Category Archives: computers

social media – virtual telepathy


Remember Science Fiction? No not that stuff with leather suits and spaceships that go whoosh. I mean stories about the future written in the past. The sort of Science Fiction that sparks your imagination not dulls your intellect.

Back in the ‘80s I subscribed to two magazines; Analog and Omni. Analog had been going since the 1930s and was a slim novel size magazine printed on pulp paper. Omni was the young upstart. A full colour glossy launched in 1978. Between them they presented ideas from science and technology. Many of the ideas are now mainstream but Analog and Omni got there first. Remember fractal images on old PCs? Omni ran articles about fractals before home PCs existed. The concept of memes has now been so debased as to mean a trending tweet but Omni covered memes years ago. Mars landings? Analog covered that in June 1981.

In my late teens and early twenties I read this stuff and regurgitated it down the pub. The reaction of my friends was mixed; the usual talk was of motorcycles and drinking. The potential for secret messages embedded in the waffle blurted out by talk radio hosts was not something they normally considerred.

Ben Bova, Orson Scott Card, Freeman Dyson, Alvin Toffler, William Gibson, William Boroughs. The magazines were not short of quality contributors. Some of those old stories stuck with me because they were based on thoughtful insights regarding the nature of humanity in a changing technological world. Regular readers may recall references to The Marching Morons.

Today, memories of another story arose through the cobwebs of decades though I can’t recall the title. It was about a group of astronauts who returned to Earth after many years in space. As they surveyed the earth they realized that a great catastrophe had taken place. The cities lay in ruins. The people were all dead. Wild animals roamed freely. After some observations they noticed that something else was going on. Tigers roamed the world and now hunted in packs.

I’ll cut to the chase. The people of Earth had figured out how to become telepathic and decided to make everyone on Earth telepathic by means of a kind of massive irradiation of the planet as far as I can remember. Suddenly everyone knew exactly what everyone else was thinking and the results were predictable. Pandemonium ensued, along with rioting and massive blood letting. Mix in the fact that all the animals also had became telepathic and you have packs of tigers working together to become formidable hunters.

In short, if we all knew what everyone else was thinking then civilization would collapse.

So what brought this to mind? Why am I reminded of this today? Because we all now know what everybody else is thinking. A brief glance at social media reveals the uninformed blinkered prejudice. The hate and the bile. The ranting self riotous bigotry. From all areas of the spectrum. All of us. All we need is to see something with which we disagree and we feel the need to sound off like Adolf fucking Hitler safe in the spurious certainty of our own morality. Digital media seems to have enabled a very general form of telepathy. The mass expression of our collective unconscious is now visible to everyone and it’s not pretty.

Saturn Devouring His Son
Saturn Devouring His Son

All of our dark demons and paranoid fears are expressed online. It’s popular today to dismiss the teaching of the Classics but I wonder if their emphasis on primal fears and almost Jungian archetypes may have been good lessons in the risk of unrestrained negative emotions which social media lies bare.we are all susceptible.

Every politician who’s views contradict our own becomes a Nazi, every actor who stumbles over some politically correct phraseology becomes a racist. Every Muslim becomes a terrorist. Every American an imperialist. Every union leader a Trotskyist, every discussion of World War 2 liable to allegations of anti-Semitism. Every motive assumed to be malicious. The online world seems now like an ancient Greek epic poem with evil tyrants, traitors and conspiracies.

These days the leading experts in Artificial Intelligence (AI) are the social media companies like Google and Facebook. Their algorithms absorb everything we write. Every time we rant our abuse that sentiment is noted.

When scientists go on telly and bang on about their AI systems assimilating knowledge they mean all the good stuff but they ignore the vast quantities of drivel that their systems are accumulating. The current obsession with screen controlled apps may soon give way to voice control apps. Microsoft have a voice controlled version of Outlook. Other companies make voice controlled computers for accessing the web. I can already yell commands at my smartphone. All this means that “the system” will be listening to us ALL THE TIME.

