Microsoft Code Recommendations: Objectivity and Relevance, Anyone?
June 30, 2021
The “real news” outfit CNBC published an interesting news item: “Microsoft and OpenAI Have a New A.I. Tool That Will Give Coding Suggestions to Software Developers.” The write up states:
Microsoft on Tuesday announced an artificial intelligence system that can recommend code for software developers to use as they write code…The system, called GitHub Copilot, draws on source code uploaded to code-sharing service GitHub, which Microsoft acquired in 2018, as well as other websites. Microsoft and GitHub developed it with help from OpenAI, an AI research start-up that Microsoft backed in 2019.
The push to make programming “easier” is moving into Recommendation Land. Recommendation technology from Bing is truly remarkable. Here’s a quick example. Navigate to Bing and enter the query “Louisville KY bookkeeper.” Here are the results:
The page is mostly ads and links to intermediaries who sell connections to bookkeepers accepting new clients, wonky “best” lists, and links to two bookkeeping companies. FYI: There are dozens of bookkeeping services in Louisville, and the optimal way to get recommendations is to pose a query to the Nextdoor.com Web site.
Now a question: How “objective” will these code suggestions be? Will there be links to open source supported by or contributed to by such exemplary organizations as Amazon, Google, and IBM, among others?
My hunch is that Bing points the way to the future. I will be interested to see what code is recommended to a developer working on a smart cyber security system, which may challenge the most excellentness of Microsoft’s own offerings.
Stephen E Arnold, June 30, 2021
Gender Biased AI in Job Searches Now a Thing
June 30, 2021
From initial search to applications to interviews, job hunters are now steered through the process by algorithms. Employers’ demand for AI solutions has surged with the pandemic, but there is a problem—the approach tends to disadvantage women applicants. An article at MIT Technology Review describes one website’s true bro response: “LinkedIn’s Job-Matching AI Was Biased. The Company’s Solution? More AI.” Reporters Sheridan Wall and Hilke Schellmann also cover the responses of competing job search sites Monster, CareerBuilder, and ZipRecruiter. Citing former LinkedIn VP John Jerson, they write:
“These systems base their recommendations on three categories of data: information the user provides directly to the platform; data assigned to the user based on others with similar skill sets, experiences, and interests; and behavioral data, like how often a user responds to messages or interacts with job postings. In LinkedIn’s case, these algorithms exclude a person’s name, age, gender, and race, because including these characteristics can contribute to bias in automated processes. But Jersin’s team found that even so, the service’s algorithms could still detect behavioral patterns exhibited by groups with particular gender identities. For example, while men are more likely to apply for jobs that require work experience beyond their qualifications, women tend to only go for jobs in which their qualifications match the position’s requirements. The algorithm interprets this variation in behavior and adjusts its recommendations in a way that inadvertently disadvantages women. … Men also include more skills on their résumés at a lower degree of proficiency than women, and they often engage more aggressively with recruiters on the platform.”
Rather than, say, inject human judgment into the process, LinkedIn added new AI in 2018 designed to correct for the first algorithm’s bias. Other companies side-step the AI issue. CareerBuilder addresses bias by teaching employers how to eliminate it from their job postings, while Monster relies on attracting users from diverse backgrounds. ZipRecruiter’s CEO says that site classifies job hunters using 64 types of information, including geographical data but not identifying pieces like names. He refused to share more details, but is confident his team’s method is as bias-free as can be. Perhaps—but the claims of any of these sites are difficult or impossible to verify.
Cynthia Murrell, June 30, 2021
SPACtacular Palantir Tech Gets More Attention: This Is Good?
June 30, 2021
Palantir is working to expand its public-private partnership operations beyond security into the healthcare field. Some say the company has fallen short in its efforts to peddle security software to officials in Europe, so the data-rich field of government-managed healthcare is the next logical step. Apparently the pandemic gave Palantir the opening it was looking for, paving the way for a deal it made with the UK’s National Health Service to develop the NHS COVID-19 Data Store. Now however, CNBC reports, “Campaign Launches to Try to Force Palantir Out of Britain’s NHS.” Reporter Sam L. Shead states that more than 50 organizations, led by tech-justice nonprofit Foxglove, are protesting Palantir’s involvement. We learn:
“The Covid-19 Data Store project, which involves Palantir’s Foundry data management platform, began in March 2020 alongside other tech giants as the government tried to slow the spread of the virus across the U.K. It was sold as a short-term effort to predict how best to deploy resources to deal with the pandemic. The contract was quietly extended in December, when the NHS and Palantir signed a £23 million ($34 million) two-year deal that allows the company to continue its work until December 2022. The NHS was sued by political website openDemocracy in February over the contract extension. ‘December’s new, two-year contract reaches far beyond Covid: to Brexit, general business planning and much more,’ the group said. The NHS contract allows Palantir to help manage the data lake, which contains everybody’s health data for pandemic purposes. ‘The reality is, sad to say, all this whiz-bang data integration didn’t stop the United Kingdom having one of the worst death tolls in the Western world,’ said [Foxglove co-founder Cori] Crider. ‘This kind of techno solutionism is not necessarily the best way of making an NHS sustainable for the long haul.’”
