<$BlogRSDUrl$>

Sunday, July 17, 2016

Why I'm not upgrading to Windows 10 

I tried...  Actually, I tried three times and succeeded once, I think...

I have two Windows PCs, an HP Envy x360 hybrid notebook/tablet that came with Windows 8.1, and an HP Pavilion that came with Windows 7 and Microsoft Media Center.  Media Center is a TV tuner and DVR.  Since I have a rooftop antenna and live in a large metro area, I get something like 75 broadcast channels.  I've cut the cable/satellite TV cord and never looked back.  The only cable channel I miss is Speed TV and its Formula 1 races.  I have a Roku player which gives me so many free movies that I don't even subscribe to NetFlix or Hulu any more.

The Envy has worked fine with Win8, but it developed severe power management problems after its first Windows 10 upgrade, to the point where it wouldn't even boot.  It was going to take a return to the factory to get it fixed, but I finally tried a Windows 8 factory software restore, which wiped out all my data (I have backups) but magically fixed the problem.  

Six months later, hoping that HP and Microsoft had found and fixed some firmware bugs behind the scenes, I took the upgrade offer once again.  This worked even more smoothly than the first attempt, and seems to have succeeded fairly well.  The system still has problems shutting down when I close the lid, and staying down after I do a manual Sleep.  I'll put it to sleep in the evening, and when I come back in the morning, it's on and running hot.  Sometimes a Shutdown won't complete and I have to do a hard halt by holding the power button down.  These kinds of problems happen every few days.  It's been a month and a half since the upgrade, and the trend seems flat.  As long as the problems don't get worse, I can live with this.
 
I like the Windows 10 user interface, but I rarely use Tablet Mode, even with the screen folded back.

I don't have any problems with Win7 on the Pavilion, but decided to try the upgrade offer before it expired.  A few steps into the process, the system kindly announced that Windows Media Center is not supported on Windows 10.  Sorry, Cancel. The backout process worked smoothly.  The display for this system is a 55" HDTV, which has its own tuner, but I really need the DVR capability in Windows Media Center.

I guess I'll stay with Win7 for this system until something breaks or a major change in capability arises that needs new hardware.  I used to replace my PC every two generations, but there's nothing revolutionary on the horizon these days.  "The Machine" from HP Labs is pretty revolutionary, but the project has gone quiet recently, and Meg Whitman has replaced Martin Fink as CTO and director of HPE Labs, suggesting that he wasn't meeting his promises for progress on heir number one R&D project.  The potential of memristor is enormous, but trying to get it into a cost-effective commercial product may have been more difficult than it appeared.


Friday, June 24, 2016

Why the bad guys win 

The US NIST has released a draft of SP 800-179, Guide to Securing Apple OS X 10.10 Systems for IT Professionals: A NIST Security Configuration Checklist, It's 65 pages long, with 10 appendices adding another 48 pages.

There's no doubt that these are useful, important configuration parameters that have to be set correctly in order to exclude attackers from their targets.  But how many professional system admins are going to follow these guidelines, and make intelligent, threat-sensitive decisions on which ones to modify, and then reliably apply them to all the OS X systems under their control?  I don't think very many -- a sysadmin's first job is to keep the systems ruining, and most IT managers are under such budget pressure that they barely provide enough resources to accomplish this task.  Operational security such as this kind of configuration management is far too often left as a secondary task, performed to satisfy the justifiable professional pride of the admins.

Security advocates have been pushing the concept of "secure out of the box" for more years than I can remember any more.  Why are these settings not the defaults?  I blame the customer. If security isn't important enough to that security issues lead to more lost sales than the cost of securing the product, the product won't ship in a secure configuration except in the easy aspects.

Wednesday, February 17, 2016

What's the next step to greatness for Hewlett Packard Enterprise? 

Short answer:  spin off HPE Services and the HP security products, then move into IoT for building and manufacturing systems. Recognize the HPE's mission is to provide smart infrastructure for enterprises.  (Not "intelligent infrastructure" for software reasons described below.)

Update, 25 May 2016: HPE announced that it was spinning out its services division, which would merge with CSC.  Phase 1 complete.

Update, 9 March 2016: Trend Micro finally sent out a "Welcome to Trend Micro TippingPoint" email to its new customers.

Before The Hewlett-Packard Company split into HP Inc. and Hewlett Packard Enterprise, pundits were unable to recognize all the different things that the company did: they called it a "PC and printer company", and since "PC's are doomed", HP was also.  Now that the split has occurred, it's HP Inc. that's doomed, and HPE has already become invisible, except to a few specialists.

There are really two parts to this problem.  First, are they really doomed?  Second, can either one of them ever become great again?   "Doomed" in this context really means shrinking to a size where they will be purchased by another company -- chapter 7 bankruptcy with dissolution of assets almost never happens for corporations any more.  Big companies like HPQ and HPE can survive by shedding unprofitable assets for a long time.  Even after purchase, brands can stay around for a long time.  When HP merged with Compaq in 2003, the Compaq brand stayed around for at least ten years afterwards.  Both companies have decade-long contracts with organizations like government agencies that will produce revenue for many years regardless of what happens to the company's big picture.   If they're doomed at all, their doom will take the form of a long, slow fading away.

Can they achieve greatness again?  We need to understand what makes a great company to answer that.  A company has three constituencies: its customers, its employees, and its investors.  To be great, a company has to be great in the eyes of all three.  Customers want great products.   Employees want to build great products, but they also need great pay scales and great working conditions.  Investors want great profits.  A company also needs a compelling mission in order to pull these factors together into a coherent picture.   When HP was an instrumentation company, its mission was clear.  The mission of HP Inc. is coming into focus, while the mission of Hewlett Packard Enterprise remains very muddy and hard to characterize beyond "buy the stuff that we make and the things that we can do for you".

There's a chicken and egg problem here: it takes great employees to build great products; customers produce great revenue from great products, which allows management to support great employees and to return great results to investors.  It's an unstable dynamic system, which is seeded by investments and can grow in a virtuous cycle, or drain into a vicious cycle of deterioration.  It's also an open system, with strong exogenous influence from global economics and technological successions.  As global companies, both HP's have been battered by the global economic downturn of the great recession and by "currency headwinds" as the US recovers faster than the rest of the world. In the face of a leaky boat in a storm, throwing furniture overboard may buy some time to fix the leaks, but a boat without furniture is no longer great transportation.

The common control parameter on all three aspects of greatness is net profit.  Not necessarily profit margin per unit sold, but profit per employee and profit per share.  Profit per unit sold can be low as long as there are economies of scale in production and delivery.   These are obtained by delivering great products that "everyone" wants, and by focusing on simplification and sharing of product capabilities in order to obtain amplification of the effect of great components resulting in effective scaling without loss of attractiveness.  Both HP's produce more individual products and services than they can count, and this represents an absence of focus that prevents effective scaling, causing their margins to be lower than they could be.   Large catalogs can be effectively scaled by employing the principles of hierarchical decomposition that are second nature in software architecture, but the top levels of the hierarchy can't be coordinated without a coherent mission.

Of course the PC that represents HP Inc. isn't doomed, any more than Apple is doomed after posting the most profitable quarter by any company in history.  Ironically, the people who are writing those doom stories are writing them on PC's and they have no plans to change.  Anyone who thinks that you can get any significant work done on a phone, or even a tablet, is out to lunch, and it's probably a three-martini lunch as well.   Nor is HPI's other branch, printing, doomed, despite decades of hype for the "paperless office".   Ink on paper still has advantages in legibility in bright sunlight, long term information stability, and low power consumption that are unmatched by any existing technology.  People are still going to be taking books to the beach instead of tablets or even e-Readers for a long time. There are technologies in existence in various labs that may change this in the next ten years for the handheld device, but it will take many decades for ambient imagery, that is package labels and signage, to become active and ink-free.  In any case, HP Inc. has a plan for entering and dominating a new, highly hyped market, namely 3D printing with its Multijet Fusion technology.   Execution errors are always a possiblity, but an HP that has market-leading positions in notebook and desktop PCs and PC displays, and consumer printers and industrial digital printers in 2D and 3D promises a growth trajectory that could be compared to the HP of the 1960s through 1980s without embarrassment.

