Say [null] to voting, 1 to on-line


[Another of those places where I was hard at work. Right.]

Now, the Netherlands is back to voting electronically … In a way (in Dutch).
One votes, on an electronic machine, that prints your vote and then you hand in the slip, that will be machine-read for tallying. Oh yes that’s voting electronically. Whereas it looks clumsy, and it is, it also doesn’t satisfy some basic but very fundamental requirements anyone would consider perfectly normal for (nation-wide democratic) elections. A great many ‘rogue’ (by the standards of others …) states have some of those concerns covered better…

My personal gripe, however, doesn’t concern this as democracies dominated by parties that have many-issue programs and no direct recourse against plain flat-out lying to voters, are a complete #fail of democracy. And, I am unsure that perfect democracy is feasible.
Or wanted! As democracy will result in mob rule, and other wrongs far better explained by much greater minds.

No, my problem is that now, still one has to be present at one’s own neighbourhood voting station. Why hasn’t some form of ‘Internet voting’ been implemented ..? There have already been many methodology theories out there on how to do that, with the safeguards required. I recall that two decades ago, a Swiss kanton did something with this …?
You may counter that there’s still the problem of reliable code. But that can be solved by creating something open source, to be mandatory checked by all parties (or their tech-savvy proxies; very probably from outside poolitics as the pretense may be there but nothing, zero!, of actual insight into e.g., code). And of course the app would run on all platforms, in particular mobile. See how that would increase voter turnout!

And of course we would have fallback traditional stations anyway, in particular as e.g., the elderly would not ncessarily understand how to #appvote (tag claim).
And dear reader that wants to complain about secrecy: Dig into basic crypto and the protocols developed in science first, please…

If only I had the time (made available to me, paid decently) to really research this all…!

Collateral sustainability


[Paris. Repeatable idea.]

In order to get to real sustainable business (or non-profit, or public), the organisation should not bolt on the sustainability initiatives, but build them in. Into the primary processes themselves. So that ‘sustainability’ becomes collateral next to the money-making, or x-making, that the organisation had set out to do.

One way of doing this, is by (external?) pressure to have the pollutor pay. In that way, similar to VAT I guess, any organisation neutralises the ‘damage’ they do by generating moneys for restaurative initiatives, externally, or internally if one is allowed to spend the surcharge on such restaurative initiatives oneself; this would of course need extensive, costly and fraud-sensitive, ‘independent’ auditing. Self-control will not do! And if the damage may be undone fully; repllanting a few fast-growing trees is not a substitute for eradicating well-developed forests. Covering an open pit mine with green is not a repair of the environmental damage done. Full footprint costs are the only reasonable foundation for calculations. Hence, the moneys may better be spent by others; governments or special interest groups supported by governments.
In this way, too, the production methods (ingredients, raw materials, labour, etc.) that pollute less into the internal, often more into the external environment, will also be cheaper. There will be an incentive, at last, to use more sustainably lean production methods. To let employees work from home more, and/or flex. Etc. By having a pollutor surcharge (that for economy-wide cost neutrality may take the form of a variation of corporate profit tax), the pressure gets real, and the pressure will not be through the public image of the organisation alone.

∗ Note that an economy-wide, i.e., country-wide (or region-wide, e.g., EEA), levy of surcharge may need a compensatory import tax for good, services imported, and one may consider proceeeds to be put into compensation for exports. Otherwise, the playing field wouldn’t be level, globally. Or would corporate tax discounts help; and/or how would the import of raw materials, etc., flow through production ..? Maybe not use an exit-based VAT but an input-based ‘Destroyed Value Included’ charge ..? Will be the bookkeepers’ wet dream either way.

Your thoughts, please!

Double shhh


[On a rooftop ..! ‘t Spant, Bussum]

Yeah, it’s a post on double secrets again. Not just because I haven’t seen any conclusive research on what to do with it; how to handle oversight (what is warranted, , etc.), what limits to justifications there would be, how to close the recursive secrecy gap, etc.
Not even because of stuff like this.

But because another issue was pointed out yesterday/today in a post at Bruce Schneier’s blog: Where double secrets may exist, trust is lost, and (theoretically and practically) impossible to regain.

