Wednesday, May 15, 2002

Security, insurance, and hard realities. Here are some notes from Bruce Schneier's talk. Hard, cold realities. Microsoft and its peers don't care about security, he argues, because it's not rational for them to do so. As businesses, they shouldn't, because they're not liable for their practices. Schneier is running out of options, he says, and what he's left with is a two-pronged strategy. One, require businesses to use insurance to manage risk, just like businesses use it to manage all other risks. Two, beef up prosecution of computer crime. ... [Jon's Radio]  Cripes... this guy is a leader in the field of infosec, and he's just now getting to this realization.   If you talked to anyone in financial risk management, I think they could have told you this years ago.  I certainly could have.   I feel like most security practioners are shamans and blood-letters.    The bottom line:  Absolute security is unattainable.  The cost of acheiving each increment of additional security increases non-linearly (exponentially).   As a software maker, you're not responsible for losses due to poor security, so the only driver for security in software is customer demand.   Customers are in most cases relatively price sensitive and value other features more highly than security.   And, in fact, security trades off almost directly against ease-of-use, openness, and flexibility which are properties that are often more desirable.      7:15:47 PM

Nanotechnology.  I have been reading up on nanotech recently (again).  There have been lots of big gains in this area recently.  This is technology that could radically change the nature of production by changing matter into information.  There is reason to believe that in a highly competitive nanotech economy, we could potentially reverse inflation due to rapidly declining prices for goods that self-assemble on-site or in nearby fabs.  A sustained 2-5% decline in costs would provide a double accelerator to personal wealth -- higher salaries due to rapid productivity gains and increased spending power due to price declines. [John Robb's Radio Weblog] 12:30:29 PM

I thought this article in HBR on Manuever Warfare and how its principles can be applied to business were interesting. Maneuver Warfare, where the focus is on deliberately leveraging the uncertainty of battle, contrasts against Attrition Warfare, where focus is on engaging the enemies forces directly with overwhelming force. This article references the US Marine Core's doctrinal publication, Warfighting, as it's source. The USMC has a site where you can conveniantly download all of their pubs. 11:00:43 AM

The Economist  Deep analysis of the acceleration of productivity growth in the US.  Take a look at this chart from HSBC.  Notice the trend line in year over year productivity growth since 1993, its up and to the right.  Even the last recession didn't dent it much (most previous recessions put productivity in negative territory -- a two step forward, one step back situation).  Granted, nothing lies like a trend line, but if this continues and is based on a fundamental shift in production due to computer automation, we will have 6% average productivity by 2010 and 9% by 2020.  9% productivity growth would double wealth every ~ 8 years!  A long boom. IT spending drove the acceleration.  Alignment (deep integration of business processes with IT) with Moore's law will provide the longer term benefits.  I think the latest blip in the productivity numbers without much IT spending shows that companies are aligning.  >>>Perhaps two-fifths of the acceleration in productivity growth between the first and second halves of the 1990s is explained by companies' increased spending on IT equipment rather than by higher total factor productivity (the efficiency with which both capital and labour are used). Spending on IT has since fallen sharply from a peak in 2000. If it fails to return to its earlier, clipping pace—because firms can see no pay-off—this could dampen future productivity growth.  The good news is that companies still have plenty of scope to boost productivity by reorganising their businesses to use information technology more efficiently, which could yet boost growth in total factor productivity. That theory might soon be put to the test. <<< Competition.  Increased competition forces companies to keep prices low, which in effect passes gains on to consumers.  It also means that companies will be forced to continue to spend on information technology:  >>>Mr King argues that workers (who are, naturally, also consumers) were virtually the sole beneficiaries of the new economy, in the shape of faster real wage growth. This was partly thanks to a fall in the prices of IT goods that they bought. More important, the same IT that spurred productivity also increased competition more widely across industries, from airlines and banking to insurance and cars, squeezing prices and profits. Information technologyreduces barriers to entry, and makes it easier for consumers to compare prices.  What is more, globalisation, itself spurred by information technology, has further trimmed the pricing power of firms. HSBC finds that, in most economies, the correlation between domestic inflation and domestic unit-labour costs has declined over the past 40 years; the correlation between domestic inflation and average OECD inflation has risen. In most countries in the 1990s domestic inflation was more closely correlated with OECD inflation than it was with domestic costs. <<< [John Robb's Radio Weblog] 10:21:49 AM

How do you score?. Jakob Nielsen: Top-10 Guidelines for Homepage Usability. Aside from #3, which doesn't apply, I think I pretty much nailed them on the home page for Dive Into Python. [dive into mark] 7:49:41 AM

