Tag: disruption

Preventing detection

At last, there’s a resurgence of non-preventative infosec (#ditchcyber) efforts. As, e.g., here (in Duts though the orig would be Engrish ..?) and here (a decent one, almost making the right point; co-typical ..? and on second reading, a bit empty of actual actionable advice). Hinting at leaving the Prevention Imperative and refocusing on Resilience.
Because ‘deperimetrisation’ may have clouded the longer-term, more strategic failure of locking oneself in and shooing away the so grossly underestimated enemies by one’s own utterly ridiculous overestimation of … authority, power, capabilities and competences, considered-self-evident importance (quod non…). The dumb not realising how dumb they actually are…

We’ve said this before, over and over again. And we’ll say it again. Because the Laggards (hey remember yesterday’s post?) still haven’t got it, deeply enough into their veins.

But, we have a start of that at last. Why only now? Because even the most conservative (sic) can no longer hold the fort (sic) of box-shipping at all levels? Anyway:
DSC_0804
[Rebound into the heavens!]

May a change *is* happening

The title is correct; finally we can see what the Mayans meant when they, errrm, their calendar, predicted the end of the previous era and the dawn of a new one. Where many simpleton minions pinned it down to some very moment at 1 Jan 2012, of course the lore was about a longer-term turnaround phase before a really new era could be said to have emerged.

Now, isn’t it since the beginning of this millennium or even more, since about 2012 that AI sentience has merged with IoT to kickdown towards the Singularity …? So that the new era isn’t one for mankind only but one in which machines take over the lead over the world’s physical as well as mental reality ..? Just saying.

Oh don’t take it all too seriously. One might even read this as if I would follow Hegel’s reasoning of a path to a final and eternal triumph of abstract Reason. Hah. And:
DSCN0623
[Torún. Famous for …, somewhat appropriately]

Why ‘cyber’s still a dud

[Oh yes @CyberTaters will warp the pings re this post. And #ditchcyber!]

For one, all (sic) of ‘cybersecurity’ (quod non) is incomprehensible to those that consider themselves ‘leaders’ in one way or another in practices where actual infosec should be top of mind. Since the (for quite too large a part) despicable mice (of this story) don’t see their own folly, these kindergarten emperors will be found to wear their new clothes well… but not ‘get’ what it takes to start developing ideas how to actually lead in the infosec field. Starting with debunking Internet myths and hype-FUD but also starting the sea changes needed to achieve something (if maybe not everything).

For another, since all the hype-FUD only leads to Technology focusing, where those that would still not have thus-focused houses on order should be fired; decades of developments would have to have been easily dealt with – though it is rocket science, it’s hence not that hard. Hey, designing and building a probe to Pluto, isn’t there an app for that?
Leaving the other 99.9% (well…) of work in the area of People (and don’t start me on Process..! see my posts over the past couple of weeks). Which, even if it would be understood what needs to be done in that field, would be known to be near impossible to pull off, let alone in the short term.

Hence by simple (?) logic, ‘cyber’whatever is a dud.

Sobering:
DSCN2508
[You know where, or not; every corner needs to be beautiful…]

The Future Plays At All Boards

There seems to be quite an interest in ‘the’ future, lately. As in, the last couple of tens of millennia but also the last couple of months. Recency Effect, maybe ..?

The thing is; discussions how the near and far future will/might be, are handicapped by industry and specialisation myopia.

  • IT-angehauchten discuss ANI, AGI and ASI, with neural networks resurfacing, finally, in discussions over when (soon) we’ll have the Singularity. Yes you’ve read my great many posts about that already or go in shame and still do it (impression tracker is engaged).
  • A branch of that, discusses very near future labour markets – mostly, almost exclusively, those in the furthest developed economies only.
  • Biologists and eco-nuts (are they?) are on the Global Warming / Food- and Fresh Water- Starvation / Anti-GMO paths in their discussions.
  • And there’s of course daily glocal wars going on, military/physical and refugee atrocities everywhere, and economic warfare as well. Of the latter which ‘cyber’ in all its forms (remember, #ditchcyber) is part.
  • Simple-economically, there still is the enormous divide between haves and have-nots, now being exposed (nevertheless still growing) within countries’ local economies as well due to jobless growth and the Pikettyish 1%’ers.
  • And, I probably forget some category. [Edited half a day after post release, to add: Yup, this here combi-one.]

But, … all play out on/in the same world, the one you and I inhabit [well maybe not you, alien (as physical being or just meme/information floating around over whatever physical media) listening in from the Andromeda nebula]. So, we’ll have to deal with all problems, operational, tactical and strategical, together both in people and in solutions. And as the world spins faster than ever, requiring ever more clever and ever more-dimensional solutions. Until all choke, mind-wise. Hasta La Vista, baby.

Oh well. I’m not (even) negative …
DSCN2520
[Anywhere, everywhere.]