Civilization relies on trust. It is nurtured by discretion, politeness and respect. It requires a suppression of our knee jerk reptilian brain responses. Our hate and our fears. But the Internet is ever watchful. It reads our tweets and it sees our microexpressions. As the algorithms observe and learn they embed neurosis and psychosis at the heart of the system. As our subconscious thoughts are revealed what hope is there for trust?

Perhaps I’m too pessimistic. In an article on the BBC web site today, the prescient Charlie Brooker states: “There may be a lot of toxicity online, but I think eventually humans will work out a code of conduct without the need for legislation”. Looking at the candidates for the position of world’s top legislators I’m not encouraged. Many parts of the Clinton / Trump debates seem little more than irate trolling. It’s baffling that a nation as educated and privileged as the United States, with an adult population of nearly 250 million people, has boiled down its leadership prospects to these two…….ahem……people.

The Minimum Systems Requirements Scam

the upgrade cycle
the upgrade cycle

The technology industry is not short of scams and the media don’t shy away from reporting them. Newspapers, blog sites, Facebook all warn us of Nigerian 419s, phishing attempts or cold calls with fake investments.

But there’s one scam ubiquitous in the technology industry which we all accept with glum resignation. Let’s call it the Minimum System Requirements Scam. Moore’s law has given us faster and faster processors for years and with faster computers the maker of Operating System (OS), such as Windows and Apple OS, have loaded more functionality into their offerings. The paradigm seems to be that if the hardware can handle more load then the OS should that load. Each time we give up on our old hardware and fall for the industry line that we need more power the OS vendor steps in and steals most of that power.

Now don’t get me wrong. Software has come a long way since MS DOS but the scam is not in creating bigger software for more powerful computers. The scam is that the vendors lie about the Minimum System Requirements for their software.

My iPhone 4 worked fine with IOS 6 which it came with it. Stupidly I upgraded it to IOS7 and it now runs like a pig. My Macbook pro, with 4 gig of ram and a 2.5 GHz processor, ran fine with Snow Leopard. It ran a bit slower with Lion but what really screwed it was Mavericks. Think that’s reasonable? In 1992 my Amiga 4000 had a 25 MHz processor and 1 meg of RAM and multi-tasked better than ANYTHING on the market today. When your Windows PC or Mac are just sitting there stuck and there’s loads of free RAM, the processor is not overloaded and the disk is not thrashing you have to wonder about the quality of the code. I’ve just upgraded by iPad and it’s slow. Apple would never release a new product as sluggish as this but that’s OK because they already have my money. You have to wonder whether the vendors are deliberately slowing things down to force an upgrade.

None of these upgrades should have been a problem because the hardware in question conformed to Apple’s Minimum System Requirements. I have no experience of Google Android and Chromebook but Microsoft are equally guilty.

Of course I didn’t have to upgrade so why did I? The two drivers for upgrading are the same as those for investing: Greed and fear. Fear in the form of the vendors ceasing to supply security patches for older OS versions and greed in the form of new applications requiring the services only present in a more recent OS.

There is some legitimacy in both these factors but only some. In the old days an OS was released with outrageous security flaws. In fact they were not secure at all but that was OK because we didn’t use them for anything serious. As computing has become ubiquitous the vendors have given more thought to security but vulnerabilities are still regularly discovered and part of the reason for this is that new OSs still contain a lot of old code.

Applications requiring services from a newer OS is also legitimate though one does have to wonder how long this farce can go on. The OS must one day mature. For what other product do we accept that it will just stop working? How would it be if your TV just got slower and slower and one day you tried to watch Family Guy and a message came up saying that this program was not compatible with your current OS? In fact microprocessors are in everything these days and Smart TVs are basically big tablet computers. Will the manufacturers continue this deception with the software in our cars? You break but, sorry you need more RAM, so the breaks don’t come on in time.

