Author: Maverisk

A call for comments, on a crazy (?) idea of mine:

If quantum physics is all about probability waves [not ‘particles’] out there, floating in n-dimensional space-time reality (digression(?): the thing we have in our head, not claiming any ‘reality’ like the founder of the idea, Kant, still had – go ahead, dismiss him without any understanding at his level, you physics guru n00b),

why can’t we use the same wave function analogy for a practical purpose like risk management?

Analogy; as you use even ‘waves’ as a metaphor for communications purposes, to get from your brain to someone else’s – how’zat for a miss on maintaining the above inner representation is All (quasi-Buddist style).
Risk management; as there too, in particular re the time dimension, chance and impact functions of certain events are curves, waves, multiplied hence strengthening or cancelling amplitudes wherever. All the event waves running criscross across each other.

And, once a risk actually comes into view (observation), the wave function, ‘risk’, has collapsed into an event.

Just like in reality.
But then, I’m unsure anything can be learnt from this.
But then, you might have a notion of usefulness of such a new approach. Throw in some wavelets here and there, and I’m even happier. You’re invited.

Plus:

[Double slits everywhere, not for experimentation but hopefully for in-out diode functions only; Caen]

You guessed it; another note on ‘cyber’security, rounding up a couple of ideas that floated by recently.

Which was triggered by this Comment. No, no, not a comment on this blog, don’t be stupid to assume that there has ever been one [rounded up].
Which made me think of actual developments in ‘cyber’ altogether [dammit, readstudy the original and see how much more profound the idea was, and how kindergarten the latter-day application to IT is]. And made me want to coin the term Cut The Crap. There’s the TL;DR for you.
And an intermission pic, since regularity is dulling you too much already [see below] and you read that as cDc which is beyond me:

[Yup, St. Lucia remote office view]
Continue reading “CTC for better ‘cyber’sec”

Just a reminder, about some news lately on ‘chains and where this might lead…

First, we had this, already based on first indications of class breaks. After which, this.
And now, serious stuff. Not only technology-wise, but impacting societal discussions and actions. Also, just out, this (ht @meneer).

Now, I’m not afraid of such intermediate [I estimate …] drops in progress or confidence. I’m not quite ready to believe some claims … but still would give some products built on ‘chains, the benefit of the doubt even under duress of the claims of zero-value-so-far as linked in the above.

Which brings me to the point of this: What value in ‘chains? [Not Alice but ‘value’; like this]
What parts of the functionality make the difference, and have no loose ends like the ‘improbable’ claim that the above had – as such claims will prove to be of dev/null value (again) every time; only mathematical-logical proof of non-existence of such loose ends will help. Which will fail, since humans are involved i.e., nothing is secure. Time is not your friend.
Nothing is fool-proof anyway because fools are so ingenious. Yes, I call you ingenious.

The call to actions stands: What elements of blockchain ‘technology’ do solve existing problems, and how can we apply these elements ‘irregardless’ of ‘chains’ drawbacks or in other ways ..?

For your viewing pleasure while typing your extensive answers:

[You don’t even need those to be insecure; Voorburg]

For today’s friday’s thoughts, a not too sobering list of thoughts, to be studied. Though I must admit I haven’t, all completely, but will. So should you!

Hanlon’s Razor: Relax, Not Everything is Out to Get You

Mental Models: The Best Way to Make Intelligent Decisions (109 Models Explained)

The Difference Between Amateurs and Professionals

How to Live on 24 Hours a Day: Arnold Bennett on Living a Meaningful Life Within the Constraints of Time

The Feynman Technique: The Best Way to Learn Anything

– and play the bongo!

Second-Order Thinking: What Smart People Use to Outperform

Ten Techniques for Quickly Building Trust With Anyone

16 Leadership Lessons from a Four Star General

How To Think

– for you, how to be Me …

The Work Required to Have an Opinion

Avoiding Stupidity is Easier than Seeking Brilliance

– I know where I am an amateur. Do you?