Hewlett Packard Enterprise has a tougher problem.  They are burdened with a four-part strategy with two and a half weak components.  The four parts are a server hardware line ranging from small business servers to supercomputers and HP's own NonStop brand of mainframe, an enterprise networking business with significant capability in campus wireless networks, a disjointed security portfolio, and a large services division whose mission is to pull it all together.

Just like the PC is doomed, the server and company-managed datacenter is doomed, except for the small market in the highest-end mainframes and supercomputers, displaced by cloud computing providers, which are dominated by Amazon Web Services with Microsoft Azure and Google Cloud Services following at a long distance, and a bunch of small companies that will be losers in an ecosystem where Metcalfe's law operates.  HP Labs has a project for a revolutionary computer architecture called The Machine, which if it succeeds, will put the final nail in the coffin of the storage media industry, which is already being disrupted by the displacement of rotating disk media by solid state flash memory.  HPE's enterprise systems division gets a large portion of its profit from their 3PAR storage unit, and will be disrupted as much as anyone by this technology transition.

A services business is an impediment to greatness, because it is so dependent on massive quantities of people.  These people are continually subject to being displaced by automation and other economies of scale, which cloud computing is driving to occur at a faster rate than ever before.  Un-automated people are a burden on profit margins.  The stresses on the morale of services employees continually fighting to not be below the line when the workforce reduction trimmer makes its next pass turns the employee's goal into mastering the internal politics of the company rather than solving customers' problems, which is a distraction that impairs productivity and blocks the achievement of greatness.  This is not only a problem for HPE Services; IBM, Wipro, Tata and other computer services companies have the same problem.  IBM's problems have been written about in depth by people such as Robert X. Cringely.

So the next big move for HPE is to spin off HPE Services somehow.  But without some other compensating move, the remainder of HPE will be below critical size for greatness, leaving it with the fate of other remnants of once-great computer companies that are still somehow surviving, like Cray, SGI, and NCR.

What else can HPE do?  One move is to strengthen its enterprise networking and security businesses. Networking capabilities continue to grow faster than Moore's Law, and enterprise campus networking will remain a field full of gaps waiting to be filled for the foreseeable future.  The wired LANs threading throughout buildings will be displaced by wireless LANs or 5G cellular microcells, but need for physical onsite infrastructure means that there is no company like Amazon on the horizon able to undercut every other competitor on price and offer more sophisticated services at the same time.

Stronger enterprise networking is not a significant enough change to compensate for the loss of a services division, but it provides a hint to a worthwhile direction.  Underneath the wireless future of office networking is the automated control of the buildings that support those offices, that is, the HVAC, lighting, and security systems.  These are part of the trendy, explosively growing Internet of Things environment.  HPE could achieve significant product synergies by acquring a building management systems company such as Johnson Controls, and optimizing their management and security to work with HP networking infrastructure.  Johnson Controls itself is probably inappropriate at this time due to its pending merger with Tyco and their investment in legacy systems, but a smaller, more progressive company in the same area would offer a strong foothold in the IoT space for HPE to build on.

The next step in IoT development beyond building management would be factory systems management refreshment.  Manufacturing SCADA systems worldwide are notoriously old and insecure, and need to be upgraded to modern capabilities.  HP is known for its ability to drive and implement open standards; manufacturing IoT is small enough for HP to have a significant impact on it, rather than being a passive recipient of server orders from giant companies like General Electric that have already announced their intention to focus on IoT as a key portion of their corporate strategy.

I haven't mentioned software in this discussion, because HP has always been at its heart a hardware company.  HP's forays into software-dominated businesses have almost invariably been failures.  Autonomy and Palm are notorious failures by HP; does anyone even remember Mercury Interactive?   Software companies need a critical mass of executives who understand programming and programmers, and an HR department that can structure compensation and benefits structures that correspond to programmer and software architect design skills and workstyle needs.  Trying to combine the hardware engineering culture with the software development culture is an almost impossible task, and the culture clash friction will be an impediment to greatness.  Because of its low manufacturing costs, success in a software business is dominated by Metcalfe's Law, which implies that there will be only a few huge successes in any area, and a long tail of also-rans that will inexorably fade away.   Solutions that are tied to hardware are immune to attack by free software, since the free software reduces the market equilibrium cost of the hardware-based solution, rather than reducing its price.

I haven't mentioned security, because security is an attitude, not a solution.  There isn't a unified security market or security industry.  Security remedies only exist because of security failures somewhere else.  In fact, you could say that "for every product or solution, there is a corresponding security product or solution".   Yes, this applies to security products themselves -- we call the corresponding security response to failures of security solutions "defense in depth".  In other words, there is no possibility of a comprehensive, coherent security portfolio -- there are only a bunch of partial, point solutions.    Trend Micro announced last October that they would buy HPE's TippingPoint intrusion prevention system product line, although there's been no followup news four months later.  In order to bring more coherence to its solution portfolio, HPE needs to either acquire a full-range security company (doesn't seem likely to me) or get rid of the remainder of its security products, ArcSight and Fortify.   Like there is "no silver bullet", there's no single path to security greatness -- greatness in security is a side effect of greatness elsewhere.  HPE's path to greatness doesn't want sideshows.

As with HP Inc., Hewlett Packard Enterprise has severe challenges in execution along its return to greatness plan.  Even assuming perfect execution, successful strategies for HPE are very hard to imagine.  This is one of them.

Friday, February 12, 2016

Why Windows 10 could be the most secure mainstream OS 

Because of Isolated User Mode and Device Guard.  Start by remembering that kernel bloat is an insidious disease.  I'm not going to expound here on why kernels should be kept as minimal as possible, and separated by hardware protection from all other functions, just take that as a basic premise.

In the beginning, there was no separation between user processes and kernel processes.  MS-DOS and early versions of Windows are examples of this, as well as the first 9 versions of Apple's OS.Separation of kernel mode from user mode famously begain with MULTICS, with 8 "rings" of protection.  Unix, as a simplification of MULTICS, has only user mode and kernel mode. Windows NT introduced separation between user mode and kernel mode into the Microsoft world, while OS X introduced it to the Apple world.  OS X incorporated the Mach microkernel, which put device drivers in hardware-separated space.  For a long time OS X was the most secure kernel of any mainstream OS.  But Apple succumbed to the temptation of kernel expansion, and its kernel is now as bloated as any.

Windows after NT, like Unix and Linux, was always a fat kernel.  But Windows is less secure than Linux because users normally have admin access, which allows a malicious user process to install malicious into the kernel.  Once the malicious process is in the kernel, it can steal passwords and other secrets, and thanks to a weakness in Active Directory and Kerberos, can use them to move onto other systems in an enterprise using a technique called "pass the hash".   With pass the hash, the malicious code doesn't even need to wait until some user actually types a password, but can use the stored, encrypted password at any time.

Now, with Device Guard, device drivers are signed and isolated, so that a malicious driver can't be installed, and even if it's installed, its code can't get into the kernel in order to steal passwords and other secrets.

Isolated User Mode is even better.  It takes the stored, encrypted passwords and moves them out of the kernel, and into a hardware-isolated space.  Documentation on IUM is hard to come by, but there is a very good series of videos on Microsoft's channel9 video site where it is explained by Dave Probert.  Videos are usually pretty inefficient at communicating technical stuff,  but in the absence of white papers, these are pretty good.

