By Metaphors. Designing Augmented Reality Environments,
167-169.

Mander, Richard, Salomon, Gitta, Wong, Yin Yin. (1992). A ‘Pile’ Metaphor for Supporting
Casual Organization of Information. Conference on Human Factors in Computing Systems, 627-634.

Marcus, Aaron. (1994). Managing Metaphors for Advanced User Interfaces. Proceedings of the
Workshop on Advanced Visual Interfaces, 12-18.

Marcus, Aaron. (2002). Metaphors and User Interfaces in the 21st Century. Interactions, 9, 2, 7-
10.

Marcus, Aaron. (1998). Metaphor Design in User Interfaces. Journal of Computer
Documentation, 22, 2, 43-57.

Marx, Adam N. (1994). Using Metaphor Effectively in User Design. Conference on Human
Factors in Computing Systems, 379-380.

Ravasio, Pamela, Schar, Sissel Guttormsen, Krueger, Helmut. (2004). In Pursuit of Desktop
Evolution: User Problems and Practices with Modern Desktop Systems. ACM Transactions on Computer-Human Interaction, 11, 2, 156-180.

Robertson, George, van Dantzich, Maarten, Robbins, Daniel, Czerwinski, Mary, Hinckley, Ken,
Risden, Kirsten, et al. (2000). The Task Gallery: A 3D Window Manager. Conference on Human Factors in Computing Systems, 494- 501.

Sharlin, Ehud, Watson, Benjamin, Kitamura, Yoshifumi, Kishino, Fumio, Itoh, Yuichi. (2004).
On Tangible User Interfaces, Humans, and Spatiality. Personal and Ubiquitous Computing, 8, 5, 338 – 346.

Svanaes, Dag & Verplank, William. (2000). In Search of Metaphors for Tangible User
Interfaces. Designing Augmented Reality Environments, 121-129.

Labels: ,


Read the complete text of this post

posted by The Voice at 10:16 PM 0 comments

Wednesday, July 25, 2007

Precluding the Centralization Versus Decentralization Argument

In an industry where productivity is often measured by cpu cycles, a different sort of cycle has emerged, one which is defined by the vacillation between centralization and decentralization. This vacillation, or cycling, back and forth has caused some industry analysts to propose a middle ground, one that seeks to provide a balance of the best of both centralization and decentralization. While achieving such a balance is seemingly possible, it requires strong leadership at the top of the organization and ultimately requires the ability to align business goals with the information technology function.

In his 1990 article, “The ‘Centrally Decentralized’ IS Organization,” Ernest M. von Simpson makes the case for a hybrid model that incorporates the best of both the centralized model and the decentralized model. Speaking largely from the perspective of a period of decentralization, von Simpson (1990) states that decentralization successfully “minimized turf battles over budget allocations and ensured closer connections to users – but too often with the results of creating a rudderless IS staff” (p. 3). In an effort to provide the staff with some direction, he argues that an organization should centralize its information technology functions, while still allowing business units to maintain their flexibility provided by the decentralized model (von Simpson, 1990). Centralizing the information technology functions would enable an organization to take advantage of lower licensing fees, volume discounts, and increased support options while providing structure to companywide efforts such as managing the network infrastructure, staff training and recruitment, and standard establishment (von Simpson, 1990). To achieve this sort of structure, von Simpson (1990) argues that an organization must operate in a bidirectional fashion regarding the interaction between the corporate community and the information technology community.

This sort of bidirectional interaction appears thirteen years later, when Barbara T. Bauer essentially argues the same points as von Simpson in her article “Is a Centralized or Decentralized IT Organization Better?” She describes a movement toward centralization, which was brought on by the need for Year 2000 conversions and the emergence of “new network and database technologies” that required “centralized IT organizations for development and operation” (Bauer, 2003). Acknowledging that these arguments have been made in the past, Bauer indicates that the same issues von Simpson highlighted still remain and are now accompanied by the addition of business’ almost total reliance on information technology (2003). In addition, the effective use of information technology has become a “life or death matter” in her opinion (Bauer, 2003).

Bauer highlights the major advantages and disadvantages of each model before proposing her hybrid/federated model. Specifically, she states that the benefits of centralization are in software and hardware procurement, redundancy elimination, and resource integration (Bauer, 2003). The disadvantages are the inability to be responsive to users and the perception of information technology as a huge cost center to the business (Bauer, 2003). Regarding decentralization, she states that ease of integrating various systems using the client/server model and the ability to respond rapidly to change are advantages. The disadvantages are higher operating cost due to redundancy, a lack of unified presence, and the lack of a single point of accountability (Bauer, 2003).

In her hybrid model, “functions that require consistency across the entire company are centralized” (Bauer, 2003). These functions include procurement, operations, architecture, standards and processes, and ERP application development. Unique applications, however, are left to each business unit, as well as unit specific service level agreements, resources, and strategies (Bauer, 2003). In essence, business units maintain “budget control over the decentralized functions” (Bauer, 2003) and technical resources remain the responsibility of the centralized organization.

Bauer’s arguments for the hybrid/federated model are very similar to those of von Simpson, perhaps speaking ironically to the cyclical nature of the centralization versus decentralization argument itself. Notable, however, is the way Bauer branches off her argument into a discussion of alignment by stating, "The corresponding challenge, and possible disadvantage to a federated model, is that it requires strong, collaborative leadership in both headquarters and individual business units. The CIO, in particular, must be an executive who can lead a complex technical organization as well as understand the business needs and strategy of each business unit. It also requires effective strategy, planning and resource allocation processes in the company so that centralized resources continue to meet the needs of specific business activities" (2003).

Indeed, this task is quite daunting, but it is exactly one of the skills that define successful leadership by the CIO and other executive level leaders. As Ben Worthen (2003) notes, tradition places information technology and business units on different pages. It therefore becomes necessary for the CIO to practice alignment, which is the art of anticipating business needs and translating them into successful information technology systems (Worthen, 2003). While numerous alignment techniques exist, the importance of the goal remains the same. The coordination between the information technology staff and the business units is paramount, and is perhaps the most important function of executive leadership.

Worthen (2003) states that the seemingly difficult task of executive leadership can be accomplished and illustrates it with two examples. The first example details the business “playbook” developed by Christine Modie, CIO of the Massachusetts Mutual Fund Financial Group. She developed this playbook by interviewing users, assessing their business needs, and prioritizing them as a series of goals for the year. Implementing the initiatives of the playbook saved the company 12.6 million in one year alone and her information technology group became more aware of the business as a result (Worthen, 2003). In addition, by saving money, the idea of information technology as a cost center was reduced and the credibility of her group increased in the eyes of the business (Worthen, 2003).

Worthen’s second example details Sheleen Quish’s “rankings game,” which she developed for U.S. Can. The goal of the rankings games was to “mesh the corporate goals with divisional goals” (Worthen, 2003). Using a series of rankings, corporate goals and divisional goals are mapped out and prioritized. Once the priorities are established, each goal is labeled as a “must-do, should-do, or a nice-to-do” (Worthen, 2003). In the end, the goal is to ensure that the information technology staff and the company’s business units see “eye-to-eye” (Worthen, 2003). Seeing eye-to-eye is exactly Bauer’s point regarding the hybrid/federated model’s capability to allow centralized resources to meet business needs in a decentralized environment. From Worthen’s examples, one can see that the CIO must play an integral role in bringing together both the information technology staff and the business units, whether thorough interviewing techniques, prioritization activities, or other alignment procedures.

Such examples illustrate that alignment procedures are not limited to the hybrid/federated model. While Bauer places this extra responsibility on the CIO only in the hybrid/federated model, one could argue the conceivability of these techniques in any organizational structure. Alignment, then, becomes the issue, and the centralization versus decentralization argument is seemingly precluded. In fact, applying the alignment techniques could aid in overcoming the disadvantages of the other models. Worthen’s examples illustrate these applications. For example, responsiveness and cost were labeled as disadvantages of the centralized model. If a CIO in a centralized environment were to incorporate the techniques Modie developed, these issues could be alleviated to some degree, due to the heightened awareness that results from interaction with the users.

Alignment techniques have implications for the decentralized model as well. For example, redundancy, accountability, and a lack of a unified presence were labeled as disadvantages. Quish successfully addressed these issues in her rankings analysis by requiring that every submitted project include an ROI figure, and a statement of how the project increases revenue, reduces cost, improves customer service, or stabilizes the work environment. In order for the project to proceed, it must have buy-in from everyone. In fact, her largest goal was to eliminate the “everyone-for-himself affair” (Worthen, 2003) that largely characterized the yearly allocation of information technology projects.

While the debate about centralized and decentralized models may continue to cycle for years to come, these examples indicate that alignment strategies can mitigate their respective disadvantages and bring them closer to the balance sought by the hybrid/federated model. Perhaps it is the nature of the information technology industry and the ever-changing technologies involved are the cause for such cycling between models. In any event, The importance of the executive leadership’s ability to align resources with business goals will remain the key to successfully implementing information technology in an effort to advance the company’s future.


References

Bauer, Barbara T. (2003, October). Is a Centralized or Decentralized IT Organization Better? Darwin. Retrieved October 28, 2003, from http://www.darwinmag.com/read/100103/question54.html

von Simpson, Ernest M. (1990). The ‘Centrally Decentralized’ IS Organization. Harvard Business Review, 1-6.

Worthen, Ben. (2003, April). Line Up the Team. Retrieved October 29, 2003, from
http://www.cio.com/archive/040103/hs_team.html

Labels:


Read the complete text of this post

posted by The Voice at 2:34 PM 0 comments

Friday, June 15, 2007

Leveraging More Than Just Information Technology

In the May 2003 issue of the Harvard Business Review, Nicholas G. Carr artfully grabs one’s attention with the deceptively titled piece “IT Doesn’t Matter.” While a clever play on the word “it,” Carr focuses less on the issue of whether information technology matters, and instead seeks to convey his opinion on the strategic value of readily available information technology. Breaking down his multi-faceted article into its parts reveals a flawed argument with financial advice of mixed value.

