No Pattern in Network Security Alerts? You tell me.

Given my blog is being constantly attacked and throwing alerts to my monitoring system, I just thought I’d put this visual out there in case anyone thought it was “fake” news.

Yes, yes, I have backups and backups of backups and backups of backups of backups offline, etc…. Plus redundant logging with IAM “write / not read” permissions, encrypted and pushed to accounts I don’t even have access to.

Recent security alerts on my blog (all blocked, but recorded) for your viewing pleasure.

Note the security legend on the lower right.

And yes I am omitting the time-frame and cropped out other specifics because that is common sense. But you get the point.

This is a continuous attack. And this is how brazen people become when you don’t defend yourself. We need to defend ourselves.

This is a a hassle. And not a good use of American minds, or anyone’s for that matter.

Trickle down economics might not work, but trickle down inventions sure as hell do (Edison? Tesla? Einstein? The kid next door? What could she be inventing if not being distracted bs?)

A third of Coronavirus patients admitted to ICU – Lancet Medical Journal – Jan 2020

A familiar cluster of pneumonia associated with coronavirus
progression of the Coronavirus in a patient over time
This is the progression of the Coronavirus in a patient over time. This is why we quarantine.
https://www.thelancet.com/action/showPdf?pii=S0140-6736%2820%2930183-5

I’m stunned by this: “Lancet, the British medical journal, published an article in January, based on studying a small group of patients, which found that a third of people (infected with the coronavirus) had to be admitted to intensive care units.”

The reason that stuns me is it is from January and it is now March. We lost significant time in responding to an obvious issue of a lack of Ventilators and ICU beds are vastly insignificant for that level of infection.

That quote on Covid-19 is from today’s NEW York Times article March 20, 2020 titled “Behind the Virus Report That Jarred the U.S. and the U.K. to Action”

https://www.nytimes.com/2020/03/17/world/europe/coronavirus-imperial-college-johnson.html

Statistics from the Imperial College of London predicts what an uncontrolled spread would mean. This data is from the WSJ article (this will NOT happen, this shows what COULD have happened without non-medical intervention.)

  • 510,000 deaths in Britain
  • 2.2 million deaths in the United States

I repeat – the ABOVE predictions will NOT happen because of non-medical intervention. It does represent what could have happened. And the final numbers, while less than the above, will be greater than they needed to be.

Back to the WSJ article:

The (now debunked) theory (ignoring coronavirus) is that this would build up so-called “herd immunity,” so that the public would be more resistant in the face of a second wave of infections next winter.

Dr. Ferguson has been candid that the report reached new conclusions because of the latest data from Italy, which has seen a spiraling rate of infections, swamping hospitals and forcing doctors to make agonizing decisions about who to treat.

My opinion: Let me translate the phrase “build up ‘herd immunity’” – because I went to Texas A&M with a BS in POLS and my wife is an Agricultural Science major as well. “Herd Immunity” basically means building up immunity, in the absence of a vaccine, “culling of the herd” or “survival of the fittest” or “the weak or those predisposed to the virus will die.” – Ed

And….

“Based on our estimates and other teams’, there’s really no option but follow in China’s footsteps and suppress.”

My opinion: Let me interject here again. If the public had known that up to 1/3 of all patients with the coronavirus needed treatment in an ICU with ventilators, I’m going to guess we wouldn’t be where we are now. Back to the article. – Ed

…the burden on hospitals was clear as far back as the original outbreak in Wuhan, China. Lancet, the British medical journal, published an article in January, based on studying a small group of patients, which found that a third of people had to be admitted to intensive care units.

I can’t help but feel angry that it has taken almost two months for politicians and even ‘experts’ to understand the scale of the danger from SARS-CoV-2,” said Richard Horton, the editor-in-chief of Lancet, on Twitter. “Those dangers were clear from the very beginning.”

(PDF on Coronavirus from Lancet, search for more.)

My Opinion: My understanding from reading the above article, is that the Lancet feels their advice was ignored for two months and our leadership didn’t take it seriously, causing greater pain. I get that.

This is what your lungs look like with the Coronavirus (Covid-19)

COVID-19 Lung Scans Through the Treatment Process
https://www.thelancet.com/action/showPdf?pii=S0140-6736%2820%2930183-5

Like all Global Citizens, I believe we are in an unprecedented time. I hope and pray the miracle of humanity can solve this pandemic as soon as possible.

I’ll do my part as best I can. – Ed

Coronavirus DIY Facemask Test

diy protective mask for coronovirus

In Houston the Coronavirus (COVID-19) response has been quite aggressive. And as the third largest metro area in the US, it should be. I get it. Mostly we are quarantined in place except for grocery store runs and emergency needs. (And we can walk the dog, but that’s about it.)

The paper section in the Walgreens across the street looks like this

Walgreens paper goods in Houston

This led to research on what we could do and turned up two interesting pieces of knowledge about the coronavirus.

A) How long is the coronavirus contagious or viable by surface. As in how long can it be there and still infect you?

  1. plastic = 3 days
  2. Stainless Steel = 3 days
  3. Cardboard = 1 day
  4. Copper = 4 hours
  5. Airborne = 3 hours

They don’t mention wood, which maybe varies by paint, varnish, etc.

Copper is the winner. Cardboard three times better than stainless steel is bizarre as well.

Source: https://apple.news/ATWmOdE4STTmvJCBdURGDTQ

Next up, if you can’t get a mask for when you do go out, how do other materials compare to a medical mask?

Clean vacuum cleaner bags were a close second to surgical masks, but in the end they conclude you can barely breath through them so use two cotton “tea towels.”

Two Cotton Tea Towels are best after a real mask.

Thus began an insomnia driven test to try and create a coronavirus diy mask from a tea towel with no power tools. It started like this:

The real mask before photo

Then the build process using paper as my makeshift mold.

