Aging computers hobble Homeland Security

(continued from previous page)

A decade has elapsed since the last bureauwide upgrade of IT equipment. Some offices have adopted the practice of performing haphazard changes when budget money is left over, Skinner said, leading to a confusing patchwork of hardware and software across the bureau.

In his most recent annual report to Congress, Prakash Khatri, the immigration bureau's ombudsman, warned the Homeland Security Department's outdated technological infrastructure meant that "customer service is compromised." Khatri acts as a representative for people who have encountered problems.

The agency acknowledges that its computer systems remain a daunting obstacle. "The state of USCIS' current systems prevents it from implementing key initiatives, and has only allowed for incremental change," Tarrazzia Martin, the chief information officer for U.S. Customs and Immigration (USCIS), wrote in an e-mail interview with CNET News.com.

Inefficiencies yield delays, frustrations
Oleg Baklenov knows firsthand how paperwork delays by the USCIS can roil a technology worker's family life.

Baklenov, a 34-year-old Russian electrical engineer who came to the U.S. 11 years ago to earn his doctoral degree, currently has a visa that permits him to work for a company in Greensboro, N.C.

National Records Center in Lee's
Summit, Missouri

Three years ago, he applied for what's commonly known as a green card, a form of immigration status that would permit him to become a permanent resident and seek citizenship. But a technical difficulty in submitting his name to the FBI for a mandatory criminal background check has delayed the process, he said.

People with worker visas have to file extra paperwork--which can take several months to process--to leave and re-enter the United States. Confident that his green-card application would be processed, Baklenov decided not to undertake the task of submitting those additional forms.

But now his ailing grandmother has been admitted to a Czech hospital, and the unexpected delay has effectively barred Baklenov from leaving the country to visit her. "The system will be more efficient if one computer system can communicate with different agencies and request all the checks that they need," said Baklenov, who is representing himself in a federal lawsuit filed in North Carolina, but is hoping for an out-of-court resolution.

William Strassberger, a USCIS spokesperson, said he's not sure what caused Baklenov's problems and said the agency was still waiting for the security check. "If he wanted to make a request for advance parole for emergency medical reasons on behalf of his grandmother, it should be possible to do," Strassberger said. "Usually, we recommend submitting an application four weeks ahead of time, but if it's a situation where it requires urgent travel, it's possible to do that."

Barriers to progress
The situation is complicated by the ripple effects of the federal law creating the Department of Homeland Security, signed by President Bush in 2002, which carved the former Immigration and Naturalization Service into three slices.

Border patrol and customs agents formed the new U.S. Customs and Border Protection unit, while the bureaucracy for processing immigration-related requests was renamed U.S. Citizenship and Immigration Services. The similarly named U.S. Immigration and Customs Enforcement division now includes former INS "detention and removal" agents, federal air marshals and the Federal Protective Service.

Michael Garcia, an assistant secretary at the Department of Homeland Security, has likened the integration process to "trying to change the engine in an airplane in mid-flight." In testimony to the Senate in March, Garcia said: "We have had to build a new agency almost from the ground up--bringing together divisions from four separate agencies into a single functioning unit, and melding the cultures and missions of various units into a unified whole."

Large, distributed government systems are too often victims of poor planning, said Peter Neumann, a principal scientist in the computer science lab at SRI International, a not-for-profit research institute.

"What is needed is a set of requirements that really makes sense in the first place and an architecture that is capable of satisfying those requirements--a very serious software engineering discipline to ensure a system is not only going to meet those requirements but be evolvable over time," said Neumann, who has served on technical advisory committees for the IRS and the Government Accountability Office.

[nearnight12]

Same Old Stuff

The budgets of the Federal, State, and local governments are
littered with the corpses of outdated legacy systems. In an age
when a properly-equipped user may conduct business from
space, the same parochial and incestuous "my brother-in-law
does computers" sydrome remains the norm in IT procurement.

We would be better served by Luddites with pencils.