Richard Feynman: The Difference Between Knowing the Name of Something and Knowing Something

Arthur Schopenhauer on the Dangers of Clickbait

– could be in the Quotes category of yesteryears

Charlie Munger: 5 Simple Notions that Help Solve Problems

The Munger Two Step

– appropriately, a second one; nomen est

How to Fail at Almost Everything and Still Win Big

A Technique for Producing Ideas

– inspirational to me
and finally the eternal, ultra-modern:

All Models Are Wrong

There seems to be a proliferation of My Mehhh apps being pushed down the throats of Joe Average consumers, for just about every minute interaction you’d want (or not!) with any tiniest-fraction-of-a-service provider out there.
Like, your energy co. wants you to check last month’s usage via their proprietary app, every (sic) webshop where you ordered some stuff you’d order only once per 5-10 years, wants you to install their app for … whatever purpose, every (sic) courier that ever you didn’t do business with (you did business with some vendor that subcontracted that courier, right ..!?), wants you to install also their app for whatever reason – they send you emails with delivery progress at every step anyway! – even the city garbage collection scheduling has its own app – next to the perfectly functional site of old of course … it goes on and on and on as does this sentence yes I know I just love that and don’t care as you can see from this.

But I do care to keep my mobile Mari Kondo clean, not for her advice but living that way already since … youth. As a matter of style and discipline why, when you need a book to change your life, you have other issues than clutter (or not).
So, I do not want your apps! I just want data blips. Sometimes, being pushed to me indeed, not having to spend my full days checking all your apps for updates that I may not care about too much anyway.

Which raised the question: Why?
We already since a long time (some don’t even remember or had any time before…) have browsers … the very Internet sprouted from the effectiveness of these, as multi-purpose access points to company website – yes from the dark ages when the latter were just static, via intermittent (sic) stages where we had ‘portals’ and ‘aggregator sites’ all the way to today, company websites is where much most of the information needs to be available anyway as that info is just static [in a relative way; e.g., privacy statements and self-service pages – the personal content behind it, wasn’t/isn’t in the website but in databases behind those, that doesn’t change with ‘apps’ ..!].
When ‘apps’ are a bin of presentation layer software; I have asked around a lot and have never heard anyone, not even developers, seeing that there’s two kinds of ‘apps’: The one, that takes care of the presentation layer only, and the other, the bloated kind that seems to be popular for (security-very-)stupid reasons, where a bunch of business logic is in the app as well. Off-boarding compute capac needs to your mobile, whereas it saves a penny on the co. infra behind it and on bandwidth, even as the co. can buy such capacity at much much much lower prices than you can and saves on bandwidth by sending meagre data, respectively. Sentence length again, a couple of times yes I know.
Or is it that there are just too many app makers out there that would be out of a job when not every splinter of functionality is to be made and maintained into eternity; with excellent Sales back-up to babbleconvince just any inattentive manager that they, too need an app.

And what about general reliability like in zero-day exploit free contra bugginess of ‘if it complies, ship it’ everywhere…

“There’s an app for that” is long dead, I don’t want you ffing app for that is the new reality.

Now get on with it. And:

[Want to know where this FLlW beauty is? There’s an ‘app’ for that, called Google Search [which used to be synonymous, for a very long time]. It will give you something like “near Baltimore” and set you on a challenge; much more interesting, right?}

Sometimes, an idea crosses one´s mind that one cannot get rid of other than by writing it up – and then sit back and enjoy the world picking it up.
The latter, probability → 1 not so much.

Nevertheless, regarding the ever shifting definition of AI: where AI ≝ anything of human brainpower that’s still just out of reach of machines, like AGI just beyond ∑(ANI) the thought crossed my mind that:

AGI is the sonic boom threshold

that seems to be logically impossible to pass (like the sonic one seemed impossible, physically), but likewise will be found to be not that that much, when those doing it, will have been deaf to those that proclaimed it systemically impossible.

Just that. Which may lead to ASI quickly after, so be alert! (because the world needs more lerts!).
And also, quantum computer programming and use, may go the same way.
And also, on a human-supportive note: this.
And also:

[We’ll be left to admire the past, ~greatness; Domènech i Muntaner at … where was it, off Tarragona in Cataluña. – oh yes here and you bet your a it is as good as or better than it looks ‘on paper’…]

Apologies for the play on the pronunciation of Auditing AI for Camouflage. Auditing AI for Stealth would’ve been taken to abbreviated with two s’es, winkwink right?