My materials.

The Ghirardelli chocolate and wine are a tip of the hat to my friends in San Francisco on complete lockdown. Those aren’t technically necessary to make the DIY coronavirus mask, although they do help.

Gave myself extra room
Rough initial stencil
Evolution of mask into 3D space with tale

In the above photo the template is overlapping and kind of mushed into the real mask so I could get an idea of the shape of the masks. They are not circular because your face isn’t a flat circle either.

Initial stencil with original mask on top for comparison
Applied to the fabric, then used the fabric to make the second layer via singer iron-on stick tape. You could use pins

Then a whole bunch of adjustments and cuts happened at the fabric level during hand sewing. The SINGER iron stick is a temporary way to hold fabric together, but definitely not strong enough to be a permanent join. But it’ll hold it together long enough for you to stitch it up.

Rough cut comparison of the diy coronavirus mask and the original.

The straps on my version are the edges of the towel because I didn’t have any elastic bands that long, and if people in countries with limited supplies available, the straps seemed more realistic.

A truly rustic looking diy coronavirus mask

It’s hard to tell in the photo above but between the two layers there is a small wire bent to the approximate shape of the bridge of my nose just like the more flexible one that comes on the real masks.

And the final result

My advice? Buy it if you can.

It looks amateurish, I look ridiculous, but it’s waaaaay better than taking the BARTT in SF and wondering if the person coughing is giving you an infection.

Update: I received some questions about what I used for the metal “nose bridge” so I’m adding further details.

For me (easier way below) I go by autozone at the end of a rainy day and pull the broken / discarded windshield wiper blades. If you rip them apart there are two thin, but very sturdy, pieces of metal attached to the rubber part. (they make great tension wrenches.) mine looks like this when sewn in place in between the two layers of the cotton kitchen towel.

DIY Coronavirus Face Mask Nose Bridge

Easier alternative: bend paperclips like this:

For Comparison, Paper Clips vs. Scraps from Wipers
Bend the paper lips twice. This is step 1, then twist.
Overlay the paperclip nose bridge to the length you want
Wrap paperclips in tape to avoid sharp edges.
Wrap them in tape and cut off excess tape
Bend to shape. Actually much easier than my original

Pro tip: when I do a DIY project like this I usually hand sew them using dental floss. Yes “Dental Floss” because it’s always around and stronger than most threads.

CoronaVirus – Markets Move on Emotion not Fundamentals

Now we see fears and the reality of coronavirus hitting the markets hard.

coronavirus

I’ve said it before, so this is repetition, but worth repeating. Stock markets move on emotion much more than the fundamentals. Companies are overvalued because there are more people with more money in pensions and the money has to go somewhere.

Stock Market Movement with Coronavirus Last two weeks

Source: https://www.msn.com/en-us/money/markets

I also highly recommend this informative thread on twitter regarding research on coronavirus so we can all hopefully keep it in perspective. It’s linked with more detail on my linkedin at https://www.linkedin.com/feed/update/urn:li:activity:6641792800314675200/

Your 2nd Amendment Rights Are About to be Taken Away by the Senate

This is a crosspost with editorial commentary (by me) from https://blog.tendenci.com/mlk-day-2020-read-the-docs/ . I wrote that post, and given this is my personal blog I’ll add a bit more of my opinion on the topics of today, **

Disclaimer: I’m a programmer and an established businessman with a long history of accomplishments and contributions to the global community. But mostly to America as that is where I am a proud citizen. I’m an independent because I grew up on Army bases throughout the world and in the Military (I have *not* served, my parents and brothers have), we were taught to NOT be partisan. TAMU reinforced that. It forces you to THINK. I’m not allowed to be a sheep to any cult on either side. And because I LOVE my country, that’s how I roll. Deal with it or stop reading. For reference, eschipul on linkedin

Let’s start with this. The US Senate is about to take away your Second Amendment rights to bear arms. Yes, read that again. We are going to lose our right to bear arms. Guaranteed.

Why? Because we can’t just pick and choose which parts of the Constitution we want to follow. Logically, if you do that, when a new “King” takes over, they will strike through the articles and amendments that THEY don’t like.

Yes, the “conservative” party (a misnomer as neither party is conservative or liberal if you actually read their party planks) is missing the fact that if you ignore the part of the Constitution at the request of one branch of the government, then ALL of the constitution is subject to dismissal by future Executive Branch leaders.

If this becomes true, which we all hopefully pray it doesn’t, we will have become either a monarchy, a dictatorship, or an autocracy. (Think Cuba under Castro.)

The Title of Nobility Clause is a provision in Article ISection 9, Clause 8 of the United States Constitution,[1] that prohibits the federal government from granting titles of nobility, and restricts members of the government from receiving giftsemoluments, offices or titles from foreign states and monarchies without the consent of the United States Congress. Also known as the Emoluments Clause, it was designed to shield the federal officeholders of the United States against so-called “corrupting foreign influences.” The clause is reinforced by the corresponding prohibition on state titles of nobility in Article I, Section 10, and more generally by the Republican Guarantee Clause in Article IV, Section 4.[2]

https://en.wikipedia.org/wiki/Title_of_Nobility_Clause#Presidential

Let’s start with “Freedom of speech.” That means if I start a company, and grow a following in social media or whatever, I can express my opinion, right? So this is me saying that Dr. Martin Luther King Jr. personified the leadership I expect of my elected officials. And he wasn’t elected – he was a LEADER.

Was MLK a perfect man? Of course not. But daaaaaammmnnn, he was patriotic. He understood that strong resistance to social injustice is STRONGER when it is done PEACEFULLY. That is strength.

