Category: Sociological, psychological notes

Modern democracies – are they party-less ..?

It seems that we’re in Transition times… When there hardly is a country’s election anywhere (where they’re relatively Free), where the parties of old still hold. Sway, that is, as in determining unchallenged the outcome of the elections and party lines to follow. Even when the result is a failed-from-the-start dangerous president, or just a continuation of bland (colourless) neutrality in ‘policy’ pursued.
Despite the previous fears of breakthroughs of ultra-right parties and ‘strongmen’ (not so much; it’s rather pathetic (mix of embarressingly silly and punishing for loudness)) – and notice that those parties have gained in strength and depth of followership, maybe not ‘won’ but there to dominate from the shady (!) backgrounds in many situations – everywhere what we see more, is that ‘traditional’ parties have crumbled, qua lead over the others, qua dominance in cabinet formations, et al., and/or are prone to in-fighting and scism tendencies (because of that, or were on the path to anyway; cause and effect running in circles).

What is left, is countries with impotent mixes of parties, party fractions and -factions, when these countries are affluent to an over-the-hill kind of rapid collapse in some near future. Or countries that weren’t affluent / aren’t-affluent-because-of, being lead by strong men with suppressed expression of political fracticide. The vast majority of presidents around the world are the perfect example of why republics collapse, and are at best equal but often worse off than kingdoms with their long-term views (when the king/majesty represents the nation, accidentally also in one person).

We digress.
When party politics (internal/external) are thus rendered impotent by their own doings, and parliamentary representative democracy is through that dragged down (in)to the muddy levels of shamefulness, what chance would blockchain-based societies, notion-of-nation-unhinged geographic regions, etc., have to be reconsidered as alternatives, e.g., the Heineken Map ..?

Alasdair MacDuck

Just a Friday’s folly about Alasdair MacIntyre who, in his seminal and, when you’re into it (finally) quite pleasurably readable, After Virtue, has on pp. 243-244 (I have another edition 😉 ) “The name of the common wild duck is histrionicus histrionicus histrionicus.” – apart from this, it also is not true. The Mallard is; Anas platyrhynchos it is.
And now, I do challenge thee – was this ‘error’ on purpose or not, and if so, either to dare you to check it, or to pass off some signal to some kabal that reads his work and had put him under pressure ..? (As may be the reference close-by of secret passwords/passphrases of spies and double agents, and the three spelling errors in the book.)

Now, it’s weekend… plus:
[Now that’s low-light analog-to-digital conversion… decades ago, at Les Ménuires]

3D of the nudging to simplest infosec behaviour

Before you’re put off by the title its complexity … [Oh. You clicked. Wave function collapsed long before; ed.] This post is about improving the People part of infosec. Beyond the mere ‘awareness’ that begets you … a couple of days’ attention, then slippage into muchlessofthesame.

Two roads away from the dead end you were in, open up:

  • Nudging. Which is about small, inobtrusive and non too brainwashing incentives and disincentives, rewarding and penalising the good and bad so that ‘users’/people choose to do right without having to rationalise through all sorts of intricate, overly (sic) complex lines of reason why some shimmy is better than another twist. Just gently guide, don’t Law and Forbid. [Edited to add: This post was drafted and schedules for release weeks ago, before that Nobel Laureate was awarded his medal for this very method…]
  • Secure simplest option. Like the great many traffic controls; no traffic lights but roundabouts – the former, can be run through at high speeds in the middle of the night (and other times); the latter, require slowdown or you’re thrown off the road. The secure solution being the obviously simplest – the simplest solution being the secure one. People will take the simple road in stead of the difficult one. Better make the simplest one the safest. Not require the user to jump all sorts of complex hoops for safe behaviour! Like password complexity rules: The more you make them ever more difficult, the harder it is for users to resist finding loopholes and escape vents like writing them up (which isn’t a bad solution per se, but …). And in the end, you’ll loose the arms’ race against skillful attackers anyway; at the point where their smartness is hardly less than benign users need to get into your systems, you’ll have to revert to some other way anyway (re: dead end roads).
  • Ah, I’m not one for counting all that simple…
    Smart trickery. This of course being a perfect example … a 3D zebra (road-crossing). Many great, very-marketable other such solutions may exist, to your (image’s!) advantage.

