Top Down View

I’m currently working on a PHP-based web site that stores member details – username, address, password etc in a database. Nothing unusual here… literally millions of web sites on the internet are doing exactly the same thing.

But password storage is a dangerous area. Every month we hear about a high-profile web site being hacked into and all the user accounts made public together with their passwords. This is not good – especially as it’s fairly common for users to keep the same password across all of the sites they access.

Good web site security is about defence in depth. Yes, you set up security so that hackers hopefully can’t get access to your site’s files and databases. But you shouldn’t stop there. Any site whose password list has been published has made one other simple and easily avoidable mistake: they’ve made the mistake of storing their users’ passwords in plain text.

Storing passwords in plaintext is a dangerous mistake that’s easily avoided – there’s a much smarter way to do it and it involves something called a hashing algorithm. A hashing algorithm is a form of encryption which is ONE WAY i.e. you can convert the plaintext to the encrypted form (know as ciphertext) but you can’t convert it back again. For example, if you start with “donkey” and run it through a well-known hashing algorithm you end up with “9443b0fceb8c03b6a514a706ea69df0b”. In theory, there’s no easy way to go the other way and turn that back into “donkey”.

But how the heck does this help us with passwords? Surely we’re going to have to turn the encrypted password back to plaintext in order to check it? Nope – there’s a neater way of doing this.

When the user initially sets their password, we run the hashing algorithm on the plaintext password and generate a hashed version of it. We store that hashed version in our database. When a user attempts to login, we hash their password attempt and compare THAT to the ciphertext of the previously hashed password that we’ve stored. Because the hashing algorithm is repeatable, if the password they attempted to login with matches the password they setup originally, then the two hashed ciphertexts will match too and we’ll successfully validate their login.

There’s no excuse for not knowing about this design pattern – Unix & Linux systems have been handling user passwords in this way for the last 30 years.

When you implement a system like this, there’s one thing you CAN’T do. And that’s recover a password that a user’s forgotten. Remember that the hashing algorithm is one way. You can’t turn “9443b0fceb8c03b6a514a706ea69df0b” back into “donkey” when the user can’t remember their password. As a result of this you should, as a user, be very wary of any websites which offer to email you your password when you’ve forgotten it. If they can email your password to you then they’re not using a hashing algorithm to store it in their database and therefore their database is not secure should a hacker get access to it. As a programmer, if you use a hashing algorithm to safeguard your users’ passwords then all you can do if a user has forgotten their password is to generate a new one for them (or let them set a new one themselves). This is generally done via an email that you send them – either containing a new random password that you generated for them or (better still) a one-off link that gives them access to a special page on the website where they can set a new password.

OK then, we’re sorted are we? Everything’s secure and protected from the hackers? Unfortunately not.

DO NOT IMPLEMENT WHAT I’VE JUST DESCRIBED.

There’s a flaw and I’ll tell you in a few days what that flaw is. In the meantime, you might like to paste that ciphertext into your favorite search engine and wonder about what just happened.

I went to a very interesting talk at Agile Vancouver last night and thought I’d share my notes. I love human psychology experiments and this was packed full of them. Combine that with software development and you’ve got a winner.

The talk was given by Linda Rising and titled “Who Do You Trust?”

Trust is the most important factor in implementation of the Agile software development methodology because social dynamics & interaction are the biggest cost driver in software development – bigger than better tools and methods.

A previous talk of Linda’s has covered the Agile placebo effect… does Agile software development work because we THINK it’s going to work? We go into an Agile project expecting things to work.

She started with a disclaimer that, amongst other things, this is a “Presentation of a disturbing nature”. A nice introduction that got everybody’s attention.

In Computer Science, we never do experiments… proper scientific experiments with a hypothesis, observation etc - seeing results from a change in development methodology doesn’t prove anything.

She introduced the Robber’s Cave Experiment – conducted at a campground in Oklahoma in 1954. Two teams of 12 year old boys, same backgrounds, balanced teams. Both teams were transported to the campground separately, didn’t know the other team existed.

