Friday, December 30, 2016

Statistically speaking...

Statistics are everywhere these days.  You can't really blame the statisticians for getting all kinds of excited though.  The amount of data being produced today is prodigious to put it mildly.  Personally I say the more the merrier.  I love stats and I love data so I'm not at all put off by it all.  But statistics itself is a field concerned with interpreting data and data is just information and information can be good or bad or a little of both.  True, you have dishonest statisticians and you have dishonest people using honest stats for dishonest purposes.  But you also have bad information that results in bad stats being produced by honest statisticians and used by honest people.

It is sort of like Facebook.  On any given day I can read a lot of true things about friends, family and the world in general.  I have no reason to believe that the folks over at Facebook are anything by good, honest, hard working people.  Nor do I doubt my friends and family have the best of intentions.  But every once in a while I see a post that tells me my favorite celebrity has died when in fact they have not.  The bad information really ruins an otherwise wonderful experience. 

Recently there was a fairly large brouhaha on the Internet when a researcher published her results of a meta study which concluded that organic food had no more nutrition than food that was produced using pesticides and genetic modification.  Everyone got really excited about this.  What most people heard was, "Organic food is no better than other food".  Which really wasn't what the study was saying in the first place.

First, meta studies are tricky to get right.  They are very prone to researcher bias because the researcher is responsible for picking out studies that can best be used to answer a particular question accurately.  The researcher, as the gatekeeper of the information, can easily be swayed by their own personal biases, but also by the organization or company commissioning the research in the first place.  Meta studies can be very useful, but they do have to be taken with an amount of proverbial NaCl.  Too often the researcher chooses studies that answer the question the way he or she thinks it ought to be answered. 

Second, the study didn't really answer the question most people are really asking.  How do I know this?  Because of the reaction to the study.  What people really want to know is if organic food is better for us in general.  Not just if it is nutritionally better for us.  True, people should be concerned if organic food has no nutritional value, or far less value over non-organic food. However, the study only demonstrated that they were both about equal.  But the response, as I mentioned above, was more along the lines of, "Organic food isn't any better for you".

I personally eat organic because I don't want chemicals that are potentially harmful in my food.  So although the study helped answer the question, "Is organic food better nutritionally" (It may or may not be - remember, this is a meta study), it didn't answer the question, "Is organic food better for you overall". 

This is true with all statistics though.  We must ask questions about the statistics being offered.  It is our responsibility to be good and wise consumers of not only food but also information.  We don't have to accept everything we hear and read nor do we have to become fatalists (as some of my friends have).  We simply have to become better.

Friday, August 7, 2015

The new trojan horses

So I had to provision a remote employee's Windows laptop.  One piece of software they needed was OpenOffice, the free Microsoft Office replacement.  I did a search, grabbed the software and halfway in I knew I had made a mistake.  The URL looked right...no...wait it wasn't openoffice.org like I thought.  It was www.openoffice.us.com!   Crap!  I waited for the install to finish (it was almost done anyway) and, with a grumble and a sigh, I started the search for whatever crapware was installed.  Once everything was uninstalled I ran a scan and started over.

You would think I'd learn.  The employee's browser had the default search page set to Yahoo.  That was the beginning of my problems.  Yahoo is becoming the new Ask from what I can see.  The first results in any search, especially for software, will be scamware peddlers most of the time.  Google doesn't appear to be going down this road fortunately.  

Frankly, I'm sick of the whole thing.  Adobe and Oracle both try to install unwanted software that you are automatically opted in for and typically are part of security updates (in the case of Oracle you get Ask which is just plain immoral).  I should have known better, but I was in a rush and just didn't pay attention.  Part of me really wants to do something about this, but I haven't formulated a proper response yet.  I'm sure I'm not the only victim or else they wouldn't still be doing this.  That and I regularly have to clean up other people's computers.   Something ought to be done about these people.  But what?

Wednesday, July 15, 2015

Thoughts on secure systems

Contrary to my tagline, I'm going to wax pessimistic for a span.  Security is a big deal for obvious reasons.  But for all the effort I can't help but get the feeling that all we are doing is filtering out the bad hackers from the good ones and making the job of the good ones a bit more difficult.  At the end of the day I sort of feel like the nerd slinking down the school corridor hoping that I present such a small target that the bully won't notice me.

When Hacking Team got hacked on July 6 we were tempted to give a cheer.  But this could have been any company, including the one that stores your credit card info (like Target).  So really not much to cheer about except to say, "Better them than me".  The proverbial bully getting taken down by a yet bigger bully or, better yet, a geek with a sling shot.

I remember a workmate at a software support company commenting that the crash proof computer is the one without any input device.  The same clearly goes for the hack proof computer.  But then the computer becomes pretty much a brick, so that isn't really an option.

