Exogenous Complexity 3: Being Clever
February 24, 2012
I just submitted my March 2012 column to Enterprise Technology Management, published in London by IMI Publishing. In that column I explored the impact of Google’s privacy stance on the firm’s enterprise software business. I am not letting any tiny cat out of a big bag when I suggested that the blow back might be a thorn in Googzilla’s extra large foot.
In this essay, I want to consider exogenous complexity in the context of the consumerization of information technology and, by extension, on information access in an organization. The spark for my thinking was the write up “Google, Safari and Our Final Privacy Wake-Up Call.”
Here’s a clever action. MIT students put a red truck on top of the dome. For more see http://radioboston.wbur.org/2011/04/06/mit-hacks.
If you do not have an iPad or an iPhone or an Android device, you will want to stop reading. Consumerization of information technology boils down to employees and contract workers who show up with mobile devices (yes, including laptops) at work. In the brave new world, the nanny instincts of traditional information technology managers are little more than annoying nags from a corporate mom.
The reality is that when consumer devices enter the workplace, three externalality happen in my experience.
First, security is mostly ineffective. Clever folks then exploit vulnerable systems. I think this is why clever people say that the customer is to blame. So clever exploits cluelessness. Clever is exogenous for the non clever. There are some actions an employer can take; for example, confiscating personal devices before the employee enters the work area. This works in certain law enforcement, intelligence, and a handful of other environments; for example, fabrication facilities in electronics or pharmaceuticals. Mobile devices have cameras and can “do” video. “Secret” processes can become un-secret in a nonce. In the free flowing, disorganized craziness of most organizations, personal devices are ignored or overlooked. In short, in a monitored financial trading environment, a professional can send messages outside the firm and the bank’s security and monitoring systems are happily ignorant. The cost of dropping a truly secure box around a work place is expensive and beyond the core competency of most information technology professionals.
Second, employees blur information which is “for work” with information which is “for friends, lovers, or acquaintances.” The exogenous factor is political. To fix the problem, rules are framed. The more rule applied to a flawed system, the greater the likelihood is that clever people will exploit systems which ignore the rules. Clever actions, therefore, increase. In short, this is a variation of the Facebook phenomena when a posting can reach many people quickly or lie dormant until the data load explodes like long forgotten Fourth of July fire cracker. As people chase the fire, clever folks exploit the fire. Information time bombs are not thought about by most senior managers, but they are on the radar of those involved in a legal matter and in the minds of some disgruntled programmers. The half life of information is less well understood by most professionals than the difference between a uranium based reactor and a thorium based reactor. Work and life information are blended, and in my opinion, the compound is a dangerous one.
Third, vendors focusing on consumerizing information technology spur adoption of devices and practices which cannot be easily controlled. The data-Hoovering processes, therefore, can suck up information which is proprietary, of high value, and potentially damaging to the information owner. Information is not “like sand grains.” Some information is valueless; other information commands a high price. In fact, modern content processing and data analytic systems can take fragments of information and “fuse” them. To most people these amalgams are of little interest. But to someone with specialized knowledge, the fused data are not god nuggets, the fused data are a chunky rosy diamond, maybe a Pink Panther. As a result, an exogenous factor increases the flow of high value data through uncontrolled channels.
A happy quack to Gunaxin. You can see how clever, computer situations, and real life blend in this “pranking” poster. I would have described the wrapping of equipment in plastic “clever.” But I am the fume hood guy, Woodruff High School, 1958 to 1962. Image source: http://humor.gunaxin.com/five-funny-prank-fails/48387
Now, let’s think about being clever. When I was in high school, I was one of a group of 25 students who were placed in an “advanced” program. Part of the program included attending universities for additional course work. I ended up at the University of Illinois at age 15. I went back to regular high school, did some other Fancy Dan learning programs, and eventually graduated. My specialty was tricking students in “regular” chemistry into modifying their experiments to produce interesting results. One of these suggestions resulted in a fume hood catching fire. Another dispersed carbon strands through the school’s ventilation system. I thought I was clever, but eventually Mr. Shepherd, the chemistry teach, found out that I was the “clever” one. I sat in the hall for the balance of the semester. I adapted quickly, got an A, and became semi-famous. I was already sitting in the hall for writing essays filled with double entendres. Sigh. Clever has its burdens. Some clever folks just retreat into a private world. The Internet is ideal for providing an environment in which isolated clever people can find a “friend.” Once a couple of clever folks hook up, the result is lots of clever activity. Most of the clever activity is not appreciated by the non clever. There is the social angle and the understanding angle. In order to explain a clever action, one has to be somewhat clever. The non clever have no clue what has been done, why, when, or how. There is a general annoyance factor associated with any clever action. So, clever usually gets masked or shrouded in something along the lines, “Gee, I am sorry” or “Goodness gracious, I did not think you would be annoyed.” Apologies usually work because the non clever believe the person saying “I’m sorry” really means it. Nah. I never meant it. I did not pay for the fume hood or the air filter replacement. Clever, right?
