All Your Data Are Belong To Us

Or, in the form of a question: When
a. One has to notify authorities of any (possible!) data leak, per law, in Europe and soon maybe also in the USofA,
b. Even BIOSses aren’t secure anymore, baked in from the word Go and onwards,
Shouldn’t all organisations declare all of their infrastructure and hence all their data, possibly compromised ..?

Just asking.

[Edited to add this. Also relevant; this one deeper (?)]

[Calm, not private; Museumplein Amsterdam]

Posted in Information Risk Management, Innovation (technologicallly driven), ERM, GRC, Information Security, Privacy | Tagged , , , , , , , , , | Leave a comment

Help determine this rock

I have an inkling of what this piece of art means, but would there be anyone out there that, under strict confidentiality of course, could provide a full explanation ..?
In particular — but including full context — what the link is between a book, possibly obscure but a tip as pleasurable read and this in Joinville:

It’s just all too odd to not have a connection … Including this, perhaps ..?

Posted in Architecture, Books by Quote, Sociological, psychological notes | Tagged , , , | Leave a comment

You’re So Smart

In a reference to a song about me:
Most ab-original humans wouldn’t pass a serious Turing test.
Most serious AI trying to pass, would.

You, the select elite of my blog readers … Well, elite by numbers, mostly, or ..? And select, as in ‘clicked by error’..?

Just kidding, of course, off course.
What I meant was: as originally intended, Turing tests have become a hypothetical mind game ‘only’. Now that we’re approaching ‘intelligence’ of machines, like, graduating from ANI to AGI and on to ASI without a blink — not all of society will change at one instant to the next level, and then after some prep all of society will move to the next! Much more creepy stuff is out there without general (public its) knowledge than you can imagine (if anything) — suddenly we return to the thought experiment.
Acknowledging that we have never been able to give a sort-of extentional definition of ‘intelligence’, only an intentional one. Which may indeed suffice. Now that we’re accustomed, and into ethics discussions rather than did/did-not type of things (ex the laggerds who still can’t stand being surpassed by ‘dumb’ machines — calling them that, calls yourself ‘below’ (quod non) that…), we’ve seem to have made the question irrelevant. When a few still say that this sort of thing is impossible, others are already doing it and hardly anyone seems to care.

The latter part being the scary bit. Wait and see just will not be enough here, in particular RE settling the Ethics elements. It’s not only self-driving cars where momentum is out of human hands and into Technology’s… It’s everywhere.

To not be afraid — or to be but be brave and conquer your fears and Act, this:
[Still recognisable as VR trompe l’oeil; Rijks Amsterdam]

Posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven), Privacy | Tagged , , , , , | Leave a comment

Classic plusquote: Progress

You can watch it, but you can’t stop it. As you’re only a looker-on, unable to halt progress.
Like, this here classic from 1987 already.
[Explains the less than stellar graphics quality but hey, from analog to digital vid…]

[In the church of inevitable Dutch waterworks; Lijnden]

Posted in Books by Quote, ERM, GRC, Sociological, psychological notes | Tagged , , , , , , | Leave a comment

New Normal Hacking

Errm, anyone still surprised about (not) new news on data being stolen, ransomware striking, or democracy perverted, anywhere, all the time ..?

Got a bit worried, and wondered whether there would be others the same, about the current Mehh impression of everyone in the loop, about even political parties [now openly], voting machines, etc., getting cracked and data stolen which combined with at last, at very last finally, the hackability of voting machines not, against all sane arguments, being tamper-resistant — which leads to the vulnerability and class broken-ness of fundamental human values.

And still, there’s hardly more than Mehhh.

Would anyone have a reason not to worry …?


Oh well, blue pills everywhere …? Plus:
[Sorry to say lads and lassies of the Royal Academy of Arts, but the Gemeentemuseum did beat you, on this one]
[Edited to add: No, this post was written before the NIST October 7 ‘news’ came out that (‘end’?) users are tired of hack-warnings (security fatigue), if that were a thing. Which is also not quite what I meant above, which is worse…]

Posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven), Privacy | Tagged , , , , , , , , , , | Leave a comment

Are sw bugs taxing your resilience ..?

There would be a solution when we’d find a way to tax software makers for their product faults.

Because caveat emptor can work only if unlike in softwareland, one can duly (!) examine the product before purchase otherwise-and-anyway culpability for hidden flaws remains with the seller/licensor.

Which is impossible with shrink-wrapped stuff — and the ‘license’ claim is ridiculous, moreover the EULA is inconsistent hence null and void: Either the product is used under license hence the product quaility liability remains with the producer/licensor or the licensee is liable for damages the use of the product might cause but then invariably ownership is with the purchaser.

The software maker can’t have their cake and eat it; that would run against basic legal principles. And claiming that one’s always allowed to not use the product and choose another one or not, the Hobson’s Choice that brings about so many legal ramifications that even $AAPL’s pockets would never suffice, would invariably lead to oligopoly/cartel charges …!

Or, as this may easily be solved when taken as a societal problem just like environmental stuff like CO2 pollution (we all need electricity): Why not tax the software makers for their ‘pollution’ of the IS environment with bugs ..? (And prohibit the use of greenhouse gases like SQL injection weaknesses?)
Like, after post-write but before release, this (Dutch) news that casual carelessness is a headache for government(s)… A bit like driving rules with no enforcement, maybe ..?

I’m not one for fighting the real windmills… hence:
[The outards of the inn(ard)s of courts; Bridget’s London obviously]

Posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven) | Tagged , , , , , , , , , | Leave a comment

Simply, stats

Just putting it down there.

With some discussion, OK, OK…:

  • Fubbuck still the largest, “of course”, but by less of a margin than previous (?);
  • Because FB ‘messenger’ oh horrendous thing, is listed separately. Prob with reason. At least, because reasons;
  • QQ and QZone still biggies, to grow ..!?
  • Tumblr’s big this time. Let’s dig for demographics, et al., to see whether some specific user group is biasing stats. The age-old subject that the Internet was invented and invaded for, may be a big one in this;
  • LinkedIn larger than Pinterest. A #first ..? And not by much. Cause? Sturdy growth, hanging in there, holding out and succeeding by others falling back; or has some take(n)-over played a role here …?
  • Insta quite big but maybe not living up to the hype (or what’s its growth), Snapchat rather flat. Is Millennialhyping a thing from the past already ..?


Posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven), Privacy | Tagged , , , | Leave a comment