The Dropped Washer Effect

One of these buildings can melt your car down. Can you identify the culprit?

Have you ever come across a situation where something, utterly negligible and minor, had become a cause for a major disruption or even an accident? Such as a small crack in an underground water pipe, dripping inconspicuously for a couple of years, and eventually causing a landslide after accumulating a critical mass of water? Or a seemingly common glass building capable of focusing the sunlight so that it melts the bodywork of cars parked nearby?

If so, chances are high that you observed an example of the Dropped Washer effect. Named after a Boeing 737 accident in Okinawa, Japan, the dropped washer effect describes large-scale adverse events that happened because of the cause of an incomparably lower significance. The unfortunate Boeing ended up burning out completely because of a missing slat mechanism washer, 0.625 inches wide, that the engineering crew forgot to replace after the aircraft’s last service.

One characteristic of the potential dropped-washer features that makes them particularly naughty is their zero perceived value for the business. Offering no added opportunities and presenting no apparent risks for the product, they often do not even exist in the minds of the product stakeholders. This important peculiarity makes it all too easy for them to slip every safety measure employed in modern production flows – from risk assessment to quality control.

Happily, in many cases there are techniques that can help increase our chances of spotting and eliminating the dropped washers from our projects.

Check out my new paper here.

Picture credit: Reuters

7 Security Mistakes Boeing Made

The story of the two recent Boeing 737 MAX crashes is packed with questions we are yet to find answers to, yet it is already clear that the distinctive feature of the double tragedy is overwhelming number of gross blunders – a lot more than you would expect in a field so extremely attentive to security and safety as commercial aviation.

While we don’t know all the details of the crashes so far, what we do know points out a number of grievous security flaws:

  • security feature as a paid option, not by default: Boeing charged airlines extra for sensor discrepancy detectors; neither LionAir nor Ethiopian aircraft had them installed;
  • hiding information: Boeing hid from 737 pilots that their new aircraft featured a new MCAS system, which could quietly intervene and override the pilots’ control of the aircraft;
  • ignoring feedback: MAX pilots complained to FAA about issues with the aircraft’s in-flight performance, but those were largely silenced/ignored;
  • no safeguards for MCAS failure: this has not been officially confirmed, but it looks like pilots wouldn’t be able to switch off MCAS if they needed to, effectively being unable to fly the aircraft fully manually to recover from MCAS or sensor failure;
  • creating workarounds rather than fixing bugs: the MCAS system was introduced to balance the MAX’s tendency to raise its nose up due to changes in the aircraft’s aerodynamics as a result of its bigger engines. In other words, the essence of MCAS is effectively adding a ton of BBQ sauce on to your overpeppered steak, rather than cooking a well-peppered steak from the very start.
  • conflict of interest: it appears that a great deal of safety tests of the new aircraft were performed by its very creators;
  • trust compromise: this is by far the grossest mistake made by Boeing and FAA; something that might well affect the success of the whole MAX family and of its freshest 777X machine, which was quietly (guess why) introduced two days ago. Whereas the whole world had been grounding their MAX fleets, Boeing chose the tactics of silencing the matter, denying any allegations, and refusing to admit similarities between LionAir and Ethiopian crashes. The only statement that made sense from them was about introducing a vague ‘software update.’ A matter of uttermost importance is that, as per Boeing’s own words, the prospective change was in the works well before the second crash.

I feel incredibly sorry for those who lost their friends and relatives in the crashes, and I feel sorry for the designers of the MAX, which is without doubt a great aircraft. I only hope that the investigation goes smoothly (with Boeing bosses apparently being quite reluctant for it to), and discovers the full truth about the crashes. Being sensible humans, the best we can do for those who gave up their lives to the tragedy, is to learn our lessons and write down all the mistakes we made, and then do everything in our power to prevent anything similar from happening in future.

Picture credit: Boeing

Writing passwords down without writing them down

Whether it is acceptable or not to write your passwords down has been a debatable question for ages. Just like any other eternal question, it doesn’t have a one-size-fits-all answer, with many factors affecting the final decision for every particular password. What we should admit though is that there are situations where writing a password down is hard to avoid, if possible at all. This is partially caused by the myriads of passwords we need to use to access different services, and the increased requirements for their length and complexity. In most scenarios, the two most important rules of thumb are that

using a complex password and writing it down is safer than using a simple one and not,

and

using different passwords and writing them down is safer than remembering a single, however complex, password and using it throughout.