Not surprisingly, privacy is the advocacy groups’ main concern. The very personal data used in the project is not being truly anonymized—instead it is being “pseudo-anonymized,” a reversible process where an alias is swapped out for identifying information. Both the NHS and Palantir assure citizens re-identification will only be performed if necessary, and that the company has no interest in the patient data itself. In fact, we are told, that data remains the property of NHS and Palantir can only do so much with it. Those protesting the project, though, understand that money can talk louder than corporate promises; many companies would offer much for the opportunity to monetize that data.
Cynthia Murrell, June 30, 2021
More TikTok Questions
June 30, 2021
I read “Dutch Group Launches Data Harvesting Claim against TikTok.” The write up states:
Dutch consumer group is launching a 1.5 billion euro ($1.8 billion) claim against TikTok over what it alleges is unlawful harvesting of personal data from users of the popular video sharing platform.
Hey, TikTok is for young people and the young at heart. What’s the surveillance angle?
The write up adds:
“The conduct of TikTok is pure exploitation,” Consumentenbond director Sandra Molenaar said in a statement.
What’s TikTok say? Here you go:
TikTok responded in an emailed statement saying the company is “committed to engage with external experts and organizations to make sure we’re doing what we can to keep people on TikTok safe. It added that “privacy and safety are top priorities for TikTok and we have robust policies, processes and technologies in place to help protect all users, and our teenage users in particular.”
Some Silicon Valley pundits agree with the China-linked harmless app and content provider. No big deal. Are the Dutch overreacting or just acting in a responsible manner? I lean toward responsible.
Stephen E Arnold, June 30, 2021
Translations: Gender Biased?
June 29, 2021
There are many sources of misinformation online, but here is one readers may not have considered—the spread of mistranslations, whether intentional or merely inept. The Taipei Times gives an example in, “Translation a Cover for False News.” We learn that Japan kindly donated 1.24 million doses of a Covid vaccine to Taiwan. Apparently, though, not everyone in Taiwan received the news with good grace. Writer Hung Yu-jui explains:
“They try to find fault with the AstraZeneca vaccine, talk about the donation in a sarcastic tone, and express pessimism about the relationship between Taiwan and Japan. It is very sad to see. Surprisingly, a social media post has been widely shared, saying that when Japanese Minister of Foreign Affairs Toshimitsu Motegi was asked in the Japanese legislature why the country only donated 1.24 million vaccines, he allegedly answered that the Taiwanese government had only asked for enough doses to meet its needs for this month, as locally made vaccines would soon become available. Having watched the video of the session, anyone with a good understanding of Japanese would know that Motegi did not make such a statement. The post was completely fabricated — a piece of vicious and despicable fake news. … Earlier this month, Hsinchu County Deputy Commissioner Chen Chien-hsien (???), the director of the Chinese Nationalist Party’s (KMT) chapter in the county, shared the post of Motegi’s alleged vaccine statement on social media, adding some intentionally malicious comments.”
When confronted, Chen explained a friend who speaks Japanese had translated the speech for him, so he had been sure the translation was accurate. While it is good to trust one’s friends, this is a case where verification would have been in order. Unless, as Yu-jui seems to suspect, the wrong translation was intentional. Either way, this demonstrates yet another fake-news vector to watch out for.
Cynthia Murrell, June 29, 2021
Intel and Its Horse Code
June 29, 2021
Do your remember the absolutely marvelous technical breakthrough of the quantum junction transformer magic technology called Horse Ridge? No, I am trying to forget too. The idea was that Intel’s cryogenic quantum chip would enable commercially viable quantum computing. The key words in these marketing announcements are “cryogenic” and “commercial.” Get out your wallet. Cryogenics can be more expensive than a $25 Arctic Freezer 7.
