People of Japan, what are you waiting for?

Seeing pointless abuse, injustice and absurdity, do not rush to explain it with stupidity; first try to to explain it with vile shrewdness.

Japan is officially in recession after seeing its economy shrink for the second consecutive quarter. This comes as no surprise at all when you check what the economy is based on, how it develops and what the infamous Abe did to it. I, for one, am happy to see it work this way, seeing the Japanese economy react in obviously bad ways to the dirty manipulations of its government. It would have been much worse if the so-called “growth” continued yet for a longer while and then would come crashing hard. People suffer first, so this gentle decline is much better than a hard landing for the Japanese economy. But, again, what is happening?

Rupert Wingfield-Hayes, BBC’s guy in Tokyo reports:

In the spring of 2013, Prime Minister Shinzo Abe launched an ambitious growth strategy that rapidly became known as Abenomics. Its aim was to drag Japan’s economy out of 20 years of deflation and put it back on the road to growth. Billions of dollars were pumped into the economy through stimulus spending. The Bank of


Read the full article ->

Negotiations and Expectations

Some negotiations are like sailing in and out. Others – not quite. Why do so many negotiations fail and other, while successful, still present a thorny winding road to the participants? Why should people suffer through negotiations instead of just talking?

While there may be many reasons for not actually getting what you wanted in the first place in the negotiations and feeling frustrated about the results, should we actually make our lives harder than needed? What is the reason that many people think negotiations are a hard job? Why do they get drained out in a course of a short two hour business meeting that happens to be labeled “negotiation”?

I have a theory. It all has to do with expectations. Should you come to the meeting without particular expectations, you would be fairly objective and could actually follow the logic of the arguments on both sides, see compromises, do your job. But what happens when you come to such a meeting carrying expectations?

Expectations can never be met. It’s a rule and it is dead simple. We are all different people and different organizations. It is extremely unlikely that we think in entirely similar ways and will form …
Read the full article ->

Strategic direction: security ebb

Something quite prominent happened in the security field over the last week. It is a strategic move so I am going to talk about it here rather than on Holy Hash! although it would be interesting to the security folks too.

So, what happened, you ask? Ah, nothing so spectacular that TV shows would interrupt their evening program for but so momentous that I wish they would. It all started with the little exercise at RSA Conference where a couple of so-called “security leaders” declared that security is the territory of really large companies and anyone smaller should just forget about it. I already wrote my opinion about the basic idea of ignoring risks in an area where an incident, according to Coverity, runs on average to 7 million dollars but can easily be a couple of orders of magnitude more.

It would all go away into the history unnoticed if it was not for Bruce Schneier who suddenly chipped in with his commentary that he agrees to the gentlemen in question. Now, Bruce is not stoopid and he is the head of security for BT. To explain to our full satisfaction how come that his …
Read the full article ->

Software Security Philosophy

What is “security”? Well, not in broad sense, that is, but in software security? What does it mean: to develop secure software? What do we understand to fall into the realm of software security?

I tell you what I mean when I say “software security”. For me, the software security means to bring the intent of the original designer to the customer.

This is very simple. The designer had some idea in mind when designing the software. He had some intention for the software to function in a particular way. That mental picture is translated into design, brought over into development, translated into source code, translated into binary, delivered, installed and configured at the csutomer’s site. And our task is to ensure that what operates now at the customer’s site reflects exactly what developer had in mind. If it does not – we have a breach of security.

I know that this is a very broad definition and it encompasses many areas traditionally thought to be outside the realm of security. Some people do not like that. But in my view, this is much simpler to act on than to try and define the precise separation of realms.

Take …
Read the full article ->

Near Field Communication (NFC)

I stumbled upon an article in PopSci (Popular Science?) on-line publication titled Everything You Need to Know About Near Field Communication. My opinion is that many of the things described there reflect a lot of wishful thinking on the part of the smart card industry players. Especially where they go on about “everything has just started to come together”, which is exactly the same thing they were saying for the last five years or so. I was on the inside, I should know.

I think that for the more inclined to actually understand the technology in easy words, I would suggest simply reading the original NFC White Paper written by myself years ago and published by Ecma International. Trust me, nothing much has changed in the meantime, all concepts still apply today as they applied then.


Read the full article ->

Corporate responsibility

One of the buzzwords I dislike is “Corporate Responsibility”. It is overused, abused and never means what it is supposed to when you hear it from the top managers. However, it is important. Rather, the concept that it used to mean is important.