What happens when folks from the type of academic experience I had go to work in big companies. Well, it is sink or swim. I have been fortunate because my “real” work experiences began at Halliburton Nuclear Services and continued at Booz, Allen & Hamilton when it was a solid blue chip firm, not the azure chip outfit it is today. The fact that I was surrounded by nuclear engineers whose idea of socializing was arguing about Monte Carlo code and nuclear fuel degradation at the local exercise club. At Booz, Allen the environment was not as erudite as the nuclear outfit, but there were lots of bright people who were actually able to conduct a normal conversation. Nevertheless, the Type As made life interesting for one another, senior managers, clients, and family. Ooops. At the Booz, Allen I knew, one’s family was one’s colleagues. Most spouses had no idea about the odd ball world of big time consulting. There were exceptions. Some folks married a secretary or colleague. That way the spouse knew what work was like. Others just married the firm, converting “quality time” into two days with the dependents at a posh resort.
So clever usually causes one to seek out other clever people or find a circle of friends who appreciate the heat generated by aluminum powder in an oxygen rich environment. When a company employs clever people, it is possible to generalize:
Clever people do clever things.
What’s this mean in search and information access? You probably already know that clever people often have a healthy sense of self worth. There is also arrogance, a most charming quality among other clever people. The non-clever find the arrogance “thing” less appealing.
Let’s talk about information access.
Let’s assume that a clever person wants to know where a particular group of users navigate via a mobile device or a traditional browser. Clever folks know about persistent cookies, workarounds for default privacy settings, spoofing built in browser functions, or installation of rogue code which resets certain user selected settings on a heartbeat or restart. Now those in my advanced class would get a kick out these types of actions. Clever people appreciate the work of clever people. When the work leaves the “non advanced” in a clueless state, the fun curve does the hockey stick schtick. So clever enthuses those who are clever. The unclever are, by definition, clueless and not impressed. For really nifty clever actions, the unclever get annoyed, maybe mad. I was threatened by one student when the Friday afternoon fume hood event took place. Fortunately my debate coach intervened. Hey, I was winning and a broken nose would have imperiled my chances at the tournament on Saturday.
Now more exogenous complexity. Those who are clever often ignore unintended consequences. I could have been expelled, but I figured my getting into big trouble would have created problems with far reaching implications. I won a State Championship in the year of the fume hood. I won some silly scholarship. I published a story in the St Louis Post Dispatch called “Burger Boat Drive In.” I had a poem in a national anthology. So, I concluded that a little sport in regular chemistry class would not have any significant impact. I was correct.
However, when clever people do clever things in a larger arena, then the assumptions have to be recalibrated. Clever people may not look beyond their cube or outside their computer’s display. That’s when the exogenous complexity thing kicks in.
So Google’s clever folks allegedly did some work arounds. But the work around allowed Microsoft to launch an attack on Google. Then the media picked up on the work around and the Microsoft push back. The event allowed me to raise the question, “So workers bring their own consumerized device to work. What’s being tracked? Do you know? Answer: Nope.” What’s Google do? Apologize. Hey, this worked for me with the fume hood event, but on a global stage when organizations are pretty much lost in space when it comes to control of information, effective security, and managing crazed 20 somethings—wow.
In short, the datasphere encourages and rewards exogenous behavior by clever people. Those who are unclever take actions which sets off a flood of actions which benefit the clever.
Clever. Good sometimes. Other times. Not so good. But it is better to be clever than unclever. Exogenous factors reward the clever and brutalize the unclever.
Stephen E Arnold, February 24, 2012
Sponsored by Pandia.com
MegaSearch: Looking for Excitement?
January 19, 2012
Short honk: Search systems for underground or dark net content such as credit card numbers come and go. If you are interested in this particular type of search excitement, you will want to read “‘MegaSearch’ Aims to Index Fraud Site Wares.” The service points and does not store certain information such as credit card information. We learned:
MegaSearch said that when his site first launched at the end of 2011 and began indexing the five card shops he’s now tracking, those shops had some 360,000 compromised accounts for sale, collectively. Since then, those shops have moved more than 200,000 cards. The search engine currently has indexed 352,000 stolen account numbers that are for sale right now in the underground.
