Given that most government articles go from zero-to-Obama in four comments or less, I've decided to steer far away from actual political discussion and simply discuss practical suggestions.

Some of you may know that I volunteer my time pro-bono to a 501(c)3 nonprofit known as the U.S. Strategic Perspective Institute. I was heavily involved in its creation and the process of getting IRS approval as a nonprofit.

The process itself is not easy, and not all that cheap. There are a ton of forms, and quite a bit of IRS interaction. All told, it took us almost two years to go from proposal and filing of our initial application to being granted 501(c)3 status.

Before I start with the tech tips, I'll give you one additional tip. Rather than retaining a general-purpose attorney, we retained a company that works specifically with the process of getting IRS approval, the Foundation Group.

They weren't cheap, but they probably cost less than an attorney. More to the point, when the IRS examiners came back to us with some baffling gov-speak questions, the folks at the Foundation Group knew how to interpret those questions and prepare full and complete responses. I can't recommend them enough. They were incredibly helpful.

Okay, so now some quick tips.

Free hosting

Outreach is incredibly important for a nonprofit, and while Web site hosting isn't terribly expensive, it's nice to be able to get it for free. If you've got your IRS determination letter, a number of hosting companies will provide you with either free or discounted hosting. One such host is the one one USSPI uses, DreamHost.

Google for nonprofits

Google has a number of services and even a grant program for nonprofits. Once again, you have to be an established 501(c)3 with your determination letter, but once you are, consider applying to Google for Nonprofits.

Scan everything

These days, there's no real excuse to have a pile of paperwork. Nonprofits need to run lean and mean. Rather than filling an office with file cabinets, buy yourself a scanner like the Fujitsu ScanSnap (I own two of them).

When I bought the device, it came with both a free copy of Adobe Acrobat and a year of Evernote Premium. Evernote is an ideal tool for operating a nonprofit, since you can share out notes or notebooks to just board members, or to the entire organization -- making everything immediately available online quickly and easily.

Hold meetings online

Board and stakeholder meetings are a critical part of nonprofit operations. If you run a national nonprofit, like I do, you'll find that you have participants scattered all over the country.

When you want to keep costs down, the last thing you want to do is incur a lot of travel expense (and the time is a big drain, as well). Instead, consider putting everyone into a Google+ Circle and using Hangouts as a quick way to bring everyone up to speed, face-to-face.

File your IRS reports online

Probably the most important activity for any nonprofit (at least in the eyes of the IRS), is filing your paperwork. The IRS now offers e-filing for charities and nonprofits. Just point your browser to the e-file home page and tell the IRS all your secrets.

Volunteer

I find my work for public charities and nonprofit research organizations to be incredibly fulfilling. If you're not helping out a nonprofit, consider volunteering. It's not only good for the country and your community, it's actually good for you as well.

The Digital Millennium Copyright Act (PDF), better known as the DMCA, is a troublesome piece of legislation. One of the many legislatively regressive darlings of the music and movie industry, the DMCA has long constrained an important element of technological development: Reverse engineering.

The DMCA has vaguely written anti-circumvention restrictions that make simple actions like repairing your car (there's a computer-based sensor adapter you're not allowed to touch) or backing up your DVDs potentially illegal. So if you've made a backup copy of the Barney disk because you know your four-year-old will break it again, you may be breaking the law.

A big problem of the DMCA is that it purposely restricts fair use, and yet illegal copying and piracy goes on with abandon. Part of the problem is that the DMCA is domestic legislation, but the internet is international. If you want to restrict torrent downloads of Game of Thrones, an American law won't prevent a Russian pirate from posting the episode.

Studio behavior is also at issue when it comes to piracy. As I wrote back in March, one way to fight video piracy is to make shows available legitimately.

But this article isn't one of the many that complain about the DMCA. This article is to acknowledge and support actual legislative action intended to fix the DMCA. Seriously. Constructive work from Congress. Whodathunkit?

This, by the way, marks the second time in the space of 90 days that our Congress critters have actually done something constructive. I reported the last time, in March, about the US government requiring security reviews for Chinese tech purchases.

This time, we have three Democrats and a Republican (Zoe Lofgren, Thomas Massie, Anna Eshoo, and Jared Polis) who have proposed a House Resolution entitled the Unlocking Technology Act of 2013 (PDF).

This five-page Bill edits the DMCA. Rather than just restricting any reverse engineering or unlocking, it allows reverse engineering unless the purpose is to infringe on copyright. In other words, it puts the fair use back into the law, as it was always meant to be.

In addition to clarifying law about things like backing up DVDs, or attaching your own test equipment to your car to maintain it, or fixing abandoned products that you still happen to own, it allows for the unlocking of cell phones, allowing you to take your expensive device and find the carrier that you want to use without the Library of Congress dictating how you're locked into your phone service.

So far, the Bill doesn't even have an HR number. It's an intelligently written edit, so the chances of it passing are pretty low. But that, boys and girls, is where you come in.

This is when it's time to take to the Twitterverse, to Facebook, to the internet, even to the old-fashioned telephone and call your Congressional representatives (just click here and type in your ZIP code), and tell them you want DMCA reform. While the Unlocking Technology Act of 2013 may or may not be the answer, the DMCA as it stands certainly needs help and has been "buggy" for years.

Oh, and remind them that this is America, land of the free and home of the brave. We want free use, and Congress needs to be brave enough to stand up for what's right.

And we can print guns out of plastic and video private conversations simply by wearing eyeglasses.

The challenge of technology is that it has no soul. Technological devices have no direct awareness of wrong or right (with the exception of certain videogame quest lines). What we, as humanity, craft out of our brilliance and enterprise and concentration of economic power are simply tools.

A hammer can be used to build a home, or bash in a head. A pressure cooker can be used to make chilli, or brutalize a city.

And a consumer-grade 3D printer can be used to print out tacky little toys, or make undetectable and untraceable weapons.

We rely on law enforcement to keep us safe, to investigate crimes, and to bring criminals to justice. The science of forensics has become a key tool in criminal investigations. Guns leave traces, and when a crime is committed, it's often possible to forensically analyze the limited evidence left by a weapon and trace it back to a suspect.

But 3D plastic guns open up worrisome doors. No longer are guns available only from dealers and known manufacturers; they can now be printed from melted plastic. If you thought cooking crack was a problem in cities, wait until gun makers start cranking out handguns from open-source designs.

Not only could these things be made by anyone with a relatively inexpensive printer and laptop, they could be melted down and repurposed into children's toys upon completion of the crime.

Then there are the digitally enhanced eyeglasses we're currently calling Google Glass. Like 3D-printed plastic guns, these things are crude in their early versions. Even so, they open the door to some very disturbing violations of privacy (and good taste).

The ability to miniaturize cameras, shrink computers, wirelessly send data packets, and socially network to thousands of our friends may make George Orwell's vision of Big Brother seem tame by comparison.

Certainly, we've already seen how hidden recorders and cameras have upset presidential campaigns, whether it's the 47 percent or bitter small towners, clinging to guns and religion.

We've also seen the benefit of citizen smartphone recording, especially when it comes to finding terrorists who carry out acts of extreme barbarism.

And yet, what of employees who use Google Glass to record trade secret information, spies who use hidden eyeglass cameras to record national security secrets, or the high-school student who uses eyeglass cameras in locker rooms to record the private parts of his or her fellow students?

Then, of course, there's the constant, never-ending, always increasing, unyielding barrage of cyberespionage and cybercrime.

By enabling always-on broadband, and plumbing our towns and cities with high-speed internet access, we've made it possible to connect with each other in wondrous ways. But we've also created a world where criminals in China and Belarus are only a few hundred milliseconds from our parents, children, and loved ones.

These technologies are wonderful, empowering, and simply breathtaking. They're also no end of trouble.

How would wise minds like Thomas Jefferson or Ben Franklin have looked upon these threats, when they were coding the DNA of our great republic? Would they have constantly tried to diminish our privacy, like our current Congress critters seem hell bent on doing? Or would Jefferson and Franklin have insisted that our online liberty is the same as liberty itself?

The fact is, this scale of technological vs. terrible challenge is not new. It goes back thousands of years. When the Romans created trade between Europe and China for much-desired silk, not only did traders travel the Silk Road — so did vermin. And so did the Black Death.

When nuclear technology was initially developed, it was harnessed to destroy our enemies. Fat Man and Little Boy killed hundreds of thousands of people when they exploded over Nagasaki and Hiroshima, respectively. And yet, nuclear medicine has saved hundreds of thousands of lives.

I believe that Jefferson and Franklin would have advised us that nothing is black and white. Our legal and policy systems can't paint everything with a broad brush, and we must use our unique human intelligence and analytic skills to distinguish between true threats and crimes from mistakes and the expansion of our technological knowledge base.

In fact, this necessity to distinguish and discern is why we have a complex justice system with courts, judges, prosecution, defense, witnesses, and more. The challenge of adjudicating shades of gray must fall to humans with the ability to distinguish the subtlety of the facts and how situational circumstances relate to human behavior.

Take, for example, the recent case of Eagle Scout Cole Withrow, a young man who made a mistake. He drove his truck to school and, upon arriving, realized he still had left his skeet-shooting shotgun in his truck.

He faced a choice: Leave school to return the shotgun to his home (which would have resulted in a leaving-school penalty) or admit his problem and ask for help. Perhaps he didn't take exactly the right course. He locked his truck, went into the school office, and called his mother, asking her to come to school and bring home the shotgun. He was overheard, and all hell broke loose.

The boy, mere months from graduating, is now facing felony weapons charges and has been suspended from school, pushing back his graduation date by a full year.

And yet, young Cole did almost exactly what we'd train an Eagle Scout to do. I had the high honor of having earned my Eagle Scout badge (along with bronze, gold, and silver palms) almost four decades ago, but the training of how to be prepared and how to react with a level head in the face of emergency has always stayed with me.

Perhaps Withrow should have admitted his mistake directly to school officials, without calling his mother first. But that's the only mistake he made. Many would say he would have been smarter to rush home, feign illness, and lie to avoid penalty. But that's not how we want our young men to behave.

We want our future leaders to behave with honor, with honesty, and to face sticky problems with integrity and in partnership with the various authorities in residence. The problem is that Withrow was punished without consideration of nuance. His authorities took a young man, who by all accounts knew how to behave and how to handle problems, and taught him (and, by extension, other promising young people) that being honest is not the way to behave, that trusting in the authorities is a mistake, rather than a best practice.

This brings me back to the question of our technologies, of 3D printing, of Google Glass, of ubiquitous, worldwide internet access, even of nuclear technologies, and the benefits and horrors that come from what we often call progress.

As we move forward, as we face more technologies that have positives and negatives, yins and yangs, the promise of incredible good and the curse of unyielding evil, we must distinguish and discern our policies and systems of law with care, with consideration, and perhaps with a thought to how Jefferson and Franklin would have approached the amazing advances of mankind.

The representative system would work so much better if our representatives weren't such schmucks.

This time, the brilliant idea is taxing Internet sales. Oh, I know we've been down this road before, but this time there appears to be some traction.

Senate moves closer to backing online sales taxes

Before I explore why an Internet sales tax is such a bad idea for our current times, I'll quickly summarize the reasons some factions are arguing in favor of an Internet sales tax.

Here goes: "Waaaaah! It's not fair!"

Okay, perhaps that's an over-simplification. There are two vectors to this discussion. The first is that traditional retailers have to charge sales tax, so they are effectively at a price disadvantage to online retailers. In order to level the playing field and give moribund brick and mortar stores a chance to live, we need to tax the upstarts.

The second vector is the actual truth though: Congress has so mismanaged America's finances that the states are going broke. The states desperately need a new source of revenue and Congress doesn't want it to come from the federal budget. So let the states add a new Internet sales tax, and voila! More money for the states and nothing out of the federal budget.

Congress gets to appear as if it's standing up for their local constituent interests, for brick and mortar traditional values, and for the states, all in one screw-the-public-and-the-economy blast of bipartisanship.

Brick and mortars are hurting. States are hurting. Why shouldn't Internet companies do their part to help out?

The answer is pretty simple: "It's the economy, stupid."

This is not a time to add a 4% to almost 12% price increase to the purchasing of goods. A tremendous number of people buy online, and by increasing their costs across the board, tax revenue won't go up nearly as much as sales will go down.

Here's how the economists look at it: Sales tax revenue is just one component of the overall economy; everything is interconnected. If sales tax income goes up, but overall tax income goes down because (a) people are spending less, (b) companies go out of business, (c) fewer companies start up, and (d) people lose their jobs, the net tax income will actually be less.

And that's just what will happen if we get an Internet sales tax. It will result in further damaging our economy while also causing the loss of jobs while also causing states and the federal government to collect less revenue, not more.

It's not just that consumers will buy less online if their purchases are taxed. It's that operating an online store that deals with sales tax accounting is a very non-trivial task.

There are 50 states, almost all of which have individual sales tax rates. Worse, there are hundreds (possibly thousands) of local tax rates across the country. For an online retailer to sell in an America with an Internet tax rate, sales taxes will suddenly have to be collected for all of these jurisdictions.

Even that's not so bad. Good shopping cart software can track rates based on ZIP code.

Where it gets bad is reporting. Filing sales tax reports for hundreds or thousands of jurisdictions, each with their own different forms and filing rules, can become incomprehensibly complex. Small online retailers won't be able to keep up.

Of course, the large online retailers, like Amazon, will have the IT resources to build out tax management into their systems. As a result, Amazon will get stronger at the expense of small online retailers.

Now, here's the biggest irony: Who are the small online retailers? In many cases, they're stores that have also set up shop on the Internet. They showcase their inventory, not only in their brick and mortar storefront, but in their online store as well. With complex, convoluted Internet-based sales tax in place, these local brick and mortars will have to close their online stores and concentrate only on local sales.

Amazon will once again be strengthened at the expense of local brick and mortars.

Now, don't get me wrong — I like Amazon. I probably buy more from Amazon than from any other retailer. But Amazon is not the U.S. economy.

If the economy is to get stronger, charging consumers more when they're already struggling to afford goods and services is not a wise move.

Well, I guess nobody has ever accused Congress of wisdom.

It's just so sad. It will be much harder for small online retailers to start, set up shop, and keep up with the paperwork demands. The one really strong growing sector of our economy will be nerfed and, really, no one will benefit.

Amazon won't really win because overall purchasing will still go down when an Internet tax is charged, consumers won't win because they'll be asked yet again to spend more, new startups won't win because the paperwork will be much worse, brick and mortar won't win because their online shops will be much harder to run, and even the states won't win because, ultimately, damaging the economy does not create more tax revenue.

Sadly, even Congress won't win because consumers will be more annoyed than they are now, and when consumers are annoyed, they tend to vote against the incumbent.

Talk about shooting yourself in the foot. Congress would do well to back away from this issue quickly and quietly.

How the email archives are going to be managed

I really think that for this treasure trove of historical information to become useful, it's going to need some machine filtering. Back in the day, most government agencies "archived" email by printing it all out. That was their archiving mechanism, fully supported by law and regulation.

The idea, to meet the requirements of both the federal and the Presidential Records Acts, was to print out email messages and stick them in great big paper piles and shove them into an Indiana Jones-style warehouse.

That approach might be acceptable according to the law, or even from the point of view of some sad professor somewhere who decides to devote his life to sifting through email messages. But it doesn't really provide tangible use. For realistic and practical use, this stuff has to be machine readable, machine addressable, and machine searchable.

What we need, from a historian's perspective, is the ability, for example, to take a Google-like engine and just be able to type in queries and see what comes back out of the data stream. I'd like to see that level of transparency. Again, for policy reasons, it's probably not going reach that level, but as administrations use digital messaging technology more and more, we're going to see increasing amounts of traffic that needs to be sifted through.

To make the full cache of presidential records useful to the populace — which is obviously never the priority of any White House — some sort of machine analysis is going to have to be a key part of the solution.

More to the point, hand sifting and hand managing all of that paper is going to become extremely expensive. Unless we decide to outsource sorting through America's most confidential documents to a third-world nation where the pay is cheaper, we'll need to turn to machine-based analytics.

The issue of availability in machine form is important. For example, just being able to search, Google-like, on a message archive is a far different sort of capability than having the entire dataset and being able to subject that to advanced heuristics.

So there's also the question of whether the raw data is made available to researchers versus being able to retrieve individual messages. Different kinds of research projects are going to need different kinds of things.

Politics becomes an issue, again, sadly. Opposition researchers, searching for political nuggets of joy, will want to search for various words and see if anybody says anything interesting, inappropriate, illegal, or even just out-of-context explosive.

Outside of politics, we should be able to look at what the whole dataset can tell us, what kind of knowledge we can derive by essentially observing, and even modeling the interaction of a White House over the space of eight years.

In that light, releasing the entire dataset to academic analysis is something that I'd really like to see. For the political reasons I've mentioned, that's probably not going to happen.

The question of legacy

Wrapping this up, one of the things that always exists in the minds of current presidents — as well as former presidents — is the question of their legacy. A president's legacy is often defined not by the true historical record, not by deep analysis, but by sound bites.

President George W Bush, like most presidents, was very controversial in his time. And, like most presidents, he's certainly going to want to be sure that his legacy is presented in the best possible light.

In that context, archivists are likely to want to go through all of those 200 million messages, examine each very carefully, and determine how they will fit with the legacy that President Bush wants to leave with future generations of Americans.

Presenting all those messages in the best light could take some time.

Our best wishes go out to all members of the Bush administration, the Bush family, and all the Americans who served in the White House, past and present. Thank you for your service.

Hand-processing 200 million messages

The problem will be analyzing all those email messages as part of the archiving process, especially if the goal is to separate out what can be made publicly available and what can't. Unfortunately, political interests, along with national security interests, will probably prevent this from being simply a machine processing problem.

Doing it without machine analytics assistance is going to be an epic problem.

If it were simply a machine processing problem, even if complex heuristics or artificial intelligence were used, it could probably be processed through in a month or two with high performance hardware.

When it becomes a question of making sure that every single message is thought through in terms of its political and national security implications, that thinking-through process is going to take a while.

Worse, each message may not be thought through by just one archivist. Each message (or at least the questionable ones) may have to be routed through an entire workflow process for approval to release. That, in turn, might be dependent on committee discussions, and all the normal foolishness that Washington is so good at, making sure nothing gets done.

These messages could be in limbo for a very, very long time.

What can you do with all this email data?

The most obvious (and the most likely) reason you're going to see this stuff delayed will be to prevent the opposing political party digging through all of it in the hopes of finding something that they can use as a mallet with which to beat their opposition. Opposition research is not necessarily the best use of a historical archive, but that's certainly going to be both the highest funded and the highest priority for those in politics.

When you move beyond politics and into governance, this stuff becomes interesting. For example, historians can look for clusters of emails around various events and see, perhaps, the discussions that went on and the thinking and the mindset of individuals in the White House during the various stages of those big events.

There were eight years of very volatile history that went on during Bush 43 that would be really fascinating to explore at the email message granularity level.

Of course, as we move forward, the years with our current administration have also been very interesting. If we can see what goes on in White Houses now and going forward into the future, that becomes quite educational from a historical perspective.

Even more important becomes the question of, "What can we learn to help us better manage the nation as we move forward?"

That, too, may benefit from machine help.

For example, we could do sentiment analysis. We could go through and process all those email messages and run analytics to see if certain events changed word usage. We might be able to predict stress levels before even the members of the White House know that things are heating up, and use analytics systems that can provide early alerts to certain kinds of situations.

That sort of thing could be very, very helpful as we look at crisis management in the future. For example, let's say that a situation is getting stressful to the point where mistakes might be made, or there might be unusual pressures going on in the White House.

Those people there, serving every day in the full force of the activity, might not realize that a situation has actually heated up or stepped up to the next level of crisis. Think of the frog who doesn't notice that things are heating up as it sits in the ever-warming water. The same kind of slow boil happens when you're in the crucible of the White House.

But if, behind the scenes, you can have systems watching behavior through email messages, they might be able to pop up an alert, for example, to the Chief of Staff saying, "You may not have noticed it, but things have heated up rather further than you expect. Use some caution, or be aware of your messaging." The alerts might offer specific historical examples, important cultural cues, and suggest potential courses of action.

This sort of analytics could apply to any number of things that officials may not have realized went from a lower level of concern to a higher level of impending crisis, where people may start making mistakes.

Later this week, in honor of the dedication of the Bush Presidential Center, Part 4 of our Special Report will explore how curators will manage 200 million presidential email messages and the question of a president's legacy.

But, surprise! Congress is screwing us over. And apparently, I can't hold back my opinion.

Here's the thing, and in this case, I'm directly addressing those so-called "representatives" we send to Washington theoretically on our behalf. It's a simple concept, so I want you to say it out loud, roll it around in your mouth, and think on it.

The Constitution must not end where the digital domain begins.

That's it. That's the big thought of the week. Say it again for me. Go ahead. You can do it. Repeat after me. The Constitution. Must not end. Where the digital domain begins.

What does that mean? Put simply, we have rights and expectations of rights when we do things online. Just because we're using that internet thing doesn't mean we're giving up what it means to be an American.

And to those who don't think we have any expectation of privacy when we go online, let me ask you this: If you take a poop in a bathroom in a shopping mall, do you expect privacy? Or would you not mind it if the government just recorded all your "functions" because your in a public place? Even our elected representatives who have dalliances in airport bathrooms clearly had some expectation of privacy.

So let's try something else out for size. We Americans don't lose our expectation of privacy just because we use a service to manage our communication.

We Americans expect privacy. Period. It's in the Constitution.

We expect privacy in all our dealings. We expect that unless a judge orders it for probable cause, that the United States Postal Service won't open our letters. We expect that unless a judge orders it for probable cause, that the plain ol' telephone service we use won't be tapped.

We expect privacy. And we expect, in the unusual circumstances that our privacy is being reduced, that a judge has granted that privacy reduction to law enforcement after careful consideration of the law and the situation.

In recent years, however, American lawmakers, law enforcement agencies, and some of my colleagues in the national security apparatus seem to have decided that judicial review is in impediment — it just gets in the way.

In a few, very limited instances, this may be true. Trying to stop events like the recent Boston bombing, when there are mere minutes to prevent a catastrophe, might justify not waiting for a judge to review your case. But those situations are few and far between, and should be the rare exception, not the rule.

The Cyber Intelligence Sharing and Protection Act (CISPA), and a wide variety of other legislation recently beta-tested by Congress, seeks to eliminate the essential judicial check and balance. But it's this judicial check and balance against overly-aggressive, overly-predatory, and overly-opportunistic public servants and corporate interests that has always separated America from de facto oligarchies like the former Soviet Union and 20th century South Africa.

Without a doubt, cybersecurity is absolutely essential as organized criminals, rogue nation states, and international actors target our citizens, infrastructure, and government operations with constant and unyielding ferocity. Certain laws need to be modernized to accommodate our changing world and the new realities inherent in the justifiable siege mentality that comes from being under constant cyberseige.

But America has always had the mandate to protect its citizens and its interests, and it has always tried to walk the fine line balancing protection of our interests with the protection of our rights, especially our privacy.

There are practical issues here as well. The current variation of CISPA allows an almost free-flow of private and personal information through corporate interests to government, as long as that information flow is labeled as necessary to protect against cyberthreats.

CISPA makes two serious mistakes in this regard. It removes judicial oversight, and removes the ability to penalize corporations for overstepping reasonable behavior.

As we've seen with how our bankers have schemed the system, finding loopholes in regulations and conducting themselves in both truly reprehensible and truly irresponsible ways, we can be sure that industries from insurance to collection to healthcare to banking to advertising will all likely find CISPA-supported loopholes to overstep their bounds and abuse their relationships with American citizens.

Not only will we become an America without privacy, we'll become an America without recourse.

It's ironic that just as CISPA is once again winding its way through the twisted and wrong-thinking halls of Congress, that Google (essentially our modern realization of Big Brother) has introduced Google Glass, a method by which our own citizenry can record and publish life experiences constantly, easily violating the privacy of anyone being glanced at by a Glass wearer.

Of course, the security implications of Glass are mind-boggling as well. The Health Insurance Portability and Accountability Act (HIPAA) violations become almost instant by medical personnel wearing Glass. Any employee looking at a screen while wearing Google Glass could be either augmented, improving productivity, or could be extracting confidential corporate information for sale or other nefarious purposes.

But the difference between CISPA and Glass is that Glass is voluntary and one-on-one. We don't expect our fellow citizens to protect our interests, and if we happen to encounter a Glass-wearer, we can choose to shun him or her, or avoid being within the range of the all-recording Glass eye.

But CISPA is something we can't avoid. With CISPA, online personal information can be sifted, sorted, examined, shared, and apportioned by virtually anyone with access to our online information.