The experiment was conducted in three phases:

Phase I: The 1st week was spent in isolation… each team quickly “became an us”: gave their teams names, designed a flag, places became “our” swimming hole, “our” firepit etc

Study team gradually let them know the other group existed – but not yet seen. This resulted in immediate division, saying things like “I hope THEY don’t use OUR swimming hole” – even though the makeup of the other group was identical, there was nothing different between the two sets of children.

Phase II: The two groups were introduced to each other and staff organized competitions & events with a winner & loser, prize trophies and money. Deliberately designed to create friction between the teams.
The trophies were displayed in the common mess hall where both teams could see them and talk about their victories.

As phase II progressed, one team burnt the other team’s flag – then the other team retaliated and burnt their flag… eventually staff had to intervene.
Then they started raiding each other’s cabins at night. More retaliation led to rocks being stockpiled for use defending themselves against attacks. Again staff intervened and had to bring phase II to an end.

Phase III was about having fun together. They scheduled non-competitive activities eg watching movies, eating together.

(At this point Linda compared this action to corporate team building exercises – you bring together different parts of the business, different teams, and just expect them to enjoy mingling)

Phase III failed – the teams were still far apart – there were food fights and yelling. If you’ve ever been on a corporate team building exercise, this probably isn’t a surprise to you.

Linda pointed out that you might expect behaviour like this if the team divisions had been based on things like religion & politics.
But we also see it in development teams and other relatively trivial settings.
For example, during software project recaps, you hear people talking about “us”, “them”, “the others”.
eg something trivial like maybe some of the developers got a T-shirt, others didn’t. Maybe this was caused by a distributed team. The T-shirt is not the actual problem but is a symptom of thinking about the distributed team differently. – “oh, I forgot to order enough for the guys in Victoria”.

We see the “others” as the enemy. And yet we think of ourselves as unbiased & rational when it comes to decision making.

Psychologists see this as a hard-wired reaction – so it must have an evolutionary benefit. Our ancestors had to answer lot of classification questions quickly: is this food edible or not edible? Is this person a friend or a foe? The decisions are made very rapidly.

Another experiment: conducted by Jane Elliott, a 3rd grade teacher in Iowa in 1968. She was trying to give her class of white kids a feeling of what it might be like living in the US as a black person. She separated the class into blue eyed and brown eyed children and told them that it had been scientifically proven that blue eyed children were better. There’s a TV documentary you can watch about this experiment here: http://pbs.org/wgbh/pages/frontline/shows/divided/etc/view.html

The part of the outcome that’s interesting to us right now is that the kids were all as good as each other and yet the kids who were set aside “knew” that they weren’t as good as the others – they bought into the labelling.

Research says managers sort employees into winners/losers as early as 3 weeks after starting to work with them. At an Agile conference Linda asked a table of managers if this was true. They said “well yes, but we are always right”

If you get two groups of people who disagree on an issue and give them the same paper on the subject to read about it, both groups will say that it supports their point of view. We see what we want to see. The managers alter whatever facts they see about the employee to suit the decision that they’ve already made.

Everybody makes mistakes. However we forgive our own behaviour but not others. “MY intentions were good even if I missed the deadline” – people’s judgment of their own performance is “contest sensitive”, but their judgment of other people’s behaviour is absolute.

So people get stereotyped. But people are complex. When we label people we lose appreciation of their other talents. BUT interestingly we also do this to ourselves.

Eg: take a group of maths students and give them a hard test. When the test starts with a male/female tick box, men outperform women – as this is the gender stereotype. Remove the box and give the same test and both genders perform the same. Similar research playing video games has shown that both genders will give up easier if they’re playing as a female avatar.

