Does Apple Have a High School Management Precept: We Are Entitled Because We Are Smarter Than You
April 19, 2022
The story “Ex-Apple Employee Takes Face ID Privacy Complaint to Europe” contains information about an Apple employee’s complaint to the “privacy watchdogs outside the US.” I have no insight into the accuracy or pervasiveness of Apple’s alleged abuses of privacy. The write up states:
Gjøvik [the former Apple employee blowing the privacy horn] urges the regulators to “investigate the matters I raised and open a larger investigation into these topics within Apple’s corporate offices globally”, further alleging: “Apple claims that human rights do not differ based on geographic location, yet Apple also admits that French and German governments would never allow it to do what it is doing in Cupertino, California and elsewhere.”
What I find interesting is that employees who go to work for a company with trade secrets is uncomfortable with practices designed to maintain secrecy. When I went to work for a nuclear engineering company, I understood what the products of the firm could do. Did I protest the risks some of those products might pose? Nope. I took the money and talked about computers and youth soccer.
Employees who sign secrecy agreements (the Snowden approach) and then ignore them baffle me. I think I understand discomfort with some procedures within a commercial enterprise. A new employee often does not know how to listen or read between the lines of the official documents. My view is that an employee who finds an organization a bad fit should quit. The litigation benefits attorneys. I am not confident that the rulings will significantly alter how some companies operate. The ethos of an organization can persist even as the staff turns over and the managerial wizards go through the revolving doors.
As the complaint winds along, the legal eagles will benefit. Disenchanted employees? Perhaps not too much. The article makes clear that when high school science club management precepts are operational, some of the managers’ actions manifest hubris and a sense of entitlement. These are admirable qualities for a clever 16 year old. For a company which is altering the social fabric of societies, those high school concepts draw attention to what may be a serious flaw. Should companies operate without meaningful consequences for their systems and methods? Sure. Why not?
Stephen E Arnold, April 19, 2022
The Google: What Is the Problem? We Protect Puppies?
April 19, 2022
I read a paywalled write up with the title “A Former Employee at Google’s AI Lab DeepMind Says the Firm Seems Obsessed with Saving ITs Own Reputation after She Went Public with Claims of Sexual Harassment and Assault.” No talk about puppies, which Google wants to save. Now that’s a headline which tells the story in my opinion. So rather than summarizing the rather troubling allegations in the write up, I want to call attention to the management aspects of this alleged misstep.
One key point is the speed with which the Google responds to employee inputs. The article points out that the whistle blower found that the Google moved slowly. Google wants Web sites to respond quickly. Management appears to have a different time scale if the allegations are accurate. The managerial review process was “drawn out.”
Another interesting item is that after a management shuffle, the new Top Googler at DeepMind admitted that the “case” was “complex.” That’s not surprising. It is quite difficult to figure out why a query like “search and retrieval” returns information about “information retrieval.” I do not want information about “information.” With a fundamental issue with providing on point results to a simple query about a topic of interest to a company providing Web search results, Google misses the mark. Has the company missed the mark with personnel lingo? I noted that the management lingo in use at the Google is P&C which stands for people and culture. What? Does this mean personnel?
And finally, the write up includes this anecdote about a certain mobile phone whiz at the Google:
The New York Times had reported that Google had “protected” senior executives accused of misconduct over the past decade, such as Android creator Andy Rubin. Rubin denied the claims. Google subsequently changed its policies on dealing with sexual harassment claims.
Management change. No mention of an attempted suicide, baby making in the legal department, or the Dr. Timnit Gebru matter.
Net net: The management methods in use at Google are, to use a favorite word of the Google founders, “interesting.” This word is, however, less compelling than harassment, sexual violence, self-harm, and similar terms which add zest to the interactions of a manager and an employee. Alleged interactions, of course. P&C does not appear to be an acronym for politically correct at the Google. I associate P&C with other words, which I am not comfortable mentioning. Puppies? I am okay with puppies. So is the GOOG.
Stephen E Arnold, April 19, 2022
Three Facts: Staffing, Old Media, and Zuck Math
April 19, 2022
I spotted three factoids in my newsfeed this morning (April 13, 2022, 0700 am US Eastern). Interesting items reveal the shift taking place in the swirling worlds of digital information.
The first factoid comes from “Cybersecurity at a Crossroads.” I noted:
Security talent shortages are especially pronounced in Germany – 53% of organizations in that country reported that struggles with recruiting and retention resulted in multiple project delays over the past 12 months, compared to 43% across other countries.
The second factoid is derived from two separate articles. The first items comes from the real news source CNBC and its write up “CNN+ Struggles to Lure Viewers in Its Early Days, Drawing Fewer Than 10,000 Daily Users.” The fact may be slushy but it is interesting because 10,000 seems modest in terms of the alleged $300 million spent for the for fee service. The second factoid comes from the paywalled “The TikTok War Didn’t Cause the TikTok Boom.” Here’s the fact: The service had attracted about 1.6 billion users in a recent month. Let’s assume these data are close enough for horseshoes. It’s clear that there is a audience pull difference between old media and new media.