And I don’t mean this sort of training. Or maybe I do:
How are adversarial examples in AI, not what previously was called camouflage ..? Hence:
Why aren’t camouflage techniques, or rather anti-~, used in training AI systems, and in auditing them for quality of operational survivability ..?

E.g., through the realisation that camouflage is really, really effective when one would want to pick off insurance claims from hapless auto-drivers, a tautology (like here, similis).

And, consider that this area of camou-vs-anti, is old hat.
Weren’t the ‘original’ F-117 stealth bombers not so much, through flipping ..? [As here; just can’t find a link to the rumour that already at operational release, Russian 50s radars kept in reserve behind the Ural, could pick off F117s with much ease.] And Mk1 eyeballs already helped a bit, too, and still. When the technology concerned was developed, wasn’t it overly focused on the particular strand of arms’ race, unaware of the huge context hence going to the (math-wise) limit of the race to nowhere while forgetting other ‘basics’?
And what were IEDs other than stealthed explosives?
Apparently, the lessons haven’t been learned. Lessons will be repeated until they are learned. In this case, at the cost of how many lives, and sorrow on relatives? And how much cost to society (through not spending the ginormous investments on bettering the fate of the underprivileged)..?
Plus, the AI field is (going to be) deployed as a new battle area, apparently.

Now, the focus is on protecting pedestrians against auto-cars, even when protective security is still a problem, possibly not categorically solvable.
Where training is focused on picking out pedestrians, to avoid (or ..? Apparently, there was a no-breaking systems overrule since avoiding fender damage from too close up back vehicles was more important). And adversarial examples are all around. Still, to poke fun (really …!?) and to learn.

But class solutions may not be. Case in point: It’s all still about the above camouflage/stealth issues, the same as ever before. When humans were enlisted to see through it, things not necessarily worked out (just an example). Though simple stuff, did work.

So, you better learn how crypsis and mimiry work.
Because, question: Why did the pedestrian cross the road? To catch insurance claims? Where else do you deploy AI systems, and may encounter such ‘pedestrians’ in analysed traffic/environments?

Maybe complex hybrid AI systems are needed, required. Like, some that do pay attention to secondary (Kohonen) classifications.
Whereas the above camouflage pics showed, humans had only been able to recognise the obvious, to survive the savannah (hey predator camouflage was also just good enough to work a little bit not more given evolutionary development costs), systems learning from scratch may need to be bigger than our brains. Against insurance claims, as that seems to be a more economical (evo, too; evo favours the economical over the ethical …), but also in other fields, against deceit on purpose or not.

Now, I haven’t given you the answer on how to audit your AI system for such (high) quality. Duh – I’m only approaching a publication (date) and it could be my daily bread. Hire me and I can tell ;-/

Oh, plus:

[Already here, it works a bit (when seen through your brows); Twente AFB again, analog pic again]

Oh and to close out, a recent find:

Yet another reminder that Real risk management may not be too different from management.
In that, as said before (here), one would need to start at the start to make progress, like changing the ones responsible, through making them responsible.

Which cannot be done other than through job descriptions. Like this one, the reminder.

So, there is something brewing here and there. Mostly there, and not mostly at that.
Why oh why can’t we seem to get this done ..? So that e.g., the 3LoD thing can be put to rest ..? That was described here already.

I’ll keep on hoping. Hope is what’s left when arguments have run out …?

And:

[Once were city castles the management of risks; Nancy]

Well, well, we we at it again. An On The Job assessment of recruiting-HR. If you wondered: It didn’t go well – for the also present possible/prospective chief [hereafter: chief] with a somewhat-urgent vacancy. The following may read as accusative to the feeble-hearted reader, but is not meant to be other than an ironic display; could fit in a Monty Python sketch…

What happen? Well, it was a throw-back to times before that became a meme. If anything of the previous two sentences doesn’t make sense, then well, there you have it.
Last time I had a similar experience, at least was five years back… (as here), not now that we’re closing in on the 20-20s. Dinos seem to have a knack of staying around.

