Innovation – Page 2 – Maverisk / Étoiles du Nord

Intermediate Golden Oldie

This time, it’s not a Friday thing. Must be due to Daylight-no-more-Savings Time or so. But without further ado, the Golden Oldie Pic of the Day, with much ‘better’ versions of the same being around, somewhere…:

It doesn’t matter

A great many before me have discussed the merits pro and contra using contractors instead of perm contracted staff.
I will still give it one more go. Since lately, there has been some back and forth again about motivational issues and how certain is one in one legal contract situation compared to the other hence how motivated can one be and why the need to cater to so different audiences as ‘manager’.
The thing is
It doesn’t matter:

When investigating the differential motivators, one invariably ends up with the same motivators, and much the same demotivators (nicely depicted here of course still going strong, since tout a continué).
This, coupled with:

Financially, you’ll have to pay for income taxes (buy side yes), holidays, sick days, etc.etc. (welcome to Europe!) and all of the administration surrounding that when you hire someone on a perm contract. If you hire a contractor, not so much; all costs are for the contractor
You’ll also have to pay for continued education and a company car for perm contracters. For contractors, not so much; all costs are for the contractor
Add in a ton for pension contributions (we’re still in Europe). For contractors: Nope.
How about severance packages? (Oh, shouldn’t differ much…)
Going through the calculation motions, it is little wonder that fully loaded costwise, a perm contractor will cost you 2,5-to-3,5 times per hour what a contractor bills you
And your perm contractor is scientific reasearch confirmed actually productive for four (upper bound) to two (lower bound) of any eight-hour working day. Your contractor can only bill you for two hours slippage per day, at most
You can even expect to pay more for the above motivators when dealing with perm staff. Contractors behave more mature and don’t need as much of everything

clearly leads in one direction. Isn’t there a catch ..? No, only if you’re Mr Tax Man; then, you’re the one losing out. Otherwise, you as an employer can gain seriously even when paying out ‘huge’ hourly rates to contractors.

Remember that.

Your comments, please.

Mash-disappearance ..?

A shortie again: Whatever happened to the idea of ‘mash-ups’..? You know, the slam-together of bits and pieces of ‘other’ apps (-their functionality) to produce your own, with even better service delivery.
Just wanted to know; every now and then one tends to think back to the glorious days of (almost literally) yesteryear, when the newest of the newest trends would change the world and after a, despite the excitement over all the new things, good night’s sleep one tends to find that not much of the earth-moving improvements in human life have materialised. This being one of those things.

So, from all you Developers, I’d like to stand corrected …? And:
[Navigation (tool) at the edge of the known world; Ponta de Sagres]

Fog(gy) definitions, mist(y) standards

If you thought that containers were only something to ship wine in, by the pallet, you a. would be right, b. would maybe have overslept on the new concept, c. would not mind I introduce the next thing, being fog computing. I’m not making this up as a part, or extension, of low-hanging cloud computing.
You think I’m kidding, right? Or, that I should have called it mist computing which is a thing already but only a somewhat different thing… You’re still with me?

Then it’s time to read up. And weep. Over this here piece that sets the standard, quite literally.

There. You see ..? Indeed low-hanging, as in the stack … That wasn’t so hard. But implementation will be, if required to be secure. Have fun, will TLS. Or so.

OK, this post was as it stated just an introduction to the IoThing – I was serious though about the Go Study part. Plus:
[Cloudy top cover, smiley backside of a place of worship; Ronchamps FR]

3D of the nudging to simplest infosec behaviour

Before you’re put off by the title its complexity … [Oh. You clicked. Wave function collapsed long before; ed.] This post is about improving the People part of infosec. Beyond the mere ‘awareness’ that begets you … a couple of days’ attention, then slippage into muchlessofthesame.

Two roads away from the dead end you were in, open up:

Nudging. Which is about small, inobtrusive and non too brainwashing incentives and disincentives, rewarding and penalising the good and bad so that ‘users’/people choose to do right without having to rationalise through all sorts of intricate, overly (sic) complex lines of reason why some shimmy is better than another twist. Just gently guide, don’t Law and Forbid. [Edited to add: This post was drafted and schedules for release weeks ago, before that Nobel Laureate was awarded his medal for this very method…]
Secure simplest option. Like the great many traffic controls; no traffic lights but roundabouts – the former, can be run through at high speeds in the middle of the night (and other times); the latter, require slowdown or you’re thrown off the road. The secure solution being the obviously simplest – the simplest solution being the secure one. People will take the simple road in stead of the difficult one. Better make the simplest one the safest. Not require the user to jump all sorts of complex hoops for safe behaviour! Like password complexity rules: The more you make them ever more difficult, the harder it is for users to resist finding loopholes and escape vents like writing them up (which isn’t a bad solution per se, but …). And in the end, you’ll loose the arms’ race against skillful attackers anyway; at the point where their smartness is hardly less than benign users need to get into your systems, you’ll have to revert to some other way anyway (re: dead end roads).
Ah, I’m not one for counting all that simple…
Smart trickery. This of course being a perfect example … a 3D zebra (road-crossing). Many great, very-marketable other such solutions may exist, to your (image’s!) advantage.

