Dan's Take

The Volkswagen Scandal as Cautionary Tale

Monitoring your networks can help find out what they're doing that you don't even know about.

The news is full of stories about Volkswagen programming the firmware in its automobiles so that pollution control equipment would only be engaged while the car was on the test stand. Customers who purchased these vehicles thinking that they had selected a clean, fuel efficient product had no idea that their cars were probably producing more pollutants than anyone expected. Now we're starting to read stories that point out that other manufacturers have done similar things in the past and speculate that they may have similar programming in their vehicles.

How is this relevant to IT? We're surrounded by computers and software all day. Our vehicles have become moving networks. Home appliances are managed by microprocessors running embedded software. Computers and software are touching nearly every area of our lives.

Uknowing, Uncaring
Do we really know, or care for that matter, what they're doing all the time? For the most part, most of us only care that they appear to function properly and are cost effective; then we can continue on with our lives, largely unknowing and uncaring.

Most of us have no idea if our systems are phoning home and providing the supplier, or perhaps, government agencies, with information about our whereabouts, our actions and we have no idea what else.

Back in my software engineering days, I instrumented applications so that they would log issues that were detected but didn't impact the end user or their use of those apps. My company had contracts with most customers to remotely monitor the systems and fix issues before they became problems.

Stealth Mode
I took my turn dragging a TI Silent 700 home from time to time to connect to customer systems and read through the logs. I thought it was fantastic that I was able to work with a computer in a far-off city at 30 characters a second. It was fun to call an operator the next day and ask them to perform certain actions to fix something while it was a small issue, before it caused a major problem. One of the programs we deployed as part of our library automation system occasionally had "brain freeze" and would mess up one of the balanced-tree indices used to quickly find books, patrons and manage check-in and check-out functions.

Although it was pretty easy to find the error, for a time we didn't know which of the 700 application components was causing the problem. So we checked in to look at customer systems regularly. (One member of an operations staff asked me where we purchased our crystal balls that allowed us to discover these problems.)

We seldom ask what our systems are doing when we think that they're just idling. What functions have the suppliers programmed in that we can't control, don't know are present, and might upset us if we knew?

Dan's Take: Look Who's Talking
Our datacenters have become increasingly complex, because applications have become a collection of services that execute on multiple, distributed systems. Are those apps talking about us behind our backs?

I don't mean to be alarmist, but it might be wise to have a meaningful conversation with our suppliers to find out what's really going on out on the network.

I bet that most suppliers will tell us that their systems have become so complex that knowing everything going on, millisecond by millisecond, is impossible. It would be wise, however, to become aware of whatever can be known. Suppliers of systems, network, database and applications monitoring might be good partners in this effort.

About the Author

Daniel Kusnetzky, a reformed software engineer and product manager, founded Kusnetzky Group LLC in 2006. He's literally written the book on virtualization and often comments on cloud computing, mobility and systems software. He has been a business unit manager at a hardware company and head of corporate marketing and strategy at a software company.


Subscribe on YouTube