I spent a few months in Russia now and I am shocked and disgusted at how business is done there. That is the place where you go if you want to learn what the consequences of irresponsibility on a grand scale are.

Nobody feels responsible for anything there. The only king of this newly capitalistic country is money. Everybody dreams of making money quick. Some people make the money quick. Some don’t. But for everyone the main theme remains – just make money, no matter how, no matter what the consequences are, never mind the “after”.

What is the result? Well, most, or, perhaps, all of the business is based on making or buying something dirt cheap and selling it high. Most products are made in China or are counterfeit. Everything is made of the cheapest materials and with the cheapest technologies.

Can you imagine the life in a disposable world? Disposable furniture, disposable cars, disposable roads, …
Read the full article ->

Service: cheap, cheapest… cheaper!

I find it disturbing how even the most normal appearing people are falling for the cheap-cheap-cheap mantra of the day. Take the telephone services. My friend, who would always check the quality of everything he buys and make sure that it is of at least fairly acceptable level, falls for the “we have it cheaper than everyone else” internet and telephony package. Result is very predictable: half a year of wasted time, miserable service, lost money.

Why does this happen? It seems easier to accept the “everything is equal anyway” lie when you cannot assess the quality expertly in advance. It is probably difficult to assess the quality of a used car for a non-specialist, but at least you can see the rust. When you only see the colorful brochures, it becomes near impossible to judge the quality of a future service. And it is, oh, so easy to judge the amount of money you pay.

When you select the services next time, remember, it is not only the money you pay. The service you receive should also be taken into account. You are not just paying money, you are paying money for the service. Make sure the service is …
Read the full article ->

Of “digital piracy”…

Wasn’t I saying it all along? The net result of abandoning DRM (Digital Rights Management) would be positive for most companies. Various studies show this again and again from different perspectives. This time it is a behavioral study of an Oxford economist Karen Croxson discussing the potential customer behavior and result of the piracy on the net sales. And the conclusion is still same: piracy does not hurt sales, even helps sometimes.

Really, if one abandons DRM and lets go of the piracy hype, the result must be positive. Here is the list of things to consider:

  1. The customers that buy your product would buy it anyway.
  2. The customers that would not be buying your product will not buy it anyway
  3. The customers that are influenced by the “ease to copy” and decide to copy instead of buying are extremely marginal in number.
  4. The experience with your product, the rumors, the hype, the word-of-mouth advertisement would generate many more customers than you might lose in the previous category.
  5. Customers loyal to you are not annoyed by your silly DRM schemes.
  6. You do not need to waste money and time on the DRM.
  7. People who spent time breaking your DRM schemes

Read the full article ->

Toys

I spent a lot of time recently thinking about toys. Well, it all started not so recently, in fact, but recently this idea that I am toying with is not letting me rest. So I spend more and more time thinking about toys.

If you never noticed, the toys in the shops are somewhat different from what we used to have a good twenty years ago. Drop by some time at the toy shop and have a very good look around just by yourself. Check out the toys. See anything strange? No? Check the material and where they are all made. Maybe that’ll give a clue.

Once, toys were not so abundant. When I grew up, the toys were something very special. You did not even get a toy every birthday, although the parents tried. They were expensive and they were good. And you cherished and wanted them. And they were a pleasure to hold and, oh, so carefully, to play with.

Then the industrial revolution in the toy world happened. First, there became to be many, many more toys and they became cheap. And that was wonderful. Kids could now have all the toys in the world. Well, most …
Read the full article ->

Technology vs. People

A well-known expression used an abused millions of times over the history of the mankind says that the weapons do not kill people, other people do. The meaning is, of course, that the knife is just a tool and it is up to the hand wielding the knife to put it to use – good or bad.

In fact, all of the technology is like that. The technology can be put to serve people or it can be used to deceive people. I think that recently most technologies are used to deceive people and more and more technologies and techniques arrive every day that serve this same purpose. They could be put to good use, serving people and helping us on our evolutionary path but, no, they are not. Instead, they are all abused.

I used to argue and fight against such uses of technology (that I consider to be rather abuses) but to no avail. And now I realize that it is no use fighting against it. As Antoine de Saint-Exupery says, you never fight “against”, you always fight “for”. So it is necessary to fight for the proper uses of technology, put all those resources to the service …
Read the full article ->