Security and advanced services will continue to drive the upgrade cycle for a while yet but vendors would do us all a favor and enhance their reputation by being honest about Minimum System Requirements. If an iPhone 5S is not going to cut it for the latest version then bloody well say so.

Longer term the whole paradigm will probably change. Hardware such as tablets and handsets are getting cheaper and cheaper and these days no one writes code with any of the core functionality on the user side. New entrants to the OS market such Alibaba have a chance to start from scratch. They could develop a mature and stable architecture with tightly written code. The future is probably disposable handsets with all the data and functionality in the cloud.

Then all I’ll have to gripe about is the monthly bill.

Buy Poppies at Fine Art America

Cyber Crime – Make the Vaccine Free

Think of the children
Think of the children

Today I was heartened by the success of the IT Security community in protecting a most valuable asset. No, I don’t mean your customer banks details or copyright music or state secrets. I am, of course, referring to the International Standard for Information security ISO 27001.

ISO27001 are a collection of standards which list numerous actions or “controls” which may be implemented to protect information against cyber-crime. The controls have been assembled into a unified framework so that they can be more easily addressed and reviewed. All terribly dull and awful of course.

But wait! In the right hands, these standards are extremely useful and one would assume that the goal would be to distribute them to the IT Community as quickly as possible so that their recommendations might be implemented. Distributed not only in their raw (and ghastly) PDF format, but in CSV or Excel format which a security professional might actually be able to use.

Not a bit of it. The guys at The International Standards Organisation (ISO) have apparently got the wrong end of the stick and have done their damnedest to ensure that it is nye on impossible to get a hint of the content of these standards without putting one’s hand in one’s pocket. The ISO27001 documents appear to be the only documents in the world protected by every single one of the bloody ISO27001 controls even right down to: If you try to google it you get a millions companies trying to flog you something before you find any meat about the standards themselves.

In my experience,  many companies have a go at IT security and end up with poorly written controls and incomplete coverage. By the time the control text reaches the techy it is frequently gobbledegook. A simple solution would be to make these standards free too everyone.

What is frustrating is that the work to devise a solid control framework has been done; the text exists and is owned by the International Standards Organisation. They will argue that it is reasonable that they, and their associated companies, charge for copies of standards as they need to be maintained and updated but, given the prevalence of cyber-crime and the threat posed to everyone, one might be forgiven for thinking that this is an emergency and copies of ISO 27001 in useable formats should be made available for free download on the ISO web site.

If cyber-crime were HIV and ISO27001 were a vaccine then the world would be crying out for this.

Think of the children! Think of the children!

Sunshine, strikes and software development

One of those days in England
One of those days in England

Tuesday was a beautiful spring morning and I got the train up to London. The English countryside looked gorgeous and green in the sun and the haze. A tube strike of course and people thronged the streets waiting for buses. Ah, after decades of  Corsets, Cash ISAs, and Caffe Latte, England is finally getting back to normal. About time the dustmen went on strike again isn’t it? Bring back the GLC.

I was heading for Infosec, the Information Security exhibition at Earl’s Court. I’m an old hand at this now: Quick sausage sandwich, a cup of coffee then a walk round the stands to see what’s current. The main point of these trips for me is to attend the education seminars. Not much really new to report but it’s still worth a look.

Advanced Persistent Threats are really just all the other threats put together and undertaken by governments in a relentless manner. The Stuxnet worm which attacked the centrifuges in nuclear processing facilities in Iran is an example.

People Talk a lot of Bollocks in Information Technology these days and part of this comes about because the industry is changing so fast. New themes emerge and people race to name them. The names get taken up by salesman who repeat them before the industry has really figured out what they mean. Cloud used to suffer in this respect though it is generally more understood these days. A seminar entitled “Actionable intelligence: Building a holistic security threat intelligence capability” demonstrated to me that the panel had not really understood the meaning of Actionable or Holistic.