Carr’s flawed argument begins with his somewhat limited view of information technology. He defines it as “the technologies used for processing, storing, and transporting information in digital form” (Carr, 2003, p. 12). As such, Carr quickly sets up his analysis by depicting information technology as a modern day form of infrastructure technology. Placing information technology in the same class as the steam engine, railroad, and telephone, Carr’s analysis centers on the commoditization of information technology. Carr feels that the ubiquity of information technology has transformed its role into that of a commodity input for business. As a commodity, Carr (2003) believes that it can no longer serve as a competitive advantage once it has become standardized and universally available to the masses.

I disagree with the core elements of Carr’s argument on the basis that information technology is not merely about infrastructure. Neither is it just about the storage and transmission of data. Instead, when information technology is viewed outside of merely an infrastructure role, it has infinite potential to transform business. New applications are being developed daily that create new strategies and capabilities. Brown and Hagel (2003) concur, believing that information technology can create new and fresh possibilities that were previously economically non-existent. Organizations seeking competitive advantages over rivals and strategic differentiation need not look at information technology for the answer, but to the possibilities it enables.

These possibilities can only be enabled by perhaps the most crucial element of information technology that Carr ignores. This element, which one may call “The Human Element” of information technology is essential to creating competitive advantage. To answer the question posed by the title of Carr’s article, “Yes, IT does matter,” but only to the extent that it is put to use by skilled people. Only then can it provide strategic advantage. As Broadbent, McDonald, and Hunter (2003) put it, “The source of competitive advantage shifted from simply having a computer to knowing how to use it. (p. 10)”

Understanding the human element of information technology is exactly the point Mark S. Lewis (2003) makes when he states, IT is a tool that automates and facilitates activities that otherwise would be done manually. Strategic advantage comes from how we apply IT, the unique and differentiating ways in which we marry information technologies with our intellectual capital (p. 12).

Intellectual capital seems paramount to his view. This is illustrated by his bold statement that information technology, as a source of strategic advantage, never really mattered (Lewis, 2003). Brown and Hagel (2003), who accept Carr’s notion that information technology may become ubiquitous note that skilled professionals are not so ubiquitous. Gurbaxani (2003), in addition, implies that competitive advantage was never derived from a scarcity of technology, but rather, it was people with skill sets who created value with information technology.

Creating such value requires determination to continue innovation and to take technology to new levels. Carr, however, believes that technology has reached its peak and nothing more is attainable. He states that the information technology industry is reaching the end of its “buildout” phase and that the window of opportunity to capitalize on technology is gone (Carr, 2003). Citing such trends and events as vendors changing their business models and the bursting of the investment bubble, Carr (2003) paints a scene depicting the end of information technology-prompted industry transformations. In Carr’s limited infrastructure view of information technology, this may be an accurate assessment, but on the grander stage that Carr conveniently ignores, this notion is mistaken. This is the second major flaw in Carr’s view. Industry experts such as Paul A. Strassman, Executive Advisor to NASA, agree. Strassman (2003) states that this notion is “hubris” (pp. 8-9). Information technology is not limited by physical boundaries and constraints such as those that eventually curtailed the spread of infrastructure such as the railroad system. Mark S. Lewis (2003) concurs, noting that information technology differs from electricity, which remains relatively unchanged since it was harnessed. In contrast, the potential for information technology is vast. To put this into perspective, one only needs to choose any point in history, declare that society has reached its technological peak, and then advance to any arbitrary time in the future. Six months, one year, or perhaps an entire decade of innovation reveals the nearsightedness of Carr’s view.

Ironically, Carr (2003) uses the term “myopic” in his explanations (p. 7). Carr’s nearsighted view of information technology as merely a form of infrastructure to be consumed like electricity or water limits his understanding of the value of information technology to an organization. Carr uses the aforementioned points about infrastructure and the peak of technology as support for his views on investment strategy. As the third major flaw in his argument, Carr seems to suggest that organizations devote only the minimum amount of resources, budget or otherwise, to information technology as necessary for the business to function. He even advocates “delaying IT investments” as a “powerful way” of cutting an organization’s costs (Carr, 2003, p. 12). Information technology, however, has a history of breaking through barriers and achieving the unthinkable in record time. When some technologies do become commodities, license is not given to dramatically under fund them, as Carr might suggest. In effect, the cost of these technologies becomes the cost of operating one’s business. Carr (2003) acknowledges this. Yet he fails to see that these technologies become requirements for building platforms that support the research and development of new technologies.

As a case-in-point, Carr (2003) rightfully recognizes that FedEx gained an advantage over its competition by innovating with information technology. FedEx was the first with a package tracking system. Its competitors, however, soon responded with similar and perhaps more advanced systems. One might suggest that Carr would view package tracking technology as commoditized since FedEx, the USPS, Airborne Express, DHL, and the United Parcel Service all have some form of this technology. FedEx no longer had a competitive advantage in this area and had it subscribed to Carr’s views, FedEx may not be exploring wireless technologies and their impact on package tracking today. In much the same manner, the United Parcel Service continues to innovate. The United Parcel Service is leveraging technologies such as wireless, Bluetooth, and GPRS to add value to its package tracking system (Farber, 2003). These capabilities provide real-time data transmission and features that were not available at the time when package tracking was “commoditized.” Much like FedEx, had the United Parcel Service chosen to cut costs, innovation would have suffered. In other words, Carr’s cost cutting at the expense of innovation effectively cripples an organization, potentially limiting future advances.

To be fair, Carr raises several important industry observations. Overspending on information technology is indeed a great risk. Managers must make intelligent business decisions so that funds are not wasted and are instead directed toward promising technologies. Similarly, resource waste is a growing problem. The plummeting cost of commoditized information technology only facilitates this wasteful activity. Finally, Carr (2003) accurately notes that vendor strategies often spur across-the-board upgrades. Currently this is accepted by the industry with virtually no change in sight.

Nicholas G. Carr suggests that information technology investment is less valuable today than it was during its initial buildout phase. Once commoditized, it can no longer be a source of strategic advantage in his view. However, if one looks beyond Carr’s view, one sees information technology is an enabler of potential. This potential, however, requires skills and intelligent business decisions. Broadbent, McDonald, and Hunter (2003) have it half-right when they say “it’s not about the box; it’s about what’s inside the box” (p. 10). Let us not forget the other half that creates strategic advantage, the person operating the box.


References

Alter, Steven, Broadbent, Marianne, McDonald, Mark & Hunter, Richard, Brown, John Seely & Hagel III, John, Carr, Nicholas G., Gurbaxani, Vijay, Hyatt, Cathy, et al. (2003). Does IT Matter? An HBR Debate. [Letters to the Editor]. Harvard Business Review, 1-17.

Carr, Nicholas G. (2003). IT Doesn’t Matter. Harvard Business Review, 5-12.

Farber, Dan. (2003, April 25). UPS Takes Wireless To The Next Level. ZDNet. Retrieved September 8, 2003, from http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2913461,00.html

Labels:


Read the complete text of this post

posted by The Voice at 1:57 PM 0 comments

Saturday, May 20, 2000

Firewalls for Home Use

The growth of the Internet and the available services has created an exciting era in the information technology industry. During this time, both corporate networks and home users have become more Internet savvy. There has, however, been a vast gap that existed between the speed of the access at work and the speed available to home users. Coupled with the fact that these same users have grown accustomed to the speeds available at work, the demand for high-speed home access has grown dramatically. As a result, several high-speed home Internet access options have been developed. Two of the most popular, Cable modems and DSL modems, now offer the speeds equal to or sometimes better than those found on corporate networks. Both of these services provide the benefits of speed, but along with those benefits come the same drawbacks network administrators have faced for years: the need for heightened security.

One of the realities of having high-speed Internet access is the fact that the connections are essentially network connections. These connections, much like those of corporate LANs, are vulnerable to a variety of attacks. Within these connections are two inherent weaknesses that can be exploited by malicious hackers. The first is the operating system security. The vast majority of home users purchasing high-speed access are running Microsoft operating systems. Security issues have plagued these operating systems since the days of DOS (Parnell 137). Windows 9x incarnations have limited security that can easily be bypassed and Windows NT/2000, although largely secure, still suffers from an occasional security breach (Parnell 138).

The second issue of concern with these high-speed connections is their “always on” nature. Due to this nature, experienced hackers may be able to gain access to financial records, personal information, and the like.

To solve this these problems, high-speed Internet access purchasers should highly consider purchasing one of the firewall products being offered by the various networking vendors. These vendors have begun to target the security needs of Cable/DSL users by producing both software and hardware firewalls. These home-use firewalls perform essentially the same functions as their corporate counterparts. Although the kinds of services vary by vendor, their primary goal remains the same. They all function to keep intruders out.

To gain a better understanding of how these relatively new home-use firewalls function, one can look at how the tried and true implementations function in corporate networks. “Firewall” is used commonly as a term describing any of the various methods and devices for protecting one’s network from outside intrusion. In fact, the term is often extended to describe any network security device, such as a hardware encryption device, a screening router, or an application-level gateway (Siyan 274). The traditional definition of a firewall, however, as defined by the ICSA, is a “system or group of systems that enforces an access control policy between two networks” (Greenstein 268). Such systems, according to the ICSA definition, must be immune to penetration, allow only authorized traffic to pass through the network, and must be positioned in the network so that all traffic from inside or outside the network passes through it (Greenstein 268). Generally, firewalls are placed between the internal trusted network and the external untrusted network (Siyan 274).

This type of firewall usually falls into one of four designs. The first, router-based firewalls, is the simplest form. These firewalls are incorporated into routers that sit between the Internet and the network they are designed to protect. They act as the only gateway between the two networks. Similarly, an operating system can be loaded up with firewall software and also sit between the Internet and the network (Parnell 143).