For more information, see “Underground Credit Card Store Operators Aggregate Their Stolen Data.” The link, which may be blocked by certain systems, is MegaSearch.cc. Explore but understand the risks.
Stephen E Arnold, January 19, 2012
Sponsored by Pandia.com
Big Data in 2012: Reliable Open-Source Software Required
January 11, 2012
Enthusiasm and optimism that Big Data as a concept is the next big thing. We are almost ready to board the Big Data bull dozer. The hoopla surrounding Big Data has not died down in 2012. Instead, the concept demonstrates the continuing environment of processing and analysis.
As businesses become aware that the Big Data trend is here to stay, publishers are looking for reliable support. The Apache Hadoop project develops open-source software for reliable, scalable, distributed computing. The company offers much in the way of dealing with unstructured data and is setting the pace for consolidation as well as personalization. I came across an interesting article, “State of the World IT: Big Data, An Offer That is Formed” (The original article is in French, but http://translate.google.com works well for this gosling). We learn:
As a recognition of the market in 2011, Hadoop has also attracted the top names in the IT industry who put this framework in the heart of their range of data processing volume. One reason: the cost mainly reminded us James Markarian, executive vice president and technical director of Informatica confirming that the framework ‘helped to change the economic model of the Big Data.’ Adding that flexibility… was as a criterion for adoption.
It is clear that the excess of data will only continue to grow by the minute. Generations of search, publishing, and consolidation will continue to emerge. I recommend staying informed of the products and the specific capabilities of each. However, Big Data which is filtered may pose some interesting problems; for example, will the outputs match the pre-filtered reality? Will predictive methods work when some data are no longer in the stream? So far the cheerleading is using chants from an older, pre-filtering era. Is this a good thing or a no-thing?
Andrea Hayden, January 11, 2012
Sponsored by Pandia.com
Search Engines May Take Action Against Pirate Web Sites
January 3, 2012
From the Sooner or Later Department:
Google has been in the news a lot lately for being biased when it comes to search result ranking. According to a the recent Telegraph article “Google May Give Pirate Sites Lower Ranking,” that bias may be leading to positive results. A new code will force Search engines to automatically rank pirate websites lower than official ones and give priority to those that were certified under a recognized scheme.
The article states:
According to research by the Publisher’s Association, Google searches for the 50 best-selling books in one week in March returned an average of four illegal links in the top 10 listings. The previous year that figure was closer to two.
Under the code, Google as well as other search engines would stop allowing illegal sites to advertise and would step up their efforts in delisting pirate websites as soon as they are flagged by legitimate rights holders.
While the search engines have yet to respond to the proposal, we believe that if this is policy goes into effect, there may be some unforeseen consequences. Exciting to be the one to define “pirate”.
Jasmine Ashton, January 3, 2012
Sponsored by Pandia.com
Protected: SharePoint Provides the Product, but ISVs Make the Money
December 7, 2011
SplashData Finds 25 Most Common Passwords of 2011
December 6, 2011
InfoWorld reported this week on the most commonly used passwords of 2011 in the article “Stop Using These 25 Passwords Today.”
According to the security and search application vendor SplashData, many people fall into the trap of using random nouns or numbers for their password.
The article states:
“Too many users still can’t resist the allure of using dangerously simple passwords, such as strings of sequential numbers (“123456” or “654321”), series of letters that sit side by side on keyboards (“qwerty” and “qazwsx”), or passwords that demonstrate little to no imagination (“password” and “111111”). Other users evidently attempt to avoid overly common words or strings of numbers and letters in favor of proper names, types of animals, interests, or short sentences.”
The article provides a list of the top 25 stolen passwords posted by hackers for you to peruse. Our personal favorite is 11111111.
Jasmine Ashton, December 6, 2011
Sponsored by Pandia.com
NASA and Google Refocus on Enterprise Search Project
November 30, 2011
Researchers at the NASA Langley Research Center helped make it possible for humans to land on the moon and robots to capture far-off worlds. Information giant Google has its roots in search. That was then.
Now NASA has lost the space program and Google lost focus on search. But that hasn’t stopped the two from teaming up to improve NASA’s Enterprise search capabilities. “NASA and Google tackle a major enterprise search project” explains:
“NASA researchers had become hindered by time-consuming and relatively labor-intensive searches that often returned questionable results. NASA workers usually had to log in to multiple systems to complete the searches, and there was no common search interface that could simultaneously display results from both internal and external sources.”
