Close Enough for Horse Shoes? Why Drifting Off Course Has Become a Standard Operating Procedure

July 14, 2020

One of the DarkCyber research team sent me a link to a post on Hacker News: “How Can I Quickly Trim My AWS Bill?” In the write up were some suggestions from a range of people, mostly anonymous. One suggestion caught my researcher’s attention and I too found it suggestive.

Here’s the statement the DarkCyber team member flagged for me:

If instead this is all about training / the volume of your input data: sample it, change your batch sizes, just don’t re-train, whatever you’ve gotta do.

Some context. Certain cloud functions are more “expensive” than others. Tips range from dumping GPUs for CPUs to “Buy some hardware and host it at home/office/etc.”

I kept coming back to the suggestion “don’t retrain.”

One of the magical things about certain smart software is that the little code devils learn from what goes through the system. The training gets the little devils or daemons to some out of bed and in the smart software gym.

However, in many smart processes, the content objects processed include signals not in the original training set. Off the shelf training sets are vulnerable just like those cooked up by three people working from home with zero interest in validating the “training data” from the “real world data.”

What happens?

The indexing or metadata assignments “drift.” This means that the smart software devils index a content object in a way that is different from what that content object should be tagged.

Examples range from this person matches that person to we indexed the food truck as a vehicle used in a robbery. Other examples are even more colorful or tragic depending on what smart software output one examines. Detroit facial recognition ring a bell?

Who cares?

I care. The person directly affected by shoddy thinking about training and retraining smart software, however, does not.

That’s what is troubling about this suggestion. Care and thought are mandatory for initial model training. Then as the model operates, informed humans have to monitor the smart software devils and retrain the system when the indexing goes off track.

The big or maybe I should type BIG problem today is that very few individuals want to do this even it an enlightened superior says, “Do the retraining right.”

Ho ho ho.

The enlightened boss is not going to do much checking and the outputs of a smart system just keep getting farther off track.

In some contexts like Google advertising, getting rid of inventory is more important than digging into the characteristics of Oingo (later Applied Semantics) methods. Get rid of the inventory is job one.

For other model developers, shapers, and tweakers, the suggestion to skip retraining is “good enough.”

That’s the problem.

Good enough has become the way to refactor excellence into substandard work processes.

Stephen E Arnold, July 14, 2020

Sillycon Valley: When Molecules No Longer Collide

July 14, 2020

How Remote Work Could Destroy Silicon Valley” presents a slightly dark scenario for those infused with technology. The write up explains that when lots of eager smart people no longer interact in real life, something magical is lost.

If you wonder about the magic of Silicon Valley, Philz Coffee, and the risk of techquakes, you may find the write up interesting.

Two of the DarkCyber team wondered if Brownian motion is a factor. Those hyper educated, over-achievers bask in the sun. The closeness and the “energy”: What could be provide a better greenhouse for innovation. Money can grow on that code.

The spoiler is that WFHers will not benefit from the environment in a basement or a comparatively spacious two bedroom apartment in Salinas, Kansas.

When those folks go to work via Zoom, those sprouts of innovation, those vulnerable innovators suffer.

Thus, Sillycon Valley starts to look more like Salinas in the winter.

Stephen E Arnold, July 14, 2020

App Store Curation: Hey, the Method Is a Marvel

June 29, 2020

I don’t think about app store curation policies. One of the DarkCyber researchers was excited about Hey. At lunch, this individual groused about Apple’s editorial review process or what I call curation. Newspapers in the good old days used to do curation. Not so much any more. I still have a headache after my talk with a New York based big time real journalist.

I read “Another 53 iOS Apps Besides TikTok Are Grabbing Clipboard Data.” The write up, if accurate, illustrates how a company can create its own myth from Olympus. Then do exactly what most Silicon Valley companies do; that is, anything that is easy and good for them.

The write up states:

ikTok may be ending its nosy clipboard reading on iOS, but that doesn’t mean other app developers are mending their ways. Security researcher Tommy Mysk told Ars Technica in an interview that an additional 53 apps identified in March are still indiscriminately capturing universal clipboard data when they open, potentially sharing sensitive data with other nearby devices using the same Apple ID. The apps are major titles, too — they’d normally be trustworthy. The behavior is visible in news apps for Fox News, the New York Times and the Wall Street Journal. You’ll also find it in games like Bejeweled, Fruit Ninja and PUBG Mobile.

Did Aristotle cover this type of  mental glitch in his Nicomachean Ethics?