And as long as we have to write our passwords down, it is quite important to do that right. This is because the passwords you write down are subject to a totally different scope of threats, comparing to the passwords you remember. While the passwords you keep in your memory are normally cracked with high-speed automated tools which use dictionaries to work out millions of passwords per second, the passwords you write down are likely to be found, stolen and used by humans. This, on the one hand, makes them somewhat easier to protect (‘we are all humans’, in the end), and on the other hand, the protection needs to be really smart (‘the computer is incredibly fast, accurate, and stupid. Man is unbelievably slow, inaccurate, and brilliant’).

Largely, there are three general rules you need to follow when writing down your passwords. Neither of those is a must, and some may appear too complicated, yet the more of them you will manage to follow, the safer your passwords will be.

The applicability of these rules is not limited with passwords – writing down your card details or any other sensitive information is subject to the same threats, and as such the same rules can be used to protect them.

The first and foremost rule,

Aim to only write passwords down where absolutely necessary.

There are plenty of ways to keep passwords secure without writing them down in plain. Use password managers or built-in browser facilities to remember the passwords for you, and protect them with sound master password. If unsure, back up the master password on a piece of paper using the rules given below. Generally, if there is a choice between writing your password down in plain in an electronic document on your computer or smartphone or on a piece of paper, choose the paper.

Hide as many facts as you can.

Don’t indicate it’s a password anywhere around it. This applies both to passwords written on the paper and those saved in your computer or smartphone as a note or file. Don’t name it ‘My Passwords.doc’, don’t place it in ‘Important Stuff’ folder, and so on. Keep it alongside your normal work documents/in a similarly looking folder on a shelf. If you need to keep your passwords in the Cloud, mix it up with some unrelated stuff. A friend of mine writes her passwords on an old newspaper, takes a picture of her cat playing with it, and saves the picture together with the rest of her photos – making it look like an innocent ‘yet another’ picture of her pet rather than an important password document.

Don’t write usernames. Normally you would only use few usernames across different online resources, the majority of which would be your e-mail address. Try remembering them instead of writing them down. By omitting the usernames, you make it harder for the villain to get use of the password.

Don’t mention the service to which the password belongs. If you follow the first rule, you will only have few passwords written down. Invent a system of indicating which password belongs to which resource, such as by using multi-colour sheets or sorting the passwords alphabetically. If absolutely necessary, use hints and associations instead of resource names.

Use multiple dimensions. Mix real and fake passwords. Write passwords on different media, use different pieces of multi-dimensional information to put the password together. Another friend of mine writes down his passwords on old business cards, and secretly uses letters and digits from names and telephone numbers printed on the cards as part of the passwords.

Finally,

Become a cryptography enthusiast – encipher your password!

When it comes to amateur kind of encryption, most of us would probably recall the technique that was used by American mafia in the Dancing Men story of the Sherlock Holmes series. The reality is that the cipher used by the mafia was not so good, as it was a basic one round substitution cipher with a constant key too easy to break, and, what is more important, it was a nightmare to use (go and try to remember an alphabet of 26 similarly looking shapes!) No wonder Sherlock managed to crack it right away.

Our goal here is to invent something more sophisticated yet easier to use for your passwords – and it’s not as difficult as you might think. Still, it is an important step, and contributing some quality brainwork will help make sure your passwords are safe. What you need to do here is invent a two-way transformation that would allow you to alter your passwords before writing them down, and reconstruct them back when you need to use them.

You can use the following techniques, combine them, or invent your own:

Change occasional letters. Avoid well-known schemes, such as replacing l with 1, E with 3, or B with 8. Everyone knows them. Invent your own scheme. One of the options is to take a random word in which no letter appears more than once, and use that word as a transformation mechanism. For example, a word ALMOST would instruct us to replace all A’s with L, all L’s with M, all M’s with O, all O’s with S, all S’s with T, and all T’s with A. To get the password back, you follow the reverse procedure, by replacing all A’s with T, all T’s with S, and so on.

Change the order of letters – e.g., by swapping letters on odd places with those on even places, or reverting the word as a whole.

Add random prefix, postfix and suffix – but make sure you remember how many characters and in what places you have added.

Sometimes it helps to write down a hint to remind you of the kind of changes that have been applied to the password, as long as the hint doesn’t disclose them right away.

All in all, the exact technique to use would depend on the criticality of the password that you need to hide. If you are only hiding your TV PIN from your kids, using a simple letter substitution would probably work just fine (though I personally would never underestimate the intelligence of kids!) If it’s your Paypal password that you keep in your wallet, you obviously need to apply a more sophisticated technique.

Now you know enough to start writing your passwords down securely. Please keep in mind, however, that the less information you give away, in any form, the safer you are, and only use the techniques described above where you have no other choice but to do it.