When I wrote my first book in 2012, I pitched the publisher on cooking recipes for cloud security.

My vision was that one page would describe how to make an historic meal (such as Royal Navy spotted dick) and then the rest of the chapter would be cloud technical steps (such as how to setup secure remote administration).

I even presented a test chapter for the RSA Conference in China on how to grill the perfect hamburger, as a recipe for cloud encryption and key management.

Things didn’t turn out quite like I had expected, as the publisher asked to change the title to virtualization, drop the food recipes, and insert a DVD. It felt like preparing a gourmet vegan dessert and being told to stick to the meat and potatoes.

*Sigh*

Nonetheless in my mind cooking remains a powerful way to convey the relationship between technology and knowledge.

Everybody eats.

Food automation tends to be disgusting, even causing illness. Whereas technology augmentation in human cooking, using recipes for quality control and governance, will produce the best possible meal.

Perhaps the canonical example I hear all the time in AI ethics circles… if you brought a robot into your home and told it to prepare you a steak dinner, should you be surprised if later you can’t find the dog?

Hey, I didn’t say the robot was Chinese. Stop thinking so simply.

Microsoft management clearly didn’t understand such basic anthropological tenets of technology use. The big news, hopefully surprising nobody, is illness has forced them to cancel a massively funded VR program.

The personnel demoing the tech appear to be using a variant of Microsoft HoloLens. The government recently halted plans to buy more “AR combat goggles” from Microsoft, instead approving $40 million for the company to develop a new version. The reversal came after discovering that the current version caused issues like headaches, eyestrain and nausea.

Such a waste of time and money to find out what is easily predicted.

Soldiers “cited IVAS 1.0’s poor low-light performance, display quality, cumbersomeness, poor reliability, inability to distinguish friend from foe, difficulty shooting, physical impairments and limited peripheral vision as reasons for their dissatisfaction,” per the DOT&E assessment. The Army knows that IVAS 1.0 is something of a lemon [yet] still plans on fielding the 5,000 IVAS 1.0 units it’s currently procuring from Microsoft at $46,000 a pop to training units and Army Recruiting command for a total price tag of $230 million.

It’s like reading some people got sick and then discovered their taco MRE bag wasn’t really a taco, just sugar and cornmeal drenched in preservatives and artificial taco flavors.

VR from Microsoft sounds like the hardtack (dry “cracker”) of combat goggles. A real bargain at $230 million.

See-through augmentation measured on efficiency and minimal interference is a whole different story, as it avoids all the foundational problems of automation (e.g. where to get flavor, or actual useful nutrition from).

Google glass really blew it on this point. They could have developed an HUD for highly technical work like repairing machines with both hands.

Of course Google didn’t think like this because their engineers all went straight from elite schools to sitting in a gourmet cafeteria eating free lunches and talking mostly about their exotic vacations.

They’re in a virtual world, the opposite of what’s required for knowledge, let alone innovation. And that’s why their products depend on finding people who really live, who have daily struggles and needs in a real world, to tell them what to engineer.

That’s all background to the main point here that howitzers in Ukraine are proving today what everyone should have been working on for at least the last decade: cooking.

DARPA’s training demos use something more pedestrian: cooking. Dr. Bruce Draper, the program’s manager, describes it as the ideal proxy task. “[Cooking is] a good example of a complex physical task that can be done in many ways. There are lots of different objects, solids, liquids, things change state, so it’s visually quite complex. There is specialized terminology, there are specialized devices, and there’s a lot of different ways it can be accomplished. So it’s a really good practice domain.” The team views PTG as eventually finding uses in medical training, evaluating the competency of medics and other healthcare services.

First you bake a cake together as a team using augmented vision… then you destroy invading armies with it.

Using phones and tablets to communicate in encrypted chatrooms, a rapidly growing group of U.S. and allied troops and contractors is providing real-time maintenance advice — usually speaking through interpreters — to Ukrainian troops on the battlefield. In a quick response, the U.S. team member told the Ukrainian to remove the gun’s breech at the rear of the howitzer and manually prime the firing pin so the gun could fire. He did it and it worked.