Of course he did.

Stephen E Arnold, June 29, 2020

Is Cyber Crime Boring? Maybe The Characterization Masks a Painful Consequence?

June 1, 2020

DarkCyber read “Career Choice Tip: Cybercrime is Mostly Boring.” The article is clear. The experts cited are thorough and thoughtful. Practicing cyber crime is similar to what engineers, developers, and programmers do in the course of their work for firms worldwide. Much of that work is boring, filled with management friction, and repetitive.

The article states:

the academics stress that the romantic notions of those involved in cybercrime ignore the often mundane, rote aspects of the work that needs to be done to support online illicit economies. The researchers concluded that for many people involved, cybercrime amounts to little more than a boring office job sustaining the infrastructure on which these global markets rely, work that is little different in character from the activity of legitimate system administrators.


The paper is quoted in the article as explaining:

We find that as cybercrime has developed into industrialized illicit economies, so too have a range of tedious supportive forms of labor proliferated, much as in mainstream industrialized economies. We argue that cybercrime economies in advanced states of growth have begun to create their own tedious, low-fulfillment jobs, becoming less about charismatic transgression and deviant identity, and more about stability and the management and diffusion of risk. Those who take part in them, the research literature suggests, may well be initially attracted by exciting media portrayals of hackers and technological deviance.”

The DarkCyber study team discussed the Cambridge research summary and formulated some observations:

  1. Boring means that cyber crime will be automated. Automated processes will be tuned to be more efficient. Greater efficiency translates to the benefit the cyber criminals seek. Thus, the forward momentum of boring cyber crime is an increase in the volume and velocity of attacks.
  2. Certain criminal elements are hiring out of work or disgruntled technologist from mainstream companies, including high-profile Silicon Valley companies. Our research identified one criminal organization paying 90,000 euros per month and offering benefits to contract workers with specialized skills. The economic pressures translates to a talent pool available to certain criminal orchestrators. More talent feeds the engineering resources available to cyber crime constructs. DarkCyber believes a “Google effect” is beginning, just in the cyber crime market space.
  3. Law enforcement, government agencies, and some providers of specialized services to law enforcement and intelligence entities will be unable to hire at the rate criminal constructs hire. Asymmetry will increase with bad actors having an opportunity to outpace enforcement and detection activities.

Net net: The task facing law enforcement, security, and intelligence professionals is becoming more difficult. Cyber crime may be boring, but boring tasks fuel innovation. With access to talent and cash, there is a widening chasm. Talking about boring does not make clear the internal forces pushing cyber crime forward.

Stephen E Arnold, June 1, 2020

Work from Home: Trust but Use Monitoring Software

May 19, 2020

As the COVID-19 pandemic keeps offices closed and employees continue to work from home, bosses want to be sure their subordinates are working. According to the Washington Post, bosses are “replicating the office” using webcams, microphones, and surveillance software says the article, “Managers Turn To Surveillance Software, Always-On Webcams To Ensure Employees Are (Really) Working From Home.”

Harking back to the chatrooms of yesteryear, employees log into digital work spaces with customizable avatars and chatroom cubicles with instructions to keep webcams and microphones on all day. The idea of the digital workspace designed by Pragli will encourage spontaneous conversation. Some quickly adapt to the technology change, others have difficulty.

While some companies do not replicate the office with programs, they are using other tools such as always on webcams, check-ins, and mandatory digital meetings. There is the concern that companies are being invasive:

“Company leaders say the systems are built to boost productivity and make the quiet isolation of remote work more chipper, connected and fun. But some workers said all of this new corporate surveillance has further blurred the lines between their work and personal lives, amping up their stress and exhaustion at a time when few feel they have the standing to push back.”

Since the COVID-19 forced the American workforce into quarantine, companies want to confirm their workers’ productivity and report on how they are spending their business hours. There has also been an increase in the amount of time Americans spend working each day.

InterGuard is a software that can be hidden on computers and creates a log of everything a worker did during the day. The software records everything a worker does as frequently as every five seconds. It ranks the apps and Web sites as “productive” and “unproductive,” then tallies a “productivity score.”

Many employees do not like the surveillance software and cite that the need to confirm they are actually working disrupts their work flow. Pragli, on the other hand, says the replication of human interaction brings employees closer and allows them to connect more frequently.

A new meaning for the phrase “trust but verify.”