The second type is called a dual-homed host. This is a computer with two network interfaces. One interface reaches out to the Internet and the other reaches out to the LAN. All traffic passes through the dual-homed host and all connectivity is proxied (Parnell 143).

A third type is called a bastion host. The bastion host approach employs a screening router as the only entry point to the Internet. This router is backed up by the Bastion host, which provides the needed services for the LAN (Parnell 144).

The final type is to employ multiple routers, with each router becoming progressively more complex and secure (Parnell 144).

There are two different approaches to setting up a firewall. The first approach involves programming an in-house firewall that meets the specific needs of the network. While this can be a very effective approach, it involves many hours of programming and is expensive. However, it is also very attractive because it is a custom solution that can be integrated effectively into the network (Siyan 274). The second approach involves purchasing a product from a vendor and then configuring it to match the network security policy (Siyan 274). While both approaches are effective, most organizations by “off the shelf” products as a way of expediting the process of securing the network. This is also the most effective approach for home users interested in firewall protection.

Firewalls can be divided into two different types based on functionality. The first type is considered static. Static firewalls either permit all traffic except that which is specifically blocked (default permit) or they deny all traffic except that which is specifically allowed (default deny). Default deny is usually held to be more secure (Greenstein 270).

The second type of firewall is considered dynamic. These firewalls are more fluid in the ways they manage configuration. They allow both denial and permission of any service according to established rules (Greenstein 271).

Firewalls are designed to operate at the highest levels of the OSI model, thus giving them complete information about the types of data flowing through the network. The main objective of any firewall is to protect one network from another network, preventing unauthorized users from accessing the network and allowing legitimate users to access the network (Siyan 274). However, depending on the vendor, many other functions are available. Most firewalls are constructed with a variety of functionalities. These functionalities include packet filtering, network address translation, application-level proxies, stateful inspection, virtual private networking, and real-time monitoring (Greenstein 272).

The most crucial of all of the firewall capabilities is the ability to filter packets, which is the process of examining every packet and passing it along to its recipient or discarding the packet if it is unauthorized (Greenstein 274). Packets can be filtered based on their inbound and outbound status, source IP address, destination IP address, TCP type, and by port number (Parnell 142).

Another important function of firewalls is network address translation. Network address translation lets the network administrator assign IP addresses from a different subnet to the LAN used for the firewall itself. Network address translation was originally conceived as a way to get around the IP address shortage, but it has found its way into firewall technology as a way of making the internal network theoretically invisible to the outside world, using IP addresses that cannot be used on the Internet (Parnell 142).

Maintaining control over network services is another important feature offered by some firewall products. Firewalls that include Application Level Proxies substitute normal network services by allowing the firewall to provide the service (Greenstein 275). The proxies run services on behalf of the network’s client machines that could be potentially damaging to the network if used maliciously. All requests are forwarded back and forth from the proxy to the clients, providing some degree of control of the services (Parnell 142).

Other firewall services include stateful inspection, whereby the firewall verifies whether packets are authorized by checking a rulebase (Greenstein 278). Still others include Virtual Private Networking. Some firewall vendors incorporate this capability, allowing the creation of secure private “tunnels” on public networks, such as the Internet (Greenstein 279).

Finally, the ability to monitor a firewall in real-time is crucial to staying on top of the status of the network. Many firewalls feature paging and notification services as well as logging capabilities that allow network administrators to keep track of activity (Parnell 142).

All of these capabilities server to protect the network from a variety of attacks. These include TCP hijacking, IP spoofing, and network sniffing (Greenstein 269). The most common, and simplest is taking advantage of weak or default passwords (Parnell 140). A second and popular kind of attack today is the Denial of Service attack. These attacks simply overload the servers with requests until the servers crash. Attacks such as SYN flooding take advantage of a weakness in the TCP three-way handshake, rendering servers inoperable. Other similar attacks include DNS attacks and the Solaris “suicide ping.” Even more complex attacks involve exploiting network operating system holes (Parnell 141).

Most of these attacks are limited to large corporate LANs. However, as the line blurs between home networks with high-speed access and corporate LANs, the threat of attacks in increasing for home users. Since Cable and DSL users are part of larger LANs, they face threats similar to those faced by large corporate LANs. Currently, the most common attack on home users is the Trojan horse attack.

A Trojan horse attack begins by placing the Trojan horse on a user’s machine. Usually, these programs are downloaded unknowingly as disguised programs through newsgroup postings and email attachments, or by hackers exploiting Microsoft’s File and Printer sharing. Once the file is on the user’s computer, a hacker can attempt to perform malicious acts. A typical and frequently used attack is the Sub-Seven attack. It is a remote access Trojan that contains many so-called “tricks” that allow hackers to post messages and sniff passwords from a user’s computer. Sub-Seven attacks can use AOL Instant Messenger, ICQ, and Yahoo Instant Messenger to perform these acts. Hackers can also speak through the user’s soundcard and speaker and view the content of the victim’s screen using Sub-Seven attacks (Graham).

Realizing the increasing need for security on home computers, several larger vendors who produce enterprise networking solutions, have begun to produce similar solutions for home use. These options include both software and hardware based firewalls.

Several software firewalls have been developed for home use. Symantec’s Norton Internet Security 2000 and Network ICE’s Black ICE Defender are two such products. Both feature a rule-based firewall that runs in the background protecting the user’s PC while connected to the Internet. Both protect against hackers, unauthorized intrusions, and attempts at discovering personal information such as passwords, financial information, and other sensitive data (Symantec, Network ICE). This type of protection is becoming increasingly important, as indicated by Intel’s investment in Network ICE. Intel has also begun to bundle Black Ice Defender with its DSL modems (Intel).

For those home users who prefer hardware based solutions, several network hardware providers have begun to include firewall technology into their hubs and switches. These vendors are targeting home users wishing to connect several PCs and create a network, as well as those who wish to employ firewall protection. The vendors currently offering Cable/DSL firewall devices include Linksys, Netopia, Macsense, NetGear, Cayman, WebRamp, and UMAX. Each of the offerings from these vendors feature similar functionality, but the Linksys is set apart due to its switching capability (Linksys). This market is just beginning to develop, but there are already several available products boasting impressive home networking features as well as incorporating firewall protection. Some of the features included in these products are the ability to create a home network using a Cable/DSL link, virtual private networking capabilities, DHCP serving, IP filters, and real-time monitoring.

With the birth of high-speed Internet connections for the home, the world of personal computing is becoming less personal and more connected. With malicious intent, the personal aspect of computing is compromised, resulting in security breaches. Several options are available to home users who wish to enjoy the benefits of high-speed and still keep their information safe.



Works Cited

Graham, Robert. “FAQ: Firewall Forensics.” RobetGraham. 2000.

Greenstein, Marilyn; Feinman, Todd. Electronic Commerce. Massachusetts: Irwin McGraw-Hill, 2000.

Parnell, Tere; Null, Christopher. Network Administrator’s Reference. California: Osborne, 1999

Siyan, Karanjit. Internet Firewalls and Network Security. Indiana: New riders Publishing, 1995.

“BlackICE Defender.” Network ICE. 2000. http://www.networkice.com/Products/BlackICE/blackice%20defender.htm

“Cable/DSL Router Peer Matrix.” Linksys. 2000. http://www.linksys.com/pdf/befsr41cm.pdf

“Intel To Become First Company To Offer Advanced Internet Security Software From
Network ICE With Its High Speed DSL Modem.” Intel. 2000.
http://www.intel.com/pressroom/archive/releases/cn033000.htm

“Norton Internet Security 2000 Features: Comprehensive Security Suite.” Symantec. 2000.
http://www.symantec.com/sabu/nis/featuresA.html

Labels: ,


Read the complete text of this post

posted by The Voice at 6:11 PM 0 comments

Friday, May 19, 2000

On Quantum Computing

As computer manufacturers move closer to the physical manufacturing limits imposed by nature, some new form of computing will need to be devised in order to continue the explosive growth that the computer industry is experiencing today. Indeed, if a new form is not devised, the current computing age will come to an abrupt halt. While a few unimplemented possibilities exist that will stretch today’s technology into the next century, scientists and computer engineers alike have feverishly begun to examine alternative methods to today’s silicon based computer systems. Currently, the leading alternative candidate, a conjugate of the two realms of quantum physics and computability, is what has been termed quantum computing.

To understand the need for alternative methods such as quantum computing, one must examine the modern history and development of computers. In the early portion of the 1900’s, when computing technology made the transition from mechanical gears to electromechanical units based on telephone relay systems, the major driving force behind technological advance was the United States government. This was primarily for code-breaking purposes (Clearwater 5-6).

As time passed, further advances were made, resulting in computers that were constructed with vacuum tubes. All of the advances resulted in faster computers, but the capabilities remained basically the same (Brooks 17). In fact, even today’s supercomputers are based on essentially the same design concepts as the earliest computers of the 1900’s, differing only in speed and memory (Brooks 15).

Noticing an emerging pattern with the increases in speed and memory, Gordon Moore, co-founder of Intel, proposed what has become “Moore’s Law” in the early 1970’s (Clearwater 7). Stating that the memory capacity of a chip doubles every eighteen months, Moore’s Law continues to hold today. During the almost thirty years since it was proclaimed, the number of transistors located on a computer chip has increased by a factor of one million, and at the same time, both the price and power consumption have been reduced by a factor of one-hundred-thousand (Milburn 158). However, the long-term viability of Moore’s Law has come into question recently. In October 1999, Paul Packan, a researcher at Intel’s labs, raised concerns that Intel may have reached the limit of its ability to miniaturize the microprocessor. Limited by nature’s maximum speed limit of the speed of light, engineers have compensated by squeezing more components together, shortening the distance the signals travel (Clearwater 7). This technique, however, has been stretched as far as it can, as Packan states that “There are currently no known solutions” to the problems they are facing (Yahoo News). Less than a month later, researchers Jack Hergenrother and Don Monroe at Lucent Technologies Bell Labs experienced a breakthrough. Claiming to be able to construct chips vertically rather than horizontally, they believe that many more transistors can be crammed onto a chip using this method. They also devised a method allowing for the potential doubling of processing power, by using two logic gates per transistor instead of one. Hergenrother and Monroe believe that this may be the breakthrough that would allow manufacturers to cross the “point one barrier.” (Wired News).

