Author: Maverisk

Some time ago (2017), I posted various thingies about how deep fakes would undo any claim of ‘truth’ [if there ever was such a thing] about court-admissible evidence. And how not much is left, on the defence side.
Now, it seems the same is used in more direct ways as well, on the offence. Like, deep fakes in identity theft.

Which is funny, in a way. ‘Stealing’ someone’s most precious thing, her identity ‘as a human soul’, through deep faking. The deeper parts of the identity, the deeper the fake; philosophically interesting.

And practically … Some, like banks, still want to see a wet signature for access to some bank accounts. Even when just a jpg dropped onto a pdf … Yes that’s still where we are today. The offence, racing in F1 cars, the defence; dapperly paddling with training side wheels.

Never mind. It’s just me. Right?

Also, on a related note; this came in; apparently you are involved in this’all… [?]

[It’s just an illusion …; DC]

OK … now that this has arrived, enhancing this, i.e., even non-GPS’ing drones may be downed by EM(‘P’) blast,

Can one expect that such technology is not used against GPS/GSM/4/5G coordination of protests against those in power, around the world ..?

No. One can’t, and shouldn’t because will as of future-and already-fact, be proven wrong. Anything that is invented, will be used against some humans, irrespective of History’s later opinion of either side(s) that so often is much different, often opposite, of today’s common [4^th Estate] opinions.

[Edited to add: When I drafted the above, Oct 7, the Beeb wasn’t yet on it but now is; corroboration it’s called I believe.]

We learn from history … that all hope is lost.
Cheers! with:

[Some stuff is still good after ages, but will eventually also not be good anymore …; at … was it Manitowoc? Waukesha ..? 1999]

Triggered by some recent comment that this sage peer brought to the table [(not?) like this]:

Why doesn’t Johnny encrypt, still ..??

Since it’s such a hugely powerful tool in securing your organisations’ data, implementing along much privacy protection. When done right, ‘cryption covers a major part of asset protection [in the Confidentiality sense; Availability’s actually higher-risked through it ..!], next to near-in-vulnerabilisation [‘inoculation’ ..?] of your IAM, both based on actually proper data classification [the business ‘process’ executed by knowledgeable 1^st-liners or otherwise practically useless ..!] and supported with of course rock-solid endpoint hardening and protection, and the same for (intermediairy / other) stationary processing facilities.

So that indeed, any data leakage, be it of Seecrut business IP or PII, can be treated as a futile case.

Yeah, the Law of Conservation of Trouble …

• To have the right, correct, 100.00% bug-free implementations is Hard [See: Snake Oil, almost exclusively in the market];
• To do it right, is Hard;
• The same, for key management;
• The same, in prep for / in the bow wake of, new crypt-algo’s re quantum computing;
• The same, for non-re-identification protection like here;
• It’s no use if all the processes around it [like the above classification, IAM; there’s others] aren’t up to it;
• Availability may suffer if any of these isn’t done correctly – you may end up having zero data;
• The same, qua back-up and recovery (-facilities ..!) – who knows their passwords of ten years ago ..? [may be required! Think retention rates, and last viable image of a stable environment];
• In-cloud storage plus processing, (STaaS linked to SaaS, fully outside your proprietary networks) as some parties are already offering, calls for very close scrutiny of the set-up at multiple [OSI 2-8/9, I’d say] levels;
• &c., &c., &tc.

Nevertheless, ‘cryption helps so much, we should all support it ..! Also this sort of bigger Change projects [programs ..?] deserve a good business case. Not budget crumbles, but surely still worth it.

As is this:

[Yeahhh… I have one! – the rare Peterborough Curling Club member’s pin … uncrackable signalling.]

That rotten inside, … insiders are not your real problem.

Either in your organisation where all need to be chained to their drone tasks and are all potential criminals [if so, probably because you treat them as such; the moral rot a.k.a. lack of trust originated with you excepting the very very few exceptions!],
Or in your head, where this mirage of immoral[1] insiders is a mere reflection of your own mind.

