Does Fear Trigger Me-Too Innovation?
May 20, 2022
Everyone values creativity and wants to be surrounded by innovative people. At least, that is what most of us say. The virtue is heavily promoted in business and features prominently on many a motivational poster. It seems that subconsciously, though, the uncertainty inherent in creative solutions makes people sick. This conclusion comes courtesy of the New York Times‘ article, “We Have a Creativity Problem.” The article tells us:
“Creativity is lauded as vital, and seen as the lifeblood of great entertainment, innovation, progress and forward-thinking ideas. Who doesn’t want to be creative or to hire inventive employees? But the emerging science of implicit bias has revealed that what people say about creativity isn’t necessarily how they feel about it. Research has found that we actually harbor an aversion to creators and creativity; subconsciously, we see creativity as noxious and disruptive, and as a recent study demonstrated, this bias can potentially discourage us from undertaking an innovative project or hiring a creative employee. ‘People actually have strong associations between the concept of creativity and other negative associations like vomit and poison,’ said Jack Goncalo, a business professor at the University of Illinois at Urbana-Champaign and the lead author on the new study. ‘Agony was another one.'”
Yikes. The piece looks at a pair of studies that measured subjects’ conscious and unconscious responses to creativity. The recent one referenced above examines attitudes toward creative workers. (Apparently it makes a difference whether one is working on sneakers or sex toys.) Another done in 2012, led by the University of San Diego’s Jennifer Mueller, explored participants’ conscious responses to questions about creativity and their implicit bias on the topic. Researchers introduced an element of real-world uncertainty to some of the subjects and found those respondents cringed even more at creative concepts. See the article for descriptions of each study’s methodology. The write-up notes:
“’Leaders will say, “We’re innovative,” and employees say, “Here’s an idea,” and the idea goes nowhere,’ Dr. Mueller said. ‘Then employees are angry.’ But, she said, the people invested in the status quo have plenty of incentive not to change. ‘Novel ideas have almost no upside for a middle manager — almost none,’ she said. ‘The goal of a middle manager is meeting metrics of an existing paradigm.’ That creates another conundrum, the researchers noted, because people in uncertain circumstances may really need a creative solution and yet have trouble accepting it.”
Yes, that is quite the paradox. Perhaps we should all consider whether an unconscious bias against innovative solutions is hindering us and our teams.
Cynthia Murrell, May 20, 2022
China Targets Low-Profile Social Network Douban for Censorship
May 20, 2022
China continues to do one of the things it does best: control the flow of information within its borders. Rest of World reports, “China’s Most Chaotic Social Network Survived Beijing’s Censors—Until Now.” Writer Viola Zhou describes the low-profile site:
“The chaotic Chinese social network Douban never looked for fame; it was designed for people with niche obsessions and an urge to talk about them. … Douban began as a review site for books, film, and music: the interests of its charismatic founder, Ah Bei. It quickly grew into a social network of millions of users.”
Those users bonded around shared interests both playful and serious. To keep the site rooted in a spirit of community, it has resisted both large-scale advertising and (unlike other social networks) government propaganda accounts. Douban managed to avoid scrutiny by China’s fervent censors since it launched in 2005. Until now. Zhou continues:
“In March, a government censorship task force was set up at the company’s headquarters. Over the past year, some of its most popular groups have shut down, its app was scrubbed from major Chinese stores, and on April 14, Douban froze a significant traffic driver, the gossip forum Goose Group, though it’s unclear whether each of those actions were the decisions of the website or government regulators. As China’s tech crackdown seeps into all parts of online life, the ability to organize around something as mild as shared interests is being throttled by Beijing’s censors. Rest of World spoke to more than a dozen early Douban employees, prominent group admins, and current users, most of whom requested anonymity in order to freely discuss Chinese censorship. For them, the reining-in of Douban signals that its creative, tight-knit communities have become an unacceptable political risk, as the Chinese government grows increasingly vigilant about any form of civil gathering.”
Yes, it seems citizens coming together over any topic, no matter how far from political or social matters, is a threat. The pressure on Douban is said to be part of the government’s campaign against a scourge dubbed “fan circle chaos.” Colorful. Some users hold out hope their beloved groups will someday be reinstated. Meanwhile, founder Ah Bei’s account has been inactive since 2019. See the write-up for more about Douban and some of its forums that have been shuttered.
Cynthia Murrell, May 20, 2022
Cyber Safeguards: Do Digital Prophylactics Have Holes?
