Category Archives: Food

Energy, Food, History, Security

WTF is Wrong with Wisconsin?

Leave a comment

Provocative title? Although I originally am from Kansas I spent several years working and living in Wisconsin so I know the area fairly well. Remember the book called “What’s the Matter with Kansas” by Thomas Frank? It seems like he might want to publish a new edition that takes a look at the roots of the current crisis in Madison.

A movie might be an even better idea:

Consider, for example, the recent announcement of a clean water bill.

…the rules were developed after years of research and public input, including extensive stakeholder input from farmers, municipal water treatment systems, manufacturers, food processors, local governments and environmental groups. Organizations that supported passage of the rules included the Wisconsin Farm Bureau, the Dairy Business Association, the Potato and Vegetable Growers Association, the Wisconsin State Cranberry Growers Association, the Wisconsin Corn Growers Association, the Wisconsin Pork Association, the Wisconsin Cattlemen’s Association, the Municipal Environmental Group (representing local wastewater systems), Clean Wisconsin, Midwest Environmental Associates, the Wisconsin Association of Lakes, the Wisconsin River Alliance, Wisconsin Environment, and the Sierra Club.

[DNR Secretary Matt] Frank added, “We are currently working with all stakeholders on implementation guidelines as well as the design of a pollutant trading system that will lower the cost of compliance even further.”

Wow, that’s a broad-base of industry and organizations who have taken a careful and long-term approach to managing risk. Frank offers this explanation for the popular support.

“Wisconsin’s lakes and rivers are the foundation for our economy, our environment and our quality of life. Stakeholder groups came together to preserve that foundation by addressing phosphorus pollution comprehensively. Under this rule, Wisconsin can look forward to cleaner beaches, more swimmable lakes, improved public health, healthier fisheries and wildlife habitat.

Cleaning up waters polluted by excessive phosphorus is crucial to protecting our $12 billion tourism economy and our $2.75 billion fishing industry. Reducing phosphorus will protect private property values and local tax base, as shown by state and national research linking higher property values with water clarity.

Ok, the quality (safety) of water is essential to the state economy. This is not just based on conjecture and theory. Milwaukee has had a host of water contamination issues from heavy metals to a catastrophic water crisis of 1993.

The massive outbreak of waterborne cryptosporidiosis in Milwaukee, Wisconsin in 1993 is an example of how contaminated water distributed through a municipal water system can lead to a major public health crisis. As a result of the Cryptosporidium contamination, an estimated 403,000 Milwaukee residents developed diarrhea reflecting an attack rate of 52% of the population with more than 4,000 requiring hospitalization. Cryptosporidiosis was listed as the underlying or contributory cause of death in 54 residents following the outbreak, severely impacting susceptible populations most at risk. An estimated 725,000 productive days were lost as a result of the water contamination event and more than $54 million in lost work time and additional expenses to residents and local government resulted from the waterborne disease outbreak

So Wisconsin has some very real and local data on the harm from a failure to protect their water supplies, which include death and economic disaster. The 2010 Water Quality Report shows warnings for mercury and industrial contaminants for most of the state and shows how regulations have helped document, assess and reduce risk.

It all makes sense so far. Here’s the problem: Republicans in both the House and Senate of Wisconsin recently have tried to kill a bill that regulates phosphorous pollution in their water — a bill wanted by industries to protect and preserve water quality.

Believe it or not, despite the data and analysis I quote above, the Republicans argue that protecting water is too expensive a burden to the economy. They think municipal governments can not afford the security.

But their analysis fails on two very obvious and simple points:

  1. It is far more expensive and disruptive to clean up pollution in the environment than to prevent it.
  2. The state has developed their own localized approach after careful study and time for comment and feedback. A failure to follow-through will set themselves up for hasty and less palatable reaction to a disaster (e.g. 1993). A federal approach may also become necessary. An unwillingness to solve obvious health risks at the state level will not make solutions any easier or less expensive.

Perhaps the real reason they are intent on stopping state regulation is because they do not fear #2. They believe there will not be any federal investigation or regulation to prevent the next water quality crisis because of recent legal decisions, such as Rapanos vs. the United States in 2006, that block the government from testing for contamination in “non-navigable” water.

New York’s Assistant Commissioner for Water Resources James M. Tierney told The New York Times that the court decision creates a big problem. “There are whole watersheds that feed into New York’s drinking water supply that are, as of now, unprotected.” The EPA says that over 100 million Americans are drinking water that comes from unguarded sources.

That still leaves problem #1.

Perhaps the short-term blind-eye approach to contamination is best understood by looking at an obscure wetlands strategy by the new Wisconsin Governor. Government oversight for “every wetland in Brown County, both federal and nonfederal, of less than 3 acres in size” was declared “over regulation” — as if security is an impediment to business development.

