1. The more expert you are in the area that somebody else is talking about, the more likely they are to be wrong.
2. The more expert you are in the area that somebody else is talking about, the less likely you are to recognise when you’re wrong.
3. When somebody else talks about how technology is going to change everything, start with the assumption that they’re wrong and go from there.

My reason for posting these will become clear in the next post, probably.

BrightEarth Software Developer (call for interest)

The BrightEarth Initiative is looking for a highly competent and motivated software developer to join the Humanitarian Sensor Web (HSW) project.

Who we are:

The BrightEarth Initiative aims to promote appropriate use of information and communication technologies (ICTs) to benefit the international humanitarian community. The Sensor Web will provide a dynamic ‘Web 2.0′ mapping tool to improve humanitarian coordination and response.

Who we are looking for:

We are seeking a lead software developer. Your duties will include web-based software system design, development, validation and deployment. You will be heavily involved in programming, high-level software architecture and design. The development of the Sensor Web is currently in progress so you will need to learn an existing architecture.

The ideal candidate would satisfy the following qualifications:

- At least 5 years of relevant experience

- Advanced knowledge in PHP

- Advanced knowledge in database design and MySQL

- Experience with HTML, CSS, and JavaScript (AJAX)

- Experience with Google Map APIs, KML and Google Earth

- Experience in integrating mobile technologies a distinct advantage

Located at Harvard Square in Boston. The position is full time for one year Compensation is commensurate with experience. Harvard University is expected to oversee the project from mid-2008 onwards. This is only a call for interest since the position is still being finalized with Harvard but interested candidates should send a copy of their CV to:  grahamgp }at{ gmail }dot{ com.

We often fail to realize how little we know about a thing until we attempt to simulate it on a computer.

- Donald Knuth

(HT: John Nicol)

Earlier this week, Paul noted that computer network attacks could have an impact on future relief efforts. In the early days of NATO’s Kosovo air war in 1999, I remember chirpy NATO spokesman Jamie Shea saying that the NATO website was under attack by Serbian hackers. Who knows whether it was true, or just a ruse of some sort, but was it the first government-acknowledged mention of cyber-warfare? There are a few more interesting things to note about that story: the BBC still had an “Internet Correspondent”, reporting on events in that far-off planet of “cyber-space”, and it was filed on 1 April 1999. Hmm …

Anyhow, back to the important business of digital security. I prefer the blander term information assurance because the work we’re discussing has so many angles to consider beyond ICT. To illustrate this, marvel at the McCumber Cube, designed by security guru John McCumber in 1991:

[Graphic courtousy Munawar Hafiz, on Wikipedia]

Handy, eh? This clearly relates geeky technical and operational considerations to the purposes for which information is collected and used in the first place. There’s little point considering how to secure information before defining why it needs securing, which requires a consideration of who might gain/lose from possession of the information.

Likewise, as Kevin over at Patronus rightly pointed out, social engineering – or how an adversary relies on your politeness, habits and generally positive view of humanity to get you to hand over the jewels – is an effective way to break the most technically secure of systems. Commercial organisations have long been using external actors to test how vulnerable they are to theft of information. This penetration testing industry has become commonplace enough in the US to spawn its own reality television show. This service (and perhaps the reality TV show!) could easily be extended to NGO offices, should the need be demonstrated.

I wonder how McCumber’s information assurance model dovetails with common approaches to NGO security, and how current materials – like the ECHO Generic Security Guide - could be updated to take it into account.

Pass the cube around the office and start the discussion.

Before we get back to the (frankly depressing) usual posts about humanitarian emergencies, disaster response and the like, let’s take a break with NetDisaster - now with “Led Zeppelin” option!  Happy New Year, everybody!

I just confirmed that I’ll be working with UNICEF for three weeks, supporting co-ordination of water and sanitation activities as part of the response to Cyclone Sidr. It’s the first time I’ve worked in the field since the 2005 tsunami response, so this will be an interesting test of my combat readiness, so to speak. I’m assuming that I’ll be extremely busy, but I’ll try to keep blogging some good stuff from Dhaka. This is cross-posted on The Unforgiving Minute and humanitarian.info.

NGO Manager recently asked me to write something on information management for NGOs for their newsletter, which forced me to think a bit. As everybody knows, I hate thinking. Specifically, I had to think about the five resources that I would recommend to anybody working in an NGO who wanted to know about information management and technology but didn’t know where to start.

So here’s my meme: what five resources - online or otherwise - would you point people to, if you wanted to give them an entry into your field of expertise?

First push: to Nancy, Sanjana, Jennine, Taran and Declan.

As of this Sunday, I’m going to be in Sudan for about a month, carrying out the second field visit for the ECB4 assessment. This means that I’ll actually be posting some actual, honest-to-goodness perspectives from the field - which is far more interesting than just commenting on other people’s blog posts, right? Right.

While we’re waiting for my flight, I thought I’d post something entirely unrelated to ICT or relief work. Courtesy of Sanjiva, I entered my travel details for last year into the Great Circle Mapper, to find out exactly how far I travelled in 2005. That’s 165140 km, people! No wonder I’m tired.

And here’s a meme right back (although it’s a pretty old one). Ever since I first went over the water, I’ve had a running competition with myself: to visit more countries than I’ve lived years on this earth. So far, so good - I’m on 50 52 at last count, although it depends on how you count the countries - personally, the whole Balkans thing makes my head hurt. Here’s my current status, courtesy of the Visited Countries project of Douwe Osinga.

Please note that no Google Maps were harmed in the making of this blog.

I’m not really sure how I missed “How NGOs can harness new technology” by Grey Frandsen, which was published by the Humanitarian Review in their Autumn 2004 issue (currently listed as their current issue, which means that their publication rate is even worse than this blog).

Some of the descriptions of the technology in the article are - how can I put this kindly - inaccurate. Skip to the end, however, and Grey hits a very solid target, namely that “these technology systems are all developed on different platforms and are not yet standard throughout the humanitarian community… Accordingly, it is not clear whether these products will have an impact on the entire humanitarian community and how effective they will be at changing the way the community handles complex operations in total.”

Sounds familiar. The findings are consistent across the board - the need for a common platform is pretty overwhelming and, in the humanitarian context, can’t be argued against on the basis of corporate interests. The other note of interest in the article comes even later, and applies equally to this blog: “Don?t let articles like this one entice you to employ a new, expensive system without making sure it fits into your technology plan.”

Not that I’m cheerleading for a “new, expensive system,” since I can’t even afford the hosting costs for this site….

The notes from my presentation at the recent NTEN conference are now available. I concentrated on the practicalities - where the gaps are in our responses, and what approaches are going to fill those gaps effectively. Talking to people at the conference afterwards, I realised that I was right to emphasise joint approaches, rather than efforts by individual organisations. The organisations involved in humanitarian responses are so varied in backgrounds, mandates and approaches that there can be no single “right” way to implement ICT projects that applies to all. Instead, we need to focus on building liks between organisations and sectors in a way that improves the flow of information so that they can get on with their work.

Oh, and to remember that, in the end, all of these activities are only useful if they help the beneficiaries. Notes are here.