There are loose restrictions about how that information can be gotten, but the restrictions are so loose that we can be sure the huge treasure trove of detailed personal records, from individual email messages to our purchasing history at Amazon and the local supermarket will be used and abused across the spectrum of corporate and government interests.

One concern, of course, is Big Data sifting of our online personal information without a warrant by government agencies. Information ostensibly gathered in the interests of deterring cyberthreats may well be used by excessively gung-ho agencies and law enforcement officials to find new people to penalize, fine, and prosecute.

This, of course, could put an even greater burden on our already over-taxed legal system, increase the time it would take for legitimate cases to wind their way through the courts, increase our already over-extended costs for managing the criminal justice system, and unjustly bring a lot of people to justice who are not deserving of prosecution or persecution.

And then there's the issue of all this data just hanging out there. While some government agencies have good operational cybersecurity protection, others are still just getting the hang of even the most basic of best practices.

A huge database of American personal information would be a very tempting target-rich environment for the very same criminals, rogue nations, and international actors that CISPA is theoretically designed to protect us against.

That's one of the great ironies of this legislation: It may actually worsen the very situation that it's designed to protect against. The House (and possibly the Senate) seems entirely willing to set aside the protections of the Constitution in favor of increased protection against cyberthreats.

But if the reality is that they're selling out our Constitutional protections and sacrificing our privacy, and the net result is we've actually delivered even more damning information into the hands of our enemies, well there can be no polite words for the irresponsible damage Congress is doing to our cherished freedoms and liberties.

America is a great nation because Americans are a great people. That said, history has shown us that the American government has been willing to act against the interests of Americans, often in ways that are mind-bogglingly unconstitutional, brutal, shameful, horrific, and even just plain stupid.

If Congress continues to proceed on the path it's been on these past few years — trying to bypass just cause, judicial review, and due process for the sake of expedience and freedom from oversight — America will no longer be the land of the free and the home of the brave.

So, once again, I must remind our Congressional representatives of this one simple truth: The Constitution must not end where the digital domain begins.

Related stories

• Ben Franklin would say our online liberty is the same as liberty itself

• Letting our lawmakers make laws about cybersecurity is probably a mistake

The conflict between IT challenge and archiving challenge

I was recently asked in a radio interview about whether or not the 200 million message email trove being archived is really that large. That number can be interpreted in different ways. To archivists, 200 million messages is a tremendous number of documents. To most IT professionals, that's a drop in the bucket for a medium-sized enterprise.

There are about 200 million messages that the archivists are dealing with, which is roughly 80 terabytes. That's not a small amount of data. But when you consider that most IT operations dealing with anything resembling Big Data are looking in the multi-petabyte quantities, it's far from unmanageable.

It's just not really that many bits and bytes. You could actually load all of these messages into RAM and process them in real-time using something like SAP's HANA product. So, from a technical point of view, the Bush message archive isn't exactly a large data structure.

But, from an archivist's point of view, it's huge because the archivists want to go through every single message and redact anything that is still considered a national security issue or a thorny political issue.

Think about 200 million messages. If you don't explore solving the problem using machine-based analysis, but instead expect individual humans in the National Archives and Records Agency to look at every single email message, it could be the end of time before they finish their work.

From a technical point of view, managing White House email is really a pretty simple thing. But, from a policy point of view, it's a very difficult thing. In my book and the various speeches I've given on this topic in D.C., I've always made it clear that archiving is a technical process, where retrieving what's been archived is a policy process.

In other words, it's up to us techies to make sure the data can be saved. But whether or not anyone gets to see that saved data has to be determined by laws, judges, and — courtesy of the Presidential Records Act — current and former presidents and vice presidents.

Quite obviously, not all email data is constrained by national security. Much of the data stored is also political in nature. That information may be suitable for safe public viewing from a national security perspective, but politically charged all the same.

That's where the push and pull has come from with White House email — because of that difference. Of course, the weird thing is that most recent White House generations have claimed that solving the archiving challenge is a technical problem. Clearly that's not the case.

From an IT geek perspective, email archiving is an activity that we do across enterprises every day. But from a "What do we want to show? How do we want to show it? How do we want to control our messaging?" perspective, it's a much bigger problem.

But wait, there's more

Even though the collection of 200 million email messages being archived is a boon for historians, it's far from the whole story.

Because I did so much research into the Bush administration email operation, I'm very well aware that those 200 million messages only represent a portion of the email traffic that went on during the Bush White House. The messages being discussed are only the official emails that went through the EOP (Executive Office of the President) email channels.

President Bush's team operated another email operation, based around the GWB43.com domain name. This operation wasn't run by the White House. Instead, it was run by an ISP located down in Chattanooga, Tennessee. While some conspiracy theorists might think that using GWB43 was a way for the Bushies to get around email requirements, the opposite was actually the truth.

There's a 1939 law, called the Hatch Act, that governs how White House email works. Yep, a law enacted way before anyone even knew of email controls email in the most important office of the land.

In any case, the Hatch Act restricts government officials from using government resources to conduct political activities. This means any sort of communication about politics, campaigns, political strategy, and so on could not be conducted through official White House channels and were required — by law — to run through outside services, like our friends in Chattanooga.

Because of this, using what then Deputy Press Secretary Dana Perino called "an abundance of caution," any email message, official or not, that might have had a political tinge, was not routed through the EOP email servers, but instead was routed through GWB43.

None of these official emails, the ones that also contained political information, are available for archiving. In Where Have All The Emails Gone, I estimated that 103.6 million messages ran over the open Internet, through GWB43.com. None of these will be turned over to the archivists.

That means that the historical record being turned over to the archivists is missing a full third of the story.

I've always wanted to ensure that this very large (and completely undocumented collection of political messages) are also made available to the public, but they may well be lost to time.

Adding to the problem is the fact that many White House staffers had multiple email accounts. For example, then Deputy Chief of Staff Karl Rove had a GWB43.com account, which was the domain used for the political arm of the White House operations. He also had an AOL account.

He would use each of those for different things. As you might imagine, most individuals had their own personal accounts, accounts for their work as political operators, and accounts for their work as public servants.

But let's just forget those hundred million or so political messages. Everyone else certainly has. Let's instead focus on what's involved in processing the 200 million messages that the Bush Presidential Center is willing to make available.

Next week in Part 3 of our Special Report: Hand-processing 200 million emails and how modern analytics techniques could provide innovative new applications for presidential email.

This doesn't mean CISPA is a done deal. As many of you know, I called the earlier incarnation of CISPA "more heinous than SOPA". Whether this new version includes bug fixes or adds new "features" remains unclear.

The problem is, we really don't know what is in this version. So much for transparency. Even though we don't know what the bill contains, The Hill reports we can rest assured because such champions of privacy as Google, Yahoo, and Oracle that support the bill, saying Congress is "taking steps to address privacy concerns".

Steps. Whatever that means.

I've talked about these issues before. For example, Ben Franklin would say our online liberty is the same as liberty itself. On the other hand, as a cyberwarfare advisor to various government officials, agencies, and NGOs, I'm also quite aware of the very real threat that's out there. We need comprehensive cybersecurity protections, and that means we need modern laws that address those protections.

The problem, of course, is letting our lawmakers make laws about cybersecurity is probably a mistake.

It may also be a mistake to put too much of our trust in the very large tech companies, many of whom trade almost entirely on the personal data we've willfully volunteered in return for trinkets like free email and the ability to "Like" someone we've never met or wish would like us back.

The key rights issue of CISPA — and any other cybersecurity legislation — has to be clearly and constitutionally answering the question, when it comes to cybersecurity law, where do we draw the line on information sharing?

For now, we don't know enough about CISPA to freak out. It still has to make it through the House, through the Senate, and then to the President's desk. Last time, President Obama threatened to veto it. We also don't know where he stands, again, because we really don't know enough about this CISPA beta release.

So, that's why I'm telling you not to get all freaked out. Just because the panel passed the bill, don't freak out. Even if the House passes the bill, don't freak out. But once it makes it to the Senate, and if we don't know any more about what's inside it than now, then it will most definitely be time to freak out.

Related stories

• How cybersecurity is like Star Trek's transporter
  

• CNET: Privacy protections booted from CISPA data-sharing bil

My interest, however, is behind the scenes. As many of you know, I wrote a book, Where Have All The Emails Gone? (free PDF download), about five million missing White House emails and the national security implications revolving around how White House email was managed back in that era.

As the Dallas News reported, the library archivists are going to archive 200 million emails from the Bush Administration, the largest trove yet of electronic communication from a presidential administration.

This is big news, and since it's an area I spent a lot of time on, I wanted to explore the various issues involved with this process.

In honor of the Presidential Center dedication, ZDNet Government is proud to present an exclusive, 4-part in-depth special report on the George W Bush Presidential Center and the 200 million email archive project.

Some background on White House email

Historians and researchers really want to have access to presidential archives and, generally speaking, all presidents aren't too thrilled with the idea. Throughout history, we've seen the situation where presidents tend to try to limit access to their records.

You can understand why, because presidents don't really want conversations taken out of context or a discussion by a 23 year old assistant to be considered the voice of their administration.

Up until the Clinton era, we really didn't have a whole lot of email in the White House, although email did arrive at the White House in the Reagan era.

If you really want to go back, President Lincoln was the first to use electronic communication. He would actually go down to the War Department and hover over the telegraph, waiting for messages coming in from the field about the Civil War.

This practice of hovering over the teletype waiting for reports from the war — and he was tall, so he really did hover — drove the teletype operators absolutely crazy. Lincoln effectively conducted part of the war from where the teletype machines were, making that teletype and the space containing it into what could be considered the first White House Situation Room. It's quite the story.

Moving on to modern days

President Reagan's administration actually had email first. Email in President Reagan's administration was considered very low priority, so it was actually used as a back-channel communication for the Iran Contra affair.

When Admiral Poindexter (who was then the National Security Advisor) didn't want things to be considered "records" that would be kept under the Presidential Records Act, he used email in a scheme he called "Private Blank Check", because he thought email would bypass the Presidential Records Act.

Of course, as it turned out, we had special prosecutors who were very interested in what Reagan did at the time and what his office did. Eventually, the "Private Blank Check" conversations were brought into public view as well.

None of the presidents, until President Obama, have actually sent many email messages. In fact, one of the reasons that I personally think it was worth becoming President was not having to look at email.

Right as he came into office, President Obama decided that he couldn't be separated from the flow, so he's actively using email. President Clinton, I believe, sent two or three messages to the troops at one point, and that was about it.

President George W Bush did not use email at all. His interaction with email was simply: "I'm not touching it. Period." — probably one of the wisest decisions he ever made in office.

He believed that his statements in a casual communication might be misinterpreted. He wanted his statements to be interpreted in the context in which they were intended. So he just completely avoided using email.

On the other hand, his staff used email very actively. That's why access to an archive of Bush administration email messages has caused such great interest among historians and analysts.

The presidential staff is the operation arm of the US government in the sense of governing, decision-making, and process, so while the archives wouldn't contain an email message from President Bush to Vice President Cheney, you're certainly going to have the potential to see discussions from lower tier people, advisors, cabinet secretaries, and the like. That becomes fascinating.

Next week, in Part 2 of our Special Report: The conflict between IT challenge and archiving challenge, and the 103.6 million White House email messages that are still not accounted for (and no one seems willing to talk about).

In order for America's government to fund its operations, programs, and agencies, money has to be allocated for this purpose on a regular basis. In many years, that budget money is allocated through something called a "continuing resolution", which passed in Congress and signed by the President.

A continuing resolution passed this year as well, except this time, it had some teeth, in particular when it comes to China's ongoing acts of apparent espionage and skulduggery.

Put simply, the newly signed 240-page law requires law enforcement authorities to be consulted and to perform a cybersecurity and sabotage risk assessment when buying IT gear.

Here's the hot button, the once-in-a-blue-moon, hell-freezing-over smart move by our politicians. The formal risk assessment by law enforcement must (and I'm quoting the Reuters article that quoted the bill): "... include any risk associated with such system being produced, manufactured, or assembled by one or more entities that are owned, directed, or subsidized by China."

This. Is. Huge.

I'm not going to go over the whole China risk thing in-depth here because we've been down this trail before. See the links at the end of the article for a good set of reads on China's apparent inability to play well with others.

But I will say this: China, by all indications, wants it both ways. They want to sell us gear, bring our currency into their country, and grow their economy with the help of American purchasing power. But they also seem to want to sneak into our computer systems, constantly testing, probing, and attacking our networks, and otherwise cause us harm.

They want to make money from us at the same time they're willing to attack us.

What's been deeply disturbing me for years (and I've been writing about this here on CNN, and even giving lectures and advisories on this to government officials) is that Chinese gear is inside everything we use today.

The motherboard inside the computer I'm using right now was made in China. In fact, the computer I'm using right now was made in China. Your iPhone was assembled in China.

Many of the internal components and entire computers (Lenovo on its way to becoming the world's largest PC producer) are made in China. Telecommunications equipment is made in China. We even did a Great Debate here on ZDNet about whether it was wise to buy networking gear from Chinese Huawei, who has been involved in some dubious doings (and is becoming a major vendor of smartphones as well).

Think back to the Cold War days, when the Soviets and the Americans where banging shoes at each other and threatening total nuclear destruction. Would any of us (or our grandparents, I guess) have thought it made sense to buy security gear from the Soviets?

Of course not. Even the most pacifist peaceniks around would have thought that letting your enemy provide your security wasn't exactly a wise course.

And yet, that's what we've been doing. Nearly all of us rely on gear made by China. Nearly all of our personal and confidential passwords and logins travel over circuits made by China. Many of our networks and network switches, if not made by China directly, have Chinese components.

I applaud this action by Congress and the President (did you ever think I'd ever say anything like that?), and I encourage the government to take even more stringent action and due-diligence against foreign-supplied security equipment.

Related stories

• Questionable loyalties: the cybersecurity implications of buying system software from foreign companies

• Great Debate — Huawei: Should you put it in your data center?

• It might be time to throw some SALT on China

• State of the Union: Cyberthreat

• 14 global cybersecurity challenges for 2013

• Dear China: Cut out the sneaky spying shenanigans

• Researcher reveals ease of Huawei router access

• UK to probe Huawei, BT relationship

• Did Chinese security firm snag too many American security secrets before the barn door closed?

• In China, many younger military leaders view America as the ultimate enemy

• Is China gearing up to start World War III?

• Welcome to the new Cold War: China vs. the United States

• Dear Mrs. Clinton: whether you believe it or not, China is a threat to America

• U.S. finally acknowledges Chinese and Russian cyberthreat

• Video: Should Americans worry about a Chinese cyber-threat?

• Pace University forensics expert on China and cybercrime (exclusive video)

• Technology policy challenges faced by the U.S. Federal Government (video seminar)

• Deconstructing a nasty Chinese World of Warcraft phishing scheme

• Why the United States might pay China before we pay our own soldiers

• Also see: There are chapters covering China in my book, How To Save Jobs (free PDF download)

• And for balance, from ZDNet Asia: Dear America: Enough with the China-bashing already

Governments, going back to the times of the ancient Romans and Egyptians, required extensive record keeping to operate their empires, both for the management of extremely large civic works projects (like building the pyramids), and for the collection of revenue to fund those projects.

Later governments, both fair and oppressive, have found the gathering of data in vast volumes to be a functional necessity and competitive advantage. Both the old Soviets and the Nazis were infamous for their obsession with recording data about their citizenry. In those two examples, of course, that data collection would result in horrors and human rights abuses we hope to never again see practiced by so-called civilized nations.

So the gathering and processing of vast amounts of data is not new. What is new is the speed at which we can now process that data. By hosting databases fully in RAM, rather than on disk (or even faster solid-state devices), processing operations can increase in speed by a factor of a million or so.

Queries that used to take a day and a half to be solved using disk-based databases can now be resolved in a tenth of a second when based entirely in a few terabytes of directly addressable RAM.

We saw real-time analytics deployed in the last US election. President Obama's election team was able to dynamically analyze the global state of pre-election sentiment, and deploy advertising resources and human volunteers to the areas that needed the most attention, virtually in real time.

By contrast, Mitt Romney's analytics team famously provided incomplete and inaccurate information to the Romney central command, resulting in Romney's deployment of election resources to areas completely unrelated to need.

Now, we all know that elections aren't won solely by analytics. The policies of the two candidates contributed to the results, and some epic political (rather than computation) mistakes on the part of the challenging party didn't help matters.

Here we see not just big data in action, but fast big data in action. Had the president's data analytics operation taken months instead of days, or even days instead of minutes, his team might have missed key clues until the election was long over.

The challenge, of course, is how we handle this power

For example, the American Society of Civil Engineers said that one quarter of all American bridges are "deficient"; 17,000 bridges didn't meet inspection criteria, including 3 percent of all freeway bridges.

Want a scary statistic? The average age of America's bridges is 43 years. The average lifespan of America's bridges: 50 years. This means, unless something changes, we should all avoid pretty much all river crossings after the year 2020.

But my point here isn't to scare you (much). My point is that real-time analytics can help government and drivers alike. We all know about the spending reductions forced on American government agencies as a result of sequestration. So, the challenge (even after the parties get past their sequestration protestation infatuation), is how we can do more and more with less and less expense.

The bridge situation is an ideal example. The University of Texas is working on sensor technology that can report dynamic telemetry on a bridge's condition. They're working on sensors that can survive the constant vibration, weather, and even send and receive data through all the steel that normally would make radio transmission a near impossibility.

A little imagination can help us see how all this can work. Terabytes of sensor data come streaming into a central analytics engine straight from all the bridges. Dynamic, real-time analysis helps filter the signal from the noise, and — in real time — those bridges needing the most timely attention can get resources applied first (and, with dynamic crisis alerts, immediately, when warranted).

We can also see how this sort of telemetry can help fight terrorist threats. By sifting through vast amounts of data in real time, analytics systems can identify potential sources of threats, and mitigation teams can be dispatched to investigate.

Ah, but there's the rub. Did you see it? Did you feel it?

Did you notice how we suddenly went from big data to the possibility of Big Brother?

Clearly, we want and need to protect Americans from the constant threats against our security. Whether digitally or in meat space, the threat level is dangerously high. The American government must provide threat management or baaaad things will happen.

But the challenge is distinguishing between data collected for protection and data collection that violates our privacy, all while respecting the very core of our Constitution. Another challenge exists because a "potential" threat isn't an actual threat, and if we act against our citizens because some Minority Report analytics system assigned a threat potential to someone who hasn't yet done something, we're discarding our Constitution for some sort of dystopic future.

Congress isn't helping matters

There is a real need for corporations and government to share data that might help protect our infrastructure. And, in the worst case, that data may need to be de-anonymized so law enforcement can be dispatched to stop some bad guys from doing some very bad things.

But Congress tends to confuse national security with media industry preference. In the ongoing, and vaguely futile, effort to prevent media customers from fair use of the media they've purchased, Congress keeps attempting to conflate security with DRM, and so we wind up with CISPA and SOPA and all the rest.

So where does this leave us?

For the ZDNet IT audience, there are two things you need to keep in mind. First, you will need to understand real-time big data and what it means, how it works, its strengths, limitations, and what it can do for you.

To that end, I invite you to a free webcast I'm giving on Thursday at 2pm ET. In that, I and Dan Kearnan, senior director of SAP HANA Marketing, will be discussing keeping up with the volume, velocity, and variety of big data in real time.

Second, it's important to keep an eye on legislative activities, and understand when our privacy rights are being violated compared to when our security is being protected. This difference is a nuance quite clear to the rank-and-file investigators in America's famous three-letter agencies, but seems quite lost on Congress members more devoted to their lobbyist friends than their own constituents.

Keep reading ZDNet and stay up on these issues. This is only going to get more interesting as we move further into the future.

Related stories

• Guns, the First Amendment, and the Bill of Rights

• 14 global cybersecurity challenges for 2013

• When it comes to cybersecurity law, where do we draw the line on information sharing?

• Letting our lawmakers make laws about cybersecurity is probably a mistake

• Ben Franklin would say our online liberty is the same as liberty itself

• CISPA: more heinous than SOPA, and it just passed

• 5 reasons why SOPA, PROTECT-IP and other legislative idiocy will never die

We don't even know for sure if Kim-the-younger is 28, 29, or 30. We know even less about Jong-un's wife, Ri Sol-ju, except that the marriage was apparently a hastily arranged affair set up by Dear Leader Kim Jong-il from his death bed.

What we do know is that a young man roughly between the ages of Lindsay Lohan and Britney Spears — with absolute control over the fourth largest army in the world and the world's largest submarine fleet — has declared his intention to nuke the United States.

He certainly wouldn't be the first young Generation Y male with an anger management problem, but he is the only one with a real chance of becoming a nuclear power.

It's easy to dismiss the North Korean leaders, whether Jong-il or Jong-un, as Looney Tunes

After all, we've all heard of Kim Jong-il's penchant for American movies and his Elvis obsession. But Kim Jong-il managed a huge military build-up for Korea, and while Jong-un did have the advantage of being Jong-il's hand-picked successor, he did manage to hang onto and consolidate his power, all before the age of 30.

The North Korean story is actually quite amazing. If you want further background, I recommend you read the briefing I wrote for Counterterrorism Magazine last year, Spotlight: North Korea.

For a feet-on-the-ground look at what North Korea is like today, I strongly recommend you read Sophie Schmidt's fascinating account of the trip she took to North Korea last year with her father, Google chairman Eric Schmidt, and former Ambassador Bill Richardson.

So where does all this leave us? Is Kim Jong-un the Doctor Evil of the modern age? Are we really, seriously, back in the game of intercontinental ballistic missiles and nuclear warheads?

The fact is, North Korea is a viable threat on at least three separate levels

First, the nation is actively involved in cyberwarfare and cybercrime. As I've been saying for years, and which the US government is now beginning to articulate as well, cybercrime and cyberwar are huge national security threats.

North Korea is problematic here because not only is it using cyberattacks for political reasons, it's also decided that systematized cybercrime can be a good source of Western currency. For a nation essentially off-the-grid financially, cybercrime is the goose that keeps on laying the golden egg.

North Korea is also a viable threat because if its sizable conventional military. The Kims have never fully accepted the bifurcation of Korea into North and South, and have long made grumbling noises of crossing the 38th parallel.

South Korea is the world's 15th largest economy, with a GDP something north of a trillion dollars. By contrast, North Korea has a GDP somewhere in the range of $12-28 billion, which puts its total economy somewhere in the range between companies Sara Lee and Staples. South Korea's Samsung alone brings in fifteen times the annual cash of all of North Korea.

Were the North to attack the South, it would cause economic devastation to South Korea and ripple-effects across the globe. And of course, the US would be pulled into the battle, since our taxpayers have long paid for South Korea's defense, even as South Korea's industry has ungratefully done its best to compete against our own companies.

This leads us to the nuclear question: can North Korea build a nuke? Unfortunately, the answer to that is a definite "probably". Too many nuclear experts and too much nuclear material has been on the world's underground markets since the demise of the Soviet Union, and it's entirely likely that North Korea has been in the market for years.

Whether, of course, they can put the whole thing together, then build a long-range, ocean-crossing delivery vehicle, and then be suicidal enough to completely ignore the doctrine of Mutually Assured Destruction (MAD) to try to nuke an American city, is a much bigger question.

Most leaders in most nations are both too sane and too well aware of their reliance on a world economy to flip the nuclear switch. That's why we've been pretty much mutant zombie and giant lizard-free since Hiroshima and Nagasaki.

But Kim Jong-un is not most leaders. His nation is almost completely disconnected from the outside world. His entire nation could on the far side of the moon for all of his country's interaction with the world's economy.

Keep reading. This is where this starts to get good...

The youngest Kim may or may not be crazy in a padded-cell and hallucinations kind of way, but he has shown evidence of ruthlessness in his quest to consolidate his power. The key question is whether he's more of a regional annoyance, like Saddam Hussein or Muammar al-Gaddafi, or whether he's a big bad, like Adolf Hitler or Joseph Vissarionovich Stalin.

If young Kim is a proto-big-bad today, he could be a thorn in our side for a very long time

Fidel Castro was only 33 when he became Prime Minister of Cuba back in the 1950s. He held onto power for 55 years. It's entirely possible that Kim Jong-un could be his own, personal Axis of Evil for most of this century.

All of this brings me back to the original premise of this story, that a crazy, nuke-obsessed Kim Jong-un might actually be good for America.

Look, I — like most sane people — would much prefer a world where the leader of North Korea was much more concerned about his Klout rating and Facebook fan page than attacking all of Western civilization. It would be much better for everyone if he'd decide it was more fun to hold big parties, invite second- and third-tier stars, and appear on some reality TV shows.

