How to protect your private data when you travel to the United States.

On January 30 – three days after US President Donald Trump signed an executive order restricting immigration from several predominantly Muslim countries – an American scientist employed by NASA was detained at the US border until he relinquished his phone and PIN to border agents. Travellers are also reporting border agents reviewing their Facebook feeds, while the Department of Homeland Security considers requiring social media passwords as a condition of entry. The Conversation

Intimidating travellers into revealing passwords is a much greater invasion of privacy than inspecting their belongings for contraband.

Technology pundits have already recommended steps to prevent privacy intrusion at the US border, including leaving your phone at home, encrypting your hard drive and enabling two-factor authentication. However, these steps only apply to US citizens. Visitors need a totally different strategy to protect their private information.

Continue reading “How to protect your private data when you travel to the United States.”

Why universities should get rid of PowerPoint and why they won’t

Paul Ralph, University of Auckland

Do you really believe that watching a lecturer read hundreds of PowerPoint slides is making you smarter?

I asked this of a class of 105 computer science and software engineering students last semester.

An article in The Conversation recently argued universities should ban PowerPoint because it makes students stupid and professors boring. I agree entirely. However, most universities will ignore this good advice because rather than measuring success by how much their students learn, universities measure success with student satisfaction surveys, among other things.

What is so wrong with PowerPoint?

Overreliance on slides has contributed to the absurd belief that Continue reading “Why universities should get rid of PowerPoint and why they won’t”

Heartbleed patched but security time bomb is still ticking

Heartbleed, the bug that has preoccupied thousands of websites and millions of users over the past week, may well have been the biggest security flaw in internet history but it is unlikely to be the last.

Our entire security infrastructure is a mess because both ordinary people and elite security experts often harbour fundamental misunderstandings about security, design and privacy.

Heartbleed is a bug in OpenSSL, a library used by programmers to encrypt data on the web. Hackers may have used the bug to find your password for Facebook, Instagram, Google, Yahoo and possibly thousands of other websites.

Security Guru Bruce Schneier has called the situation “catastrophic” – an 11 on a scale of 1 to 10. And the craziest part is, Heartbleed is so simple that you can explain how it works in a six-panel comic strip. Continue reading “Heartbleed patched but security time bomb is still ticking”

Obamacare web fiasco won’t be the last big IT fail

This post was originally published by The Conversation on 13 November 2013. – the web-based manifestation of Obamacare – launched last month to numerous and widely-publicised problems including long wait times, corrupted data and nonfunctional buttons.

Although it was widely portrayed as an unprecedented fiasco, significant problems, and even catastrophic failures, are actually very common in large and complex IT projects.

Just last year, the US Air Force abandoned one system after already spending $1 billion. In Australia, a defective data exchange in the court information system led to 22 false arrests. In 2010, a data entry bug led 25 organ donors losing the wrong organs.

We’ve seen Google classifying all websites as malicious and even a computer virus suspected in the deaths of 154 Spanair passengers.

While’s specific faults do differ from the previous examples, the underlying problem is the same: the combination of size and complexity. Continue reading “Obamacare web fiasco won’t be the last big IT fail”

Does cognitive bias kill creativity?

This article was originally published in the July issue of Website Magazine.

When you aim for a creative solution — not simply an incremental improvement, but a real innovation — you pick a fight with your own brain. A vast array of systematic deviations from optimal reasoning, which psychologists call “cognitive biases,” conspire to subvert your creativity. Here are six bias-infused errors you may recognize.

1. It’s not my fault, it’s default…

Defaults matter. Just ask Continue reading “Does cognitive bias kill creativity?”

The three horseman of the gamepocalypse

(this piece was originally published on The Wall on 24 August 2012)

Are we headed for the Gamepocalypse – a dystopia where everyone earns meaningless points for every activity from watching television to shopping to riding the bus? Doubtful, as earning meaningless points isn’t much fun on its own. Why then are marketers’ attempts at gamification so focused on meaningless points?

Gamification sounds easy enough: translate business objectives into desired customer behaviour, use a points system to link behaviours to virtual rewards and free swag, throw in some social media integration and voila, profit. As games are fun and motivating, making our customer interactions more game-like will make our customers happier and more motivated. While essentially sound, contemporary gamification approaches exhibit three common flaws – 1) they are tedious rather than fun; Continue reading “The three horseman of the gamepocalypse”

How software developers suffer from the illusion of requirements

Proponents of Agile development have long argued that users are not capable of clearly stating a comprensive, accurate, consistent set of requirements for a desired system. The truth is more problematic. Most software projects have no requirements to state – at least, that is theme of new research in Requirements Engineering.

Suppose we’ve been hired by a hospital. The hospital has just finished digitizing all patient records. Physicians need to access patient records on the computers in examination rooms but, due to privacy legislation, records must be visible only to the physicians. That is, a nosey patient shouldn’t be able to read someone else’s information over the physician’s shoulder. Based on this description, we devise two approaches – 1) information is displayed using codes that only physicians can decipher; 2) a matching pair of filter screens and glasses installed such that the screen can only be read by someone wearing the glasses. The requirements, therefore, are the features common to both approaches. Filter-glasses, for example, are not required because the secret codes approach doesn’t need them.

The first problem is that Continue reading “How software developers suffer from the illusion of requirements”

Getting gamification right through psychology and gameful design

(This post was originally published in Drum Magazine on 21 Aug 2012)

Depending on who you ask, gamification is either revolutionizing marketing, triggering an apocalypse, the key to saving the world or just another buzzword. For the time being, however, some of the UK’s strongest brands including Coca-Cola, Nike and Tesco are producing painfully ill-conceived gamification initiatives. In fact, “gamification” is accruing negative baggage so quickly that academics are already shying from the term.

Why Gamification Fails 

The logic of gamification may be stated: “games are fun and motivating; therefore, making our system more game-like will make it more fun and motivating”. Based on this apparently reasonable assertion, Gamification consultants consequently apply a fairly simple formula: Continue reading “Getting gamification right through psychology and gameful design”

Becoming a public intellectual

Few computer science academics have become public intellectuals. What is a public intellectual (PI)? Alan Lightman and Stephen Pinker explained it pretty well:

Such a person is often a trained in a particular discipline, such as linguistics, biology, history, economics, literary criticism, and who is on the faculty of a college or university. When such a person decides to write and speak to a larger audience than their professional colleagues, he or she becomes a “public intellectual.”

They went on to describe three levels of PI. At level 1, the PI speaks and writes for the public about his own discipline. At level 2, the PI speaks and writes about how his discipline “relates to the social, cultural, and political world around it.” At the level 3, the PI becomes a symbol for intellectualism and is invited to speak and write about diverse topics. Level 3’s include Noam Chompsky, Carl Sagan, Neil DeGrass Tyson, Richard Dawkins, Paul Krugman and – of course – Albert Einstein.

Becoming a level 3 PI is tall order. However, like aspiring to win a Nobel Prize, pursuing it makes for a great career even if you never quite make it. And besides, there’s no Nobel Prize for information systems or software engineering. Consequently, I’m starting this blog to record and promote my attempts at bringing design thinking and systems thinking into the popular lexicon.