The “point-one barrier” is the point where engineers believe a shift must take place in the way computers are designed. This is the point where we reach the limits of today’s photographic etching process. At 0.1 microns in length, circuit patterns begin to blur, and the light used to etch the chips gets absorbed before it reaches the surface (Milburn 159). Also, it is at this point that the rules of the physical world cease to apply, as only a few atoms are need to construct the memory registers. At such small sizes, the rules of quantum mechanics take over. The Lucent breakthrough, however, looks to extend current methods into the next decade, but it is believed that by 2020, the laws of quantum physics will have to be adopted as the method of reading and writing bits (Clearwater 7-8).

Quantum physics arose at the turn of the 20th century as a result of the failure of classical physics to explain and predict the outcomes of experiments on both light and particles (Clearwater 49). The beginnings of quantum theory began in 1900, when Max Planck recognized the quantum nature of radiation, and in 1926, when Erwin Schrodinger provided a mathematical model of quantum mechanics (Brooks 5).

Using the principles established by Planck and Schrodinger, scientists started to examine the relationship of physics to computability in the mid 1970’s (Clearwater 45). In their book Explorations in Quantum Computing, Williams and Clearwater describe this relationship, stating
There are a number of properties that quantum systems possess that lend themselves to computational applications. For example, at the quantum level, the values of certain observable quantities are restricted to a finite set of possibilities. The significance of this is that, in any computer, each bit must be stored in the state of some physical system. In a quantum computer, each bit could be represented by the state of a simple 2-state quantum system such as the spin state of spin-1/2 particle. As the spin of a particle is quantized, we can use one spin state to represent the binary value 0, and the other state to represent the binary value 1. Any 2-state quantum system, such as the direction of the polarization of a photon, or the discrete energy levels in an excited atom would work equally well. Once you have a way of encoding the binary values 0 and 1 in the states of a physical system, you can envisage making a complete memory register out of a chain of such systems (50).

Essentially, the way information exists in computers today is easily translatable to storage in a quantum computer. Whether a computer uses today’s on and off switch mechanism or the quantum spin states, the fact remains that all that is needed is a method of distinguishing the values of one and zero.

With the passage of time, a greater understanding of quantum physics developed and the Nobel Prize-winning physicist Richard Feynman suggested the possibility of developing a computer based on quantum principles in 1982 (PC MAG). Envisioning a system that exploited these principles, Feynman saw a system that promised to offer much more than another incremental increase in processing power (Brooks 17). In fact, the newest theories involving quantum computing predict a time where quantum computers perform calculations exponentially faster than conventional computers. They also offer the promise of teleporting information, cracking unbreakable security codes, generating true random numbers, and communicating with correspondence that alerts authorized users to the presence of unauthorized trespassers (Clearwater 1).

These promising advantages of quantum computing are based on the notion that quantum methods of processing information are a radical departure from traditional classical methods. As a result of a quantum phenomenon, termed superposition, information can exist in undefined states and still maintain usability. In a quantum superposition, a bit of information can be both the values of zero and one simultaneously (Brooks 10). Consequently, quantum computing promises to offer entirely novel ways of computation with qualitatively new algorithms defined using the principles of quantum physics. At the same time, improvements in the speed, security, and quality of transferred information are possible (Brooks 4).

In theory, it is possible to construct a complete quantum computer. In November 1999, it was announced that scientists at MIT and the Los Alamos National Labs had developed the first quantum computer. While only capable of counting to four, this is held to be a significant advance. Such advances have led research team member David Cory to suggest a quantum equivalent to Moore’s Law. He states that “’in the last two years we’ve gone from two qubits to six qubits. This is a sixteenfold increase in power. We may have ten qubits in 2001, another sixteenfold increase’” (Groz 43).

Such power increases are not the only advantage of quantum computing. Quantum computers also offer an advantage in terms of energy efficiency. Theoretically, quantum computers are examples of reversible computers. Essentially, this feature of reversibility allows for the phenomenon of no net energy consumption. This is achieved because quantum computers have the ability to redeem expended input energy at the end of a computation (Clearwater 12).

Another advantage offered by quantum computers is the ability to perform the same calculations as a classical computer, but in less logical operations. The feature responsible for achieving this is the ability of a quantum computer to evaluate all possible inputs of an equation simultaneously (Clearwater 12).

However, even though complete marketable quantum computers are theoretically a possibility, there are problems that must be addressed in order for them to fulfill their promises and achieve their full potential (Clearwater 10). The largest of these problems is that at a quantum level, computers will be vulnerable to stray interactions with the environment in which the are placed (Clearwater 10). Compounding this issue is the fact that the environment may be affected by the quantum superpositions that exist within a quantum computer. There is a possibility that the quantum information will diffuse outside of the computer, spoiling storage and computation at the same time. It will become necessary to initiate some methods of stabilization to combat the effects of this process, decoherence (Brooks 23).

Currently, there are two proposed methods for combating the effects of decoherence. The first, proposed by David Deutsch in 1993, involves redundancy of data. Having multiple complete copies will reduce the chances of data loss, as data can be rebuilt from the backup copies (Brooks 23). The other method, independently proposed by both Peter Shor and Andrew Stearne in 1995, finds its roots in today’s Error Correction Code Random Access Memory (ECC RAM). Shor and Stearne’s ECC method of quantum computing involves a similar usage of error correction codes, whereby a single cubit is encoded by a string of qubits. Much like ECC RAM, if an error occurs, the original information can be rebuilt from the data stored within the single cubit (Brooks 24).

With an understanding of how to maintain data integrity, the first generation of quantum information technology is beginning to take shape. In fact, quantum-engineering solutions have been devised in the field of optical telecommunications (Brooks 33). In this field, classical bits of data (zero and one) are transmitted, amplified, and distributed using quantum mechanics. This hybrid is the first step toward the level of quantum computing that will arise in the second generation. In the second generation, quantum physics will be extended to the bits of information, resulting in information called qubits. Applications using these qubits will adhere to the principles of quantum superposition, and will be the realization of true quantum computing (Brooks 33).

Quantum computing applications for are already beginning to develop. Searching for at least one feasible application where an infant quantum computer could outperform a classical computer, Peter Shor discovered that a quantum computer could factor large integers highly efficiently. As David Deutsch discovered in his research, this is due to the ability of a quantum computer to examine all of the prime numbers at one time. The ability to factor large integers by a quantum computer is the key to breaking security methods such as the RSA-cryptosystem (Clearwater 113). Such an encryption scheme relies on the difficulty of factoring to create its security strength, as it is extremely difficult to factor a number such as 239812014798221 with today’s computers. However, with a quantum computer, this number can be factored with relative ease into its factors X and Y, simply by examining all prime numbers at once.

The ability to factor these prime numbers, or keys, could have a profound impact on secure transactions, effectively crippling today’s method of security. However, the laws of quantum mechanics seem to naturally provide a way to allow for the power of factorization and at the same time implement methods of security. In a world of quantum computers, the RSA-cryptosystem will no longer be needed. Quantum computers adhere to the Heisenberg Uncertainty Principle, which states that whenever and however a quantity is measure, “noise is added” to the measured quantity. This effectively alters the value of the measurement (Brooks 43). In the realm of quantum computing, this means that if an unauthorized eavesdropper taps into the quantum system to collect data, noise will be added to the data. This, in turn, can be easily detected by the authorized users, neutralizing the power of hacking techniques (Brooks 44). In other words, it is impossible to measure quantum systems without disturbing the data (Brooks 140). This ability is the result of a combination of the qubits’ natural superpositional state and the state of entanglement, where two or more quantum systems loose individuality by linking together to form one entity. Thus, disturbing the system is detectable throughout the entire system (Brooks 141).

With the capability of high-power number manipulation and its built-in security measures, quantum computing has the potential of becoming the successor of the immensely successful silicon microprocessor. If quantum computing is the heir apparent, many changes will take place in all facets of life. In terms of information technology, a new paradigm would be created in the ways information is processed. One can imagine a world where bank transactions are ultrasecure due to the natural security features of quantum entanglements and where computing speed will increase exponentially due to the ability to examine all inputs at one time, processing them in one operation. Instant access to information will also become a reality.

Such changes will also have a profound economic impact. For example, the advance could spark economic development across all types of industries. The power, speed, and security offered by quantum computers could be applied to many fields, from those who manufacture the technology to those who purchase it. However, many industries will need to make a huge shift in order to stay competitive. No longer will the status quo apply, because of the differences between the physical world and the quantum world. If the companies fall behind, the industries could experience an economic collapse due to the change to quantum computing. To avoid this, the entire industries may need to collaborate in creating the shift.

Education will have to shift as well. Institutions of learning will need to incorporate both quantum physics and quantum computing into the computer science curriculum. Fortunately, this has already begun to happen, as the University of Oxford, Caltech, and several other large universities have started teaching the theories behind quantum computing.

The advance toward quantum computing does pose a problem, however, for millions of computer scientists trained in what will be considered the “old way.” Years of education will abruptly no longer apply, as the shift to quantum computing is such a radical one. Many computer scientists may find themselves without a job until they complete their “re-education.”

A social division could also result from the change to quantum computing. Much like the division some believe to be taking place today with access to the Internet, a division could form between those who compute with quantum computers and those who do not. However, if the current trends in the computer industry can be used as a precedent, then perhaps a social division is not a tremendous problem as some might suggest. Initially, a division may take place, but the gap created would eventually shrink as time passes and prices fall.

