Sunday, May 24, 2015

So what are the measures of Agency?

In my role as Leading Edge Forum research associate I had been pondering the implications of this question when I saw this link. I will be honest I am no-where near answering the question yet...

At first sight it might not be obvious that the Netflix link, (Yes; you should have read the link to make sense of this post!) relates to Agency. Closer inspection shows that Netflix is working to eliminate friction and delay in the process of their viewers getting to, or back to, exactly where they want to be in Netflix on different TV sets. They are measuring Agency, with the goal of increasing it! Of course this is very much in the interest of Netflix, as well as their viewers

Consideration of the activity will show that if Netflix succeeds, the Agency of BOTH Netflix AND their customers can be increased.

From this we may conclude that Agency does not conform to the Law of Conservation.

I suspect that Google and Facebook see control over our data as a Zero Sum Game, i.e. If we (the Masses) have control over our stuff, they (the MegaCorps) don't, and they think that is bad for them. So they strive, by fair means or foul, to reduce our agency over our things and data, in order for them to gain that control for themselves.

Sadly many politicians and technologists, still see this as a Privacy problem. This encourages the idea that Agency, or Control, has to conform to the Law of Conversation. However in the digital world Win-Win positions are easy to develop and benefit from. It does however takes an Outside-In and Clockwise mentality to be able to attain this apparent Nirvanah. The truth is that joint e-trust and control can be achieved, if only we put our minds to it, that can be of benefit to all parties.

Could it be that Netflix might be preparing for a better world, where entities are given frictionless and rapid control over their own Things, data and destiny? Of course that is taking their actual behaviour, and stretching it a little bit too far, but we can hope!

Actually, better still, we can start taking this stance in our own organisations, imagine what it will feel like, when you realize that you have taken your organisation to the high ground in time to avoid the Cyber Agency Flood. (This is an imagined future where the masses rise up in frustration over their loss of control over, and the unimaginable amount of time it is taking them to manage, their cyber interactions.)

What are the key Agency measures and win-wins that your organisations can find in your customer interactions, that will help to gain value for all parties.

Please get back to me as I have a sneaking suspicion about what one of the measures of Agency is but, I have been proven wrong before, so I'd like to gather data!


Wednesday, May 20, 2015

Security = Futility or Utility?

Or put another way: How secure are we really? depends upon how empty or full you see your cup!

For those with a predilection for full, let me introduce you to the emergence of Weapons of Mass Cyber Destruction (WMCD).

Forget externally implemented Denial of Service attacks, think of previously embedded Denial Of Operation tools.

Think not of Back Doors, think of built in Kill Switches, either surreptitiously, or worse openly, installed by the manufacturers of the devices.

We already have EMP Nuclear Bombs that can destroy our unprotected electronic devices. By far the majority of our electronic devices would be permanently taken out by an Electro Magnetic Pulse triggered by the explosion of such a device. Few nations have the capability, or the capacity to develop such devices. So most electronic devices remain unprotected.

A single dedicated and suitably motivated individual could develop a digital equivalent of the EMP. However there are large corporations who have already demonstrated a predilection for developing and implementing digital kill switches.

Such code has been developed to "kill" or degrade charging cables not manufactured by Apple. It only takes a small step inside the innards of any electronic device to determine the capability of installing kill switches. The answer is simple: all could have one built in, most could have one added, the important question is how many already have? In the case of the Apple charging cable it is as a result of a licensing program that gives contracted companies the right to make Apple Cables, to achieve this right, they must build MFI Authentication chips into their devices. Apple has written code into the iPhones and iPads to allow them to degrade the performance of non licensed cables and then stop them working at all.

If it walks like a "Kill Switch" and quacks like a "Kill Switch"....

Apple is currently requiring that Home Automation Manufacturers build the same MFi Authentication chips into their devices if they want to interact with HomeKit. They will likely be building in the same kill code to disable operations of device manufacturers who have stopped paying the HomeKit licensing fee, as they have done with their cables. This sounding frighteningly close to a protection racket.

There is clearly a need for Trust Perimeters, and for a Digital Fabric that enables the development of e-trust, which is a requirement on the journey to true Cyber Agency. The challenge is to ensure that e-trust and Agency are achieved in an open, transparent and arguably free manner. Walled Gardens that do not allow the free flow of trust and agency will be a major disabler for economic growth in the not to distant future

But perhaps worse is that the practise of embedding "kill switches" into products, in the interest of protecting revenue generating license fees, may one day, be used against us all. Why would we allow the installation of components and/or code into our devices that enable Mass Cyber Destruction? It is quite clear that Nation States could trigger already embedded kill switches at a mere whim....

What systems do you already own that could be disabled by miscreants or manufacturers?

More importantly what systems have you sold to your customers that could be disabled by miscreants or manufacturers?

In an increasingly interconnected world of Things, protecting the Agency of our Citizens/Customers, must be one of our highest priorities, after delivering them value for their tax/money. Though protecting the Agency of our own enterprise is as equally important. Be aware of each and every reduction of Enterprise Agency, some of these reductions may be done for good business reasons, but be sure they are. Miscreants and Entropy acts on Agency in the most surprising of ways, just like the frog relaxing in a warm pool of water, we should always be very cognizant of the importance of Situational Awareness. For like the dozing frog, we may never come to the realization that it is in fact a pot on the stove, and never wake up!