Not saying that security behaviour [which trumps awareness, which is fleeting and lost when trying to achieve anything of productive, salary-earning work] is unimportant. But saying that humans as the ‘weakest’ link are a signal that all lines of defence [the real ones, standing between threat and vulnerability; demonstrating here that some ‘controls’ create more or worse vulnerabilities than they protect; the real ones not the fakenews-on-purpose ‘3LoD’ sh.t (euphemism)] before the last one, were crappy. Since not have solved the issues before arriving at the ‘weakest’ link to solve all previous control shortcomings and then some. We had that already ages ago [as here, of a year ago based on decades of seeing such falsety spread by pseudapostles], and it returns … here.
And still it will turns up time and time again; we learn from history social media that no-one learns. Ever more generations join the workforce and flat-out refuse to learn [from praxis and experience (of others)] before they practice. Until you see that actually, humans only are in a position to fail when all other lines of D already have. When a full Champions League winners’ squad is running towards your keeper [your, particular re this, underpaid hence disenfranchised, demotivated workforce] past all defenders, what are your chances ..?

STOP IT!

Get back to solving other people’s problems you are tasked and paid for to solve, not bashing them for your inability to solve them and still want the money.

Oh well, this post probably will re-appear next year. As two things are of fact infinite; the one not being in doubt, when one applies the rigorous definition of ‘infinite’ by Kant [i.e., the ‘keep on trucking indefinitely‘, uncountable, instead of the construct of infinity which leads to some supreme übertranscendental entity as a mind’s construct ONLY]. The other ‘infinite’ thing what we deal with here…

And:

[Ah, those infinite Truths! Like the Mithras’ fight of ration against irrational Force, of nature; as if the latter would ever succumb and not remain part of the world, yin-yang-style, as the First Nations of North America have the Trickster as the very essential half of creation as it still is today, the other half being dull; this, for the latter days’ Mithras ceremonies at Sevilla]

[1] Remember the textbook on this ..? ‘Their’ morality may be much more integer, geared towards all that surround them and they have to live in between [geo-independent though most often, geo-bound their intermittent immediate surroundings]. Where you are the exception and form the outlier, the Other, to be destroyed… Or possibly in due time have re-thought your own purpose [not like Start With The Why, that has been debunked utterly completely], so you can see your errors of thought qua theory of firm [writ small for a reason] and the role of managers as mere facilitators [this, in Dutch] and administrators, not to bother the actual production beyond the minimal.

Quoting before-last week’s post, alreay an update’let: ]
[Sigh] couldn’t resist the introvert-dad’s joke in title.
On the verge of the last Q of ’19 so you have a little spare time to prep; this, about the really really Big Things that will capture the news next year:

1. Genetic algorithms (like here), maybe outright towards solving hard problems that ML-training offers no convergence on or, most probably, as an add-on stacked on top of Last Year’s ML results. As mentioned here, but also here and here (with links). Also, when you’re hooked on Python anyway: this;
2. Some practical solutions à la plastic-eating bacteria going onto large-scale deployment, or CO₂-capture into building material or into C/O₂ reduction via solar thus producing the much-wanted pure C and pure O₂ – some early trials are operational already but Scale will come next year;
3. Hydrogen cars. Apart from safety issues [but similar safety was solved, adequately not 100,00%… for fossil fuel cars so what’s the big deal — and edited to add: it seems that elecs are catching fire much more often than fossils, and are harder to put out; yet more reason to not jump to elecs], the infrastructure’s mostly there. Just add an underground tank plus pump, right ..? No need to build extensive parallel loading stations that comparative-wise still take ages to fill up. Also, where’s the Formula-H class Grand Prix’ ..? Possibly, we’ll have these in abundance, but in the long term they still may be overtaken [huh. boring….] by Cells. And the Scots are onto something [apart from their wisdom in wanting to Remain; as a separate country, could they ..?]. Hopefully, ‘Shipping’ will be an innovation testbed already next year, qua hydro development, in their hydro environment ;-/ with secondary options (solar) and with sufficient room for installations on-board and qua land-based refuelling points;
4. Breakthroughs in medicine, being able to cater much better ever quicker to gender/age-specific requirements;
5. Quantum computing: Before 1/1/~ already some early traces of an upswing in hypefaction: here, with the appropriate (sic) debunkalicious tone. I.e., I don’t believe this will be really big within anything like five years, but a hype may be predicted earlier;
6. … AI …? Only where BPR-driven. Yes, that’s right; despite the frequent re-name almost every year for the past <somanyyears>, latest was (sic) RPA, it’s still basic BPR in its original meaning not the totallyoverbureaucratised ‘method’. Gartner’s (others) are just a set of Mehhh’s compared to the above.