Which is a problem not only for ‘current’ (big) companies relying on the trust of ‘consumers’ (who are in fact drone suppliers of almost completely free raw materials) and other business partners on the receiving end, as their business model will crumble to nothing when (not if) those cheapoo supplier leave in massive numbers.
It also spells trouble for the not-yet-big, almost-not-yet-companies. As defined in this slide deck, those new companies rely on distributed power, which is based on trust. The said (not sad) companies can grow only to the point where the base of trusting counterparts in exchanges (~facilitated) still grows. If at one end, trustors still flow into the system, but trustors on the other end flow out at a faster pace, the base will be ever narrower; the house of cards becomes more fragile and will collapse as some business wind (if only draft) comes along.

So, in order to really ‘disrupt’ as if that would be a lofty goal of any business [I am very much opposed to such thinking! ‘Disruption’ invariably leads to massive job losses and ever so many more family members’ life dreams ruined. No, the new industry will be of (relatively) jobless growth and yes, at some scale one has to take the macro effects into account], one would need to have a pre-emptive way to deal with double secrets, so the trustor trust base may grow in breath and depth.

My feeling is now that this sort of issue may also be the foundation of the inevitable-collapse-of-any-democracy issue. As predicted toungue in cheek, and shown practically throughout history. Are we at the verge of such a (Schumpeterian?) collapse, dinosaur extinction phase, in the way societies manage themselves? Utopian or distopian visions of what’s next for the coming era (remember the ‘Mayan calendar’ prediction of such a ‘new era’ ..?) may both be overblown, or … does reality always play out a bleak version of what could have been?

All in all, it seems rather important than someone [preferably someone more intelligent than me – regarding these issues, that is] would have a look at this all…
Is there really nothing out there in the intersection of sociology-, trust-, legal-, and economics- research that has pointers on how to resolve this issue ..? If the NSA or other TLA(s) are listening in and would have some Confi stuff, that’s good, too …!

Domo tics


[Voorburg, Herenstraat; Mú by Ming Hu Chen]

With the Internet of Things coming at us with lightning speed, why haven’t we seen a surge in easily appliable domotics ..? Sure, there have been small little, often not too well-designed and plasticky appliances out there for a while, but they often were in the bargain bins before a full‑scale deployment could take place. And we see trials here and there in offices (cheesily, in Dutch, and video) with bits and parts of true ambient intelligence style domotics. But still, not the real stuff.

If you now say that within our homes, domotics don’t (doesn’t?) take off because of lack of network effects (What are the benefits? [How to size them up and compare/add them?] Where‘s the tipping point?) within the confines of our houses individually, and the prices still being too high (among others, due to the lack of turnover and initial investment recoup), and installation being too cumbersome (all devices need placement and connection, probably to power supplies other than oft- and quickly failing batteries, and either connect cabled (old-fashioned) needing breaking into walls, or wireless, requiring ugly visibility) – I would reply that these are issues to overcome with smarter solutions.

But then, what is the date of construction of Bill Gates’ Xanadu2.0 home [If you’re listening: I would like a tour yes indeed thank you!] that has all the follow-me temperature, lighting and ambient music ..? Over a decade ago; does M$ deliver a full copy solution to every home yet? Domotics Explorer 2.0 doesn’t give too many Bing search hits…

A thing that may need to be settled first, is the general architecture of it all. Sensors and actuators need to be put in place, but how and where; what secondary elements do we need (control centers; where and how many (networked, carry-on or stationary?), signals-generating actuators; separate devices (hi keycard/pin) or built into other things, or programmed into other things (hi smartphone, à la NFC payments, now not so N)). What human control, using monitoring dashboards and some form of input (fingerclicks and voice work well in sitcoms; phone screen swipes, maybe?), can we have, can we allow? Are any ethics involved (haves/have nots; control over one’s environment vs. experiencing new things, conflicts, the commons) ..?

And there’s the question of business models for device suppliers and servicers. Subscriptions with updates of software, and hardware, or plain purchase? What about interconnectivity and multiple standards?

Just check the wikipedia page; so much more to discuss. E.g., re the integration or not, I definitely prefer not, of domotics with “‘smart’ grid” ideas of outside monitoring of our home internals – but connection to the outside may help your fridge to order short stock/supplies. Or what to do when conflicting demands are made within the same room (try sharing music tastes with your kids; they just don’t seem to get Purple, Floyd, or the Maiden or even Zappa).
But the question remains: How to overcome the not-yet-existing network effects requirement ..?