May 19, 2022
I have had a sneaking suspicion that cyber security vendors were prone to exaggerating the capabilities of their systems. I sit in webinars in which I hear about the exploit of the day. I scan newsfeeds to learn that each cyber security and threat intelligence experts announce with considerable confidence. (Why don’t other cyber security vendors announce the same exploit? Each vendor, it appears to me, finds something unique to explain and then neutralize…. after the fact.) I look at dozens of news releases about cyber security, threat detection, and the ransomware gang wanting citizens of Costa Rica to overthrow the country. So many vulnerabilities, it seems.
“Report: 80% of Cyberattack Techniques Evade Detection by SIEMs” highlights a contrarian report from an outfit named CardinalOps. (You can learn more about the company at this link.) This company, founded in 2020, is involved in the security information and event management business. The acronym is SIEM, and it is bandied about with considerable abandon as a must-know acronym.
The VentureBeat article describes some of the information in the CardinalOps monograph called “The State of SIEM Detection Risk: Quantifying the Gaps in MITRE ATT&CK Coverage for Production SIEMs.”
(The catchy MITRE ATT&CK refers to an MIT Research activity (now MITRE). Here’s how the information is described by MITRE:
a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.)
With the jargon behind me, I want to highlight this passage from the article published by the estimable VentureBeat:
enterprise SIEMs are missing detections for 80% of all MITRE ATT&CK techniques and only address five of the top 14 ATT&CK techniques employed by adversaries in the wild.
What the CardinalOps monograph seems to say to me is: “The cyber security vendors’ software and systems don’t work as advertised.”
If I interpret the VentureBeat article correctly, the story ventures into territory avoided by most of those involved in cyber security. Criticizing the dozens, nay, hundreds of cyber defense companies and their services has been a no-no in my experience. Outfits which purport to review these systems rarely suggest that out of a hundred threats, about four out of five will zip right through the defenses.
(Is this way some upscale consultants suggest using layers of security. This phrase means to me: “License lots of systems and maybe the combination will stop threats.” The implication is that if one system is only 20 percent effective and my understanding that each cyber security vendor has some method to stop stuff their experts have identified, the average company only requires five systems running at the same time to reduce risks.)
The VentureBeat article about the CardinalOps report offers:
Rather than rely on subjective survey-based data, CardinalOps analyzed configuration data from real-world production SIEM instances to gain visibility into the current state of threat detection coverage in modern Security Operations Centers (SOCs). These organizations represent multibillion dollar, multinational corporations, which makes this one of the largest recorded samples of actual SIEM data analyzed to date, encompassing more than 14,000 log sources, thousands of detection rules and hundreds of log source types.
Okay, hard data, not soft podcast-grade chatter.
So what’s the fix if you are using popular systems from outfits like the lovable outfit Microsoft, the firm which shipped an update that breaks domain security? The article states:
The latest CardinalOps research provides readers with a series of best practice recommendations to help CISOs and detection engineering teams address these challenges, and be more intentional about how detection coverage is measured and continuously improved over time.
I think this means consulting. No surprise there.
To get a copy of the report, click here and amp up your fear. Email and captcha hoops required. You know, for security.
Net net: Marketing information may not describe accurately cyber security capabilities. Is this news?
Stephen E Arnold, May 19, 2022
Child Related Issues and Smart Software: What Could Go Wrong?
May 19, 2022
It is understandable that data scientists would like to contribute to solving a heart-wrenching problem. But what if their well-intended solutions make matters worse? The Bismarck Tribune shares the article, “An Algorithm that Screens for Child Neglect Raises Concerns.” AP Reporters Sally Ho and Garance Burke describe the apprehension of one Pittsburgh family’s attorney in the face of an opaque predictive algorithm. The software uses statistical calculations to pinpoint families for investigation by social workers, but neither the families nor their lawyers are privy to the details. We learn:
“From Los Angeles to Colorado and throughout Oregon, as child welfare agencies use or consider tools similar to the one in Allegheny County, Pennsylvania [in which Pittsburgh is located], an Associated Press review has identified a number of concerns about the technology, including questions about its reliability and its potential to harden racial disparities in the child welfare system. Related issues have already torpedoed some jurisdictions’ plans to use predictive models, such as the tool notably dropped by the state of Illinois. According to new research from a Carnegie Mellon University team obtained exclusively by AP, Allegheny’s algorithm in its first years of operation showed a pattern of flagging a disproportionate number of Black children for a ‘mandatory’ neglect investigation, when compared with white children. The independent researchers, who received data from the county, also found that social workers disagreed with the risk scores the algorithm produced about one-third of the time.”