Part 1: Isolated User Mode
Part 2: Isolated User Mode Processes and Features 
Part 3: More on Process and Features


Thursday, January 28, 2016

The Zeroth Law of markets with effective competition 

This is the one that market "analysts" never tell you about.   In a market with effective competition, prices fall to meet the cost of production.  Barring conspiracies to fix prices (explicit cartels, or implicit "gentleman's agreements"), there's always someone who is willing to trade profit margin for market share, leading to the famous joke "we'll lose money on every unit, but make it up on volume".  Unfortunately I've worked for companies that acted like this in real life.

The result is that you can tell how efficient a market is by how close the average participant is to bankruptcy.   Post-deregulation airline companies have a good example of this.  I've seen claims that since deregulation in 1978 the air transport industry as a whole has still not made a cumulative profit.

Financial economics has a very influential concept called the "efficient market hypothesis" which suggests that trying to pick stocks that beat the whole market is always going to fail over the long run.  The fact that there are many industries where nearly every participant is profitable provides clear evidence to me that the EMH is basically false.  But an academic economist can have a quite successful career exploring all the myriad ways that markets can fail to be efficient.

Thursday, January 14, 2016

The second law of unregulated market self-destruction 

The first law being "Unregulated markets destroy themselves" via monopolies, cartels, or other phenomena that result in price fixing and breakage of the price setting and production regulating functions of supply and demand.

The second law (okay, it's technically a hypothesis or conjecture at this point, but I'm confident about its correctness) is more complex. "Unregulated market economies destroy themselves" via a process whereby monopolism leads to concentration of wealth in high income brackets, and financialization of wealth management in contrast to invest leads to emptying of the middle class and corresponding loss of demand.  Loss of demand leads to lower prices, which creates a deflationary and recessionary death spiral.

If this sounds much like the situation that a lot of the world is in these days, and the "great malaise" that Joseph Stiglitz is writing about, that's not an accident.


Sunday, January 03, 2016

The new evolution slogan 

Darwin's original slogan, "Survival of the fittest" is confusing: "fittest" means something quite different from athletic capability, and "survival" has nothing to do with longevity.  Here's something significantly better:

Selective differential replication.

or in a somewhat longer form:

Natural selection of spontaneously varied different heritable characteristics.

It's amazing how difficult it is to condense the key concepts down into three or four (or 8) words, and how slippery that optimal combination of words is even when you've found it.   I've been searching for this phrase for years, and have forgotten it at least once even after discovering it.


Saturday, September 19, 2015

US crude oil exports and global security strategy 

In the U.S., export of crude oil is currently prohibited, and there is an ongoing debate about whether that rule should be changed.  The success of hydraulic fracturing in opening up new supplies of oil has driven the domestic price of oil below the global price, and oil producing companies are laying off employees left and right because oversupply has driven the price below the cost of production.  Those companies see a global market with higher prices, and are frustrated that they are not allowed access to it.

But if oil companies are able to sell globally at a higher price, that will reduce domestic supplies, and increase domestic prices, which will be bad for oil consumers, and bad for the domestic economy, so the politically sensitive regulators in charge of the export rule are would not be inclined to change it as long as they place the interests of voters ahead of the interests of oil company lobbyists.

So, what are the interests of US citizens, and can they be aligned with the interests of the oil companies?

The geopolitical argument for keeping the no-export rule is that the US gets mired in Middle Eastern troubles because we're dependent on foreign oil imports from countries like Saudi Arabia.  The sheikdoms and kingdoms in that region are as far from democracy as it is possible to get, and they support extremist religious ideologies like Wahabism that lead to war and terrorism.  But they have lots of oil, which we need and our European friends need, so we have to be nice to them.

If the US didn't need to import oil, the US could leave them alone to fight among themselves, and stop sending our troops and munitions to be killed and destroyed there.  So we shouldn't permit oil to be exported until the US achieves energy independence, and exports should be limited to only the excess after first satisfying 100% of US demand.

A longer term view suggests a different conclusion.  Allowing US oil to contribute to the global oil market will increase global supplies and reduce global prices.  This will reduce oil income to Mideast oil-producing states, and decrease their ability to finance their jihadist projects.  It will also increase domestic fuel prices, making renewable energy more attractive.  Increased demand for renewable electricity accelerates the technology-driven reduction in the price of renewable electricity.  Renewable energy is already cheaper than fossil energy in some regions of the US, and its adoption is being held back by regulatory shenanigans from coal and oil producers and by generation companies who are seeing their old power plants become uneconomical and major customers go away, never to return. Until room-temperature superconductors are discovered, there is no global market for electricity, and renewable energy is non-exportable.  Converting the world from oil to renewable electric power is good for both the environment and for US national security.   Lifting the no-export rule will accelerate this transition.

In the broadest analysis, civilization is at risk from deterioration in four areas:
Lifting the no-export rule helps with 3 of these four areas, so everyone should be for it, not only oil companies.

Monday, September 07, 2015

The Water Knife 

Paolo Bacigalupi's latest novel deserves a tweak to the old movie poster tagline "Ripped From Tomorrow's Headlines!"  Hollywood agents should be all over this property. Suppose James Bond worked for the South Nevada Water Authority instead of the British Government, in a landscape ranging from lawless slums matching those of Lagos or Mumbai to self-sufficient Chinese-built arcologies that would match any Bond villain's lairs in scale and luxury.  With Bond Girls who are not mere eye-candy: one a Pulitzer Prize winning journalist, the other am orphan Latina teenager with a .44 magnum pistol.

Not enough explosions, terrorists or smartphones, but plenty of gunfire, narco gangs and amputations in a world where Mad Max would feel right at home.  Refugees from Texas are a running joke.   It's all to realistic an extrapolation from today's incendiary political rhetoric and denial of the possibility that the 200-year drought that eliminated the previous civilization in the Southwestern US a thousand years ago could come again.   What will happen to your precious water rights then?   If Cadillac Desert serves as a precedent, it will take more than lawyers to keep the actual wet stuff flowing towards its rightful owners. The Water Knife don't need no double-0 license to do his work.

Saturday, August 08, 2015

Why tech is always a bubble 

Ten years ago, at the height of the previous big tech bubble, economist William Nordhaus developed a model of retention of benefits from innovations with the startling result that only about 4% of the value ends up in the creators' pockets. His paper "Schumpeterian Profits and the Alchemist Fallacy" captures his analysis. Alas, like too many economics studies, it's written up as "theory first, data afterwards". (Rhymes with that remark by the Red Queen in Alice in Wonderland). Nevertheless, it's a useful antidote to the hype coming from the Silicon Valley venture capital community about "unicorn" companies like Uber.

Tuesday, May 12, 2015

Cyber Incident Timeline 

Not every incident, of course, just the famous ones, in a nice interactive timeline.


Saturday, March 07, 2015

Seven ways the United States will end 

Political pundit Matthew Yglesias has a long essay in Vox arguing that American Democracy is Doomed, maybe not today, maybe not tomorrow, but inevitably.  Yglesias doesn't go into details of the precise mechanism of collapse, although there are two sidebars that look at some of the options. Dylan Matthews lays out a sequence of events in which the presidency becomes more and more powerful, achieving the reality of right-wing rhetoric of "dictatorial executive powers" while still remaining elected, and where Congress degenerates into little more than a rubber stamp for executive decrees. Ezra Klein predicts that the current mess will continue to deteriorate, but everyone will just muddle through, making minor changes that alter the functional trajectory so that it never reaches a point of total collapse.

These scenarios don't begin to cover the range of different ways that the US could come to an end.  In particular, they ignore the role of the states, which are much more diverse and effective than  journalists steeped in Washington gridlock can imagine.  Here's a list of ways this could happen.

Constitutional Dissolution

The Constitution provides for several ways that we could get to a situation where there's an official legally arrived-at declaration that "The United States of America no longer exists".