The future looks bright, as quantum computing seems to offer an alternative way of computing. While not without its problems, quantum computers have the potential of changing the way information is processed. Indeed, such a development in the world of computers is needed, and with time, could solve the limitations being experienced today.

Labels:


Read the complete text of this post

posted by The Voice at 9:13 PM 0 comments

Thursday, August 19, 1999

On Appearances

As impressionable beings, we hold the impressions that we leave on our acquaintances to be very important. So important are these impressions that they often form the basis of our relationships. In fact, these impressions typically set the tone for the duration of the relationship. All too often, however, we attempt to project an image of ourselves that is entirely false. Motivated by the desire to leave a good impression, we attempt to become what we are not, to gain approval, and to pull the wool over the eyes of others. It seems, however, that this wool has not blinded the eyes of the authors of satiric literature. Within the realm of satire, it appears that a pattern is emerging, one that points to the foolishness of these attempts. This pattern, appearing in Jane Austen's Pride and Prejudice, Evelyn Waugh's The Loved One, and Henry Fielding's Joseph Andrews, includes a character that either has created or attempts to create a persona by wrapping themselves in the trappings of the image they wish to acquire.

This acquisition of an image seemingly works for Jane Austen's Lady Catherine, but only initially. Surrounding herself with the trappings of high society creates her image on a first impression. However, probing deeper into her personality reveals the false image she creates.

Lady Catherine seems to be the model of distinguished society, but although she is someone of high social standing, she lacks the true character she wishes to present. As a woman who "likes to have the distinction of rank preserved" (137), Lady Catherine is condescending and speaks "in so an authoritative a tone" that it displays "her self-importance" (139). Having an opinion on every subject, she is constantly handing out unwanted advice. She, however, is only superficially qualified to do so. For example, in conversation about playing the piano she says, "'I have told Miss Bennet several times, that she will never play really well unless she practises more'" (148). Later she repeats herself, saying "'Miss Bennet would not play at all amiss, if she practised more'" (150). Although this may be quality advice, the fact that Lady Catherine cannot play the piano undercuts her suggestions. Indeed, by her own admission, she cannot play the piano. She says, "'If I had ever learnt, I should have been a great proficient'" (147). Owning a piano does not constitute the ability to play, suggesting that although she has the trappings of high society, they are merely a façade. Most certainly, Lady Catherine is Austen's commentary on the emptiness that can be found within false images.

This trend of satirizing false images and impressions also appears in Evelyn Waugh's The Loved One. In this novel, the reader sees the character of Dennis Barlow, who is similar to Lady Catherine, yet different at the same time. Much like Lady Catherine, he is trying to present an image, but unlike her, he does not have the surroundings to do so. Instead, he actively tries to hide his situation, namely his job, by creating images of himself to impress Aimee Thanatogenos.

In his attempts to impress Aimee Thanatogenos of Whispering Glades, he exaggerates his poetic skill and even attempts to take up another profession to hide his current job, knowing that she looks poorly on it. At one point he feels "a hypodermic stab of thankfulness that he had kept silence when, earlier in their acquaintance, he had considered forming a bond between them by lightly mentioning his trade" (95). Later, he discovers that he can form a bond with her through poetry, as she feels that "'it's a very, very wonderful thing to be a poet'" (88). Realizing her love of poetry and because Aimee has shown "a preference for the earlier masters" (105), Dennis builds a false image of himself by utilizing other poets' works and calling them his own.

In an attempt to gain a higher status, Dennis inquires about becoming a non-sectarian clergyman, to which he learns he must have "the call" (122). He reveals his desire to hastily fulfill his false image when he promptly ignores the need for a calling and persists by responding "'Yes, of course; but after the call, what is the process? I mean is there a non-sectarian bishop that ordains you?'" (122). Finally, to assure the status he would garner for himself, he asks "'You would say, would you not, that a non-sectarian clergyman was the social equal of an embalmer?'" (125). From this one can see his concern for his social status, as he is trying to at least match that of Aimee.

Aimee believes his charade until she has to pay a visit to The Happier Hunting Ground. On finding Dennis working there, he is exposed as a "liar and a cheat" (135) in her eyes. The charade comes to an end with Aimee stating,
"All those poems you sent and pretended you'd written for me, that I thought so cultivated I even learned bits of them by heart - all by other people, some by people who passed on hundreds of years ago. I have never felt so mortified as when I found out." (138)
Aimee's recognition of Dennis' fraudulent nature destroys him in her eyes. Indeed, his lack of respect for both her and the original poets is a glaring mistake, as he knowingly steps on the shoulders of great poets for his own gain. His lack of respect toward the clergy is also a mistake, especially in the eyes of the reader. Undoubtedly, Dennis is revealed as a man willing to feign a calling in order to shortcut the process of growing as an individual, all for the sake of impressing Aimee with a false image.

Finally, one can see this satiric trend in Henry Fielding's Joseph Andrews. Similar to the attempts of Dennis Barlow, Mr. Wilson is a man willing to shortcut effort in order to create his false image. As a young man of sixteen, the image that he was "ambitious of attaining was that of a fine gentleman" (196).

Setting out to create his image, he enlists the services of "a taylor, a periwig-maker, and some few more tradesmen, who deal in furnishing out the human body" (196). He also desires the arts of "dancing, fencing, riding the great horse, and musick" (197). However, because they require effort to attain, he decides to wear the airs of such qualities and skills, rather than to work at them. Although he decides not to work at these, he does, however, work to gain the knowledge of the town, which he garners by socializing.

As important as his knowledge-about-town is to his image, perhaps even more important is his reputation with women. His garnering of a reputation "with the finest women in town" (197) fully illustrates the fallacy of his character. He states,
"The reputation of intriguing with them was all I sought, and was what I arrv'd at: and perhaps I only flattered myself even in that; for very probably the persons to whom I shewed their billets, knew as well as I, that they were counterfeits, and that I had written them myself." (197)
By writing letters to himself, he creates the impression that his many women had done so, furthering his shortcut attempts at creating his image of the ladies-man.

In retrospect, Mr. Wilson describes his lifestyle best when he refers to the Temple where he stayed. He states that "'the beaus of the Temple are only shadows of the others. They are the affectation of affectation'" (199). Just as the sun projects the shadow image from the real object, so were the shadows in the Temple. They were images projected off of some reality, much like Mr. Wilson's attempt to create an image. He was merely the shadow of a reality that he wished to live.

The trend that seems to be emerging is one of a satiric commentary on the human condition to try to impress. Making a good impression is a positive aspect of life, but only when the impression in one created from reality, and not a false image. Indeed, the value of a good impression is substantial, but even more substantial, and extremely negative, is the letdown that results when the false image is revealed.

Labels:


Read the complete text of this post

posted by The Voice at 9:01 PM 0 comments

Sunday, April 19, 1998

On Social Status

Social status, with its class distinctions and ranks among people, has been a characteristic of life for some time. While these distinctions may serve a purpose in society, often tension results, especially concerning matters of the heart. Nowhere is this tension more evident than in Jane Austen's Pride and Prejudice. In this nineteenth century novel, Austen, through character development and manipulations, comments on the flaws and failures of such distinctions.

Throughout Pride and Prejudice, the reader is introduced to several characters that share the same affliction of discriminating on the notion of class boundaries. In particular, these characters include Lydia and Kitty Bennet, Sir William, Lady Catherine de Bourghh, Mr. Collins, and Mr. Darcy. Each character is used masterfully by Austen to illustrate different, yet similar aspects of the same concept, foolishness based on the grounds of class.

Austen opens the novel by introducing the reader to the connection between social standing and marriage. In her time, wealth usually indicated status and Austen states that "It is a truth universally acknowledged that a single man in possession of a good fortune must be in want of a wife" (5). With this we are introduced to the Bennet family, which includes five unwed daughters, two of which Austen uses to illustrate one of the foolish traits of social status. The reader is aquatinted with the somewhat minor characters of Lydia and Kitty, who could fill a day just by flirting with men in uniform. Austen comments that "While there was an officer in Meryton, they would flirt with him; and while Meryton was within a walk of Longbourn, they would be going there forever" (180). Lydia does marry such a man, Wickham, who eventually is revealed as a scoundrel. As Austen suggests through this situation, external social position does not denote character.

In the character of Sir William Lucas, Austen demonstrates that the garnering of status serves to separate. Formerly a trader, Sir William achieves the status of knight and subsequently removes himself from his town. Despising his former business, he moves to his "Lucas Lodge" where he can "think with pleasure of his own importance" (17). Austen comments that his knighthood "had perhaps been felt too strongly" (17).

As the novel progresses, Austen introduces Mr. Collins. Specializing in the foolishness of sycophancy, Mr. Collins is Austen's commentary on excessive praise for want of high status association. Throughout the novel, Mr. Collins cannot speak highly enough of Lady Catherine de Bourgh. In his letter to Mr. Bennet he speaks of Lady Catherine stating that he has been, "'fortunate as to be distinguished by the patronage of the Right Honourable Lady Catherine de Bourgh…whose bounty and beneficence has preferred me to the valuable rectory of this parish'" (55). He also speaks highly of himself in the letter stating that he flatters himself, in that, his "'present overtures are highly commendable'" (55).

Mr. Collins holds Lady Catherine to be the model of distinguished society. As he himself is a fool, it is only fitting that he sees her this way. Lady Catherine is Austen's example of someone of high social standing, but who lacks true character. As a woman who "likes to have the distinction of rank preserved" (137), Lady Catherine is condescending and speaks "in so an authoritative a tone" that it displays "her self-importance" (139). She has an opinion on every subject and in constantly handing out unwanted advice. For example, in conversation about playing the piano she says, "'I have told Miss Bennet several times, that she will never play really well unless she practises more'" (148). Later she repeats herself, saying "'Miss Bennet would not play at all amiss, if she practised more'" (150).
She also states that Elizabeth may come to her home and play on her "'capital'" piano, which is "'probably superior to'" (140) any piano Elizabeth ever played. However, she should "'play on the pianoforte in Mrs. Jenkinson's room. She would be in nobody's way, you know, in that part of the house'" (148). Lady Catherine's invitation indicates that she does not wish to hear Elizabeth play, as her statement suggests that the room is located far enough away that she would not disturb anyone. With this, Mr. Darcy was "ashamed of his aunt's ill-breeding" (148).