Another example is the Solomon Asch experiment:

A group consisting of one test subject and a number of actors are asked simple questions related to line lengths on cards. The test subject is always asked last.
For the first couple of rounds, everyone agrees then the 1st actor gives a clearly wrong answer & the others agree with them.
A significant number of test subjects go along with the incorrect answer too.

Recent research shows that if you put the test subject in an MRI machine you can see that there’s no debate going on in their head – they’re not thinking “should I say this – I don’t want to look out of place”. They actually see the wrong line as correct. The actors set the filter for the line lengths & our brain believes it.

So if other people can lead us to believe that about line lengths, how about more significant things?

So what have we got now…

• We’ve shown that stereotypes change our behaviour.
• And we’ve shown that our behaviour affects other people’s behaviour.

And so we have a self-fulfilling prophecy: we judge our employee as not being very good and treat him accordingly and so that’s how he behaves. Hence the managers at the Agile conference ARE always right about their judgments.

So how do we change this – how do we use these things to our advantage.

Rule #1 of good management: catch your team members doing something right and praise them for it.

Linda mentioned she’d been to project retrospectives where they always started by repeating Norm Kerth‘s Prime Directive: “Everyone is doing the best job they can”. It seems cheesy but after a while the team members start to believe it’s true & eventually they create that in the team – everyone IS doing their best.

Back to the boys in the campground: the study team created problems that the groups must work together to solve.

They cut off the water to the campground and set the boys to search for the “leak” along the mile long pipeline. Required all the boys to work together. They discovered a clogged valve… they said “we” found it & celebrated together.

Other tasks followed that required everybody to work together to accomplish, culminating in a ‘last night of camp’ where they sat around the same camp fire and alternated singing songs for each other. Both groups insisted on going home on the same bus and the team who’d won the most prize money bought everybody milk-shakes.

Linda suggested maybe this experiment wasn’t surprising… after all the boys were all very similar. The experiment was repeated in 1963 in Beirut with a mix of Christians & Muslims. During phase II there was serious fighting and three group members threatened a member of the other group with knives that they’d stolen from the camp kitchen. The study team intervened and cancelled the experiment – there was no Phase III. To be expected?

However the groups were NOT divided by religion. The three group members who had the knives were all Christians – and the opposing group member that they threatened was also a Christian.

In this case, group membership trumped religion even though the religious divisions were hundreds of years old and the groups had only been together for a week.

So there are two responses here that are hard-wired. One is that we quickly judge people into groups as “us” and “them”. The other is that we like to work in small teams and we like to collaborate.

So to resolve conflict it’s necessary to cooperate on shared goals.

Similarly to the campground, this must combine the entire organization – it can’t just be development.

Agile practices help with this:
- face-to-face communication increase cooperation. Strongest effect of any variable
- Stand-up meetings
- pairing – produces better result than either individuals could achieve individually
- short iteration timeboxes means everybody gets frequent goals to work together on
- project retrospectives

Liking someone is not required for these activities to pay-off
Liking someone is different from “respect”

Social interdependence requires:
- common goals
- outcomes affected by actions of others
- individuals only reach goals if others reach goals

In a collaboration, nobody succeeds unless everyone does. Therefore efforts must be coordinated.
The coordination produces respect.
We all like being trusted and respected.
It follows then that Agile teams get trust and respect all day and are therefore happy

This has a positive impact and results in effort improvement in both individuals and the group.

Linda has a book out called ‘Fearless Change’ that documents design patterns for introducing change into organizations. People tell me I’m lucky at draws but last night was one of my unlucky nights… in the door prize raffle the guy immediately to my right won a copy and the guy immediately to my left won a copy and I left empty handed. Although I did leave with a head full of interesting information!

Saturday just passed was Vancouver Cloudcamp. An unconference dedicated to all things cloud related. Errr, that’s aka internet-based computing… not lying in a field saying “hey, that one looks just like a rabbit’s head”.

I’m taking advanced PHP at BCIT on Saturday mornings at the moment so couldn’t get there for the morning sessions but raced over to Discovery Parks for the afternoon. Very very glad I did – some interesting sessions, great discussion and met a lot of interesting people.

