And the Good News is? Apple's iPhone works in my house

phonesAs some readers already know, I've had to abandon my faithful Treo 680 because it wouldn't always work in my house. Sad, because I've had a Treo since they first came out, operating on T-Mobile, then Cingular, now AT&T.

Although it was only GPRS, I was able to read the news on my Treo, do email, Twitter, and write notes pretty darn fast. But the fact is, you can't very well use a cell phone for business if it doesn't work reliably in your house.

I was going to hold out for a new Palm Pre but it looks like that device is anchored to Sprint at the moment (my choice of "anchor" being quite intentional). And current speculation is that the Pre won't be available on AT&T until next year (per the TreoCentral forum). Sprint coverage at my place is zero. Verizon is better and so a Pre on Verizon might be appealing at some point in the future.

But for now, the iPhone 3G is my phone, which means

Crash Team to Oncology Stat: The latest iron overload episode

speakerThe medium may not be the message but it sure shapes it. I need to let a lot of people know what happened on Chey's long-awaited visit to the hematologist (that's haematologist for British readers).

Should I email everyone? Maybe use a bcc with a friends and family list? But then people would feel obliged to respond. Should I blog it and hope people will see it here? Maybe I should Facebook it? How about Twitter? Too late for that. But what the heck, here's how it would have appeared on Twitter if I had tweeted it, starting after lunch on Thursday:

zcobb: Heading over to Cooperstown to the clinic for Chey's hematology consult. Hoping this doctor will OK phlebotomy for her hemochromatosis. 01:50PM

zcobb: Just checked Chey into Oncology. She doesn't have cancer but apparently that's where hematologists hang out. Now headed to 2nd floor for my appt. 02:16PM

zcobb: Waiting for my quarterly checkup. No problems (apart from usual high BP/low depression). We synched up our visits to reduce carbon footprint. 02:23PM

zcobb: Sitting in Room D. Weight not bad (200lbs) BP not so hot. Wonder how Chey is doing. She seemed a bit woozy when I left her in waiting area. 02:28PM

zcobb: OMG, the PA just announced "Crash team to Oncology STAT" and I had this weird flash it could be Chey. But then I'm like "No way." 02:33PM

zcobb: Way. How to tell your day's gone off the rails: A nurse interrupts your meeting with your doctor to say "Your wife's been rushed to the ER." 02:46PM

Iron Overload Fallout: Atrial fibrilation and so much more

I promise I am not going to turn this into The Hemochromatosis Blog but blogs tend to follow what's happening and hemochromatosis is what's happening right now to my best friend Chey.

It's happening because it's a progressive and incurable genetic condition. And it's also happening because new stuff keeps cropping up. Like today, I found two new things that generic iron overload can trigger (these are 'new' as in I never knew about them before). The first is arrhythmia, irregular heartbeat. If you've ever experienced arrhythmia, as in atrial fibrilation, you know it can be quite unsettling.

Well today, Chey was experiencing arrhythmia. So, I look it up on Google and what do I find: "arrhythmias are the most common cause of sudden death in hereditary hemochromatosis patients," according to this set of slides on Increasing Physician Awareness of Hereditary Hemochromatosis. (BTW, these slides by Dr. Kristen J. Schwall, from the Department of Internal Medicine at St. Barnabas Medical Center should be required reading for all doctors.)

According to the Journal of Interventional Cardiac Electrophysiology, hemochromatosis has been associated with atrial tachyarrhythmias and congestive heart failure as a consequence of dilated or restrictive cardiomyopathy. Oh that's just great!

Then as a side effect of Googling, I find a study published by the National Cancer Institute in 2003. This suggests that the two genes, C282Y and H63D, which are linked to hereditary hemochromatosis, may lead to an increased risk of developing colon cancer.

Doctors found that subjects with at least one copy of either of the genes were 40% more likely to have colon cancer than those without. (No word on what it means if you have two copies of C282Y, which Chey does, but I doubt that helps things.) They also found that the risk of cancer increased with age and greater iron intake. The researchers believe that at least 15% of the population carries at least one copy of the mutated gene. They think the study could lead to improved colon cancer screening protocols. Wouldn't that be ironic? Hemochromatosis screening gets funded as a colon cancer prevention strategy.