  1. Constitutional Convention.  Article V allows for two-thirds of both houses of Congress or two-thirds of the states to call a convention to decide on amendments to the Constitution.  No limits on the quantity or content of the amendments are given, except that a state may not be deprived of its representation in the Senate.  The legality of an amendment that completely eliminates the entire Senate could be problematic, but in an environment where such an amendment could be ratified you could be skeptical that anyone would care about such a fine point.  A constitutional convention would have the power to completely rewrite the document and give the country an entirely new form of government, or to make any number of lesser changes.
  2. Congressionally-initiated individual amendments.  This is the way that the 17 amendments since the Bill of Rights have been accomplished.  Article V again prescribes that two-thirds of both houses of Congress shall propose the amendments, There's nothing in the Constitution preventing the proposal of a single amendment consisting of the text that "Articles I through VII of this Constitution are hereby repealed."  Since there are 7 articles in the Constitution, that would be everything except the Preamble.
  3. A Secession amendment.  The legal basis for the Civil War was that there is no provision in the Constitution to allow for exit from the Union. Politicians from one state or another occasionally threaten to secede from the Union.  Texans are famous for believing that as a condition for joining the United States in 1845, Texas reserved the right to later split itself into up to 5 states.  There are dozens of more or less well-organized secession movements across the country.  But you can tell whether they're serious or not by whether they are reaching out to other states for support of an amendment to make their rhetoric legal, since that amendment would need to be ratified by three-fourths of the states.  None of them are.
  4. De-facto secession. Since the replacement of the Articles of Confederation by the Constitution the issue of how much the federal government can override decisions by individual states has been contentious. Although Section 10 of Article I of the Constitution requires Congressional approval for any formal Compact between states, in the 20th century the coordination of virtual oligopolies among airlines, phone companies, and other industries without any explicit collusion between executives has developed into a fine art.  States could begin to informally coordinate their laws with each other in areas where they do not conflict with Federal laws, and agree to link them together in much the same way as the National Popular Vote agreements link the behavior of individual states' Presidential electoral votes together. These linkages would form a virtual regional government encompassing multiple states, and when enough states began to participate in such a virtual government, their legislatures could coordinate the policies of their respective Congressional delegations to provide Federal approval of formal Compact agreements permitting the creation of armies and the negotiation of treaties with foreign powers, becoming a new country to everyone in the world except the remaining portions of the legacy United States. 

 Extra-constitutional Dissolution

  1. Successful secession. Some die-hard Southerners still argue that the Army of the Confederacy could have won the war if only a few blunders like Pickett's Charge at Gettysburg had been avoided.  After a few dozen years of the kind of Washington gridlock that Yglesias decries and the election of a feckless president rather than the great one that we had in Abraham Lincoln, the outcome of some new secession attempt might be something like "just let them go".
  2. De-facto dictatorship becomes official.  At some point the Imperial President that Dylan Matthews envisions can decide that he's had enough of this pussyfooting around and pretending to defer to Congress, and declare himself President For Life, or even Emperor. This sequence of events has happened more times than any but the most compulsive historian can count, and dates back to at least the takeover of the Roman Senate by Julius Caesar in 49 and 48 B.C.
  3. Military coup.  During the chaos surrounding the attempted assassination of Ronald Reagan in 1981, at a White House press conference immediately after the incident while Vice President George Bush was incommunicado aboard Air Force Two, Secretary of State General Alexander Haig was asked "who's in charge?".  Haig responded, "I am in control...here."  Until the Vice President finally arrived in Washington, at least in the mind of General Haig, the Constitutional order of succession had been suspended, and a strong military personality appeared to believe that he had taken over the country.  A few hours later, word emerged that Reagan had not been so severely injured that formal transfer of Presidential powers to the Vice President according to the rules laid out in the 25th Amendment to the Constitution had been necessary.  For those of us who had seen the movie or read the book "Seven Days in May", it was a scary moment.

Thursday, January 01, 2015

The world is not falling apart 

At the new year, the media are full of stories about how awful the past year was.  It's well known that good news doesn't sell ads as well as bad news, so it's important to maintain your perspective with information such as this article by Steven Pinker and Andrew Mack.

Sunday, August 10, 2014

past singularities 

I came across a post by Cosma Shalizi listing some evidence that the Industrial Revolution qualifies as a technological singularity.  Shalizi has a very good list of criteria that should be satisfied in order for a singularity to be recognized.   As someone who did research in cell biology and in social sciences at different times long ago, I think there are a lot more in the history of life on the planet.  Here's a list of candidates -- most of Shalizi's criteria are met by each one.  Note that when I say "discovery" I mean discovery by "selfish genes" or "memes" that spontaneously replicate and are naturally selected for, not by individuals.
  1. The sequestration of molecular replication in membrane-bounded cells
  2. The switch from storage of genetic information in RNA sequences to its storage in DNA sequences.
  3. The discovery of photosynthesis by the ancestors of cyanobacteria.
  4. The discovery of the rules for cellular differentiation, adhesion, and migration that led to multicellular organisms
  5. The discovery of backwards development by deuterostomes that led to internal skeletons rather than exoskeletons  Not saying that arthropods are bad, just that endoskeletons are better at growing big.  Deuterostome development certainly leads to other severe problems.
  6. [not saying anything about all the mass extinctions that led to mammalian domination of land animal life]
  7. The discovery of learning by imitation rather than individual trial and error
  8. The invention of controlled fire
  9. The discovery of information storage and retrieval from conspecifics by means of reverence for tribal elders, via "old wives' tales"
  10. The discovery and institutionalization of marketplaces
  11. The invention of writing
  12. The first industrial revolution
  13. The second industrial revolution of information technology, robotics & biotechnology
  14. The third technological revolution of controlled ecological engineering
Somebody should write a book.  Not me, I have other books to write.


Sunday, July 13, 2014

Android device encryption 

The description for Android 3.0 at https://source.android.com/devices/tech/encryption/android_crypto_implementation.html implies that only /data is encrypted. Two questions:

  1. What about / and other filesystems?
  2. Has anything changed with Android 4?

Sunday, April 13, 2014

Capital in the 21st Century 

Universally acknowledged to be An. Important. Book.
Reviewed by Paul Krugman.
Summarized by Matthew Yglesias.
Brad DeLong collected 12 early reviews by economists.
Econospeak has a succinct, balanced description for the politically inclined of Piketty for Dummies

Summary summary: when economic growth slows down, people who own capital still grow in wealth, while people who only produce labor, don't get any richer.   I haven't read the book myself (yet), so I don't know if the author has discovered these two facts:
  • "A rising tide lifts all boats" but  leaky boats don't rise as quickly, and their owners have to spend more time bailing than sailing.
  • The rich get richer faster.  They have access to expensive financial advice, and fancy high yield financial instruments that less wealthy people don't have the entry fees for.  They can afford to participate in higher yielding, higher risk investments because they can purchase complex hedging products that reduce their exposure to potential losses. (Update: Robert Solow recognizes this in his review in The New Republic.)
Typical conservative reaction: "Cool! anyone can become a billionaire!  It's Easy!".   Typical liberal reaction: "We must tax the rich more aggressively!"

What nobody has any ideas how to do: raise the growth rate of global economies, when resources are becoming harder to obtain, and processing them into valuable goods creates pollution, and can be done by robots in any case, i.e. by using capital rather than some wage-producing processes.

Saturday, November 02, 2013

Moore's Law for solar power 

Internet entropy strikes again!  The original version of this important article is gone from the Scientific American website:

• Ramez Naam, The Moore’s Law of solar energyScientific American guest blog, 16 March 2011.

However, even without having to invoke the Wayback Machine, there's a copy at IEET.

Update (9 April 2014):  The Telegraph declares victory. That is, the tipping point where solar power without any subsidies is cheaper than all forms of fossil fuel, has already been passed in 19 global regions, according to Deutsche Bank.

