Category Archives: Security

Security

Alt Career Advice: Go Make Mistakes

Leave a comment

When I was young I occaisonally received advice from friends and family, often academics with colorful and distinguished careers, to drop out of the normal paths offered to me and instead find myself before I took a job.

One particular sunny summer afternoon at Kansas State a tall lanky Anthropology professor named Harald, with wild gray hair who had a tendency to get over-excited while speaking, looked me over and asked “now that you’ve graduated what will you do with yourself”?

I forget how I answered. I am not sure I even had a chance to speak before his bright blue eyes grew wide, he sucked in a deep breath, wagged a finger and bellowed in a thick Dutch accent “you should go west to the ocean, jump on a ship as a deck-hand headed for New Zealand or Australia, and get a job working with sheep! Just be careful and make friends because if someone dislikes you they’ll throw you overboard and…”

The first thing that flashed in my mind was the irony of being told to chase my own dreams and then being given a dream to chase. I since have learned this is a clever management trick: “Bob, you’re in charge of this project. Now listen to me as I tell you how to run it.”

What Harald really meant, it soon occurred to me, was that I should use the time of my youth to explore, to discover, to make controlled mistakes, to recover and learn from them (recover being the operative word — don’t get thrown overboard). This seemed like age-old common advice and that is what I did. I would recommend the same to everyone.

This story came to mind when I read Moxie’s latest blog post. Although I found myself nodding my head a few times, he also said a few things about risk and judgement that I tend to disagree with.

More to come later…

Security

Top Reasons to Move to Windows 8

Leave a comment

I am no big fan of Windows. In case it isn’t clear from my site name, I really don’t wish Windows upon anyone. However, every time I read an article about reasons not to upgrade to Windows 8 I wonder if that writer has considered the risk of delay.

The logic for a Windows 8 upgrade is simple:

  1. If you have run Windows 7 for a while and do not have any problems, then do not upgrade. Wait. There are many more years of support for your system. Unless you really love the new UI, what reason do you really have to upgrade? I don’t see one. In fact, here’s a small reson to not install. App store systems, modeled on mobiles and Apple profits, are #$%@#$ng annoying on a PC. Try to install Microsoft’s own Skype in Windows 8, for example. You will be directed to register a new ID with Microsoft to download the app “easily”. I hate that kind of marketing. It’s so obviously false. The app store is making software installation artificially harder on a PC than just downloading from a trusted link. With a little digging you can still navigate to install a normal Windows 7-style “desktop” version of Skype in Windows 8 without creating a new ID and a new financial relationship; but that’s a pain. So if you don’t want to be mired with an app system designed for tiny touch-screen keyboard-less devices…wait. A better compromise/interface will probably emerge.
  2. If you run a brand new copy of Windows 7 and are troubleshooting problems or would like a very in-expensive support extension, then consider the $15 switch to Windows 8. It’s a simple business decision. Your OS will be supported longer with patches and updates at a nominal cost.
  3. And then here’s the bottom line if the previous two rules don’t apply to you: if you are running anything older than Windows 7 then you should walk, no run, to buy a copy of Windows 8 (despite the fact that shortened it becomes “W8”).

Given the above decision criteria, here are three reasons why W8 is great:

  1. Research time to upgrade has been significantly cut down and the upgrade is a risk assessment in disguise. W8 runs tests during the upgrade to inform you whether existing applications will work or not. This is not just so you can buy more software, it secretly is doing a patch/vulnerability assessment. A test I ran on an old system for a client uncovered a bunch of old programs in a template (Adobe Air, Acrobat) no one could account for. We gladly wiped those away and the upgrade paid for itself in this initial assessment phase alone. Anti-virus also was removed and replaced with the native Microsoft Defender. This kind of change must be factored into capital and labor estimates. You could save a bundle in support time by getting off old/unnecessary software.
  2. Although it is tempting to see every upgrade as a heftier, slower code base it actually could be the reverse. You will put new life into old hardware if you move from Vista, for example. XP and Vista are known to slow down over time (e.g. registry bloat) so an upgrade to Windows 8 in my experience has given a huge performance boost to old systems especially for multimedia applications. Note that the hardware requirements are not far from those for Vista so this is really about killing Vista/XP. That being said there’s a hardware assessment utility also that will warn you if you do not have resources required to upgrade (e.g. 2GB RAM for 64bit).
  3. As Microsoft has publicly tried to defend itself, don’t get hung up on the start menu. Users have used other OS without start menus so analysts should stop whining about it. Of course you can put the start menu back in W8 if you really can’t live without it. I grant that a change from W7 can be disruptive, yet look around at the other OS. It took me all of five minutes to retrain users to use the pop-up bar and sliders because they own other OS that have no start menu (e.g. someone show me a start menu on Apple OSX and Ubuntu Unity). W8 brings users up to speed with the UI they own at home, or that their friends/family own. It’s actually easier to cross-train when diff OS are more similar. Except for a hardcore, dedicated start menu junky who wants to prune and manage their menu lists (if such a person exists) more experienced/advanced users already are used to and expect no start menu.

