tag:blogger.com,1999:blog-7779581.comments2023-08-06T11:52:41.154+01:00e-TrustThe Watcher!http://www.blogger.com/profile/11968560107535762604noreply@blogger.comBlogger15125tag:blogger.com,1999:blog-7779581.post-15202418072110802402015-04-02T17:04:56.666+01:002015-04-02T17:04:56.666+01:00"I’m sorry Dave, I can't do that" is..."I’m sorry Dave, I can't do that" is as good a place to start on this as any. It evokes the primal fear of a malevolent intellect for which we have no mutual empathy or common experience. For this reason alone there will always be a tension between autonomous AIs and people.<br />"I cast you out! Unclean Sprit!"<br />I think a better way of approaching this issue is the concept of a digital symbiote that is constantly assessing someone’s behavior in a given context. In situations of where important decisions have to be made the symbiote has to provide an assessment as to whether their host is within behavioral and contextual norms. If the symbiote makes the assessment that either the context or behavior is beyond certain thresholds, the host may have their authority challenged and potentially overridden by rule based systems. In the simplest terms, “if you start acting crazy you may lose the ability to do important stuff”. <br />I think this is a very scary concept depending on how you define “crazy” and so am not openly advocating this for any but the most critical of situations, such as flying a plane. It could however work for robotic hosts. Their symbiote would operate in exactly the same way and have the ability to override, or minimally shut down the device they are monitoring.<br />Thus, I think that true agency is the ability for us to have our own collection of symbiotes where we as individuals, define what “crazy” means for us, and when we purchase, rent or take control of a robotic system, we attach our symbiote to it in order to take agency over it.<br />“Igor, pull the switch!”<br />“…. No, master”<br />Anonymoushttps://www.blogger.com/profile/05989523573940571343noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-62643558761976750312014-04-11T09:49:28.263+01:002014-04-11T09:49:28.263+01:00Some good points.... but surely one can't rely...Some good points.... but surely one can't rely on the Security Check from LastPass too much? A site might have been using a vulnerable version of OpenSSL one year ago and your credentials were then compromised, but has since updated to the version without the Heartbleed bug and at the point LastPass checks the site's version and certificate it all looks OK? So therefore would it not be prudent to change all passwords on potentially affected sites that use OpenSSL once they have patched and updated certs? To further complicate it, it's always possible a site has switched from a vulnerable version of OpenSSL to a completely different SSL technology without you ever knowing and therefore could also be open to compromise in the past. Guess it's a balance of really how likely are all these permutations converging to cause the issue - the swiss cheese of security!Six Brothers and the South Downs Wayhttps://www.blogger.com/profile/11232283021210654312noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-83775437687456714832014-02-04T13:49:20.775+00:002014-02-04T13:49:20.775+00:00Two thoughts, first on music, in the 70's I pu...Two thoughts, first on music, in the 70's I purchased a 7in Single, the "data" that I licensed was the song, the media surely is irrelevant; SoundHound would identity it as just one data set irrespective of whether it was my single on a record player, a cassette, DAT tape, MP3 or even FM or DAB radio.<br />Oh wait, the record company want me to buy a new copy every-time I change format.<br />Maybe there are a lot of vested interests that need re-educating......<br />Meanwhile I'm off to search the Internet for; and download, whole bunch of MP3 matching the 2000 singles that I have already purchased. (NSA please note this is British Irony, aka a joke).<br /><br />On your "zeroeth" commandment - I see where you are going, but would challenge your direction.<br /><br />"Owning entities should not allow their data to be uncontrollably stored by others"<br /><br />Thus mandates; <br />If I don't DRM that music then I loose my rights to sue.<br />IRL - If I loan my lawnmower to my neighbour, then it's my responsibility to ensure they do not mistreat it.<br /><br />To use your example;<br />Love thy neighbours lawnmower as you love your own lawnmower. - Jesus put the onus clearly on the end-user.