Exit 2018 1163

Asad day for all you aficinados of this blog. After some five years and about 1163 posts (you’ll see…; own, mostly with own pics), this is the last of the (work)daily update. Yes, I’ve managed. But will turn to more serious, somewhat-more long-form content so will stop the drivel. I will not post daily, but when I do … And I’ll intersperse with some margin notes posts. Per 1/1 these will have no picture, the long for ones will – just check the link-post’lets and you’ll see. In line with the season: Enjoy less frequent but more professional, beautiful fireworks.
Or be safe with your own fireworks. Else, stand candidate for the Darwin Awards, which is also OK with me especially if you’ve not appreciated my blog; excepting the few I care for ;-|

Now then …
[Some room available. Live and die to be worth it, or take a hike; Arlington]

Secrut law

Hey, does @iusmentis or anyone else out there in NL have a clue what this [dunno if there’s a Dunglish translation around somewhere] is about, what relevance this has to e.g., infosec, and/or the probable impact in the Information/IT side or organisations, or are we all just too busy with GDPR ..?
Just wanted to know. Saw it fly by and wondered why there weren’t any serious comment flurries.

Or is it because it all isn’t relevant ..? Or is just article 4 relevant ..? Is there no clue about due ‘protection’ (security) being required by the secret info holder or else ..? Is it just to protect whistleblowers under 4.2 ? Is 4.1 strengthening (or the reverse!) of the WOB ?

One thing’s for sure: The scare of fines, is … gone. Because they only have to be paid after any challenge in court, would have been settled in disfavour. Which of course may dragged on for literally decades (incl inflation, change of formal and practical policy), and also the Authority (to which a great many would add: quod non) will (hence) have to make very, very sure it has a case for fines in the first place; the far less potent other measures are, well, spoke-in-the-wheel’able.

Yes I still wonder, vis-à-vis the fly by night character of the fly by. And:
[How far does copyright on a beautiful design go? Asking for a friend this being my pic anyway; Valencia]

After 2018’s hypes, this

Already you thought you had enough on your plate, for 2018 qua predictions even when most will play out differently than stated? And though these ones are [as in: when you verify/falsify them in the near future, they will have become ‘are’] actually correct…
these will also play a role in 2018.

Yes, yes, in a much more fundamental way, and maybe in the mainstream media only per ill-understood sensational pastiche, but still it will certainly [same] augment the fuzz around quantum computing. That will, in the end, when made operational not be much of a shocker anymore. Too much dilution in the latter, to still make good on its supercalifragilisticexpealidocious claims. Too bad / good, depending on which side of the quantum-crypto-crackability wars you are – the latter not even mattering since this and this. And this in particular. What will the above mean in this respect?

[Edited to add: Oh and this just in. Relevant, on a nearer-future scale]

Leaving it there for you, to study and be prepared… plus:
[Fattened over the holiday season, you are ..? Shardless London it was, ‘is’ish]

‘corn down, times 10

After the many lists of wat went well this year, with AI, bitcoin, etc.etc., we wonder: How much of that is plugged fake news or ditto overblown ..?
When still, we have the likes of this: A list of some 10 unicorns that went down (or -soon) despite funding to dream of. When you look into it, we seem to be back in, 2001, and somewhat later, when the idea of drafting a two-pager business plan seemed to be enough to get VC / angel / whathavewe funding. OK, maybe this time around (and for the co’s mentioned) it’s more like a ten-pager requirement but hey, why wait to throw money into a wormhole, right ..?
To remind us that maybe, not all went so well in ’17.

And maybe despite all the hopes we have for 17++, we should again, still, reckon with downside risks a little bit more, please?
But you’re not gonna listen to me, are you?

Mewwy Cwistmas & happy new year anyway! Plus:
[Heck, this has nothing to do with festive fireworks or so but is pretty still; Valencia]

Some notes on notes on Chollet

After you read this, you’ll get the following:

  • [After two empty lines] ‘seed AI’ may not be necessary. Think of how the Classics built their arches: The support may be removed. Same here; some ‘upbringing’ by humans, even opening the possibility of ethics education / steering;
  • Proponents of this theory also regard intelligence as a kind of superpower, conferring its holders with almost supernatural capabilities to shape their environment / A good description of a human from the perspective of a chimpanzee. – correct. As such, slightly ad hominem and we know what that is about (here);
  • If the gears of your brain were the defining factor of your problem-solving ability, then those rare humans with IQs far outside the normal range of human intelligence would live lives far outside the scope of normal lives, would solve problems previously thought unsolvable, and would take over the world — just as some people fear smarter-than-human AI will do. – an interesting argument, as I had the idea of drafting a post about a new kind of ‘intelligence’, apart from the human/animal one.
  • Etc.