Also note that the upgrade process has a key verification step that is super annoying. If you get an error during upgrade that you have the wrong media for your key, you don’t have to download another copy of the media. Instead, just modify the ei.cfg file to point to your current media, as detailed by Microsoft, or use a SKU removal tool

Incidentally, I have to bring up again why I criticized Apple for their single-user marketing nonsense; security does not fare well when product management has a one-user-one-device mentality. Apple ads always portray a single adult user looking at an iPad screen. Kudos to Microsoft for pictures like this one that hint at a more typical multi-user environment.

This is a lot more fun than being in an iPad ad! Now stop brute-forcing my login.

And all that being said, if you aren’t married to some application that requires the Microsoft OS or if you like the idea of getting off the Windows train, then really you should take a look at Linux.

Either way, please DO NOT stay on XP or Vista – Move to Windows 8 or Linux now. Don’t delay the W8 (pun intended).

Food, History, Security

This Day in History: 1900 Carrie Nation Vandalizes Wichita Saloon

Leave a comment

Carrie Nation was married to an alcoholic and faced economic hardship. These apparently were a primary cause of her desperate attempts to ban alcohol in Kansas, although she claimed a religious pretense.

PBS provides this quote about Nation, said to be her self-description

…a bulldog running along at the feet of Jesus, barking at what he doesn’t like…

Her crusade, although based on her own struggles, also resonated with others who believed widespread use of alcohol during the Civil War (to boost morale, deaden pain or fight disease) was to blame for the “problem” of alcohol after conflict ended.

Reflecting upon those seeking temperance, and noting their arguments, [Confederate physician William Henry Taylor] wrote, “These may be formidable objections to the use of alcohol, but the military surgeon of my day would have thought that they were offset by the fact, demonstrated by innumerable instances, that it promptly rallies the deep sunk spirits of the wounded soldier, and snatches him from the jaws of imminent death.”

In reality, while General/President Grant was well-known for being the most heralded officer and leader in America and not afraid to take a drink, veterans were not necessarily more likely to drink and there were several economic and cultural factors that were behind the rise of alcohol consumption.

Heavy taxation ended after the war, which made alcohol more affordable. A huge boom of immigrants from Ireland and Germany brought a strong drinking culture with them in the mid-1800s. These two elements combined were a significant influence on the direction of American social customs by 1900. A large consumer base emerged and saloons opened and inexpensive beer was brewed to support them.

In this context Nation soon became famous for violent outbursts and her irreverence for damaging property. Few men dared challenge her strong-arm antics, which eventually helped ignite the prohibition movement.

The following newspaper clipping, found in the Kansas State Historical Society in Topeka, KS shows the headline “Carrie Nation Wages War”; from The Wichita Daily Eagle (1890-1906), December 28, 1900, Page 6, Image 6

Mrs. Carrie Nation of Medicine Lodge walked into the Carey annex and commenced the demolishing of the fixtures in that place. She was armed with two short pieces of iron. She also had some rocks.

In short, prohibition was an attempt by social conservatives to block changes in American culture, despite obvious underlying economic and cultural foundations. Today it is easy to see why prohibitionists not only failed to stop the trend towards consumption but actually refined American ingenuity to circumvent regulations.

History, Security

What Kurzweil Brings to Google

Leave a comment

A few years ago I mentioned one of my favorite movies and its vision of the future. Until the End of the World (Bis ans Ende der Welt) by Wim Wenders was released in 1991 with only limited distribution in America. I was fortunate to be introduced to the film by a Kiwi I met in Dublin in 1994 after I finished my degree and contemplated how to get hired into a tech company in the Commonwealth (e.g. DEC in Ireland, Unisys in New Zealand…).

The film’s opening scenes involve a car giving real-time traffic information and direction. The movie basically had GPS navigation, Internet search engines, voice interfaces, laptops, mobile tracking, video phones and so many other predictions that today seem like uncanny predictions. All that in 1991!

What it did not have, however, was a self-driving car often found in science-fiction (Blade Runner, Total Recall, The Jetsons).

What does this have to do with today? I read in the news that Kurzweil, a famous futurist, is joining Google. And I also have read many times that people are unsure why he would join Google, even though it seems to me he spells it out clearly on his website:

“I’ve been interested in technology, and machine learning in particular, for a long time: when I was 14, I designed software that wrote original music, and later went on to invent the first print-to-speech reading machine for the blind, among other inventions. I’ve always worked to create practical systems that will make a difference in people’s lives, which is what excites me as an inventor.