Now that you’ve read the above, how would you change your infosec ‘controls’ throughout …? Like, filling out the last matrix of this, in a smart way and changed to general infosec …?
For an additional bonus, outline how you apply this to your GDPR-compliance efforts… And:
[Advertising the trust you can have in this Insurance co.; Madrid]

Measure and/or die

For 10 points only, not the usual 50/100/150 and without pictures to color, identify the stupidity of this here rambling with an air of sophistication
The ‘quality’ (quod non) of which is nicely summed up in the ‘metrics chart’ ..: “If you can’t measure it, you can’t improve it” – referring to the degree (sic) of the stupidity; unimprovable…?
Be aware Always (link, here again yes), people, …:
Not everything that counts, can be counted, and not everything that can be counted, counts ..!
Oh well. Nice effort to get from ‘nothing’ to ‘something’: when shot for the moon and missed, one ends up between the stars.
In a vacuum, light years away from any matter. [Excepting virtual Heisenberg’ian particles; ed.]

Plus:

[To hope that one day, this king’s -dom may understand the British Crown / Commonwealth model before an all-out civil war breaks out…]

The logic of automated decisions;
ransparency through audits ..?

Not bashing, nor FUDhyping…
Was triggered by various treads, e.g., The Book on the subject (or, het boek in Dutch), and scores of elucidation (yes. be happy finally there is some truly) from the legal perspective, on GDPR article 15.1h and article 22.

The latter two not being conclusive, however. They are about requirements of transparency on the logic underlying automated decisionmaking. But there is no clarity about how deep that should go. Will “Hey your data is processed by some AI system [literally, factually incorrect statement because it’s only Machine Learning at max, today; does that construe a false statement i.e. fraud ..? ed.] and even we the builders ourselves have no clue what goes on in there – that’s the whole point of using it besides being able to fire a great many inherently expensive humans and we don’t care the least about the biases and other grave errors of the system it works fine for us!” be acceptable? Hint: No. Will “Oh it’s so intricate that we, let alone you, have no clue when looking at the audit trails that the system generates” fly? Same hint.

Because here, we see a new area developing for IS auditors: Auditing ‘AI’ [quod non but read ‘ML’ and you’re good; ed.]. As IS auditors are (supposed to be, I happen to know a fair share of peers … etc.) the experts in gauging systems functioning qua .. reliability overall, too. Which goes way beyond mere C-I-A but still, has Always been part and parcel of IS auditors’ education, right ..? I will come back to you soon, with more definitive info on how IS auditors should go about this all.

Oh by the way yes I did already notice that the more the system in scope behaves, and is constructed to behave, intelligently like the average (sic! statistically you have zero reason to put yourself above that! oh wait you read my blog so you are definitely, way off the right end of the scale) human, the more the audit will have to be like we audit humans today. Uniting psychoanalysis and explicit rules on paper (in procedures, algorithms et al.), very dogue much fun.

Plus:
[Though a flat, and has iron, legally misidentified as flatiron …; NY – Pic tilted to fit in the pic frame of course]

Losing your trade’s virginity

I‘m referring more to dull trades, like auditing, than what your first thoughts were about…
It seems hard for some people to get their heads around the still persisting problem with AI introduction into regular trades, that when deploying AI to take over the rote grunt work at the lower rungs (which is, by definition (?), all that’s just behind your heels) and leaving the more intricate, ‘difficult’ and ‘intelligent’ work like decision making and risk weighing to seasoned, experienced professionals (to which you belong of course), that there will be no more seasoned, experienced professionals since the seasoning and experience is in years and decades of the rote grunt work that no longer exists for humans.
The ‘difficult’ decisions will all the more speedily be taken over by exponentially self-improving-on-the-intelligence-parts AI, as humans fail ever more quickly at those tasks. The excuse that the lower rungs failed in providing proper intel, will not work; higher-up humans would need to get a grip on the lower stuff, and to be able to determine the effectiveness of what goes around there… again you’ll need the extensive experience, maybe even more…

[Don’t get me started on how current ‘leadership’ (those that fell upwards by lack of weight, not the real leaders) already fails comprehensively at the intelligence part…]

Quite a vicious circle. And:
[Museum of what lies ahead for humanity, in total surveillance states, and AI futures; Riga]

Are you scared of perfectionism ..?

Not of but to.
This dawned on me, suddenly – as dawning of this better kind is unenforceable – a lot of people list ‘perfectionism’ as their default weakness-read-humblebragged-strongpoint. But it’s a weakness indeed because any such feeling will be rootcaused by insecurity, of the angst kind.
When taken forward, from the latter, one sees: Fear of the unknown, uncontrollable impact on the edges (first), will lead to overzealous focus on those edges, the rougher parts, to prevent even the tiniest deviation from the all-of-the-world’s-plan that totally deterministically was supposed to be followed to not introduce Uncertainty of any kind. No quantum collapse of the wave function allowed; no wave function allowed – that’s all heretical deviation from a supposed Plan from up high (where ?); der Herrgott würfelt nicht in the least! Quantum entanglement is that each and every quantum particle was predestined to be and behave / move as it does. No Uncertainty!