[ddesy]

Not a surprise

I cannot say that I am surprised by the problems occuring with the Homeland Security systems, but there are solutions. I won't say that they are easy, because none of them would be, but they are available.

Here's a simplified idea:

I would say that the first thing that needs to happen is for everyone to agree on a platform that can evolve easily, such as a Unix or Linux based platform. These systems are not tied as tightly to processor types as ones such as Windows, so that leaves options for the future regardless of where things head. They can also scale relatively well to allow for large multi-processor systems necessary to handle the vast amounts of necessary information.

Next, and probably the most expensive part, would be hiring or contracting to come up with a method for data conversion to one common standard and the development or implementation of a scalable database system to manage the information. The database should also be portable between processor platforms.

For people that have to use the system directly, a platform independent interface would probably be best. A secure web browser based infterface, for example, could be used. These kinds of interfaces are already growing quickly in popularity.

If the US government can get the parties involved to agree with working together on something like this, the problem can be worked out.

[vchmielewski]

I agree

The government needs to be using open-source applications with a
*nix OS. Forms should be web based so they can be accessed from
any system. The fact that homeland security is still using Windows
95 does not give me much confidence. How did it get this bad?

[dland51]

Cooperation?

I agree Unix or Linux based, using Open Office would be the most logical from the standpoint of interoperability and logic. I think we all know that Microsoft is not going to let that happen with the money that could be made on this project! The NSA has a version of Linux they have been working on for security and nothing less should be used in this environment.

[WDS2]

It's not the platform...

...that needs to be standardized, it's the DATA format that needs to be standardized. For example, use some sort of XML. Then you can use whatever platform and tools you want.

It's the DATA that is important, not the platform.

[mhuffer]

Technology vs. Accounting

People have enough trouble functioning in Windows and you would prefer to throw this at them. The training expenses alone would be a killer. I'm willing to bet they've been told about this issue and some bean counter couldn't comprehend it enough to let loose the cash to fix the issue. It takes a major breakdown before accounting will loosen up the purse strings.

[evilned]

This sickens me

My wife is an immigrant and we are slowly moving through the process to get her a green card. I also work in IT and can see a number of ways to overhaul the back office so that actually works.

Recently we had a problem just getting her social security card. After 5 months of dealing with this mess my wife ended up with 2 cards and 2 valid SS numbers.

Last month we were told to send in a check for new fingerprints. Last night the check is returned with the staement that we didn't need to send in the check in the first place. (Which I already knew)

The whole system needs to be blown up and built from scratch with someone who knows what the heck he is doing and enough of a budget to get the job done right the first time. And if he screws up he can be held responsable.

Will any of this happen? What do you think?

Failures are intentional...

Having been through the immigration process, I
would have to say that the failures are
intentional. There was one point when an agent
wouldn't accept a physical from an
immigration-approved physician because he was
from another state (where we had applied years
ealier). I noticed the computer on his desk, so
I said "well, can't you just look him up in the
computer?" His reply: "we don't have
immigration-related information available on the
computer". I followed with, "how about calling
the Atlanta office and checking with them?, " to
which the response was, "We're not permitted to
make phone calls to verify information."
Ultimately, they acccepted a photocopy of a
mimeographed list of physicians we had received
several years earlier -- one without any
indication that the physicians were approved by
immigration.

Legal immigration is simply intended to be
arduous and demeaning. Other than checking you
versus certain quotas, there is no real
restriction on immigration other than that
imposed by the byzantine hoops you have to jump
through to do it. All of the 9/11 hijackers, for
example, were legal immigrants (well, one had an
expired visa).

Immigration tells you at the outset several
things: always keep a copy of every form you
provide along with the date submitted and the
name of the officer receiving the form (or
certified mail receipt) and have them on hand
because the system is paper-based and typically
they do not have the time to track down your
files; and if you call them with a question,
they will delay processing of your application
for up to 6 months in retribution.