Which also is a summary of – in my experience of 45mins.; maybe your mileage varies – the capabilities of the recruiter. [With which I mean the HR guy [hereafter: guy], not the external liaison agency.]
This actually being the guy that interviewed me six years before, with similar quality, with similar results. Not that at that time, the recruiter had any issues to communicate, only an apparent grudge for reasons [truly] unknown to me. This one then, hadn’t developed over those six years, either professionally or personally:

At the reception, I met the chief. We had both worked for some other firm (close but not together) more than a decade earlier, but still were on the same communications level immediately. When she was off for coffee, the guy asked whether I’ve been at the office before. I said I had been there times immemorial ago [see above, I had checked my emails from back then in advance about how it went, then], the guy didn’t seem to recall.

Then, of course there were questions, repeated, about why I might consider a perm contract while having been independent for over seven years. I explained, truthfully. Didn’t want to also bring up this directly and/or in flip side, as the guy might feel implicated. No (as in zero) questions beyond what any uninitiated could read from my CV qua run-off-the-mill work content, from the guy. [Chief did ask, and we had a good, somewhat productive even, back-and-forth on content and developments therein. See positive.2.a-.b below. Though I had become less sure that the co. would provide a good environment, open to current-day and future methodologies [e.g., zero from their side on algo trading] and internal organisation market standards. Relying on 3LoD isn’t what one hopes to find w/ a new employer… Also, the privacy officer part of the position (yes) was also discussed. Apparently, instead of independence v.v. operational privacy tasks, subsumption under-under-… in the ‘2nd Line’ was intended. Not quite up-to-date with jurisprudence, eh?] A couple of vague ‘STAR’ attempts followed; how’zat for outdated/never-worked interview things…

In return, I asked about the position, of course. To which the chief answered; not the guy too much. At some point, we came to working hours. Though the industry concerned has over two decades of experience with 36-hour work weeks as standard, the guy was vehemently defending (?) 40-hour contracts, with a need to be flexible around that, in the plus definitely not the minus. Not within that even, as is customary everywhere in the country. I have no indication otherwise than that the assumption with the guy was that employees working 40 hours, actually are productive for 40 hours not 10 at most as is scientifically established, or that flex keeps one at minimum levels of effectiveness through being able to pick up the tiniest bits of development qua trade and content let alone development for one’s (professional) career. Or that being able to represent the co. externally, in professional-trade circles, might enhance future recruitment efforts.
Oh and of course, required salary was asked. I gave a ballpark, based on what I know to be a perfectly normal 12-months figure ex.benefits for this level/scope of position, he apparently took it as a final full-package ask price. Uhm, how did this and this [both Dutch] come about ..?

Next to that, my secondary engagements for which I’d wish to keep some flex and hours, and which the chief recognised as important for sane and proper future functioning as a professional, would be impossible to keep up according to the guy. To the point that a three-day teaching engagement two and a half months ahead, would make it impossible to on-board before that; zero chance. The guy kept pressing on about this. Apparently, he didn’t get the memo [as here, but also as here.]
Which calls into question the guy’s motives and quality as recruiting-HR (didn’t find any content knowledge beyond a few job profile buzzwords). And was the reason I hadn’t too many questions anymore. An hour scheduled, now at 45mins. I found no reason to continue.
By the way, the guy himself was with the firm already for seven years. Twice mentioned during the interview that attrition rates are bad – no mention of cause analysis.
The co. is in the process of being taken over; their previous strategic strength has struggled too long now and new initiatives haven’t born fruit quickly enough. The above qua HR conduct, when (not if) translated generically on operational and tactical levels (by the guy being in his right place, or setting oneself as standard while hiring), aligns with that and then this sort of thing is out of the co.’s league altogether. Do the math [quod non].
Edited to add: This here thing is fully correct, especially the latter bullets…

Conclusion: One good, one bad, it was ugly.

Let’s close off with a positive note or two or three or…:

1. It was a tragicomic experience, from which at least I learned a bit again. Unsure the others involved, have learned or will.

2. Discussions with the chief did give me some insights into
a. where a company of this size and stature stands, qua development in our fields (plural since it’s/they’re many) – apparently, what I normally blog about is far off for the ‘GRC’ environment I was interviewing for;
b. the reason the company will get taken over hence made me aware of the need to next time learn more about such strategic developments beforehand and during interviews;
c. what my own levels of knowledge/experience and near-future strengths and wants are.