But that's probably not going to be the case. The new Kimster had the opportunity to change the personality of North Korea, to make it more of a citizen of the world, but instead, decided to double down on his grandfather's and father's policies of Juche, which, at least in spirit, means "us against the world".

Say what you will about the old Soviet Union, but it sure had a way of focusing our attention.

There was a tangible, credible, easily identifiable threat — and our military and our politicians recognized it as such.

Even though American politicians have always — always — been self-obsessed, selfish, back-biting, in-fighting, partisans of limited patriotism, when a real, credible threat has faced the United States, they've generally been willing to put aside partisanship, at least for the important stuff.

But things have gone off the rails ever since the Soviets decided that they wanted to get out of the crazy evil business and into the much more profitable international anti-malware market. American politicians haven't been able to focus on an external enemy and instead, have done their level best to hollow out America from within.

Take this sequester idea; it boggles the mind how this was the one thing Congress could agree upon: Their brilliant plan was, because they couldn't come to an agreement at the time, that they'd set up a time bomb so a later Congress would have to come to an agreement, because otherwise, the results would be just too terrible to live with.

Seriously? This is how we run the greatest nation on Earth?

The sequester guts all sorts of programs (not necessarily a bad idea), including a lot of our military defense (not necessarily a good idea).

But let me ask you this: Could the sequester have flied back in the days of duck-and-cover? Would Congress have let our defense slide into the ocean when there was always an impending nuclear threat from the Ruskies?

No, of course not.

But now, we've all but forgotten the very real threats out there. We ignore the need to bulk up our cyberdefense because (and this, too, boggles the mind), our corporate leaders have asked the President to take a softer touch when it comes to cybersecurity.

Seriously. You can't make this stuff up.

We've killed Saddam and we've killed Osama. Sure we've just come out of the longest war in US history, but we're not really all that worried about things here at home. We're still buying our iPhones and iPads, and we're all just a little disappointed that the South Korean Samsung Galaxy S4 isn't more exciting.

While America most assuredly has its enemies, both outside our borders and within, they're amorphous. Terrorists and cybercriminals don't have faces. They don't have names. They're not super villains, and they don't unite the selfish and the partisan.

But super villains, the Hitlers, the Stalins, to some degree the Castros, these are the faces that unite our defense. When we're able to point to a Big Bad, we're all able to focus on it together, and then, sometimes, we'll actually work together.

So while I'd really prefer that North Korea's Kim Jong-un would take a chill pill, that we could set up some sort of 20-something leader exchange and swap Kim Jung-un for Mark Zuckerberg — Zuck would certainly get North Korea out of its isolationist funk — the reality is that Kim Jong-un may be more than just bluster.

He may be the pudgy face of our next super villain, he could be a credible threat, and he might actual inspire America's politicians to put aside partisanship and work together for a change.

Nah. Who am I kidding? Right now, I'm convinced there are politicians in Washington working hard to come up with something even more epically stupid than the sequester.

Let's just hope the Chinese can talk some sense into Kim Jong-un. After all, given how much we owe them, these days, the Chinese have more of a vested interest in America's continued well-being (and ability to make regular installment payments) than even our own politicians.

I pulled a lot of my material from a year of research I'd done back in 2009 and 2010 writing How To Save Jobs (free download). While those two articles, The enormous societal benefits of working from home, and What if more Americans worked from home?, looked at the working-from-home question from a policy point-of-view, this article looks at the management question.

Some quick background

I was a CEO for about 20 years. While I never had tens of thousands of employees, like Yahoo, or hundreds of thousands of employees, like Best Buy, I managed between two and 50 people at various stages of company growth.

Back in the mid-1980s when I started my first company, I worked out of my one-bedroom apartment for almost six months, until I'd hired some staff and rented office space. Back then, there was a tangible business prejudice against people working from home — and for good reason.

We didn't have the technology resources we have today. Faxes were just beginning to find their way into business, email was rarely used to communicate outside of the walls of a given company, there was no such thing as video conferencing, desktop sharing, voice-over IP, or any of the other remote work technologies we now take for granted.

In a strange foreshadowing of today's virtual assistant, a few weeks after I started my first company, I hired an answering service. They set up a special patch line, answered my phone, and then called me to patch calls through. All of that was because the distributors who I called on to sell my software products categorically refused to deal with any companies they perceived as too small.

While there will always be some prejudice against working from home — particularly among those people who drive hours each day to work — working from home is now a much more well-accepted mode of doing business.

Working from home is not just for small businesses.

I work regularly with senior executives at very large companies who work from home, with home offices often halfway across the country from the divisions or departments they manage.

While the benefits to the newly minted entrepreneur are obvious, many larger companies are embracing the work-at-home work style because it saves money and time. Rather than having that key employee in the car for two hours a day, that time can be better put to work at home.

Office space doesn't need to be rented, furniture doesn't need to be purchased, power for heat and air conditioning an office isn't consumed (although that might be balanced by home consumption), and there's a lot less internal battling over who gets the office or cubicle near the window.

There are challenges, of course, and this is where the Yahoo question comes up in tangible way. If you work from home, you need to be more responsible for your output. If you're an employee, you have to establish trust with your managers. You have to set boundaries with your family and you have to develop the discipline to stay away from the TV — and the fridge.

Another challenge, one I discussed in How To Save Jobs, is that once you've convinced your boss your job can be done from a few miles away, what's to stop him from sending it across the ocean to India or China?

There's also the very real issue of isolation. Working from home tends to reduce those water-cooler moments, the times you stand and chat and brainstorm with colleagues.

I honestly think that one of the reasons Twitter and Facebook have blossomed is that they take the place of water cooler chatter. Rather than asking Bill what he's working on while walking back to your cube from the men's room, you can see his updates from his Twitter feed.

This level of short communication is not to be discounted, but it'll never take the place of rubber-band wars, fought over the rims of cubicle walls while the departmental administrative assistant was at lunch. Ah... the memories.

All that brings me back to Yahoo and the basic premise of this article, which is sometimes as a CEO, you just gotta do what you gotta do.

The big chair

If you've never been the head of a company, if you've never sat in the big chair, you may not know — really — what I'm talking about. There's a level of responsibility that hits like a ton of bricks when you realize decisions you make can directly impact peoples' lives.

Making a necessary business decision, like a layoff, hits real people where it hurts. It's not just numbers on a spreadsheet. It's not even just your individual employees. Families might not be able to make ends meet, they might not make their mortgage payments, and they might not be able to survive in a down economy. And yet, as a CEO, you have to make that decision.

I learned this lesson hard in my third year as a CEO. I was in my mid-20s and the market had compressed quite a bit. Our particular market segment was in transition, and I had a few too many employees. Was it my fault that I had too many employees? Probably. I suppose could have read the minds of our partners better and had better psychic friends so I could have predicted the future better.

We weren't funded by some big venture capital infusion. We ran on our own income (and my credit card balance). If sales went down, we had less money to work with. Around Thanksgiving, we lost a big customer, not because of anything we'd done wrong, but because they were getting out of the market we were in. The right move would have been to layoff people right then and there. But holidays were coming and I just didn't want to be a Scrooge.

I kept paying payroll for everyone throughout the holiday season. It was a mistake. I didn't have money in the bank to cover it, so I charged up my credit cards to make payroll. It took almost a decade to clean up that mess. Worse, I put the company at risk because the situation was unsustainable. We needed a course correction, and instead I ran a charity for three critical months. I eventually had to do the layoffs, anyway, but I had waited too long and the financial repercussions took years to overcome.

We bounced back, but it was a rough time. The point is, unless you've had that personal responsibility, unless you're the person staying up nights trying to find the best, most honorable, and most strategic path, and unless you're the person people scream at when you layoff their spouses, you'll never truly understand how CEO decision-making works.

I'll tell you another short story of my early days as a CEO and then I'll move on to this Yahoo thing. Don't worry. It's relevant.

This was a few years after the layoff I mentioned above. We had grown to about 14 people, and like all good newbie CEOs, I'd read all the management books. Delegating responsibility was the big thing. Don't over-manage. Create teams, and let those departments be managed by capable managers.

So that's what I did. The change in company-wide behavior — almost overnight — was breathtaking. Where in the days before departments, everyone jumped in to help with whatever needed doing, now it was Shipping's problem. Or it was Sales' problem. Or it was Engineering's problem. The almost-universal teamwork ethic we'd organically created went away. Instantly.

Nothing I could do could get everyone to work together again. Each department tribed up, and suddenly it was them against the world. It was breathtaking how quickly this change in culture happened, and it was a completely unexpected result of simply creating an org chart for a business plan.

Productivity was rapidly sinking. I had to do something. No amount of meeting and talking seemed to work. I finally decided to get draconian. I banned the use of the word "Department" anywhere in the company. Anyone heard uttering the word was disciplined in some way. Almost 20 years later, I can't remember if it was a fine, a public mocking, or they had to bring in the donuts -- that memory is lost to time.

Everyone thought banning the departments and the "D-word" was stupid, but slowly, after about a month, people started working together again, putting the strategic needs of the company before their own departmental fiefdoms. We were meeting customers' needs again, we were making money again, and we were once more shipping on time.

Yahoo and CEO Mayer's decision to ban remote workers

This decision has been picked at, dissected, criticized, and turned upside down by the tech press, by employees, by stockholders, by pretty much everyone.

It might not have been the best decision from the perspective of setting an example for an industry. It might not have been the best decision from the perspective of keeping employees from jumping ship to Facebook or Google. It might not have been the best decision from the point of view of hiring new employees. It might not even have been the best decision from the perspective of convincing the world that Yahoo is cool again.

But it might have been the best decision to keep the Yahoo ship afloat.

You know, because I've been making the case for days, that I think encouraging remote working and working-from-home is not just a viable strategy, but one that may be critical to America's economy and even our breathable atmosphere, going into the next hundred years.

So you know I'm not saying that banning remote working might have been a good decision for Yahoo because I'm against people working from home.

But, sometimes as a CEO, you just gotta do what you gotta do. Sometimes, you can't take into account what all the pundits will say. Sometimes you have to take notice of the storm your ship is about to encounter, batten down the hatches, and make course corrections.

Sometimes you have to make the unpopular decision, just to snap people back onto mission and get the ship pointed in the right direction.

Sometimes, despite what everyone says, despite the criticism, despite the screaming and yelling and anger and hatred, sometimes as a CEO, you just gotta do what you gotta do.

Only time will tell whether Mayer made the right decision or not. But I give her points for not just sitting in the big chair, but making the tough, unpopular decisions that come with job of CEO.

Her willingness to make this decision — which from the outside looks short-sighted and even regressive — may, in fact, be evidence that she's the right person for the job. If Yahoo is to be saved, if it's to be turned into something effective or meaningful once again, tough, unpopular decisions will need to be made.

I've said it before, and I'll say it again. Sometimes as a CEO, you just gotta do what you gotta do.

Related articles

• The enormous societal benefits of working from home
• What if more Americans worked from home?
• Yahoo: Fix your culture and get better telecommuting tools
• Can other companies go the Yahoo way?
• Yahoo seeks to reboot notorious company culture
• Marissa Mayer, I hear you
• Telecommuting: Dead or alive?
• First Yahoo, now Best Buy ends home working for staff
• Who's left to stand up for teleworking?
• Should all staff members work in the office? Yahoo thinks so

By the way, I'm running this article in ZDNet Government rather than my DIY-IT column because so much of working at home can be aided or hindered by government policy. I am on record as strongly recommending major changes in American employment policy designed to encourage Americans to work from home.

This article, the second in the series, looks at policy questions and explores what might have to change in our policy discussions to encourage more telecommuting.

Clearly, if more Americans worked from home, it could be very, very good for America:

• We'd reduce our reliance on foreign oil

• We'd reduce pollution

• We'd reduce global warming

• We'd regain billions of hours of productivity and family time

• We'd save a ton of money

• We'd reduce our costs for road construction and highway maintenance

• We'd even probably reduce the number of latch-key kids

That's why it's so unfortunate that the IRS seems to distrust some home-based businesses, home offices, and people working from home. According to BusinessWeek:

The home office deduction acts as something of a red flag to the Internal Revenue Service because it can easily be abused by small business owners who claim a larger home office than they actually have, or who deduct expenses for an office that is not truly dedicated to business use.

Instead of using a home office as a red flag, US tax policy needs to encourage working from home. Part of the problem is that deducting a home office is a complex process. One way to encourage working from home is to establish a standard home office deduction that can simply be checked off as part of the tax preparation process. This would still allow for itemizing more complex home office expenses, but makes it easier for most home workers.

I spoke to Kristie Arslan of the National Association for the Self-Employed (NASE), and asked her if they'd considered a policy for this. She told me:

The NASE believes that the home office deduction must be simplified and expanded to allow home-based businesses to easily utilize this tax benefit. We support the creation of a standard deduction option within the range of $1,500 to $2,000. Home-based entrepreneurs qualifying for the deduction could choose between selecting the simple, standard deduction, or itemizing if they feel they would receive a larger tax benefit.

I'd actually recommend going further than this. Rather than providing a relatively minor standard deduction — which, admittedly, would reduce audit risk — I'd like to see an aggressive program that actively encouraged working from home, perhaps in the form of a tax credit.

So many of our nation's mission-critical challenges could benefit if millions of Americans transitioned from commuting to working from home. I'd like to see a program that provided a credit for the number of days worked from home, or some other metric that was both easy to calculate and a strong incentive.

Perhaps this could be extended to employers as well, with deductions or credits that encouraged employers to encourage employees to work from home — as long as those homes are in the United States, of course.

But there's more to this than just tax policy. As with other aspects of changing how we function as a nation, our perception of ourselves has to change as well.

Changing hearts and minds

During World War II and after the Great Depression, the United States government set out on what, today, we'd almost call a propaganda campaign. The government's campaign was designed to educate Americans on values that would be helpful in a recovery. Yes, I know. If we did that today, certain pundits would have a coronary. But we're talking history here.

As part of the New Deal, President Franklin D Roosevelt created the Works Progress Administration (WPA). Although not without its critics at the time, the WPA was considered to be the nation's largest employer and helped drive recovery from the Great Depression. One of the more interesting and enduring aspects of the WPA was its employment of artists and other creative people.

Early on, the WPA employed mostly construction workers and traditional tradesmen. But, according to Margaret Bing, curator of the Bienes Center for the Literary Arts, "Federal Project No. 1 of the Works Progress Administration was developed to give artistic and professional work to the unemployed who qualified".

According to Bing (the arts curator, not the search engine):

Federal Art Project (FAP) began as a part of Federal One with Holger Cahill as its director. By March of 1936, regional field offices were established throughout the country, employing as many as 6,000 people. Fifty percent of the FAP workers were directly engaged in creating works of art, while 10 to 25 percent worked in art education; the rest worked in art research.

By 1938, 42,000 easel paintings and 1,100 murals in public buildings were commissioned. Large numbers of sculptures, silk-screen prints, posters, and other graphic works were also made, and the FAP frequently worked in cooperation with the Federal Writers' Project to design covers and illustrations for its publications.

Many of these images were used to communicate values and messages, like the wonderful images shown at the beginning of this article.

If you look carefully, you might notice one poster that's particularly familiar. Have you noticed it? It's the one on the upper right with the caption "Work With Care". According to the United States Library of Congress WPA Poster Collection, this particular WPA poster was created in 1936 or 1937 in Pennsylvania by an artist named Robert Muchley.

The art from Mr Muchley's poster is also the cover illustration for How To Save Jobs (from which this article is derived), and the image was chosen for a reason. I believe that if we're going to transform our approach to jobs in America, the motivations can't just be the result of legislative changes or come from simply hacking our tax policy.

Instead, I believe we have to change how we think about jobs and some of our core values here in America. For example, instead of discouraging home workers, we need to change our value system so we celebrate home workers, because each person who works from home is someone who's helping to save our resources, our roads, our air, and possibly the planet itself.

As you think about teleworking and working from home, think about ways in which our relationship to employment and income production needs to change. Whether or not we can save jobs in America may well depend on changes not only in policy, but in attitude.

Healthy bicycle commuters

While I was writing this chapter, one of my Twitter followers pointed out that not all commuters drive cars. He asked: what about people who ride bicycles to work? According to a Portland State University study, about 1 percent of commuters ride a bike to work. While those 1.6 million commuters are certainly fitter than the rest of us, they're already part of the solution. Bike commuters (and those who walk to work) don't pollute — and the natural cardio exercise of their commute often makes them healthier than the rest of us.

Stay tuned. More tomorrow about the challenges of managing all this.

Related articles

• The enormous societal benefits of working from home

• Yahoo: Fix your culture and get better telecommuting tools

• Can other companies go the Yahoo way?

• Yahoo seeks to reboot notorious company culture

• Marissa Mayer, I hear you

• Telecommuting: Dead or alive?

• First Yahoo, now Best Buy ends home working for staff

• Who's left to stand up for teleworking?

• Why Yahoo's "no home working" rule will lead us back into the office

• Should all staff members work in the office? Yahoo thinks so

Back in 2009 and 2010, I spent a tremendous amount of time researching work patterns and society, which resulted in the book How To Save Jobs (free download). As part of my recommendations for saving American jobs, I looked at the issues and benefits of working from home. This article is the first of a series derived from that research. The subsequent articles will be posted next week.

Working green by working from home

There are enormous societal benefits to working from home, but no one is really aware of them. Working from home is ultimately green.

According to an ABC News/Washington Post/Time Magazine poll taken in 2005, "220 million adults average an hour and a half a day in their cars". 60 percent admit to driving "well over the speed limit"; 62 percent say they get frustrated from time-to-time; 40 percent claim they get angry; and 20 percent admit that they sometimes "boil into road rage".

That's 44 million people experiencing road rage. That's a lot of boil. In fact, 41 percent report seeing road rage, and 54 percent claim they "often see other drivers making angry or impolite gestures".

I used to commute from Berkeley to Mountain View across the San Francisco Bay Bridge, California. If driven at 3am, it would take only 45 minutes. But during rush hour, my commute took me more than two hours each way. I only lasted five months with that commute, and then I moved closer to work. My new commute was only a 50 minute bumper-to-bumper drive, each way.

The ABC poll shows that most workers' commute times can vary from day-to-day by as much as 27 minutes each way — with a good trip to work taking an average of 19 minutes and a traffic-filled trip taking as long as 46 minutes. ABC said the average is 52 minutes on the road commuting, overall, over an average round trip distance of 32 miles.

A 2007 Gallup poll reflects some of the ABC News numbers. According to Gallup, workers spend an average of 46 minutes commuting round trip, with 85 percent driving themselves, 6 percent riding with someone else, 4 percent taking mass transit, and 3 percent walking.

If the average commuter takes 52 minutes to go 32 miles, that means the average commuter is driving at 37 miles an hour. Obviously, drivers go slower getting to and from the highway, and start and stop traffic takes longer than cruising at highway speeds, but let's just be simple and work with 37 miles an hour.

According to a 2007 United States Census report, 77 percent of American workers drive themselves to work alone. So let's work with that. As I discussed elsewhere in the book, there are roughly 234 million Americans in the civilian, non-institutional population. Let's drop out the 20 million or so we know who are not working right now, which leaves us with 214 million Americans.

214 million American commuters

That gives us about 164 million Americans who drive themselves to and from work. Multiplying 164 million by the average daily trip distance of 32 miles, we get 5,248,000,000 miles driven by American commuters each day. If the zeroes are getting to you, that's 5.2 billion miles driven each day.

Are you sitting down? That's 1.9 trillion miles driven by American commuters each year.

Now let's have some fun. Just how much fuel are we consuming by commuting? This is not an easy number to come by, so we'll be conservative again, in order to present the best-case scenario. Newer cars get better gas mileage, so let's just assume everyone's driving a 2009 or later model-year vehicle.

According to the US Department of Energy, the most fuel-efficient regular ol' gasoline vehicles were teeny-weeny two-seaters, which averaged 33 miles-per-gallon in the city and 41 on the highway. Of the 16 cars rated as most fuel efficient, the worst of these most fuel efficient rated 18 miles-per-gallon in the city and 27 on the highway.

We all know that your fuel economy is better on the highway and worse in city. And we also know our average driver is driving at 37 miles an hour, so we'll just take the highway and city miles-per-gallon numbers and average them.

So, just for the sake of our quick analysis, let's assume that the average driver gets about 22.5 miles-per-gallon commuting to work, which fits the mileage for an average American commuter vehicle.

Remember our 1.9 trillion commuter miles driven each year? If we divide that by 22.5 miles-per-gallon, we'll discover that American commuters use about 85 billion gallons of gasoline each year.

85 billion gallons

Gasoline prices have been all over the map, but let's just say that gas is a low $3 per gallon. That means American commuters spend about $255 billion per year just to commute to work.

I found it somewhat difficult to find average carbon footprint measurements for all these commuters, so I took the easy way out and used the "carbon footprint calculator" at TerraPass.com, a tool created by Dr Karl Ulrich of the University of Pennsylvania. It's not an official, unimpeachable source, but it's probably good enough for some rough estimates.

According to the TerraPass calculator, our average commuter generates 7,114 pounds of carbon dioxide per year, simply driving to and from work. Calculated out nationally, that's 1,166,696,000,000 (1.16 trillion) pounds of carbon dioxide generated each year simply by commuting Americans, just during their commutes.

Let's recap some of our numbers. First, let's look at individual commuters:

• 52 minutes commuting each day, for about 225 hours a year (that's almost six full, 40-hour work weeks, just commuting)

• 32 miles round trip, for about 8,320 miles driven a year

• 22.5 miles per gallon, for about 369 gallons of gas consumed per year

• $3 per gallon, for about $1,109 spent per person commuting, and

• 7,114 pounds of carbon dioxide released each year commuting.

Now let's look at this across America, for a full year.

• Americans spend 36.9 billion hours a year commuting

• Americans drive 1.9 trillion miles commuting each year

• Americans spend $255 billion just for the gasoline to commute

• Americans consume 60.5 billion gallons of gasoline (the capacity of 1,298 Exxon Valdez tankers, fully loaded) each year to commute

• Americans release 1.16 trillion pounds of carbon dioxide into the air while commuting.

Remember, that's a conservative estimate; it doesn't include how much of our taxes goes to road maintenance, how much we spend on cars, how many cars become scrap material, the cost of day care for working parents, and on and on and on.

Update: This is only one of a series of articles, but to answer the question posed by commenters below, and articulated perfectly by my colleague Steven Cherry, not all "cops, bartenders, assembly line workers, crop pickers, insurance adjusters" can work from home. But as commenter @Jeff_D_Programmer said below, even if only 3 percent work from home, there will be enormous benefits.

By the way, if you want to see where this data came from, here's a comprehensive list of my research resources.

Stay tuned. Next week, I'll discuss the benefits to the American economy if more Americans worked from home.

Related articles

• Yahoo: Fix your culture and get better telecommuting tools

• Can other companies go the Yahoo way?

• Yahoo seeks to reboot notorious company culture

• Marissa Mayer, I hear you

• Telecommuting: Dead or alive?

• First Yahoo, now Best Buy ends home working for staff

• Who's left to stand up for teleworking?

• Why Yahoo's "no home working" rule will lead us back into the office

• Should all staff members work in the office? Yahoo thinks so

The article focuses, as they say, "on another network", but the piracy challenges are quite real for any online content producer, TV network, blog writer, or software developer.

I've talked before how, back in the days when I wrote and sold software, I'd often get support complaints from people who either downloaded pirated copies of the software I'd written, or worse, paid someone for copies who had never bought them from me.

I've seen copies of articles I've written for sale on Amazon. And I wrote last summer about the lowlifes who completely cloned copies of my iPhone apps (right down to the marketing copy) and are still selling them on the Apple Store, right under Apple's apparently uncaring nose.

The WSJ article goes into detail about how challenging the fight is, because with video content, pirates steal episodes immediately and post them. It details an NBC anti-piracy unit that tries to fight all these illegal posts.

I have a couple of problems with the WSJ article. The first is that it seemed to support the inevitability of damaging SOPA-like legislation, and I just don't think Americans need to have their privacy rights damaged completely just to protect episodes of The Biggest Loser.

If yet more legislation won't solve the piracy problem, is there anything that can reduce it? Yes, as it turns out, I believe there is.

A few weeks ago, our TiVo glitched and didn't record a complete episode of one of my wife's favorite shows. She was very disappointed because it's one of those shows that builds on the story of the previous week.

Initially, I thought the problem would be easy to solve by simply buying the episode online. I looked on Netflix. I looked on Hulu. I looked on Amazon. I looked on iTunes. I looked at the network's own website. As it turns out, the previous season was available on iTunes, but current episodes were not.