The two worked together closely to set up the Google Search Appliance that is currently up and running at NASA Langley. Both sides are satisfied with the final product for NASA’s research community.
But in the fast paced information world, you need to look to innovators focused specifically on enterprise search. You may want to check out Mindbreeze and their dynamic search technologies that bring together security, mobility, and information pairing.
Sara Wood, November 30, 2011
Spotlight: Mindbreeze Information Pairing
November 2, 2011
We wanted to continue our spotlight on Mindbreeze, a unit of the highly regarded Fabasoft. You will want to bookmark the Mindbreeze blog at this link and take note of “Information Pairing. Knowledge Match Making for Your Company.”
With companies flopping like caught trout in the bottom of a fishing boat, the ability to locate the person in your organization with information germane to your work is essential.
The challenge, according to Mindbreeze, is to locate the individual with the experience, information, and insight to assist in answering a business question. Walking around no longer works because many companies have employees who are at client locations, working from a different facility, or responding to email from an airport waiting lounge.
The blog article asserts:
Fabasoft Mindbreeze has the answer: Information pairing. This involves the boundless networking of company relevant information within an enterprise or organization and placing it in the Cloud. In my opinion acting in this way in all business issues is reliable, dynamic and profitable – the basis for competitive advantage.
The method relies on the Mindbreeze core technology which delivers information with pinpoint accuracy. The write up continues:
Existing identities and access rights to company-internal and Cloud data remain preserved. The user only receives information displayed for which he/she has access rights for. This ensures that Fabasoft Mindbreeze fulfills the strictest compliance requirements. Furthermore, Mindbreeze is certified according to all relevant security standards.
The Mindbreeze technology for “information pairing” allows in a unique way to enrich documents and information in a secure and highly efficient way with enterprise and even content from the Cloud. Information gets dynamically annotated with “knowledge” extracted and harvested from cloud services (public and private ones), e.g. like Wikipedia or Fabasoft Folio Cloud. This is a very innovative and impressive way to combine information effectively and annotate existing and preprocessed entities on the fly.
So for instance: You need to know everything about a lead? Mindbreeze combines every information in your enterprise, like your CRM and connects the information with suitable content from sources like Wikipedia, LinkedIn, social media like Facebook and even on your web analytics account and comes up with a unified view of all the information that’s available for this lead.
Unlike some search and content processing vendors, Fabasoft has taken care to ensure that privacy and security work as the organization intends. Fabasoft and Mindbreeze hold SAS70 and ISO 27001 certifications for their cloud services. This is unique in the enterprise search space. According the write up, the focus has been on putting “values” about these important norms in the firm’s software and systems.
Take a look at www.mindbreeze.com.
Stephen E. Arnold, November 2, 2011
Sponsored by Pandia.com
Google and LAPD Disagree on Security
November 1, 2011
Call me old fashioned, but I thought sophisticated enterprise cloud services were secure. Guess I was wrong. Looks like more security hassles for Google, this time centering around the city of Los Angeles.
In 2009, the city approved a $7.25 million deal to move its email and productivity infrastructure to Google Apps, yet the move hasn’t been completed yet. The reason? LAPD and other agencies in the city are not happy with Google’s security, particularly in the realm of criminal history data. The number of LA employees expected to move has been downed from 30,000 to 17,000 and the city is demanding a refund for the money it has paid Novell for a GroupWise System, Fire Department Arson Investigators, City Attorney Criminal Branch, and several other city groups concerning criminal history data.
Ars Technia’s article, “Google Apps Hasn’t Met LAPD’s Security Requirements, City Demands Refund,” tells us more:
Both CSC and Google released statements this week. According to Network World, CSC said it has ‘successfully migrated all of the City of Los Angeles’s employees, except those with the City law enforcement agencies, to the new Google Apps cloud computing solution,’ and ‘subsequent to the award of the original contract, the City identified significant new security requirements for the Police Department. CSC and Google worked closely with the City to evaluate and eventually implement the additional data security requirements, which are related to criminal justice services information, and we’re still working together on one final security requirement.’
I think the issue boils down to a a failure to communicate. Now the parties have to determine who said what and when but really meant another thing. Clear? If not, perhaps Google will sue Los Angeles as it did Fish & Wildlife. Clear?
Andrea Hayden,November 1, 2011
Sponsored by Pandia.com
Protected: Useful Claims-Based Authentication White Paper
October 28, 2011
-
- Subscribe to Beyond Search
Feature archive
News archive
-
