Ged Carroll

Category: security | 保衛 | 정보 보안 | 情報セキュリティー

According to Wikipedia security can be defined:

Security is protection from, or resilience against, potential harm (or other unwanted coercive change) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons and social groups, objects and institutions, ecosystems or any other entity or phenomenon vulnerable to unwanted change. Security mostly refers to protection from hostile forces, but it has a wide range of other senses: for example, as the absence of harm (e.g. freedom from want); as the presence of an essential good (e.g. food security); as resilience against potential damage or harm (e.g. secure foundations); as secrecy (e.g. a secure telephone line); as containment (e.g. a secure room or cell); and as a state of mind (e.g. emotional security).

Back when I started writing this blog, hacking was something that was done against ‘the man’, usually as a political statement. Now breaches are part of organised crime’s day to day operations. The Chinese government so thoroughly hacked Nortel that all its intellectual property was stolen along with commercial secrets like bids and client lists. The result was the firm went bankrupt. Russian ransomware shuts down hospitals across Ireland. North Korean government sanctioned hackers robbed 50 million dollars from the central bank of Bangladesh and laundered it in association with Chinese organised crime.

Now it has spilled into the real world with Chinese covert actions, Russian contractors in the developing world and hybrid warfare being waged across central Europe and the middle east.

  • Robots demoralise coworkers

    Faster Robots Demoralise Coworkers | Careers | Communications of the ACM – If you get the pace wrong would the effect of robots demoralise coworkers limit productivity? Is the future not robots augmenting coworkers, but replacing coworkers a more productive alternative. A Cornell-led team has found that when robots are beating humans in contests for cash prizes, people consider themselves less competent and expend slightly less effort—and they tend to dislike the robots – to be fair I’d expect to see something similar if the same person kept winning employee of the week. I know that workers on the line at Vauxhall in Ellesmere Port used to sabotage the robots on the line on a regular basis. This might phenomenon of robots demoralise coworkers be part of their motivation (along with laziness and malice)

    Flickr Cofounder Questions Tech’s Impact on Humans – WIRED – it’s easier to ask the big questions when you’ve made it and can reflect in the tech industry. These weren’t questions that we asked back in the day. More on Caterina Fake here.

    Marbridge Consulting – China’s February 2019 Domestic Handset Shipments Down 20% YoY14.51 mln mobile handsets were shipped in China in February 2019, down 19.9% YoY and 57.4% MoM, according to new figures released by the China Academy of Information and Communications Technology (CAICT), a department of China’s Ministry of Industry and Information Technology (MIIT). The significant month-on-month drop can be explained in part by the week-long Chinese Lunar New Year holiday towards the beginning of February. Of total shipments in February, 13.98 mln were 4G handsets, down 20.2% YoY, 37,000 were 3G handsets, and 0.49 mln were 2G handsets

    A Witch-Hunt on Instagram | Quilette – western PC culture seems to have more and more cases of it eating their own

    Aging Millennials Soothe Themselves With Childlike Fashions – WWD – to try and hang on to youth. The attenuation of youthfulness is a cross generational phenomenon. For instance middle aged dads the still buy streetwear rather than Superdry, skate and go to gigs.

    SXSW 2019: Virtual Cinema – JWT Intelligence – culture is still trying to adapt AR and VR. Whilst it has the energy of an early SIGGRAPH demo reel, I still think the storytelling aspect of things is struggling to find its legs

    Patrick Pruniaux: “There Truly is an E-commerce Potential for Horology” | Luxury Society – Kering haven’t been particularly good at using Ulysse Nardin as a brand in China, but they are rectifying it now. Kering are looking to tap into ‘new’ watch consumers who can’t spend Rolex money on a watch, this position now looks more tenable since Apple has stopped going for the luxury sector with the Apple Watch

    How to Create an Authentic Luxury Experience for Millennials | Jing Dailyif a luxury brand wants to entice today’s consumers, whether it’s in China or beyond, it needs to underscore its authenticity and relevancy. Powerful words, to be sure, but what does it mean to be authentic and relevant? For the moment, let’s start with the opposite. During many of my brand strategy sessions, I often hear the expression “they feel staged” when people describe brands that they would never buy. Needless to say, when brand feels staged, it is neither authentic nor relevant. The synonyms unnatural, deceived, cheated, and faked come to mind. In other words, a staged brand is bullshitt*ng their consumers.