Update 2 (June 2014): The v7 edition of the Lazard Levelized Cost of Energy study, dated August 2013, indicates that by 2015 (next year!) utility-scale solar plants will have a lifetime ROI greater than fossil-fueled plants in 6 of the 10 largest US metropolitan areas.  In the light of this transformation, in late May, Barclays "downgrades the entire electric sector of the U.S. high-grade corporate bond market".


Monday, October 28, 2013

Tradeoffs in Cybersecurity 

The ever-insightful Dan Geer made a very interesting talk at the UNC Charlotte Cyber Security Symposium earlier this month.  He's put the text up on his website.  Anyone who's concerned abut the tension between cybersurveillance and civil liberties should read it and understand it.

His final paragraphs summarize his argument:
The total surveillance strategy is, to my mind, an offensive strategy
used for defensive purposes.  It says “I don’t know what the
opposition is going to try, so everything is forbidden unless we
know it is good.”  In that sense, it is like whitelisting applications.
Taking either the application whitelisting or the total data
surveillance approach is saying “That which is not permitted is
forbidden.”

The essential character of a free society is this: That which is
not forbidden is permitted.  The essential character of an unfree
society is the inverse, that which is not permitted is forbidden.
The U.S. began as a free society without question; the weight of
regulation, whether open or implicit, can only push it toward being
unfree.  Under the pressure to defend against offenders with a
permanent structural advantage, defenders who opt for forbidding
anything that is not expressly permitted are encouraging a computing
environment that does not embody the freedom with which we are
heretofore familiar.
This is the latest corollary of the basic law of strategy attributed to Carl von Clausewitz 195 years ago, that the defender needs to be successful hundreds of times (in cyberwarfare, hundreds of millions of times), while the attacker needs to be successful only once.  In order to be totally effective at defense, one must have totalitarian control over the environment and all the actors within it.

Or, as Benjamin Franklin put it 250 years ago:
They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.

Tuesday, August 06, 2013

Red Plenty -- A dream that failed 

I don't know why there was so much puzzlement about this book when it came out. It's a historical novel, albeit a thoroughly documented one, with 70 pages of notes and references. It's about a period a long time ago and very far away now, the Soviet Union of the 1950s and '60s. It's also a novel of ideas, and the idea is that centrally planned economies can produce a material utopia in which everyone works at what they are good at, and everyone receives everything that they need, without the soul-destroying, self-destructive overshoots of capitalism.

I was in elementary school and high school during this period, and was made to read FBI Director J. Edgar Hoover's book "Masters of Deceit" in order to know how evil communists were. I seemed to be one of the few students who realized that we were being fed propaganda, but I didn't have access to Marx's Capital or even the Communist Manifesto, so I was simply left with the impression that we were supposed to be opposed to commies simply because they were the bad guys, in the same way that the Aggies were the bad guys if you were a UT or OU football fan. This kind of an opposition didn't seem worth destroying the world in a nuclear holocaust for.

In Red Plenty, the characters are simply trying to get by in a rickety, inflexible economy that doesn't really respond to their needs, just like wage-earners in the US. But they have as a secret advantage in the person of Leonid Vitalevich Kantorovich, a real person and a genuine genius, who invented the mathematical method of optimization called linear programming, at about the same time that the American George Dantzig did. Both Dantzig and Kantorovich received the Nobel Prize in Economics for their achievements.

It was linear programming that Soviet economists hoped would push their economic system over the threshold from failure to success, by allowing the myriad of dependencies between all the supplies needed to produce a washing machine or an overcoat or a limousine or a long-range bomber to be identified and coordinated so that every component part was produced in just the right amount without surpluses or shortages that would prevent each end product from being pulled together in just the right quantity needed. In capitalist economies, the coordination problem is solved by a myriad of free markets, but markets lead to profits and profits lead to capitalists, and in the Soviet Union, that could not be allowed. So marketless central economic planning had to be made to work, regardless of the consequences. And the consequences were severe, and even then, economic planning failed.

Red Plenty is a much richer story than can be captured in a few paragraphs - it deserves extended analysis by many authors. And it has received these analyses in an internet symposium by a distinguished team of high-end bloggers organized by the "editors" of Crooked Timber. In addition to some of the usual Crooked Timber contributors such as John Holbo and John Quiggin, it contains essays by economists Brad DeLong and Cosma Shalizi, and writers Ken MacLeod and Kim Stanley Robinson, among 14 others. This amounts to an open review journal study, since in addition to the symposium essays, as a blog each essay was allowed to have comments from any reader who cared to reply. Some of the comments are extremely insightful, though others are extremist, intolerant, and/or uninformed, as blog comments will be.

The highlight of the symposium for me is the essay by Shalizi, who uses computational complexity theory to explain that the planning process itself is simply too big and time-consuming to work in a real economy, even using today's hyperscale computers that are millions or billions of times more powerful than the BESM-6 mainframes available to Kontorovich and his colleagues.

Of course, economic interactions are often nonlinear and would have to be addressed by a generalization of linear programming rather than directly with LP, but while the complexity of mathematical optimization is robust to some kinds of nonlinearities ("convex functions"), many of the nonlinearities in real economies are concave, and the known algorithms for optimizing them are much slower (exponentially slower) than those for linear or convex functions.

Worse than that, in economies that are not planned, such as market economies, it is impossible to predict their future behavior. The reason for this follows from the diagonalization argument used by Goedel and Turing in their proofs of incompleteness and undecidability. As soon as you make a valid prediction about an economy, someone can take that prediction and use it to arbitrage the markets that are predicted, and the money that is involved in exploiting those predictions will affect the market itself, and thus invalidate the predictions. There is quite a bit of interesting research to be done in describing the magnitude of those invalidation effects.

It's not clear that capitalism can be saved from recurring, unpredictable disasters, but we know that the Soviet Union could not be saved. Red Plenty may change your view of that collapse from a triumph of capitalism to that of a tragedy of socialism.

Thursday, August 01, 2013

Visualizing privacy breaches 

David McCandless has created a website titled Information is Beautiful, to help promote better visualizations of information.  One of the pages that his team has created is titled "Worlds biggest data breaches" but lists "selected" incidents, so you can't be sure that it's representative.  These are really privacy breaches involving only personally identifiable information, so the 700,000 secret documents obtained by Bradley Manning and distributed by WikiLeaks aren't shown. Additionally, Information is Beautiful is a visualization team, not a security team, so the page may not be updated with new data in the future.

Nevertheless, the graphic has some quite cool interactive features, like the ability to filter by Method of Leak. This is very useful to a security manager who's trying to decide which kind of breach to focus preventive resources on.  If you can't address all possible risks, you should focus on the ones that are most likely to cause significant losses.  The biggest one is "hacked", but this usually means that the organization's admins were sloppy and didn't follow the security team's directives, thus letting the hackers in.   Breaches of organizations that are doing everything right, are actually quite rare.

Edward Snowden & the NSA 

More noise than signal in the punditocracy, but a few insightful analyses can be found:

I know that there's at least one more analysis of this kind depth out there somewhere, but I can't find it now.


Wednesday, July 31, 2013

Security vulnerabilities in life-critical software 

Nick Schetko has a very nice overview of the problem in the financial website Minyanville, of all places, titled "Pacemakers, Cars, Energy Grids: The Tech That Should Not Be Hackable, Is".   The article mentions air traffic control software and the new generation of vulnerabilities to GPS jamming and spoofing, but doesn't mention aircraft flight control software itself, the stuff that allows "fly by wire" piloting, the scary insecurity of medical care systems such as radiation therapy systems, ICU monitors and drug prescribing and delivery software, and industrial process control systems.   If chemical companies aren't careful, facilities can become weapons of mass destruction instead of mere tragic accidents such as Bhopal and Seveso.