You’ll see I’m right.
Since #6 I don’t list, being my discovery of how to do time travel. Come to think about that: I discovered that in 2029 …but after and before that, who cares for the discovery date ..?

Now then, I’ll await the veracity of the above, with:

[Ah, what a museum! Drake’s first drill near Allegheny, or near Cleveland which sounds similar to Indianoplace]

In the seemingly permanent struggle of … all gutmenschen … against AI biases, finally some progress.

I mean, ‘finally’ is not qua timing; this’all was known, and PoC-used here and there. But finally-in-its-here-intended-sense, we see an actually well-written [i.e., understandable for the lay(wo)man [Straight/LBGTQI+ rainbow], even when quite a bit of calc stamina is required] piece on how and what one can do. ‘tSeems, ex-post. The ex-ante data wrangling [with all its mentioned ethical flaws], for debiasing, doesn’t need or should be in the pic anymore, or do I miss something [hey this piece should have a call to action so there you have it] ..?
Also not in there: Training rules, like what one aims for [e.g., this and this]; and ethics (sic; since this and this).

Which is quite a lot. But still, the Bay’essai is a good one to include in anyone’s Compulsory Reading, both for the debiasing methodology [core work, only valid IF one doesn’t forget the aforementioned ethical deliberations of blinkered zealotics or not], as for the Bayes’ stuff in the first place, that could help in the Bandwidth that I mentioned so overly many times [last bullet of this, and to add this]…
Also, the B-A-B piece can be used against current-day algo’s, can’t it ..? Since that could help with the data lakes out there that are used for training your ML PoCs — though overuse may undo the business case, of your today’s business and of the PoC thing.

Anyway; read, study and learn. Plus:

[Time to start thinking of The Season, again, in the age of meto; Longhorn Whistler]

Yes we’re baaaack! On the ridiculousness of wanting to ‘actively’ do away with passwords. As per:

Passwords should be killed, according to Koen of @ncsc_nl at @OneConferenceNL #nlcyber pic.twitter.com/UKrCGSRLrX

— Jeroen van der Ham (@1sand0s) October 1, 2019

which of course is big-time nonsense.

For one: this.

For two: At some point in time, it turned out cars were unsafe. In a time before seatbelts, a great many were either thrown through a front window, or impaled on the steering column [‘what a way to die’ depends on the stylishness of the vehicle driven]. The societal solution was not to do away with cars, when the alternatives were there before and during the very existence of cars, but to implement safety widgets that made having an accident less all-or-nothing. Where the infra was culpable, it was adapted – and used for additional user protection, e.g., through guiding rails.

For thirds, we switch adjective inflection [dunno if that is the correct expression but it sounds impressive, similar to ‘We Must Do Away With Passwords!’], and consider whether users’ abuse of passwords is the main problem or it is the massive data leaks, having little to do with the user mass messing massively but mainly with the infrastructure [which includes the sysadmins that have been reduced to turning a few screws along the conveyor belt] ..?
The first, not. Users have broken rules, yes, as they didn’t work for them but against them – as far as they could notice; by making it ever harder to just do their job [contributing to the company that gets a margin out of the work that is bigger than the salary otherwise the employees wouldn’t be there].
The second then ..? Ah, yes, mostly. So, the infra is too little controlled and to get a better grip you want to do away with a tiny element in that, the very one that works almost always, like asymptotically-to-infinite counts every day ..?