Delicious.

I’m not going to claim credit for this obvious future of technology based on ancient wisdom, given there are so many children’s tales saying the same thing.

Ratatouille is probably my favorite, easily digested in movie format.

The real kicker to the howitzer example is the technical teams spell out very precisely in life and death context where augmentation works best and where it fails (hint: Blockchain is a disaster).

As the U.S. and other allies send more and increasingly complex and high-tech weapons to Ukraine, demands are spiking. And since no U.S. or other NATO nations will send troops into the country to provide hands-on assistance — due to worries about being drawn into a direct conflict with Russia — they’ve turned to virtual chatrooms.

I use virtual chatrooms so much I forgot for a minute that they’re virtual.

The Ukrainian troops are often reluctant to send the weapons back out of the country for repairs. They’d rather do it themselves, and in nearly all cases — U.S. officials estimated 99% of the time — the Ukrainians do the repair and continue on. …Ukrainians can now put the split weapon back together. “They couldn’t do titanium welding before, they can do it now,” said the U.S. soldier, adding that “something that was two days ago blown up is now back in play.”

I love this SO MUCH. Right to Repair in a nutshell. Technology dramatically enhances developing markets by sharing knowledge like how to restore that technology in the field.

It’s the awesome Dakar Malle model of efficiency and sustainability that all technology should be put through, instead of lionizing the biggest waste teams.

And now for the main point:

Sometimes video chats aren’t possible. “A lot of times if they’re on the front line, they won’t do a video because sometimes (cell service) is a little spotty,” said a U.S. maintainer. “They’ll take pictures and send it to us through the chats and we sit there and diagnose it.”

Visual diagnosis in real time to bake a highly complicated cake. Including translation for chefs representing 17 nations in a small kitchen.

As they look to the future, they are planning to get some commercial, off-the-shelf translation goggles. That way, when they talk to each other they can skip the interpreters and just see the translation as they speak, making conversations easier and faster.

And I warned you about bockchain.

The expanse of weapons and equipment they’re handling and questions they’re fielding were even too complicated for a digital spreadsheet — forcing the team to go low-tech. One wall in their maintenance office is lined with an array of old-fashioned, color-coded Post-it notes, to help them track the weapons and maintenance needs.

Hope that’s clear. Writing a big blog post about how to share knowledge in the future is hard. Not as hard as a book, obviously, but I definitely could use some augmentation right now

More than anything it’s clear to me without government funded research teams, many tech companies would be utterly and completely lost in expensive dead end navel gazing.

DARPA is asking for developing recipes that really were needed a decade ago, based on assessment of hunger they see right now. While it’s fashionable to call this future thinking to avoid blame, in reality it’s being less ignorant about the present troubles.

Let the Russians desperate for a Chinese MRE eat cake instead, a delicious one right out of the howitzer.

Or I believe Molotov in WWII would have called them “bread baskets“.

There’s a neat food preparation detail in article called “How to recover after a workout: Natural methods are as beneficial as supplements”

“The correct thing to do after training is to eat carbohydrates, to replenish glycogen reserves, along with protein, to repair the muscles,” says Ferrandis. “This should be in a 2:1 ratio: that is, for every two grams of carbohydrates, we should add one gram of protein.”

Do you know what has a 2:1 carb to protein ratio? Two slices of bread and a slather of good ol’ Jimmy Carter natural peanut butter.

The article goes on to call out “everyday foodstuffs”…

…rice with chicken or tuna, a plate of vegetables (or hummus), or a ham sandwich.

Ham? Really? Yuck.

That’s just 1930s disinformation talk from Edward Bernays.