Gov. Scott Walker has proposed exempting a parcel of Brown County wetlands owned by a Republican campaign donor from water quality standards.

The donor is said to seek the Governor’s assistance with relaxation of state security standards because he intends to fill in 2 acres of wetlands and build…a Bass Pro Shops store to sell fishing supplies. Really.

WTF is wrong with Wisconsin?

The Governor seems to think that ruining the security and economic base of the state by ignoring long-term damage from the contamination and destruction of resources is a good business plan. That’s like lighting your store on fire and then charging admission to watch it burn down. Not the best business strategy. You might end the day with a few more dollars in your pocket, but then what?

Applying just a tiny bit of common sense would make fishing store developers want to preserve and protect natural resources. I mean perhaps the Governor could use the same emphasis he has put into halting wind energy innovation (supposedly based on concern for the purity of the environment) and just apply it to water?

Food, Security

False Labels on “Local” Food

Leave a comment

It’s hard to verify claims of food origin these days. Yet another audit confirms the problem — in England about a third of food labels are said to be a unverifiable or false.

Local Government Regulation inspectors tested 558 items in 300 shops, restaurants, markets and factories.

They found misleading labels including “Welsh lamb” which actually came from New Zealand, “Somerset butter” from Scotland and “Devon ham” from Denmark.

And then you might find someone selling Cheddar not made in Cheddar, England and Budweiser not from the Czech Republic….

This seems like better news than finding out your food is laced with poison, or that it was repacked after being declared rotten, or even that it was obtained unethically; but it still creates a curious breach of trust.

I can imagine several ways to address this, aside from RFID labels and real-time tracking databases. The most successful approaches likely will emphasize change in demand with encouragement to consumers to build trust with growers and re-learn traditional supply limitations (e.g. no lamb except in the spring).

Food, Security

The Problem with WAF (Again)

Leave a comment

Jim Bird yesterday raised the same critique of web application firewalls (WAF) that we have seen since they were first introduced — they are non-trivial and not-perfect:

For some teams, especially teams that are not building out-of-the-box simple web apps, and Agile teams that are following Continuous Delivery with frequent deployments to production, or Continuous Deployment updating production several times a day, that’s a lot of work.

And WAFs add to operational cost and complexity, and there is a performance cost as well. And like a lot of the other appsec “solutions” available today, WAFs only protect you from some problems and leave others open.

I do not disagree in principle, but this is just another way of saying we want something more effective for less cost.

As long as we’re posting our wishes why not push the onus back onto developers? Can’t they just develop more useful and secure code for less cost?

It has to be simpler. It’s too hard to write secure software, too easy for even smart programmers to make bad mistakes – it’s like having a picnic in a minefield. The tools that we have today cost too much and find too little. Building secure software is expensive, inefficient, and there is no way to know when you have done enough.

There aren’t any easy answers, simple solutions. But I’m still going to look for them.

Can’t hurt to look, right? There has to be an easy assembly-line way to make coding more like making a picnic basket from McDonalds instead of all the complicated and messy work of cooking in a kitchen…even for a day in the minefields. Good analogy, Jim. That security problem was easy to solve in the real world, right?

Clearing minefields is a long, slow, time-consuming process, and there is no room for error.

Oh well, move along. Nothing to see here. Don’t look at Jim’s poor analogy blown to bits.

Interesting also that the latest and least costly mine detection systems could also be the most dangerous to a picnic…but I digress.

I smell a mine. No, wait, it's just your cheese.

Mines might be too extreme an example — risk of failure too catastrophic. What about just wearing special shoes on picnics to be healthier? Looks like they might also have run (pun not intended) into some technical problems.

The Environmental Protection Agency says they have settled with the manufacturer of Crocs over a case of unproven health claims.

Perhaps Henry Ford put it best, when he famously said the cost of practicing security was never justified:

Security is bunk. If you are safe, you don’t need it: if you are breached it is too late.

Ok, I confess I adapted that. He actually was speaking about the cost of exercise to stay healthy…

Exercise is bunk. If you are healthy, you don’t need it: if you are sick you should not take it.

On the contrary, the low cost of exercise (while you don’t “need” it) may in fact be part of the benefit. You invest while you are healthy as a preventative measure because if you try to use shortcuts or put it in later you will not achieve the same return on investment.

Back to the WAF, Jim might find that “a lot of work” spent on security for the firewall might actually be worth it in terms of understanding security of his apps better, improving them overall, as well as preventing breaches and known attacks. I wager he will find the cheap and easy cure for application security around the same time that he finds the cheap and easy cure for health.

Easy Street
Even if you find it, it might not go where you want today (Photo by me)