Food, History, Security

Triclosan Ban

Leave a comment

A movement to ban Triclosan from consumer products has gained momentum after a report in 2007 said it created risks but no benefit to health.

Antibacterial soaps show no health benefits over plain soaps and, in fact, may render some common antibiotics less effective, says a University of Michigan public health professor.

It costs money to include Triclosan as an ingredient. The market, if functioning properly and recognizing the absence of benefit to the ingredient, should eliminate it. Why then, does Triclosan continue to appear in products like lipstick, deodorant, soap, shampoo…?

The Food and Drug Administration (FDA) gives no explanation.

At this time, the agency does not have evidence that triclosan in antibacterial soaps and body washes provides any benefit over washing with regular soap and water.

Nonetheless, it has taken a wait-and-see approach — regardless of the lack of benefit, they do not yet see enough evidence of harm.

FDA does not have sufficient safety evidence to recommend changing consumer use of products that contain triclosan at this time.

Does this mean proof of benefit is not necessary but proof of harm must be overwhelming? It reminds me of the regulatory approach taken with leaded fuel:

The Public Health Service created a committee [in 1925] which reviewed a government-sponsored study of workers and an Ethyl lab test, and concluded that while leaded gasoline should not be banned, it should continue to be investigated. The low concentrations present in gasoline and exhaust were not perceived as immediately dangerous. A U.S. Surgeon General committee issued a report in 1926 that concluded there was no real evidence that the sale of TEL was hazardous to human health but urged further study. In the years that followed, research was heavily funded by the lead industry…

Despite rapid health deterioration and even the death of workers exposed to TEL, industry managed to get the regulators to wait and call for more studies.

Imagine if leaded fuel had been banned in 1925 when it was first obvious that it was highly toxic. It would have not only prevented harm but also forced innovation in safer fuels and more efficient engines (even for airplanes), instead of waiting another fifty years.

In February 1923, a Dayton filling station sold the first tankful of leaded gasoline. A few GM engineers witnessed this big moment, but Midgeley did not, because he was in bed with severe lead poisoning. He recovered; however, in April 1924, lead poisoning killed two of his unluckier colleagues, and in October, five workers at a Standard Oil lead plant died too, after what one reporter called “wrenching fits of violent insanity.” (Almost 40 of the plant’s workers suffered severe neurological symptoms like hallucinations and seizures.)

Still, for decades auto and oil companies denied that lead posed any health risks. Finally, in the 1970s, the Environmental Protection Agency required that carmakers phase out lead-compatible engines in the cars they sold in the United States. Today, leaded gasoline is still in use in some parts of Eastern Europe, South America and the Middle East.

While the need to reduce our exposure to lead is now overwhelmingly obvious, some industry leaders continue to dispute and cast doubt on its regulation. With no known benefit in so many products, will they also fight for Triclosan?

Security

2011 BSidesSF: Dr. Stuxlove

2 Comments

I will be presenting at the 2011 BSidesSanFrancisco conference:

“Dr. Stuxlove or: How I Learned to Stop Worrying and Love the Worm”

When: 4pm, Tuesday, February 15, 2011
Where: Zeum, 221 Fourth Street, San Francisco
Cost: Free (as always!)
RSVP: http://bsidessf.eventbrite.com

Has our “Human Reliability Program” improved since Stanley Kubrick’s 1964 dark comedy film? What has 44 years of international security, leadership and incident response plans taught us? This presentation gives a look at trends in information security breaches and what really has been changing in order to offer several predictions of how best to prepare for what may be ahead. It then sorts out and clarifies the technical details from the most common and most damaging security breaches. Convergence from the trend data and the technical analysis are then wrapped (and if there is a DJ perhaps also rapped) into a conclusion that might surprise you. As Dr. Stuxlove would say: “the whole point of the Doomsday Malware is lost if you keep it a secret”. Grab your hat, open the bay doors and enjoy the ride.

Copy of Presentation: DrStuxlove.PDF

Security

ATMs Into Africa

Leave a comment

The story in ATM Marketplace has a heart-warming tone, related to improving security.

In addition to reducing time spent on the road, ATMs alleviate concerns about safety. With ATMs installed in close proximity to workers’ jobs, they do not have to travel long distances with cash they have recently withdrawn from a bank, [commercial director of ATM Solutions] Rogan said.

Deployment of ATMs in rural areas has improved the social fabric of farm life, [managing director of Spark ATM Systems] Sternberg said. “Before deployment of ATMs near Keimoes and Kakamas, the men would often spend their money in Upington, leaving their wives and children on the farm on weekends. The men now can spend more time with their families,” he said.

Thus, more ATMs in Africa should mean less time on the road, which reduces risk of accident or robbery, and allows more time to work and be at home. That sounds great. The same might be possible if the employers made a single trip and dispensed cash on payday, but apparently they offload the risk by making their employees travel to banks to get paid.

Aside from the humanitarian aspects, as you might have guessed, there is another compelling reason for banks to expand their ATM presence: profit. Each ATM in rural Africa may see upwards of 6,000 withdrawals a month. With a US$2 fee per withdrawal (or whatever is cheaper than a drive to a bank in another area) very high margins for banks are not hard to imagine:

Cardholders in Africa and the Middle East made an average of 3,914 cash withdrawals per ATM per month in 2009 compared with 1,631 in North America, 2,797 in Western Europe and 2,789 in Asia, according to Retail Banking Research.

The remaining question is whether the bank has introduced any risks to itself by placing ATMs in the rural communities. My work with K3DES on “Protection of Sensitive Data from Device to Acquirer” for the ASC X9 Committee — ANSI (American National Standards Institute) accredited standards developing organization — should help address this issue.

Security

An American Army Suicide Story

Leave a comment

The NYT brings to light the warning signs and risk factors surrounding a suicide in the U.S. Army:

The Army declared him fit for duty and ordered him to Afghanistan after he had twice attempted suicide at Fort Campbell, Ky., and after he had been sent to a mental institution near the base, the home of the 101st. After his arrival at Kandahar early in 2010 he was so troubled that the Army took away his weapon and forced him into counseling on the air base, according to the e-mails from the Army investigator. But he was assigned a roommate who was fully armed. C.I.D. investigators have identified the M-4 with which Sergeant Senft was killed as belonging to his roommate.

“I question why, if he was suicidal and they had to take away his gun, why was he allowed to stay in Afghanistan?” asked Sergeant Senft’s father. “Why did they allow him to deploy in the first place, and why did they leave him there?”