Archive for the 'computers' Category

06
May
14

Sunshine, strikes and software development

One of those days in England

One of those days in England

Tuesday was a beautiful spring morning and I got the train up to London. The English countryside looked gorgeous and green in the sun and the haze. A tube strike of course and people thronged the streets waiting for buses. Ah, after decades of  Corsets, Cash ISAs, and Caffe Latte, England is finally getting back to normal. About time the dustmen went on strike again isn’t it? Bring back the GLC.

I was heading for Infosec, the Information Security exhibition at Earl’s Court. I’m an old hand at this now: Quick sausage sandwich, a cup of coffee then a walk round the stands to see what’s current. The main point of these trips for me is to attend the education seminars. Not much really new to report but it’s still worth a look.

Advanced Persistent Threats are really just all the other threats put together and undertaken by governments in a relentless manner. The Stuxnet worm which attacked the centrifuges in nuclear processing facilities in Iran is an example.

People Talk a lot of Bollocks in Information Technology these days and part of this comes about because the industry is changing so fast. New themes emerge and people race to name them. The names get taken up by salesman who repeat them before the industry has really figured out what they mean. Cloud used to suffer in this respect though it is generally more understood these days. A seminar entitled “Actionable intelligence: Building a holistic security threat intelligence capability” demonstrated to me that the panel had not really understood the meaning of Actionable or Holistic.

A seminar entitled “‘Applification’ of business and implications for security: Securing software development” was interesting if a little meandering. The panellists discussed very pertinent issues around the security of software development. Security is often seen as a bolt on, developers are seldom given security requirements in the functional specs and, though one guy said that all developers should be security specialists, they all had to admit that finding good developers was difficult enough; finding security aware developers was almost impossible.

One pundit contrasted software development with engineering and this goes to the heart of why we still find IT systems which are not adequately secured. I recall working for an oil company close to where oil was “lifted”. A flare had been set up and, after discussing this with an engineer, I realised that he had not just stuck a pipe in the ground and hoped. He had been trained how to handle flares safely. He’d performed a formal safety assessment. What type of gas? How much gas? What was the location? He had then consulted his training or possibly relevant standards and created a mechanism with strictly defined materials, tolerances and capabilities.

This rarely happen in software development or IT projects in general. There is no recognised standard for software developers. There is no industry wide accepted training path that is comparable to engineering. Yes, standards, training and qualifications exist but they are not prerequisites. They are something to boost a CV. The main problem is that technology and the industry are still changing so quickly that standards and qualifications become redundant before they can get a grip. Further, software developers still regard themselves as creative. They like to invent clever new ways to do something where an engineer, though obviously creative, is more restricted in what he can get away with especially when safety is involved.

Probably the reason that standard are more easily enforced in engineering is that the outcomes are far more visible. If the gas flare mentioned earlier had resulted in a huge flame blowing dangerously close to a building then everyone would have known about it but a software short cut or “innovative” coding could go unnoticed until a vulnerability is finally exploited by an attacker.

The proliferation first of mini-computers and then PCs meant that many organisations chose to run their own IT functions and this led to a lot of inexperienced and unqualified people in the industry. I should know. It’s how I started. The on-going migration of software services to the Cloud may help by concentrating computing at locations where the technology and configurations can be standardised, the staff adequately trained & qualified and the overall organisation audited to ensure compliance with industry best practice.

But change is ubiquitous in IT and many of the most innovative companies are small so we can expect software development to continue in hothouse start-ups rather than mature, standard bound organisations. We should also be careful what we wish for. Many of us got intoIT because of the creative aspects and this was underlined last week by an article in The Guardian in which developers look back at BASIC computer language which is now 50 years old.

Security, reliability and availability vs fun and flying by the seat of your pants. Tough choice.

st malo beach

St Malo Beach

About these ads
04
Jan
14

Phones are smart but God would be cool

VALIS

If God did not exist, it would be necessary to invent him – Voltaire

What a miserable and irritating day in the office. Got out as soon as possible, pedal to the metal and switched on the vibes. Apple i-whatsit selected a good batch of loudness to blow away the office fug, kicking off with Sidewinders Sleeps Tonight (R.E.M), Walk (Neil Young) and Up All Night (Razorlight). It then started to mellow a little while remaining energising with George Michael and Aretha Franklin’s I knew You Were Waiting and by the time I hit Brighton was calming me down with a more contemplative Killing Me Softy by Roberta Flack.