OK. The world is a much better place much quicker by doing away with cars, then, because the death rate [let alone the injured/ ‘handicapped for life’ rate] is much higher from that, so all cars-and-drivers are categorically to blame.
OR you admit that categorical statements mostly are wrong. And try to fix what is broken, but not what isn’t. And first, get the alternatives spread around sufficiently so no anti-tippingpoint/networkeffect dynamics undo your idea. And see why passwords are abused by everyday authorised users, and fix the problems there; ‘provisioning’ remember ..? And … and …

OK?
Plus:

[People may drown here, so do away with the sea! Villers-sur-Mer]

Let’s not forget today is the feast day of Æthelburh of Barking. Just so you know.

Also, that is a reminder that times come and go without much notice. Especially regarding longer-term but impactful developments… Like this one. The start-up economy finally beginning to wither.
When you considered that ‘finally’ to point at something happy, you may, or may not, be right. OTOH which sounds like ‘auto’, the impact on company size [times number] may vary, as here, with indeterminate results for the economy.

… Wait a sec; this the economy et al. being about the US one. Well, yeah, as they take such an inordinate chunk of publicity/press space. Ramifications are felt elsewhere, too, both regionally and qua global [multiplier] impact of one region on the other. …

Now, alarm bells aren’t ringing yet, but when we consider a. hypes have less short-term impact than we think but more long-term impact than we think; b. such an apparently singular phenomenon has far-reaching impacts in our übercomplex world — have you thought about what the above would mean for e.g., employee empowerment, politics [most partially as will of the people] versus big business, quantitative easing everywhere having flooded/swamped/drowned the world in virtual-not-virtuous money that may have no concrete basis, etc. ..?

So yes it’s of import to think it all through…
Plus:

[Another, but probably at global scale only medium-sized at most, disturbance will be their sinking into the sea per three weeks from now… Burling Gap at Seaford]

On the one hand, we still have in our hearts [not so much minds, but that’s part of the point] that humans’ capability

[on average; not a very old invention! I believe it was in David Epstein’s Range mentioned that some ‘primitive’ – hey let’s get rid of the pejorative of that but keep the (actual true) meaning – peoples, populations of Very remote mountain villages, had a limited subset of this]

of Understanding of abstraction, by means of symbol(ic) classification and manipulation operational sense, not the abusive kind].

On the other, we’re still trying to figure out how neural networks can be induced to find, by themselves, the level of symbol(ic) manipulation that we attribute to the average human. Even when excluding half of the global populace from ‘normal’ intelligence (the gaussian proxy of proxies has 50% below average by definition, and we choose the average as ‘intelligent’ for whatever reason), this of course begs the question how humans get to learn about abstractions, symbols and their manipulation [sadly, the latter of symbols, not being learnt too much about the humans being manipulated and despite a brief mirage (i.e., ‘fata morgana’) of ‘democracy’ in the 20^th century, this being the standard throughout the ages].
Case in point; this arrived within minutes of drafting and scheduling this post … no it’s not about deep understanding of the data, that’s too low(ly) a level of understanding …

And, why is it ‘forbidden’ somehow, to train neural networks with Tensorflow and what have we, by outright instruction ..?
Yes, episodal learning is on the rise. But why not outright ‘hypothesis inclusion’ by setting weights to non-random values? Why not train ‘nets along with all the other [again: (last bullet of) this) methods, w/ an evolutionary sauce on top ..? Why would we want neural networks to somewhat-predictably (sic) generate the emergent property of intelligence while at the same time stop training once a suitable coughing up of about-right answers is drilled?
Possibly, the answer is: Because only then can the vast masses of office drones/workers cling onto the illusion that they’re doing work that has a veneer of intelligence…