A seminar entitled “‘Applification’ of business and implications for security: Securing software development” was interesting if a little meandering. The panellists discussed very pertinent issues around the security of software development. Security is often seen as a bolt on, developers are seldom given security requirements in the functional specs and, though one guy said that all developers should be security specialists, they all had to admit that finding good developers was difficult enough; finding security aware developers was almost impossible.

One pundit contrasted software development with engineering and this goes to the heart of why we still find IT systems which are not adequately secured. I recall working for an oil company close to where oil was “lifted”. A flare had been set up and, after discussing this with an engineer, I realised that he had not just stuck a pipe in the ground and hoped. He had been trained how to handle flares safely. He’d performed a formal safety assessment. What type of gas? How much gas? What was the location? He had then consulted his training or possibly relevant standards and created a mechanism with strictly defined materials, tolerances and capabilities.

This rarely happen in software development or IT projects in general. There is no recognised standard for software developers. There is no industry wide accepted training path that is comparable to engineering. Yes, standards, training and qualifications exist but they are not prerequisites. They are something to boost a CV. The main problem is that technology and the industry are still changing so quickly that standards and qualifications become redundant before they can get a grip. Further, software developers still regard themselves as creative. They like to invent clever new ways to do something where an engineer, though obviously creative, is more restricted in what he can get away with especially when safety is involved.

Probably the reason that standard are more easily enforced in engineering is that the outcomes are far more visible. If the gas flare mentioned earlier had resulted in a huge flame blowing dangerously close to a building then everyone would have known about it but a software short cut or “innovative” coding could go unnoticed until a vulnerability is finally exploited by an attacker.

The proliferation first of mini-computers and then PCs meant that many organisations chose to run their own IT functions and this led to a lot of inexperienced and unqualified people in the industry. I should know. It’s how I started. The on-going migration of software services to the Cloud may help by concentrating computing at locations where the technology and configurations can be standardised, the staff adequately trained & qualified and the overall organisation audited to ensure compliance with industry best practice.

But change is ubiquitous in IT and many of the most innovative companies are small so we can expect software development to continue in hothouse start-ups rather than mature, standard bound organisations. We should also be careful what we wish for. Many of us got intoIT because of the creative aspects and this was underlined last week by an article in The Guardian in which developers look back at BASIC computer language which is now 50 years old.

Security, reliability and availability vs fun and flying by the seat of your pants. Tough choice.

st malo beach
St Malo Beach

Phones are smart but God would be cool

If God did not exist, it would be necessary to invent him – Voltaire

What a miserable and irritating day in the office. Got out as soon as possible, pedal to the metal and switched on the vibes. Apple i-whatsit selected a good batch of loudness to blow away the office fug, kicking off with Sidewinders Sleeps Tonight (R.E.M), Walk (Neil Young) and Up All Night (Razorlight). It then started to mellow a little while remaining energising with George Michael and Aretha Franklin’s I knew You Were Waiting and by the time I hit Brighton was calming me down with a more contemplative Killing Me Softy by Roberta Flack.

How did it know what to play?

I have long suspected that there is a primitive intelligence built into i-Tunes but I have never bothered to investigate. If there is not then one day there will be. It would monitor number of plays, how far through the track you got before skipping, what other tracks were played on the same journey, how fast you were driving, how harshly you were accelerating and breaking etc. Technology is moving at breakneck speed, not so much in the invention of new technology (though this is occurring too) but in the integration and innovative use of what we already have based mainly on The Internet and Smart phones. The media bang on about how “powerful” smartphones are and they would have us believe that they “empower” humanity. Most absurdly they tell us that all this nonsense is“cool”. But is it?

A year or so ago I invented a system where the public could summon taxis via their phones. I say I invented it, I thought up the idea in a taxi after a night’s drinking but some young upstart got there first in the form of Hailocab. Upstart? Start up? What’s the difference? Good for them. Not to detract from the people who run Hailocab, as they are doubtless doing a great job, but the concept is bloody obvious and was just waiting for someone to cover it.