An interesting and profound read… Plus of course:
[“Intelligence”… Winter Wonderland London]

Another nail (to images as evidence)

Just to drop it here, after umptuous [now that I’ve used it, when not if that’s a word] warnings, another nail to the … value of ‘evidence’ in court, in this piece, explained in easy pics here. Seriously distorting the picture by seemingly doing nothing of the sort. Ocean’s Eleven (or –and counting) style vid replay, now with much more modern, more perfect options.

[Edited to add: Another case in point here]

Just sayin’. And:
[When Run To The Hills is your last defence; Salzb’ – with a terrace]

There we have it; botcracy

As we turn the leaf towards a new year, let’s not forget what values – in operation, operationalised – protect our Human Rights, in the form of de-mock-racy, and how they are ever so quickly being repelled by, e.g., AI and fake news but in particular, the deployment of bots as here.
Yes I know, that’s three layers of tools but still, the focus is on the first two but the latter plays almost the foulest role.
Yes I know, the ‘operationalised’ part may need elucidation on the side of ‘transparency’, ‘access and inclusion’ etc., but when you read after the link, you’ll understand that the issue is society-wide, not just FCC / net-neutrality.

Well, that was a quicky… hence:
[München, for zero (as in: 0.0) reason]

Unsider threats

How is it that we tend to hear over and over again about ‘insider’ threats ..?
Even when it’s not the Board that is meant here, as the pinnacle of … the ability to drive a company into the ground, those pesky ‘insiders’ really are a pain in the place where you like that or the sun doesn’t shine.
Better get rid of any and all of those ‘insiders’ then, eh ..? AI here you come. But if AI system(s) would be a replacement for humans, wouldn’t they commit the same temporary, small, innocious and unconscious lapses of judgement..?
And what about off-boarding the biggest threats first ..? [Where I do men the above committee]

Maybe better to recall that we’re about to celebrate the fifteenth birthday [was there ..!] of deperimetrisation – with an s once you recognise its country of birth, and disclaim an all-out stupid Jabba the Hutt style claim of origin so no z’s anywhere – who’s an -sider when there’s no way to tell ..?

Also, it villifies the underlings that make your salaries and bonuses so if you punish them (by giving them less reward than yourself), they don’t get mad. They get even. Simple. You gave them the tools You made them build their own tools superficially to keep you afloat but you wouldn’t recognise a buoy from an anchor so guess what you get… And when you’ve lost them, they aren’t much of the insider you’d want, right; morally they’d be on the outside again already.
Case in point: This miss by the venerable @HarvardBiz … Though the solutions offered, are valid – as very-starting points…

So Part I – Ω is to treat your underlings like you care. If, big if, you actually mean it (hence will not in an instant be found out to be a fraud at this), you’re saved for now. Otherwise, no fight against <whatever>sider threats, will be futile. Remember this ..? You get treated like you treat, it starts with you – your intentions towards the other, will be perceived. Positive/negative, the choice is yours.

Oh well. Plus:
[Some light’s also good for the inside; Utrecht (1924 ..!)]

And of course

Another one today!
This here piece, and the according official text (with interesting subheader, as downloaded from the official site…).
Because one should not expect either to be a fair representation of the Chief’s actual stance as what is in the speech text is so clearly wrong, or the Chief (his speechwriter) was badly misinformed by his own staff / speechwriter, probably down/up quite some chain of command before reaching either end. E.g.,