He started out working in a WWI propaganda office of Woodrow “KKK” Wilson, shifted to taking in big money to “market” cigarettes as “freedom torches” and ham as “healthy”, but ended up regretting Nazi Germany studied his methods to commit genocide. (Bernays, Edward L.. Biography of an Idea: The Founding Principles of Public Relations. United States: Open Road Media, 2015.)

Goebbels, said Wiegand, was using my book Crystallizing Public Opinion as a basis for his destructive campaign against the Jews of Germany. This shocked me, but I knew any human activity can be used for social purposes or misused for antisocial ones. Obviously the attack on the Jews of Germany was no emotional outburst of the Nazis, but a deliberate, planned campaign.

No thanks, Ed. No ham.

Back to the point, scientists also say that the protein isn’t required around the same time as the carbs.

While replacing carbohydrates as soon as possible is advisable…[protein has a bigger window]. “Recent studies seem to indicate that protein can be taken several hours after or even before training. However, it is particularly beneficial to do so within the two hours before or after exercise to stimulate muscle recovery as soon as possible,” says nutritionist and dietician Ramón de Cangas.

Eat two slices of bread right after exercise but protein before or after?

That doesn’t point to a sandwich.

Still, two slices of carb and one protein in between seems the easiest way to hit the right ratio within an optimal recovery window.

Speaking of counteracting marketing with science, the article points to a fascinating education website “sinAzucar”, which paints very simple illustrations of sugar to show how awful products are about hiding the stuff.

And on that note, I’m reminded of Lakoff’s delicious “truth sandwich” recipe for your brain after a misinformation workout.

Stay healthy out there.

New studies are confirming that ultra-processed foods are harmful, which was expected, but in ways that may have no better solution than better transparency leading to bans.

…researchers have theorized that ultra-processed foods increase inflammation because they are recognized by the body as foreign – much like an invading bacteria. So the body mounts an inflammatory response, which has been dubbed ‘fast food fever’. This increases inflammation throughout the body as a result.

How do they classify a food as ultra-processed?

These foods are also not labelled as such on food packaging. The best way to identify them is by looking at their ingredients. Typically, things such as emulsifiers, thickeners, protein isolates and other industrial-sounding products are a sign it’s an ultra-processed food. But making meals from scratch using natural foods is the best way to avoid the harms of ultra-processed foods.

Processed means not raw or made from raw ingredients — many stages of complicated processing such as the industrial polysaccharide polymer “guar gum” often found in inexpensive dairy products to transform their viscosity (prevent proper crystallization and melt).

While it’s true labels on food packaging don’t say processed, when you see ingredients on food more than six things long… you’re typically getting into processing.

Ice-cream for example should be a short list such as this Strauss label:

That company is yelling at you for a reason. Their label is in fact revealing a huge difference from a list of ultra-processed ingredients like this:

Basically if you see guar gum in ice cream it’s a symptom for you to run, don’t walk, away from its ultra-processed “viscosity” not to mention all its other questionable additives.

That might sound like a new idea but it reminds me of a 1516 “purity law” from the Bavarian city of Ingolstadt, which said beer can only contain barley, hops and water (yeast was later added).

Initially this allow list was only within the Duchy of Bavaria and it gradually expanded across German states becoming a modern German law in 1906. Talk about precedent…

The U.S. is very confidently accusing Iran of attacking Albania, based on yesterday’s report by Microsoft about Microsoft’s usual software vulnerabilities and mis-configurations.

Microsoft assessed with high confidence that on July 15, 2022, actors sponsored by the Iranian government conducted a destructive cyberattack against the Albanian government, disrupting government websites and public services. At the same time, and in addition to the destructive cyberattack, MSTIC assesses that a separate Iranian state-sponsored actor leaked sensitive information that had been exfiltrated months earlier. Various websites and social media outlets were used to leak this information. […] A group that we assess is affiliated with the Iranian government, DEV-0861, likely gained access to the network of an Albanian government victim in May 2021 by exploiting the CVE-2019-0604 vulnerability on an unpatched SharePoint Server, administrata.al (Collab-Web2.*.*), and fortified access by July 2021 using a misconfigured service account that was a member of the local administrative group. Analysis of Exchange logs suggests that DEV-0861 later exfiltrated mail from the victim’s network between October 2021 and January 2022.