This is the state of much of our society. Gradually the instant communication and access to information is transforming society. Just this week I was told that one brand of smart phone can now be accessed from the touch screen control panel in my car and last week I noticed a Youtube button on my iPad and when I pressed it youtube migrated across to the telly. Then there are these bracelets which monitor your body and relay information to the phone and thence to the cloud and The (increasingly bizarre) Independent ran an article this week showing how heat maps of the human body can indicate different emotions.

Of course! Of course! Of course! Ubiquitous and seamless integration is what it’s all about. But away from the handset, in those massive data centres, two other phenomena are gaining ground. Big Data allows the system to understand massively complex datasets and Cloud Computing provides practically limitless power to crunch the data.

Put all this together and the office wallah of the future will still have a shit day at the office (probably an even more shit day) but when he gets to his car it will have much of the healing capabilities of Larry Niven’s Autdoc. The car will liaise with the person’s bracelet and embedded chip. It will access the company data and understand that the worker had spent most of the day on fucking Quarterly Reporting. Not only that but the nob-head who occasionally sits diagonally opposite had been at his desk that day talking shit like he always does. It will check the company restaurant data and realise that the fucking chips ran out and the coffee machine was broken again. It will analyse the workers bowel movements, check his diary for social engagements, check his medical records for past incidents, read the angry text messages from his girlfriend and gain a thorough and intimate understanding of our hero’s state of mind and body.

The car will then play the right music, set the right temperature, take the best route, hold the call from his mum and, as he nods off to a well earned snooze, deliver him home refreshed and with his mood much improved (MMI).

Good, good, excellent excellent!

Of course it wont stop there. All this will be going on constantly. This will not be a centrally controlled system. It will be a decentralised alliance of technology ostensibly under the control of each individual but, ah, there’s the rub. Maintaining control will be a pain and mean sacrificing functionality and oooooooohhhhh………we don’t like the sound of that do we. I bought a Smart TV last week and, after switching on for the first time, it asked me all sorts of impertinent questions and if I’d failed to agree to its Terms and Conditions “some functions may not be available” – Fuck That! – Click, Click, Click. Agree, Agree, Agree!

The system will, for example, learn that every time our man is in the same room as a certain woman the evening ends badly. It will therefore start “weighting” events which it suggests in attempt to do what’s best for him and it is in the “calibration” of such settings where things get interesting.

Our man could, of course, access some kind of life configuration screen and modify the thousands of parameters that have been set on his behalf but these could be mind bogglingly complicated. He’d attempt to tune it but would end up with a fridge full of spam fritters and taking the route through central London to work every day. “Reset it to the defaults” the help desk would advise.

Then there are the governments with their armies of techno-spooks who will attempt to rig the system either covertly, for their own ends, or overtly, for the public good. Recently the UK government considered tweaking the price of booze to stop us drinking. (Bastards!). In future this will not be guess work, it will be a science and it needn’t be the price that is modified, it could be a parameter named Tendancy2Pub which is used by all smartphones. Nudge theory and technology will coalesce and in the run up to the annual budget Jeremy Paxperson will interview a doctor on Newsnight who will advocate that the default value of Tendency2Pub be set somewhere between 12 and 17 while a representative from the British Beer and Pub Association will claim that simulations had shown that each point that the parameter drops below 25 means a loss of a thousand jobs. “Just look at Turkey where Tendency2Pub is set to 3 and which has massive unemployment. “Tosh” the doctor will scoff “studies have shown that Turkish unemployment is due to Respect4Education being set too low”.

Of course it wont stop there. The system itself will start to correlate Tendency2Pub and Respect4Education and all the millions of other parameters across all the nations of the Earth and will then consider that it knows better than the government and start tweaking the parameters by itself. Might it then be conscious? Alive? It will be interesting to see exactly when mankind realises what’s going on.

Sometimes I think that life may be no more than a lot of complexity rattling around making a nuisance of itself but the sticking point has always been self replication. It seems quite a feat for a lifeless molecule to suddenly start replicating and this is where the deities jump in to claim responsibility.