Now that you’ve read the above, how would you change your infosec ‘controls’ throughout …? Like, filling out the last matrix of this, in a smart way and changed to general infosec …?
For an additional bonus, outline how you apply this to your GDPR-compliance efforts… And:
[Advertising the trust you can have in this Insurance co.; Madrid]

‘Code, you know

Recently, I was reminded again that keeping up with appearances of developments, in the IT field are difficult. And placement of commas is an art if you wondered. The culprit in this instance was this here among various articles about Low Code / No Code as a thing. The placement of intermissions is, too.

Well, I’d rather be a fan of Do Code… But I’m unsure whether that still flies, other than in classrooms around the world but not your local prep / grammar school that sorely falls behind in prepping children (‘kids’ is for their parents with diminished language competencies) for the nearest of futures.

Oh well. Just go out and yolo- / NoLoCode… Plus:
[What beautiful ~~Frank Lloyd Wright~~ just Jeruzalemkerk Amsterdam]

Forever young, immature infosec

Sometimes one feels like one’s in a partial Gourndhog Day or 2:22 …
When 7 december 2006, there was this meet about the maturity of infosec, as a field. Which was compared, by Yours Truly, to the then (and now!) equally immature IS audit world – which had a couple of decades more under its development belt but ~~was~~ is still quite immature still.

Then there’s the first paragraph of this. ’nuff said..?

And:
[This, still fresh which is a different thing …; Barça of course]

Some Quotum of Questions of Quantum

Am I the only one with questions how the following intertwine:
An article on how quantum-secured blockchain may be so safe, but possibly not in the hands of whom you’d want it? If in anyone’s hands at all, since no-one can be trusted forever; if you wouldn’t believe that, you declare yourself incapable of discussion on this subject…
A most brillant blog post on a related subject.
An equally insightful piece on how blockchain-of-command would lead to Totalitarianism.
An equally … Being the Why Johnny Can’t Encrypt, 2017 version. Notably, the previous versions hadn’t been patched properly…

So, you see a Perfect Storm or what ..?

Plus:

[Why did you cross the street, you chicken? M’drid]

Nudge, nudge, wink, wink, know what infosec behaviour I mean?

Am working on an extensive piece, a long-longread, on as many aspects of behavioural change towards true ‘secure’ user behaviour as I can cram into text. I.e., moving beyond mere full ‘awareness’ as phases 2/3 of this, to phase 4. Strange, by the way, that there is in that no end ‘phase’ or cycle in which one finds out to have been in phase 4 already for some time but didn’t notice and now forgets just as quickly as that seems ‘logical’.

But back to today’s subject, which is the same, but on a tangent. My question to you dear readers [why the plural, or >0 ..?] is:
Would you have pointers to (semi)scientific writing on the use of nudges to (almost)stealthily change (infosec-related) behaviour ..?
I could very much use that. Other sectors of human behaviour influencing studies have ample info on the effectiveness of such nudges, but for infosec I’m still with Googlewhack-like results.

Thanks in advance… Plus:

[The ways to seek prosperity from misery; EPIC Dublin]

Autoflexelec

Oh (not like here though supported) when will EVs be useful? Like, being available with diesel range (1000kms, seriously! I seriously need that) and station car luggage space (660/1950ℓ – yes really need that, too), at a fair price (which is 2nd hand, not even a fifth of what 40%-featurematching EVs go for today).

No, I’m not going electric today because EVs will get better in a couple of years. I’m not going to waste buckets of money and opportunities by sitting out those years with a severely underperforming car. If others do that; that’s their bad decisions.
But wait; there’s hope around the corner (of the Cobra, Málaga–Ronda and v.v. kind): When we have electric (?) autonomous trucking sometime soon (like Big T is proposing or already developing), the results might be scaled down to anything in the range, in due time. And/or current auto-elecs are scaled up considerably. Squashing my own hope, this will take a couple of years.

By lack of proper alternatives, trying to do away with fully functional transport, is an attempt to hinder the due functioning of society; to be categorised as illegal.

I rest my case. And:

[Once upon a time, in a world far, far away (i.e., not so far Valencia), training was Fashionable]