Ah bias, the consistent thorn in AI’s side. Allegheny officials assure us their social workers never take the AI’s “mandatory” flags at face value, using them as mere suggestions. They also insist the tool alerts them to cases of neglect that otherwise would have slipped through the cracks. We will have to take them at their word, as this tech is as shrouded in secrecy as most algorithms. And what of the growing number of other cities and counties adopting the tool? Surely some will not be as conscientious.
Still, the tool’s developers appear to be taking concerns into account, at least a little. The authors note:
“The latest version of the tool excludes information about whether a family has received welfare dollars or food stamps, data that was initially included in calculating risk scores. It also stopped predicting whether a child would be reported again to the county in the two years that followed. However, much of the current algorithm’s design remains the same, according to American Civil Liberties Union researchers who have studied both versions.”
See the thorough article for more on this contentious issue, including descriptions of welfare agencies under pressure, calls for transparency, and perspectives from advocates of the software.
Cynthia Murrell, May 19, 2022
TikTok: Will It Chew Through a Zuck Tendon?
May 19, 2022
We had to know this day was approaching—TikTok seems set to surpass the competition. According to India’s DaijiWorld, “Facebook Worried as TikTok Set to Eclipse Twitter, Snapchat Ad Share.” The article cites a report from The Guardian as it shares some statistics:
“[TikTok] is likely to triple its global worldwide ad revenues $11.6 billion this year — more than the $10.44 billion for Snapchat and Twitter combined. A TikTok user spent 19.6 hours on average per month on the app last year, according to data.ai, which is equal to Facebook which is seeing its user growth stalled, and dwindling among the Gen Z and millennials. While Facebook still has 2.9 billion monthly active users and Instagram nearly 2 billion and Meta registered $118 billion in revenue last year, the Mark Zuckerberg-run company is worried at TikTok’s rise. Facebook has been losing users for quite some time while TikTok’s usage is rising in the US. Meta’s recent earnings report said that Facebook’s active users dropped by almost 5 lakh [5 hundred thousand] at the end of last year. Meanwhile, TikTok emerged as the top grossing non-game app in Q1 2022, generating $821 million in consumer spending in the quarter. … A latest teen survey claimed that TikTok and Snapchat are the two most popular social platforms among teens, with Instagram at the third spot. Just 3 per cent of teens said they preferred Facebook.”
As evidence that Meta (formerly known as Facebook) is concerned about TikTok’s growing success, the write-up points to a report from the Washington Post. Its article alleges the company paid consulting firm Targeted Victory to disparage its rival. The firm is said to have strewn opinion pieces and letters to the editor slamming TikTok in newspapers nationwide. We’d bet that effort cost Meta a pretty penny. Allegedly. TikTok might bite Zuck’s ankle and then the Achilles’ thing.
Cynthia Murrell, May 19, 2022
A Gentle Ripple in the Datasphere: Soft Fraud
May 18, 2022
Compared with some of the cyber behavior, soft fraud is a small fish, possibly a candiru. My definition of “soft fraud” is a behavior which does not violate the letter of the law. The spirit of the law? That’s a matter for discussion.
Soft fraud sits squarely between the Bernie Madoff-type play and a clueless Web designed happily leading a user into a rat’s nest of captchas.
I have been nagging my research team to look for examples of behavior which though technically legal in the country from which the actor operates, trigger a visceral reaction in some people.
What’s an example of soft fraud?
Apple and the Subscription Trick
Recently Apple announced that an authorized vendor with the Johnny Appleseed seal of approval can sell an Apple customer a subscription at a cut rate price. When the trial or initial order expires, the vendor can just raise the price. The customer does not have to be reminded that billing excitement ensues. What’s a customer to do? Call Apple customer support? Ho ho ho. That works like the feedback forms for podcasts. Perhaps call the outfit selling the subscription? Ha ha ha. No one works, and if they do, these valiant souls operate from office space in a beautiful suburb of Mumbai. That’s an example of what I call soft fraud. Apple may disagree, but that — so far — is my personal opinion. See “Apple will allow some apps to Automatically Charge You Higher Subscription Prices.”
Say One Thing, Do Whatever One Wants
Examples of this abound. I recall executives from Amazon, Facebook, and Google explaining how their businesses operate. In addition to the popular, “senator, thank you for the question,” the core response was “I will check and send you the information.” In the meantime what happens, absolutely no substantive change in the business processes under discussion. Hiring and firing issues. I will check and send you the information. Monopolistic and predatory behaviors. I will check and send you the information. Content manipulation via oh, so opaque smart software. I will check and send you the information. Yep, I nudge these methods into the soft fraud category. See “Facebook, Twitter and Google CEOs Grilled by Congress on Misinformation.”