The forgotten history of the other internet 

Nice article from Andrew Russell writing in IEEE Spectrum, "OSI: The Internet That Wasn’t.
How TCP/IP eclipsed the Open Systems Interconnection standards to become the global protocol for computer networking."  You can see some of the reasons for the success of TCP/IP in the article, but the most succinct summary to me remains the slogan "rough consensus and working code".   This principle guarantees the triumph of useful technology over the politico-bureaucratic warfare that too often characterizes processes like ISO standards-making.

Monday, March 25, 2013

It's addictive, why isn't it illegal? 

Modern processed food products, that is.  I just came across a wonderful NY Times article, The Extraordinary Science of Addictive Junk Food, which explains how food manufacturers have tuned their products to be so compelling.   I happen to be one of the victims.  While I can stay away from most processed food products, put me near a bag of anything from the "salty snacks" grocery aisle, and I can't stop until the bag is empty.   Far more insidious than irukandji box jellyfish venom, these products have identified a bug in the biological program that manages human survival that is just as remarkable in the way that they evade the normal defense mechanisms.

Sunday, January 06, 2013

Antifragility: Luck favors the prepared mind 

Nassim Nicholas Taleb gives away the store in this excerpt from his new book at John Brockman's Edge blog.  In an excerpt titled Understanding is a Poor Substitute for Convexity (Antifragility), he lists 7 rules for building a system that can take advantage of black swan events.  Here are the rules:

  1. Convexity is easier to attain than knowledge (in the technical jargon, the "long-gamma" property)
  2. A "1/N" strategy is almost always best with convex strategies (the dispersion property)
  3. Serial optionality (the cliquet property)
  4. Nonnarrative Research (the optionality property)
  5. Theory is born from (convex) practice more often than the reverse (the nonteleological property)
  6. Premium for simplicity (the less-is-more property)
  7. Better cataloguing of negative results (the via negativa property)
Property 2 is the real secret.  Convexity means that given an equal number of wins and losses, the total winnings will exceed the total losses.  Structure the game like this, and you'll go home wealthy.

In information security, this implies that the goal should be to ensure that catastrophic breaches are structurally impossible.  Once you've assured this, you can drive the ongoing the ankle-biter attacks down to a dull roar level that can be tolerated indefinitely.  Network engineers avoid catastrophic failure with techniques like carrier diversity.  Unfortunately, they still mostly allow the Cisco vendor monopoly to continue.

System architects in other IT areas haven't learned this lesson, either.  They still allow their entire enterprises to be dependent on "monocultures" of products from SAP and Peoplesoft and the like.   Here the herd instinct predominates.  "Nobody ever got fired for buying from IBM" -- if IBM, or ADP, or salesforce.com goes down, everyone else goes down too, and you can't be especially blamed.  But if you had diversified, then your enterprise wouldn't have gone totally down, and you would be positioned to step in while your competitors were struggling or failing, and win big.




Wednesday, December 26, 2012

"Occupy Wall Street" - a pretend revolution 

Best analysis yet: The Baffler, which appears to be a left-wing magazine reincarnated as a "little magazine" published on paper by the MIT Press and online as well, has an insightful analysis titled "To the Precinct Station: How theory met practice …and drove it absolutely crazy" which describes how the OWS "movement" was co-opted by academics who were more interested in "theory" and "community building" than they were in creating an effective, lasting organization that could accomplish the hard work of doing what needed to be done.  In the end, participants in the OWS campout were just in Zuccotti Park for the carnival, fooling themselves about changing the world just as much as conservatives were fooling themselves about the state of the voters in the recent election.

Sunday, October 21, 2012

Top 3 reasons why conservatives hate conservation 

I've been puzzled for a long time why political conservatives are almost universally opposed to any measures to preserve and protect the natural world.  You'd think that the conservative desire to keep things as they are would extend to keeping the great mountains, forests, plains, rivers, and deserts that North America has been blessed with in a pristine state, but it doesn't seem to work that way.   What's really going on?

  1. Inability to distinguish dominion from destruction.  In the Biblical story of creation, when God cast Adam and Eve out of the Garden of Eden, he gave them authority over all the living things of the earth.  Six thousand Biblical years ago, people didn't have the ability to do much more than protect their villages and livestock from large predators such as lions, wolves, and eagles with spears and arrows.  Now we have barbed wire fences that span continents, massive farm tractors that can do the work of 500 horses, and heavy earth-moving equipment that we use to literally move mountains in order to obtain the coal within them.  We can change entire ecosystems, and we do.  Conservatives need to take their Lord's injunction far more seriously, and cast off childish attitudes that they are helpless against the might of natural forces.   If I were God, I'd be asking "What have you done to my garden?  You have killed thousands of kinds of animals that I took care of myself because Noah only had only one Ark, and you have turned vast regions into lifeless deserts, and you are planning to do even more.  I have sent many prophets such as John Muir, but you have not listened.  Woe be unto you!"
  2. Viewing all of nature as a store of resources to be exploited.  Just like "the only good Indian is a dead Indian", the only good land is land that can be farmed or mined, preferably both.  But mining takes preference, regardless of its destruction of agricultural capability.  When I was young, my friends would go swimming in the nearby "stip pits" that had filled with water after they had been mined and abandoned without even restoring the topography back to its original gentle hills.  Before the EPA and related legislation required mining companies to replace their tailings, you could drive on US Highway 40 for a hundred miles through Indiana and Ohio -- the best farmland in the world -- and see nothing but hundred-foot-high ridges of strip mining spoils, with the occasional giant excavator showing its masts above them.  But before it was farmland, those Midwestern plains were tallgrass prairie harboring hundreds or thousands of different species of grasses and insects.  Now that land is planted with genetically modified corn, soybeans, and wheat that is poisonous to insects, and cultivated with "no-till" methods that save fuel used for plowing by saturating the soil with herbicides, so that broadleaf weeds and prairie grasses cannot survive.  The result is mile after mile of a single-species landscape that is held hostage to the patent-protected seed stocks of Monsanto and Pioneer Hi-Bred, and can be catastrophically wiped out by unplanned weather conditions or invasive, pesticide-resistant fungi or caterpillars.   To the conservative, this is good, because it allows those companies to extract higher profit margins today by deferring the cost of damage to future generations.
  3. Nature is the ultimate outgroup. Conservatives are an exclusionist movement.  They want everyone to think like them, and they spend a lot of time arguing about who is a true believer and who is, for example a "Republican in Name Only" and attempting to expel them from their group.  One suspects that if the technique hadn't been invented by the Chinese Communists, that they would be using "self criticism meetings" in order to shape behavior.  Religious groups with their affirmations of commitment serve a similar function in "separating the sheep from the goats", and driving all differences towards the core beliefs, regardless of merit.   Nature, of course, was there first, and it cannot be controlled, directed or shaped.  Whatever your religious or political doctrine, nature will not follow it.  This must not be allowed.  To the conservative ideologue, untamed nature cannot be permitted to have any legitimate status in the community.
Liberal conservationism has its problems with preserving the natural world as well, notably the notion of a "natural state" that can be defined and preserved in stasis forever, notwithstanding that it was created by billions of years of perpetual change, the idea of the "noble savage" untouched by civilization who must be kept ignorant and deprived of its benefits in health and comfort, and the notion of vountary poverty that would save the world if only everyone would give up lighting, heating and air conditioning, and travel.  But that's a different discussion.

Friday, September 07, 2012

DE4 component submodels 

A fragmentary note on a bit of structure transcribed from some scribbling on the whiteboard in my office - food for thought:

Ecological
Environmental
Energy
Economic

Saturday, July 07, 2012

The next 236 years 

Eric Roston at Bloomberg.com asks "Can the U.S. Economy Be Sustained for Another 236 Years?" with a predictably unsatisfactory answer.