Now, I know better than to go download a torrent of the episode. You shouldn't download torrents either. First, you're probably violating a law; and second, you're probably subjecting your computer to all sorts of nasty payloads.

The problem was, my wife didn't get to watch her show. I would have easily spent $2, $3, heck, even the price of a movie admission just to make sure she wasn't disappointed. But the network in question simply didn't offer a pay-for digital version of the show.

This brings me back to my original premise. Many TV providers don't provide online versions of their shows at the same time that they broadcast it. I think this is a huge mistake. I know there is the risk of people cutting off their cable TV services, but if that's going to happen, it's going to happen.

A few simultaneous releases won't change anything. They could even sell episodes at a higher price while the season is running, and then reduce the price once the season is over. We would have quite enthusiastically paid a higher price (all while commenting on the wonders of the internet), just so that my wife could keep up with her show.

If the TV producers make their programs available outside of the "be on the couch at this time of the night" mentality, legitimate viewers will continue to support their programs, and possibly those not quite as law abiding as I am would buy the shows instead of pirating them.

So what was the result of my wife's disappointment? She stopped watching the entire series. She's now working her way through a different series on Netflix instead. The network that didn't make that one show available lost her viewership for all that show's remaining episodes. So did that network's advertisers. My wife actually likes what she calls "the tiny programs", and enjoys watching most commercials.

And no, it's not lost on me that ZDNet is owned by a major media company. And yes, I did run this article past the editors before posting.

My concern is that neither can really go it alone, and we certainly can't rely on device users to police themselves. Some users, when well trained, will go along with our guidelines. But when our users range from teenagers (with their level of immaturity) to our senior VPs (with their almost identical level of unwillingness to take direction), we need to protect our users from themselves.

For consumers, this protection falls squarely on the device makers, who can create some level of protective cushion for users. But even Apple, with all its app approval processes and restrictions, doesn't fully police its environment and has millions of users with jailbroken phones.

The carriers who host users are always fighting something of a losing battle, but they must protect the integrity of the network. It used to be that they'd only allow certain phones, with certain applications that they'd vetted thoroughly, onto their networks. Now, with millions of apps out there, carriers do their best to guard their pipes, but the challenge is huge.

For businesses and enterprises, the network vs. device debate is moot. They must protect both. The best approach is with good policy and training, and by specifically allowing only certain devices onto their networks. But even those approaches can run into snags, like when an employee with a BYOD device is terminated with cause — and some procedure must be followed to remove corporate data from a personal device.

In the long run, we're going to need to see protections on both sides. Networks will need to get more secure, intrusion protection systems will be necessary as BYOD devices waltz past the firewall. Devices, either with bare-metal hypervisors or features like the BlackBerry Balance and Samsung Knox, may be able to help keep their users just a little bit safer.

The bottom line, though, is this: device or network, we're still going to be under constant attack, constant threat of incursion, and we're still going to need to be almost preternaturally diligent to keep our enterprises and users safe.

If your neighbor doesn't like that you watch certain TV shows, is it okay for him to come over and smash your TV?

If your neighbor doesn't like the gas guzzler you drive, is it ethical for him to take a sledge hammer to your car?

If your neighbor doesn't like the books you read, is it moral for him to burn your house down?

If your neighbor doesn't like the company you work for, is it righteous of him to break into your house and steal your valuables?

If your neighbor doesn't like the computer games you play, is it just hunky-dory for him to destroy the network connections to your entire neighborhood?

Well? Is it okay?

What would the police say? What would the courts say?

Of course, it's not okay. It's not ethical, it's not moral, it's not righteous, it's not hunky-dory. It's simply criminal.

Now, what if your neighbor, instead, simply told you (or even chanted at you) that he doesn't like your TV choices, your car, your books, or even your employer?

Would that be criminal? No. Annoying, yes. Criminal, no.

What if he held up a sign on the public street outside your house, telling you to watch something different or drive something different?

Would that be criminal? No. It might be in violation of one town ordinance or another, it would certainly be unsettling, but it wouldn't be criminal.

What if he kidnapped a bunch of unwilling and unwitting people, drugged or infected them, and forced them all to carry signs and chant? Would that be criminal? Yep, it sure as heck would be.

It's pretty easy to tell the difference between criminal acts and acts of free speech. Criminal acts are destructive. Free speech acts are, at worst, annoying.

Now, let's move on to the topic of a Distributed Denial of Service attack.

Is there ever a case where a DDoS is a form of legitimate protest, or are DDoS attacks criminal at best, and terrorism at worst?

Before we answer the question, let's explore how a DDoS works. All DDoS attacks aren't identical, but most follow a simple pattern: many attackers and one victim.

Let's start with the attackers first. For a DDoS to have any effect at all, there have to be thousands to millions of computers sending out packets to the victim machine or network. That means, the attacker (or activist, if you will), needs to have access to thousands or millions of machines.

The way this is done is through botnets. A botnet controller sends instructions to thousands or millions of zombie computers. These are computers that you use, your mom uses, your boss uses, your cousin uses, your kids use, or even your emergency responders use to save lives. 

To function in a DDoS botnet, these computers have to be infected without their owners' permission, and corrupted with malware that may be used to initiate a DDoS. It's the digital equivalent of kidnapping and drugging or infecting a bunch of people, then making them carry protest signs.

Often, there is damage to the zombified machine, and the infection often has a secondary purpose of keylogging or otherwise stealing information.

So, even without any discussion yet as to the identity or alleged heinousness of the target victim, we see that crimes have been committed, privacy has been invaded, property has been damaged, and — depending on what computers were infected — lives may have been put at risk.

And all of that is without even looking at the damage to the victim or any other collateral damage.

A recent MIT study explored the question of whether there could be an ethical framework for DDoS actions.

According to Molly Sauter, the study's author, there are, "...three major criticisms of activist DDOS actions: that they are the equivalent of censorship, that as symbolic activism they are not as effective as direct action, and that they have unfocused success conditions."

With all due respect to MIT and Ms. Sauter, she completely misses the point. Activist DDoS actions — like all DDoS attacks — are invasive, they are destructive, and they cause extensive collateral damage to non-combatants.

This is not an issue of whether or not the attack is good messaging. This is an assault where actual damage is being done.

If the 9/11 terrorists had merely stood in front of the World Trade Center and Pentagon with protest signs, they wouldn't have been terrorists. But they chose to fly a plane into the buildings, killing not only thousands of office workers, but also the unwitting and certainly unwilling passengers on Flights 11, 77, and 93.

When it comes to a DDoS, whether or not the intended victim is a schmuck or not has no bearing on whether such attacks can be considered ethical. Beyond the hijacked attack computers, interrupting service can cause all sorts of collateral damage.

No sane person (at least outside the financial industry) will argue that our bankers are entirely ethical. But using a DDoS to block a bank from processing transactions may block individual depositors from accessing their money. What if someone needs to make a financial system transaction for, say, emergency healthcare?

To that end, as I wrote in How To Save Jobs (free download), and Steven Brill wrote in TIME Magazine, it's clear that most hospitals, insurance companies, and healthcare providers have themselves quite a racket at the expense of American citizens.

Using a DDoS to shut down an insurance company may also prevent a patient in need from getting timely healthcare. Using a DDoS or a hack to attack the power grid may inconvenience the fat cat utility CEOs, but it might also cut off power to people who need it to stay warm, study for a test, or power a medical device.

All that doesn't include the stress and expense that comes from being on the receiving end of a DDoS. An activist group might be angry at a bank or an insurance company, but the person at the direct front-line receiving end of the attack is the IT manager — who may well lose his or her job for not preventing the unpreventable.

Or a DDoS might be used against a small company or organization. I can tell you from personal experience that fighting off millions of computers at once is no fun, highly destructive, and almost incomprehensibly stressful.

Then there's the actual cost of the attack. Forrester Consulting recently did a survey of companies to ascertain actual costs of an attack. They reported on one company that would lose more than $10 million in revenue for each hour offline. They disclosed two "respondents would lose between $1 million and $2 million per hour, five indicated that they would lose between $200,000 and $500,000 per hour, and eight would lose between $50,000 and $200,000 per hour."

That's just the loss of revenue. That doesn't include the cost of the battle itself, the IT expense, the manpower, increases in insurance fees, the cost of the eventual layoffs that would likely happen after a sudden large loss of income, or the incalculable inconvenience and resulting consequences to individual customers.

We can simplify the job cost number a bit using research from Ponemon Institute reports that DDoS attacks cost companies an average of $3.5 million each year.

They surveyed 700 companies and 65 percent (455 companies) reported being on the receiving end of at least three DDoS attacks a year. So let's take those 455 companies and multiply that out by $3.5 million dollars.

Just this set of survey respondents alone lost $1.6 billion dollars due to DDoS attacks.

So, let me ask you this: how many jobs could have been created if $1.6 billion hadn't been lost to DDoS attacks? In How To Save Jobs, I used $50,000 as a workable average salary number in the United States. So, how many $50,000 salaries could have been paid out of that $1.6 billion? The answer is 32,000.

You can look at this two ways: the $1.6 billion spent by the survey respondents either cost 32,000 people their jobs, or it could have provided enough money to hire 32,000 people.

In either case, just looking at the small set of survey respondents for one survey, DDoS attacks cost just about 32,000 jobs. Given the worldwide prevalence of DDoS attacks, the actual cost in dollars and jobs is far higher. 

Now, let's bring this back to the discussion of legitimate form of protest vs. terrorism.

If you woke up tomorrow and turned to your favorite news outlet, and you read or heard that 32,000 people had lost their jobs as a result of some kind of attack, would you think terrorism or would you think legitimate form of protest?

Without a doubt, there is absolutely no ethical, moral, religious, or righteous justification for a DDoS. Unlike civilized protests, DDoS attacks inflict damage and pain on a very large number of unwilling and unwitting victims, expose them to future infection, theft, and hardship, and result in astonishing financial losses.

There is no room for prevarication. A distributed denial of service attack is criminal and may well be a terrorist attack. There is no high ground here. If you participate in a DDoS attack, you're either a criminal or a terrorist...and a fool.

There seems to be some kind of major malfunction in the strategic thought processes of China’s leaders.

If one nation attacked, the other was sure to respond. The term “overkill” came to have dire meaning as weapons experts realized that not only could each nation blast the other back into the Stone Age, but there were so many missiles that we could, theoretically, destroy each other many times over.

It was mad. It was, in fact, MAD, as in Mutually-Assured Destruction.

Even in these dire times, cooler heads gave voice to practical concerns. While neither country had much love for the other, the idea of blasting each other into glass didn’t hold much appeal either. If one country or the other could just do it, and win, that would be one thing. But MAD was the maddening truth, and so a smarter strategy needed to be considered.

And so, in 1969, an odd set of negotiations began called the “Strategic Arms Limitations Talks,” or SALT. The talks weren’t designed to limit the number of ballistic nuclear weapons. Instead, they were designed to limit the number of anti-ballistic nuclear weapons – or weapons designed to defend against ICBMs. To be fair, a lot of that technology didn’t even exist at the time (the much-later Reagan Star Wars program was the beginning of real counter-ICBM technology), but it was something.

SALT lead to SALT II, which the U.S. decided not to ratify because – get this – the USSR invaded Afghanistan.

Ah, the irony.

In any case, later SALT II lead to START, which led to START II, which ultimately led to the two nations limiting the number of nuclear missiles to just mere total destruction, rather than 30-times or 60-times overkill.

Then, of course, the USSR became Russia and Russia discovered the value of cash, and who knows what became of all that fissionable material and technology? But hey, they’re now our buddies, right?

After all, almost 300 million of us worldwide have installed anti-malware software on our computers from Kaspersky, a Russian company that is now the world’s fourth largest supply of anti-malware to consumers.

Irony upon irony aside, we’re here today to talk about China, not Russia. All this has been just background so you’re clear on the idea of arms limitation talks.

See, here’s the problem: China and the U.S. may also be poised for mutually-assured destruction, this time of a digital nature.

There seems to be some kind of major malfunction in the strategic thought processes of China’s leaders. They seem to think it’s acceptable to mount hacking attack after hacking attack against United States’ interests – against our government, our industry, and our citizens.

The recent attacks against The New York Times and The Washington Post were traced back to government-backed Chinese hackers. And now, security firm Mandiant, the company hired by both media outlets to trace and mitigate the attacks, has released a report claiming an “overwhelming” number of cyberattacks can be traced to facilities operated by the Chinese government.

Here’s how this could play out.

China could continue attack the United States. To think the United States won’t return the favor is unrealistic.

If we don’t start some level of reasonable cyberarms limitation talks now, there will be a conflagration later.

First, we’re the country that is home to Apple and Microsoft and Google and Facebook and many other companies with very smart computer scientists, none of whom want foreigners (or even their neighbors) traipsing around inside their computer networks without an invitation.

Second, it would be very un-strategic for the United States to not build an offensive cyberwar capability. The U.S. has always optimized for strategic offense as a way to win wars. While there has been no public admission of an assault arm of the nation’s strategic cybersecurity forces, it would be ludicrous to think such a capability hasn’t been created. The New York Times even reported that the Stuxnet attacks against Iranian centrifuges were masterminded by the U.S.

So China could attack U.S. companies. The U.S. American companies, completely without any involvement from the U.S. government could attack China in order to make the originating attacks stop.

China could retaliate, attacking our infrastructure, perhaps causing damage or downtime to our power grid or water management. The United States cyberforces could retaliate, perhaps causing similar damage to China.

Attack. Counter-attack. Retaliation. Attack back.

At some point, critical infrastructure, like the ability to order pizza online, would be affected. A little later, more systems might go down.

If both companies decided to get into a full-tilt cyberpissing match, it’s entirely likely that financial systems, electrical systems, transportation systems, health care systems, and many of our other way-of-life networks would simply cease to function.

It wouldn’t be a nuclear attack, but we’d still be knocked back to the Stone Age. While the prospect of never again hearing “did you see my Facebook post?” has its appeal, the fact is, we are now so reliant on Internet infrastructure that if the net goes down, we go down with it.

Since China is desperately trying to move its population into the middle class, if we go down, we’re likely to take China down with us. If you think the prospect of a few cranky Texans are scary, imagine how the Chinese leadership must feel about the prospect of a Stone Age population numbering 1.3 billion, many still sporting that newly-entitled attitude, and all very angry about basics like not being able to get food.

The point here is, neither of us can win if we attack each other. While that fact may be hard to get through the heads of the Chinese leadership, it’s an essential truth.

At this point, I don’t think a few high-level phone calls from our new looks-like-an-apple-doll Secretary of State, John “watch me windsurf” Kerry, will convince the Chinese to cut it the heck out.

For some relatively short-sighted reason, the People’s Liberation Army and the Chinese leadership seem to endorse these cyberattacks based on short-term desires, like preventing American news outlets from printing juicy stories. Like that would ever work.

But back in the 1960s, the Soviets were as confrontational and shoe-bangingly disagreeable as the Chinese leaders are today. And yet, some Soviet leaders managed to do the math and were able to comprehend the madness of mutually-assured destruction.

That comprehension led to SALT and the various other talks that did, in fact, reduce the worldwide nuclear risk by some measurable degree. At the very least, those talks made clear to both parties the desire to never see destruction, and the absolute willingness to go there if the other pulled the trigger.

I think we’re at a point where we need to initiate cyberSALT talks with China.

If we don’t start some level of reasonable cyberarms limitation talks now, there will be a conflagration later.

Here’s the thing. Back in the 60s, all the nukes were in the hands of the governments. Now, our cyberweapons are not. Now, our companies (and our teenagers) also have the means to build weapons of digital destruction.

While it might have been possible for the Americans to reason (after a fashion) with the Soviets and the Soviets to reason with the Americans, can you imagine how much like talking to a brick wall it would be for anyone to try reasoning with a teenager, or, worse, Apple (a company that often shows the responsive communications skills of the most sullen of teenagers) after it was on the receiving end of a cyberattack?

My recommendation to both nations is to begin diplomatic talks limiting these cyber-incursions. And while you’re at it, invite Google and Facebook and Microsoft. Don’t bother inviting Apple or the neighborhood teenagers. They probably wouldn’t show up anyway.

Today is not a normal day. While the union is undergoing its usual economic and political stresses, with the sad addition of increased gun violence, what I consider the most important story got only a two-paragraph mention in President Obama’s speech last night.

Read this

Obama's cybersecurity executive order: What you need to know

• Read more

America is being attacked. Constantly. Unrelentingly. We are being attacked by enemy nation states (like North Korea), frenemy nation states (like China and Russia), friendly nation states (like France and Israel), hacker groups (like Anonymous), just plain ol’ organized crime organizations out to make a buck, and individual hackers out to make a name for themselves.

Although the President only gave the cyberthreat two paragraphs of attention in his speech, he did something else very important yesterday: he issued an Executive Order, “Improving Critical Infrastructure Cybersecurity” (full text, ZDNet analysis).

It is at this point that I must share with you an important disclosure about myself. I am a member of the FBI’s InfraGard program, the infrastructure security partnership between the FBI and industry. I am also a member of the U.S. Naval Institute and the National Defense Industrial Association, the leading defense industry association promoting national security. I'm also the Cyberwarfare Advisor to the International Association of Counterterrorism and Security Professionals.

I’m telling you this because you need to know that I look at these issues from a similar perspective as those in Homeland Security and the other three-letter agencies. We have a challenge here: we are being attacked. We have a second challenge: we Americans cherish our privacy and any defense has to also protect that privacy.

Let me be blunt: I don’t think President Obama went far enough.

Mr. Obama's Executive Order is a step in the right directly, but it’s not strong enough and may even open the door to new exploits.

I also think President Obama missed a golden opportunity to involve the American people. In fact, I think he squandered a necessary, critical, golden opportunity – using  the bully pulpit of the State of the Union and its worldwide media coverage to involve American citizens in their own cyberdefense.

On the other hand, the Executive Order generally gets the privacy protection side of things pretty much right. Previous attempts at cybersecurity legislation have forgotten the the importance of privacy. When CISPA and SOPA were spun up, so were the forces of We The Internet, and rightly so. Those were both bad law-making and they were rightfully squashed.

President Obama’s new Executive Order takes those concerns into account. “Privacy” is mentioned 14 times in the order. Section 5 of the document is entitled, “Privacy and Civil Liberties Protections,” and provides substantial and reasonably guidelines for the ongoing maintenance of our sacred freedoms.

This is supported by a statement from the ACLU (quoting from an article in The Hill):

"The president’s executive order rightly focuses on cybersecurity solutions that don’t negatively impact civil liberties," Michelle Richardson, a legislative counsel for the ACLU, in a statement. "For example, greasing the wheels of information sharing from the government to the private sector is a privacy-neutral way to distribute critical cyber information."

Unfortunately, in its first run through Congress, CISPA seemed to miss the point about America freedom and privacy. I am not convinced that additional legislation, especially the way CISPA was written, is necessary to protect America, since our existing laws about crime, espionage, and warfare pretty much cover the defensive aspects of the cyberthreat.

I am also deeply concerned about reports that CISPA is back on the table, essentially unchanged. Sadly, in 5 reasons why SOPA, PROTECT-IP and other legislative idiocy will never die, I predicted this sort of thing would keep on happening.

On the other hand, the new Executive Order seeks to set mandatory cybersecurity standards for government agencies and voluntary standards for U.S. companies and organizations.

However, as malware guru Phil Owens mentioned to me in yesterday’s cybersecurity webcast, once you set standards, you also set a minimum bar for acceptability. Essentially, you’re telling agencies and businesses that “this is good enough,” and you’re telling attackers, “This is what we’re watching for,” leaving the door open for attack vectors not covered in regulations.

My ZDNet colleague and friend Zack Whittaker points out that the terms “cyberthreat” and “cyberintrusions,” remain relatively undefined. His contention is that those “hacktivist” organizations that choose to use Distributed Denial of Service (DDoS) attacks as a form of protest speech might then be targeted by the US government.

My take on DDoS as protest speech is quite simple: DDoS is an attack that must be defended, and the attackers must be brought to justice. In fact, a DDoS attack is an asymmetrical attack, which means that the attackers often have a vast logistical advantage over the defenders.

There is a difference between a flash mob (or even a Million-Man March) and a DDoS attack. A DDoS attack uses computers infiltrated against the will of their users, and turns ordinary computer users into cannon fodder. It would be as if – when a group decided they wanted to conduct a flash mob in protest – they broke into millions of homes, kidnapped the residents, and dragged them along, just to raise their numbers for the TV cameras.

As someone who’s had to defend against an attack from millions of computers a day aimed at a few private servers, I have not a shred of patience for anyone conducting a DDoS. There is no excuse for a DDoS and it is not and never will be a legitimate form of protest.

Moving on, I mentioned earlier that President Obama squandered a golden opportunity.

When the President discussed cybersecurity in his speech, he made it sound like something that’s the concern of government and industry. Although he mentioned identity theft, he didn’t involve the American people – moms, dads, grandparents, kids, teachers, students, office workers, Facebookers – in the discussion.

He didn’t make the threat real to real Americans.

In World War II, when the Nazis were bombing London, the British government communicated the threat to their people. It was obvious, as bombs were dropping. But the government made it clear that everyone had some responsibility in the national defense.

They instituted blackout rules, requiring lights to be doused at night, or black curtains to be hung over windows. The reasoning was very practical. If a Luftwaffe bomber could see a lit building, it could hit the building.

Now, say there was an apartment building with 100 apartments. If even one resident ignored the blackout rules, the building might be hit, and hundreds of tenants might be killed – just because one person disregarded the defensive rules.

This is quite analogous to our cybersecurity problems today. We are not just getting attacked at the entry point to banking networks or federal agencies. No. In fact, most of the attacks are being conducted against regular American citizens, you, me, your mom, my dad, and so on.

If any one of us has poor defenses, malware (like the kind that tunneled into the New York Times last week) could make it into our home networks, and then spread from family member to family member, from home computer to work computer, from work computer to work network, and so on.

Where President Obama missed his opportunity was making this point. We, as Americans, will never ever have a comprehensive cybersecurity defense until every computer-using American is safe from attack. And every computer-using American won’t be safe from attack until each of us fully understands both the risks and the methods of protection.

We need this to be a national priority, a message of Presidential import, and Mr. Obama missed it.

Until every American is on board, until every American is aware of the threat, until every American is actively involved in his or her own defensive behavior, cyberattackers have an easy, wide-open invitation to enter, pillage, and plunder our networks.

This is war. It’s a war where, whether we like it or not, we’re all combatants. I just wish President Obama had explained that to his fellow Americans.

What got hacked?

According to the original article, six individual email accounts were compromised, although the Web site only enumerates five individuals. That point is, in and of itself, curious. The pattern of who was compromised is quite interesting as well, depending on whether you describe the individual as related to the first President Bush (George H.W.) or his son (George W.):

The reason for the above chart is to help us see if there are any patterns. The original article from The Smoking Gun is (probably purposely) obtuse, but it seems to indicate that six accounts were compromised. Another possibility is that one account was compromised, but had a large collection of correspondence from the other accounts.

In any case, because the information released was – in the main – about Poppy Bush and correspondence related to his condition, and since the cluster of compromise is considerably closer to the elder President, if I were heading an investigation team, I’d start with those in 41’s circle of associates and see where there might be clues.

How did the hacker do it?

There are two key ways a hacker gains access to a public-cloud email account. The first is by figuring out the user name and the password. The second is by some form of meat-space interaction.

Let’s look at that second option first. At least three of the victims are in their 70s or older. The odds of them all having good password discipline is minimal. In fact, it’s entirely possible that at least one of them wrote their password down and left it out in the open. I’ve seen people who use physical yellow sticky notes and paste their account names and passwords on their monitors.

In the case of the victims, there is the possibility that this sort of error was made, and that someone in their circle, possibly a service provider, found the written password and account information and made use of it. It’s also possible that one of these service providers were actually given the login information, and asked to retrieve messages, and type back replies to correspondents.

In other words, the butler could have done it.

On the other hand, as with the Sarah Palin email hack, the hacker may have guessed the password for the account, either because of poor password hygiene on the part of a victim, or because of the availability of substantial publicly-retrievable information on the victims.

Why did the hacker do it?

While there’s always the possibility of a brilliant hacker who managed to tunnel in through miles and miles of secure defenses, I find that increasingly unlikely.

This wasn’t a strategically motivated hack. We have a long experience with hackers who penetrate a network or an email account and keep that information to themselves. Their purpose is espionage, the gathering of information – and they don’t want to let anyone know they’re there.

If this were a strategically motivated hack by another nation state or even a rival political player, we wouldn’t be reading about it now, and we certainly wouldn’t be reading about it because the hacker released his “take” for publication.

