There we have it; botcracy

As we turn the leaf towards a new year, let’s not forget what values – in operation, operationalised – protect our Human Rights, in the form of de-mock-racy, and how they are ever so quickly being repelled by, e.g., AI and fake news but in particular, the deployment of bots as here.
Yes I know, that’s three layers of tools but still, the focus is on the first two but the latter plays almost the foulest role.
Yes I know, the ‘operationalised’ part may need elucidation on the side of ‘transparency’, ‘access and inclusion’ etc., but when you read after the link, you’ll understand that the issue is society-wide, not just FCC / net-neutrality.

Well, that was a quicky… hence:
[München, for zero (as in: 0.0) reason]

Unsider threats

How is it that we tend to hear over and over again about ‘insider’ threats ..?
Even when it’s not the Board that is meant here, as the pinnacle of … the ability to drive a company into the ground, those pesky ‘insiders’ really are a pain in the place where you like that or the sun doesn’t shine.
Better get rid of any and all of those ‘insiders’ then, eh ..? AI here you come. But if AI system(s) would be a replacement for humans, wouldn’t they commit the same temporary, small, innocious and unconscious lapses of judgement..?
And what about off-boarding the biggest threats first ..? [Where I do men the above committee]

Maybe better to recall that we’re about to celebrate the fifteenth birthday [was there ..!] of deperimetrisation – with an s once you recognise its country of birth, and disclaim an all-out stupid Jabba the Hutt style claim of origin so no z’s anywhere – who’s an -sider when there’s no way to tell ..?

Also, it villifies the underlings that make your salaries and bonuses so if you punish them (by giving them less reward than yourself), they don’t get mad. They get even. Simple. You gave them the tools You made them build their own tools superficially to keep you afloat but you wouldn’t recognise a buoy from an anchor so guess what you get… And when you’ve lost them, they aren’t much of the insider you’d want, right; morally they’d be on the outside again already.
Case in point: This miss by the venerable @HarvardBiz … Though the solutions offered, are valid – as very-starting points…

So Part I – Ω is to treat your underlings like you care. If, big if, you actually mean it (hence will not in an instant be found out to be a fraud at this), you’re saved for now. Otherwise, no fight against <whatever>sider threats, will be futile. Remember this ..? You get treated like you treat, it starts with you – your intentions towards the other, will be perceived. Positive/negative, the choice is yours.

Oh well. Plus:
[Some light’s also good for the inside; Utrecht (1924 ..!)]

Now you read me, now you don’t

As a pointer to what this is about…
You know, like the oldest tricks in the book, still going strong when all the world’s (worlds’?) arms’ races are going nowhere. As predicted. Where the title of course doesn’t reference a major part of the sec controls, stego.

But that’s a finesse point. Let’s be happy that research into faster horses continues, with results.

[Stylish; what’s hiding here ..? Even when you know where]

Toepasselijke infosec

Hoe is ook anders te verwachten van een museale aangelegenheid, dan dat deze als wachtwoord minimaal 6 characters waarvan 1 hoofdletter en 1 special character eist, in tijden dat al tijden duidelijk is dat dit a. onder het vroegere, ooit-eens regime al irrelevant zwak was b. door de NIST-paper(s?) allang achterhaald is. En mijn passphrase is er natuurlijk nevernooit in te vrotten – de werkelijk veilige manier van wachtwoordgebruik is te modern ..? Hoe lang moet iets achterhaald, verouderd, dysfunctioneel zijn voor de museumclub dat oppikt en in depot neemt, niet aan de voordeur laat staan?

Ach. En:
[Wachtwoord: MVSEVM]

Gee… DPR on Profiling

This again about that pesky new legislation that just won’t go away not even before it will be legally-effectively enforced [as you know, the thing has been around already for a year and a half, but will only be enforceable, in pure theory, per upcoming May 25th but your mileage may (huh) vary greatly – when Risk = Impact x Chance [don’t get me started on the idiocy of that, as here of 2013, Dec 5th – Gift time!] the chance is Low of Low and Impact can be easily managed down, legally yes don’t FUD me that will be the truth, the whole and nothing but it. So it will be legally effective but not in any other sense let alone practically].

For those interested, there’s this piece on Profiling. That has, on p.16 last full para (‘systems‘ that audit ..!?), p.19 3rd para from the bottom “Controllers need to introduce robust measures to verify and ensure on an ongoing basis that data reused or obtained indirectly is accurate and up to date.“, p.30 in full and many other places, pointers towards … tadaaa,

Auditing AI

with here, AI as systems that process data – as close to ‘systems’ in the cybernetic sense as one may get even when needing the full-swing wormhole-distance turn of the universe consisting not of energy but of information to abstract from the difference between info and data.

Where I am developing that auditing of AI systems as a methodologically sound thing. And do invite you to join me, and bring forward your materials and ideas on how to go about that. Yes, I do have a clue already, just not the time yet to write it all up. Will do soon [contra Fermat’s marginal remark].

Oh and then there’s the tons of materials on how anyone (incl corporate persons) will have to be able to explain in no complex terms (i.e., addressing the average or even less clever) how your AI system works…

So, inviting you, and leaving you with:
[What corks are good for, well after having preserved good wine – decoration. Recycle raw materials, don’t re-use data! Ribeauville]