Stats and news


[Van Gogh’s ear]

The news is still filled these days with all sorts of incidents with (new) media, information leaks, etc. etc.
How long will it take us to realise that this is just the noise to the signal of health? It’s not that traditional media, and new media, are filled, it is that their space is too limited. If they would have sufficient space to cover all that goes well, no-one would notice the mishaps. Risk-based controls, anyone ..? Because, if you would do that seriously, you probably wouldn’t control anything!

Your comments, please.

Predictions 2014 the InfoSec edition


[DUO Groningen (couple of years ago), where a leak led to many a student’s funds were defrauded. Looks original, is just chasing outer effects]

So, some of you have seen my Predictions 2014 including the update or two, and other posts on developments in the Information world at large.
But what you desparately needed, awaited before even starting on the Christmas decorations (for those in the West), and held out any shopping for food or beverage for, I know, I know [Heh, that’s the opposite of Unk Unk’s ;-], is my completely and utterly unpretentious predictions for the Information Security arena of 2014.

Well, here we go then:

Advanced Persistent Threats will blossom like weeds (not wiet!) in 2014. APTs being the ultimate blended threats to confidentiality of information. There may be cases of government-on-government espionage, that highlight the ‘modern’ squared or cubed variant of traditional intrusion & spying (information exfiltration) work. But moreover, there will be incidents much publicised where business-on-business espionage, possibly helped by shady government agencies, is outed as more than a theoretical possibility. Of course, you all know that this is nothing new, but the general public will demand an answer from some Board members and State secretaries here and there (literally) of victims and perpetrators (denial becoming less if at all plausible). These answers will be the definition of lame. The infosec industry will rush to develop (maybe not yet fully utilise) the market; contra but hush-hush, also pro…

Certificate vulnerabilities will be shown to be a factor of import. Yesterday’s unprotected printer WiFi, will be the current certificates being stolen or manipulated. Bot victimisation of clients will be less by trojan planting and more by means of hijacking certificates (‘Certjacking’? You read it here, first! [Update to add: well, in this spelling …]) to do … sort of low-level ID / trust theft. This will not be explained nearly well enough to the general public to get them concerned, but with tech-savvy CIOs and IT managers, this will give a stir. And major sweeps through the own infra. And not much by means of future better cert management.

Crypto-failures. Cryptography, as far as actually implemented at all (some ‘implementations’ may embarassingly be found out to be done on paper only!), will show to have failures in at least two ways: procedural errors will lead to (much publicly visible) non-availability of information, e.g., when asymmetry isn’t implemented well due to lack of understanding of bureaucrat procedures writing committees mumbling and fumbling about; and by public demonstration of bad technical implementation, the coding being so shoddy that the strength of crypto will drop to n-day crackability (with 0 < n < 2 I guess).

Quantum computing, on the plus side, for crypto, will see its first practical proofs of concept. Where the PoCs are used to protect the most secret of some government’s information, but with that information having to be used by the most bumbling-about officials hence the overall end user -to- end user effectiveness being close to zero and helping any and all attackers (rogues, organised or not; state(-sponsored) organisations, etc.) to learn about tentative, among them maybe class-hack, attack vectors.

Methodological innovation in information security. As already discussed earlier, and here, and here, and with OSSTMM, and before that in quite some other posts as well. Now, also Docco joined the fray, advising SMEs from the accountancy side … Which shows this prediction for 2014 is already hatching.
On this item, we will see much improvement. E.g., combining the OSSTMM framework with SABSA. Combining the rebooted CIA with the fresh install of the (alternative to the) ‘15.5 risk’ management approach via the OSSTMM framework. And so on. Interesting! Want to contribute!

I’ll leave these here for you to follow up. When (not if) I’m right on any of the above: Yeah, see? Told you so! And if (not when) not all five are square-on: Hey, they’re only predictions! Don’t shoot the messenger that only conveyed the message of the Great Engineer Behind The Scene.
Though I would like to receive a bottle of good (I mean, really good) red Bourgogne for each prediction that shows to be somewhat right; at the good side of 50-50. Any takers?
The opposite, I can unfortunately not do as it would have way too many takers…

sCrummy development. Standards ..?