I photographed all the flip charts I could find and took notes in the sessions I attended. I’ll post the notes I took once I’ve edited them so they make a least a little bit of sense. In the meantime, here’s the flip charts:

The Torch Relay came through Delta today.

Helen’s selling soap at a cart in a mall down in White Rock so wasn’t going to be able to see the parade as it passed near home but the day’s relay actually started (at a rather hideous 6:30am) down in White Rock just opposite her mall. So we decided to both go down to White Rock and see it there together.

Of course we were lateish leaving home. Took the side-roads through White Rock to avoid any traffic snarl-ups and by the time we got to the mall the parking lots were jam-packed. After getting the car sorted out we ran over to the start… only to be faced by crowds coming BACK in our direction… we’d missed it. Helen started walking down the road after it but a) there’s crowds of people coming back at us and getting in the way and b) the torch is being taken away from us by people RUNNING. Never going to win that battle.

So back to the car. The people in the car next to us had done their homework and knew where the torch was going next so we headed off to the sea-front to try and catch up with it. Parking along the sea-front was nuts… simply nuts. The parking lots were full, the streets were full, the residential areas were full. By the time we’d managed to find a parking spot (you know what’s coming, don’t you?) we’d missed it again. Helen goes into panic mode and we start running down the street after it – but you already know the problems with this, don’t you? We gave it a good try, running along the sea-front for a good ten minutes but to no avail. Defeated, we headed back to the car (which by now was a long way away).

At this point Helen’s getting despondent and realizing that she really rather wanted to see the torch. We checked the clock… 7:20. Torch is in North Delta at 8:35, mall opens at 9:30… hmmmm… we can just about make it there and back.

So off we head back to home (why didn’t we think of this before I’m thinking). We got back to North Delta and parked near the route. We had plenty of time to get a good spot, run into some people we knew and watch as other people turned out and filled up the route. Then the police start driving up and down and the road’s closed. The excitement levels are building as the sponsor’s vehicles pass by – lots of official torch relay bottles of coke and life-size Olympic mascots and… wait… the guy in that truck looks remarkably like John Biehler. Hey – it is! And Miss604 sitting in front of him!

Quite a surprise!!

Then the torch arrived. Pretty cool! But at the end of the day it’s just a guy in funny clothes jogging with a flaming torch. Admittedly not something that you see every day but somehow it seemed a little anti-climactic (or maybe that was just after the shock of seeing John and Rebecca). We all had a good laugh and then headed off for our days and we got back to White Rock JUST in time for Helen to open up.

Some more pictures:

We had our Table Topics debate last night… and it rocked.

I was pretty depressed about it going into our meeting… I’d only had replies from two of our members and they’d both said “put me on whichever side you see fit”. They were just trying to make life easier for me but it rather short-circuited my evil plans: if they don’t tell me their personal preference then I can’t switch them to the opposite team. And I’d wanted SIX volunteers.

I got to the meeting early and had a quick word with the Chairman and asked him to call me up for 5 minutes before we got to the speakers.

So I stood in the middle of the stage and explained again what we were doing for Table Topics: “we’re having a mini-debate with two minute speeches. The topic is ‘Money is corrupting sports’ and I want 3 volunteers for each side of the debate”. I gestured theatrically with my arms and said “I’d like 3 people who believe that money IS corrupting sports to come and stand on my LEFT and 3 people who believe that money is NOT corrupting sports to come and stand on my RIGHT”. By asking them to come up to the front and stand on one side of me or the other I forced them to make a commitment to one preferred opinion or the other. I got my six speakers up front and then I gave them the twist.