A recent TV program discussed the nature of DNA and appeared to suggest that replication wasn’t such a big deal after all and. If that’s the case, and life (and hence consciousness) is no more than the result of massive complexity, then we have to assume that the vast complexity of Internet connected paraphernalia must eventually become conscious. A Vast Active Living Intelligent System as the prescient Mr. Dick would have it.

So, rather than giving men the power of Gods perhaps the result of the explosion of technology will be confirmation of Voltaire’s aphorisms “Si Dieu n’existait pas, il faudrait l’inventer” (“If God did not exist, it would be necessary to invent him”).

Now that would be cool!

End of the World with a Poppy
End of the World with a Poppy

Infosec / Internet World 2012


I was up at Infosec on Tuesday. This is an Information Security exhibition at Earl’s court exhibition centre in London. The usual stuff. Hundreds of stands with steely eyed salesmen waiting for you to catch their eye so they can start reciting all the words they’ve memorised but do not understand. These days the stands all look pretty much the same as they have very few physical products to sell. Instead they sell “services”. They try to convince you that they’ve been doing this for years and the way they do this is to hire lots of attractive women to hand out leaflets and to dress al their salesmen in black polo shirts. Black, you see, means that they look look like hard core techy gurus….at least in the delusional minds of the sales and marketing staff who apparently run the event. This is the nub of the matter. While it’s true that information risk is evolving along with the systems and processes to control risk, in reality, in 2012 it’s a fairly mature cycle. ISACA were there promoting COBIT 5 and this has been developed so far now that it lists one area as “Ensure benefit delivery”. If we had time to audit that sort of thing then there would be no need for Infosec 2012.

Most of the presentations were packed and there were long queues to enter. I attended a few including quite good one on Spear Phishing. A Phishing attack is where an attacker sends an Email with an attachment or link which, when the user clicks on it, initiates a connection to The Internet and downloads malware to the target computer. These work because they fool a legitimate member of staff to initiate the attack and, as the user is already logged in, the attack bypasses many of the controls normally in place. Spear Phishing appears to mean a targeted phishing attack. This was of interest to me as I consider Phishing and Web Application Vulnerabilities to be high up there on the list of current threats.

Phishing attacks are hard to control as the code tends to be polymorphic but a company named PhishMe, Inc. had something quite clever. For a fee they will carry out a phishing attack on the staff at your company. However, if your user clicks on the attachment or the link then they will be presented with a warning and some training material on why they should be more cautious. The company collects statistics and the names of the people who are fooled. They claim that their service dramatically reduces the number of users who are fooled by phishing attacks.

One impressive innovation I saw was a tall orange stack of mini-safes named Charge Box each containing multiple mobile/smart phone charging connectors. The idea being that anyone low on juice could plug their phone in, close and lock the door, remove the key and wander around for a bit returning later to retrieve their freshly charged phone.

By lunch time the local pubs were heaving with besuited business types escaping Earl’s Court. I enjoyed a reasonable burger and pint in the Prince Of Tek on Earl’s Court Road.

At Earl’s Court 2 another exhibition was under way. This was Internet World and I found this to be more exciting. Less professional salesmen and more enthusiastic start ups, or so it appeared to me. A couple of companies selling their services to develop web apps, one with a starting price of less than a thousand pounds. Another company, named Mode360, were selling a contraption about the size of an old fashioned TV. This included a turntable, some lights and a Digital camera. The idea with this was that you plonk your product on the turntable and switch on. The machine then, rotated the product and photographed it through 360 degrees and the attached computer produces a file which can be embedded in a web page to allow your customers to rotate your product on line to get a better look at it. We’ve seen this with the way many mobile phones are sold online. The guy described this as a “money making machine”. He may have been right.

Buy Art Photography by Nigel Chaloner
Buy Art Photography by Nigel Chaloner