[Just a great place]

A peer leader asked around for guidance re assessing scrum development contract bids.
And I browsed around. And found nothing really.
Oh yeah, the usual suspects of IT-contracts / IT-development contracts, but even those are thinnish, insignificant as help. Somehow, it appears to be too fluid a field to be captured in bureaucratic-behemoth totalitarian all-detail governance, management, planning and execution procedures. In which actual deliverables and content requirements are always but with very few exceptions pushed to some annex or ‘later to be detailed’ never-will-exist auxiliary and unassessed documentation with not much concrete information or even anything understandable for the white raven well-informed assessor / professional.

Hey, there is better information out there for this, right ..?

The Ethics of Full-Autos


[EU whale washed up in Strassbourg]

Via Ross Dawson, again, I found a piece on the ethics of self-driving cars which is fascinating in its ethics discussions. Or, pointers to, as the discussions are of course not definitively settled once and for all as is the nature of such discussions. In particular when various ethics backgrounds from around the world collide, as they will! (No autopilot there, heh.)
But the discussion should reach further. ‘We’ now focus on cars, but if we can tackle that issue of autonomous, self-driving cars (wasn’t the term ‘automobile’ not already coined to include that glimpse of a possible future (apart from the engine part) ..? And weren’t horses self-driving to a degree ..?), there are so many more self-operating things out there that would require simpler environmental awareness. If cars can drive full-auto, so many more machines can – how much human operators would we need; how many (how few) managers, etc, when organisations are self-driving ..?How do we train and gain experience necessary for the inevitably required human overrides ..?

But more importantly, how would we settle the ethics arguments like the ones indicated in the above example ..? Because there will be many, of a great variety. And certainly not all (end) stakeholders may be present at/for the discussions, or may not be capable to represent themselves (incurring agency issues, already the downfall of all democracy), or may vary in their quality of discussion process execution, and may not reach a final equitable conclusion shared by all; then what ..? [‘One should not count arguments, but weigh them’ (Cicero); very, very true]

Will we have time to develop a societal framework for ethical discussions, or will we have to take them one by one as they come along, badly reinventing the wheel every time, and getting overwhelmed by the sheer number of must-settle ethical discussions that will come at us ..? Because settle we must; letting it rest and letting marketplace/economy forces run their course, will result in unethical results. Mammon shouldn’t rule.

But anyway, let’s get engaged. Because similar problems are already all around us – healthcare costs mushrooming, global environmental destruction, etc.; all problems at the societal scale or above, all still in much need of ethical discussions and course setting.
And because we must.

The IS Audit Worker of 2019


[Your prospect of Elysean fields]

2019 is only five years away… But predictions require a suitably close horizon to be able to see how today’s trends and Early Indicators might play out, and still be sufficiently distant to allow flexibility and variance off the predictions – otherwise the predictions are dull.

Hence, apart from my predictions for 2014 (and update) below, some more ‘mega’trends, in particular for the management of information risks – I still maintain that anything managed, isn’t a risk ‘anymore’! – professional or more specifically, the ‘information systems auditor’. Note the ‘’ as this post will show how the role and content will change enough to warrant a new job title.

Now then. As a starting point, I took the insightful graph of the always even more insightful Ross Dawson off rossdawson.com, noting the CC-BY-SA 2.5 license:

Which is a depiction of trends that impact the IS auditor as professional, rather than touching (too much) on the content of her/his work… Indeed, but I’ll demonstrate where the content is touched, too, by the trends depicted. Let’s just run them down one by one:

1. Connectivity will mean the necessary re-think of the traditional CIA to be able to guide, control and audit the information security stance of clients. The Information availability explosion, the globalised (i.e., de-geography-bound is de-accidental-physical-location-bound) access hence globalised use, and mobile work to even loose the ties of the Last Mile (in a way), require this. And enable the IS auditor to do the same. Already, this is being piloted, and in my view, we’ll see much more of this kind of work for the IS auditor in the very near future; this enables not only the auditor to not have to come to the clients’ offices too much – albeit that initially, some F2F contact may still be required but the need may diminish quickly when clients gain experience –, it also enables her/him to engage with clients much further afield, remotely. As far as (by today’s standards) superb connections reach, that is. See items 5, 9, 10, 13, and 15 below.