I'm sure that in 1888, when the U.S. Census declared the American Frontier to be closed, and there was no more "unoccupied" land left to be taken by the white man, and the US was still in the chaos of Reconstruction from one of the worst civil wars in history, making what's going on in the Middle East now seem like child's play, people were reasonably asking whether the country could survive another 112 years like those that had occurred since 1776.

And the the millennium occurred and those 112 years had been survived with substantial success. The U.S. economy in 2012 with air conditioning, jet airliners, internet video, and electric automobiles, not to mention hedge funds and risk arbitrage, is very different from "civilization as we know it" in 1888.

I have no doubt that the US and its economy will be as different in the year 2248 as an economy of 50 states is different from that of 13 English colonies. There is no doubt that many politicians will continue to be venal, corrupt hacks, as they have been for the past 236 years, but they will probably still have been elected by a majority of voting citizens who will get what they asked for.

Saturday, June 30, 2012

Leaderless movements 

Hugo Dixon of Reuters, in a "Commentary" article there, tries to explain how The Revolution Will Be Organized. The title could be a play on Gil Scott-Heron's classic The Revolution Will Not Be Televised.

I have a brief counter-commentary -- They're both wrong:

"Meet the new boss, same as the old boss." The author and his academic sources don't seem to notice the contradiction in what they're saying. That is, that democratic movements can't succeed unless they are undemocratically organized with a dictatorial head or junta to "knock heads together and get everybody to stick to a plan." Karl Marx believed that there would be a "dictatorship of the proletariat" which would fade away to produce true communism. The Soviet Union's dictatorship did indeed fade away, but it was followed by the pseudo-democratic autocracy of Vladimir Putin, not by communism. The Romans tried electing their "dictator" who would voluntarily step down after the wars were over, but that didn't last long, ending when Julius decided to call himself Caesar and become emperor rather than step down. It's not yet politically or academically respectable to say that all forms of government evolve to become dictatorships or monarchies, so we end up with incoherent articles like this one.

Face it, democracy is hard. It requires the people to elect representatives, not leaders. It requires the people to communicate thoughtfully with those representatives, and the representatives to reasonably and thoughtfully work with each other on common problems. When major political movements are based on the premise that negative campaign ads work better than constructive discussion, that cooperation is evil and that members of other political parties are traitors, democracy will continue to deteriorate.

Social media have the opportunity to bypass power-hungry leaders and allow the people to communicate directly with each other, making it possible for leaderless democratic movements to react and refocus more efficiently and rapidly than ever before, but their technical architecture with centralized software and servers makes them just as corruptible as the old fashioned political machines that used smoke-filled back rooms instead of giant server farms.

Saturday, April 21, 2012

Why government subsidies don't work 

Hysteresis.  The Economist's Free Exchange blogger who gives only his initials R.A., makes an insightful comment in a post about subsidies for electric cars.
The tried and true aphorism [is] that government isn't any good at picking winners. This isn't, by the way, a knock on government. No one is particularly good at picking winners. The problem for government is that while market-produced losers usually fail and go away, making room for winners, government-produced losers tend to stick around for a while, sucking resources away from potential winners. No one knows in advance whether something will work; government's failure is in its relative unwillingness to clear away the chaff.
In economist-speak, the subsidies that Free Exchange describes are "Pigovian subsidies", the converse of the more well-known Pigovian taxes. The reason that this kind of tax works better than subsidies is that the lifecycle of an enterprise is asymmetrical -- the growth phase is much shorter than the decline phase, so the cumulative penalty of a tax during growth is less than the drain during decline, putting failing enterprises out of their misery earlier, while the cumulative effect of subsidies is reversed, having a smaller effect during growth while prolonging declines. If a government creates equal numbers of subsidies and taxes with equal rates, the total effect will be negative.

Friday, March 30, 2012

Security depends on quality 

Are we becoming more tolerant of quality problems?  Or have our systems become so big and complex that quality is an impossible goal?  How can you have solid security if the systems that your're trying to secure don't even perform their primary functions in a high-quality, reliable way?

Computers and robots don't make mistakes, right?  But there's a complementary saying: "To err is human, to really screw things up requires a computer."  After all, the things were designed by error-prone humans.

Fast food restaurants have achieved much of their success by creating a product that can be considered "high quality" in that it is identical each and every time you go to one no matter where in the country, and almost in the world it is.  Yet on my last visit to one of the top 3 franchises, they got 3 of 5 items in my order wrong, and while I was there they made errors in the orders for two more customers.

One of the reasons that Apple is such a powerhouse is that they have achieved a higher level of quality than their competitors can ever aspire to, even a decade or more after the infamous "blue screen of death" was common.

But a monolithic ecosystem of total control is not the only path to quality.  Most of the web runs on the Linux OS and Apache web server, which are both completely cooperative, transparent, loosely coordinated enterprises, and achieves higher quality than its closed, commercial competitors.

Engineers have another slogan: "we can build it for you fast, cheap, or good.  Choose any two."  You could survey people asking whether they've become used to fast and cheap, and "good" has become impossible.

Luxury is a surface characteristic any more.  The luxury smartphone doesn't have any better software or give you any better sound than the iPhone that millions of people carry, though it may come in a gold-plated case.  Even Bill Gates runs Microsoft Windows on his PC.

My taxes were almost lost when my tax peparer's PC crashed at the end of tediously entering all the data.  He wasn't sure that it had made a backup for him; he hadn't bothered to check that any kinds of backups were ever made.

My Toyota Prius has the same navigation software as a Lexus, although the Lexus has a somewhat bigger screen.  Both systems have the same bugs and usability problems.

Toyota has a well-deserved reputation for quality, but they can't deliver an operator's manual that correctly describes how the hand controls relate to the headlight settings.  As I was sitting with the "finance manager" at the dealer completing my purchase, his computer crashed and was unable to print some of the government forms - we had to move to another office to finish all the paperwork.

Now, what might happen to General Motors dealers' ability close a sale with correct pricing and product option information when their new Chief Information Officer is known for decimating the Information Technology Department at his previous job, firing all the high-salary, experienced veterans and replacing them with low-wage workers offshore?  How can quality be maintained in a regime whose goal is rapid delivery at unprecedentedly low cost?

Quality issues have been an issue with systems since before Capt. Grace Murray Hopper found the first insect in the backplane of a mainframe.  In my job I'm dependent on people doing high quality system design and operating those systems reliably while making changes to them, effectively rebuilding the metaphorical airplane while in flight. 

Today it seemed that all my problems were quality-related.  To top it off, when I went to my e-book reader's online store to buy "The Checklist Manifesto" for some weekend reading, the shopping cart function wouldn't work.  Argh.

Saturday, February 25, 2012

Making the victim pay for your negligence 

Monsanto has come up with a devilishly clever new way to be a patent troll.  Allow your patented software (DNA sequences that code for herbicide resistance in plants, in their case) to become inadvertantly incorporated into someone else's product, then suing them for patent infringement.  When that product is organically grown food, the infringement actually reduces the value of the accused infringer's product.  A group of organic farmers in California is suing for a "declaratory judgement" that these threats from Monsanto are illegal.

This same technique could be used by owners of patented computer algorithms -- let your algorithm escape from your licensing control and become incorporated into a computer virus or worm, then demand royalties from the owners of the infected computers or sue them for infringement.

I have no idea whether this generalization of Monsanto's trolling method is patentable as a business process.  Nor have I read the filings in the farmers' lawsuit, so I don't know whether they contain any hints that any participants in the case are aware of the generalizability of the method.   But if they aren't, here's a statement that I believe this is an obvious generalization, and its obviousness should be grounds for invalidation of any attempt to patent the trolling method.