So here's the deal. We are waiting for a doctor's appointment on Thursday at which Chey's iron overload treatment should finally begin (if not, the hills around Cooperstown will probably ring with screams of "Why not?")

The Problem With Bloodletting

bloodchairEric made an interesting comment on my last iron overload post. He wondered why my wife has not pursued phlebotomy as it is a recognized treatment for iron overload. Eric states "Blood banks are happy to see you because they know they will see you many more times than regular donors."

Eric's comment and concern are both appreciated. Unfortunately, we have hit a few bumps in the road on our way to bloodletting. Here is my current understanding of the situation. Please feel free to comment if you think I have got this wrong--we have heard of regional variations in the way some of these things are handled:

1. Around 1996 the US changed the rules for blood donation to exclude all persons who lived in the UK during the time of mad cow disease. That includes us, so we have not been able to give blood since then. In fact, Chey was a regular donor before this ruling and we suspect that stopping the donations at that time contributed to the build up of iron--her iron overload symptoms started to manifest after that.

2. Voluntary donations of blood are not accepted if less than 8 weeks apart. So, according to our doctor, a routine of accelerated phlebotomy to treat hemochromatosis requires a prescription (I know it sounds weird: a prescription to give something as opposed to take something).

3. Some blood banks lack a means of categorizing blood that is 'donated' by iron overload sufferers and so they do not accept it (apparently this varies by region). Strange but true (according to the Iron Disorders Institute Guide to Hemochromatosis).

So, common sense would indicate blood-letting is a simple fix but reality is proving less sensible. We have not yet tried the amateur freelance phlebotomy approach but we have been tempted (I just wish I had paid more attention to how you stop the flow of blood once it's been started).

And I should add that we are beginning to run into the "Dr. No" syndrome. That is the "Dr No. Big Deal" syndrome, when your doctor decides you're making too much fuss about your illness and starts telling you you're exaggerating. You hear things like "lots of people feel tired at your age" and "it's normal to feel depressed this time of year" and "your test results are close enough, nothting to worry about" (when in fact the results are clearly abnormal and frankly worrying). We are seeking to address this problem without alienating the medical profession in our small community.

The Ongoing Impact of Iron Overload

I first posted about iron overload or hemochromatosis around Thanksgiving 2008. That's when my wife Chey learned she had this incurable, degenerative, and potentially fatal genetic condition. Since then we've learned a lot about iron overload (for example, as many as 1 in 300 Americans of Northern European descent may suffer from it, most of them undiagnosed and headed for an early grave).

We've learned that several of Chey's relatives suffer from the condition and others may have died of it. Death from untreated iron overload comes in several forms, two of the most notable being liver cancer and cirrhosis of the liver.  (If a relative is diagnosed with cirrhosis of the liver but they claim they don't drink much alcohol, they could be telling the truth. It could be iron overload.)*

Iron overload can damage other organs and glands besides the liver, such as the gall bladder, the pituitary and the thyroid. So, if you are diagnosed with hemochromatosis, your doctor will probably order a bunch of tests to check if there has been damage. A referral to an endochronoligist is likely.

In my wife's case the endocrinologist has already confirmed thyroid deficiency which he is now treating. Now he has  found, via a pituitary test, very low growth hormone. Some of the changes associated with GH deficiency are loss of energy, a loss of interest in usual hobbies or activities, and a decrease in sociability referred to as social isolation. "Patients suffering with this symptom do not like to go out and meet with their friends or social acquaintances. Patients may also develop mild depression or decrease in sexual function." All of which fits Chey. Oh, and untreated low growth hormone can spell early mortality in adults.

On the upside, it is possible that Chey's GH levels will increase when the iron overload is treated and all sorts of good things will follow, like more energy, more interest in life, more sociability, and so on. On the down side, we still haven't found a doctor to authorize iron overload treatment (namely phlebotomy, a.k.a. drawing blood).

We are getting closer, but still managing to fall through gaps in a set of health management practices that are clearly not adequate for dealing with this condition. Chey's iron levels are now twice what they were back in November when the original diagnosis was made. Her doctor is still reluctant to authorize phlebotomy, even though the nurse who took Chey's last blood sample said the blood was almost too thick to draw!