It isn't just that the computer may be insecure do to negligence such as your typical home setup with an unpatched, unfirewalled Windows machine on an unencrypted wireless access point.  Or insecure from an exploitable piece of software.   There is also the fact that computers are extremely complex organisms.  It isn't just a calculator with a piece of software for crunching numbers. It is a box full of software, all of which is mindbogglingly complicated all the while trying to play well with other equally complicated software.  Stick this magic box on a network full of similar boxes, all with the ability to communicate one to another and at the same time allowing input from these even more complex organisms called humans and one has to begin to wonder at how anyone escapes detection by the bullies.  I suspect it is because there are so many targets that the bullies get confused.  Sort of like a school of tuna. Or something.

There really isn't any analogy that can accurately explain the degree of problem here.  Believe me, I've tried.  I almost came up with one which involved a squad of octopi playing twister to the beat of a polka band who themselves were being beaten by baboons in tutus.  But by the time I got imagining that scene I completely forgot what the analogy was suppose to be analogizing for (which may be a good reason to keep it).

All of this leads me to the very pessimistic conclusion that there will never be a perfect security solution that will hacker-proof our computers or its data.  Let  me qualify that.  There will never be a perfect security solution that will be convenient for the user.  A fully patched, firewalled computer on an encrypted network using good passwords and multi-factor authentication is probably about as good as it will ever get and, in such a case, fairly hacker-proof.  Yet there are two problems with this scenario.  First, it is terribly difficult to get users to use good passwords and multi-factor authentication can be both expensive and, although inconvenient for the hacker, not entirely hacker proof.  The second problem is there is virtually impossible to prove something as being "hacker-proof".  So really we are back to where I started in this article.

So let me end on a note of optimism. As IT professionals one thing is secure: employment.  At least more secure at the moment than our computers and networks.  Because a hacker can gain access to any system given enough time, effort and ingenuity, our job is to make the systems so hacker unfriendly that they simply loose interest.  Not ideal, but that is where we are at right now and as systems continue to evolve into more complex systems I doubt the situation will change much.  So we might as well stop complaining or acting surprised when a system is hacked and get back to work.






Sunday, September 8, 2013

Ubiquitous UI

Just because something is ubiquitous doesn't make it wrong and in need of meddlesome tampering.

I remember reading years ago a jeremiad concerning the most common form of input device in use today on modern computers: the keyboard.  In all fairness they weren't basing their complaints on the fact that the keyboard was everywhere or that it was old and ought to be outmoded for that reason alone but rather they were bemoaning the fact that after over a half century of technological advances it was needed at all.  Why not voice or even brain input?

To some extent I felt the writer's pain. But when it comes to technology, at least when it comes to the advances we've made, I'm an optimist.  I see the keyboard as a good thing. A keyboard adds a necessary level of precision to input which voice and thought doesn't currently allow.  And I don't mean in relationship only to computer input.  Think of how often someone misunderstands what you are saying or the difficulty you and I have in expressing our very own thoughts into words that must now be understood by a second party.  

I don't mean to say that computers don't do a good job interpreting these things.  Quite the opposite: they do just as good a job as we do for one another.  Which is to say, computers get hung up on the very same problems humans get hung up on.  So I'm not getting down on computers or voice and brain controlled UI.  I'm simply pointing out that they are just as imprecise for computers as they are for humans.

A keyboard gives us that necessary abstraction; a sort of "QC" department for our thoughts. Not that it can't be misused or underused, but it is available and can allow us to format our thoughts accurately and precisely so that humans and computers can get a good picture of what it is we are saying.  That is a good thing.

There also seems to be another silver lining to this cloud of technological sluggishness when it comes to UI development: It slows us down.  Most of us with tight schedules working in the business world don't like to hear "slow down" but that fact is we need it.  Thoughts fire off at the speed of light, but that doesn't mean thoughtful communication can do the same.  More times than I can count I received strange messages from others texting me from their voice activated phones.  True, emails can produce the same, sometimes hilarious, communication faux pas, but I've seen a trend where this occurs more and more with voice UI.  

The answer is, of course, more accurate translation when it comes to voice-to-text interaction with machines, but if we aren't quite sure about what we are saying how will a machine put it all together?

Back to the writer I was speaking about at the beginning of this post. I think perhaps what they were experiencing was not disappointment as much as it was embarrassment.  After all of these years, after all of the brain power and experience of thousands of brainiacs writing millions of lines of text and even more lines of code, after all of the optimism of a couple of generations have been poured into some of the greatest advances ever seen by humanity, we are still using the same basic input device our great grandparents used.  I get it.  It is a bit of a letdown.

Maybe, like bell-bottoms, avocado green and orange kitchen appliances and BC glasses we just need to give keyboards a little more time to be cool again. 

In the meantime, I'll enjoy the connection with generations gone by and the precision it allows me when telling my computer what I want to say as oppose to my computer telling others what I meant to say.  But like I said, I'm a technology optimist.