Dr. King’s actions, peaceful and strong, are what makes America great. Not the valuation of the top 1%’s investments.

The American experiment is about PEOPLE. You, me, all of us. Together. As RFK stated.

Yes, obviously we must stand with a strong military behind a voice of reason. But that amazing power requires rational leadership. And real power comes from truth. To find truth, in a country ruled by LAW, you can’t ignore subpoenas. The Mafia does that.

Martin Luther King Jr. addresses a crowd from the steps of the Lincoln Memorial where he delivered his famous, “I Have a Dream,” speech during the Aug. 28, 1963, march on Washington, D.C.

On this day, on Martin Luther King Jr. day 2020, we encourage everyone to read Dr. King’s speech.

Don’t read the news “about” it. Read the docs! https://www.archives.gov/files/press/exhibits/dream-speech.pdf

That is the end of the post on blog.tendenci.com, the company blog. It also ran as the masthead on https://www.tendenci.com yesterday and was posted to all of our social media accounts.

As a true patriot and believer in the American dream, I must speak out as I see bipartisanship and an American public accepting the replacement of the K-street swamp be replaced by an even more corrupt corporate swamp of national intrigue. I’m disappointed in us.

What do I ask of you? I have no authority or ability to ask anything of you, except rationality.

Understand this: if the Senate ignores the facts, refuses to hear the facts, refuses to read the documents, not only will you lose your right to bear arms, but the very fabric of our country will be shredded and we will truly be subject to tyranny of the majority.

And being raised Catholic, people who were also persecuted in the global tragedy of WWII, American “dough-boys” who literally saved the world, will have succeeded only briefly. Only to see our rights thrown out the window by a reality TV personality.

In closing: to those who think I am “flip flopping” – I am not. The data has changed. Only a fool doesn’t change their views when their data changes. I don’t suffer fools. Nor should you. We will not only lose lose our 2nd Amendment right to bear arms, but the supposedly conservative party will have distorted the constitution to make all rights “questionable.”

** The great fool is he in whom we cannot tell which is the conscious and which the unconscious humour; we laugh with him and laugh at him at the same time.

https://en.wikipedia.org/wiki/Suffer_fools_gladly

Microsoft Worm Exploit Danger and Huawei Unintended Consequences

NSA Advisory

From the article titled: Warnings of world-wide worm attacks are the real deal, new exploit shows

It was posted Tuesday by Sean Dillon, a senior security researcher and RiskSense. A play-by-play helps to underscore the significance of the feat.

https://twitter.com/zerosum0x0 and reinforced by the NSA:

Source: https://arstechnica.com/information-technology/2019/06/new-bluekeep-exploit-shows-the-wormable-danger-is-very-very-real/

“It’s these last six seconds (of the video) that underscore the danger posed by the vulnerability, which according to Internet scan results posted eight days ago remains unpatched on almost 1 million computers. The flaw, which is indexed as CVE-2019-0708 but is better known by the name BlueKeep, resides in earlier versions of the Remote Desktop Services, which help provide a graphical interface for connecting to Windows computers over the Internet. A much more detailed blow-by-blow is here.”

(It) Only takes one unpatched system to spread

Last Friday, members of the Microsoft Security Response Team practically begged organizations that hadn’t patched vulnerable machines to do so without delay, lest another WannaCry scenario play out. “It only takes one vulnerable computer connected to the internet to provide a potential gateway into these corporate networks, where advanced malware could spread… officials with the National Security Agency on Tuesday echoed Microsoft’s warning. The video posted by Dillon, particularly in the last six seconds, demonstrates that the danger is in no way exaggerated.

If the intermingling of Mimikatz and a critical Windows vulnerability to devastating effect sounds familiar, it’s probably because that’s how another paralyzing worm, dubbed NotPetya, managed to wipe out entire networks. According to an analysis from Kaspersky, NotPetya, which is regarded as the most expensive malware attack in history, used the Eternal Blue exploit developed by and later stolen from the NSA to exploit one or more vulnerable machines. NotPetya,

and

In the NotPetya analysis, Kaspersky researchers wrote, “IMPORTANT: A single infected system on the network possessing administrative credentials is capable of spreading this infection to all the other computers through WMI or PSEXEC.”

Source: https://arstechnica.com/information-technology/2019/06/new-bluekeep-exploit-shows-the-wormable-danger-is-very-very-real/

My Thoughts on EternalBlue, BlueKeep and Why These Are Human Problems

Closing thoughts: NOT all countries can realistically afford the cost of the Windows Operating System in their schools. But without that experience they can’t compete, so they use hacked versions. If you lived in Indonesia or Mongolia, what would you do?

Those companies, with employees using hacked system in countries of different economic status, are possible subcontractors for international global leaders (like Maersk for example). They are the weak leak, because a hacked Windows system can’t be patched.

To be clear: I do *NOT* agree with software theft. But I also don’t agree with sloppy work on the part of our security agencies that have the resources to secure the nuclear weapons of the cyberwar that are being unleashed against not just the US, but the world.

We all need to stop and think about the overall situation. I believe the existential threat of EternalBlue, a gift that keeps on giving, is that it was an American agency funded by the US tax payers that did not report the vulnerabilities to an American software company. For years.

Unintended Consequences of Huawei and Google Android Patch Ban (possible)

Bonus Round: What if nobody can patch their Android phones, or at least half of them? That would be awesome. Or not. And that looks like a definite possibility in the near future if Google cuts Huawei off from Android patches per US restrictions.

We can reduce mass shooting with AI, Robotics and Non-Lethal Defense

Robotics and AI to Respond to Mass Shootings

Mass shootings are a horrible American phenomena. We have a problem with guns crossed with an overly aggressive society. I believe the number of mass shootings *can* be reduced even if our politicians won’t act on gun control. How? By using AI, Computer Vision, and non-lethal robotic responses to help people fight back against shooters. A summary of robotic self defense of soft targets like schools against shooters 24 seconds:

There are many details. Yes, it’s complex as hell. I KNOW. HELP US.

