Organisations and groups may have quite different strategic goals in terms of key retention vs torture relief to the individuals that comprise them, even if their views are otherwise co-aligned. A simple democratic union of two or more people will exhibit this behaviour.
When a member of a group, who uses conventional cryptography to protect group secrets is rubber-hosed, they have two choices (1) defecting (by divulging keys) in order to save themselves, at the cost of selling the other individuals in the group down the river or (2) staying loyal, protecting the group and in the process subjugating themselves to continued torture.
With Rubberhose-style deniable cryptography, the benefits to a group memember from choosing tactic 1 (defection). are subdued, because they will never be able to convince their interrogators that they have defected. Rational individuals that are `otherwise loyal’” to the group, will realise the minimal gains to be made in chosing defection and choose tactic 2 (loyalty), instead.
Presumably most people in the group do not want to be forced to give up their ability to choose defection. On the other hand, no one in the group wants anyone (other than themselves) in the group to be given the option of defecting against the group (and thus the person making the observation). Provided no individual is certain* they are to be rubber-hosed, every individual will support the adoption of a group-wide Rubberhose-style cryptographically deniable crypto-system. This property is communitive, while the individual’s desire to be able to choose defection is not. The former every group member wants for every other group memeber, but not themselves. The latter each group memeber wants only for themself.
“No logo, no front. Once you open the package and remove the cover, you cannot find any identifier, such as logo or web site address. Therefore, About Blank notebook has no pre-determined front or back, top or bottom.”—About Blank :: notebook. Lovely, but it gets better: quality paper, opens flat, printed with subtle white lines, and the whole thing is 100% recyclable.
“But most people aren’t payroll clerks or accountants or cashiers. I use a calculator maybe once or twice a week, and my Apple keyboard doesn’t even have a numpad, but there are some things we all use every day: telephones, TV remotes, ATMs, and supermarket debit terminals. These everyday machines follow the 1-2-3 layout pioneered by Bell, and we use them so often I’m willing to bet you could type your ATM PIN blindfolded. By comparison, the calculator layout is almost niche.”—Numpads Gone Wild · Black Pixel
“Fascinating idea: the ElasticSearch search server provides an optional memcached protocol plugin for added performance which maps simple HTTP to memcached. GET is mapped to memcached get commands, POST is mapped to set commands. This means you can use any memcached client to communicate with the search server.”—ElasticSearch memcached module. Nice.
“Divide the dollar: gives you a way to prioritize options, features, etc. by asking people to allocate an amount of money to each element.”—LukeW | UX Lisbon: Design Games. Sounds like a useful (if gimmicky) way to get stakeholders to set priorities (which is often impossible—everything is always top priority).
A feature added for no other reason than to draw management attention and be removed, thus avoiding unnecessary changes in other aspects of the product.
This started as a piece of Interplay corporate lore. It was well known that producers (a game industry position, roughly equivalent to PMs) had to make a change to everything that was done. The assumption was that subconsciously they felt that if they didn’t, they weren’t adding value.
The artist working on the queen animations for Battle Chess was aware of this tendency, and came up with an innovative solution…
“Amazon’s EC2 cloud computing service suffered its fourth power outage in a week on Tuesday, with some customers in its US East Region losing service for about an hour. The incident was triggered when a vehicle crashed into a utility pole near one of the company’s data centers, and a transfer switch failed to properly manage the shift from utility power to the facility’s generators.”—Car Crash Triggers Amazon Power Outage « Data Center Knowledge. You know, unless you actually test your failover equipment regularly, you have no idea if it works. That’s why, back when I used to run a hosting business, nothing made me happier than rebooting servers, pulling ethernet cables from firewalls, or turning off UPSes, and watching as services continued uninterrupted. The fact that Amazon’s response to this event was to fix the switch, rather than fix the procedures that let the faulty switch go unnoticed, is troubling.
Just as with the Exxon Valdez spill of more than 20 years ago, the recovery efforts for the BP spill in the Gulf of Mexico are destined for inadequacy—
Eventually I realized I had covered the wrong story. The important point wasn’t that Exxon couldn’t clean up its oil spill. The point was, no one could clean it up.
By telling the story of the company’s incompetence, we had perpetuated the myth that real cleanup of a major oil spill is possible. We had left the industry free to say that next time, with proper preparation and equipment, they would be able to recover any spilled oil.
Phishing isn’t (just) about finding a person who is technically naive. It’s about attacking the seemingly impregnable defenses of the technically sophisticated until you find a single, incredibly unlikely, short-lived crack in the wall.
If I hadn’t reinstalled my phone’s OS the day before. If I hadn’t been late to the cafe. If I hadn’t been primed to hear from old friends wondering if some press mention was me, having just published a lot of new work. If I hadn’t been using a browser that didn’t fully expose URLs. If I hadn’t used the same password for Twitter as I use for lots of other services. If I’d been ten minutes later to the cafe, late enough to get multiple copies of the scam at once – for the want of a nail, and so on.
But all the stars aligned for that one moment, and in that exact and precise moment of vulnerability, I was attacked by a phisher. This is eerily biological, this idea of parasites trying every conceivable variation, at all times, on every front, seeking a way to colonize a host organism. The net’s complex ecosystem is so crowded with parasites now that it is a sure bet that there will be a parasite lurking in the next vulnerable moment I experience, and the next. And I will have vulnerable moments. We all do.
“The notion that you’re trying to control the process and prevent error screws things up. We all know the saying it’s better to ask for forgiveness than permission. And everyone knows that, but I Think there is a corollary: if everyone is trying to prevent error, it screws things up. It’s better to fix problems than to prevent them. And the natural tendency for managers is to try and prevent error and over plan things.”—Inside Pixar’s Leadership « Scott Berkun (via Frank Chimero)