How did it know what to play?

I have long suspected that there is a primitive intelligence built into i-Tunes but I have never bothered to investigate. If there is not then one day there will be. It would monitor number of plays, how far through the track you got before skipping, what other tracks were played on the same journey, how fast you were driving, how harshly you were accelerating and breaking etc. Technology is moving at breakneck speed, not so much in the invention of new technology (though this is occurring too) but in the integration and innovative use of what we already have based mainly on The Internet and Smart phones. The media bang on about how “powerful” smartphones are and they would have us believe that they “empower” humanity. Most absurdly they tell us that all this nonsense is“cool”. But is it?

A year or so ago I invented a system where the public could summon taxis via their phones. I say I invented it, I thought up the idea in a taxi after a night’s drinking but some young upstart got there first in the form of Hailocab. Upstart? Start up? What’s the difference? Good for them. Not to detract from the people who run Hailocab, as they are doubtless doing a great job, but the concept is bloody obvious and was just waiting for someone to cover it.

This is the state of much of our society. Gradually the instant communication and access to information is transforming society. Just this week I was told that one brand of smart phone can now be accessed from the touch screen control panel in my car and last week I noticed a Youtube button on my iPad and when I pressed it youtube migrated across to the telly. Then there are these bracelets which monitor your body and relay information to the phone and thence to the cloud and The (increasingly bizarre) Independent ran an article this week showing how heat maps of the human body can indicate different emotions.

Of course! Of course! Of course! Ubiquitous and seamless integration is what it’s all about. But away from the handset, in those massive data centres, two other phenomena are gaining ground. Big Data allows the system to understand massively complex datasets and Cloud Computing provides practically limitless power to crunch the data.

Put all this together and the office wallah of the future will still have a shit day at the office (probably an even more shit day) but when he gets to his car it will have much of the healing capabilities of Larry Niven’s Autdoc. The car will liaise with the person’s bracelet and embedded chip. It will access the company data and understand that the worker had spent most of the day on fucking Quarterly Reporting. Not only that but the nob-head who occasionally sits diagonally opposite had been at his desk that day talking shit like he always does. It will check the company restaurant data and realise that the fucking chips ran out and the coffee machine was broken again. It will analyse the workers bowel movements, check his diary for social engagements, check his medical records for past incidents, read the angry text messages from his girlfriend and gain a thorough and intimate understanding of our hero’s state of mind and body.

The car will then play the right music, set the right temperature, take the best route, hold the call from his mum and, as he nods off to a well earned snooze, deliver him home refreshed and with his mood much improved (MMI).

Good, good, excellent excellent!

Of course it wont stop there. All this will be going on constantly. This will not be a centrally controlled system. It will be a decentralised alliance of technology ostensibly under the control of each individual but, ah, there’s the rub. Maintaining control will be a pain and mean sacrificing functionality and oooooooohhhhh………we don’t like the sound of that do we. I bought a Smart TV last week and, after switching on for the first time, it asked me all sorts of impertinent questions and if I’d failed to agree to its Terms and Conditions “some functions may not be available” – Fuck That! – Click, Click, Click. Agree, Agree, Agree!

The system will, for example, learn that every time our man is in the same room as a certain woman the evening ends badly. It will therefore start “weighting” events which it suggests in attempt to do what’s best for him and it is in the “calibration” of such settings where things get interesting.

Our man could, of course, access some kind of life configuration screen and modify the thousands of parameters that have been set on his behalf but these could be mind bogglingly complicated. He’d attempt to tune it but would end up with a fridge full of spam fritters and taking the route through central London to work every day. “Reset it to the defaults” the help desk would advise.