Because it IS possible to “help people fight back.”

An MVP model for robotic self defense is as simple as a human who points at the bad actor from a remote location on their iphone/android and activates the wall mounted robots. The robots, under human control, act in unison to disorient the shooter. Yes, it still requires a human response against the shooter. But we don’t have a damn thing right now. Can we just admit that our babies, our kids, our kids’ teachers are the first responders before the first responders get there?

We can possibly defend ourselves, and AI can help us using non-lethal means to defend ourselves, to enable our kids in their schools to defend themselves, when some evil person brings in an AR15 to attack the innocents. We CAN fight back.

Starting SOMA Robotics is why I went to San Francisco for the last year. To try to get funding to save lives.

I failed.

I don’t know the game. But surely someone out there does. Please?

I’ve been busting my ass trying to get funding for Tendenci in the valley since 2011. As I’ve said before, I have a phd in f’n up. Yet damnit, this might work. Right?

I still believe that we CAN reduce the impact of mass shooters at schools and other “soft targets” using existing technology.

Watch the video. Slow it down and then if you think it has potential, the potential to help US THE PEOPLE, THE KIDS, FIGHT BACK before our heroic first responders arrive, then please HELP ME.

This isn’t about the money, it’s about the kids.

Email Subject lines, links and numbered lists – Communicate with clarity and respect

The burden of communication is on the communicator; not the recipient.

Therefore proper email communication and email etiquette is for YOU to use

  1. Use active and strong subject lines – be exact
  2. Link to exact content or web pages – nobody has time to google it
  3. use numbered lists – numbered lists in email define priority
  4. limit use of bulleted lists – bulleted lists in email are for the lazy communicator

Further, try to use reasonably short paragraphs. Use these guidelines on how to write a decent email that might actually produce results.

Seals at La Jolla in California
Seals at La Jolla in California

Specifically email communication must use:
  1. Email Subject Lines – all emails need a well articulated and relevant Subject Line.
    1. Examples of good email subject lines:
      1. Client X going live on Tuesday July 29 before Friday Board Meeting
      2. Training help file on email etiquette posted on eschipul.com
      3. “Feast with the Beast” Presale Facebook AD text (sent to the zoo)
    2. Bad subject lines torture your coworkers with anxiety which lowers morale and greatly reduces profitability.
    3. Every time an email is sent with a bad subject line, a baby seal dies. This is sad. Save the baby seals! Use good subject lines!
  2. Links to the EXACT content or subject because ease of use changes behavior.
    1. Ease of use changes behavior. Without links people will NOT click through to see the work that has been done.
    2. It is rare that an email goes out that is truly not about SOMETHING that should be linked. Yes exceptions occur, but they are rare exceptions. Link to what you are talking about. Or don’t waste other people’s time if you are just that lazy.
      1. Think about it. It is not your coworker’s responsibility to overcome your unwillingness to copy/paste a link from a site you are probably looking at when you sent the email!
    3. Every time an email is sent without relevant and specific links, a baby seal dies. This is sad. Save the baby seals! Use links!
  3. Numbered Lists – organize your information.
    1. Bulleted lists suck – bullets are fundamentally evil because they do NOT convey priority by the sender (YOU!). Yet the recipient invariably starts at the top assuming this is in fact the top priority.
    2. Numbered lists with priority 1 being first – The value of forcing yourself to use numbered lists is that the sender (you) must organize your thoughts before confusing everyone else. It has been my experience that most people do not “order” bulleted lists but numbering makes them think about it.
    3. Raise your hand if you like numbered lists! Now raise your other hand so things balance out. Or to put it another way – be kind to people who need this structure. It benefits you if people understand your message. Embrace diversity including “diversity of types of thinkers.” Structure and prioritize your content in email communication, or really any communication.
  4. Use Short Paragraphs – with rare exceptions
    1. Shorter paragraphs with strong subject sentences greatly increase reading comprehension.
    2. Speed readers tend to read the first sentence of a paragraph and use that to make a decision if they should bother reading the rest. Shorter paragraphs means more of your message is consumed regardless.
    3. They force you to organize your thoughts before wasting everyone else’s time!
  5. Don’t use Nickel words – save them for scrabble
    1. To repeat – the burden of communication is on the communicator, including in email, not the recipient. While it is possible to write in tongues, this needlessly reduces comprehension.
    2. But don’t oversimplify an email as that just make it more confusing. Just make it as simple as possible and no simpler.
    3. If you must use an idiosyncratic word – well – LINK IT!
We all value our time. You do. I do. Everyone does. So it frequently seems expedient to send an email quickly without thought. The problem is the person receiving these emails might be receiving 500 emails a day and there is no way to Get Things Done without more data.
For example assuming you – not putting a decent subject line – costs each recipient 1 extra minute of time to comprehend (if they give you this minute), then an email that saved you 1 minute, just cost a company of 30 people 29 minutes of billable time. This is very real money. And these are very real emotions on the part of the recipient.
Don’t be mean; take the time to write decent emails. Or don’t speak.
[Note: this was an internal company help file for years, I probably wrote it around 2002 or 2003. This is just me reposting it for public consumption.]
[Update: You may also want to check for readability. I blogged about the gunning fog index here.]

radiation + north pacific gyre = bad

I don’t think we are even close to fully understanding the Nuclear crisis unfolding in Japan. Just read this on CNN:

Radiation in water rushing into sea tests millions of times over limit
Tokyo (CNN) — Another attempt by Japanese officials to stop the leaking of highly radioactive water from a nuclear reactor into the ocean failed Tuesday, the country’s Nuclear and Industrial Safety Agency said.