    Louis Vuitton Has a Michael Jackson Problem | Intelligence | BoF – LVMH invested significantly in Virgil Abloh to elevate its menswear line. However, the potential failure of Abloh’s Michael Jackson-inspired collection—whether due to pulled items or lack of consumer interest—is unlikely to significantly impact Louis Vuitton’s overall revenue, as men’s ready-to-wear is a small part of their business. The real concern for Louis Vuitton is protecting its brand reputation, which remains strong unlike some competitors who have faced recent social media backlash. This is especially crucial now, as consumers are quick to criticize any perceived missteps.

    How What Goes Around Comes Around Is Attracting Millennials To Buy Vintage – US chain channels aesthetic of Japanese vintage shops

    You May Have Forgotten Foursquare, but It Didn’t Forget You | WIRED – interesting how Foursquare went from being useful (I use it as spatial bookmarking, so that I can return to new places that I like) to where 2.0 middleware with a bit of ad tech creepiness thrown in for good measure (paywall)

    Pinterest Files for an IPO: What Investors Need to Know | The Motley Fool – interesting for intent driven visual search if they can monetise it effectively on a global scale

    Great video of a Black Hat conference presentation on biometric identifiers.

  • Zara model controversy & things I made last week

    Chinese netizens on Zara model controversy. I love Asian Boss’ qualitative interviews. The Zara model controversy happened only because its in China. Chinese netizens over react to anything they perceive as a slight. Fashion isn’t about ‘beauty’, but that subtlety sailed past Chinese netizens. Freckles indicate age and peasantry in Chinese culture. Beauty is porcelain flawless skin.

    Anand Giridharadas on the modern gilded age and how we should be skeptical of plutocrat philanthropy.

    New Balance China tends to march to the beat of its own drum. But even I was surprised by these sweatshirts with new romantic type detailing. China is unique in terms of its faux Korean aesthetic. I just don’t get the sportswear versus flamenco dancer look, I am just speechless at it.

    New Balance does New Romantic

    Samsung’s facial recognition is surprisingly easy to defeat. This is particularly bad for Samsung. Samsung’s other biometric authentication finger print ID isn’t as good as Apple’s. Samsung isn’t even as good legacy finger print scanners found on the back of Android handsets. Users have no reasonably secure option beyond PINs. I knew of siblings (not twins): a sister unlocking her younger brother’s phone at a glance.

    The moral of this story is that physical security of your phone is required to prevent unauthorised access to your device. Regardless of whether its made by Samsung or any other vendor.

    Goldman Sachs have a great (if terrifying) video on the use of biometrics in public places like airports and stadiums. This is really disturbing, nay, dystopian viewing if you care about your privacy at all. The human factors issue of the laptop loss at Clear affected the brand reputation. What’s impressive is the fact that the Clear brand survived disaster. It is rare for lightning to strike twice, even more so in technology.

  • Hasan Minhaj and other things that caught my attention this week

    Supreme by Hasan Minhaj. I hadn’t watched much of Patriot Act mainly because there is more content that grabs my attention on Netflix. This clip is a great dive into hype culture by Hasan Minhaj – often the best humour is that with uncomfortable truths in it.

    Amazon playbook on Amazon Vine. Gartner L2 made this useful clip on the effective use of Amazon’s Vine programme.

    Key take-outs (my observations in italics):

    • Amazon don’t allow vendors any editorial controls over reviews and look to keep them honest and authentic
    • Vine seems to be really good in the process of accelerating product launches for vendors
    • Use Vine BEFORE Amazon’s sponsored products and sponsored brands advertising function; by the sounds of it pretty similar to the way you’d have previously used PR in a product launch marketing campaign
    • L2 recommends ensuring the efficacy of the product; but Vine COULD be used as the last gate in the innovation process before you go gangbusters. Lots of negative reviews could still save you on a massive production run and huge advertising spend

    Sophie Cope (Electronic Frontier Foundation) on digital privacy and the surveillance state. Great video on the World Affairs channel – interesting how this has become such a big issue amongst ‘wonkish’ audiences. More privacy related content here.