No, the hacker wanted bragging rights. This may be someone who has a personal grudge against the Bush family, as indicated by the statement in The Smoking Gun, “i have an old game with the [expletive deleted] bastards inside, this is just another chapter in the game.”

Of course, it's possible that the hacker is simply an individual who dislikes the Bushes and imagines a personal relationship of some kind with them, or who was simply showing off the fact that he or she was able to gain access.

How will this hack be investigated?

If I were leading this investigation, I’d look initially for someone who had regular, if intermittent contact with the Bushes, in a service-provider role. Although some of the information released was somewhat politically embarrassing (a statement made by Jeb about President Clinton, for example), most of the information and the photographs were deeply personal.

Releasing that sort of information would more likely to be done by someone with a personal grudge (and probably some level of access). The Bush family is a proud family, and releasing personal information about Poppy’s illness and how family and friends might deal with their grief should he succumb smacks far more of a personal grudge than a political one.

As for how this hack will be investigated, here’s a pretty simple answer: with the full might and power of the United States government. Personal and private details about the health and communications of two former Presidents, two former First Ladies, and a former governor were compromised.

Nothing – nothing – will stop the Secret Service and FBI from tracking this one down.

Will the hacker be caught?

I’ve been asked this question a lot in the past few days. In fact, I did an interview with NY Daily News, where I was asked that question: “Cybersecurity author David Gewirtz placed the odds of an arrest at 100%”

On the other hand, Daily News asked Eddie Schwartz, of cybersecurity firm RSA the same question. His answer: “Some hackers are very good at covering their tracks.”

I’m sure Mr. Schwartz is good at his job, but in this case, he’s wrong. The hacker has done very little to cover his tracks and – instead – seems more interested in showing off than in maintaining operational security.

This hacker will be caught. Of that, there’s no doubt.

By the way, if you want to know more about Bush administration email, you can read many more articles on the topic and my book (a free download) by clicking here.

In about three hours today, my world view changed radically.

Let me be clear, this is not an "warm-fuzzy" or "let's join hands and feel good together" kind of statement. My view of the world changed radically.

That's because the world changed radically. At about noon, it was proto-spring. The grass was almost green, the ground was getting soft. At times this weekend, it almost hit seventy.

Then, in three short hours, everything was white. Winter happened and the world changed. Everything slowed down. Hues were replaced with contrast, gradiations of white to gray.

And Mother Nature reminded us all, that despite the power of our electrons, our Internet, our concrete spreaders, our street cleaning machines, our superior technology or apparent intellect--despite all that--Mother Nature was still clearly in charge.

As winter storms go, this was benign. Road conditions were pretty good. And the scenery was jaw-droppingly beautiful. I drove home under a canopy of white dusted branches, past farm fields that truly did seem as pure as the driven snow.

By early next week, today's snow will be but a memory. Perhaps that was her point. To make us remember. For under some of those fields, humans created toxic dumps that eventually became SuperFund sites, that eventually became clean again.

Let's try to remember her lesson. That Mother Nature has enormous influence on our world view and that view can be lovely. But we live in that world, recipient's of Mother Nature's gifts. Let's remember to respect those gifts.

But let's also remember the power of her fury. Lest we forget.

Once again, you're in our thoughts. Be safe out there!

A preventive war, to my mind, is an impossibility today. How could you have one if one of its features would be several cities lying in ruins, several cities where many, many thousands of people would be dead and injured and mangled, the transportation systems destroyed, sanitation implements and systems all gone? That isn't preventive war; that is war.

When considering cyberwar, Eisenhower’s statement can prove quite instructive. When exploring the question of where cyberattacks and cyberespionage fit into the pantheon of battle scenarios, there has always been the general feeling that cyberwar is to “real” war as fantasy football is to football.

In other words, cyberwar doesn’t do physical harm, so it’s not quite as real as war. Or is it?

As Ike pointed out, if an attack – no matter what it’s called – destroys our systems of civilization, it’s war. In that context, whether the weapons are flung by solid fuel rockets or Core i7 processors, where there is destruction, there is war.

In October 2012, a malware infection introduced via USB drive (reminiscent of the Stuxnet attacks), was reported by ISC-CERT (PDF) as having delayed the restart of an unnamed U.S. power plant by three weeks. According to Homeland Security, 40 percent of cyberattacks have targeted the energy sector. Back in May, ISC-CERT reported ongoing attacks against America’s natural gas pipeline companies.

When there are constant, advanced, persistent attacks targeting America’s energy grid, and when some of them make it through to the point of keeping at least one power plant offline for weeks, that’s no longer just cyberwar, that’s war.

This past week saw an almost breathtaking array of cyberattacks, initiated by a widely varied set of actors, with a widely multifarious set of agendas:

• China is almost undoubtedly the source of persistent penetration attempts against both The New York Times and The Washington Post. These were espionage operations designed to uncover names of Chinese dissidents and, presumably, then either incarcerate them – or worse.
• Twitter was hacked, and 250,000 accounts were compromised. According to the company, this was a very professional attack.
• Our own ZDNet site (along with other major media Web sites) saw red when a malware alert was shown to visitors attempting to read our articles. As it turns out, one of our advertising partners, NetSeer, was hacked, and their site was infected by malware. When Google detected it, any site linking to or serving NetSeer content was blocked by a warning.
• Hacker collective Anonymous took aim at the banking sector, and reportedly posted 4,000 login credentials for senior banking officials. Anonymous also hacked into (repeatedly, it turns out) and defaced two government Web sites.
• The Department of Homeland Security advised that all users – all users – stop using Java because exploits actually in the wild could lead to computers being remotely controlled by attackers and criminals.
• A few days later, DHS advised users (again, all users) to disable UPnP (Universal Plug ‘n Play) technology – a key technology that makes it easier to connect devices like printers to internal networks. Over 80 million devices were identified in an Internet-wide scan as being vulnerable to accepting and executing malevolent code payloads.

And this has only been in the last week. Not only are we seeing more and more cyberattacks, the velocity of the increase is increasing as well.

When United States Secretary of Homeland Security Janet Napolitano says there’s a growing potential for an imminent cyber 9/11, I’m sorry to say I have to concur.

Two years ago, shortly after I’d begun what would become extensive research into Stuxnet, I asked, “Is using preemptive cyberwarfare good national security policy?”

At the time, I was still thinking of war and espionage and crime as separate things, threats that could be sorted into separate buckets. But as I’ve come to know more and more about how cyberwar is evolving, it’s become clear that these things are becoming conflated.

Nation states use cybercrime to fund their internal operations, other nation states use cyberespionage to track down and detain dissidents. Activist hackers attack our government resources and financial institutions. And, of course, there are those attacks against our power grid.

Into this reality comes a report that the President can order “preemptive” cyberstrikes if the United States faces attack. Like the original Stuxnet report from The New York Times, this one is attributed to unnamed, but apparently credible sources. Because neither of these reports can be verified, they can’t be considered fact. That said, whether verifiably true or not, these claims certainly fit with the evolving nature of cyberwar and America’s role in this new battlespace.

In 2010, I asked, “(1) is a preemptive attack of any form necessary for national security, and (2) can that attack be more effective or save more lives using virtual weapons?”

As President Eisenhower said, “a preventative war” is “an impossibility.” Likewise, it has become clear that – given the millions of cyberattacks happening on any given day – there is no longer any such thing as a “pre-emptive” cyberattack. We're unlikely to get them before they (at the very least) try to get us. 

That doesn’t mean the United States (and other Western nations) shouldn’t field armies of cyberwarriors. We are clearly under attack. We must, absolutely must, fight back and defend ourselves.

But let’s not fool ourselves.

Certainly some sorts of digital attacks can cause damage without directly putting lives at risk, but the simple fact is: people are going to get hurt. There will be collateral damage.

Whether destruction is being perpetrated by a recognized nation or a despised organization, whether the fighters use conventional weapons or digital ones, in the immortal words of Kanye West, “It’s a war going on outside, we ain’t safe.”

These future lawyers were trying to understand the technical nature of how cybercrime works, who commits these crimes, and how people the world over are affected by digital attacks and theft.

What follows is that discussion. Of note, to those of you following my Skype Studio project, this the first use of a new sound system (which I'll detail in a later article). I think it's a major improvement over previous interviews.

Thanks to UNH for hosting me, and good luck to its students. And now, the seminar...

Sometimes your tax dollars at work can be a source of incredible amusement, and I'm not just talking about Congress. Oh, no. I'm talking about the White House's official petition system, wherein Americans waste our Executive Branch's time on requests and demands of dubious value.

So, really, I could be talking about Congress.

If you're not up to speed on the White House petition system, it's an interesting use of online communication and crowdsourcing. ZDNet reader (and friend of the blog) Gary Stark suggested I take a look at the site at petitions.whitehouse.gov, thinking it might be a source of good material.

It did not disappoint.

Here's the basic premise. Anyone can login and create a petition. For anything. Let's say, for example, you'd like the United States government to build the Death Star from Star Wars. You just create a petition. There are two thresholds. The first is that you have to get 150 online signatures within 30 days for your petition to be searchable on whitehouse.gov.

The second threshold is more fun. If you happen to get 25,000 online signatures, the White House will write you an official response to the petition.

Can you see where this is going?

Some petitions haven't had much in the way of legs. For example, one petition asks the White House to revoke the license of a doctor in Florida, because the petition writers claim he's a drug dealer. That has 364 signatures. Another asks the White House to ask California Governor Jerry Brown to give ferret owners a fair hearing (seriously, you can't make this stuff up). That one has 1,197 signatures.

11,000 people (give or take a hundred) want to ban Dianne Feinstein. They don't really specify what the California senator is to be banned from, but they're pretty gung-ho about it.

And then we get to the good stuff. For example, 6,136 people have signed a petition to require NASA to do a feasibility study and conceptual design of a first generation USS Enterprise interplanetary spaceship.

None of these has gathered enough support to warrant an official response. But a few have.

Take, for example, the petition where the petition writers politely ask the Obama administration to impeach President Obama. That one got 49,890 signatures, so... yeah, the the White House responded. The short answer: no. You've got to give the White House credit, though. They used their response to tell participants that their voices are being heard.

And all that brings us to the Death Star. This is, perhaps, the best use of Executive Branch time in the history of the Republic. As it turns out, 34,435 people have requested that the White House secure resources and funding, and begin construction of a Death Star by 2016. It's always good to set a date when you have a goal.

In any case, the White House responded, with what is sure to become a cult classic, the wonderfully named, "This Isn't the Petition Response You're Looking For".

Written by Paul Shawcross, Chief of the Science and Space Branch at the White House Office of Management and Budget, the official response includes a few reasons why a Death Star isn't in our immediate future. These reasons include:

• The construction of the Death Star has been estimated to cost more than $850,000,000,000,000,000. We're working hard to reduce the deficit, not expand it.
• The Administration does not support blowing up planets.
• Why would we spend countless taxpayer dollars on a Death Star with a fundamental flaw that can be exploited by a one-man starship?

Personally, I find it difficult to accept the idea that blowing up planets is bad, but that's me. In any case, I predict that the new White House petition system will be a wonderful source of amusement for many years to come. Will it be an asset to policy or governance? That's anyone's guess.

In any case, the petition for the White House to disclose all information about extra-terrestrial beings is stalled at 1,321 signatures. Apparently far more Americans want to blow up planets than know the truth about who lives there. I love this country!

Also on NEWS.COM: White House shoots down petition to build Death Star

I am clearly not a gun hater.

After the horrible events last month in the Sandy Hook Elementary School, the gun debate has reignited. Gun control advocates claim that America has the most liberal gun possession policy in the world, while traditionalists are worried that Barack Obama himself will come down our chimneys and steal all our guns.

Some argue that if we had better gun control, the attack wouldn't have happened. Others argue if the shooter, Adam Lanza, had gotten better psychological help earlier on, the attack wouldn't have happened. The failings in these arguments are first that Lanza's mother had properly procured and registered guns, and second, Lanza had been receiving treatment, funded in part by his relatively well-off, divorced father.

Some even argue that if all the guns in America were taken away from civilians and reserved simply for the military and law enforcement, events like this wouldn't happen.

And yet, on the very same day, in the Chenpeng Village Primary School, in Wenshu Township in the county of Guangshan in Henan province, in southeastern China, a 36-year-old man named Min Yingjun attacked and injured 22 primary school children with a knife. This was not an isolated incident. A string of school-children stabbings in 2010 injured more than 50 and resulted in the death of 20 innocents.

China is arguably far more restrictive than America, and yet horror somehow found its way into daily life. Laws help provide guidance to sane people, but once individuals reach a certain level of hopelessness or a certain level of nuts, or are just plain evil (a term that's often far too encumbered by religious connotations), bad stuff happens.

And that brings me to the First Amendment. No, I didn't confuse the Second Amendment (the right to bear arms) with the First (freedom of speech). Instead, I want to relate the gun control discussion to another area where restrictions are being put into place that could have a fundamental impact on our freedoms: the digital realm.

Cybercrime (and its cousins, cyberwar, cyberterrorism, and cyberespionage) are on the rise, to a level that has reached "epidemic" proportions.

As a way to protect the populace (and take into account that most technology consumers are not engineers), vendors like Apple and Microsoft have begun implementing app stores that provide access to a wide range of apps that have each been subject to prior review and approval.

With the exception of Linux, Android, and Windows (pre-8), our computing world is being ever more locked down.

Of course, the lockdowns (think of it as byte control) aren't just for the benefit of consumers. I can't play ISOs of DVDs I've purchased on my un-rooted iPad because Apple has instituted a level of media DRM that protects content creators (movie studios) at the expense of content owners (those of us who each legitimately purchased hundrds or thousands of DVDs and Blu-ray disks).

Because of the enormous payola-like influence of media lobbyists, Congress can't seem to keep its hands off of dubious legislation like SOPA and PIPA. Worse, they've managed to conflate the limited issues of piracy and copyright protection with issues of cybercrime and cyberterrorism, and then they've flavored the whole thing with relatively extreme privacy intrusions like PATRIOT and the just renewed FISA.

And that brings me back to the First Amendment. As I've said before, we have a fine line to walk between protecting ourselves and our interests online, and protecting our freedoms.

Here in America, and certainly in other far more restrictive countries, lawmakers, plutocrats, and tyrants are attempting to clamp down on Internet-based digital communication. Some use sophistry to excuse their behavior, claiming that "the online" isn't really quite as legitimate as the old-school mainstream media and print, and therefore digital restrictions are fair game.

But there's a flaw to that thinking. It might not happen now, but it will certainly happen in the next 20-50 years: everything will be digital. Newspapers will stop being printed on dead trees. Books will all be digital and read on tablets. Movies will be distributed digitally. Television will come over the Internet as its primary distribution channel.

In other words, free speech, "freedom of speech, or of the press" will be digital. By restricting our digital freedom, our entire society's ability to communicate freely will be damped down and squelched.

We're all horrified by these school shootings and stabbings. Mass homicide is terrifying, difficult to understand, and almost impossible to prevent without restricting some freedoms, somewhere. And yet, while metal detectors and more intrusive gun laws may seem to provide some level of protection, as we've seen in China, rage and crazy always find a way.

Most Americans are far less horrified by cybercrime and cyberattack, but that's because it's less understandable and less visceral. It is, however, very serious. Although we've yet to attribute a death to a specific cyberattack, we're seeing penetrations of medical systems, transportation systems, and more. Worse, thousands of people every day are losing their life savings, the cost to business is enormous, and many of us IT people have found ourselves on the front lines of a cyber cold war between nations.

There is no doubt that both these situations -- gun violence and cyber violence -- require some legislative attention. The world is changing and our laws need to change along with it.

But we also need to be aware that laws generally only control the law-abiding. Laws won't stop someone like Adam Lanza from lashing out, although it might have limited the death count to only those he could reach in his own home. Laws also won't stop nation states like Iran and China from attacking our citizens, and rogue regimes like North Korea from attempting to use cybercrime as a profit center.

Do we need better gun laws? Sure. Do we need better cybersecurity laws? You bet. But that's not because we will solve all our problems by increasingly restricting our law abiding populace, it's because we need better laws, period. And, by "better," I don't mean more intrusive. I mean better thought out, better coded, better debugged.

Our legal system has been subject to the same sort of feature creep that our operating systems struggle under. The code of laws we live under is a spaghetti code of unmanageability and special interests.

If we, as a nation, are to take serious adult action about our serious adult problems, we're going to have to first have to address one of our more serious issues: how we govern and whether we can afford to continue to tolerate the childish behavior of our leaders.

Isn't it about time our politicians grew up and put American interests before Democratic interests or Republican interests, or the interests of the nearest lobbyist with an open checkbook?

The bottom line is 2013 will hurt. When it comes to cyber-preparedness, we are not in the best position.

Here's a way to put this issue into perspective. I've talked to my fair share of generals and FBI SAICs (special agents in charge), and many of them seem far more freaked out about cyber-related issues than conventional threats. Remember that these are people who have access to a vast amount of real, live, go-boom firepower, and they're deeply worried at a pretty fundamental level about cybersecurity.

Cybercrime, cyberespionage, and straight out cyberattacks will increase in both frequency and ferocity over the next 12 months. Here are some of the challenges we're going to be dealing with:

1. Security breaches will be constant: Just today, the Japan's Ministry of Agriculture, Forestry and Fishery admitted it had been hacked, more than 3,000 documents stolen (which included some of their negotiating strategies).

2. At least one login credential for almost every user will be in the hands of bad guys: With the enormous user authentication database thefts of the past year, and the expected increase in penetrations over the next year, huge, aggregated, big-data databases of user authentication information will be available to criminals.

3. 2013 will be the year the password dies: Because so much data is available to criminals about how we humans think about assigning passwords, password-based security will become essentially useless.

4. 2013 will be the year of multi-factor authentication: Likewise, because passwords will become less and less secure, expect to see most services offer a multi-factor authentication capability, whether via a dedicated dohickey or mobile phone.

5. Mobile gets really messy: Speaking of mobile, 2013 will be the year that smartphones turn into mobile nightmares. While iOS devices are relatively secure, Android phones are one download away from being completely corrupted. From mobile spying devices to always-moving botnet nodes, these things are used by people with minimal technical skill, virtually no attention to security, and a desire for instant gratification. Plus, they contain rich catalogs of juicy identity theft information.

6. Light office users move to tablets for security: As a counterpoint to the previous trend, light office users will move to tablets like the iPad and Surface RT for their increased security and ease of maintenance. Rather than basic, cheap desktop PCs or laptops, users who only need to access Web, email, and Office applications will be running on these thin clients.

7. Cloud failures will result in substantial data loss: Users of large-scale PC applications like Office and Photoshop will be pushed even harder to rent their use online rather than install on their local machines, thereby providing an ongoing revenue stream to application vendors. With so much mission-critical data now residing in the cloud, expect at least one or two shocking cloud failures that not only result in breaches, but also devastating loss of data to users.

8. Hacktivist groups morph: Expect hacktivist groups like Anonymous to remain strong, even though international law enforcement is actively pursuing their members. Individuals, acting anonymously from all over the world, will continue to wreak havoc against any organization that annoys them. However, expect to see these groups infiltrated by both law enforcement and agents of nation-states, and expect the agendas of these previously apolitical groups to be pulled in different directions as professional spies dig in and apply hidden influence.

9. Healthcare-related fraud increases exponentially: As more and more healthcare organizations and doctors' offices go online, and as healthcare continues to get more and more expensive, expect to see shocking levels of healthcare fraud, especially since, as the Washington Post reports, healthcare security is among the worst of all industries.

10. Security-as-a-Service becomes a new cloud market: Some vendors, like GFI, already have solid cloud-based security offerings. But as security becomes more and more of a problem and continues to increase in complexity, expect to see a wide-range of cloud-based security offerings, including some that are very helpful and some that are nothing more than snake oil.

11. Companies will still be unwilling to spend what it takes for good cybersecurity: Even though the economy has been improving, it's certainly not going gangbusters. CTOs will be competing with CMOs for tech dollars, and senior executives will still not fully understand how bad things will get from a security breach or large-scale failure.

12. Nation-state cyberwar escalates: Stuxnet may well have been the tip of the cyberwar iceberg. Expect to see cyber-based attacks used to augment the more traditional work of on-the-ground spies and saboteurs with a longer reach and lower risk -- unless, of course, the attacking weapons fall into the hands of the bad guys, as was the case with Stuxnet. Oops.

13. Rogue nations use cybercrime for fund-raising: Even though many North Koreans don't even have light bulbs, the country has been using cybercrime as a way of raising cash. Expect to see more of this activity, not only from North Korea, but from many of the former Soviet states and smaller Asian and African nations.

14. Congress will continue to disregard the Constitution and our privacy rights: Whether it's a misguided way of protecting us against terrorist attack or simply a wholesale sellout to the music and movie industries, Congress will continue to field bills that undermine our Constitutional rights. Sometimes it's hard to tell who is worse for Americans: the cybercriminals or our politicians.

The bottom line is 2013 will hurt. When it comes to cyber-preparedness, we are not in the best position. Getting our senior executives, politicians, friends, and family to pay attention and pay for security is perhaps our biggest challenge.

This week, I had the opportunity to sit down with Scott Gaydos, HP's Federal Healthcare Chief Technologist to talk about cloud computing, mobile, government healthcare, and some of HP's troubles and triumphs.

It's a fascinating and wide-ranging interview. We had some mysterious sound problems, but they shouldn't keep you from watching an exclusive look inside a company that may be troubled at the board level, but quite capable at the implementation level.

The U.S. has just announced that, "U.S. cannot sign revised telecommunications regulations in their current form." Further, Kramer stated, "ITR should be a high-level document, and the scope of treaty does not extend to the Internet."

ITR in this case refers to International Telecommunications Regulations. Kramer stated that while the final signatories of whatever treaty comes out of WCIT-12 won't be known until tomorrow, the United States and a variety of other countries won't be part of it, "We cannot be part of that consensus."

He further stated, the "world community is at a crossroads of its collective view of the Internet." He also said, the "U.S. will continue to uphold and advance the multistakeholder model of internet governance."

There wasn't just one deal-breaker at the conference, although the last minute Internet resolution introduced last night didn't win any friends in the U.S. delegation. He also stated that there were other issues of disagreement which revolved around the question of whether a treaty would explicitly allow nations to look at content. Interestingly, this includes spam, which the U.S. considers a type of content, and doesn't want to allow to be regulated and inspected.

From an "agency" point of view, Kramer stated, "We don't want lack of clarity of the agencies subject to this. A lot of players could be subject to these regulations." The idea here is that if the definitions in the treaty are too open-ended, many ISPs, and even Web site operators could be subject to formalized regulations that the U.S. doesn't want to encourage.

When I spoke to Ambassador Kramer, I asked him what happens now? Will other countries route around the U.S. desires for an open Internet? And, I also asked, could this lead to what might essentially be two Internets, one open, and one closed?

His answer to me was very interesting. First, he said, "We hope that doesn't happen here". He also said, "Candidly, nations can still do that under national sovereignty."

The key, even though these treaties are non-binding, is that we in the U.S. don't want to set up a situation where various agencies are subject to influence because of the existence of a treaty and America's implied support. By removing America's support from the ITR, it's clear that the U.S. doesn't intend for its players to be subject to the model put forth by more oppressive nations.

He also stated that: "On a second Internet, anything is possible," but "It's not going to be an easy task to set up a different standard, very difficult to pull off," and "We need to continue to do this outreach so we don't inadvertently allow a balkanization of the Internet."

The bottom line, according to Kramer and U.S. policy is that, "Multi-stakeholder model is much more practical in advancing the Internet," even if the "divergence of views is significant."

Kramer believes this isn't over. He stated, "At the end of the day, these ITRs are not legally binding. What is fundamental about this is [there will need to be a] very explicit discussion about views on the Internet and how it should be managed."

Ambassador Kramer ended with, "Candidly, we're resolute on this." 

Let's add to the list of rogue nations such paragons of freedom as Cuba, Algeria, Nigeria, Saudi Arabia, in addition to China, Russia, and the UAE.

According to The Weekly Standard, the chairman of the International Telecommunication Union (ITU) decided to try an end-run around the U.S., Europe, and most freedom-loving nations by conducting a survey of nations and putting forth a resolution that gives governments control over Internet policy, which includes everything you and I send across the pipes.

Apparently, this wasn't a binding policy, but it's a political gambit designed to get the UN to continue the process of trying to wrest control of the Internet from those interested in freedom to those interested in control of freedoms.

I'm a strong believer in a global Internet, but I'm starting to think countries like China and Russia and Cuba and the various regressive Middle Eastern states are more trouble than they're worth. Maybe it's just time we pulled the Internet plug on them*.

*No, I don't seriously think that. I'm just disgusted with these nations.