Whitney Grace, May 19, 2020

Content Marketing: The Faux Monte

May 8, 2020

I wrote about the SEO hustle email I received on April 30, 2020. That email became the subject of the conversation I had with the former CIA professional, Robert David Steele. He interviewed me and posted the video from his Web site You can view the video at this link. In this post, I want to call attention to the SEO expert’s example blog content, thoughtfully provided by an individual named Christian Arriola and using the alias of a person named Jeffrey Garay. The blog in question is part of a kitchen remodeling business doing work in Pearland near Houston and Allen near Dallas.

The blog post is “How to Get Your Dream Kitchen Remodel Without Breaking the Bank.” Here’s an example of the content which the outfit Woobound wanted to provide to Beyond Search / DarkCyber:

When you have an excellent suggestion of what you desire, take a seat and also write a great breakdown of jobs that you desire finished. You do not need to be technological and also you do not need to make use of building terms yet simply state all the important things you desire a service provider to do and also bid. It can be as easy as: eliminate all existing floor covering and also closets; mount brand-new floor covering, cupboards, kitchen counters, sink as well as home appliances per the strategy; paint; attach sink pipes; as well as mount brand-new lighting fixtures.

It appears that the connection between Beyond Search / DarkCyber is that the root “techno*” appears in the paragraph above and some of Beyond Search / DarkCyber’s more than 18,000 articles. I may be missing other, more sophisticated connections, but on the surface, the idea that kitchen remodeling and the topics in Beyond Search / DarkCyber are tenuously related. Oh, wait, I do cover cyber crime, perhaps that is the hook?

The blog features some broken image links, an 888 number to contact the firm, and a content pool exactly one post deep.

My concern about search engine optimization’s latest “trick” is that some people will accept this “link trade” or “backlink” pitch.

Meaningless links are not helpful to a user. We will be monitoring this ploy because deception is a precursor of cyber crime. Our objective is to take a close look at this faux monte. What we see so far is not appealing; in fact, one of the DarkCyber team used the term

Stephen E Arnold, May 8, 2020

Why Search Sucks: The MVP Approach Maybe?

April 13, 2020

I read what seems to be a modern management write up. The implicit idea is that when developing an app or other software, people get excited. The coder or the team thinks of the many nifty things the new gizmo can deliver. What happens? There are Windows 10 and Apple OSX updates that brick a user’s computer? There are services like Quibi which fall over on Day One because scaling didn’t happen. There are other examples ranging from Google’s wild and crazy Zoom killers to Zoom’s encryption which wasn’t and still may not be… encrypted.

Why We Are Hardwired to Focus on the Wrong Parts of our Product” seeks to explain why flawed apps and software are the norm. Remember? That’s the big hump in the middle of standard distribution. The challenge today is producing software that sort of works; that is, good enough for today’s often clueless user.

The write up asserts:

Iterative product development achieves its speed through a Minimum Viable Product (MVP) approach. MVP means taking the possible feature set that could be included in a product, or the possible functionality a specific feature could deliver, and cutting it down to the minimum needed to bring value to the end-user.

The consequence of MVP: The bell curve of failure.

The MVP process primes us to want to regain the value we believe we’ve lost. As soon as the product is live, we fall into a weakness-based, additive strategy, where we are compelled to add new functionality in order to win back our lost value (real or imagined).

This weakness-based mindset gets further reinforced when we start analyzing data and feedback. Because loss aversion causes us to focus on losses more than gains, we are more likely to gloss over positive signals and areas of strength and focus instead on the areas of the product that “aren’t working.”

What’s the fix? Here you go:

Analyze what works

Move from addition to subtraction

Understand your strengths.

Sound too good to be true? Well, the approach may be good enough. I am waiting for a book called Thinking Wronger: A Basic Guide.

Stephen E Arnold, April 13, 2020

WFH WTF: A Reality Check for Newbies

March 30, 2020

On Sunday, my son who provides specialized services to the US government and I were talking about WFH or work from home. WFH is now the principal way many people earn money. My son asked me, “When did you start working from home?” He should have remembered, since he was a much younger version of his present technology consulting self.

The year was 1991 (nearly three decades, 29 years to be exact and I am now 76), and I had just avoided corporate RIFFing after an investment bank purchased the firm at which I served as a reasonably high ranking officer. I pitched a multi year consulting deal with the new owners (money people), and I decided that commuting among my home in Kentucky, the Big Apple, and Plastic Fantastic (Silicon Valley) was not for me.