    Lynx (Axe for non UK audiences) have latched on to the ASMR meme that has been popular for a couple of years. It feels weird to watch, I am not sure what the strategic insight(s) were for this work beyond the fact that beards are sticking around for a good while yet.

    https://youtu.be/x9T7BJ-jf6o

    The last thing is the positive experience I had with American Express this week when I lost my card. I spoke to a real person on a decent phone line who quickly canceled my old card sent me out a new one that arrived in 48 hours.

  • Douyin + more things

    Are Douyin and TikTok the Same? | What’s on WeiboChina’s Netcasting Services Association (中国网络视听节目服务协会), an association directly managed by the Ministry of Civil Affairs, issued new regulations that online short video platforms in China should adhere to. One of the new guidelines requires all online video service providers to carefully examine content before it is published. Tech China reports that the new stipulations require that all online video content, from titles to comments and even the use of emoticons, has to be in accordance with regulations, which prohibit any content that is ‘vulgar,’ is offending to the Chinese political system, puts revolutionary leaders in a negative light, or undermines social stability in any way – interesting dive into the differences between TikTok and Douyin which seem to run off separate systems. We also see some crossovers, for instance similar ad formats on both Douyin and TikTok. Another area of connectivity is the similar level of censorship on TikTok that is rolled out on Douyin. This is creepy, but makes both Douyin and TikTok brand safe, which is particularly attractive to mainstream advertisers. The big question for me is whether TikTok provides direct access to its data to the Chinese government like Douyin would be obliged to do. More related content here.

    Snap Business | Apoposphere – how the apps you use impact your daily life and emotions – usual caveat emptor considerations apply. Sample size is 1,005. Research is sponsored by Snap

    Facebook culture described as ‘cult-like’, review process blamed | CNBC – can’t work out if there is a lot of employee adulting required or if the culture is reminiscent of peak Microsoft circa 1995

    Major WeChat trends brands can’t ignore in 2019 | Digital | Campaign Asia – WeChat and global traveller connection particularly important

    Major WeChat trends brands can’t ignore in 2019 | Digital | Campaign Asia – WeChat and global traveller connection particularly important

    The perfect plan for the couch potato | Trendwatching – Bilibili and Ele.me partner to provide hybrid content streaming and free food delivery

    Brands should give up control to reach Gen Z | Creativepool – this says more about how marketing hasn’t changed over the past 15 years than gen-Z. This tells me that brands and agencies haven’t been listening. It also tells me that I can recycle decade old platitudes and essays with a Ctrl+F gen-Y and Ctrl+V gen-Z

    Samsung’s Supreme Copyright Spat | The Daily | Gartner L2Chinese consumers weren’t fooled by the “Supreme” partnership, eviscerating Samsung on social media following the launch. Its Greater China digital marketing manager responded to the uproar by posting on his Weibo account that the decision to work with Supreme Italia was made because it had obtained the authorization to use the brand in China. Samsung later backtracked as he deleted the post and Samsung’s official Weibo account announced it was “re-evaluating” the partnership – gosh I can feel the heat from the burn on this from half way around the world…

    Apple’s China Problem : 12 Reasons – Counterpoint Research – covers more of the points that I would have hit

    Move over, millennials and Gen Z – here comes Generation Alpha | Society | The Guardian is defining generations useful? “You have to be careful about it,” says Karen Rowlingson, professor of social policy at the University of Birmingham. “But we shouldn’t ignore generational divides. Younger people are, on average, facing many more challenges. And, certainly, inequalities within that generation [millennials] are greater.”

    Apple is putting iTunes on Samsung TVs – The Verge – makes you wonder about the future of the Apple TV?