Then there are the governments with their armies of techno-spooks who will attempt to rig the system either covertly, for their own ends, or overtly, for the public good. Recently the UK government considered tweaking the price of booze to stop us drinking. (Bastards!). In future this will not be guess work, it will be a science and it needn’t be the price that is modified, it could be a parameter named Tendancy2Pub which is used by all smartphones. Nudge theory and technology will coalesce and in the run up to the annual budget Jeremy Paxperson will interview a doctor on Newsnight who will advocate that the default value of Tendency2Pub be set somewhere between 12 and 17 while a representative from the British Beer and Pub Association will claim that simulations had shown that each point that the parameter drops below 25 means a loss of a thousand jobs. “Just look at Turkey where Tendency2Pub is set to 3 and which has massive unemployment. “Tosh” the doctor will scoff “studies have shown that Turkish unemployment is due to Respect4Education being set too low”.

Of course it wont stop there. The system itself will start to correlate Tendency2Pub and Respect4Education and all the millions of other parameters across all the nations of the Earth and will then consider that it knows better than the government and start tweaking the parameters by itself. Might it then be conscious? Alive? It will be interesting to see exactly when mankind realises what’s going on.

Sometimes I think that life may be no more than a lot of complexity rattling around making a nuisance of itself but the sticking point has always been self replication. It seems quite a feat for a lifeless molecule to suddenly start replicating and this is where the deities jump in to claim responsibility.

A recent TV program discussed the nature of DNA and appeared to suggest that replication wasn’t such a big deal after all and. If that’s the case, and life (and hence consciousness) is no more than the result of massive complexity, then we have to assume that the vast complexity of Internet connected paraphernalia must eventually become conscious. A Vast Active Living Intelligent System as the prescient Mr. Dick would have it.

So, rather than giving men the power of Gods perhaps the result of the explosion of technology will be confirmation of Voltaire’s aphorisms “Si Dieu n’existait pas, il faudrait l’inventer” (“If God did not exist, it would be necessary to invent him”).

Now that would be cool!

End of the World with a Poppy

End of the World with a Poppy

01
Apr
13

Gently Out Of My Mind

Buy Poppies at Fine Art America

Poppies

25
Apr
12

Infosec / Internet World 2012

chargebox

chargebox

I was up at Infosec on Tuesday. This is an Information Security exhibition at Earl’s court exhibition centre in London. The usual stuff. Hundreds of stands with steely eyed salesmen waiting for you to catch their eye so they can start reciting all the words they’ve memorised but do not understand. These days the stands all look pretty much the same as they have very few physical products to sell. Instead they sell “services”. They try to convince you that they’ve been doing this for years and the way they do this is to hire lots of attractive women to hand out leaflets and to dress al their salesmen in black polo shirts. Black, you see, means that they look look like hard core techy gurus….at least in the delusional minds of the sales and marketing staff who apparently run the event. This is the nub of the matter. While it’s true that information risk is evolving along with the systems and processes to control risk, in reality, in 2012 it’s a fairly mature cycle. ISACA were there promoting COBIT 5 and this has been developed so far now that it lists one area as “Ensure benefit delivery”. If we had time to audit that sort of thing then there would be no need for Infosec 2012.

Most of the presentations were packed and there were long queues to enter. I attended a few including quite good one on Spear Phishing. A Phishing attack is where an attacker sends an Email with an attachment or link which, when the user clicks on it, initiates a connection to The Internet and downloads malware to the target computer. These work because they fool a legitimate member of staff to initiate the attack and, as the user is already logged in, the attack bypasses many of the controls normally in place. Spear Phishing appears to mean a targeted phishing attack. This was of interest to me as I consider Phishing and Web Application Vulnerabilities to be high up there on the list of current threats.

Phishing attacks are hard to control as the code tends to be polymorphic but a company named PhishMe, Inc. had something quite clever. For a fee they will carry out a phishing attack on the staff at your company. However, if your user clicks on the attachment or the link then they will be presented with a warning and some training material on why they should be more cautious. The company collects statistics and the names of the people who are fooled. They claim that their service dramatically reduces the number of users who are fooled by phishing attacks.

One impressive innovation I saw was a tall orange stack of mini-safes named Charge Box each containing multiple mobile/smart phone charging connectors. The idea being that anyone low on juice could plug their phone in, close and lock the door, remove the key and wander around for a bit returning later to retrieve their freshly charged phone.

By lunch time the local pubs were heaving with besuited business types escaping Earl’s Court. I enjoyed a reasonable burger and pint in the Prince Of Tek on Earl’s Court Road.