I figured I had a few years of guaranteed income so I would avoid running out an leasing an office. No one who hires me cares whether they ever see me. I do special work; I don’t go to meetings; I don’t hang out at the squash club or golf course; and I don’t want people around me every day. In Plastic Fantastic, I requested an inside office. The company moved the fax machine, photocopier, and supply cabinet to my outside office with lots of windows. I took the dark, stuffy, and inhospitable inside office. Perfect it was.


The seven deadly sins of working from home: [1] Waiting for the phone to ring or email to arrive, [2] eating, [3] laziness, [4] anger, [5]  envy, [6] philandering online or IRL, [7] greed. For the modern world I would add social media, online diversions, and fiddling with gizmos.

Why is this important for the WFH crowd?

The Internet is stuffed with articles like these:

The WFH articles I scanned — reading them was alternately amusing and painful — shared a common thread. None of them told the truth about WFH.

My son suggested, “Why not write up what’s really needed to make WFH pay off?” Okay, Erik, here’s the scoop. (By the way, he has implemented most of these behaviors as his technology consulting business has surged and his entrepreneurial ventures flourished. That’s what’s called “living proof” or it used to be before Plastic Fantastic speech took over discourse.)

Discipline. Discipline. Then Discipline Again

The idea is that one has to establish goals, work routines, and priorities. The effort is entirely mental. For nearly 30 years, I follow a disciplined routine. I am at my desk (hidden in a dark, damp basement) working on tasks. Yep, seven days a week, 10 hours a day unless I am sick, on a much loathed business trip, or in a meeting somewhere, not in my home office). Sound like fun? For me, it is, and discipline is not something to talk about in marketing oriented click bait articles. Discipline is what one manifests.

Read more

Duh Report: Smart Software Creates Change

March 28, 2020

Another report from the edge of the obvious:

New technology changes lives. Duh.

Not exactly a news flash. But some are surprised. Ali Jazeera explores how artificial intelligence is changing modern society in the article, “Dataland: The Evolution Of Artificial Intelligence And Big Data.”

Classic science fiction generally takes an analog approach to futuristic technology as the concept of a digital landscape was not in the human scope. Our digital data is as identifiable as our fingerprints and different organizations use it to track us. In democracies, it is mostly used to sell products with targeted ads, while authoritarian governments use it to track their citizens’ locations and habits.

Dataland is a documentary that tracks how AI is used in different countries:

Dataland illustrates the different facets of big data and artificial intelligence being unleashed by the world’s most prolific data scientists. The film goes to Dublin where artificial intelligence is becoming an increasing influence on community life; to Finland where citizens transmit their DNA to improve public health and predictive medicine; and finally to China where facial recognition is routinely used by the state to track the movement, habits and private lives of common people.”

It is inspiring and startling to see how different societies use AI. We literally can only imagine how AI will be used next, then the technologists will make it a reality. It is only a matter of time (years or decades?) before AI is as common as mobile devices.

Interesting source too.

Whitney Grace, March 27, 2020

Acronym Shadow: Good Enough Presages the Future of US Technical Capabilities

February 6, 2020

Apps are nothing but drag and drop programming. The database stuff? A no brainer for Shadow. What other half informed generalizations contributed to the technical, managerial, and political issues with the Iowa caucus app. The New York Times, definitely a paragon of technical acumen, analyzed the situation. Navigate to “The App That Broke the Iowa Caucus.” Remember the NYT was the outfit that fumbled its original online play, ably directed my Jeff Pemberton—what, 40 years ago?—and then lost revenue by pulling its “exclusive” from the LexisNexis service a few years later. Now the NYT is a techno master, happily pointing out that failure took place.

There was no mini failure. Maybe some underhanded activity, maybe some carelessness, and maybe some “we’re experts and know what to do” thinking going on.

DarkCyber believes that the misstep, if that’s what it was, was a reminder that technical expertise and excellence are not as easy as writing a proposal, pulling some influence strings, or assuming that code actually works in the real world.

Nope, the good enough approach is operating.

But the larger message is that if the US expects to maintain a place among technology leaders, a different mind set is needed.

What is that mind set? For starters, big thinkers and MBA types must recognize that planning, attention to detail, quality checks, live tests, and making software usable are necessary.

A failure in a core democratic process is a signpost. For anyone who believes the baloney manufactured about artificial intelligence, natural language processing, and advanced analytics—good enough is not.

Is this a bright signal that American technologists cannot deliver when it matters and when those who seek to disrupt America are getting the clown show of a lifetime.

Stephen E Arnold, February 5, 2020

Next Page »

  • Archives

  • Recent Posts

  • Meta