3. The external liaison called early the next morning. Attentive.

And now for something completely different:

An update. Since they wanted a second interview, to gauge the fit of character.
This time, with a peer – that frankly did not display an understanding of the subject matter to be riskmanaged beyond much generalities – and a staff; enthousiastic but maybe not really with the long track record and education to fathom the finer details of the subject matter or history of it, let alone latest (last-decade) developments in it.
Yet another time-boxed meeting, with all sorts of questions that corroborated the above, no need to repeat at length. These two seemed like decent people, in need of support indeed. Note-taking, didn’t happen too much on either side. No, I did not give the rundown on what steps to take in situation A in case of B, one by one. The interview was to be about fit of character, not an instruction course. Yes, I did talk about how I would handle certain management issues.

Bringing up the subject of ML in trading at an industry-related co., the peer dismissed that as “Oh yeah, that’s merely implementing trade strategies”. Rrright; not strategy but execution, and not strategy but arbitrage hunting. And not done at this firm at all; at a tone to make clear that AI is fringe to the financial industry.
That company caters to, one mus be frank not the higher tiers of private investors [as core, vast majority part of the business – they have tried to diversify but had to admit in the takeover paperwork they had not made much progress with it which given all the above may not be overly surprising and giving a reason for being a takeover target maybe?], but shouldn’t they be dabbling with it as a service to their customers …?

Next, we discussed the takeover by the foreign co. … Yes very busy reorganisation times are ahead [in all areas but not the GRC one it seemed to be implied; how did they manage to give you that idea ..??], but hey this firm is a perfect geo fit to the Other’s portfolio and by the way they are in wholesale and we are in retail so it is obvious that we will remain a separate entity all the way. Yes of course that’s why a. you are all prepped to be very busy – with what, you think? you already stated to be busy and b. the official takeover paperwork states that your platform will be out, and theirs in. [I read that paperwork, but couldn’t notice that you had, too.] Your platform that serves still the vast majority of your business – and that new one will be managed and run from HQ that is in another country. So of course your co. will not change that much ..?? ‘It has already been agreed that the local name will stay’ [as is in the takeover paperwork too]… Right again, as always happens in the history of takeovers. Always, in a full 100% Not fashion. Three years maybe, then two years of having a ‘A XYZ company’ as tagline, and then swoosh, history. Or, if the Other finds out about management and systems quality in more detail, earlier when more than the token manager is replaced…

Yet again, the impression that ones were very busy with ‘being in GRC/3LoD oh how important and core business we are’, crowding out actual business development for the good with Framework Muss Sein.

Awaited their reply. Felt awkward that if their reply would be about meeting over terms & conditions, I would turn them down just like that. The salary would most probably not be more than about 70% of what I interviewed for some time before (where they thought me somewhat overqualified, at a seriously more difficult and unstructured environment…) which would not have been a problem if, big if, the job would be interesting enough. But the latter ‘compensation’ I probed to be not.
Got feedback a week later, via the external liaison again, nothing from them directly – they were, uhm, looking for someone more operational. As if I hadn’t guessed from the questions, same as here. My (close-to-audit) opinion: this.

Sigh and bye-bye.

And:

[The guy was from this era, now in ours of AI-driven flash auto-trades…; Valencia]

Which you may interpret in the dystopian way as the expected future: Humans being slaves to robots. As long as robots have need for us. Then, we’re superfluous [duh] and environment-unfriendly, to be entertained as pets or zoo animals at best. Until that, too, runs out of fashion.

But hey, ‘robots’..? Why would we have something like physical populations of them, when we better talk of ‘systems’ – morphing into one big post-singularity System..? DARPA’s doings may be a smoke screen. Like described here, and here, and here.

Or… a strand/thread not often explored I think, think Evolution: Isn’t it that any small ‘improvements’ are made to the situation as-is, thus barring any Pareto-optimal switches and resulting in the new optimum adaptation being based on the best available of today? This could mean that if, big if, we are able to bend progress to our ways, and are not pre-emptively passed by / outmanoeuvred before we realise the seriousness of the game [?], we stand a chance. Maybe not a really good fighting one, but still.

In that case, this serious piece may be helpful. Us keeping robots as slaves. However overly short and misrepresenting that summary, I hope it entices you to study the linked.

Or get loosened-up-minded by studying this masterpiece.

For now:

[Contemplate; Notre Dame by roof colour, but what city ..?]