Or else … bad things may happen to you, e.g., your career.
You may get fired, for not perfectly achieving your Personal Year Plan. You may get fired anyway but that’s Bad, the devil’s work, or the shareholders’ (his rep’s..!) wish for slashing by the FTE numbers. To prevent this, just be perfect. Or, more practically, (say to, only!) strive for perfection. Bossed might want to believe then, that you’ll do your utmost and give your life, to make that happen. So bosses’ year plans are achieved. Or bosses, just to be sure, revert to the inhumane micro-management practices … so very common still today…

Let’s hope that proper risk management wins out in the end. If only since the more Chaos, the universe’s drive to entropy, is suppressed, the more gigantic will be the outburst of the Uncontrolled energy because it will burst out. Better to be able to control that through not letting the pressure build so high, by allowing steam to blow off in much more benign, possibly profitable, ways long before.

So, embrace entropy! Embrace balance ..! Just don’t be ‘perfectionist’ like everyone else and then be found out to be the very average sloppy that one reads so much too much of, even in trivial non-control of basic writing skills. If you write without care for proper spelling, etc., and don’t proofread, you’re waaay off to the wrong side of the balance ..!
Plus:
[Discuss, progress to the dialectic third way – which is NOT in the middle by definition; study Aristoteles on that..! Ottawa, BTW]

Dumb judgement

If this (link in Dutch) is the state of the profession, then we’re all doomed. Luckily, the players in this sham [that’s putting it mildly, 007; ed.] will be deleted from history first. Sorry, not luckily; hopefully. Since the comparisons they make, and the judges’ explanations, are so utterly stupid that one can hardly see them function normally in regular society. Can’t sugarcoat this.

Those hat apply the law, aren’t above it I hope. Let appropriate parties get them, before they destroy communities and common sense.

Oh well. And:

[The circus is where such people were put on display, then the delusional got control; Zuid-As Amsterdam]

Spelling test compliancy

Where of course the post title in itself gives away the clue of this little Friday’s short post, which is: If you spell it as compliancY (with some rule or regulation), you failed the test. And you’ll be earmarked as n00b, however long you are in the industry already. Since you don’t seem to know that it’s actually ‘compliance’ with an ‘e’ only, nothing overcorrected.
Just because it hindered me again, last week, when I discussed matters with someone who had the silly idea that using an ‘y’ would impress, would seem to make their point hover at ‘GRC’ levels as if that’s not an emperor’s clothes exposé already. And it’s just incorrect language period

Whatev’, I’ll leave you with:
[Yeah, it’s a bit of an old skyline (pic) isn’t it ..? Toronto, ON for no apparent reason and the horizon isn’t even straightened yes I’m that picky]

AVG is the Law

If you wondered whether (if?) I’ve gone besirk and declare some little anti-malware tool to be officially authorised: No. What then? A Yes. Because whenever you read ‘AVG’ related to the Netherlands, you’ll find it’s the Law indeed. Being a fumbled translation of the GDPR. And full of the lawyers’ stuff on detail, demonstrating incapacity to understand the issues that the GDPR was originally trying to tackle. Of course, these got watered down to ineffectiveness before even being officially issued (and that’s not per 25/5/2018 but already behind us ..!!). So we find ourselves now in a struggle on all sides for clarity and practically viable interpretations – vis-à-vis some specific law. From a legal perspective, this might work; just wait for jurisprudence (authoritative-case law) and all will become clear. From every other of the asymptotically-infinite number of sides (don’t even try to explain that to the eager beavers among various parties), jurisprudence means the death of their organisation and of all employment that goes along with, is built upon that including the livelihoods and perspectives for a decently doable pursuit of happiness of employees and their (extended) families invloved.
So NO, you cannot leave things to jurisprudence, to case law. Modern society has moved far beyond that, leaving all trailing in understanding that, in the dust of ignomy and ridicule. We the People (of the EU++, and of the world affected) need clarity upfront.

Awwww this is turning into a rant. Which wasn’t the purpose, which was   just to point out the irony of one antimalware-maker’s name being now wringed into something laughing-stock [ with an ? or an ! ].
Oh, plus:

[(From analog to digital when the latter wasn’t much good yet) sinking into the landscape, this time perfectly as intended, not out of shame; Melvyn Maxwell and Sara Stein Smith House, Bloomfield Hills MI]

Maverisk / Étoiles du Nord