[Ldsoss] Scout Tracking

[Stacey]

Steven H. McCown wrote:
> Given that most websites will be hacked, the real question is what we choose
> to put there. 
Actually, I currently work for one of the largest web hosting and 
telecommunications in the world.  I can't say that  "most websites will 
be hacked".  Actually, it is very few web sites with any real 
information (such as customer's CC's) get hacked.  Most of the time I 
hear customer information being lost by careless employees walking out 
the door with it stored on their laptops (e.g. most recently hotels.com 
see http://www.theregister.co.uk/2006/06/01/ey_hotels_laptop/).   In 
fact, at the most sensitive area of the company that I work for you 
can't even take a laptop in.   If you do you have to remove your hard 
drive before you exit (and you don't get the hard drive back).  No kidding.

It may be more likely that your laptop (with your entire troop's 
information stored in something like TroopMaster) would be stolen then a 
well secured web site to be hacked, in my opinion.  And there are a lot 
easier ways to get the same information.  For example, just attend the 
next court of honor or go "dumpster diving" at the scout master's 
house.  So why would someone take the time and effort it would take to 
hack a well secured web site?

> However, YM / YW / Scouting records paint a much more personal account of
> the individual.  They have things such as likes, dislikes, achievements,
> associations, other personal information, etc.  If those things, coupled
> with name and address, fell into the wrong hands, then bad things could
> happen.  Here is a sample article about kids and 'myspace.com'
> (http://www.msnbc.msn.com/id/7668788/).  

This article is about kids hiding their actions from their parents and posting their personal information on a public web site.  This is a little off the subject but this can be mostly avoided by keeping your family's computer in a family area (and not in their bedrooms).  I personally use "Mac Minder" on our family's Mac so the kids don't use the computer when we are not around and  to keep their usage of the computer to a reasonable limit.  It is also a good way to make sure they get their chores/homework done.  Of course, you also run something like the "dsniff" tools on your home network to monitor your kids actions but that is most likely going too far, IMO.  Especially if you hide the fact that your are logging their internet travels from your family.  

As I mentioned before, I use etrailtoeagle.com to track our YM's Duty to God progress.  However, I was concerned about putting any personal information on some unknown web site that is not sponsored by the Church.  Therefore, I simply didn't put the boy's full name (just their first name or nickname) on the web site.  I guess could even take it a step further and assign each boy a number or something and not even use any part of their name at all.

In the short time I started using etrailtoeagle.com to track our YM's 
D2G progress there has been noticeable improvement on the boys getting 
the requirements done.  This is because the parents, YM leaders, and our 
Bishop get reports regularly on the YM's progress.  Shortly after the 
reports are given to the parents I will get a flood of phone calls from 
parents saying things like "Johnny taught the home evening lesson last 
week so he has passed off that requirement."  The Bishop knows where the 
boys are on each of their requirements.  In short, etrailtoeagle.com 
does a great job keeping everyone in the loop on the YM's progress.  No, 
I don't work for etrailtoeagle.com or even know the guy that runs it.  
However, if you folks are serious about building an open source project 
that tracks scouting and/or D2G then you should take a look at what is 
out there currently.

> If the church were to sponsor what would really amount to an online database
> of personally identifiable personal information of minor children, then they
> would be making themselves hugely liable if that information ever got out.
> Groups like the ACLU would have a heyday.  The VA had to announce recently
> that ~2M soldiers' information was compromised.  Imaging the PR and
> financial liability if the church had to make the same announcement.  This
> possibility has to be weighed against the benefit of an online system vs.
> keeping those records by hand or in another non-centralized manner.
>   

The "non-centralized manner" may be less secure (see my point above 
about stolen laptops.)  Of course, keeping the records by hand using 
forms is even less secure given someone may steal your (paper) 
notebook.  At least if it was on your laptop computer you could attempt 
to secure the data by strong encryption.   However, it doesn't matter 
how strong the encryption is people still use very poor passwords.  If 
you spent any time as a clerk or computer specialist at the stake level 
you will know what I mean.  Many of the passwords on Church systems are 
favorite scripture references and such.

Also, people put a lot of faith into encryption without reviewing the 
entire security of the system.  When I was going to BYU I did work on 
the side for a small company by the name of AccessData.  AcessData 
developed "password recovery" software for popular programs (e.g. 
"WordPerfect", "Word", etc.)   The WordPerfect company spent a lot of 
time and effort to increase the security in their WordPerfect 6.0 
software.   To make a long story short we found a way shortly after they 
released WP 6.0 to find the password in about five minutes on a typical 
PC (of that day) because the password hashing algorithm that they were 
using was very weak.  Ironically, I happened to be taking the CS course 
on data security that same semester and the teacher was discussing how 
he was asked to review WordPerfect's new encryption code and mentioned 
how strong it was.  The next lecture I handed him a copy of our latest 
password recovery product.   Needless to say, I got an A in that course.  :)

At least on a web based system who, and who tried to, access the data 
can be log and audited.   Ok, maybe not necessarily "who" but the last 
IP address they came from and filtering can be done.  The system could 
also be proactive.  For example,  if someone is trying a dictionary full 
of scripture references for passwords for one account and the system 
could note that in the log and lock/disable that account.  There is 
really nothing a stolen laptop can do to proactively protect the data 
like this (unless it has a "Mission Impossible" device embedded).  The 
hacker could try passwords all day using some cracking program.  Also, 
intrusion detection/prevention systems have come a long way.   In short, 
even if the Church member uses a bad password then there are still 
things can be to keep the data secure.   Of course, it would be good if 
the web site enforced the use of stronger passwords at the time of 
selection.
> I took a class at BYU that discussed things like "risk management" and
> "mitigating risk".  Most of us glossed over that course in favor of building
> 'cool stuff'.  As technologists, scientists, and engineers, we all have to
> pay more attention to the ramifications of technology than we do about the
> technology itself.  
>   

Yes, and my point is the risk can be minimized if we are smart about it.

> So, to answer your question, if the church hosted a minor child information
> tracking website, then no I would still not be comfortable with that.  I
> would opt out and my opting out would unfortunately hinder the utility of
> the overall system.
>   

Yes, allowing people to opt out should solve most of the legal issues 
and really only hinders the YM/YW that got opt'ed out.  I don't see how 
it would hinder the system.

-stacey.