<br /><br />Paul<br /><br />Paul<br />Global Identity Foundationhttps://www.blogger.com/profile/15662628842435627835noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-75758642948371780272014-01-02T09:18:16.521+00:002014-01-02T09:18:16.521+00:00I recognise that there are few tools and ecosystem...I recognise that there are few tools and ecosystems that will support this new frame. What tools are you using?The Watcher!https://www.blogger.com/profile/11968560107535762604noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-61508432164247182792013-11-25T16:53:07.632+00:002013-11-25T16:53:07.632+00:00Made me chuckle imagining you interfacing with fri...Made me chuckle imagining you interfacing with friend "auto"'. I thought you were practising your Tai Chi moves or some Karate kata.lasancmthttps://www.blogger.com/profile/13822691623204558637noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-21774816674455017332012-03-21T08:41:12.883+00:002012-03-21T08:41:12.883+00:00The antonym of egency? (Digital) powerlessnessThe antonym of egency? (Digital) powerlessnessMikeNelsonhttps://www.blogger.com/profile/05479847358966968249noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-26651056326467410812012-03-12T15:48:51.943+00:002012-03-12T15:48:51.943+00:00"We will come to realise that egency and tran..."We will come to realise that egency and transparency are in fact good bed fellows, Wiki-Leaks will be seen as an early major shift towards egency."<br /><br />I would suggest that Wikileaks is a symptom of the shift towards egency, because a mass dump into the public internet of communications that were created under an assumption of state-level confidentiality could also be seen as a gross violation of the egency of its authors.<br /><br />Ultimately, when we speak of transparency, we might want to sharpen the concept to "appropriate transparency." If we are to deliver egency, then we're going to have to provide the tools to enable discrete and controlled sharing of information. This is not all sunshine and roses, though it may be "just". We have to start thinking about the consequences for accountability: in other words, let's say we have created an electronic history of our relationship with Entity A. Now we seek a relationship with Entity B, for whom elements of the relationship with Entity A are relevant to deciding whether they want to have a relationship with us, and what kind of benefit/entitlement/access they will grant us. If we want what Entity B can provide to us, we'll have to agree to share certain facts -- good and bad -- about our Entity A history.<br /><br />What this "appropriate transparency" scenario suggests might be called "radical accountability." The cultural shift we'll have to make is how to handle what we might call "breakdowns" in our personal history -- failures to obey the rules, failures to deliver what we committed to delivering, stupid decisions, etc. How long are we to be held accountable for those mistakes and mis-steps in an era when everything is part of a historical record?Anonymoushttps://www.blogger.com/profile/05444720894496362234noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-85631818574719249042012-03-10T11:32:03.812+00:002012-03-10T11:32:03.812+00:00Where ever I use Primacy above, please now read &q...Where ever I use Primacy above, please now read "Egency"The Watcher!https://www.blogger.com/profile/11968560107535762604noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-44350352047413571562009-03-01T22:27:00.000+00:002009-03-01T22:27:00.000+00:00When I get a server from Amazon there's not a lot ...When I get a server from Amazon there's not a lot of abstraction. Just a virtual server generated for me, but I still know the name, the IP address, etc.<BR/>But I still think Amazon hardware service is quite "cloudy".<BR/><BR/>So what is that cloud doing for me? Is giving me a server where I don't have to worry about the hardware. Is that an abstracted server?<BR/><BR/>So I can agree that cloud is about abstraction because you deal just with the top layer and don't worry about what is below; but we also need loosely coupling to be able to get services from different clouds.<BR/><BR/>Not sure I'm helping muchAnonymoushttps://www.blogger.com/profile/06763129767790539364noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-41141026669280733352009-02-28T17:16:00.000+00:002009-02-28T17:16:00.000+00:00I wouldn't say tension, so much as mud for me. St...I wouldn't say tension, so much as mud for me. Still wading through it.<BR/><BR/>It struck me in giggles that I am trying to put a solid frame around 'abstraction'!Anonymoushttps://www.blogger.com/profile/10318904653337609750noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-14224760664882390022008-11-05T16:51:00.000+00:002008-11-05T16:51:00.000+00:00I finally gave up and am now using a Direct attach...I finally gave up and am now using a Direct attached Hard Disk for Time Capsule Backups!