Both the utility and Japan’s nuclear safety agency say they don’t know how much water is leaking into the sea from reactor No. 2. But engineers have had to pour nearly 200 tons of water a day into the No. 2 reactor vessel to keep it cool, and regulators say they believe the leak originates there

Earlier Tuesday, Edano apologized for the decision to intentionally dump 11,500 tons of radioactive water into the sea — all part of the effort to curb the flow of the more toxic liquid spotted days ago rushing from outside the No. 2 unit.

Yup, they don’t know how much water is going into the ocean. Although I’d guess it is about the same amount as has been dumped into the reactor from helicopters and fire hoses.

Here is the problem for those of us in the states. The North Pacific Gyre is the largest ecosystem in the world and it circles between Asia and the West Coast of the US of A. So when you hear “don’t know how much water is leaking into the sea” and “had to pour nearly 200 tons of water a day into the No. 2 reactor vessel” and “intentionally dump 11,500 tons of radioactive water into the sea” it starts to become our problem very quickly.

We have some experience recently on trying to take the pee out of the pool. The use of chemical  dispersant apparently helped. As did microbes that eat oil (who knew?). The problem with Radiation in the water is a bit different for a number of reasons.

  1. Currents. The  Deepwater Horizon was in the Gulf of Mexico which has a loop current, but for the most part the oil didn’t make it even to Florida. The Pacific also has a loop current but the loop goes between Asia and the United States quite efficiently.
  2. You can’t see radiation in the water. You can’t fly a plane over the ocean and see a sheen like you can with oil. You can detect radiation, but only people with the right equipment. Thus citizen journalism and distributed responses aren’t possible from civilians.
  3. You can’t control fish. They swim where they want to swim. And many swim all over the world. So beyond the currents dispersing the radiation, you have radioactive fish. Does Pike’s Place Market put in a  Geiger  counter? How long till Amazon is sold out?
  4. Japan makes a lot of stuff. We like to buy stuff. But we prefer if it is radiation free. Not sure how the economics on this play out.
  5. Japan makes a lot of pharmaceuticals. Will consumers continue to trust these products? From wikipedia:
    1. In 2006, the Japanese pharmaceutical market was the second largest individual market in the world. With sales of $60 billion it constitutes approximately 11% of the world market.[2]
  6. China makes a lot of steel. We buy it. They unfortunately share an ocean with Japan. And even more unfortunately a tremendous amount of water is used in the steel manufacturing process. Is the source freshwater or ocean water? And if ocean water then how does this play out in the steel market.
  7. Culture. In Japan shame is handled quietly according to everything I have read. As Gladwell explains, a culture of deference can be deadly in a crisis. So what little we know coming out of the crisis right now is suspect. It is not that the facts they are telling the world aren’t true. It is the “what are they not telling us” that scares me.

And now I guess we should all check the WSJ to see when Berkshire Hathaway buys the leading non-Japanese manufacturer of  Geiger  counters. Because sadly the ones from Japan might be detecting themselves.

What do I think will happen?

I don’t really know. What I hope is that given the majority of the planet is ocean, that the amazing creature that is our living ocean will be able to absorb the radiation and disperse it to safe levels. What I hope is despite the folly of man, nature will once again protect us. That is what I hope. And I continue to pray for Japan. Both for the victims of the  Tsunami  and now as victims of a nuclear disaster.

 

Technology and Crisis Communication Panel at SXSW. Vote?

SHORT VERSION:

Please vote for my panel at SXSW DON’T PANIC ““ The Geek’s Guide to the Next Big Crisis

LONG VERSION:

A little more than four years ago I wrote my first blog post. It was about the need for a form of Emergency RSS. We can share celebrity gossip headlines through feed readers faster than we could use technology to respond to a crisis. And this was an important point as I started blogging in 2005 right after and in response to a need to share after Hurricane Katrina. Katrina Lower 9th Ward PhotoCrisis response and crisis communication has always been a passion of mine, and seeing our government’s mostly failed response in New Orleans compelled me to start blogging and contributing where I could.

Running the company I chose to stay in town during the Hurricane Rita evacuation. While Rita did not hit Houston, instead crushing the gulf coast near Beaumont with little news coverage in the wake of Katrina, we did learn from the Rita evacuation. We used a wiki page on Tendenci (our software) to track down all employees. Employees on the road, which for some of them was 10 to 20 hours during the evacuation, would text their manager’s who then updated the wiki to account for everyone. We quickly knew everyone was OK.

Then last year we prepared for Hurricane Ike which went over our town. When the storm hit the ONLY thing that worked was SMS messaging. No power, no water, no data, no TV. Just radio and text messaging.  Hurricane Ike hits at nightLuckily we had set up a product called Yammer, which is like Twitter for your company (and they have a business model) and we were able to keep in touch. Data services, which is what your cell phone depends on to get to web pages, went down. Voice went down. The only thing that allowed us to keep in touch with all of our employees and their families was text messaging sent directly and through Yammer.

We learned a lot about the role of tech in a crisis combined with human behavior. Example – an employee’s cell phone would die. They would use someone else’s cell to text a message to their manager saying “we are OK and staying near College Station”. Except that is ALL they would say. We didn’t recognize the number and had no idea WHO sent it! The solution was to train all of our people to put their NAMES at the end of each text message. Seems like a small thing. It is. But it makes it possible to do a head count!

Since 2005 our firm now does the web site for the Houston Red Cross and Reliant Park, both of which are key for Houston Emergency Response planning. We have the privilege of working with Firestorm Crisis Communications and Preparedness and long time clients like crisis communicator Dan Keeney. I have attended Netsquared Houston meetings when David Geilhufe taught us about People Finder Information Format. And I work with people like Jonti and Katie who have helped all of us set up our ICE cards for our families.