The Copyright Violation Play
This is a cute money making maneuver involving some big names. The idea is that an agent representing some “big names” uses ageing image recognition software. The software bot prowls the Web looking for images whose hash code matches that of the rights holder. When a match is identified, an outfit with permission to move forward with legal action against the copyright violators springs into action. You can get a sense of what’s happening in this sector by check out some of these online articles and comments. Note: These may be distorted, crazy, or dead center. I leave it to you:
https://superezsystems.com/2020/01/10/why-are-cartoon-characters-scamming-for-copyright-violations/
https://www.torontomike.com/2020/10/the-picrights-international-inc-shakedown/
https://www.trustpilot.com/review/picrights.com
https://extortionletterinfo.com/forum/getty-images-letter-forum/picrights-com/15/
https://randeedawn.com/10-12-20-how-two-spam-emails-cost-me-650-or-when-picrights-enters-your-life/
https://culture-fx.com/picrights-higbee-and-associates-extortion-scam-reviews/
https://sportsweek.org/en/ice-hockey/news/262837698/
https://ziad.ezzat.com/fuckpicrights/
https://site-stats.org/details/picrights-international-inc/
https://www.canadacorporation.info/companies/10058661/
https://opencorporates.com/companies/ca/9682155
https://www.companiesofcanada.com/person/1244351/syed-ahmer-hussain
https://opengovca.com/corporation?director=Syed+Hussain
https://www.redfin.ca/on/aurora/237-Borealis-Ave-L4G-7T6/home/152256940
New Opportunity?
My hunch is that soft fraud is likely to get a boost. I noted “DeviantArt Can Now Notify Anyone Whose Art’s Been Used in NFTs without Permission.” The write up explains:
DeviantArt, an online art and design community founded in 2000, is now opening up its NFT protection tool to everyone… You can pay $9.95 per month to get protection for 1,000 pieces of art with a size limit of 50GB.
Is this an opportunity for an individual or entity to use the service to request payment for the NFT. The NFT holder might be grateful for getting control of the bitmap or other digital object. Would the helpful intermediary charge whatever the market will bear and then take a professional services fee?
This strikes me as perfectly legal. The existing copyright laws have a Disneyland feel about them from my perspective.
Net net: Soft fraud may benefit from the advent of NFT and services like that offered by DeviantArt, which is an interesting name in my opinion. Will regulators seize the day and create a category to handle soft fraud, mishandling of NFTs, and other innovations? Sure. Job One after re-election, fund raising, and getting media attention.
Stephen E Arnold, May 18, 2022
Systems and Software: Make Them Really Easy to Use
May 18, 2022
Isn’t software supposed to make work easier and more efficient? Even as reliance on technology in the workplace has increased, it appears to have become just the opposite. TechRadar Pro reports, “Software Frustration Is Costing Workers Millions of Hours Every Week.” Writer Will McCurdy cites a recent survey from Userlane, a company that makes and sells a digital adoption platform. He tells us:
“The company found a third – 35% – of UK employees waste at least one hour per week tackling software-related issues, while 61% spend at least 30 minutes per week on these challenges. The majority – 70% – of employers state that their overall use of technology at work has increased over the past two years according to Userlane’s data, as the demand for online collaboration in particular has skyrocketed with the move to hybrid working. What’s frustrating workers? The fact that software can be time-consuming to use was the most common complaint among those surveyed and was cited by 44% of the survey’s respondents. The IT department not responding to queries or issues quickly enough was another common complaint, cited by 39% of respondents. Software that involves too many complex processes was another common issue, cited by 23% of users. Userlane’s survey also suggests that software challenges are impacting how users approach their jobs.”
For example, nearly half the respondents have put off important tasks because of this frustration, almost 20% have dropped back to manual methods, and 8% have considered quitting over software woes. Apparently, the most common way for companies to battle complaints is to explain the technology’s benefits to workers—an approach we expect some may find patronizing. Other, perhaps wiser, methods include expanding IT support capacity and supplying workers with classroom and/or written training. Userlane also found nearly a third of companies are using a digital adoption platform, like the one it happens to sell. Whether such a guidance platform helps, though, will vary greatly by employee. It is, after all, another layer of software.
Cynthia Murrell, May 18, 2022
Choices: A Good Thing, Right?
May 18, 2022
Senior citizens are befuddled by modern times and one of the things that leave them flummoxed is the number of choices they face. It is not just senior citizens, however, who are overwhelmed with the options. Readwrite explains that IT professionals are baffled when it comes to selecting business software, “Why Choosing Software Is Such a Tough Decision In The Modern Era.” Business software selection is time-consuming and challenging due to many reasons.