Wednesday, February 22, 2012

Tunnel Vision 

Actually, more like macular degeneration, where foveal vision is impaired, rather than the tunnel vision that sufferers from glaucoma must live with.  Francis Fukuyama has A Conversation With Peter Thiel, where they start out by discussing blind spots in the political views of both the left (income inequality) and the right (government inefficiency).   Their discussion quickly takes a much more interesting turn, towards "their common blind spot, which we’re less likely to discuss as a society: technological deceleration and the question of whether we’re still living in a technologically advancing society at all. I believe that the late 1960s was not only a time when government stopped working well and various aspects of our social contract began to fray, but also when scientific and technological progress began to advance much more slowly. Of course, the computer age, with the internet and web 2.0 developments of the past 15 years, is an exception. "

It's easy for a biologist to imagine that social and economic progress follows a logistic curve that starts out exponential but flattens off as resource limits are approached.  It's also the case that after the easy problems are solved, the remaining ones become exponentially more difficult, producing the same slowdowns, though without the hard upper bound.   The social difficulty is that, as Thiel observes, our political systems are built on the promise of never-ending growth.   You can't get re-elected by promising that there are not going to be any more free chickens for every pot.

More compute power is an essential prerequisite for getting out of this trap.  With enough bandwidth and large enough displays and enough compute power to drive them, "as good as being there" can become a reality and the limits to material resources and the costs of transporting those resources can become effectively non-issues.    However, better, more reliable, more trustworthy software is also a prerequisite.  The complexity mountain is a problem for software, too.

Wednesday, October 12, 2011

Most realistic sci-fi film scene ever 

Watching a rerun on TV and once again marveling at Dr. Floyd's speech at Clavius in 2001: A Space Odyssey.   Classic, timeless bureaucractic detachment.  It takes a director with Stanley Kubrick's genius to put something so monstrously boring on the screen.


Sunday, August 21, 2011

The Law of Political Necessity 

Saw this somewhere, not sure where, but it explains a huge amount of nonsensical political behavior and budget bloat.  Given an arbitrary crisis:

See also, "security theater"


Friday, July 08, 2011

Who won the space race? 

Houston, We Have a Problem - By Joshua E. Keating | Foreign Policy suggests that Russia "... appears to have prevailed." But what really catches my attention is the size of the budget numbers. About $4 billion each for Russia and Europe, about $1.5 billion each for China and India. Even the private arm of NASA is only about $6 billion. One of the comments mentions a US military budget of $640 billion. In the large company that I work for, it takes a billion dollars just to get an appointment with an Executive VP. As critical as it is to the national imagination, space is really just a hobby for everyone.

Wednesday, June 29, 2011

Whatever happened to stability analysis? 

Alejandro Nadal has a very interesting post titled Whatever happened to stability analysis? which points up the limitations of economic theory. "Stability is one of the most important aspects of neoclassical theory because it addresses the question of just how the mechanism of free competition in the marketplace actually leads to the formation of equilibrium prices. ... Maintaining ignorance about the limitations of stability theory comes in handy when perpetuating the mythology of market theory. As Mundell once remarked, stability analysis is the most successful failure of general economic theory. It is also the best example of how an academic community pushes the most serious problems of mainstream theory under the rug and gets away with it. Students should learn to look under the rug. "

Nadal's article includes references to online copies of key papers in the development of stability theory, but access to nearly every one of them is blocked to anyone who doesn't have an academic affiliation or is willing to pay more than $30 for a 37-year-old paper that probably cost $0.50 to scan.


Monday, May 30, 2011

Loss Equilibrium 

The fundamental question of security management is "how much should I spend on security?"  There are several approaches to this.

There's the paranoid approach: "however much security you have, it's not enough"  This is encouraged by vendors of security products and services, who want you to buy, buy, buy, and don't care if you're spending your money effectively.   It's functionally equivalent to the "priceless assets" approach: "if your assets are infinitely valuable, anything less than an infinite amount of spending on security is inadequate."  This approach is deeply baked into the security industry due to its origins in military security, where the asset value is the entire country.

There's the auditor's approach: "for every vulnerability, a control".  It assumes that controls are 100% effective, and that breaches can be identified and rolled back if detected.  This also creates an ongoing market for security products, since in a system with human components and with computationally universal inputs, that is one that allows documents with macros, Javascript, and active plugins, not to mention stack overflows and command injection vulnerabilities, there is an infinite supply of vulnerabilities to be protected by pattern-matching & blocking technologies.

Then there's the loss-management approach.  This is based on the notion that losses can be predicted, and controls can be assessed for their effectiveness in mitigating those losses.  This is the only approach that that provides a principled basis for a budget less than "all the money you have".  But how do you manage effectiveness in a principled way, when vendors are motivated to tell you "trust me, it really works great!" and hide any weakenesses that their product or service may have until it's too late for you.  Third party certifications such as Common Criteria protection profiles ensure a baseline of effectiveness, but the CC certification hierarchy doesn't distinguish levels of effectiveness - the distinguishes trustworthiness of achievement of the baseline.  A product certified at EAL4 may may be no more effective than one certified at EAL2.

Assessment of effectriveness is problematic prospectively, but it can be assessed retrospectively: simply add up the losses actually experienced with a given configuration of controls.  That is, if you are unable to develop a credible estimate of annual loss expectancy, use historical data for measured annual losses.  That is, ALE = MAL.

Now apply the principle of not spending more than the value of the asset to your annual budget.  You have observed MAL, so you can say the annual security expenses shouldn't exceed that value.  SE =< MAL.

In an environment where threats & assets cannot be effectively and reliably estimated, security expenses will approach an equilibrium with security losses.  This is not good news for participants with assets that are protected by the laws of macroeconomics, such as consumers in a free-market economy whose personally identifiable information is somewhere out there in the cloud.

Saturday, May 28, 2011

Buffalo 

Thanks to a commenter on Brad Delong's blog. Any sequence of the word "buffalo" of length n>1 is a grammatical sentence of English.   I am obligated as a former Oklahoman, where the buffalo still roam in a few places, to point out that they are actually American Bison. 

Wednesday, May 18, 2011

The Paranoid Style in American Politics 

The Paranoid Style in American Politics
By Richard Hofstadter
Harper’s Magazine, November 1964, pp. 77-86.

Hofstadter was a famous professor of political science at the school where I was an undergraduate, though I never took any of his courses.  This article is one of the reasons for his fame.  The paranoid style is evident to any careful observer of politics, but this puts it in a broader context.   No you're not imagining it, they really are crazy, and they've been that way for a long time.;

Friday, April 22, 2011

Ballistic Risk Management 

Also known as "manage first, assess someday".   Compliance-based paradigms do this -- they just make you do whatever their requirements are, regardless of the actual threats or any unique vulnerabilities or immunities your systems may have.  So do best-practice or good-practice risk management frameworks.  If you do what everybody else is doing, you don't have to look at your own threat or vulnerability environment.

Everyone wants to be special.  Except when being special means you might have to do more work to account for those special characteristics.   Then you're just like everyone else, right?

Sunday, March 27, 2011

Mechanical Universal Turing Machine at last! 

I don't think this guy Jim in Lancashire fully understands the magnitude of his accomplishment.   As far as I know, nobody has ever built a finished, functioning, completely mechanical Universal Turing Machine before.  The math and the plans are part of every computer science textbook, and there have been a number of more or less mechanical Turing Machines built, often cheating by using a microprocessor or other electronic components, but they've always been basic TMs, without the programmability that makes a true computer.   And for extra coolness, he created the state transition table using CNC at the Manchester Fab Lab.  

Not to mention his fully fabbed Rule 110 cellular automaton, with a few parts missing, oops.  Rule 110 CA's are also universal, with a nice scandal to go along with their discovery.

http://srimech.blogspot.com/search/label/turingmachine

Reminds me of one of those naive geniuses that pop up regularly in the SF literature.

This page is powered by Blogger. Isn't yours?