You fill out a bunch of silly forms with
questions like "are you coming to the United
States for the express purpose of overthowing
the government?," "are you a spy?," and "what
are your hobbies?" If you marry an American,
you'll get quizzed about your sex life. They
seemed satisfied with our answers, but I wonder
if the process would have sped up had I had sex
with my wife on the inspectors desk during the
interview.

Regardless, the system is a bureaucracy that has
certain specific goals: meet per-country
immigration quotas; make the process so
difficult to follow, so slow, and require as
much paper as possible so as to select only the
most patient and dilligent applicants. However,
the majority of information you provide will go
unverified.

The intent of holding people up due to a
computer crash is to: make people believe that
the computer is used for something that
"protects" the country from aliens, and to make
the people voice their outrage so that the
department gets more funding. It's also to make
people believe that there's a screening process
in place to find "terrorists." The latter is
really the most important -- the illusion of
security, the illusion that the government is
being proactive in defending its citizens
against harm -- because without it, the
government would appear useless to a great
number of people.

I think people familiar with the DHS, TSA, and
the various security protocols agree that they
are clearly not effective. But they look like
they might be, and people are willing to endure
the inconvenience to assuage their insecurities.

[Soliton]

Perfectly put

You couldn't be more right there, Francois. And all this when this nation so direly seems to depend on immigrants for its intellectual leadership (just a look at how many nobel laureates are naturalized US citizens would be a case in point). Its utterly shameful, the way things are.

[OneWithTech]

$299 computers from Dell

The Government obviously needs new computers with no budget.
My solution. DELL. $299 get's you a new computer. And since your
the Government you could probably work a better deal. Now isn't
that better than paying HP. BestBuy, CDW, OfficeMax or anybody
else thousands for the same computer?

Just a thought that solves one of your many IT problems!

~Justin

[Macsaresafer]

Plus $Thousands for all the problems

Talk about jumping from the frying pan into the fire! How would
buying cheap (easily broken) hardware that runs Windoze, the
world's least secure (read: most costly) OS make things better?

It would only solve the IT Department's main problem: how to
maintain job security. You'd actually need to hire more of them to
cope with all the added problems.

[apruch91]

All Gov agencies are like this

The Federal government is the epitome of inefficiency. They make their job an overly complicated bureaucratic mess because they like it that way. Systems don't get updated because that means some government employee will loose his job hand typing data and processing forms. Also, what about all the gov employees who support these archaic legacy systems. They don't want to loose their job either....

The only solution is to completely reform/eliminate all gov agencies and start from scratch.

It's all about power

In goverment bureaucracies, the power of a department head is determined by the size of their budget and the number of employees. Bigger budgets mean more power (and a bigger paycheck).

If a deparment becomes more efficient and gets more work done, they need fewer employees and get smaller budgets. Then the department head loses power and the ability to earn more money.

It's simple economics. Screw up and you'll get more power and money.

[JaquesLenoir]

Do we really need the "Patriot Act"?

Fixing the current system would be more efficient!!!

[kxmmxk]

No wonder if they use windows

Couldn't be a better example of why not to use windows.
Why don't they have a huge unix cluster with replication. Then tie in with thin clients like SunRays from Sun. The whole thing could be redundant with replication and different levels of file storage. Get someone who actually can create a database. A lawyer should be in there once and then linked to from his cases, for example.

This isn't rocket science, it's something that could have been done a very long time ago, so how they ended up with such crappy systems is questionable to begin with. It's not their age, they were never good or setup correctly to begin with for the task at hand.

What probably happened was ammatures in various departments setup their own thing because there was no plan. And now you have a mess.

Having 24/7 computer access to robust databases is child's play. There is no excuse, except maybe that they tried to use windows.

[SystemsJunky]

What???

What does windows have to do with having OLD HARDWARE?

[rockdave]

Windows... not good.

Definitely would be a good move to try Unix. Or, if they're worried about cost, Linux. It's free and open-source. Seriously, what big shots use Windows anymore? Google doesn't even stoop that low. Any half-decent agency (or computer user) uses Unix or Linux.