The response was fantastic: some looks of horror, some looks of confusion, some “oh Jon you are EVIL” looks and some wide grins. I explained it again… “the people on my LEFT who’ve come up here because they believe that money IS corrupting sports, I want you to each talk about why money is NOT corrupting sports. The people on my RIGHT who believe that money is NOT corrupting sports, you’ll be talking about why money IS corrupting sports”. I explained that the purpose of the debate wasn’t to persuade people that your personal opinion was right but to make the speakers think and exercise their speaking skills.

I suggested that they think of possible topics during the first half of the meeting and then confer with their team members during the break to make sure that they’re not all saying the same things and to decide on their speaking order.

As I sat down, the person sitting next to me, one of the debate speakers, turned and said “Jon, that is SO evil”. I replied “I know. Awesome isn’t it?” – she grinned and nodded.

During the mid-meeting break, the room was a hive of activity. I could hear people brainstorming ideas and dividing up topics. Non-speaking members joined in – they went over to join with the groups and share their ideas.

Just to add some further spice, I asked for a secret vote before the debate and again afterwards. According to the pre-debate vote, we narrowly believed that money IS corrupting sports.

The first affirmative speaker talked about the Olympics and the vast quantities of money that flows in and out of that – a strong argument with which to lead off. The first rebuttal talked about children and their love of playing sports – a good argument that reminded us that ‘sports’ isn’t just professional sports.

The second affirmative looked at superstars like Tiger Woods and Kobe Bryant – do they still love sport or have the multi-million dollar paychecks led to their problems? The second rebuttal brought us back to the Olympics again but this time looking at the investments that the Lower Mainland has got out of the event – would we ever have got the Richmond Oval or the Canada Line without the Olympics?

The third affirmative talked about sports gambling and the billions of dollars which change hands based on the results of sports games. The debate finished with the third rebuttal speaker who talked about how money led to professional sports which in turn redefined what was possible in the field of human achievement.

Six great two minute speeches with six great opinions. I was glad I was sitting down to listen because I was just blown away by how well our members stepped up to the challenge.

After the debate the second secret vote said resoundingly that money is NOT corrupting sports. That doesn’t mean that we had winners or losers in our contest though… everybody put on a great performance. Several members said to me afterwards that it was the best Table Topics they’ve seen. I can only take some of the responsibility – the original idea wasn’t mine and it was the amazing performances from our members that really made it a winning evening. It just goes to show that when you shake things up at Toastmasters you really get the best out of your club members.

I know it’s going to be a big success but at first glance it’s confusing as to where its market is.

It’s not a replacement for a laptop:

• it has no USB ports for peripherals
• no multi-tasking (we think)
• limited opportunity to develop applications for it (developers have to work within the walled garden of the AppStore and users have to sync through iTunes)

But it’s too big to be pocketable so it’s not a replacement for a PDA like an iPod Touch.

If I wanted to actually “do” anything then I’d take a laptop along with me, if I wanted to read a book or a PDF then my gut feel is that I’d rather have an eReader (Engadget has a great comparison with the Kindle), if it’s just for casual internet access then a smartphone will do.

I think a major part of the market for the iPad is going to be iPhone users who are finding it too hard to read all the information that they’ve got access to on the screen of their phone.

Besides products, Apple are also great at making markets. Just because few people can see a need for a product today doesn’t mean that they couldn’t take advantage of it if they had one. Lots of Apple fans will buy them regardless, even if they already carry an iPhone and a MacBook around with them. And once they get the product out there in people’s hands in quantity, applications and use-cases will follow. It’s sure to be another winner.

I think most people considering the iPad will already have a smartphone and probably a laptop as well. I think we can also assume that these people carry their smartphone with them everywhere. So, if we’re assuming that technology purchases are made with the intention of simplifying our lives then will you be taking your iPad with you in situations where you previously took your laptop (which I see as a win)? Or will you now be carrying three devices (which I see as a fail)?

Continuing from that… if you’re already carrying your smartphone around with you everywhere, I see the 3G option as unnecessary for most people. Why not save the $130+$30/month (or Canadian equivalent) for iPad 3G access and tether the iPad to your phone? As far as I can see, there’s no definitive statement as to whether or not the iPad can be tethered. But you can bet that any lock-down that Apple put on it will be broken within a month or two and I’m sure tethering is one of the things that the community will enable.