The third factoid is from “Meta Plans to Take Nearly 50% of Creator’s Earnings in ‘Horizon Worlds’.” Zuckbook (formerly Facebook) will take 50 percent of money earned by a person who sells digital artifacts inside the virtual world “Horizon Worlds.” Seems fair to the Zuckbook team I assume.
Observations:
- Cyber security is morphing into cyber insecurity with no easy fix at this time.
- Old media lacks the magnetism of the China-linked new media from TikTok.
- Apple’s changes to app behavior appear to cause Zuckbook to charge fees once associated with a money lender in Florence in the 11th century.
Stephen E Arnold, April 19, 2022
MBAs and Security Professionals: A New Opportunity?
April 18, 2022
I am not sure how quickly this information will diffuse into MBA programs and venture firms enjoying their stakes in cyber security firms. But the info will arrive, and it will add brio to PowerPoint sales decks.
“A Centralized Surveillance System That Keeps Up with Your Business Growth” states:
A robust surveillance system is undoubtedly an essential component to safeguarding businesses’ securities and assets.
These data come from a research firm of which I have never heard. Never mind that. The key point is that there will be 50 percent growth going forward.
What new planning, equipment, and software are needed? Check out this shopping list:
- Cameras
- Storage
- Maintenance
One may want to add additional legal fees unless one is running a business in an environment in which total surveillance is already a requirement.
Exciting stuff for consultants too, if the research is accurate. And the sponsor? Synology. Interesting marketing angle for storage. Just capture everything?
Stephen E Arnold, April 18, 2022
Microsoft: Twice Cooked PR with Ban Mao?
April 18, 2022
Going green is important. Microsoft is important. Therefore, Microsoft is going green. How that logic for you, gentle reader. The editors at Fast Company followed this line of reasoning and enjoyed a sizzling plate of twice cooked PR with ban mao in “Microsoft’s Hottest New Product Is a Wok.” Yep, a wok for the woke maybe?
The write up states:
The wok is part of Microsoft’s brand new all-electric kitchen at its headquarters outside Seattle, where nearly 50,000 employees are based. The company is adding 3 million square feet of offices and facilities, and the entire project is being designed to be powered by a vast geothermal system and produce zero carbon emissions. A big part of getting there was eliminating fossil fuels from its energy portfolio. And one of the biggest users of fossil fuels were the company’s kitchens.
I wonder if Microsoft and Fast Company looked at the Microsoft Azure server farms and calculated what percentage of the energy these installations consumed and then answered this question: How much of the energy consumed is of the going green, whale saving variety?
No.
No surprise. I would like a century egg too. I wonder if Fast Company has ordered some Microsoft ads to accompany the article.
Stephen E Arnold, April 18, 2022
DuckDuckGo and Filtering
April 18, 2022
I read “DuckDuckGo Removes Pirate Websites from Search Results: No More YouTube-dl?” The main thrust of the story is:
The private search engine, DuckDuckGo, has decided to remove pirate websites from its official search results.
DuckDuckGo is a metasearch engine. These are systems which may do some focused original spidering, but may send a user’s query to partner indexes. Then the results are presented to the user (which may be a human or a software robot). Some metasearch systems like Vivisimo invested some intellectual cycles in de-duplicating the results. (A helpful rule of thumb is to assume a 50 to 70 percent overlap in results from one Web search system to another.) IBM bought Vivisimo, and I have to admit that I have no idea what happened to the de-duplicating technology because … IBM.
There are more advanced metasearch systems. One example is Silobreaker, a system influenced by some Swedish wizards. The difference between a DuckDuckGo and an industrial strength system, in my opinion, is significant. Web search is an opaque service. Many behind-the-scenes actions take place, and some of the most important are not public disclosed in a way that makes sense to a person looking for pizza.
My question, Is DuckDuckGo actively filtering?” And “Why did this take so long?” And, “Is DuckDuckGo virtue signaling after its privacy misstep, or is the company snagged in a content marketing bramble?
I don’t know. My thoughts are:
- The editorial policies of metasearch systems should be disclosed; that is, we do this and we do that.
- Metasearch systems should disclose that many results are recycled and the provenance, age, and accuracy of the results are unknown to the metasearch provider?
- Metasearch systems should make clear exactly what the benefits of using the metasearch system are and why the provider of some search results are not as beneficial to the user; for example, which result is an ad (explicit or implicit), sponsored, etc.
Will metasearch systems embrace some of these thoughts? Nah. Those who use “free” Web search systems are in a cloud of unknowing.
Stephen E Arnold, April 18, 2022
FinFisher: Grilled or Fried?
April 18, 2022
I read “Criminal Complaint against Illegal Export of Surveillance Software Is Making an Impact: The FinFisher Group of Companies Ceases Business Operations after Its Accounts Are Seized by Public Prosecutor’s Office.” FinFisher was a developer of specialized software and services. The write up quotes Gesellschaft für Freiheitsrechte e.V.’s spokesperson as saying:
“FinFisher is dead. Its business with illegal exports of surveillance software to repressive regimes has failed. This is a direct success of our criminal complaint.