2. Machine capabilities will lead to work being taken from our hands. Through raw processing power explosions (not only due to Moore, but also due to the explosion of the sheer number of devices out there), Spatial recognition giving machines even more data to deal with, and large-scale Artificial Intelligence deployment not the petty trials of today, will enable the off-loading of much manual mental work (human- / person-bound work) to machines ‘out there’. The user will not even need to know where the ‘there’ is. Or should (s)he ..? We’ll see a redesign of philosophy, thought, methodology and tools on privacy surface. Quite some areas where IS auditors might (sic) lead the way, in thinking, acting, controlling and auditing.
And robotics … If that takes off, it’ll be piecemeal on the one hand (I too want my Roomba) but massive on the other (so many disjoint markets blooming). If only Asimov’s Three Laws can be reinstated, and reenforced or we’ll end up either in a mess or dead… It’ll start with Worker replacement anyway … (see below).

3. Demographics are something that we have somewhat less to deal with in the management of information risks. Apart from Migration leading to professionals’ markets impoverishing to markets of lemons, if unprotected (the dams will only hold back only so much inflow for only so shortly), and Country divergence maybe hitting us when our geographic region forces us to move elsewhere, as in item 1 above.

4. Social expectations Not much, either, apart from the Flexibility that will created Theory of Firm 2.0 type organisations, on which the IS auditor and others can no longer impose totalitarian bureaucracy. What then ..!? I don’t know. Your bad, if you can’t adapt… From the true ethics of your trade, you should have already adapted long ago…

5. Modularisation may impact us in ways similar to what we have already seen in the past; just labour specialisation, if any. Not too much to do about not too much. Though the general trend by which broad experience by and large caters for broad, balanced widening of one’s professional content in the stages after specialisation, may turn or have been turned already, the direction is unclear, either repeating constantly all directions, or awaiting a major redirection.

6. Globalisation I already characterised as a possible major impact through the Connectivity angle. In Products, I consider it to will come to completion in the near future. Service… To the degree that any service has no physical-presence component; (medical) care, for one, would be hard to do remotely, and also some other personal services e.g., IT tech support, may not ever work to a satisfactory degree without being able to communicate by nonverbal / sensory signals. So, not all the promises of item 1 above may not be realised all too soon.

7. Productivity will be driven by the Machine capabilities, mostly. Together with Connectivity, theese will determine Factor shifts or rather, define and refine factors of worth. Manual labour will re-flourish! And so will brain work, but only the non-standardised stuff, the work requiring creativity, true intelligence and empathy. Where many IS auditors etal. Think they are, but they aren’t. You know my rants against ‘peers’ just checking boxes. That is not what auditing is about. That is administration. Auditing, and other management of risk roles (sic), is about interpretations, judgement, close calls, gut feeling, and guts. Balls. (F/M), you must have them or be replaced by drones. Do not count on being (just) on the right side of the dividing line! Count on being on the wrong side, the down side, the cast out side. Or join progress.

8. Value polarisation again one where the machine capabilities, Connectivity, and Globalisation will work to quickly create new classes of haves and have-nots. The 1% of today, may be another 1% in other fields tomorrow or the day after. Try to be part of that, or you’re no longer suitable as part of life. Seek out your own 1%. But one thing would clearly be wrong: Remain as you are, meek, sheepish, not daring to be a Man (M/F) … So, most IS auditors et al. will have to change dramatically, if one can change one’s character…

9. Remote work I already described above. Telepresence, (remote!) Collaboration, and (local) Machine operation – 3D rinting, maybe ..? – will work as above (item 1 again). Virtual worlds may provide diversion from the destroyed natural habitat we still have to live in. The tropical island scenario still is somewhat too far away from us.

10. Work marketplaces are the mechanism through which the market for lemons may play out, or not. The barriers to Participation should be watched – some arguments for, some against –, Availability may not be an issue anymore (oh, but availability of suitable, sustainable markets may be), Pay pressure defines the lemons aspect, as does Access to expertise. Don’t sit still, as through Globalisation, access to expertise and availability, and participation will lead to pay pressure. I.e., pressure on your economic sustainability. Do not think you’re protected in your behemoth Organisation; any organisation is not too big to fail ..! So, even Big4 IS auditors should be aware. The bigger, the … no, size doesn’t delay a crash landing into a gentle glide, you’ll not be able to sit it out. The only sliver of new work would be to assess the work marketplaces against some standard but even that may be outsourced to … why assume a certified auditor should do that; why not instead (sic) by a reliable professional …