“In 1999, I said that in about a decade we would see technologies such as self-driving cars and mobile phones that could answer your questions, and people criticized these predictions as unrealistic. Fast forward a decade — Google has demonstrated self-driving cars, and people are indeed asking questions of their Android phones.

I don’t know why someone would criticize those 10yr predictions in 1999. If he had said early 1990s or earlier…but by 1999 plenty of evidence was around that voice interfaces were working and automation vehicles were within reach.

Here’s my take on what Kurzweil was talking about: When I arrived at LSE in 1993 I volunteered to partner with disabled students. Technology and computers were skills I listed on the form at the office. My assignment came quickly. I was to help a blind Philosophy PhD student named Subbu with a new OCR system. The OCR system may even have been one of Kurzweil’s; I don’t remember. Once a week I would meet in Subbu’s cold and drafty office, heated by the lamp of his Xerox scanner, to gather text files on a floppy.

The system, I was told, cost the school more than $50K yet it often made systematic errors. 5 would be read as S, an i could sometimes be a t, and so forth. Subbu needed someone to fix the text integrity so his computer could read it to him. He also needed me to add page breaks. While I understood the obvious problem of mistakes the concept of page breaks was eye-opening (pun not intended) for me.

Subbu and I started spending lunch and more time together debating differences between seeing and blind user interfaces. He emphasized to me how the concept of a page is alien to someone who has never been able to see one. He said he could feel a physical page and its edge but he said it was an odd concept. Why would an idea stop because there was no more room to write? To him the unbroken thought was essential to philosophy and the page break was an unfortunate interruption.

And so I not only wrote WordPerfect scripts to clean the text automatically (he tended to scan many books a week, pushing me to become more efficient) but I also added page break marks into his text files. While he studied the scans without page breaks he needed them in order to make references for people who lived in the seeing world — visual space defined by page numbers. Incidentally, I did the same for my own thesis. My Apple Duo 230 had native voice recognition software (System 7 on the Macintosh came with free voice extensions) and so I would type and then have it read my writing back to me as I paced around the room with my eyes closed.

About three years later a similar thing happened. While working on voice recognition software for a Hospital I took some time to meet with a local Goodwill center in Iowa. It offered computer skills training to the disabled. Their equipment was amazing to me; from a laser pointer headband (screen keyboard for people with no limbs) to the latest OCR and voice recognition for the blind, I could see things were quickly advancing.

Seeing new interfaces brought back memories of Subbu and his productivity. He could read and write quickly without having ever seen a screen or a keyboard. Being “disabled” really started to sound backwards to me. I was the one disabled by a QWERTY keyboard and being asked to sit in a box hunched over in an uncomfortable chair. While I contorted myself to use an awful interface, the blind would listen to text in any position and speak from any position. Their interaction with technology, rather than being disadvantaged, made more sense than mine!

When I finished graduate school I searched for jobs where I could expand my experience with voice inputs as well as UNIX/Apple, TCP/IP and the web. All the latter has come to pass, but even with tiny mobile devices the concepts of a keyboard and screen still haunt us.

And that is what Kurzweil brings to Google. Interface innovations. Just like a clean search page revolutionized the web, they’re shooting for another big transformation in how we access information. Kurzweil is clearly a thought-leader in this space. I learned from him that we should not think of the blind as needing special instruments. It is the other way around. Kurzweil figured out how to remove a limitation that we were taking for granted. We should not have to see to use a computer. The keyboard was a strange standard and now we must move on to better, less-restrictive, options.

Think about the most annoying thing about driving. Seems to me it’s the time wasted manipulating a steering wheel and pedals just to go from point A to B. Nevermind the “thrill,” I’m talking about being forced to drive when you could be doing something else with that time, especially in places like Los Angeles. Google is moving to provide the benefits of an affordable dedicated driver (e.g. limo, bus, train) without the drawbacks that they usually come with (e.g. shared destinations).

One last thought. Recently I watched a Google employee present their vision of the future with big data. Their interface seemed overly trusted to the point of naive vulnerability. It made me think that the Apple map debacle was not having the impact it should; it was not only a warning for big data product usability but also for risk in big data trust.

My work with OCR integrity issues may seem dated now but the principle of testing systems for failure remains sound. What are the 5 and S of new automation systems and who is on the hook to validate that data before millions or more users with natural interfaces depend on the outcomes? Kurzweil will have some interesting ideas for sure and hopefully his experience will change the course of Google. I certainly hope not to see any more ads like the following.

This Google “One Day” video is a sickly saccarin, or even utopian, view of the future that is impossible for me to get behind. It’s devoid of obvious and necessary realities of trust and safety. Wim Wenders presented us a much more human story laced with risk, which could be why today it seems so close to what has really happened. Some of his predictions were over-the-top, such as a nuclear explosion in space. If only he had mentioned self-driving cars…