One is the proliferation of niche software. Developing niche solutions is a piece of cake compared to the past and there is a lot of competition for niche software. Before selecting software, IT professionals should consider if they need specialized or a comprehensive software solution. It is also wise to compare the different options, but oftentimes it is like comparing apples and oranges. The options are all fruit, but which one is the best fit? Factors like the price should not be the only determining factor, because things like user interface, enterprise compatibility, tech support, and are also decisive factors.
Another factor is bureaucracy. Did you ever hear the phrase, “Too many cooks in the kitchen?” That statement applies to choosing a business software. The more people who are responsible for the decision and add their opinions muddle the process. It is important to listen to end-users and managers, but everyone cannot be pleased. Remember that someone needs to decide to move forward.
Many business owners fail to realize digital security threats:
“Businesses need to consider the security risks involved with acquiring new software and the potential security vulnerabilities they need to address when acquiring it. This piece of the software buying puzzle is especially complicated and risky, and businesses can’t afford to gloss over it. Many businesses now have dedicated risk assessment teams whose sole job is to evaluate the potential security risks associated with software.”
It is also important to read the fine print in the software contract, especially if an organization is using a SaaS model or using proprietary software. The contract could include stipulations that are more harmful than beneficial.
To make a decision, start by drafting a needs assessment of what an organization needs, then narrow down the scope to the core necessitates. The needs assessment is not set in stone, though, so if new ideas or software options emerge keep the plan flexible. Always compare similar software, especially prices and features. Lastly, be sure to find the software you can trust and make work for your organization. Remember if the solution does not work, it could mean termination.
Whitney Grace, May 18, 2022
Data: Better Fresh
May 18, 2022
Decisions based on data are only as good as the data on which they are based. That seems obvious, but according to BetaNews, “Over 80 Percent of Companies Are Relying on Stale Data to Make Decisions.” Writer Ian Barker summarizes a recent study:
“The research, conducted by Dimensional Research for data integration specialist Fivetran, finds that 82 percent of companies are making decisions based on stale information. This is leading to wrong decisions and lost revenue according to 85 percent. In addition 86 percent of respondents say their business needs access to real-time ERP [Enterprise Resource Planning] data to make smart business decisions, yet only 23 percent have systems in place to make that possible. And almost all (99 percent) say they are struggling to gain consistent access to information stored in their ERP systems. Overall 65 percent of respondents say access to ERP data is difficult and 78 percent think software vendors intentionally make it so. Those surveyed say poor access to ERP data directly impacts their business with slowed operations, bad decision-making and lost revenue.”
The write-up includes a few info-graphics for the curious to peruse. Why most of those surveyed think vendors purposely make it difficult to access good data is not explained. Fivetran does emphasize the importance of “looking at the freshest, most complete dataset possible.” Yep, old info is not very helpful. The company asserts the answer lies in change data capture, a service it happens to offer (as do several other companies).
Cynthia Murrell, May 17, 2022
More Facebook Documents
May 17, 2022
Facebook apparently generates quite a few documents. In a time of abundance, some of the excess finds its way into places unexpected. “We’re Publishing the Facebook Papers. Here’s How Facebook Killed News Feed Fixes Over Fear of Conservative Backlash” provides those who want to study the Way of the Zuck with some “new” information. The write up has a reason to report a Silicon Valley-type news organization’s interest in chewing on the ankles of Mr. Zuckerberg. The article states:
Facebook said it did not “build and withhold any News Feed changes based on potential impact on any one political party.” Internal documents say otherwise.
You can read allegedly original, once confidential documents from the cited article with additional information at this link.
The main idea seems to be that Facebook mostly does what it wants and says what is necessary to continue on its business trajectory.
What’s the main point?
From my redoubt in rural Kentucky, I have perceived the Zuck operation as an interesting example of information weaponization. I assume that a few other people share my view of the company. The once-confidential documents are interesting, particularly to those rushing to understand how information flows have an impact in the real world and in real time.
Is it possible that Gizmodo is walking a path which may lead to legal questions? Of course not! Freedom of speech and the stuff taught in high school civics. (Ooops. Research is surfacing that suggests online learning is not as zippy as some assumed.) Disclosing content which an enterprise developed for use by authorized individuals strikes me as a variation on the “move fast and break things” approach to some activities.
Gizmodo, it seems to me, is putting the pedal to the metal. Will the buggy break down as it speeds down the information highway trying to catch up with an outfit with a head start?
Stephen E Arnold, May 17, 2022