It is also important to note Lady Catherine's own admittance that she cannot play the piano. She says, "'If I had ever learnt, I should have been a great proficient'" (147). This suggests that, although she has the trappings of high society, they are all a façade. Indeed, Lady Catherine is also Austen's commentary on the emptiness that can be found within false appearances.

Vital to Austen's view of social status is the man who ultimately overcomes the elite attitude of higher status. In Mr. Darcy, Austen presents us initially with a vain man, who is unwilling to socialize at the ball. When prompted by Mr. Bingley, Mr. Darcy comments that Elizabeth is "'tolerable, but not handsome enough to tempt me'" (12). This immediately establishes Mr. Darcy as rude and extremely proud. However, a transformation occurs as the novel progresses and he begins to find himself in want of Elizabeth's company. He notices her "fine eyes" (25) but is reluctant to court her due to social status. When he does proclaim his love for her, he does it in such a way that it insults Elizabeth. Austen comments on "His sense of her inferiority--of its being a degradation" to him (160).

As time passes, Elizabeth's affections for Mr. Darcy grow. When she visits Pemberley, she notes the tastefulness of Mr. Darcy's estate, as compared to the superficiality of Lady Catherine's. Pemberley was "without any artificial appearance. Its banks were neither formal nor falsely adorned" (203). She also sees Mr. Darcy in a new light, as the Gardiner's speak of his great courtesy. Her uncle states that Mr. Darcy is "'perfectly well behaved, polite, and unassuming'" (214).

At this point in the novel, Austen presents a drastically different view of Mr. Darcy. He is portrayed as a man of legitimate taste. When compared to Lady Catherine, Mr. Darcy is the true model of high-class society: a wealthy, tasteful gentleman. He has also changed, letting down the barriers of social status. He gives way to his true feelings. This change in Mr. Darcy, coupled with his aid to Lydia and Wickham convince Elizabeth of his true nature.

By allowing such a change in Mr. Darcy, Austen suggests two things. The first is that there is hope for the lowering of the social barriers and the second is that these barriers are ludicrous. Elizabeth and Mr. Darcy's future marriage suggests that social status should not be the final judge of relationships. It is the character of the individuals that decide the fate of the relationship.

Austen's commentary on social status ends by presenting the reader with the happiness of foregoing social status for love. Presented against the pattern established by Lydia, Sir William, Mr. Collins, Lady Catherine, and initially Mr. Darcy, the negative and positive aspects of social barriers are revealed. Ultimately, Mr. Darcy's ability to change and leave his conceptions about status behind illustrates Austen's opinion about social status. It is the character of the individual and not their dealt lot in life that counts. That is where true human value lies. While status may remain in society, Austen suggests that it is foolish to let it dictate matters of the heart.



Works Cited


Austen, Jane. Pride and Prejudice. New York: Penguin Books, 1996.

Fielding, Henry. Joseph Andrews. New York: Penguin Books, 1985.

Waugh, Evelyn. The Loved One. Boston: Little Brown and Co., 1976.

Labels:


Read the complete text of this post

posted by The Voice at 9:32 PM 0 comments

Friday, December 12, 1997

Inflation Discussion

Inflation in the economy is typically described as a continual increase in the price level. This increase is usually the result of an increase in the aggregate demand or a decrease in aggregate supply.

The focus of this paper is to analyze the claims of the selected article, relate the separate aspects it describes to the business cycle, and tie in the effects of inflation to issues of purchasing power.


The selected article, which appeared in the Final Edition of the Baltimore Sun, dated August 15, 1997, deals with inflation and its place in the United States’ economy today. Authored by the Associated Press, the article claims that inflation is currently “very tame,” and it cites several government reports to support this claim.

A collection of reports, provided by the government, as well as the analyzed activity of the stock and bond markets, indicate that the economy has continued its trend of moderate expansion. All reports show that there are few signs that the rate of inflation will rise in the upcoming months. The article cites the activity of the inflation-sensitive bond market and the stock market as evidence for the prediction about inflation.

As for the reports themselves, the Consumer Price Index (CPI), the Federal Reserve’s statements, and the Labor Department’s reports also supported the notion that the economy, on the whole is experiencing inflation-free growth.

The Consumer Price Index rose only a modest 0.2% in the month prior to the writing of the article (July). It also noted that the annual rate of price increases was at 1.5% for 1997, compared to the 3.3% of 1996.

The Federal Reserve Report indicated that the increase in industrial production was down 0.1% from July. This suggests that the economy, although strong, was not running away. However, this number was offset by other aspects of the economy, such as increases in the use of electrical energy. It also noted that the country was operating at 83.1% capacity, which is below the 85% that coincides with higher prices.

Finally, the Labor Department reported a twelve thousand case increase in the number of unemployment claims. However, the average number of claims is at its lowest point since the winter of 1989.

Generally, the annual core inflation rate is at 2.4%, which is down form 1996’s 2.6%

Inflation is a problem that affects everyone. It excludes no one in the economy. Therefore, it should be and is one of the most frequently watched topics that are dealt with in the economy.

Inflation has long reaching effects that pervade many aspects of the economy. From the price of bread at the local grocery store to the cost of buying a new car, inflation affects the consumer’s purchasing power. Compared to its value before an increase in the inflation rate, the value of a dollar is less when inflation rises. Therefore, the price level increases, and less goods and services can be purchased for the same amount of money.

Inflation is also the cost of expansion. To understand this, however, one must examine the intricate relationship between the price level, potential capacity, inflation, and employment in the business cycle.

This article states that the country’s economy is experiencing a moderate expansion with tame inflation rates. During a typical expansion, output increases as business try to meet the aggregate demand. With increased output, more employees are needed to handle the demand, and employment increases. However, the price level must also increase, as the rate at which it increases is based on the speed of the expansion. If the aggregate demand requires more than the potential output, an expansionary gap results as the short-run response. This is accompanied by an increase in the price level (inflation). Eventually, however, the economy reverts back, in the long run, to its potential level of output. The temporary benefit of the short-run response is increased profits, but the cost is a dramatic increase in inflation. As for the employees hired in order to handle the increase in output, they are laid off, which results in an increase in unemployment claims. Therefore, unemployment is also related to inflation, as indicated by the article.

All in all, the economy does show a modest expansion, with slight increases in the price level. However, when compared to the yearly averages as a whole, the economy currently is outperforming last year’s numbers. These numbers only differ slightly, but optimistically speaking, they are better than the previous year’s.

Labels:


Read the complete text of this post

posted by The Voice at 12:09 AM 0 comments

Sunday, October 19, 1997

On Leaders

"'Nothing we do in this large department of ours is really very important and there's never any rush. On the other hand, it is important that we let people know we do a great deal of it'" (330).
It is with these words that General Peckem describes to Colonel Scheisskopf his role in the military effort, suggesting Joseph Heller's view of the lunacy that exists within the military's leadership and defining one of the novel's major themes. Throughout Catch-22, Heller exposes the foolishness of the leaders by examining their concerns within the context of the war effort. In such a context, one is able to see the utter absurdity found within their concerns for extraneous activities, rather than the urgency of the war. Consequently, one sees the military leaders as anything but military leaders, as Heller primarily satirizes these leaders in the characters of Lieutenant Scheisskopf and General Peckem.

Focusing on these two officers, Heller begins his attack on the military's leaders with the rapid rise of Lieutenant Scheisskopf in the ranks of the military. As the representation of the elevation of an incapable leader, Scheisskopf is concerned only with military parades, rather than military operations concerning combat. Although he possesses dedication and determination, he channels his energies in the wrong direction, his parades, with efforts that are "elaborate and clandestine" (83). He conducts "extensive research" (82) regarding methods of garnering "every means of improvement" (82). Scheisskopf's determination is so intense that he is consumed with being the best, and as a consequence, his personal life even falls by the wayside. In response to his wife's repeated attempts at gaining his attention, he responds, "'I haven't the time. Don't you know there is a parade going on?'" (80). Heller's satire is revealed here, as one would expect a military officer to respond quite differently, perhaps with, "Don't you know there is a war going on?" Instead Scheisskopf places the parades as his most important priority.

With this singular priority in mind, and as a result of his work, Scheisskopf finally achieves his goal of being the best. He is subsequently promoted to First Lieutenant, suggesting that in Heller's upside-down world, a man is elevated not for his tactical prowess, but for his ability to organize the best parades. He is declared a "military genius" (84), again suggesting Heller's satire. When Scheisskopf is promoted to Colonel, General Peckem compliments him on being a "'tough, experienced, competent officer'" (330) who is not like the "'incompetent leadership with which we supply our troops'" (330). The irony depicted here is that Scheisskopf is exactly the kind of incompetent leader that General Peckem is trying to avoid. Quickly, one learns of Scheisskopf's new duties, which consist of helping General Peckem "'produce the memoranda upon which we rely so heavily to let people know how good we are and how much work we're turning out'" (330). When set against Peckem's lofty description of Scheisskopf's capabilities, this menial task represents the utter absurdity and illogic that exists within Heller's satiric view of the military. This absurdity is further developed when one learns that Scheisskopf is promoted for a skill he does not even posses, the ability to write well. He himself reveals, "'I don't know anything about writing'" (330).