Now I need your help. I’d like to continue the dialog on Social Media and Emergency Response. What IS the role of twitter beyond updates? What are the alternatives for Yammer? Is there a cost effective solution for businesses and families? We have come a long way, so let’s talk about it.

PLEASE VOTE AND COMMENT on this SXSW Panel I hope to moderate. Without your vote and your comments the panel might not make. And I believe in this topic too much to see that happen. Spare a minute? Please VOTE!

DON’T PANIC ““ The Geek’s Guide to the Next Big Crisis

Are you and the people you care about prepared? Our panelists will share their crisis stories and tell you how to be ready, both online and offline. PFIF, Yammer, Facebook and iPhones ““ the technology and strategy is there and getting better, so let’s take it to the next level.

  1. How does emergency response and communication relate to the Web? Do developers and small business owners really need to care about Crisis Communication?
  2. How can our emergency teams (fire, ambulance, police, etc.) benefit from standardized data sharing? What can I do about it?
  3. What does the rise of Mobile Web mean for the next natural disaster or other catastrophe?
  4. What tools (Web, mobile and otherwise) are out there right now that my family, friends and company should be using now?
  5. As a geek, what are 5 things you should do TODAY to keep your family safe and your business running when disaster strikes?
  6. If practice makes perfect, what kind of drills and regular training should your business be doing right now that won’t break the bank or kill your billable hours?
  7. What are some of the technical lessons we learned from Hurricane Katrina?
  8. Tech and communication stories and lessons from Virginia Tech, Hurricane Ike and beyond…
  9. What is a crisis to you and how do you strategically and technologically deal with it internally and for the rest of the world to see?
  10. How can you best identify your strongest and most reliable communicators and rock stars during times of crisis? How do you deal with employees that book it and vendors that disappear?

Why am I doing this?

Well, it isn’t for business as I have no financial ties to yammer or twitter or any other messaging services. Tendenci is a content management system that powers associations and sites like the Houston Red Cross, but they are already customers. And ANY emergency response technology must be open source for maximum adoption long term. I just believe passionately in our need to share information and I think technology can help with crisis communication. Social media sites like Facebook and Twitter bring a lot to the table. If you, like me, are passionate about this, please vote for the panel “DON’T PANIC ““ The Geek’s Guide to the Next Big Crisis” and I hope to see you in Austin next March!

Firestorm: Plan. Predict. Perform. with General Honore

Yesterday I had the honor to participate in a hurricane and disaster preparedness Webinar with (client) Firestorm and the distinguished Lt. General Honore.

Katie live-blogged the Predict Plan Perform webinar on the Schipul blog here:

Families trump business ““ you must have a plan in place to make sure all of your employees are covered at home. More than 95% of polled employees do not have a plan for their families, or just focus on a single risk and do not take into account more than one potential disaster or occurrence.

Almost 2/3 of companies that have gone through a disaster have lost business. 40% of those businesses never re-open and 25% fail within 2 years after a disaster.

Read the emergency response blog post recap on the schipul blog here.

Tribal Citizenship Behavior

When a crisis occurs, like a hurricane hits your city or the country freaks out about the swine flu, part of a leaders job is to protect the tribe. To do that, the people have to be prepared. The first priority must then be to make sure every member of the tribe is prepared to take care of their family. Katrina made this concept clear:

The New Orleans police chief says some of his officers may still be trapped in their homes and he’s not sure how many walked off the job.

Walk off the job? Police!? Obviously family comes first. Or people won’t show up to work no matter how critical their job is because no job is more important than your family. Step one is to have everyone develop an “in case of emergency preparedness family plan“.

Assuming someone is prepared as best they can be, then what makes them a “team player” as they say. Well, as usual, “they” is wrong in that the phrase “team player” is like comparing the word “violin” to “Stradivarius”. What you REALLY want from your tribe members, peers, friends, etc, whether you know it or not, is far more nuanced that the phrase “team player” suggests. You want someone who is “cool with the tribe” and supports you ALL!

caroline-tribeA bit of research led me to the Distributive, Procedural and Interactive Justice scales by Niehoff & Moorman. If they weren’t academics they would call it a way to quantify employee satisfaction. But that isn’t really what I am after. More digging made me realize that the academics call what I am after, perhaps theirs is more narrow in scope, but they call it “Organizational Citizenship Behavior.” This criticism of Organizational Citizenship Behavior questions if good OCB is in fact in the best interest of the organization! But I’ll leave that to another day. For now OCB is comprised of four elements (from the above link):

OCB has four separate, but related behavior elements that differ in their target and direct objective.   It is believed that the indirect objective of all OCB is the benefit of organizational goals (Organ, 1988).   In a theoretical typology developed by Graham (1989; Moorman & Blakely, 1995; Moorman, Blakely, Niehoff, 1998) OCB categorizes into four types:

  1. personal industry,
    1. (the extent to which an individual performs tasks beyond the call of duty.   Employees who spontaneously work overtime, put in extra hours on a project, or volunteer to take on new projects are engaging in personal industry.)
  2. loyal boosterism,
    1. (the promotion of firm image to outsiders.   An employee that spontaneously compliments his employer to a member of another firm, a friend, or any stakeholder displays loyal boosterism behavior.)
  3. individual initiative,
    1. (communicating with others in the organization to improve individual and group performance) and
  4. inter-personal helping.
    1. (An employee, recognizing that a co-worker might benefit from possession of a piece of information, such as a sales contact, technical information, or market tip, and passing on such information without the other asking for it)

and

To summarize, OCB consist of non-obligatory, informally influenced behaviors.