    Should we think of Big Tech as Big Brother? | Financial Times – That also used to be the view of Sergey Brin and Larry Page, Google’s founders, who presented a paper in 1998 highlighting the perils of advertising. “We expect that advertising-funded search engines will be inherently biased towards the advertisers and away from the needs of consumers. This type of bias is very difficult to detect but could still have a significant effect on the market,” they wrote.

    When Ad Breaks Get Weird: Branded Content in Chinese TV Dramas Is Ruining It For the Viewers | What’s on Weibo 

    Internet rightists’ strategy of provocation gaining traction in Japan | The Japan Times – Japan starts to see western style internet wars with personal attacks (paywall)

    Chinese coffee startup Luckin: We won’t be the next ofo | HEJ Insight – interesting read that reminded me a lot of the reporting on the original dot com boom in the UK and US

    Amazon says 100m Alexa devices sold – usage figures remain a mystery | The Drum – and in the second part of the headline is the rub

    Masayoshi Son wants Arm’s blueprints to power all tech – Armed with a crystal ball | The Economist – I have a lot of respect for Son-san but this reads like bubble-level BS. There are so many variables such as China 2025 that make this inadvisable. Secondly its not like ARM is the only micro-computer core design that’s low power and available. Thirdly, we’ve hit peak smartphone, other devices won’t offer the same business opportunity

    Opinion | Is This the End of the Age of Apple? – The New York Times – This is a big issue not only for Apple but also for all of tech. There is not a major trend that you can grab onto right now that will carry everyone forward. The last cool set of companies — Uber, Airbnb, Pinterest and, yes, Tinder — were created many years ago, and I cannot think of another group that is even close to as promising

    Understanding the Emerging Era of International Competition: Theoretical and Historical Perspectives | RAND – great read

    Startup founders say age bias is rampant in tech by age 36 – There’s a scourge in tech that apparently runs even deeper than sexism or racism: ageism. In a wide-ranging survey of US startup founders polled by venture-capital firm First Round Capital, 37% said age is the strongest investor bias against founders, while 28% cited gender and 26% cited race.

    The liberating thrill of a slender book | Quartz – Let’s keep this short. We’re busy. We want to read but don’t have time for deep dives, and that applies to books as well as articles

    China says its navy is taking the lead in game-changing electromagnetic railguns – Chinese warships will soon be equipped with electromagnetic railguns that fire projectiles with “incredibly destructive velocity,” and that the underlying technology was based on “fully independent intellectual property,” rather than designs copied from other nations.

    Burberry Zhao Wei and Zhou Dongyu CNY Campaign | HYPEBAE which ended up to be a bit of a mess: Why Burberry’s Chinese New Year campaign doesn’t quite hit the spot | The Drum 

  • Designing the Internet

    David D Clark was involved in the designing the internet as it moved into the commercial sphere. He rose to prominence in the 1980s through to the mid-1990s. In the talk at Google’s Mountain View campus he goes over much of the process. The things he says about network economics and security is particularly interesting.

    Outtakes

    In the 1970s it was about getting the protocols right, they needed to debug both the code and the specification that went alongside.

    1980s made hierarchies to make things scale as everything got bigger.

    1990s brought in the commercial internet, the specific goal of specifications was to shape industry structure. Protocol boundaries define industry structures.

    Quality of service development was compromised because it didn’t work economically for network providers. Specifically by concern about internet telephony. Standards adaptation was affected the internet service providers efforts to get value out of applications that run over the top (like Google).

    His discussions on designing the internet with politicians are particularly intriguing. There are still unanswered questions about societal and political accountability. There is a space for anonymous actions and an accountable internet would fall back to sovereign states including authoritarian regimes.

    Availability as well as integrity and cryptography (disclosure control) are important for security. The internet is insecure by design. Conscious decisions were taken to put risky actions into the internet. This gave us Flash, Acrobat and the Chrome browser.

    Embedding risky actions to provide attractive features for users, versus ensuring that these are only between people who you know. Trustworthiness is key.

    Protocol features affect industry power, adding more features may give power to the wrong people. The prime example of this is the work that the Chinese government have been doing with Huawei to try and define real ID, censorship and cyber sovereignty into next generation standards. More related content here.