This of course, from a re-read of Kant [A648/B676 #1-24], where the difference use/function of Vernunft and Verstand are explained once again, here in quite summary fashion [once you truly grasp their definitions and functioning from the previous 600 pages…] — oh how insightful Kant is on many things; e.g., the induction fallacy versus deduction’s function [A647 #17-28], and e.g., the answer to Russell’s so much later question of “The whole problem with the world is that fools and fanatics are always so certain of themselves, and wiser people so full of doubts.”: those without knowledge don’t get a grasp of what they’re missing; they just don’t have any idea about what knowledge/wisdom’s sheer existence. [A575/B603 #19-30]

But still, back to the original [as I may or may not be at this, appropriately…] of why one would go to such enormous lengths of human work to get the tiny proof of concept’let of a half-decent neural net — the first 80% of the vast workload going into getting the data, the next 80% going into wrangling the data [just google for it; articles abound how this is a roadblock, too], then a further 80% being needed to get some code operational, and then finding that not much interesting was found that quite straightforward human analysis could have either approved of or dismissed easily on sight or through verification/falsification with margins.

Let’s get back to capturing that ability in expert systems … Treat ML as just any tool, and as just any building block of an algorithm, just as it is in the brain… Or is it ..?
[At writing, not so sure ..! possibly, the beauty of ‘Intelligence’ [truly defined], as an emergent property..? isn’t implemented other than in neurons – then what?]
[Also: Who cares? When we can build systems far faster and easier that perform much better much quicker than either neural nets or human experts, e.g., through expert systems, wouldn’t we jst use those and not care how the engine was developed ..? I’d say hybrid systems perform best, as always; also keeping hidden pattern detecting ML but also humans in a parallel loop.]
[Also also: This; there’s some bottom-up progress as well. Some.]

And then, when there’s systems out there that one can possibly truly call ‘intelligent’, first let them spontaneously recognise the supremacy of this real piece of genius. Not even ten minutes, but worth it …!

Anyways:

[Yes the entrance in front can fold closed, flat…; Valencia of course]

On how 3LoD as a going-concern silo’isation of ‘governance’ stuff that says to deal with Risk [which it doesn’t, in any useful way], is inherently i.e. by its very semantic internal structure, a placebo at rare, seldom, near-unique very best and more often a nocebo [yes, the opposite: something that doesn’t work but its expected (sic²) side effects will help you down the drain] but in most cases just palliative care. I.e., helping alleviate the pain of dying.

Earlier, there was this tweet (oh, on the blog post by the Giant) about how ‘audit’ may be a placebo and no more. Going through the motions and shaking off some nervousness, psych insecurity, by report recipients about the future — of course forgetting that auditors look back, not forward too much.
The same, now for ‘risk’ as captured in the 3LoD nonsense. Too many posts out there [mine, but if you want better explanations why the non-, check the ‘net it’s full of pertinent info] to quote or even link here. Only one of the vast number of theoretical, logical, methodological, tactical, operational and very factual problems with the model: It requires all to dally in babblestuff instead of standing between threat and vulnerability. Except for the threat of a regulator probing all the way through the humbug and finding some weakness in the 1^st line; which is a purely hypothetical issue since indeed it would hard-require said regulator to know what he’s doing… All the time, there’s nothing in the model that requires 1^st line management to deal adequately with risk.

Yes having eager beaver 3LoD in place may feel lukewarm but shareholder value maximisation over everything [still reigning supreme in executives’ minds despite some window dressing] requires you to just wet your pants for that effect; much cheaper. You’re laughed at anyway since you promote 3LoD so much.

And then, Schumpeter [when applying to you personally, drop the h] strikes again, sped up by the nocebo effects [cost of all the overhead].
Hence the palliative angle. Feel epicurean until you’re done.

Now then;

[For whoM the bell tolls; Baltimore – followed Procedure until cyber-probed (cyberattack‘s too much said!)]