I translate that last part to say what OCB is referring to, is stuff you do to help the organization that isn’t in your job description. It’s the stuff that makes life pleasant, like buying a Nerf Gun refill pack for your unarmed co-worker to make cubicles-war “fair” again. That stuff.

I think what I’m looking for is really a Tribal Citizenship Behavior index. With the definition of tribe being more loosely defined than just the employees of a company. A tribe that has even low clustering coefficients – meaning loosely bound.

Anthropologist Michel Maffesoli appears to have coined the term Neo-Tribalism which Wikipedia defines as:

Neotribalism is the ideology that human beings have evolved to live in a tribal, as opposed to a modern, society, and thus cannot achieve genuine happiness until some semblance of tribal lifestyles has been re-created or re-embraced.

Tribes are not organizations, at least in the context of OCB as I understand it. An easy example; in tribes people have distinct roles including that of the cynic who provides constant creative tension. Yet the cynic DOES add value in times of crisis because they foresee the need for batteries, chain saws, and medical masks before a crisis. While not wildly popular perhaps, they fix the weakest link in a tribe at specific times. Maybe a score of 5/10 on a day-to-day basis on the OCB scale, but a 10/10 for Tribal Citizenship Behavior when the *&@#! hits the fan! This need to remain loosely joined (a clustering coefficient closer to zero) quickly snaps back into place during a crisis (a clustering coefficient closer to 1 – we ALL know the guy with the generator after a Hurricane!).

I’ll keep thinking about this (of course) but I wanted to highlight two other concepts from OCB that we can borrow for TCB are dominant coalitions and technological change as a tribe restructuring catalyst:

Dominant Coalitions

A dominant coalition consists of the network of individuals within and around an organization that most influence the mission and goals of the organization (Cyert & March, 1963).   In theory, the goals of an organization flow from the chief executive officer, board of directors, or top management team.   However, the dominant coalition maintains an influence on goals through informal, rather than formal, channels.

When it comes to social media, public relations and tribal behavior, you have a unique problem. It is considered “uncool” to call yourself a “Social Media Expert“. And indeed like any other trend that goes mainstream, every new kid on the block joins in when their last trendy business dries up and becomes an “expert”. I overheard a conversation the other day that was “I didn’t follow her back (on twitter) because her description said ‘social media expert’ and she only had 22 followers!”. I wouldn’t have followed back either so I am part of the problem in a way.

The point is the “cool kids find it cool to deny being cool.” Or, the dominant coalitions in tribal citizenship behavior deny being influencers in the first place.

which ties into technology as follows

A technological change within an organization may provide the impetus for power changes within the organization.   Burkhardt and Brass (1990) studied the introduction of a new computer technology into a governmental agency.   They found that early adopters of the technology gained a significant amount of informal power in the organization, which could be used to join or enhance one’s membership in the dominant coalition.   Thus, such changes in technology could result in altered membership in the dominant coalition.

Or “The Geeks Shall Inherit the Earth.” If this premise is true it not only changes the complexion of the dominant coalitions and the tribe itself, but it is a biased change. By that I mean tech people are more introverted than extroverted, more logical than mathematical, tend towards aspergers, etc… In other words a different personality type has joined the dominant coalition. Perhaps a good thing! But a change to be noted regardless.

In conclusion, Tribal Citizenship Behavior (TCB, heh) can borrow heavily from Organizational Citizenship Behavior. Like OCB we can borrow personal industry, loyalty, initiative, people helping people.   We can try to measure dominant coalitions in a tribe. Measure intention which is always critical. But these aren’t enough because a tribe may not have a stated goal like an organization, beyond preservation of the tribe. Which, again, is why we start by personal emergency planning.

More posts on the topic of Tribal Citizenship Behavior as my thoughts evolve. I’d love to hear your thoughts on the topic?

Hurricane Gustav Comes to the Gulf, Invited or Not


1978 shipwreck
Originally uploaded by eschipul

As I type this, Hurricane Gustav is approaching
the coast of Louisiana, New Orleans has been evacuated, and Texas to
Alabama are on watch. It has not made land fall yet, but social media
mavens are supporting solutions ahead of time. Social context charges forward, Obama made history and McCain inexplicably chose Palin as a running mate. And Palin rumors are spreading.

But what started this blog? It was being incensed by the crappy response to Hurricane Katrina. And a simple blog post saying, in 2005, that we don’t have an "RSS for emergencies that is widely accepted." From my Emergency RSS post:

To that end I want to state that we need a simplified RSS type system
to track data in an emergency.  No one site can handle all emergency
response.  Even if it could it would create a single point of failure.
We need something as simple as RSS, call it emergency RSS or ERSS, to
handle the needs that arise in an emergency.

It’s pretty clear I was a newbie blogger. No outbound links, but the
thoughts still hold, and the need still has not been met. The post on Emergency RSS continues:

With Katrina, which hit in 2005, what I observed were numerous sites
heroically put up, only to go down once they were picked up by the
blogosphere and the media.  Go here for help “¦ everyone does globally
including the curious from other countries “¦. Server dies.  Nobody gets
help.  Next site is suggested.  Repeat the process.
…..
I am not inventing anything here.  I am just screaming that we should have this in place for times of crisis already.

Since 2005 many many things in my life have gotten progressively better. But my original call to action for blogging is still unmet. And CAPS (Common Alerting Protocol)
is just too complex. If only Dave Winer lived in New Orleans, THEN we
would have a simple solution. Perhaps I am unfit for the task on this
one given it is now three years later.

In closing, thoughts, prayers and good wishes for the folks in the path of Gustav. Stay safe!

Note: That photo? It is a shipwreck blown ashore by a hurricane in 1978 in Dominica. The ship is still there. Not only have the lessons not been learned, but the ship remains on shore. Sad really.