After much research we figured that the kind of doctor you probably want in this situation is a hemotologist. Chey has been trying to get an appointment with one for months. Last week she finally got one, for next week. Apparently people who don't have iron overload don't worry too much about the damage it is doing to those who do.

Pardon the cynicism, but I think it's understandable when you've watched the one you love decline physically for years while being told "it's all in her head." Then you've watched her suffer for months with terrible pain from a deadly condition that a dozen doctors missed, only to hear "Sorry, the doctor's are all on vacation this week, she'll have to wait."

So, we will see what next week brings. In the meantime I am researching the fraud cases that led to iron overload testing being dropped from standard blood panels in 1996, about the same time doctors realized hemocromatosis was a genetic condition. Talk about bad timing.
* See the next exciting Iron Overload episode: The Alcoholic Father Who Wasn't.

A LEAP Into the Future?

leap_logoWhat was the most-subscribed non-profit channel on YouTube last month? The answer might surprise you: LEAP, as in Law Enforcement Against Prohibition. Click the link and check it out.

And here's another surprise. On February 6, the #1 most-viewed article on the entire Huffington Post site was this article: One Cop To Another: Don't Arrest Phelps for Bong Photo. The author was not just any cop, it was Norm Stamper, Ph.D., who served as a police officer for 34 years, notably as chief of the Seattle Police Department from 1994 to 2000.

Now get this, President Obama's likely choice for drug czar, Gil Kerlikowske, was Norm's immediate successor as Seattle's chief of police. You can hear Norm's views on Gil and other subjects on the Fox News "Red Eye" show that airs at 3AM EST, Friday morning, Feb. 20. Yes, I have set my DVR to Record.

40th NAACP Image Awards on Fox TV Feb 12 at 8PM

Since Roger Moore over at the Orlando Sentinel mentioned the NAACP Image Awards being on BET, I thought I would point out they are on Fox TV, 8pm Thursday, Feb 12 (check the schedule here).

And for those who are late joining the party, Dare Not Walk Alone is up for an award: Outstanding Documentary. The competition is stiff: CNN, ESPN, HBO, and an Oscar-nominated indie film, Trouble the Waters. We are hoping that the nomination of DNWA will raise awareness of the film, whether it wins or not.

Why Satellite Internet Is Not Really Broadband

I recently posted a review of HughesNet satellite Internet service over at DSLReports. You may need to sign up to read it--which is totally worth the effort, DSLReports is a great source of info and news for bandwidth hungry net surfers--but I am also posting it here for ease of access:

Pros "Downloading is quite fast (but capped)"
Cons "Poor latency, 13Gb monthly cap, costly, flaky DNS, not true broadband"

Despite the fact that there is Verizon fiber optic at the end of my drive and Road Runner cable about 3 miles away, I cannot persuade anyone to run a broadband line to our home/office near Cooperstown in upstate New York (unless I pay $1,000 per month for a T1).

So, we pay HughesNet $80 per month even though it does not fit my definition of broadband (e.g. does not support VoIP, VPN or watching Netflix on demand movies).

Although traffic is fast enough when it gets going (from 1 to 1.5Mbs down) the latency is terrible (around 500ms, way slower than dialup) and if we exceed 435 megabytes downloaded in a day we are stuffed for 24 hours (Hughes actually slows your connection down to dialup speed--a death sentence if your boss wants you to take a quick look at his big deck of Powerpoint slides).

I should point out that the latency is not the "fault" of HughesNet but rather an unsolvable limitation when sending signals into space and back. This creates a huge overhead for things like logging into your bank account (what takes 20 seconds on true broadband takes 70 seconds on satellite). Doing online bill payment becomes a very tedious chore.

Hughes warns you not to try VoIP or VPN because of the latency, but does not make this clear in their TV ads. They also fail to give sufficient warning about the practical effect of bandwidth limits. For example, recent automatic operating system upgrades from Apple and Microsoft have both blown out our daily limit. Needless to say you have to turn off automatic OS upgrades, which potentially puts your system at risk.

HughesNet does offer a form of unlimited download, limited to between 3AM and 6AM. But we have found the speed and connection to be flaky when using this "feature." For example, you set up your download manager to get that big 600Mb file from your boss at 3AM but the connection flakes out and when you get up at 8AM you find most of the file arrived between 6 and 7 thus blowing out your allowance for the day.