VeriSign focuses on managed security services. PKI, SSL, DNS and other TLAs [The Register]  only about three years late... 7:38:56 AM

1940 : The Battle of France. On the 10th of May, 1940, German forces began advancing towards France. In one of the most astonishingly successful military operations in history, the invasion was completed in six weeks. On the 22nd of June, France surrendered. How did this happen? [kuro5hin.org] 7:34:57 AM

The New American Way of War. Hence to fight and conquer in all your battles is not supreme excellence; supreme excellence consists in breaking the enemy's resistance without fighting. Sun Tzu, The Art of War (approx 500 BCE) Victory, with minimal actual fighting, is accomplished by so demoralizing the enemy so that continued resistance seems useless, or by destroying the enemy's supplies, communications, and industries to the point where they can no longer sustain resistance. Before World War Two, naval power was the paramount way of doing this. The Greeks could not have fought the Trojans without a Navy to transport them. Rome could not have defeated Carthage without command of the Mediterranean Sea. The British Navy defeated Napoleon. Sea power provided transport and communications that were vital in winning wars. Prior to the 20th century, the only effective weapon against a powerful navy was a more powerful navy. [kuro5hin.org] 7:19:07 AM

Microsoft's plot to block Sun revealed. According to evidence introduced during the trial, Microsoft executives, including Chairman Bill Gates, apparently attempted to steer the direction of a Web services standards body away from rival Sun. [ZDNet Tech News] Big surprise... 7:17:52 AM

PKI and SSL: house of cards?. Richard Forno, chief security officer for ShadowLogic, takes a dim view of the PKI industry. "Digital trust is a slick marketing tool put out by the PKI industry. DoD wants smartcards with certs by 2004. What's the value of that? I don't know. They don't know." ... [Jon's Radio] ditto... 7:10:39 AM

"a ten inch diameter Tesla coil" [Daypop Top 40] you thought the electric hot dog cooker was fun... 7:08:14 AM

5. Recent Earthquakes - Info for A moderate earthquake (7.0 points). That was a BIG one ... earthquakes ... found the source [( blogdex : recent )]  Didn't feel it because I was flying overhead when it happened... 7:03:23 AM

Brewster Kahle on the Internet Archive. I'm at Brewster Kahle's talk on the Internet Archive. My favorite quip so far: "The major bug of the library of Alexandria was that it burned." Brewster's a man with a vision -- he's thinking way way ahead. He's working to mirror the Archive to the actual (current) Library of Alexandria in Egypt, "on the other side of the fault-line." My last rant on this, about digitizing my books, spurred numerous suggestions to read "Double Fold," which I've been getting regular reports on from my co-worker, Seth, who's working his way through it and gave a talk on it at a conference we attended together recently. Brewster understands that the mutability and ephemerality and overall suckiness of bits are also their strength (something I'm going to be speaking about tomorrow). Brewster's talking about the legalities, technical challenges and, most interestingly, the social challenges of building the Internet Archive. I love his response to people who object on the basis of copyright violation, which is basically, "Dear Sir/Madam: My deepest apologies for infringing your copyright. I will now remove your work from the historical record. Enjoy oblivion." Link Discuss [bOing bOing] 7:02:09 AM

HP says no spending recovery yet. Downbeat [The Register]  7:00:17 AM

IBM preps Eclipse application server challenge. So you think you're hard, huh? [The Register] 6:59:10 AM

10. FHM.com (9.0 points). 100 Greatest Online Games ... top 100 online games [( blogdex : recent )] 6:54:05 AM

Data dyspepsia blights the workforce. One of the biggest challenges facing an organisation today is filtering the good from the bad information. It's the classic signal/noise equation. We all like to get the right signals--and all hate the noise. But for each and every employee these are highly debatable categories. Gartner found, quite surprisingly, that the most useful information employees receive comes from personal networks, contact with friends and colleagues, and emails--rather than the finely tuned information source that is supposed to be the Intranet. But how do you manage that?  The other option is some kind of sophisticated knowledge management solution--but no one has even figured out what this is yet so don't expect that one to solve your woes. [The Register]  The solution isn't a sophisticated KM solution, it is K-Logs.  A well authored K-Log provides a filtered knowledge stream based on the Intranet.  It is simple, elegant, and leverages the Intranet -- the perfect way to improve the signal to noise ratio. [John Robb's Radio Weblog] 6:52:29 AM