Schmobol

With the current uptick in interest in the ageing population … of the handful still capable of hardcore manual programming of COBOL, as e.g., here, I wondered:

  • Is the code base still so enormously biased to COBOL(-based! software)?
     
  • Why haven’t COBOL-to-e.g., C, or others converters, not caught on widely so the ‘problem’ doesn’t exist anymore ..?

Especially the latter; especially since we still have tons, too many (?), programmers available to tackle C- and more modern-language scrutiny and optimisation jobs. Jobs; high-pay jobs. And automatic testers to compare absolute 1-to-1 identity of the functionality or tractable lists of boundary conditions (possibly differing).
But with so many more (modern) code/functionality maintenance tools and capabilities available. And with integration/migration to (even) newer integrated platforms available.
And, when things get tough, AI that should be easily trainable to get to the hard, core bugs (higher abstraction sense) before/after the translation(s).

So, what’s the deal? The only deal there is, is (and was, having lost a long time) the lack of forward-looking maintenance to have already started early on modernisation. Yes, of course, there’s Not On My Watch and Après Nous Le Déluge. But real leaders would cut through that; that’s what distinguishes them from mere shopkeeper ‘managers’.

All right. Leaving you with:
DSCN3028
[Impossible to guess I guess. Where?]

Waves of IoT

Tinkering with the great many (unknown) unknowns of the IoTsphere, it occurred to me that there are various intermediate phases to deal with before we can consider ourselves comprehensively outdone after the Singularity (dystopian with P(X)=1).

By which I mean the following ‘growth’ model:

  • Current-day operations: Factory ‘robots’ or process plants being (factory-)centrally controlled from e.g., typical classical (?) control rooms. And ATMs, the robots without arms!
  • IoT in its four distinct forms. With ‘robots’ moving out of their prothesis confines, as e.g., here. Possibly with some ANI.

    Both these levels can be regarded to have operational level problems; ethical, security/privacy, industry-disruptions and comprehensively new business and labour models, etc.etc. but relatively definitely operational, to be solved.

  • At a tactical level, there’s AGI stuff to be figured out.
    Ethics, ‘robots’ like self-driving/autonomous cars [yes, yes, I know those two are very much not the same!] as proxies for humans, with all the rights and duties including how to enforce those, and Privacy on a much larger, impactful scale. Including also, all problems you thought to have solved in the previous rounds, now coming back to haunt you and be very much harder to solve.
  • The Strategic level, with ASI all around. To repeat, including also, all problems you thought to have solved in the previous rounds, now coming back to haunt you and be very much harder to solve.

This, as just a briefest of summaries of all sorts of dilemmas to be figured out. Sonner rather than later, or bingo (points of nu return) will have been passed sooner than you realise. I’ll try to help out with a post here and there, or course ;-]

For now:
DSCN8357
[At what stage will AI understand the genius of this design ..?]

Before it disappears: Told you so

Oh, before it returns to oblivion; re the Hacker Team hackback: I’ll just join the endless queue of Told You So’ers with reference to this.
Noting that there is a confusing connection to the illegalise-encryption-cum-mandated-government-backdoors stupidity that keeps coming back like whack-a-mole, to put it very, very friendly.

OK, leaving you with:
DSCN4521
[Antwerp beauty, untiltshifted]

The need for a new security framework

… I feel the need for it. A new security framework.

Because what we have, is based on outdated models. Of security. Of organisations. Of how the world turns.
Bureaucracy doesn’t cut it no more. The very idea of hierarchically stacked framework sets (COSO/CObIT/ISO27k1:2013/…) likewise, is stale.
And the bottom-up frameworks en vogue, e.g., OSSTMM (if you don’t know what that is all (sic) about, go in shame and find out!) and core work like Vicente Aceituno Canal’s, haven’t found traction enough yet, nor are they integrated soundly enough (yet!!) into further bottom-up overarching approaches. Ditching the word ‘framework’ as that is tainted.

But what then? At least, OSSTMM. And physical security. And SMAC. And IoT. And Privacy (European style, full 100.0%, mandatory). And business-organising disruption, exploded labour markets, geopolitics, et al.

OK. Who of you has pointers to such an Utopia ..? [Dystopian angles intended]

Unrelated:
DSCN6146
[Your guess. Not Nancy. But is it Reims ..?]

Today’s-Tech-Yesterday-Craving

As a question: What is the melancholic (sic) feeling one gets when realising how great it would have been to have had (some of) today’s technology / hype little tools, already yesterday or rather, a couple of decades back ..?

As logically flawed as the feeling is (you’d change the world of yesterday in a way that would make today’s world impossible to exist exactly like it turned out today… No-impact visits to the past even, are impossible since you’d return with the info of having been there), it still creeps up every now and then. Oddly, it concerns specific technology items, not Technology as a philosophical construct altogether. Is that where the error of thought creeps in; can’t have your tool and not eat the whole thing ..?

Please add your musings… And
DSCN0567
[Quiz: Prato or Pistoia ..?]

Maverisk / Étoiles du Nord