Knowing nothing about writing and only about parades does not stop his meteoric rise, as he is again promoted, this time above General Peckem. When the news is revealed that Colonel Scheisskopf has been promoted to Lieutenant General, it is so shocking that it causes General Peckem to swear "for perhaps the first time in his life" (401). With this promotion, Scheisskopf also becomes the new commanding officer for combat operations and he wastes little time in issuing his first order. Colonel Cargill delivers this first order, turning "white as a sheet" (402) as he states, "'He wants us to march. He wants everybody to march!'" (402). With this order, Heller further plunges the military into his satiric commentary, as now everyone is subjected to marching by a commanding officer whose only concern is marching and who cowers at the thought of entering combat himself. While still a colonel, Scheisskopf asks, "in horror" (332), "'We're not going into combat are we?'" (332), further reinforcing Heller's view of military leaders.

Heller's view of military leaders continues when he shifts his focus to General Peckem. Whereas Sheisskopf's character suggests the elevation of seemingly incapable leaders to important positions, Peckem's character suggests the undermining of military operations for personal gratification. In General Peckem, one sees an established leader whose priorities are not with the total war effort, but to battle another general, General Dreedle, who is on the same side of the effort. Peckem states "'Dreedle's on our side, and Dreedle is the enemy'" (332). This type of in-fighting seems logically counter-productive, but to General Peckem, it is quite productive, as
General Dreedle commands four bomb groups that we simply must capture in order to continue our offensive. Conquering General Dreedle will give us the aircraft and vital bases we need to carry our operations into other areas (332).
When one considers that both General Peckem and General Dreedle are on the same side of the war effort fighting for the same country, General Peckem's motives appear self-serving. General Peckem's motives are another attack by Heller on the logic employed by the leaders.

With General Peckem's self -serving attitude, Heller's satire is again illustrated in Colonel Korn's rebuke of Major Danby during a briefing. Instead of Major Danby's "'much more effective roadblock'" (338) using a "'loose bomb pattern'" (338), Colonel Korn states, "'We don't care about the roadblock'" (338). What they do care about is the bomb pattern dictated by General Peckem. Colonel Korn explains,
And make sure they understand the importance of a tight bomb pattern. Colonel Cathcart wants to come out of this mission with a good clean aerial photograph he won't be ashamed to send through the channels (338).
Colonel Cathcart's desire for this bomb pattern extends from General Peckem's desire for "'the bombs to explode close together and make a neat aerial photograph'" (335). This logic is revisited in the novel when Milo Minderbender is discussing his mission count with Colonel Cathcart. Concerning a particular mission, Colonel Cathcart states, "'We didn't get the bridge, but we did have a beautiful bomb pattern'" (382). With the acceptance by other officers of General Peckem's directives, Heller suggests the ubiquitous nature of this lunacy in the military, as it is not just located within the mind of General Peckem.

Through the development of Lieutenant Scheisskopf and General Peckem, Joseph Heller crafts a sharply caustic attack on the leadership within the military. By examining both of these character's concerns and priorities against the backdrop of the war effort, Heller develops two fools and by extending this viewpoint to the whole of military leadership, he paints a rather grim image of the military and its leaders.

Labels:


Read the complete text of this post

posted by The Voice at 9:23 PM 0 comments

Tuesday, May 13, 1997

King Lear and The Absentee

In both William Shakespeare’s King Lear and Maria Edgeworth’s The Absentee, the problem of illegitimacy and the complications it causes are examined. The issue of illegitimacy becomes a controlling factor in both works as illegitimate characters are placed in pivotal roles. The presentation of such characters as Edmund in King Lear and Grace Nugent in The Absentee, enable both Shakespeare and Edgeworth to comment on the position of illegitimacy in their respective eras. Much of the action of the plots is built around the interplay of these characters with other characters and how they are viewed with respect to their roles in their families. It is the complications of the illegitimacy that create tensions in both families.

In King Lear, the entirety of the plot is revealed through dialogs between characters. Various speeches in the dialogs examine how family members are connected. One family in particular is that of the Earl of Gloucester. His two sons, Edgar and Edmund, both vie to be the heir to Gloucester’s wealth and power. Edgar, the legitimate son, is despised by Edmund, the illegitimate son. In his speech in Act I, Scene 2, Edmund’s illegitimacy becomes his fury, as he expresses his utter aggravation toward Edgar and the notions of illegitimacy. He says:

...Why Bastard? wherefore base?
When my dimensions are as well compact,
My mind as generous, and my shape as true,
As honest madam’s issue? Why brand they us
with base? with baseness? bastardy? base, base?
...
Well then, Legitimate Edgar, I must have your land.
Our father’s love is to the bastard Edmund
As to the legitimate. Fine word “legitimate!”
Well my legitimate...
...
Edmund the base shall top the legitimate...

Clearly, Edmund finds himself at odds with Edgar because he cannot inherit anything and he scorns the societal views on illegitimacy. Edmund feels slighted, as he is viewed as the “bastard son” of the family.

As half brothers, both Edgar and Edmund lay claim to Gloucester’s wealth. Lawfully, Edgar is the true heir. Edmund, however, refuses to concede to this. In Edmund’s mind, he is superior to his brother in all things. From strength to beauty, Edmund sees little that is good about Edgar.

Edmund’s illegitimacy is a controlling factor in the life of his family. It has divisive qualities. In and of itself, the illegitimacy divides the brothers biologically. However, the more important division is that one caused by Edmund’s attitude in general. As a consequence, he pits himself against his brother.

Edmund manipulates the unknowing Edgar. Guilty of nothing, Edgar is innocent both in deed and knowledge. He does not realize his brother’s scheme, and thus takes Edmund’s advice when he is told to flee.

In Maria Edgeworth’s The Absentee, illegitimacy plays a similar role, while, at the same time, taking on a whole new meaning. Just as in King Lear, illegitimacy has divisive qualities. However, in the case of The Absentee, the focus is not on obtaining a parent’s wealth, but getting married.

Throughout the novel, Lord Colambre’s mother suggests that he court Miss Broadhurst. Instead he wishes to court his cousin, Grace Nugent. Attracted by her charm, all is well until he learns of her illegitimacy. With the knowledge that Grace’s mother had an affair with Captain Reynolds, and that Grace was his daughter, he acknowledges the fact that he cannot marry her.

The issue is resolved by the end of the novel. Colambre obtains the secret marriage certificate of Captain Reynolds and Grace’s mother, therefore proving Grace’s legitimacy. With this in hand, he resumes his desire to marry Grace, Grace assumes her rightful place as an heiress, and they agree to marry.

Just as it was for Edmund, the notion of illegitimacy becomes a controlling factor in the lives of Grace and Colambre. It is interesting to note the change in attitude for Lord Colambre. Although his feelings for her do not change, he denies their existence. In fact, “Colambre had the greatest dread of marrying any woman whose mother had conducted herself ill” (112).

The divisive qualities of illegitimacy affect marriage in the novel. Whereas in King Lear, the problem of illegitimacy was linked to who should be the heir, the problem in The Absentee is linked to the marriage of Grace and Colambre. Colambre’s refusal to marry Grace is a statement about the notions of illegitimacy at the time.

As a consequence of her illegitimacy, the idea of “heiress” also presents a problem for Grace Nugent. Lacking the knowledge of his parents’ marriage, Grace is nothing in her society. She is without a title and does not have a dowry.

By the end of the novel, however, the issue of her legitimacy is resolved. The marriage certificate is revealed and her legitimacy is proven.

As stated earlier, the issue of illegitimacy controls much of the lives of the characters in both works. It creates certain situations for both Edmund and Grace, and these situations are particular to their location in time.

Illegitimacy places Edmund in an awkward position. As a result of his illegitimacy, he has nothing as far as wealth and power are concerned. These go to his half-brother Edgar. In a time where one’s inheritance is a leading concern, Edmund finds himself empty-handed. As such, he is nothing in society. He is only second to Edgar. To a man who holds himself to be the superior of the two, Edmund is infuriated. As a result he endeavors to gain the inheritance.

An inherent problem is created by Gloucester’s handling of the Edgar-Edmund situation. Gloucester does nothing in relation to his sons in the way of raising them together. In fact, he finds it humorous at times.

In contrast, Grace’s place in time allows for her to have something, even though she is thought of as illegitimate. In other words, she can still find someone. Her situation is not as limited as Edmund’s. She has a larger basket of opportunity from which to draw.

Perhaps her situation is eased by the fact that there are individuals who participate in her life. Unlike Edgar and Edmund, she has someone to help her situation. Her mother marries Mr. Nugent, and he adopts her as his own.

In both King Lear and The Absentee, illegitimacy is a predominant characteristic that controls much of the action. It is a passive catalyst that manipulates and shapes the lives of the characters in both works. It is its nature that affects everything from the individuals themselves to the family as a whole.

Labels:


Read the complete text of this post

posted by The Voice at 12:18 AM 0 comments

Monday, March 3, 1997

Disclosure

In David Mason’s “Disclosure,” a poem about the divorce of two lovers, he examines the dualistic aspect of divorce. Through word choice, he establishes this dual nature as he thoroughly brings to light the difference between the legal proceedings and the emotions involved. Throughout this poem the speaker laments over the divorce. His words express that his focus is not on the legal, but on the difference between the legal and the personal. However, Mason’s word choice saturates the speaker’s vocabulary with legal terms. Consequently, both aspects are examined, as both are elemental to every divorce.

The saturation of the legal terminology is revealed immediately. The title, “Disclosure,” which will be examined more thoroughly, is itself a term used in the court system. In the first line of the first stanza, the speaker comments on the “blue official flap and legalese” (l. 1) in which the state carries out the divorce. He also mentions the lawyers and their “neat document” (l. 6).

Bearing in mind his focus, he also starts his commentary on the emotional aspect. The speaker finds himself, however, revealing his thoughts and emotions through the employment of the legal. As a sign of genius on Mason’s part, this intermingling of the legal and the emotional vocabulary creates the contrast of the poem. For instance, the speaker says, “What I remember of your voice is not an issue lawyers willingly address and I’ve avoided their neat document” (l.4-6). The speaker also contrasts the elements of the legal and the emotional by saying that the “state acknowledges an end to what began in privacy, in passing glances” (l. 2-3). The juxtaposition of the legal against the emotional in the same line serves to show just how stark the difference is between the two elements. It is quite evident that the speaker feels that the legal proceedings are a cold bailiff escorting the two former partners out of the courtroom of marriage.