11. Crowdsourcing will impact IS auditors, too. But it may be a threat, or a blessing. No more dumb production of checked boxes…!? On the one hand, drafting those dull IS adit work programs from PDFs and too lengthy texts, may be outsourced to Labor pools – lucky if you can stay out of them, otherwise, you’re done. Will you be the one overlooking Managed crowds, or in it? By the munbers, and by today’s mentality, the vast majority of IS auditors will in fact be in the masses. Enhanced mechanisms will enable evenmore IS audit work (aspects) to be crowdsourced, changing the value proposition in the audit / advisory projects hence threatening livelihood. Open innovation’s also an In or Out aspect, for IS audit work. Though there may be a splinter of secondary audit work to be done on the deliverables of crowd sourcing and on the crowd markets… Fuzzy why that should be by certified auditors.

12. Worker replacement. Oh yes, if you’re a worker. Which is what a lot of IS auditors are. Not doingthe hard to replace physical work (taken over by Robotics, see 2, for the standard stuff but) since this requiresproximity and flexibility. Plumbers will be OK, IS auditors, not; will suffer from (enormous progress in) Automation, Robots, though Service may be slower to migrate (medical care robots may be proficient in many other areas, too, though), and Judgement may be the last to go over, to AI. So, as above, anything requiring judgement may for the foreseeable future not be taken away from us. But again, so many IS auditors et al. don’t judge, but administer. Where would you want to go, if (not when!) you would be able to (quod non)..?

13. Economy of individuals I consider to regard our profession in particular. Are you one of those few ones above that actively seeks out one’s own future? Then you’re in luck; your Independence and Entrepeneurship may lead to work being available, in Collaboration of the Theory of Firm 2.0 based on your Reputation. All these factors will be currencies of the future, so work on hoarding them! Not ‘the’ currencies, as Bitcoin and the like may kick in on a large scale within five years.

14. Polarisation of work With the Pay and Opportunity being so unevenly distributed, one may not rely on Affiliation with an organisation of old any longer. The dinosaurs are dying. New affiliations will need to be sought out. IS auditors, be aware, be active or be left out.

15. High-performance organisations or as I indicated above, Theory of Firm 2.0 organisations, may rise quite quickly. Google, Facebook and the like have risen to their 1.5 (sic) status and size in (qua order of magnitude) five years. Others may be in their inception phase today, and be the biggies, the most wanted (virtual) workplaces literally tomorrow. Again, be aware. Internal markets, Ad-hoc networks, Social technologies and Distributed value creation may all be part of the landscape of small and middle-sized temporary organisations that will flourish, already from, literally, today and tomorrow on. All these factors point at project-oriented get-togethers of professionals all with their own needs (for fair value to contribution distribution) and wants (work only where, when and for whom you like, do only what you like; if one factor starts to fail, move elsewhere) banding together just for the common interest and then all going their own ways again, maybe meeting again in the future, maybe not. Temporary Affiliation only..? Or looser ties? Double o, though many an IS auditor may have a single o as they haven’t innovated and are left behind as deadwood.

16. Education is key, to many of society’s desirable developments. Available, Open, Continuous is must be, and focused on Peer learning. All things where IS auditors could play a role, as auditors and advisors, and partaking out of necessity to keep abreast of latest developments.

Because the italics weren’t there for nothing. IS auditors, and others, just play a role and not an important one at that! Do not fool yourselves; auditors are only, and no more than, an afterthought of business and other organisations. Be happy that you have some specialised knowledge that you apply in whatever role, one accidentally being audit. When now both the unimportance of the audit role comes to the fore, in particular through Ross Dawson’s megatrends and technology developments, and your knowledge and experience that you apply in the role, are ever quicker to expire, you’ll have to keep abreast of all new knowledge ever more certainly, ever more widely and completely, and ever faster, and you’ll have to constantly seek out new roles to apply your greatness. Dropping audit as an expired old skin…

The central message is clear. IS auditors et al.: Innovate! That takes trial and error, and ‘learning experiences’ also for one’s deeper insights and even character, it takes risk taking and damage to one’s personal quest(s), but with the right virtues (Aristoteles-like), one will prevail. Innovate, along the lines of the work future and towards developments as described elsewhere and more.

[More will follow on this subject…]

Maverisk / Étoiles du Nord