The company’s system, according to the write up allows “police and secret services [to] pinpoint a person’s location, record their telephone conversations and chats and read all their mobile phone and computer data.”
Stephen E Arnold, April 18, 2022
Being Googley: Is the Chrome Browser at Risk in Some SolarWinds?
April 15, 2022
I read “Google Issues Third Emergency Fix for Chrome This Year.” The main idea is that Google is pumping out software which appears to invite bad actors to a no-rules party. The article states:
The emergency updates the company issued this week impact the almost 3 billion users of its Chrome browser as well as those using other Chromium-based browsers, such as Microsoft Edge, Brave and Vivaldi. It is the third such emergency update Google has had to issue for Chrome this year.
Yeah, the browser thing.
Several observations:
- If a wildly popular Google output cannot be made secure, what about the services and software which are less engineer “rich”?
- Does Google deserve the scrutiny that Microsoft and other alleged monopolies attracts? Google has been “off the radar” compared with other companies in the last couple of years it seems.
- What will bad actors do with the signal that three security updates have been issued, and we have not made it to the summer solstice? My thought is that computer science students in some Eastern European countries will be getting some new homework assignments.
Like other large companies, making any security issue public poses risks: There are stakeholders, there are legal eagles, and there are those fresh faced, motivated students in countries which crank out capable programmers and engineers. Some of these individuals may find that exploit creation provides a way to spin up some extra cash.
How many of these individuals are available on gig work sites? What information is flowing through private Telegram groups? The limping Dark Web still has some interesting for a too.
Net net: What Googley vulnerabilities exist which have not been disclosed? How many weak spots exist in the Google just waiting for a bright person to exploit? We know what the article reports, and that information begs more difficult questions.
Stephen E Arnold, April 15, 2022
TikTok: A Murky, Poorly Lit Space
April 15, 2022
TikTok, according to its champions, is in the words of Ernie (Endurance) Hemingway:
You do not understand. This is a clean and pleasant café. It is well lighted. (Quote from “A Clean, Well-Lighted Place”)
No, I understand. If the information in “TikTok under US Government Investigation on Child Sexual Abuse Material” is on the money, the Department of Justice and the US Department of Homeland Security, TikTok may not be a “clean and pleasant café.”
The paywalled story says that TikTok is a digital watering hole for bad actors who have an unusually keen interest in young people. The write up points out that TikTok is sort of trying to deal with its content stream. However, there is the matter of a connection with China and that country’s interest in metadata. Then there is the money which just keeps flowing and growing. (Facebook and Google are now breathing TikTok’s diesel exhaust. Those sleek EV-loving companies are forced to stop and recharge as the TikTok tractor trailer barrels down the information highway.
For those Sillycon Valley types who see TikTok as benign, check out some of TikTok’s offers to young people. Give wlw a whirl. Oh, and the three letters work like a champ on YouTube. Alternatively ask some young people. Yeah, that’s a super idea, isn’t it. Now about unclean, poorly illuminated digital spaces.
Stephen E Arnold, April 15, 2022
Google Hits Microsoft in the Nose: Alleges Security Issues
April 15, 2022
The Google wants to be the new Microsoft. Google wanted to be the big dog in social media. How did that turn out? Google wanted to diversify its revenue streams so that online advertising was not the main money gusher. How did that work out? Now there is a new dust up, and it will be more fun than watching the antics of coaches of Final Four teams. Go, Coach K!
The real news outfit NBC published “Attacking Rival, Google Says Microsoft’s Hold on Government Security Is a Problem.” The article presents as actual factual information:
Jeanette Manfra, director of risk and compliance for Google’s cloud services and a former top U.S. cybersecurity official, said Thursday that the government’s reliance on Microsoft — one of Google’s top business rivals — is an ongoing security threat. Manfra also said in a blog post published Thursday that a survey commissioned by Google found that a majority of federal employees believe that the government’s reliance on Microsoft products is a cybersecurity vulnerability.
There you go. A monoculture is vulnerable to parasites and other predations. So what’s the fix? Replace the existing monoculture with another one.
That’s a Googley point of view from Google’s cloud services unit.
And there are data to back up this assertion, at least data that NBC finds actual factual; for instance:
Last year, researchers discovered 21 “zero-days” — an industry term for a critical vulnerability that a company doesn’t have a ready solution for — actively in use against Microsoft products, compared to 16 against Google and 12 against Apple.
I don’t want to be a person who dismisses the value of my Google mouse pad, but I would offer:
- How are the anti ad fraud mechanisms working?
- What’s the issue with YouTube creators’ allegations of algorithmic oddity?
- What’s the issue with malware in approved Google Play apps?
- Are the incidents reported by Firewall Times resolved?
Microsoft has been reasonably successful in selling to the US government. How would the US military operate without PowerPoint slide decks?
From my point of view, Google’s aggressive security questions could be directed at itself? Does Google do the know thyself thing? Not when it comes to money is my answer. My view is that none of the Big Tech outfits are significantly different from one another.
Stephen E Arnold, April 15, 2022
-
- Subscribe to Beyond Search
Feature archive
News archive
-