I firmly believe that the Internet must remain open across the planet, across all peoples, cultures, and political regimes. This kind of middle-of-the-night furtive move is not in any way, shape, or form the spirit of what the Internet has become and these countries must be stopped.

I call on U.S. Ambassador Kramer and the diplomatic teams from all freedom-loving countries to continue to fight these other nations attempt to destroy one of mankind's greatest creations -- and maybe keep one eye open while in bed at night.

That, in fact, is the core of what has had everyone so up in arms. It used to be, in the days before the Internet, that nations with different ideologies could (at least pretty much) keep those ideologies within their borders.

If oppressive and authoritarian nations wanted to be oppressive and authoritarian, they could -- and, short of revolution, their people didn't have much recourse. If freedom-loving nations wanted to have a free and open dialog among their citizens -- even to the point of allowing their press to openly criticize and mock their officials (something I do on nearly a weekly basis) -- it was possible, too.

In this world of borders, it was possible to negotiate treaties where the bad nations (dare I call them evil empires?) could be bad in their own geography, and the good and right nations could be good and right within their own geography.

But then came the Internet and geography became obsolete. Two people could connect with each other as if they were across the room, even though they were across the globe. Entire populations could communicate at light speed, in private, and coordinate their activities, both amongst themselves, and across national boundaries.

For freedom-loving people and nations, this was the natural and desirable evolution of the Internet. It was why the Internet was the Internet. This communication freedom gave the Internet such power that it has transformed all aspects of our existence -- politically, economically, and personally.

But, for oppressive and authoritarian regimes, nations who craved controlling their population, nations who couldn't or wouldn't tolerate the messy chaos we lovingly call democracy, the Internet became a threat. It became a living symbol of the limits of their control, and a tool for their citizenry to see beyond their borders, beyond their ideologies, beyond their limitations, and beyond their oppressed lives. It became a tool for their citizens to become part of the global community -- even as their governments continue to abhor the very globalness and openness that We The Internet cherish so very much.

For the Internet isn't about control. It isn't about censorship. It's about freedom and discourse and kitten videos. It's as insanely powerful as it is intemperately ridiculous.

To nations who exist to control their populace, the Internet is a Wild West of chaos and disruption. Powerful, yes, but power that -- in the minds of their leaders -- should reside in the hands of the leadership, not the citizenry.

And that brings us to the United Nations, the International Telecommunications Union (ITU), and the WCIT conference. For here, the oppressive and authoritarian nations saw an opportunity to wrest control of the Internet from We The Internet and put it in the hands of governments who would have a greater say over what was sent across the pipes and who the pipes connected to.

Fortunately, this chapter of the fight seems to have been won by the forces of light and right. Russia has backed down on their authoritarian proposals, although the United Arab Emirates has still not given up on their attempt to cage the net.

Make no mistake, the forces of darkness will be back. We The Internet will be waiting for them. This is our playing field, our rules. Our Internet.

As you can see from our ongoing coverage, there's been a lot of concern about whether or not the UN's the International Telecommunications Union (ITU) will be able to, essentially, appropriate Internet governance.

Diplomatic and legal behavior works a lot differently than, say, New Jersey negotiation techniques. Where back home, we might just draw a line in what's left of the sand and say, "This far, no farther -- or else," when it comes to diplomacy, it's more about the wording of the treaty and the charter of the organization.

This is important stuff.

According to Ambassador Kramer at the World Conference on International Telecommunications (WCIT), the ITU is chartered for telecom (meaning telephone and old-school networking) and not the Internet. Other nations, like China and Russia, want to extend the charter to cover Internet activities.

His negotiating strategy is to, essentially, hold the ITU to its original charter, which -- by definition -- would blow all the Internet-related governance issues out of the conference.

Kramer is clearly a dude with a clue. He unequivocally separates the concept of the telecom sector from the Internet sector, and said he wants to, "Stay pure to the focus on this conference which is telecom service providers."

He also said, "Fundamentally, the conference should not be dealing with the Internet sector," and, more bluntly, that they're interested in "Keeping the Internet out of this conference."

You can't really be more clear than that.

Unfortunately, other nations have opinions as well. Kramer did say they made progress, because the deliberative body agreed on the definition of "telecommunications." But he also said there is a "Pretty big gap in points of view from a variety of nations" and it's "not an easy issue to work through because it's a philosophical one."

However, when it comes to some of the Russian proposals, like where the Russians want to blur the distinction between telecom security and Internet security, "We draw a very stark line between the two," and, "What are seemingly harmless proposals can open the door to censorship," and, "We're very much opposed to those."

The U.S. ambassador also said, regarding the "most dramatic element of Russian proposal," that is, moving the management of the Internet over to government, "We fundamentally disagree with that."

So, at least at this point, the United States' position is quite clear. That said, if the U.S. team isn't successful in keeping the Internet out of the conference, how much of a risk are we at that the nature of the Internet will change? In that case, what can and will America do to protect the core nature of the net?

For that, we have no answer.

Early reports suggesting failure of support for a joint U.S. - Canada proposal for early discussion on the scope of the International Telecommunications Regulations (ITRs) are inaccurate.  The proposal called for priority discussion of certain “foundational” issues and definitions at the WCIT. As of the end of Tuesday, Dec. 4, 2012, the following progress had been made:

• As proposed by Canada and the United States, the WCIT took up the foundational issues at a high level, within the first two days of the Conference;
• As a result, the Preamble of the ITRs was retained with only minor changes, preserving the original scope and purpose of the treaty;
• The definition of telecommunications in Article 1 of the ITRs was retained with no change;
• The discussion of which entities the treaty would apply to - recognized operating agencies (RoAs) or operating agencies (OAs) – was taken up by a high-level working group reporting directly to the Chairman of the Conference.  The RoA issue remains an important point of discussion for the United States, which will continue to work for its retention in the ITRs.

The U.S. positions on these definitional issues have been supported or shared by numerous countries in Europe, Latin America and Asia.  There has been no “failure” to achieve U.S. objectives; to the contrary, the WCIT has made progress on these issues, validating the proposal by the U.S. and Canada to address them early in the proceedings.  The U.S. Delegation will continue to make efforts to provide information on a transparent basis to the media and the public.   

Thanks to Ambassador Kramer and his team for keeping us up to date.

See Also:

• Take action before the UN, Russia, and China hijack the Internet 
• U.N. readies for protests on eve of secret Internet regulation treaty 
• Don't let the UN steal the Internet

UPDATE 9:07am: I'm told things might not be going as badly as Reuters reported. I have confirmed my correspondent, and I have offered the opportunity to print a statement on behalf of the delegation, if it's provided to me. I'm now waiting to see if such a statement is forthcoming.

UPDATE 2:03pm: We've received an official statement from the U.S. delegation, which supercedes the content of this article. Please read the link below.

U.S. Position on Foundational Issues at the WCIT

Previous discussion, now clearly out-of-date and inaccurate:

Well, it looks like the forces of oppression and darkness may be winning so far.

As we've covered before, the UN and International Telecommunications Union (ITU) are meeting secretly-ish in Dubai, and are trying to establish new and frankly unacceptable guidelines over how the Internet will operate in the future.

Don't let the UN steal the Internet

It's been very difficult getting much useful inside information on the potentially dastardly doings in Dubai, but apparently Reuters managed to get some intel from U.S. Ambassador Terry Kramer. This is one of those good-news-bad-news stories.

The good news is that the United States and Canada made a proposal to protect the Internet from restrictive and discriminatory international regulation. The bad news is that the proposal apparently fell on deaf ears.

Stay tuned. The future of the Internet as we know it may be at stake.

Now, I know the right wing has regularly bashed on the United Nations, but this time We The Internet are doing the bashing, and for good reason. The UN is a very important body, but let's be clear. It's made of up many different nations, not all of which share the same agenda.

Just remember, stay legal. We don't want to give anyone an excuse for further meddling, so be vocal, but behave.

In fact, many of the member countries in the UN -- even those "special" countries that make up the UN Security Council -- wish to control their citizenry, not guarantee their freedom. Let's also be clear that the primary goal of the UN, their raison d'etre, is consensus.

The UN likes to make deals. It exists to create agreements between nations. It does not, necessarily, exist to create good agreements. But it grooves on making international policy.

Sometimes, that policy is good. Sometimes, like now, that policy threatens to destroy the Internet as we know it.

Violet Blue explained the details in quite excellent depth, so I'd recommend you read her article as background. But here's the bottom line: this weekend, a bunch of shadowy operatives are meeting in secret in Dubai, and their goal is to seize control of the Internet from the (relatively) benign non-governmental organizations that have overseen Internet policies.

Instead, authoritarian nations like China and Russia want to control the Internet, they want to be able to cut citizens off, they want to be able to tax, tariff, and charge for traffic, and they want to control what travels over the pipes and even what you can read or view.

In short, they're trying to kill all the Internet freedoms we hold dear.

This is a time for action. Read Violet's article and visit Google's Take Action site. And then, take action. Pick up the phone, Tweet, post, Facebook, yell, protest, email your Congresscritter, donate, and otherwise make a fuss. Remember, We The Internet can make one heck of a fuss when we're angry.

I'd like to take this moment to remind the UN and the International Telecommunications Union (ITU) that you won't like us when we're angry.

Don't let the UN steal the Internet

Just remember, stay legal. We don't want to give anyone an excuse for further intervention, so be vocal, but behave.

When there's trouble and something needs to be built or rebuilt, it's the engineers that are going to get the job done.

Sadly, this theory may be a little more wishful thinking than grounded in history. The only two American presidents who were engineers -- Herbert Hoover and Jimmy Carter -- didn't exactly distinguish themselves during their presidency for their domestic nation-building skills.

Even so, I still contend that when there's trouble and something needs to be built or rebuilt, it's the engineers that are going to get the job done.

That's why I'm so intrigued by an interview that my Internet Press Guild colleague Steven Cherry conducted last January. He had the opportunity to interview Mustafa Abushagur, who along with Abdurrahim Abdulhafiz El-Keib -- both former University of Alabama electrical engineering professors -- ran Libya for the past 11 months.

Mustafa Abushagur's story is particularly interesting, which is why I'm spotlighting it now, especially in light of the Benghazi attacks in September. It was also in September that Abushagur became the first elected Prime Minister in the history of modern Libya after serving nine months as Deputy Prime Minister.

Unfortunately, he was not able to keep the job. Like all good engineers, he tried to assemble the parts most suited to solving the problem -- cabinet members who could help do the job of rebuilding a torn Libya. He proposed two cabinets to the General National Congress, but when they couldn't agree on his appointments, the GNC voted "no confidence" and removed him from office.

In listening to Steven's interview with Mustafa Abushagur, I'm struck with the bravery of these two men, people who ordinarily I might think of as academic colleagues, who left the comfort of the ivory tower to attempt to rebuild their homeland -- a challenging, and very, very dangerous job.

The phone rang. It was an IT manager for The New York Times. She had just gotten off the phone with Apple, and they sent her to me. She was using this new thing called Lotus Notes and she really wanted to get an Apple-like interface for their internal systems.

Now, you need to understand that this was before the Web. Notes, at the time, looked almost like Web pages would look a few years down the road. It was document-oriented, had data-entry fields that rolled as your scrolled the page, and objects were often tied to the text, not the user interface. It wasn't the Web, but in retrospect, it's interesting to recall that Notes had something of the feel of Web pages, before any such thing existed.

As it turned out, there was no real way to give the New York Times Notes installation the feel of an Apple product. But as an outgrowth of talking to her, I was curious about this Lotus Notes thing. If they could run the New York Times on it, it might have some legs.

I started digging, and though it was relatively new (version 2.0 was out at the time), a bunch of very major organizations were relying on it. Think of Lotus Notes back then as a networked, multi-user, highly secured Evernote, and you've got a rough idea of what it did.

The point is, though, that there was very little information about Lotus available. There had only been one book written, there were no newsletters, and, of course, there was no Web.

That's when I started getting to know the Lotus world, and the Notes industry (as young as it was). I had just been approached by one of the leading tech industry book agents to write a tech book. I pitched the idea of a Lotus Notes book, and it got picked up by a publisher. Lotus Notes 3.0 was due out in a year, and so it was time to get writing.

In 1995, IBM bought Lotus for $3.5 billion. This was before the world of billion dollar valuations, and the Lotus purchase was big. Since then, the Lotus brand grew, IBM added Lotus Domino (the server-side of the Notes equation), and Lotus became known for collaboration.

I went on to become editor of Workspace for Lotus Notes, The Notes Report, The Notes Enthusiast, and then DominoPower Magazine, which I launched in 1998 and has been publishing daily ever since.

Each January, there was a gathering of the Lotus faithful in Orlando called Lotusphere. I started going when I lived in New Jersey, and not only was it an opportunity to meet with all the innovators working on collaboration software, it was a way to escape the winter cold. Even after I moved here to Florida seven years ago, I've still gone almost every year (I missed the year when I got married on the same week).

I've probably been to 14 or 15 Lotuspheres over the years. As cell phones became dominant, we blew out the local networks as thousands of geeks converged on the Disney Dolphin hotel. As WiFi became dominant, we blew out the network feeds that could be brought into the hotel, until IBM finally decided they needed to build an enterprise-class network for a one-week event.

The big thing, to me, about Lotus has always been the people and the companies at the heart of the Lotus community. We talk a lot about community, but these people are innovators, entrepreneurs, and some of the best enterprise technical experts in the world.

When I heard a report about how the White House had moved from Notes to Outlook, I realized not everything was as it seemed and wound up undertaking a two year investigation that eventually resulted in the book Where Have All The Emails Gone?.

In 2008, when Darrell Issa (who is now the chairman of the House Oversight and Government Reform Committee) compared Lotus Notes to wagon wheels, I reported the story, which got picked up nationally. I woke early the next morning with my phone ringing off the hook, IBMers wanting to know if Issa could really have said that. I'm told he was explained the error of his ways.

I've been an entrepreneur since the late 1980s, and except for the past four or five years, when I've had the opportunity to spend more time teaching and writing, Lotus has loomed large in my life. For 15 years, from about 1993 to about 2008 or so, I could trace the majority of my income to my work as the editor of the leading Lotus-related publications.

I, like so many thousands of other entrepreneurs, developers, IT professionals, and businesses small and large have been able to support our families because of Lotus products and their value to the businesses who rely upon them.

Then, last week, IBM's Ed Brill quietly announced on his blog the sunsetting of the Lotus brand. Notes and Domino will be with us for quite some time (after all, so many companies rely on these workhorses), but the Lotus brand is officially now one with history.

UPDATE: There was some reader confusion. IBM Notes and Domino will continue, it's just the Lotus brand name that's being retired.

It's weird to feel a little choked up over a brand. But the name "Lotus" has been such a huge, positive factor in my life and the life of so many of my peers over the years that seeing it go creates a little catch in my throat.

I am hoping that the Lotus community (oh, I guess that's now the "IBM collaboration community") will continue the thrive, as will the products. But Lotus was something very special and it will be missed.

It also never fails that as the comment streams grow longer, someone will mention Nazis, but a detailed discussion of Godwin's Law will have to wait for another blog post.

Over the past seven days, we've had at least three big stories -- major stories -- where technology meets politics:

• President Obama wins re-election with the help of a big data operation
• Governor Romney loses his White House bid partly due to a failing data management operation
• CIA Director David Petraeus is betrayed by his own email messages

Each of these, alone, makes for an enormous story. In fact, every one of these has had a wave of coverage across blogs and mainstream news outlets. What makes them fascinating is that they're not the usual technology policy topics we cover (like cybersecurity legislation). Instead, this is where technology is used in the sausage-making of politics, where the data meets the road.

Narwhal and Dreamcatcher

Michael Scherer of TIME Magazine has an extensive exploration of the Obama data mining operation, with projects named Narwhal and Dreamcatcher, among others. We knew, back in 2008, that the Obama campaign had given unusually high priority to the capture and analysis of prospective voters. Email addresses and other personal information were actively gathered at various rallies, and some rallies were held more for the purpose of data acquisition than donations -- a first in politics.

The Romney campaign, really, really expected to win. But millions of unexpected voters showed up and voted.

But it's the 2012 operation that's fascinating. If you paid even a short visit to the Republican side of the blogosphere this last week, you'd see a feeding frenzy of blame. Key to this is the simple fact that the Romney campaign, really, really expected to win. But, out of the blue (pun!), millions of unexpected voters showed up and voted.

These voters were "got out" in large part by the big data organizational machine of the Obama campaign. It's likely that some of the swing states Obama handily won would have been lost without a data-optimized get-out-the-vote operation.

Aside: I really want to know the technologies used by the Obama campaign. If any of you out there know, or can put me in touch with the IT guys inside the campaign, please contact me.

Beached ORCA

While we're on the topic of funny code names, nothing deserves more attention than ORCA, the Romney data management project named after the large marine mammal.

ORCA was a neat idea, sort of. The plan was to deploy thousands of smartphone-toting volunteers into swing states, who would monitor voting patterns in real-time. They would report this information into some sort of Orca-central Romnulan Batcave, where the data would be crunched dynamically.

As a result of all these incoming streams of data, get-out-the-vote volunteers would be dispatched like schools of salmon. The GOTV workers would be sent to precincts where more votes were needed to push swing states over the edge into red territory, thereby scoring the state for Mr. Romney.

As my CNET colleague Dan Farber so eloquently put it, it got harpooned, instead. Orca beached. It flopped. It died in the sun. It failed oh-so-bad.

Not only did it completely misrepresent the voter turnout, misleading campaign leaders, it crashed and glitched and couldn't handle the load. As we all now know, Mr. Romney did not win the election, and part of the blame can be assigned to his failed GOTV operation.

One of the more interesting facts about ORCA's namesake, the Orcinus orca, is that remains of other killer whales have have been found inside the stomachs of killer whales found dead on the beach.

Sadly (but to the great amusement of those of us in need of daily editorial material), the GOP, now pretty much dead on the beach, is eating itself from the inside out. Look, this isn't a partisan thing. If the Dems did this to themselves, I would be equally amused.

And, speaking of digital self-destruction, please let me introduce you to America's most famous four-star general, David Petraeus, Ph.D.

The David Petraeus mess

This one is just weird. Petraeus, until earlier this week, was the director of the CIA, a position held three decades earlier by "Poppy" Bush, who eventually became the 41st President of the United States. Petraeus, who came to fame as leader of the Afghanistan war, was widely considered a possible 2016 presidential candidate.

The Petraeus mess was the result of a relatively low-level FBI investigation into email harassment.

Now, however, Petraus joins a select club -- claiming members like Gary Hart and Jon Edwards -- of people with presidential aspirations whose careers were completely undone by the inability to, well, keep it in their pants. 

As CBS News reports, the Petraeus mess came to a (ahem!) head as a result of a relatively low-level FBI investigation into email harassment.

Petraeus resigned as CIA director three days after the election. Read into that anything you'd like. Everyone else is.

Apparently, one Paula Broadwell had sent harassing emails to a Tampa-based military fundraiser, Jill Kelley, about her long-time friend-level relationship with General Petraeus. When the FBI examined the emails, they discovered emails between Broadwell and Petraeus, indicated he'd been in an illicit affair with Ms. Broadwell.

The damning evidence was hidden in the General's Gmail account.

As you might imagine, the national security implications of a U.S. CIA director (and possible future presidential candidate) hiding an affair from his family and the nation were of deep concern. It's not that he couldn't control his little general, it's that this is the stuff that fuels blackmail opportunities -- and you just don't want CIA directors on the easy hook for blackmail.

Of course, without email, the former four-star general might not have ever been caught. Oh, you say you want to know about Mrs. Broadwell, the general's inamorata? It turns out that Paula Broadwell is the author of a biography of General Petraeus. The name of the book? All In.

Seriously. You can't make this stuff up.

2012 Update: And, again, another year has passed. They say time heals all wounds, but time also opens new ones. Many of us have lived through the effects of Hurricane Sandy or have loved ones or friends who have. Many over the last year have found footing in their lives, only to see if washed away to sea. And still, my friend is gone. His little girls will never get to know him. His community will never hear his laugh or benefit from his strength. My wife and I were talking about him, just this weekend. Still, my oldest and closest buddy, is gone.

2011 Update: It's hard to believe more than a year has passed since my friend passed. There are many days I just want to give him a call, tell him what I've been up to, share with him a new scheme or project. His time is over. But for many vets, there are still options. If you're a vet or you know one who needs help, please point him or her to the resources below.

Originally published on November 11, 2010

Today is Veterans Day in the United States, Armistice Day or Remembrance Day in other countries. Today is also the anniversary of the signing of the Armistice that ended World War I.

Today is a day where we celebrate and thank our troops for putting their lives in harm's way, sacrificing and challenging themselves on behalf of a (not always) grateful nation.

Unfortunately, not all veterans are celebrated and not all veterans have a happy or fulfilling life once they come home.

Life can be very challenging for vets and while America provides some resources to help veterans at various stages of their post-service lives, sometimes those resources aren't enough, sometimes the veterans don't know about them, and sometimes, sadly, the veterans just choose to not avail themselves of help.

This is a very personal Veteran's Day for me.

A long-time friend, a man who served in the Navy 20 years ago, died this year. After he left the service, life was not kind to him. He married badly, the divorce ended acrimoniously, visitation with his two little girls was blocked by his ex at every turn, and -- in this economy -- keeping a job was beyond either his ability or his emotional strength.

And then, as he reached his late 40s, health problems set in.

Although we spoke regularly, there's little a buddy from college can do to help from 1,000 miles away other than lend emotional support. I pointed out resources he could turn to, options for getting and keeping a job, and tried to encourage him to make pro-active changes in his life.

My friend always tried to find something positive to talk about or to say, but the cold math of life had apparently pushed him too far into the negative, into the dark.

Clinicians might describe his condition as depression, and that was certainly a factor. Undoubtedly, after setback after setback, downturn after downturn, disappointment after disappointment, it was harder and harder for him to get up in the morning and keep trying to find work in construction, an industry decimated by the housing crisis and down economy.

One day, the call came. My friend had killed himself.

This was a man trained by the United States Navy to operate nuclear reactors, a man who had to pass test after test, challenge after challenge, to qualify for one of the most challenging and select positions in America's military.

This was a man who became the best he could be, served his country, did his duty, and sacrificed for the greater good.

This was a man who was once willing to put his life on the line for America, a man who just couldn't handle life after the service.

Programs for veterans that can help

Ever since that day, that call, I keep thinking it didn't have to end this way. I keep thinking there are resources that could have helped him. People he could have talked to. Programs that could have helped him manage his health problems. Programs that could have helped him manage his emotional challenges.

I pointed many of them out to him, but he could not bring himself to use them.

Those programs are there. The U.S. Department of Veterans Affairs offers a tremendous range of services for veterans. It offers educational assistance, health assistance, home loan assistance, and vocational assistance.

The VA offers a wide range of mental health services. In addition, and perhaps most important, the Veterans Administration also offers suicide prevention services.

If you or a family member or friend is in trouble, you can call 1-800-273-8255 any time of the day or night. Trained, caring professionals will be there to help.

Look, if you're a vet and you're in trouble, don't take the path my friend did. Do one more service for your country and call the suicide prevention line and talk.

If you've got a friend or family member in trouble, it's easy to get scared or get angry. Instead, use the resources linked to in this article to get help. Contact the VA, ask for assistance, help, and advice.

Our veterans

Our veterans -- our veterans -- deserve to be celebrated, not just one day a year, but every day. They're not just veterans. They're fellow Americans, friends, sons, daughters, dads, moms, brothers, and sisters all.

Celebrate vets by being kind, compassionate, understanding, supportive, and respectful. Hire one, if you can. Love them, cheer for them, applaud them, and stand by them.

Whether you believe the wars they fought were right or wrong, these men and women stood up, put their fellow citizens first, and put their lives on the line. While they served, they put their lives on hold, often slept in cramped, uncomfortable, dirty or downright life-threatening conditions, often ate food none of us back home would tolerate, and through it all, did their challenging, dangerous, often highly complex jobs with skill and professionalism.

No matter what their politics, I haven't met a single veteran or serving member of the military who doesn't believe, deep in his or her heart, that he or she is fighting for us, our freedoms, and our way of life.

So, thank you, veterans, for your service to our country.

P.S. I normally encourage a lively debate in the TalkBacks, but not this time. This time, whether you're an American or not, whether you supported our recent wars or not, please be respectful. Regardless of the decisions of their leaders, these men and women deserve -- deserve -- your respect.

Same ol' same ol'.

The House remains in the control of the GOP. The Senate remains in control of the Democrats. And President Obama remains President Obama.

Today, I'm not writing about the winners and losers. There will be much time for us pundits to pontificate on partisan politics and prognosticate about the pompous popinjays who will provide personality and perspicacity to the parties politic.