  • “First, Admiral Bauer pointed out that cyber operations have significant drawbacks. In fact he called them a “too good to be true” scenario. Yes, they are fast, do not require boots on the ground, and have limited risk of repercussions. Yet they do require extensive preparations, and are tailored at a specific target, at a specific time, under specific circumstances. This makes them difficult to repeat. Conventional weapons can be used for years. Cyber weapons (e.g. malware) on the other hand have a limited shelf life as the vulnerabilities they depend on will be patched.”
    Right … What about comparing a vulnerability of this sort (that can be patched so easily, i.e., a known bug that hadn’t been patched before! with a single bullet? That can be fired simultaneously at thousands, millions of foot soldiers that when hit, will turn on their Chief ..?
    And the idea that once used in an attack (sic, because no-one is out looking for unknowns ..!), it will be patched before it will be used in an attack thus resulting in a contradictio, and
    As if full patching of each and every exploitable vuln at once, has anything to de with reality whatsoever; if one thinks that: dream on and back to kindergarten. [As stated: No bearing on respect for the CHOD (why not CJCS?); one can for the above, and below, things not expect the speech text to be accurate – on second thoughts, is this a fake news detractor, to seed false info ..?]
    Plus, this reads as if all patches are perfect all of a sudden. Now that would be news.
    And, what about differences in sophistication? Weren’t all sorts of countries effectively kicked out of Afghanistan [to name one of a long list…’Nam anyone?] without succes (sic), by people with hand guns and IEDs only (no, the I stands for something)? As e.g., here. As if the many armies kicked out like that, those, not have had their ‘patching’ with armour all together…!?
  • “Notice how this is different form ‘civilian’ cyber security. There an attacker has a distinct advantage over the defender because he does not need to attack a specific target (he can try many targets at once and settle for the weakest one), and typically has no deadline within which the attack must be successful. In a ‘civilian’ cyberattack periods of activity are separated by sometimes long periods of inactivity, because after a successful move the attacker stumbles upon a further line of defence that must be investigated.
    Cyber operations do not have that flexibility, especially because they must form an integral part of existing military capabilities. The timing of a cyber operation thus depends critically on other, conventional, operations. (As someone later explained to me, if the commander of a military operation inquires whether the cyber team can hack say a bridge, the answer “probably yes, but we do not know how long it will take us” is not very useful.)”

    Again, a gross mis-take on what ‘cyber’warfare [#ditchcyber] is about. As if, as if, ‘cyber’warfare, were any different than normal warfare, Clausewitz-like – not! as you can read for yourself; the civilian long-term ‘warfare’ is exactly the same as the 5th kind.
    If the commander would ask a squad whether they can take (out, I guess) a bridge with physical means, and any ‘yes’ would be taken as certainty, the commander will not be in charge too long… The right answer is seldomly the most useful one, as, relevant, is e.g., the question why one is there: this (3rd bullet).
  • “A second thing that stood out in the speech of Admiral Bauer was the acknowledgement that in cyberspace, the difference between cyber security and national security becomes fuzzy. Whereas defending the latter is clearly a task of the military, their role in protecting the former is less clear. As Admiral Bauer put it: “the Armed Forces are not the national firewall”. Yet it is clear that by developing cyber weapons and cyber defences, their impact (both positively and negatively) on cyber security increases. This requires closer cooperation with the government, law enforcement, the private sector and research institutes. Admiral Bauer would like to invite people from cyber industry to work directly with or for the Armed Forces.” [From 1st link above]
    Another non-sequitur. As if the CHOD could not see that border defense (what are ‘we’ doing in all sorts of places around the world, then ..? Far, far overstretched, qua capacity and capabilities) is the same, either physical or abstract. If people had to defend for themselves … they should have the right to all bear arms in ‘cyber’space, to defend themselves, just as they would have the right to bear arms in physical space, right? With those arms necessarily being of at least equal combat value as the opponents’ ones. I can have my own F16 squadron! (And I would certainly want it to be as great as ‘my’ 322sqn … with Block 52+ Advanced / -V or what have we … Hey isn’t this a great and desperately cheap alternative to (jump) the money guzzling F35s ..!?)
    And “no physical sand bags” (2nd link) ..!? What are patches, then?
  • Et cetera. One could go on, ever more certain that this is not the official military stance on the issue but some sickly surrendermonkey civil servant (if only they did) kind of underling dweezil sort of misinterpretation of seriousness.



[All analog (literally, slides!) to digital scans; from the time we built (rather, had around still from years before) diarama’lets and there were shows for the public when Twente AFB still existed – like, 1983 or so, you know, from times when Defence was something Real]