The report unfortunately is not titled “What are you even doing running Sharepoint in 2021” and instead uses this far more provocative line:

Microsoft investigates Iranian attacks against the Albanian government

Just a decade ago many experts in the security industry warned against investigations being so overtly bold or confident with their attribution statements. The fear was rooted in dubious logic that someone could make a mistake and therefore shouldn’t even try.

I mean if that was sound logic Sharepoint would have never been released to the public. Ok, maybe there’s some truth to that logic.

But seriously, anyone in any history 101 class knows you can’t let perfect be the enemy of good when writing reports about what happened in the past. Of course you can get attribution wrong, which is in fact why you should try hard and make sure you do it well.

It feels like a very long ago time ago (but really only 2014) that I gave a counter-argument to fears about uncertainty, in a presentation to incident response teams in Vienna, Austria basically saying it’s time for attribution.

Looking back at my slides, honestly I think I tried too hard to make data integrity funny. Attribution is less complicated by some unique thing about computers than it is by things about people like this: Americans are more likely to want to intervene in places they can’t find on a map (click to enlarge and have a sad laugh).

Here’s another one, where I poked fun at FireEye for making very crude and rube attribution mistakes and surviving (they’re still in business, right?).

Now look how far the world has come!

Microsoft shakes heavy doses of political science into its computer forensics reports like it’s powdered sugar on a Turkish delight.

• The attackers were observed operating out of Iran
• The attackers responsible for the intrusion and exfiltration of data used tools previously used by other known Iranian attackers
• The attackers responsible for the intrusion and exfiltration of data targeted other sectors and countries that are consistent with Iranian interests
• The wiper code was previously used by a known Iranian actor
• The ransomware was signed by the same digital certificate used to sign other tools used by Iranian actors

[…] A group that we assess is affiliated with the Iranian government, DEV-0861…
[…] The geographic profile of these victims—Israel, Jordan, Kuwait, Saudi Arabia, Turkey, and the UAE—aligns with Iranian interests and have historically been targeted by Iranian state actors, particularly MOIS-linked actors.
[…] The cyberattack on the Albanian government used a common tactic of Iranian state sponsored actors…
[…] The wiper and ransomware both had forensic links to Iranian state and Iran-affiliated groups. The wiper that DEV-0842 deployed in this attack used the same license key and EldoS RawDisk driver as ZeroCleare, a wiper that Iranian state actors used in an attack on a Middle East energy company in mid-2019.
[…] Multiple other binaries with this same digital certificate were previously seen on files with links to Iran, including a known DEV-0861 victim in Saudi Arabia in June 2021
[…] The messaging, timing, and target selection of the cyberattacks bolstered our confidence that the attackers were acting on behalf of the Iranian government. The messaging and target selection indicate Tehran likely used the attacks as retaliation for cyberattacks Iran perceives were carried out by Israel and the Mujahedin-e Khalq (MEK), an Iranian dissident group largely based in Albania that seeks to overthrow the Islamic Republic of Iran.
[…] The messaging linked to the attack closely mirrored the messaging used in cyberattacks against Iran, a common tactic of Iranian foreign policy suggesting an intent to signal the attack as a form of retaliation. The level of detail mirrored in the messaging also reduces the likelihood that the attack was a false flag operation by a country other than Iran.

Done and dusted. Need I continue?

It is nice to see such definitive and detailed work about attribution as if it’s a normal investigation with regular analysis methods… but it’s even nicer to read Albania has announced they’re cutting ties with Iran. And then… to see the U.S. follow-up with announcements about sanctions, it’s like why didn’t Microsoft start doing this way back in 1986 instead of for decades completely ignoring security as a get-rich scheme?