Today, I'm writing about the glorious mess that is American politics. For it is messy and ugly and chaotic and crass and often crude. It's almost always disappointing. The lies and fibs are demoralizing and disingenuous and deceiving. The divisiveness that reaches deep into our demographics is disturbing and daunting.

And yet. And yet we get together and we do something amazing.

We vote. I know, some of you feel that voting is a waste of your time, that it doesn't matter, that there's no difference between the candidates, that you have better ways to spend a Tuesday.

But other people know better. These are the people who worked their hearts out all last week and last weekend in storm-damaged New York and New Jersey to make sure polling places were available for everyone.

These are the people who -- despite the cold and the disorganization -- were willing to stand in line for four hours or more, just so their vote would be counted.

These are the people who are America's heroes. For they understand. If you ever meet one of the people -- annoyed and cranky, yes, but dedicated to their core -- who stand in line for hours upon hours for the ultimate privilege of voting, you'll begin to understand.

We vote. We have more than 300 million people (which means we have more than 300 hundred million strongly-held opinions about just about everything).

We bicker. We argue. We cajole. We mock. We scheme. We spam. We advertise. We complain.

We vote. And by exercising our very messy, glorious right to vote, we determine our future.

It's a mess, yes. But it's a glorious mess. And it's what makes us all, together, Americans.

If you think both houses of Congress could come together and agree to change anything as significant as the date of the presidential election, I have a slightly storm-damaged bridge in Brooklyn to sell you.

This is a good sign. While there are still so many heartbreaking stories from the tri-state area, a lot of folks are beginning to find things returning to normal. Sadly, there are still way too many people without power, way too many people with storm damage, and way too many people permanently displaced from their homes and businesses.

To quote my good friend and fellow ZDNet columnist Jason Perlow, who also used to live in New York and New Jersey, and now lives in the ironic safety of Florida, "An event like this will certainly put your priorities back into perspective."

And yet.

And yet, there is a major election tomorrow. While politics must rightly take a far back seat to disaster management, it's the decision of major elections that determine the future of our nation. That makes the election important, too.

Let me be clear here. Nothing is as urgent as making sure that everyone is okay, has food, power, water, and shelter. But as Stephen Covey once said, there's urgent and there's important. Urgent has to happen now. Important has to happen, and often has more profound long-term influence, but generally takes a back seat to urgent.

In that context then, the election is important. It would be far more convenient from the perspective of disaster relief if it were to take place in three or four weeks. But that's not our reality. In our reality, the election is tomorrow.

This brings us to the central question raised by the title of this article: what happens if New York and New Jersey can't vote?

That's not a spurious question. There is so much damage in major population centers that many people who otherwise would have voted may not be able to get to their voting centers, or their voting centers may have moved, or are now being used to house the newly homeless, or have simply been wiped off the face of the Earth.

So... what happens?

First, a few disclaimers. I am neither a lawyer nor a Constitutional historian, so I can't guarantee what I'm about to tell you is fully accurate. The remainder of this piece has to be considered strictly and spectacularly speculative.

Will the presidential election be delayed?

As far as I know, there have been no incidents of presidential elections delayed or cancelled due to natural disaster. After the events of September 11, 2001, the New York City mayorial race was delayed. As I recall, there have been other local elections that have been delayed, but none come immediately to mind. New York law does permit elections to be scheduled for a second day in situations like this, but the law has never been used before.

Article II of the Constitution gives Congress the power to set election day. The gotcha here is Section 4 gives that power to "The Congress," which is generally considered both the House and the Senate. The Republicans control the House and the Democrats control the Senate.

If you think both houses of Congress could come together and agree to change anything as significant as the date of the presidential election, I have a slightly storm-damaged bridge in Brooklyn to sell you.

Then there are the campaigns themselves. Everything has been funded and budgeted to get to November 6. There's not a lot of money beyond that date to employ staff, rent facilities, conduct advertising -- anything. In addition, many people employed by the campaigns are expecting to go back to their lives on November 7 (or to start packing their stuff for the big move to the White House, if they win). Finally, these folks are zombie-level exhausted, and sustaining another month or more of campaigning would be brutal.

The bottom line is that both campaigns want this thing over, and they want it over now.

My answer, then, is no. I don't think the presidential election will be delayed. Local authorities might push for a delay and may even have the authority to make it happen, but it's quite unlikely. Were it to happen, and only for a few select voting precincts, the potential votes up in the air may still not change election results.

What happens if people can't get to their polling locations?

Many of my friends have asked this question, pointing out that mass transit is down, there is a fuel shortage, and many roads are still impassible.

Here's the thing: when America was instantiated, there were no cars, there was no mass transit, and if you wanted to vote, you walked or rode a horse. The Constitution makes no allowances for means of transit to the voting location. It just says you can vote (and it took America an absurdly long time to come to the only really American conclusion: that all adults should be eligible to vote).

It is, therefore, your responsibility to get to your designated polling location.

By the way, I'm not going to go into the problem of voter suppression, a pretty nasty stunt that all political parties have practiced over the years. There has been a lot of coverage of voter registration and identification shenanigans, and I want to stay focused on the storm-related questions.

What happens if the polling locations are closed?

This is a far different question. It's the government's responsibility to provide mechanisms for getting your vote. Now, as it turns out, a tremendous amount of work has gone on this weekend to prepare polling places and to provide alternate mechanism for voters to have their votes counted.

The New York Times has a good report on many of the efforts to set up polling places in storm-damaged areas, whether they're in new locations or even in tents.

New Jersey is taking it one step further, as NJ.com reports. Displaced New Jersey voters will have a chance to vote via email or by fax. Let's set aside completely the security and voter fraud potential of that statement, and just accept that the state is attempting to do something proactive to help make sure its residents can vote.

The bottom line is that most voters will have a way to vote. It may be difficult or inconvenient (or potentially insecure), but most voters will be able to place their votes.

Next: Will a storm-related drop in turnout change the outcome of the election?

Will a storm-related drop in turnout change the outcome of the election?

Now we come to the meat of the discussion. Will the storm be a true October surprise? Will it change the outcome?

First, a science fiction moment, if you please. We've all read time travel stories where someone goes back in time, changes an event, and then no one knows the time stream has been changed except for the time traveler.

Since we're all living in this particular time stream and none of us work for the Federation Department of Temporal Investigations, we're unlikely to know if the outcome would have been any different than whatever it is in this reality.

That said, here's some good, high-quality, seat-of-my-pants speculative guessing.

In the Northeast, every state except Maine is a winner-take-all state. That means that if one candidate gets the majority of the popular vote, regardless of the size of the turnout, that state's Electoral College votes go to that candidate. In theory, then, if there are only three voters in New York, and two vote for one candidate, that candidate gets the entire state's ginormous treasure chest of electoral votes.

New York has almost always been blue. New Jersey is a bit more of a toss-up, but not much. New Jersey can almost always be counted on to go blue. The same is true of Connecticut.

Normally, the same could be said for Massachusetts, except that the Codfish State did elect Republican Mitt Romney governor and just recently elected a Republican, Scott Brown, to take over the bluest of blue Senate seats, that of the late Ted Kennedy. Most pre-Sandy polling seems to have indicated that Massachusetts was leaning towards Obama anyway, and it's relatively unlikely Sandy will impact the results in the state.

So the real question is whether the hurricane's impact can sway New York or New Jersey. Some theorize that residents are so upset with the handling of the emergency that they're likely to vote against type. Others theorize that since the President handled the emergency so well, and cuddled so cozily with Republican governor Chris Christie, that even more people are likely to vote for the President.

Here's the thing: New Yorkers and New Jerseyans are among the most stubborn, willful people on the face of the planet. I know. I'm one of them. Almost everyone had pretty much made up his or her mind prior to the storm, and it's extremely unlikely that those votes will change.

What is possible is that the popular vote count, which is normally quite large in these two states, will be smaller. But the ratio is still almost 100% likely to score the Electoral College haul for the President, storm or no storm.

Bottom line: any storm-related drop in turnout is unlikely to change the results.

What about people in the rest of the country? Will it change their vote?

That's an interesting question. Most people are so stuck in their own ideologies that they're very unlikely to change their votes.

But all indications are that this race is quite close. For the past week, President Obama has been flying around, using the backdrop of Marine One and Air Force One, and generally looking presidential. No matter how good Mitt Romney may be, there's just no substitute for the marketing power of the presidency.

The big question is how the suddenly buddy-buddy nature of Christie and Obama will play out nationally.

My guess is that it might move the needle, but if it does, it will only be a blip on the overall election.

Will we see a delayed decision repeat of the 2000 election?

In other words, will the election be too close to call? Will there be recounts? Will there be Supreme Court involvement? Will the House decide the election? Will we have an answer before Christmas?

Probably not. Almost definitely. I don't think so. Can the House decide anything? Yeah, probably.

Although there are a few Electoral College scenarios that place the race too close to call, those are statistically unlikely, and certainly the storm results won't have an impact.

In any election so divided, and with so many potential election irregularities, there are likely to be isolated recounts. But we're unlikely to see hanging chads again, mostly because recounts only matter when a state's results are too close to call otherwise.

Since this race is unlikely to be too close to call, the involvement of the Supremes or the House (other than bloviating) is unlikely.

My guess -- and to be fair, it is a guess -- is we'll know the answer by about 1am ET on Wednesday morning. Worst case, sometime mid-day Wednesday.

Democracy keeps on keepin' on

So, there you go. Sandy may have dealt a devastating blow to many of those living in the Northeast, but she probably won't do much damage to America's ability to elect our leaders.

Go to the polls tomorrow, wherever they may be, and vote.

ZDNet Hurricane Sandy coverage:

• Hurricane Sandy: iPad survivor's guilt
• Apple's iPad mini doesn't deserve a grand debut
• Thoughts on Hurricane Sandy
• Hurricane Survival Apps to Help You Keep Safe from the Storm 
• The Ultimate e-book on Hurricanes is an iPad Exclusive

ZDNet Government's coverage of Election 2012:

• An undecided voter on the essential greatness of the American presidency
• Five tech themes disturbingly absent from the presidential election
• Slideshow: 15 people I'd prefer to vote for, for President
• An undecided voter and the first-debate blues
• An undecided voter on President Obama's convention
• Diary of an undecided voter (GOP convention edition)
• Well, there it is. Santorum is out and the real presidential campaign begins today.
• Delegate math shows Santorum and brokered conventions both out of the running soon
• Not-so-super Tuesday, predictions for what comes next
• So, seriously, do the Dems want to lose the election?
• Romney on fire, Paul pulls into second
• Paul's got legs, Romney feet of clay, and Santorum grew wings
• Are these really the best America has to offer? (Campaign 2012)
• Campaign 2012: Once every four years, I wish I lived in Iowa
• What was Mitt Romney trying to hide by destroying hard drives?
• Is there any possible way Jesse Ventura could win the Presidency?
• Ranking GOP candidates on tech savvy, craziness, and electability

I was fortunate that I could focus on something as mundane as a deadline. I've lived through a number of devastating natural disasters. When the Loma Prieta earthquake hit San Francisco in 1989 (right in the middle of the World Series, some of you may recall), I was in San Francisco, driving home from a project meeting at the Apple Media Lab.

I remember thinking someone had shot out my tires, and pulled into a local gas station to check. I wasn't alone. Two other drivers felt the same thing from inside their cars and also were checking their tires. What had really happened was the brick facing from some of the buildings had collapsed around us. We were fortunate. Many others were not.

It took me hours to make it home to Foster City, only to find that the inside of the house and my home office were completely destroyed. Thankfully, I found my cat, safe, hiding under a chair.

In 2005, my wife and I had just moved down to Florida when Hurricane Katrina and Hurricane Wilma hit. We were here less than two weeks before Katrina, and barely a month or so before Wilma. We were fortunate that only a piece of the fascia on the house blew off, but my parents weren't quite as lucky.

My parents live about two hours south of here, and they were without power for 12 days. Fortunately, they were able to come north and stay with us. My wife and I had only been married for about six months, and we'd only just moved into our first house weeks earlier. She and my parents got to know each other very, very well over those 12 days. My wife is a saint.

Anyway, I've been thinking a lot about Sandy, not just because I know what it feels like to be on the somewhat lucky side of natural disasters, but because my native soil was hit so hard. I was born in New York (that's where most of my family comes from and still lives), and lived more than half my life in New Jersey. I spent four years in engineering school in Massachusetts, which was also hit pretty hard.

When I read these stories, I know all these places. I still have friends in many of them.

Here at ZDNet and CBS Interactive, we also have a great many employees and team members in New York, New Jersey, and the rest of the northeast. I was on a webcast yesterday with two producers who have been migrant workers for the past week, since there's no power at home. They've been hopping from coffee shop to coffee shop, any place they can get a plug and some level of connectivity, trying to do their very big jobs from less than ideal circumstances.

Despite the discomfort and worry, they're soldiering on.

During the actual storm's main run through New York and New Jersey, ZDNet's international team took over and kept coverage coming. If you were able to look at our news feed during that time, you'd notice that we didn't drop coverage, not even for 15 minutes. Our UK, Asia, and safe-and-dry domestic teams all jumped in and did their part to bring you ongoing IT coverage.

The stories of Sandy are the stories of any natural disaster. It seems worse, though, because it's New York and New Jersey. These are the strong states, the tough people, people you know can handle anything -- and they're handling this. But there are people who are hungry, people who are cold, seniors who are without power and have to walk down or up hundreds of steps to get in and out of their apartments.

Many people lost homes. A 20-foot tidal wave blasted through Staten Island. Tidal waves aren't supposed to blast through Staten Island! Most of the New Jersey Shore is now gone. Much of the famous boardwalk is gone. The New York City subway system is pretty much fried. It will take days, if not weeks, to get it all up and running again.

There will be political discussions over the next few weeks, before and after the elections. Many of them will center on whether A did enough, or B didn't do it right. Some of them will swirl around the question of climate change, and what role global warming did or didn't have on recent weather events.

But that's not the point. The point is: this is life. We live on a volatile planet and we do our best to carve out our caves of steel from the bedrock and firmament.

There is no way to really "process" this kind of event, except in a practical way. Some people will soldier on. Some people will suffer terribly. Some people will help others. Some will prey on the pain and desperation of their fellow citizens.

When I started writing this, I didn't have a theme or a conclusion or a lesson in mind. I just felt the need to talk with you about it. I felt an overwhelming sense of compassion for all the people of the northeast -- people I still think of as "my" people, even though I now live down here in Florida.

I also worry, to be quite honest. When I bought this house last year, here in Central Florida, I rebuilt it to be fortress-strong, with hurricane shutters and a roof that can withstand 120 mile-per-hour winds. But is that enough? I look around and wonder if I've built in enough protection, stockpiled enough supplies, prepared well enough for an evacuation. If a Sandy were to hit here, could I protect my family?

I'm not sure, but it's certainly a wake-up call. We've got about six months until the next major hurricane season hits, and you bet that stockpiling and preparing will be high up on my to-do list (I hope, if I don't get sidetracked with mundane things, like making a living).

I may have found a way to close out this meandering chat with you. I was a Boy Scout. In fact, I was an Eagle Scout with bronze, gold, and silver palms. For a while, I was an underage district commissioner for an inner-city district in Massachusetts that couldn't find enough adult leadership.

I learned a lot in the Boy Scouts (although, apparently, the organization has changed a considerably since my day). The biggest thing I learned was the scout motto: be prepared.

I think "be prepared" needs to be the take-away lesson from Sandy, on both an individual and national level.

Individually, we each need to assess where we live and what we're likely to encounter. Some of you are in earthquake territory. Some of you are in tornado zones. Some of us are in hurricane zones. Listen to your local authorities and take all recommended precautions.

Many of us, though, may not be able to predict what may befall us. After all, who thinks of New York City and hurricanes in the same sentence? We should all, though, develop emergency preparedness plans and resources. Keep a supply of water and non-perishable food in your home. Learn evacuation routes. Explore how to handle family situations. Check with your local emergency preparedness authorities and follow their recommendations.

From a national perspective, it's time to stop denying what we don't want to hear. Whether or not global warming is "real," our infrastructure needs work and we spew way too much toxic material into the environment and atmosphere.

I know we're all concerned about jobs and the economy. I wrote a book about that, after all. But we're going to need to balance boosting consumer spending, with spending to protect consumers. We need to strengthen our roads and bridges, so they don't collapse when Uncle Bob or Aunt Margie drives across on the way to work. We're going to have to look at reigning in our emissions, so that Cousin Johnny can breathe better and, perhaps, we don't get more superstorms.

Most of all, we have to work together. I was very heartened to see Governor Christie (a Republican) and President Obama (a Democrat) working together this week, putting aside politics and doing what they were hired to do, be leaders when their people need leaders.

Let's all do the same thing. Let's put aside our differences and realize that hurricanes and earthquakes and tornados know not of political affiliation. Let's get back to being Americans. Let's work together, live together, and stop bickering so much.

As I learned more about the devastation left in the wake of Sandy up in New York and New Jersey, I realized that these weren't just people I'd moved away from seven years ago. No, I realized that I thought of all of them, each and every one of them, Republican or Democrat, conservative or liberal, Christian or Jew or Atheist or Muslim, straight or gay -- all of them -- as simply my family.

We are family. We are Americans. Together.

And no, I'm not going to tell you.

I've shared with you quite a lot. I've told you my views that neither candidate seems fully up to the job. I've told you about my disdain for both major American political parties. And I've told you that America and the needs of all Americans must come before the agendas of political machines.

But I'm not going to tell you who I'm voting for. That's not fair. I'm not here to make an endorsement or influence your vote. I'm here to influence how you think about your vote.

The men and women who want to be leaders of the free world bicker and complain and whine like kindergarten school children.

You see, in America, we fight amongst ourselves. We call each other stupid names. The men and women who want to be leaders of the free world bicker and complain and whine like kindergarten school children. They and their representatives lie, mislead, and revise history so the candidates seem somewhat less scummy and their opponents somewhat more.

Those of you who are not American may not understand the essential greatness of the American presidency, but rest assured, despite (and, perhaps, because of all this) it is one of the greatest, most amazing, and most humbling of mankind's innovations.

By the end of an American presidential campaign, billions of dollars will have been spent (some would say squandered), and nearly all Americans reach over-saturation. We tire of the candidates, we tire of their claims, we tire of the lies. We even tire of the truth.

Concentration of military power

America has almost 3 million active and reserve military personnel. We spend almost $550 billion dollars each year on defense. According to the Federation of American Scientists, America has just about 5,000 nuclear warheads.

The United States Navy has about 300 ships, almost 4,000 aircraft, 71 submarines, and 11 aircraft carriers -- each with more firepower than most nations. The United States has close to 9,000 battle-ready tanks. The United States Air Force has nearly 6,000 aircraft, 450 intercontinental ballistic missiles, and 32 satellites orbiting Earth under its direct control.

In other words, the United States has the most powerful military in the history of mankind.

And yet, every four to eight years, ultimate control of that incredible firepower changes hands -- without a single shot being fired.

The peaceful transfer of power

There is nothing I have ever seen that's more awe-inspiring than watching one president step down and another (often a bitter rival) take over the reigns of American power. It's an amazing sequence of events.

Just as soon as the outgoing president passes through the White House doors on his way to the inauguration ceremony, teams of experienced movers swarm the White House and move everything from the outgoing first family into waiting trucks and vans. Additional teams of movers bring in the belongings of the incoming first family.

While this is going on, one American -- the outgoing president -- looks on, while another American takes the oath of office. He or she says these simple words, mandated by Article II, Clause 1, Section 8 of the United States Constitution:

I do solemnly swear (or affirm) that I will faithfully execute the Office of President of the United States, and will to the best of my Ability, preserve, protect and defend the Constitution of the United States.

These simple words signify the transfer of power from one American to another, often from one party to another, and very often, from one set of values to another.

These simple words transfer control of 5,000 nuclear warheads, millions of military personnel, thousands of aircraft, hundreds of ships, thousands of tanks, hundreds of missiles, and a network of satellites.

Throughout this election season, I've told you that none of the candidates seems up to the job. Here's the secret: no candidate is ever up to the job. The job of President of the United States is one that is beyond the ability of any human.

And yet, every four years, America holds an election and one American assumes the most awesome and challenging responsibility of any person on Planet Earth, and accepts, to the best of his or her ability, the responsibility of preserving, protecting, and defending the Constitution of the United States, and -- by extension -- every American, anywhere in the world.

No president does everything right. Many presidents don't even act from the best motives. But every person who assumes the office of President deserves our support as Americans, simply because it's impossible to preserve, protect, and defend America without that support.

At the end of this article are two incredibly dull pieces of video. In the first, President Bill Clinton welcomes President-elect George W. Bush, and they travel together to transfer the single greatest concentration of power bestowed on an individual, in the history of the world. In the second video, eight years later, just-former President George W. Bush simply gets in a helicopter and leaves, turning over the protection and operation of the United States to President Barack Obama.

Over the next four years, regardless of whether Barack Obama or Mitt Romney wins the election, I (and many like me) will mock, complain, and take to task the President of the United States. America allows this. America encourages this. America thrives on this. We Americans can speak our minds and even though our leaders hold ultimate power in their hands, our ultimate power is the ability to speak out without restriction and certainly without threat of harm from our government.

The simple words of the oath, the peaceful transfer of power, and every American's right to speak his or her mind without fear are, together, the essential greatness of the American presidency.

I've chosen one person to vote for, and he may or may not win. No matter who wins though, I will support (and, at the same time, mock, complain, and argue with) the person who assumes the office of President. America has enormous challenges ahead, and no matter which of the two candidates win, the man who sits behind the Resolute desk on the afternoon of January 20, 2013 will need all our support.

Until, you know, right around 2016, when we do it all over again.

ZDNet Government's coverage of Election 2012:

• Five tech themes disturbingly absent from the presidential election
• Slideshow: 15 people I'd prefer to vote for, for President
• An undecided voter and the first-debate blues
• An undecided voter on President Obama's convention
• Diary of an undecided voter (GOP convention edition)
• Well, there it is. Santorum is out and the real presidential campaign begins today.
• Delegate math shows Santorum and brokered conventions both out of the running soon
• Not-so-super Tuesday, predictions for what comes next
• So, seriously, do the Dems want to lose the election?
• Romney on fire, Paul pulls into second
• Paul's got legs, Romney feet of clay, and Santorum grew wings
• Are these really the best America has to offer? (Campaign 2012)
• Campaign 2012: Once every four years, I wish I lived in Iowa
• What was Mitt Romney trying to hide by destroying hard drives?
• Is there any possible way Jesse Ventura could win the Presidency?
• Ranking GOP candidates on tech savvy, craziness, and electability

Bill Clinton leaving the White House with George W. Bush:

George W. Bush leaving on what, until shortly before, was known as Marine One:

No questions were asked by any debate moderator about technology or the Internet. Vrtually no mention was made by either candidate about technology issues (although President Obama did toss out the phrase "cybersecurity" near the end of the last debate).

These issues are also disturbingly absent from the candidates Web sites as well. If you visit Barack Obama's site, you'll see the following issues grid:

Likewise, if you visit Mitt Romney's site, you'll see the following list of issues:

Here are five themes that were absent from the debates, and barely discussed during the election by the candidates or press.

Tech Theme #1: Net neutrality

I am a strong proponent of net neutrality. I believe that all traffic on the Internet needs to be treated equally, and if carriers and ISPs can begin sculpting content, all the wonderful voices we now get to hear might be squelched in favor of a few big-money-backed Web sites and perspectives.

There is exactly one mention of net neutrality on the MittRomney.com Web site, found in his Plan for Jobs and Economic Growth. The only real mention is the following quote:

The Federal Communications Commission imposed network neutrality regulations (defying both the legislature and judiciary) that restrict how Internet service providers manage the digital transmissions flowing through their networks.

The BarackObama.com site lists 679 mentions of net neutrality, but many of them appear to be forum posts. What we know is that the Obama Administration FCC has passed partial net neutrality, essentially protecting hard-wired lines, but leaving mobile open to unrestricted traffic sculpting.

Since mobile traffic is clearly the way of the future, it's not clear that the current FCC limited protections for network traffic will serve us into the future.

I give both candidates a low-to-failing grade.

Tech Theme #2: Cybersecurity

Cybersecurity gets four Google results on MittRomney.com, and 459 on BarackObama.com. Again, many of the Obama results appear to be discussion boards.

In Fact Sheet: The Romney Plan for an American Century, Romney has two strong mentions of cybersecurity. He recommends an initiative to develop a unified cybersecurity strategy to defend against cyberattacks.