Whilst thinking about phones, one of the features that interested me was the inclusion of a microphone. Whenever I see a microphone on a wireless device, my first thought is of Skype (even though I’ve barely ever used Skype myself!). The lack of a camera might be an issue for some people but, especially now that Apple have graciously allowed VoIP applications to connect over 3G, you could actually use the iPad to make phone calls. It’s probably a little on the large side to replace your mobile phone and the lack of multi-tasking means that you couldn’t talk to someone whilst you get information for them from an email or a webpage but I think it’s an interesting use-case – especially when tied to an unlimited data plan.

Oh, and we can’t talk about the iPad without talking about the horendous name. Everyone seems to have agreed that it’s dreadful.. but then is it much more dreadful than iPod sounded when we first heard it? Heck, look at all the flack that Nintendo took for the Wii and that didn’t stop it flying off the shelves. I suspect in a few months we’ll have forgotten all the feminine hygiene wisecracks and moved on. Breaking out of the i{thing} naming pattern is long overdue for Apple. But the brand recognition of i{thing} is immense… I can’t see Apple having the guts to do it and, as a result, I think it’s actually becoming an Achilles heel of the brand as much as it’s a strength.

I am Table Topics Master at my Toastmasters club this week.

It’s a role I’ve done a dozen times before and the format is always the same: the Table Topics Master poses questions and invites members to come up and talk, spontaneously, on the topic for 1-2 minutes. Stuff like “my favorite vacation” or “how would you feel if you had no internet for a day?”. It’s a lot of fun and we hear some great speeches and some not-so-great speeches but it’s always the same format.

This week I’m changing things around and we’re having a debate.

I got the idea from the Toastmasters officer training that I went to tonight. I’ve seen a mini-debate done in Table Topics before but one of the other VP Education officers at tonight’s training mentioned a twist. Something evil. And I’m stealing the idea because it makes me do a little evil happy dance inside.

The subject that I’ve chosen for the debate is “Money is corrupting sports”… a topic that I hope many of our members will feel passionate about one way or the other but also I hope that nobody will feel offended by people arguing against their point-of-view. I chose the subject from an incredible pair of lists at http://www.ada.org.nz/moots.php

So I’m looking for 3 speakers for each side of the debate – I’ve emailed out the subject in advance and asked for volunteer speakers for each side.

Usually with Table Topics you don’t tell anybody the subject in advance… that’s sort of the point. But I need to this week because I want people who are passionate about the subject to step forward. I’ve also warned them that I’d like it to be in the spirit of a normal Table Topics session – i.e. even though you’ve had the question in advance I don’t want you to do a lot of preparation for it.

Except… here’s the kicker…

At the start of the meeting I’m going to tell them all that they’re speaking for the opposite side of the debate to the one that they’ve signed up for.

It’s beautifully evil. But it’s also totally valid. The point of a debate at Toastmasters is not really to persuade people about the opinion that you hold but to make you think on your feet and exercise your speaking skills. Being forced to talk against your personally held beliefs is a perfect example.

I’m still waiting to hear back from the club members. I’ll be sure to post again after the meeting.

Here’s a little easter egg for you on the Google search page.

Don’t type anything into the search box and click “I’m Feeling Lucky”

Up pops a large number… counting down in seconds. A quick conversation with a calculator says that this is counting down to the end of the world year.

I HAVE to tell you about the coolest thing I’ve seen for a long time. I’m just bursting with excitement about this! It’s kinda scary really!