<BR/><BR/>Please tell me when it worls someone!!!!The Watcher!https://www.blogger.com/profile/11968560107535762604noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-60963026750868804962008-08-20T07:34:00.000+01:002008-08-20T07:34:00.000+01:00This is a pretty challenging topic, in a number of...This is a pretty challenging topic, in a number of ways, but one that I would love to see popularized in the school system.<BR/><BR/>You really can't protect systems unless you know they exist and this is still a challenge in today's organizations.<BR/><BR/>I once taught a course along these same lines on Threat Modeling - one of the big challenges, of course, was keeping the class engaged and interested in a topic that is not inherently exciting. Something that helped (and this may be obvious) is using real-world examples to engage the students and get their brains moving as opposed to static content they might have difficulty relating to.<BR/><BR/>I would advertise this as a challenging and widespread problem with a field of possibilities for those that are able to master the topic. :)Damonhttps://www.blogger.com/profile/09553692682124327086noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-7147417704852777362008-08-18T20:13:00.000+01:002008-08-18T20:13:00.000+01:00@mortman and @alexhutton pointed me to your post. ...@mortman and @alexhutton pointed me to your post. I am currently developing a 'computer security' class myself, so I have some interest in this topic. Here are some comments that came to mind after a cursory glance of the post:<BR/><BR/>Computing students tend to be fairly technically oriented. Using phrases such as "managing information assets" might not be the best verbiage to choose.<BR/><BR/>When defining goals, make sure you can measure them. Statements like "Understand the different types of information threats..." are very hard to measure objectively.<BR/><BR/>"<I>Ensure the security of information technology services, systems and assets within an organisation. This also covers the competencies required to manage the confidentiality, integrity, and availability of data and information.</I>" The way it is phrased (use of the word 'also') makes me thing that "security of IT services" and "C-I-A" are different things.<BR/><BR/>Minor things as:<BR/>"By the end of the module <I>the student</I> will be expected to be able to:<BR/>[...]<BR/>Show <I>their</I> understanding of"<BR/><BR/>If I were a technology student, I would stay away from this class as much as I could. However, if I were more business-oriented, I might take an interest in it. The content seems a little advanced. <BR/><BR/>Do students understand what information security is, and why it is done? What kind of background knowledge do they have when they initially take this class? How long does the class run for?Kees Leunehttps://www.blogger.com/profile/16298308298433146819noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-55251262758146381812008-08-05T02:08:00.000+01:002008-08-05T02:08:00.000+01:00Andrew McAfee also touches on this in his post at ...Andrew McAfee also touches on this in his post at http://blog.hbs.edu/faculty/amcafee/index.php/faculty_amcafee_v3/freedom_is_still_overrated_but_technology_can_fix_it/<BR/><BR/>He believes that there is room for signaling about intent and content.<BR/><BR/>He refers to EnTwitter as Twitter for the Enterprise.Anonymoushttps://www.blogger.com/profile/00155205007308061854noreply@blogger.comtag:blogger.com,1999:blog-7779581.post-27525282593065595432008-08-03T20:33:00.000+01:002008-08-03T20:33:00.000+01:00The meta-data you refer to might be thought of as ...The meta-data you refer to might be thought of as a form of signaling or as the outbound version of advertising your presence. <BR/><BR/>You want to qualify what you say. There are number of dimensions that might be relevant beyond just the audience. There is the criticality of the communication. There is the extent to which action is required. There is the degree to which the recipient should hold the information closely. You may wish to get positive confirmation of message received and acted upon. You may also want to indicate that you are teasing ;-)<BR/><BR/>Twitter has some of this in the form of DM. When you reply to someone it has a bit of Amber to it, whilst allowing others to watch if they are interested.<BR/><BR/>The subject line in emails can be used to differentiate messages, such as through a preface of FYI: to the subeject.<BR/><BR/>The more general principle here is that your transmission needs to take the receive into explicit account, not treat as an after thought.Anonymoushttps://www.blogger.com/profile/00155205007308061854noreply@blogger.com