There is also a problem with DNS flakiness (as reported by others in this forum). Random sites report DNS lookup errors but they are online. This was particularly weird when I found I could not get to my own web site over the HughesNet DNS servers for well over a week. If I used alternative DNS over Hughes, like running Anonymizer, I was able to see my site, as were friends on other ISP connections. I have a video of that issue here.

As a geek I am still amazed that I have a satellite uplink hanging off my porch that actually sends and receives, but that does not make up for the painful price/performance ratio and vicious bandwidth caps.

After a year on HughesNet I am devoting every spare moment to exploring my options (like getting that T1 and blasting WiMax out to all my neighbors--who have the same problems I do with satellite).

Bottom Line: "Should not be sold as broadband (no VPN, VoIP, OS upgrades, or movies)"

More for Virgins, Less for Screw-ups: The surprising cost of data breaches

In its fourth annual study on data breaches, the Ponemon Institute examined the costs of 43 companies that had been hit by a data breach. The study found, not surprisingly, that the cost per record breached had risen (actual numbers coming up).

I have always thought it ironic that one of the biggest obstacles to getting organizations to take action on issues of data privacy and security is a lack of data, namely data about what a security failure might cost. If known, that cost can then be weighed against the cost of putting security measures in place.

After all, Adam and Eve did not cover their bodies in the garden of Eden,  likewise organizations operating in crime-free utopias have no need to spend money to protect against data exposures. In the real world, however it is sad but true that a certain percentage of people are not sufficiently constrained by either personal ethics or a fear of consequences and go about steal data for personal gain.

Thus the need for security spending to avoid the costs, which are now averaging over $200 per record. So, next time you read a story about some bank or retailer exposing thousands of records, you can just multiply by $200 to figure the hit they have just taken).

This study is more good work by Larry Ponemon and the Ponemon Institute. Consistently reliable data over time is particularly useful. For example, if you read up on all the data breaches that have been happening you might have formed the impression that more of them are now coming from third parties, i.e. people who process customer data for retailers, banks, etc. And the survey shows that yes, third party data breaches were reported by more organizations in 2008 than in 2005 (21% then, 44% now). Less predictable perhaps is the finding that third party data breaches are more expensive, $231 per compromised record versus an overall average of $202.

As you might expect, breaches experienced by data loss "virgins" are more costly, $243 versus $192 for "experienced" companies, sardonically referred to as "repeat data screw-ups" by Larry Dignan in the TechRepublic blog post referenced at the beginning of this post. What surprised and saddened me is that more than 84% of all cases examined by Larry Ponemon's team were repeat data breach offenders.

Sadly, until there is an uptick in the general standards of human behavior, things are likely to carry on like this. Data entrusted to the feckless will be exposed by the lawless, innocent lives will be disrupted, money will be lost, and the cost to defend against miscreants will mount.

Blog Backlog: Computer Security Handbook 5th Edition Launches

csh5I got a nice nod last week from Norwich University in an article about Wiley's soon to be launched 2,000 page behemoth: "Computer Security Handbook, 5th Edition."

It turns out that 37 of the 80 chapters are by people with Norwich connections. That includes me (Chapters 4, 7, 15, 20) and Chey (Chapters 15, 41, 73).

Although I got interviewed for the article, to highlight cooperation between Norwich professors and students, I kind of wish they had also mentioned Chey. She wrote a lot of the curriculum material for the original Master of Science in Information Assurance at Norwich. And I think she and I are the only couple to work together on a chapter in the new opus (Chapter 15: Penetrating Computer Systems and Networks, also with Mich Kabay).

On the whole, David Corriveau did a good job with the article. Hopefully, my comments conveyed the fact that Mich Kabay should get the credit my collaboration with Corinne LeFrançois at the NSA. It was a classic electronic encounter. Pure email, we never met in person. (It is worth noting that I also met Mich online, about twenty years ago, while I was living in Scotland and he was living in Montreal. That was back in the days of CompuServe.)

Mich is the one is the thread that runs through all of this, the MSIA program and the Computer Security Handbook, both CSH4 and CSH5. And with that, we wish the best of luck to "Computer Security Handbook 5th Edition" and all who sail in her!