In the second stanza, Mason focuses more heavily on the emotional aspects. The speaker remembers their nights together saying, “Many nights I raised my head from the pillow, watching you sleeping, wife in girl’s flannel, there by the bed your window open” (l. 9-11). He says that his rancor, or bitter resentment, cannot contain the images of their love; images of her “hair lightened to the roots” (l. 14) and of the “maps of married pleasure” (l. 15) that he left on her skin.

He returns to the legal aspect in the third stanza. Speaking about his marriage, he uses words such as memory, recrimination, errors, and bargain. These words, while not completely elemental of the legal, are however, mechanical and unfeeling descriptions of his marriage. They serve to show the difference between the love he spoke of in the second stanza and his opinion of where their love is after the divorce. His retrospective analysis of the marriage after the divorce is much different from the “many nights” (l. 9) that he spoke of in the previous stanza. Consequently, he speaks of how his memory saves images, but recrimination, or counter accusation, “uses every twisted syllable of the past” (l. 18-19). It is as if the legal decree of the divorce brings about a new and ugly experience for the two. However, he admittedly hangs on the past by saying, “Still with all the errors I acknowledge added to those I fail or refuse to see, I say our marriage was a gentle thing” (l. 20-22). The speaker, in a way, delights in examining his marriage before the divorce, trying to hold onto the treasured memories of the past.

However, “Lawyers put it another way” (l. 25). This line explicitly reveals the speaker’s thoughts on the legal system. If the lawyers put things differently, then they must not see things his way. For the speaker, there are countless emotions and memories collected over ten years. The lawyers do not know “how small exchanges still take place” (l. 26). In the midst of all of their legalities, the lawyers cannot feel the loss of those they represent. To the lawyers, a knitted scarf or signed book does not contain meaning. However, to whom the scarf or book belonged, an incomprehensible meaning may be attached.

Finally, the title “Disclosure” is intriguing as it is also a legal term. As such, to disclose is to reveal. As the title of this poem, it takes on a distinct meaning. By accepting the title of the poem to be “Disclosure,” on expects something to be disclosed or revealed. Could the title then be changed to “Revelation,” as in the sense of something being revealed? In essence, what is being revealed, or disclosed, are the thoughts and feelings of the speaker. As stated earlier, he is lamenting over his divorce, as if he wishes it did not happen. He speaks of how the lawyers and their legal system take such an emotional event and render it down to mere formalities devoid of feelings. If this, then, is his purpose, is he not attempting to disclose his feelings that may not have been disclosed in the legal proceedings? Due to the structure of the system, his heart was laid aside and a pen lifted, as he penned his signature on the divorce papers. In other words, being a poem about divorce, Mason could have titled it “Foreclosure,” as if they were foreclosing on their union. A simple title such as “Divorce” would have been functional. Instead, he chose to call it “Disclosure,” as it is an examination of the emotional aspect of divorce. It is not an explanation of how a divorce takes place, but rather, an examination of the distinction of the obvious legalities and the inherent, less obvious emotions. It is Mason’s word choice, or diction, that brings this element to the forefront.

Mason Embeds legal terminology into the speaker’s argument. However, the appearance and employment of such legal terms is not to explain how the legal system works, as one might expect. On the contrary, the speaker’s words provide a distinction between that which is legal and that which is emotional.

Labels:


Read the complete text of this post

posted by The Voice at 12:14 AM 0 comments

Tuesday, March 19, 1996

On Soul Mates

"Whatever our souls are made of, his and mine are the same, and Linton's is as different as a moonbeam from lightning, or frost from fire." (121)

Such is Catherine's response to Nelly Dean during a discussion regarding Heathcliff and Linton about their souls. Although this is the traditionally accepted view of the soulmate, it can be argued that Catherine's definition does not comply with the desires of today's relationships. Perhaps the soulmate is not a mirror image, as Bronte seems to suggest.

In Emily Bronte's Wuthering Heights, Catherine continually defines her notion of the soulmate. She indicates repeatedly that her soul and Heathcliff's are one in the same. She states,
I am Heathcliff - He's always, always in my mind…but as my own being - so, don't talk of our separation again - it is impracticable (121);
She continues, stating
If all else perished, and he remained, I should continue to be; and if all else remained, and he were annihilated, the universe would turn to a mighty stranger (121).

From Catherine's perspective, she views the soulmate as one who is of the same. Morton Hunt, author of The Natural History of Love, however, probably would not view Heathcliff as Catherine's soulmate. Indeed, on the concept of soulmates, Hunt states that there is
What we might call the "one-person" theory, the romantic conviction that for each individual there is a "right one" waiting to be found (also thought of as "the only one in the world"). It was the task, and indeed the moral duty, of every unmarried person to wait or to search until that was located (364).

Although Hunt acknowledges this, and seemingly would agree that Catherine had found her "one," he probably would not go as far as referring to Heathcliff as her soulmate. In his text, Hunt describes a "principle source of attraction" as "a sense of completion at finding a soulmate" (369). By this definition, Heathcliff does not fit the description of the soulmate, as he does not "complete" Catherine. While Catherine sees the soulmate as being one-in-the-same with another, Hunt sees the soulmate as someone that completes, as one who fills in a void present within the soul.

Working from Morton Hunt's definition, one can argue that perhaps a more accurate definition of today's soulmate is one who completes and make another's soul whole. This is a soulmate that is different, rather than exactly alike. In choosing one's mate, Hunt describes such a concept, stating
That during the years of dating and growing up most young Americans slowly discarded, or pushed into the background, their image of the ideal mate or dream mate. Often, to their own surprise, they found themselves falling in love with someone whose "type" they had never cared for but with whom they had found a workable degree of companionship and a comfortable sense of fitness, and with whom love derived from, rather than preceded, the recognition of these attributes (367).

Moreover, Hunt states that,
Although sociological data showed that young men and women tended to fall in love with and marry those similar to themselves socially, intellectually, and in other ways that they were aware of, psychological studies showed that within these limits they were often unconsciously drawn to those whose emotional needs and characteristics complemented their own, bearing out to some degree the old adage that opposites attract (376).

If one, for the sake of argument, were to extend these results across humanity as a whole, it could be argued that perhaps similar results would be obtained. Perhaps, then, the most feasible definition of soulmate is one whose characteristics and traits complement rather than mirror one's own, as indicated by these studies. Indeed, even the term soulmate suggests this type of definition. From an anatomical perspective, a mate is one of the opposing sex whose morphology compliments that of the other. It follows that, by word definitions alone, the mate of the soul would then complement the other's soul. Perhaps instead of searching for one's soulmate, one should search for the soul complement.

The definition of the soulmate, according to Bronte and tradition, is an individual whose soul is the same as the other's soul. In such a relationship, one could assume perfect compatibility between the individuals. However, as limited studies seem to suggest, the traditional definition of soulmate is either unobtainable or needs to be redefined.

Labels:


Read the complete text of this post

posted by The Voice at 9:36 PM 0 comments

Monday, February 19, 1996

On Artificial Intelligence

One of the many burgeoning fields in the computer science industry is that of artificial intelligence. As such, this field has the potential of changing the way humans interact with machines in a more dramatic way than has ever before been conceived. By 2050, it is not unrealistic to believe that mankind and its machines will interact in a much more elaborate way and share a more sophisticated relationship than that which has been previously afforded by the capabilities of current technology.

Indeed, current technologies allow humans to interact to some extent with machines. For example, humans type on personal computers, drive automobiles, and watch as food heats up in a microwave. In each of these instances, however, humans are merely issuing some form of directive or action that starts a process in motion, some of which must be continually monitored. This form of interaction is biased to one side, with the human deciding the activities and controlling those activities as the machine carries them out. Essentially, today’s interaction between humans and machines consists almost entirely of the human acting and the machine reacting. With the continued progress of artificial intelligence, this may soon change.

The changes brought on by artificial intelligence will lead to an increase in interactivity between humans and machines to a level previously only conceived in the minds of science fiction authors. At present, one could consider today’s interactions between humans and machines to be at its lowest level. However, as the degrees of complexity increase, machines will be able to respond to a multitude of stimuli, rather than those stimuli which are preprogrammed. Instead of sitting idle until a human performs an action the machine can recognize, the machine will be able to "think" and "reason" outcomes. While "thinking" and "reasoning" can be considered the height of intelligence, the goal of artificial intelligence is just that, to create mechanical objects that can interact, rather than react.

The concepts of thinking and reasoning, in terms of artificial intelligence, do warrant some thought as to the negative implications that can result from improper use. Fears abound concerning a world where machines rule and humans are second-class. A machine with a sense of awareness has the potential for evil in much the same way as it has for good. However, with the proper understanding and responsible implementation of artificial intelligence, most of the fears can be alleviated. Artificial intelligence can be viewed not as a detriment to mankind, but as a benefit.

The benefits of artificial intelligence will revolutionize the way humans conduct themselves. Imagine a world where humans hold conversations with computers rather than just typing characters, or a world where automobiles respond to changing weather and road conditions, all the while determining the fastest, shortest, and most scenic route to work. Moreover, consider a world where after a long day's worth of work, humans will be able to come home to a favorite meal prepared by various kitchen appliances. Each of these situations is conceptually possible in the near future.

In order to convert conceptualizations to reality, much more work and research must be conducted to develop the field of artificial intelligence. Efforts to map human thought patterns and brain activity must continue and advance. If human intelligence is the measuring stick by which artificial intelligence will be judged, a tremendous amount of work must still be done to achieve the goals.

Labels:


Read the complete text of this post

posted by The Voice at 9:20 PM 0 comments

 

Check out the Voice Over the Wall Store, Powered by Amazon.com

copyright 2003-2007, VOTW

all rights reserved.