During the Obama administration, President Obama has taken similar measures. Unfortunately, the various cybersecurity bills that would unify America's cyberdefense strategy have gotten mired in politics and the very real problems of privacy vs. security and mandates vs. security.

Both candidates are clearly aware of the problem, both clearly understand something has to be done, and both clearly have to contend with Congress.

I give both candidates a passing grade, but only provisionally. I give Congress its usual failing grade.

Next up... Privacy, Patriot Act, and IT infrastructure...

Tech Theme #3: Privacy

Privacy comes up again and again in legislation. The SOPA legislation was narrowly defeated. Both candidates came out against it -- belatedly -- once they found out that pretty much the entire Internet wanted the bill killed.

Neither party has gone out of its way to protect online privacy, both have regularly fielded bills that assault it, and both can be counted on to continue to do so as long as there are lobbyists.

Interestingly "privacy" comes up more than 22,000 times in a Google search of the Mitt Romney official site, and more than 238,000 times on the Obama site. This shouldn't be attributed to more support on Obama's side. Once you hit numbers of this scale, what you're really looking at is simply the size of the sites. Obama's site, with more user participation, has more results.

Further exploration of the Obama site shows that BarackObama.com is, essentially, a special-purpose social network, where many individuals can host their own blogs and make posts. This increases search results considerably and might have been pretty smart SEO on the part of the Obama Web developers.

In any case, it's virtually impossible to find network privacy statements (other than the normal Web site privacy policies) for either candidate on their Web site.

However, according to Information Technology & Innovation Foundation (ITIF), the Obama-Biden campaign supports the consumer bill of rights, encourages adoption of Do Not Track legislation (which hopefully won't be corrupted as Ed Bott has reported), and develop industry codes of conduct for online privacy (which, in my opinion, means absolutely nothing).

By contrast, ITIF reports that the Republican party platform wants to guarantee that online data gets "full Constitutional protection".

Both parties have supported the RIAA and regressive bills that benefit over-reaching content owners. I give both candidates a C- on privacy. Neither party has gone out of its way to protect online privacy, both have regularly fielded bills that assault it, and both can be counted on to continue to do so as long as there are lobbyists.

Tech Theme #4: The future of the Patriot Act

Our own Zack Whittaker has written extensively about the Patriot Act. If you haven't read his stuff, you should. It's exceptional journalism. Do be aware that Zack is from England, so he has a British perspective about USA PATRIOT and how our legislation impacts Europeans.

But what about our candidates? In 2011, President Obama extended key provisions of USA PATRIOT for another four years, so he clearly supports it to some degree.

The term "patriot act" does not exist -- at all -- on the Mitt Romney Web site. There is no description or explanation whatsoever of Romney's policies with regard to extending PATRIOT into the future. Patriot Act is mentioned 145 times on the Barack Obama site, but not officially. The mentions are social posts.

Zack and I did a webcast (which, sadly, doesn't appear to be online anymore) where we discussed our two perspectives. I believe that we need certain counterterrorist protections, and while the Patriot Act is terribly flawed, it (or something like it) is needed. Zack disagreed, mostly because those outside the U.S. are finding themselves impacted by a law that's not of their jurisdiction.

I believe PATRIOT needs to be repealed and safeguards that don't sacrifice Constitutional protections need to be put in its place.

I give both candidates a failing grade, Obama for renewing USA PATRIOT for another four years and Romney for ignoring it completely.

Tech Theme #5: IT infrastructure

The U.S. government is one of the world's largest technology consumers, and also one of the world's largest data creators and consumers. As such, how we manage our IT infrastructure is important, both from a national governance perspective as well as how it fuels the IT industry as a whole.

In addition, with the passage of what both parties now call Obamacare, electronic health records and medical IT is becoming a very big thing.

One area that Romney has been clear about is his desire to repeal Obamacare. Now, to be fair, I have my doubts whether he'd be able to pull it off, because if he becomes President, he'd also have to contend with this little thing we all politely call "Congress". Even so, I think the writing is on the wall about electronic medical records and whether or not Obamacare continues in its current form, EHR is here to stay.

But what about the rest of the U.S. government's IT infrastructure? The only mention of "cloud computing" on the Romney site is for a job posting, to work on the Romney site. No mention is found of "data center" or "datacenter".

The Obama administration has a relatively good track record here, consolidating data centers, encouraging adoption of the public cloud where possible, and creating large public data sets.

When it comes to IT infrastructure, we can give Obama a B and Romney an "I" (for incomplete, because we just don't know).

Bottom line

The bottom line is I'm deeply disappointed with both candidates when it comes to tech issues. Technology and IT infrastructure policy discussion has been virtually absent from two campaigns that have relied heavily on technology and IT infrastructure to run their campaigns. These campaigns have relied on the Internet more than any others in history.

And yet, IT seems to be a far lower priority in the minds of the candidates than it should be. Either that, or they just don't think a discussion of IT would play in Peoria. Either way, we're getting short shrift for a very important topic.

I've been finding myself day-dreaming about the people I'd prefer to vote for, if I were given the chance.

ZDNet Government's coverage of Election 2012:

• Image courtesy the White House.

  Nikola Tesla

  If Abraham Lincoln could be a vampire hunter, then Nikola Tesla (who has been portrayed as a vampire on TV) could be President. In all seriousness, Nikola spent his life trying to find free and cheap energy solutions for the world. Granted, some of his experiments, if carried out to their logical conclusion, might have set our atmosphere ablaze, but isn't that a fair price to pay for unlimited, free energy pulled from the air around us?

  Image courtesy Wikimedia Commons.

  Me

  Half of you claim that I'm liberal, half of you claim you know for a fact I'm a conservative. Half of you claim I'm a secret Democrat, while the other half of you claim I'm hiding my Republican roots. In reality, I can't stand either party. But the simple fact that I'd put America first over either party puts me head and shoulders above any of our current politicians.

  Image courtesy David Gewirtz media archive.

  You

  Ultimately, the President is supposed to be the representative of the people, the best-of-the-best of what America has to offer. When I think of the best-of-the-best of what America has to offer, I think of you, Dear Readers, and that's why I'd prefer to vote for you as President over our current choices.

  Image courtesy the magic of PowerPoint.

  ]]> 7000005623 Government Government Asia Government US China

  Pssst... Hey, China! Can we talk? Yeah, you. You country of 1.3 billion people, we gotta have a conversation.

  Look, you're running dangerously close to ticking America off. It's this Huawei thing, believe it or not. You're starting to freak us out with all this sneaking around and spying on our computer gear.

  Yeah, I know you deny it, but you and I both know it's something you'd do.

  U.K. to probe Huawei, BT relationship

  So, here's the thing: we're okay with competing with you in the open marketplace. If you want to hire people for a tenth of what we can, and shove them into dorms, and work them until they jump off the tops of buildings, most Americans either don't know about it, or are apparently relatively cool with that.

  Sure, it means we're losing jobs here in America, and sure that seems like a crappy way to treat people, but if we can get our blingy gadgets for cheap, what the heck? Work those people. Some of us are waiting weeks for the new iPhone 5. Not me -- I'm not even willing to upgrade to iOS 6. I like maps that work. And I wrote an entire book about the issues of American jobs going to countries like China and India. I want jobs here in the U.S. So, I am NOT cool with it.

  Anyway, what we don't like is the idea that you might have backdoors in our computers or that you might somehow be building trapdoors into the data centers you want to build in the U.S. We don't like the idea that you could tunnel in across the ocean in the middle of the night and just turn our stuff off.

  If we want something that will just shut down on it's own, we have it. It's called the Blue Screen of Death.

  See, Americans are all fine and dandy with being competed against, but we're also paranoid as all heck. We're willing to take a lot of time before being paranoid, because paranoia takes a lot of work, and we really would prefer to watch "New Girl" (no, I've never seen it) than organize and make a fuss.

  Questionable loyalties: the cybersecurity implications of buying system software from foreign companies

  Just remember, though -- if you freak us out too much, we'll get all pitch-forky and torches. Don't believe me? Look up Joe McCarthy in Wikipedia.

  I know you've been watching the American elections and you're pretty sure that we Americans can't do anything in a cooperative fashion, but that's not really true.

  So, if we're ever really able to prove that you're building machines for us that take Grandma's whiskey money from her behind her back, or can reach into our data centers and steal our medical or financial records, we will react.

  See, there are American firms we allow to do that. We're fine with Google, Apple, and Facebook knowing all about us. After all, they provide us with services we like. I hadn't logged into Facebook for months, but the day I did, the site served me up with an ad about a little shop that delivered Greek food in my neighborhood.

  How they knew I'd go for that, I'll never know. But it was of value to me, so I didn't mind that Facebook was reading my mind. Sadly, I live in the middle of Florida, a culturally desolate place, and so the Greek food delivery service lasted all of three feta wraps, but that's not the point.

  The point is you need to cut this backdoor spying crap out (yes, I know you deny it). And tell Huawei to just stop bothering us. The company freaks us out.

  Okay, do you want one final example that shows that if you go too far, we Americans will gather together, decide to boycott all your stuff, and go back to buying computers built in Fremont instead of by Foxconn?

  (Aside: who names a company "Foxconn"? Seriously, "fox" and "conn"? Are you trying to advertise sneakiness and spying, or do you figure we're too dumb to work it out on our own??)

  Anyway, you want proof that we'll wake up and smell the scam? Check this out. This week, the House Intelligence Committee (yeah, I know it's hard to put "The House" and "Intelligence" in the same sentence, but work with me) -- anyway, the House Intelligence Committee issued a report specifically warning against buying gear from Huawei and ZTA, calling these companies security risks.

  You want to start quaking in fear? Here's something that should wake you up: this hearing and the conclusion were fully bi-partisan. Wrap that in a sandwich and try to say it: bi-partisan. We don't do anything bi-partisan in America anymore, especially less than a month before the Presidential election.

  And yet, we bi-partisanly disapproved of your shenanigans. This is the first step. If you're freaking us out enough that we're willing to work together, you're waking us up. And when we wake up, we get angry.

  Don't make us angry. You wouldn't like us when we're angry.

  Editorial note: Last November, when I wrote a previous article warning about concerns regarding Huawei's security issues, I was contacted directly by William B. Plummer, Vice President, External Affairs for Huawei. He wanted to set up a phone call where he'd explain where I was wrong. When, instead, I offered to put him on camera and let him say anything he wanted directly to ZDNet's audience without editing, he terminated contact with me and has not responded to further emails. The offer still stands.

  ZDNet Government China coverage:

  • Did Chinese security firm snag too many American security secrets before the barn door closed?
  • In China, many younger military leaders view America as the ultimate enemy
  • Is China gearing up to start World War III?
  • Welcome to the new Cold War: China vs. the United States
  • Dear Mrs. Clinton: whether you believe it or not, China is a threat to America
  • U.S. finally acknowledges Chinese and Russian cyberthreat
  • Video: Should Americans worry about a Chinese cyber-threat?
  • Pace University forensics expert on China and cybercrime (exclusive video)
  • Technology policy challenges faced by the U.S. Federal Government (video seminar)
  • Deconstructing a nasty Chinese World of Warcraft phishing scheme
  • Why the United States might pay China before we pay our own soldiers
  • Also see: There are chapters covering China in my book, How To Save Jobs (free PDF download)

  Disclosure: Huawei has a partnership with Symantec. I was once an executive at Symantec (a long time ago, in a valley far, far away).

  ]]> 7000005391 Government Well, the first debate has come and gone, and I'm -- if anything -- even more undecided than before. I'll admit a few things to you.

  First, after the Democratic convention -- and Bill Clinton's speech -- I was leaning towards voting for the President. I'll admit it. I'm a sucker for a Bill Clinton speech, and it has some level of staying power. Now, don't get your GOP knickers in a twist: if Ronnie was still around, he'd have had the same effect.

  Sadly, there aren't any other Bills or Ronnies running around the political playing field. We're stuck with Barack and Mitt.

  I'll admit one other thing to you. As a quant who lives in PowerPoint, I'm a bit more comfortable with Mitt Romney (when he's not carrying around the baggage of the entire right wing) than I am with Barack Obama (now that he's seemed to have lost the magic). At his core Mitt Romney is a quant who likes making his case with PowerPoint. I can get behind that.

  I've also worked with a bunch of Bain folks, and they're not the evil money-sucking people-haters they've been made out to be. They're very smart, very capable, very professional, and reasonably kind.

  If it was just Mitt Romney running, I'd probably vote for him. But Mitt wanted to become the Republican candidate, and that meant he had to sell his spreadsheet-loving soul to the media and the right wing. As a result, we have no idea how Mitt Romney will do anything, especially since he's completely repudiated most of his stronger statements from his times running for Gov and Senate.

  That leaves us with President Obama, that inspiring orator we've come to know and love. Well, actually, the inspiring orator we vaguely remember from 2008 -- 'cause we haven't seen that inspiring guy for four years.

  Instead, we get Robaracknic, the robotic form of the President.

  If you'd told me that the real Barack Obama had been replaced by his robot double, and the robot double was the one in the debate, I'd have to believe you.

  The man behind that podium wasn't engaged, he repeated pitch points over and over, he barely connected with the audience on anything, he couldn't even look at the Romneyizer, and -- worse -- he didn't bring any fight.

  It's as if all he really wanted was a nap. He seemed petulantly resentful, as if Michelle had taken his cookies away just before he went up on stage. And he still wanted a nap.

  Let's be fair to the President though. Prior to the debate, all Mitt Romney had to do was prepare for the debate and do a little campaigning. Prior to the debate, the President also had to prepare for the debate and campaign, but he also had this little day job of running the country in the middle of economic and international crisis.

  If President Obama didn't quite have time to debate prep because he spent all his time in the Situation Room, we'll understand, right?

  No, actually, we won't. We expect our presidents to be the best America has to offer, with the strength and determination of a Superman and a Batman in an emergency, the essential honorableness of Clark Kent, the business acumen of Bruce Wayne, and the charm of Jay Leno, Ronald Reagan, and Bill Clinton, all wrapped into a single human.

  There are 330 million Americans and only one gets to be president. We expect that one to be the very best of us, not the cranky man who didn't get his afternoon cup of hot cocoa.

  One of the strategies in preparing for a presidential debate is practicing against a strong debate stand-in. In other words, if Mitt Romney was going to debate President Obama, to prepare he was going to have to do a bunch of trial debates with someone standing in as the President. Ohio Senator Rob Portman played this role, and by all accounts, made Romney jump through enough hoops so the former governor was prepared once he went on stage.

  Now who might you think did debate prep for President Obama. Remember that President Obama is the President of the United States and quite literally could have any American run him through the pre-debate ringer. You would think he'd choose the toughest possible trainer and coach, the person who'd make him really stretch and learn and prepare, right?

  Nope. He chose John Kerry.

  Instead of choosing a powerful debate partner, he chose a loser who merely looks like his opponent. I don't know. Maybe their strategy was that way, at least the President would be comfortable on stage, looking at his opponent and feel like he was in familiar territory. Oh, wait. He couldn't do that, either.

  I've said this before and I'll say this again. For the Democrats to succeed at anything, they need to grow a spine -- and they need to somehow deep-six John Kerry. Trade him to the Russians, make him baseball commissioner. Do something that will get him as far away from the Democratic party as possible. Despite his wife's Ketchup fortune, John Kerry is political kryptonite to the Democratic Party.

  John Kerry did debate prep for President Obama. The results were there for everyone to see. Even those who are life-long liberals were disappointed with the President's performance.

  Now, as to the debate content, there's really only one conclusion: W-T-Feh. Seriously, as my wife said, it's impossible to tell when each of them were lying. Clearly Romney came out with statements that were completely the opposite of what he's been saying up to this point. Romney just seemed to make up his compassionate conservative positions on the spot -- 'cause we didn't hear that stuff at the convention.

  Robaracknic, on the other hand, just kept repeating himself, and most of what he repeated was mistaken claims about what he wanted to have heard the other party say. Meh.

  Remember how you can tell if a politician is lying? His or her mouth is moving.

  Left with absolutely no truthiness from what these men said, we're simply left with their demeanor. Mitt Romney seems to really want the job. Barack Obama seems to really want everyone to go away and leave him alone.

  Now, after the first debate, I find myself slightly leaning in Romney's direction. Sure, he's a quant willing to say anything and sell his soul to anyone to get the gig, but he does at least seem willing to show up. On the other hand, no real good can come from the Republican tax-cuts-for-the-wealthy-and-frak-the-rest-of-ya-all domestic policies -- even if Romney now says that's not what he's planning.

  And yet, the Democrats remain as ineffective as ever. Sure, Obama, Reid, and Pelosi finally managed to pass some sort of health reform. But it sucks. It's thousands of pages that no one can possibly understand, a love letter and wet dream for the insurance companies, and a mandate we all buy "affordable" insurance.

  Answer this: is paying more than you do for housing each month -- for a promise that insurance companies will pay your medical bills in the event of a catastrophe (a promise you know they will do their very best to weasel out of) and still probably doesn't cover your day-to-day health care expenses -- is that "affordable"?

  No, it's not. It still doesn't solve the problem, and it still doesn't make American manufacturers competitive against countries with public health care programs.

  In at least one statement, Romney was right. The Dems squandered all their efforts on this train wreck of a bill and paid very little attention to the lack of jobs for Americans, people losing their homes, and all the rest. As a result, four years later, many Americans are still in a world of hurt.

  Sigh. That's why I'm still undecided. I don't want Romney's baggage in the White House. I really don't. But I also can't tell if Obama is still up for the job, and he sure hasn't impressed me over the last four years.

  Can we please have a do-over? Let's just dig up President Reagan or dust off Bill Clinton. Seriously, I'd vote for Zombie Ronnie or Burger Bill in a heartbeat over these two.

  Robot Ronnie? Anyone? Anyone?

  Oh, well. At least we get Biden and that other guy on Thursday. Joe Biden's always fun. Unless, of course, the Dems pick Joe Lieberman do Biden's debate prep. Sheesh.

  ZDNet Government's coverage of Election 2012:

  • An undecided voter on President Obama's convention
  • Diary of an undecided voter (GOP convention edition)
  • Well, there it is. Santorum is out and the real presidential campaign begins today.
  • Delegate math shows Santorum and brokered conventions both out of the running soon
  • Not-so-super Tuesday, predictions for what comes next
  • So, seriously, do the Dems want to lose the election?
  • Romney on fire, Paul pulls into second
  • Paul's got legs, Romney feet of clay, and Santorum grew wings
  • Are these really the best America has to offer? (Campaign 2012)
  • Campaign 2012: Once every four years, I wish I lived in Iowa
  • What was Mitt Romney trying to hide by destroying hard drives?
  • Is there any possible way Jesse Ventura could win the Presidency?
  • Ranking GOP candidates on tech savvy, craziness, and electability
  ]]> 7000005183 Government It's the most wonderful time of the year! It's the most wonderful time of the year! No, I'm not talking about the disturbingly early encroachment of trees in the middle of hardware stores and discount auto parts stores (and those other places people insist on shopping). Instead, it's the most wonderful time of the year because it's debate season.

  Debate season is the best part of a presidential campaign and it only comes around once every four years. Sure, we watched all those Republican debates. I watched them all, didn't you? They were fun, 'n stuff, certainly (I sorely miss Michele Bachmann and Herman Cain). But they weren't the real deal.

  Presidential debates can turn an election and give us catch phrases we'll remember for years. Who doesn't cherish "There you go again," or "You're no Jack Kennedy," or "I am not going to exploit, for political purposes, my opponent's youth and inexperience"?

  Nixon effectively lost the race to Jack Kennedy during the debates. Ronald Reagan turned the tide of his election race with a strong debate performance. Debates make history.

  Now, to be fair, my personal favorite debate is the Vice Presidential debate, especially any that has Joe Biden in a starring role. So, while we'll never ever again have the joy that was Joe Biden vs. Sarah Palin, I'm still very much looking forward to next week's Grandpa vs. Beanpole extravaganza.

  This brings us to the subject of our discussion -- live tweeting. My last foray into the world of live tweeting was in January, where I live-tweeted one of the primaries, and the State of the Union address, in an epic event called Tweet of the Union.

  Live-tweeting a political event: what worked, and what didn't

  As it turned out, it's difficult to live tweet and follow the action closely. While election returns are almost made for live tweeting, because there's a short flurry of action followed by an hour of filler, the State of the Union -- and even more especially -- the debates, are something you need to pay rapt attention to.

  The only way to follow everything -- and also tweet everything -- is to Tivo the event, pause it to tweet and read tweets, and then start it back up to watch. This results in a time-slippage, where eventually the tweets follow the event. Because I was also responding to everyone and retweeting many of you, the time slip got so bad that I was eventually 45-minutes to an hour behind the actual live event towards the end of the night.

  So, that's why I'm not going to live-tweet the debate. It's something that needs to be watched live, and needs to be watched with great care, especially since I'm hoping one of these debates is what finally helps me decide which candidate will be worse for America and which is the lesser of the two evils, the one I'll have to vote for.

  So, tune in tonight at 8pm. CBS News will be covering the event from end-to-end.

  During the debate, feel free to tweet me at @DavidGewirtz and let me know what you think the best lines of the debate were. Also, after the debate is over, let me know who you think won, and why.

  ZDNet Government's coverage of Election 2012:

  • An undecided voter on President Obama's convention
  • Diary of an undecided voter (GOP convention edition)
  • Well, there it is. Santorum is out and the real presidential campaign begins today.
  • Delegate math shows Santorum and brokered conventions both out of the running soon
  • Not-so-super Tuesday, predictions for what comes next
  • So, seriously, do the Dems want to lose the election?
  • Romney on fire, Paul pulls into second
  • Paul's got legs, Romney feet of clay, and Santorum grew wings
  • Are these really the best America has to offer? (Campaign 2012)
  • Campaign 2012: Once every four years, I wish I lived in Iowa
  • What was Mitt Romney trying to hide by destroying hard drives?
  • Is there any possible way Jesse Ventura could win the Presidency?
  • Ranking GOP candidates on tech savvy, craziness, and electability

   

  ]]> 7000004999 Government US Security Oh, my, but the blogosphere was a-poppin' on Friday. At a Washington, DC cybersecurity summit, U.S. Secretary of Homeland Security Janet Napolitano, the former governor of Arizona, admitted she never, ever uses email.

  My former colleagues at CNN blasted, "The Luddite atop US cybersecurity". TechDirt -- one of my favorite watchdog sites -- claimed she "doesn't know much (if anything) about the internet." There were other exclamations of shock and disbelief throughout the news cycle.

  I also got a call from a national news organization (not CBS), who wanted to know if the fact that Napolitano doesn't use email means that she admits that email is unsafe -- and, by extension, that we should be worried about email safety in America.

  To a measurable degree, this is a non-story. First, I'll tell you about one of my most favored bucket list items. Put simply, I dream of the day I never, ever have to use email again. Fess up. There are a lot of you who'd be thrilled if you never had to face the inbox and all the whining, complaining, and beseeching messages that lie therein.

  Secondly, Napolitano's preference does not indicate an administration preference. I got my start back at CNN writing about President Obama's refusal to give up his BlackBerry in his first week in office. Obama uses a secured email device and stays in touch constantly. By contrast, George W. Bush gave up his email access for his entire two terms. Given how problematic Bush administration email was (yeah, I wrote the book on it), it was a smart decision on the part of the former President.

  The fact is, executives at her level have options when it comes to personal communications. Put simply, they have people for that. Being head of DHS is a very demanding job, and spending 20 minutes to 2 hours a day being a slave to the inbox is not the best use of time.

  Next, there are security issues. Internal U.S. government email security is generally rather good, but as I discussed at length in my book, the 1939 Hatch Act prevents government officials from using public facilities for political use. This has been interpreted in our modern world to mean that government-secured communications can't be used for political emailing -- and that means that the open Internet winds up being used, even when it's ill-advised.

  Frankly, I probably wouldn't make the choice Napolitano made, were I in her gig. The fact is, I'm an email junkie. I find myself checking my email constantly, and I go through some sort of freaky withdrawal symptoms if I'm away from a high speed Internet connection for more than an hour.

  I disagree with TechDirt, though, when they say that not using email disqualifies her from being in charge of America's cybersecurity. Frankly, not having an engineering or technical background is what disqualifies her from that job. But she's not the person in charge of America's cybersecurity, any more than President Obama is. There are people who report to her (as well as report to various branches of the military) who have that role.

  Napolitano is a politician and a bureaucrat. Email skills are not a job requirement.

  Finally, there's the question of whether email is safe. I've answered this about a billion times: no, it is not safe. Email on the Internet is not secure, it's filled with risks, and you need to proceed with caution if you use it.

  While we're on the topic, avoid opening attachments, update your applications and operating systems, and eat your veggies.

  ]]>