[HiBeamR]

Idiot Meter

Something else that isn't rocket science is realizing you are an uninformed idiot.

As the other responder pointed out, this isn't about Windows or *nix or other OS platforms, nor is it about proprietary vs. open source. It IS about business processes, data standards and formats, and interoperability. Another stupid diatribe about Wintel vs. Unix/Linux/whatever is a waste of everyone's time.

For the record, I work for one DHS component and have worked for another in the past (the two largest). What you don't realize or know is that all of the available platforms and OSs are in use already - Wintel, *nix and otherwise. This is at the server level, workstation level, web-enabled front ends, etc. So your uninformed offer of "solutions" are already here and in use, but solve nothing without efficient processes. Unfortunately, many business processes in use now are from different legacy organizations, are outdated and need revision to reflect the new ways of doing business.

Another part of the equation, which you conveniently ignored (or failed to understand from the article), is the significant amount of data that is maintained and processed on mainframes. You cannot even begin to comprehend how much data is there. That complicates the interoperability required between systems. Further, privacy and data sensitivity issues (Privacy Act, Bank Secrecy Act, Trade Secrets Act, etc., are only some of the laws we must abide by and consider in EVERYTHING we do) on all that data makes interconnections and interoperability, and data sharing all the more difficult.

So, please, the next time you have nothing to do and want to offer up your opinion, at least try to make it an informed one. Otherwise, please don't waste mine and everyone else's time.

[heystoopid]

oh well

Oh well, probably, the windows 2000 network computers are suffering, from the dreaded sony bmg trojanware,supplied free for the price of a legitimate factory audio cd, causing abnormal system instability

[acpang]

Solutions? Web portals, Perl, . . .

They need some kind of centralized web portal to access all of their systems. A glue language like Perl could come in handy with it's plethora of modules to connect to backend databases, and with it's ability to process text. One example, use a single web form & let Perl populate the various databases. Nevertheless, a huge undertaking.

Glue It Together with HTTP

Too bad that they tried to perform an upgrade
of windows and broke their applications, but
that attempt was a violation of the First Law of
Technology:

If it isn't broke, then don't fix it.

These guys have everything from 386-PCs to AS/400
and VAX minicomputers to Suns and OS/MVT 370s.
There is no way that they are going to be able to
get the budget to convert to new hardware or new
software.

What they need to do is to put everything on an
HTTP interface, such that a boring web browser
running a relatively old version of IE or Firefox
can get in and do some useful work. Then, if
people feel the need to upgrade the system, they
can do so in Java or Perl. The name of the game
is "encapsulation": Continue to use the legacy
apps, just make them all look like web servers.
Then, you can replace/upgrade them one-at-a-time,
with little downtime or disruption.

Also, Stop the Proliferation of Formats

In most large states, the DMV keeps its records
on mainframes, and the terminals operate in 3780
cluster mode. More accurately, the data servers
are a cluster of microprocessors which _emulate_
a mainframe running CICS, or IMS, or King Tut's
database app, and the terminals are relatively
modern PCs running 3780 emulation software.

Why is this relevant? Because it gives some
insight into just how a big the problem of
government databases really is.

Steps towards resolving the problem have to
have a 20-year horizon. Trying to not make
things worse is a good start.

Here's my suggestion:

As part of a government-wide HTTP interface,
require that all documents are in one of the
following formats:

HTML, versions prior to 2002.
plain ASCII text.
GIF or JPG image files.
PDF, compatible with a V3.0 reader
Microsoft word, version 6.0

AND NOTHING ELSE!! Make provisions to add one
new format per decade, and have one of these
formats modernized every five years.

Idiots who use the latest-and-greatest video
file format when it isn't needed are the biggest
cause of incompatibility and obsolescence.
Government files, in particular, need to be
published in the lowest-common-denominator
file formats.

[acpang]

HTTP, glue, and formats

Alright, sounds like a plan. Get on it.