At Earl’s Court 2 another exhibition was under way. This was Internet World and I found this to be more exciting. Less professional salesmen and more enthusiastic start ups, or so it appeared to me. A couple of companies selling their services to develop web apps, one with a starting price of less than a thousand pounds. Another company, named Mode360, were selling a contraption about the size of an old fashioned TV. This included a turntable, some lights and a Digital camera. The idea with this was that you plonk your product on the turntable and switch on. The machine then, rotated the product and photographed it through 360 degrees and the attached computer produces a file which can be embedded in a web page to allow your customers to rotate your product on line to get a better look at it. We’ve seen this with the way many mobile phones are sold online. The guy described this as a “money making machine”. He may have been right.

Buy Art Photography by Nigel Chaloner

Buy Art Photography by Nigel Chaloner

22
Apr
12

Conway’s Game of Life

Back in the year dot I worked on a computer called a PDP11 made by Digital Equipment Corporation. This had 96K (yes K) of RAM and ran an operating system named RSTS/E. I used to do the night shifts working this thing to run batch jobs to spew out mountains of paper and much of the time was spent waiting, reading or exploring how the system worked. Along with the OS came a handful of primitive games. Bull and Cow, Animal, that sort of thing.

Another game, which I didn’t understand at the time, was a one dimensional implementation of Conway’s Game of Life. I say one dimensional as it would push out one row of symbols at a time. Life was not so much a game as a demonstration of how simple mathematical rules can produce spectacularly complex results. To quote Wikipedia: The Game of Life is a cellular automaton devised by the British mathematician John Horton Conway in 1970.

These days the Game of Life is available as a Java app so we can experiment ourselves. Some guy has even written a 3D version though this looks a bit messy.

To really get the feel of how mind blowing the Game of Life is, check out this video. As the maker of the video states, all the patterns created are derived from two simple rules. More facinating still is the the fact that the gap between patterns known as “spaceships” are prime numbers.

If you’re really interested then check out this video where Conway talks about Life.

st malo beach

St Malo Beach

06
Nov
11

Sunday Fry Up and the scientific method

fry-up

fry-up

I was perusing the obesity statistics on Nationmaster.org, as one does after a large fry up on a Sunday morning, and clicked the word correlations  top right.

Some years ago, when thinking about Chaos Theory and the butterfly effect, I considered technological progress and speculated that, one day, it might be possible to collate lots and lots of data, on all sorts of subjects, and crunch it for correlations. It might be possible to show that diabetes in the UK was related to tin production in Chile.

The scientific method would be turned on it’s head. Conventionally boffins sit about ruminating all day. When they think of an idea, they yell Eureka, write down a theory and then spend years and years getting the data together  to prove the theory. I take liberties with my description but you get the general idea.

If, instead, it were possible to accumulate lots an of data and automatically look for correlations then the scientists might be able to retrospectively develop theories as to why the data correlated. The advantage, as I see it, would be that they would know where to look.

It seems that all this is now possible and the greatest correlation for obesity is Teenage Birth Rate though there are also correlations with “secure servers” and “pride in one’s nation”. Now I don’t know if these correlations are significant and I do understand that correlation is not cause but it seems to me that this is a very useful tool for scientific research.

The danger, of course, is that, like everything else, we will use this merely to make society more efficient. No scientists will sit and wonder just for the hell of it. The corporations will decide the agenda. The rat race will be further fine tuned to ensure that we all eat correctly and consider that eight different flavours of coffee amounts to democracy. But I digress……

20
Sep
11

Painting on an iPod Touch by Seikou Yamaoka

This is an amazing video of a guy named Seikou Yamaoka using just his fingers to “paint” on an iPod touch using a app named ArtStudio.




Enter email address to receive notifications of new posts.

Join 174 other followers

Images

orange

Traffic Lights

Dust Motes

Sunflower

Sunflower

Sunflower

Bees & Sunflower

Sunflower

Sunflower

Sunflower

More Photos

Jonesxxx on Twitter

October 2014
M T W T F S S
« May    
 12345
6789101112
13141516171819
20212223242526
2728293031  

Follow

Get every new post delivered to your Inbox.

Join 174 other followers