If you run a blog then people are copying stuff off your page. Guaranteed. It happens all the time. Sometimes it’s malicious (take a look at http://ecommercesolutionnews.com/ and compare it to Linda Bustos’ hard work at http://www.getelastic.com/) but most of the time it’s just for emails to friends… “Hey, I saw this…”

You can’t really prevent the former, nor can you turn it to your advantage – short of going public and creating a big expensive stink about it. But the latter is an interesting situation. Here’s someone with an interest in your work sending content to someone else… but not giving them a way of coming back to the original. They lose out and you lose out.

I was recently introduced to the most amazing product from Calgary-based startup Tynt. Tynt Insight is a simple modification to your blog which monitors your blog page and… get this… it detects when anybody copies anything from your page. The even neater thing is what it does next: it amends the copied content in the clipboard to include a tagline referring the reader back to your blog. Just when you thought that was too neat for words… it gets better still! I know, I know… I’m borderline hysterical here, but there’s a reason. The URL in the added tagline is a link back to your blog with a unique id embedded in it… when the reader clicks on it it takes them back to your blog and shows the post that was copied from with the copied text highlighted!

Try it! Try it now! Copy a paragraph from this blog post and paste it into something… an email, a text editor, it doesn’t matter. Heck, I’ll do it for you, look… I copy text from a previous post:

I paste it into an email. And look what happens:

Then when someone clicks on the link, look where they go:

Go on… tell me that isn’t cool – I dare you! Added to all of this, the blog owner gets a great dashboard on Tynt’s site with details of what’s been copied and a raft of analytics.

I met Kerri Knul at a presentation where she was demonstrating Tynt Insight and I was just blown away… I think I stood there with my mouth just opening and closing and no words coming out (disclosure: until she gave me a T-shirt). Sure, this solution’s not perfect – it only works in the more modern browsers and it’s a 2 second job to delete the tagline if you don’t want it. But for the majority of “Hey, I saw this…” cases I think it adds genuine value to the copier, the reader and to the blog owner.  If you have a WordPress.org blog then all you need to do is create an account at Tynt and add one line to your footer.php – so go try it out!

For the last couple of weeks, I’ve been watching with interest Raul‘s tweets about Preventable (‘The Community Against Preventable Injuries’ – a non-profit aimed at reducing the number of preventable injuries in BC).

I love what they’re doing… the idea that so many injuries are ‘accidents’ that just happen is rubbish and has annoyed me for a long time. “No – you crashing into the back of that car at the red light was NOT an accident. It didn’t happen ‘acidentally’. You hit him because you were driving too fast and/or not paying attention” etc etc. If people thought more about what they’re doing, thought about the risks inherent in their activity and took an extra minute or two to counter that risk then things would be much safer.

One of the things that Preventable point out is that the leading cause of death in BC for people between ages 1 and 44 is preventable injuries (notice that… I didn’t call them accidents). 1,200 people a year dead and 400,000 injured in BC alone.

Preventable’s big PR push at the moment is to get people to take care over Halloween. To be honest, Halloween is one of my least favorite times of the year. Probably a result of not having grown up here! It’s not the small children dressed up as princesses and pirates that annoy me. It’s not that I never get invited to the cool parties (this year’s an exception – more about that next week if I can rig up a costume at the last minute). It’s more the gangs of drunken teenagers roaming the streets and setting off fireworks. And yes, alcohol and explosives don’t mix… but they’re a harder audience to get to pay any attention!

Preventable’s been reaching out to the social media community recently. They have a great blog full of information on their website, they’re big on Twitter and yesterday they invited a gaggle of bloggers down to The Network Hub to communicate their message face-to-face (cos sometimes that’s just the best you know?) and hand out treats.

Yes, I went. Yes, I was bribed. Yes, this blog post is (partly) the result of their flagrant attempt to sway my judgment. An interesting evening was had in the company of some great Vancouver bloggers and social media folk. In the interest of transparency I should also point out that I profited from the evening to the tune of two plates of delicious sushi, a couple of handfuls of candy and a reflective trick-or-treat bag which has been passed on to a small child for use trick-or-treating – that’s one 6 year old who’ll be very safe out on Saturday night.