Emergency Simulation – learning from exercises


  VIEW-MASTER: EMERGENCY 
  Originally uploaded by HoldThatTiger

Currently as I type this we are in the last few hours of our emergency simulation exercise for the second quarter. I do know that I have already learned a HUGE amount. Good and bad.

What is interesting about running exercises is how your adrenaline actually rises. And how obstacles you ignore for years become OBVIOUS. Which is the point of running an exercise I guess.

So will they complete by 5? Not sure yet.

I’ll post a write up in a few days. It will  have great commentary on emergency simulations like

"telemarketers who call on unknown numbers keep beeping in and you can’t tell if they are part of the simulation or not. So you have to answer. And it is very hard to keep your cool. This is compounded by the fact that they were calling on an IP phone from India and had no idea what I meant when I said "I am in an emergency simulation and can’t talk right now!" (they called back three (3) times)

Tornado Scare at the Pub


Tornado Scare at the Pub
Originally uploaded by eschipul

Fort Smith Arkansas. Killing a bit of time before going back to the hotel. Walking around taking pictures on Garrison Avenue in Fort Smith (see previous in series). It starts to rain a bit so I dash into the one open pub – Roosters.

The rain picks up a bit, but being from Houston I respectfully submit that I am more familiar with rain than the folks in Arkansas. We live in a swamp that got paved over for heaven’s sake! So there I am at the bar drinking a bud light. Listening to the locals and … well doing nothing.

A guy comes running back into the bar and hollers “Man, look at that!” referring to the rapidly picking up wind. The door to the bar being pulled open and the rain went horizontal in less than a minute. The speed was scary.

Next man says “funnel cloud” and “GET IN THE BASEMENT Y’ALL” – and (the rest of the story is on flickr here)

This Blog is Dead. Long Live This Blog.


Houston Transtar 2
Originally uploaded by eschipul

In September of 2005 I started blogging. It was a reaction, a response, to the events of Katrina hitting New Orleans. And the Houston response. We now know a city of 400k was reduced to 200k with many of those who left living in Houston. But I digress.

My first blog post on Emergency RSS is pasted below in its entirety. Two years later I must say that we haven’t made much progress towards this particular goal. More after the jump.

September 13, 2005

Emergency RSS Proposal

This blog, written by an amateur, will hopefully evolve to be interesting to
others as well as affect change on a global basis.   And the best way to
affect change globally is to start locally.   To pick up the cigarette
butt on the corner.   Cliche?   Sure, but damnit it works.

The biggest screamingly loud demand, need, I see in the world of
social software is a distributed method of responding to a crisis.   We
just had Katrina hit and she was a bitch by any measure.   Lives were
lost.   Pause on that sentence, lives were lost.   The most sacred thing
we are capable of creating or destroying, lives, were lost as a result
of poor human organizational skills.   I don’t want to know who accepts responsibility, I want to know that disaster is prevented before it occurs.

To that end I want to state that we need a simplified RSS type
system to track data in an emergency.   No one site can handle all
emergency response.   Even if it could it would create a single point of
failure.   We need something as simple as RSS, call it emergency RSS or
ERSS, to handle the needs that arise in an emergency.

Let me step back and repeat the basis for the need.   With Katrina,
which hit in 2005, what I observed were numerous sites heroically put
up, only to go down once they were picked up by the blogosphere and the
media.   Go here for help “¦ everyone does globally including the curious
from other countries “¦. Server dies.   Nobody gets help.   Next site is
suggested.   Repeat the process.

Yet when it comes to blogs and news we can easily replicate with RSS
our posts.   Even if one server went down, the outline of the content
would still be cached at feedburner or similar.   So if in time of
crisis 10 sites had relevant content of who is looking for what, who
needs what, who needs to be dispatched where, then if one goes down you
still have 9 sites up and replication of 100% of the content on each
node.   This is just like DNS.   I am not inventing anything here.   I am
just screaming that we should have this in place for times of crisis
already.

Continue reading “This Blog is Dead. Long Live This Blog.”

New Article on Schipul.com – Emergency Response Tools for Every Day Systems

Just posted a new article on Schipul.com here. It has been a few months since I wrote a full article although the team has been charging forward. The beginning of the article is below followed by a link out to the full article. I’d love to hear your feedback here or through comments on the site below the original article.

Pop-Up Emergency Response Tool versus Enabling Every Day Systems

NOTE: For disclosure purposes, it’s important to point out that our company has a software product called Tendenci ®
that includes a first responder module and emergency response
capabilities. Whether an organization uses Tendenci or not, I believe
the key to effective emergency response is to use familiar tools that
are widely deployed and accessible.

 

It will be through
extensive training, experimentation, practice and repetition, with
lessons learned properly applied, that assumptions will be validated or
found faulty, concepts proven or rejected, and the theoretical molded
into the practical ““ that process alone will yield the best practices,
policies, and procedures required for the effective employment of new
technology (for emergency response).

Lt.Col. Mark Stanovich, USMCR, Emergency Readiness and Response Research  Center
“Network-Centric“ Emergency Response

As a resident and a corporate citizen of
Houston, I have kept a close eye on the progression of hurricane
season. Despite dire predictions, we’ve had only three named storms so
far. At this time last year, we were already up to our 12th named storm. So we are cautiously optimistic.

Unfortunately, I am less optimistic about
the ability of communities throughout the Gulf Coast to leverage
technology investments in their response to the storms that will
inevitably come. Too many are relying on technology tools that sit
dormant until an emergency is imminent rather than deploying
multi-functional technologies that integrate emergency response into
familiar tools.

I believe there is a significant danger
with emergency response tools that sit on the shelf until they are
needed. Primarily the danger lies in three areas: training, reach and
access.

Full Emergency Response Tools Article here.