The new “horsey” metaphor is Horse Creek. I can’t use the phrase horse feathers again; otherwise, I risk the wrath of my seventh grade English teacher. Maybe hair, doody, drool, or blanket? I will have to give this some thought.
“Intel to Create RISC-V Development Platform with SiFive P550 Cores on 7nm in 2022” is a very objective type of write up. I would like to point out that Intel has not been the leader in the tiny nanometer chip derby. In fact, I learned that a Chinese outfit named Biren Technology is getting in the 7nm graphics chip business. I remember when Chinese chip foundries were creating chips about as wide as a city sidewalk. Intel? How is that small trace stuff working out? Will there be enough water in Arizona to make the AMD Ryzen wannabes a reality?
The write up states:
Despite Intel recently committed to bringing its 7nm to market in 2023 with the compute tile for its Meteor Lake processor as its first 7nm product, we’re being told that Horse Creek silicon will be ready in 2022, which would make Horse Creek its first 7nm product. For what it is worth, it’s unlikely that the Intel RISC-V solution is tile-based, but it might be easy enough to bring a small RISC-V chip development platform to market around then. The chip is likely to be small, so that might work in favor of its costs as well. A question does remain as to whether Intel’s involvement here is purely in the hardware, or whether there will be an Intel-based software stack to go along with it.
Is this doubt? Nope. Marketing. How about horse cutlets from your local hippophagie. Better yet. Step away from an undifferentiated “horse” and hire Megan Thee Stallion and license her music and name to brand the Intel horses.l
Stephen E Arnold, June 29, 2021
Databases: Old Wine, New Bottles, and Now Updated Labels with More Jargon and Buzzwords
June 29, 2021
I read “It’s the Golden Age of Databases. It Can’t Last.” The subtitle is fetching too:
Startups are reaping huge funding rounds. But money alone won’t be enough to top the current market leaders.
I think that it is important to keep in mind that databases once resided within an organization. In 1980, I had my employer’s customer database in a small closet in my office. I kept my office locked, and anyone who needed access had to find me, set up an appointing, and do a look up. Was I paranoid? Yep, and I suppose that’s why I never went to work for flexi-think outfits intellectually allied with Microsoft or SolarWinds, among others.
Today the cloud is the rage. Why? It’s better, faster, and cheaper. Just pick any two and note that I did not include “more secure.” If you want some color about the “cost” of the cloud pursuit fueled by cost cutting, check out this high flying financial outfit’s essay “Andreesen Horowitz Partner Martin Casado Says the Cost of Cloud Computing Is a $100 Billion Drag on the Biggest Software Companies, Sparking a Huge Debate across the Industry.” Some of the ideas are okay; others strike me as similar to those suggesting the Egyptian pyramids are big batteries. The point is that many companies embraced the cloud in search of reducing the cost and hassle of on premises systems and people.
One of the upsides of the cloud is the crazy marketing assertions that a bunch of disparate data can be dumped into a “cloud system” and become instantly available for Fancy Dan analytics. Yeah, and I have a bridge to sell you in Brooklyn. I accept PayPal too.
The “Golden Age” write up works over time to make the new databases exciting for investors who want a big payout. I did note this statement in the write up which is chock-a-block with vendor names:
Ultimately, Databricks and Snowflake’s main competitors probably aren’t each other, but rather Microsoft, AWS and Google.
Do you think it would be helpful to mention IBM and Oracle? I do.
Here’s another important statement from the write up:
One thing is certain: The big data revolution isn’t slowing down. And that means the war over managing it and putting the information to use will only get more fierce.
Why the “fierce”? Perhaps it will be the investors in the whizzy new “we can federate and be better, faster, and cheaper” outfits who put the pedal to the metal. The reality is that big outfits license big brands. Change is time consuming and expensive. And the seamless data lakes with data lake houses on them? Probably still for sale after owners realize that data magic is expensive, time consuming, and fiddly.
But rah rah is solid info today.
Stephen E Arnold, June 29, 2021
DarkCyber for June 29, 2021, Now Available: Operation Trojan Shield Provides an Important Lesson
June 29, 2021
DarkCyber 13 discusses the Operation Trojan Shield sting. You can view the video at this link. The focus is on three facets of the interesting international takedowns not receiving much attention. The wrap up of the program is a lesson which should be applied to other interesting mobile device applications. If you are wondering how useful access to app data and its metadata are, you may find this 11 minute video thought provoking. DarkCyber is a production of Stephen E Arnold, a semi-retired consultant who dodges thumbtypers, marketers, and jargon lovers. Remember: No ads and no sponsors. (No, we don’t understand either but he pays our modest team like clockwork.)
Kenny Toth, June 29, 2021
Smart Devices and Law Enforcement: Yes, the Future
June 28, 2021
I read “Security Robots Expand across U.S., with Few Tangible Results.” The write up highlights Yet Another Security Sales Play or YASSP. The write up states:
Officer Aden Ocampo-Gomez, a spokesman for the Las Vegas Metropolitan Police Department, said that while the complex is no longer in the agency’s top 10 list for most frequent 911 calls in the northeastern part of the Las Vegas Valley, he doesn’t think all the credit should go to Westy. “I cannot say it was due to the robot,” he said.
No surprise. Crime is a result of many factors; some of which make many, many people uncomfortable. A parent loses a job and steals money from an old timer with a cane. A hormone filled young person frustrated with a person staring decides to beat up the clueless person looking for a taxi. A street person needs a snort of Cisco. Many examples, and I have not wandered into the thicket of gangs, vendettas, psychological weirdness, or “hey, it seemed like fun.”
The write up does bump up a reality for vendors of police-related technology. Here’s an interesting passage:
But the finances behind the police robot business is a difficult one. Last year, Knightscope lost more money than ever, with a $19.3 million net loss, nearly double from 2019. While some clients are buying more robots, the company’s overall number of clients fell to 23, from 30, in the past four years. Plus, the number of robots leased has plateaued at 52 from the end of 2018 through the end of last year. The pandemic certainly didn’t help things. Just two months ago, Knightscope told investors that there was “substantial doubt regarding our ability to continue” given the company’s “accumulated deficit,” or debt, of over $69 million as of the end of 2020. Its operating expenses jumped by more than 50 percent, including a small increase on research, and a doubling of the company’s marketing budget. Knightscope itself recently told investors that absent additional fundraising efforts, it will “not be solvent after the third quarter of 2022.”
Earlier this month I gave a talk to a group on the East Coast affiliated with a cyber crime outfit. One question popped up on the Zoom chat:
What’s law enforcement look like in five years?
As I have pointed out many times, if I could predict the future, I would be rolling in Kentucky Derby winnings. I said something to the effect, “More technology.”
That’s what CNBC is missing in its write up about the robot outfit Knightscope: Enforcement agencies worldwide are trying to figure out how to attract individuals who will enforce laws. Australia has explored hiring rehabbed criminals for special roles. Several years ago, I had dinner with one of these individuals, and I came away thinking, “This is a perfect type for undercover work.”
The major TV outlets in my area of the Rust Belt routinely run interviews with government officials who point out that there are employment opportunities in law enforcement.
The problem is that finding employees is not easy. Once a person is an employee, often that individual wants to work on a schedule appropriate to the person, not the organization. If asked to do extra work, the employee can quit or not show up. This issue exists at fast food outfits, manufacturing plants, and government agencies.
What the write up ignores is that robots will work. Using semi smart devices is the future. Turn ‘em on; devices mostly work.
One can’t say that for human counterparts.
Net net: Without enough humans who will actually work, smart devices are definitely the future. I stand by my observation to the cyber crime seminar attendees. What do you want patrolling your subdivision: A smart device or a 22 year old fascinated with thumbtyping who wants a three day work week and doesn’t want to get involved.
Think about it. Knightsbridge, if I can do anything to boost your company, let me know.
Stephen E Arnold, June 28, 2021
Amazon Sends an E2EE Message to the Google and Microsoft
June 28, 2021
I gave a lecture to a group of cyber fraud investigators a week or so ago. I made a point of saying, “E2EE messaging is the new Dark Web.” I think some of the people in the audience resonated with my remarks, but Zoom lectures are not exactly in-person, meet-and-greet events.
I offered a similar observation at this year’s National Cyber Crime Conference. I know that at least one person was listening. I received on the sort of weird Whova app, an atta boy message from a real live Amazon professional.
I noted this story on June 25, 2021: “AWS Has Acquired Encrypted Messaging Service Wickr.” The write up states:
AWS will continue operating Wickr as is, and offer its services to AWS customers, “effective immediately,” notes a blog post from Stephen Schmidt, the VP and CISO for AWS, announcing the news.
Informative? Sort of. I think this is an important acquisition. The Silicon Valley real news story points out that work-from-home makes this type of communication method important.
Are there other reasons for the purchase?
Oh, yeah. I have a for fee briefing which explains three other motivators for this type of deal. Believe me, they are not the baby food work from home justification.
Stephen E Arnold, June 28, 2021