What does the fox say? You won’t find out here

I heard an interesting piece on Radio 4 a while back when an interviewer was talking to Nate Silver, the author of The Signal and the Noise: The Art and Science of Prediction, who used the familiar fox and hedgehog framing when discussing the way people deal with information. Foxes (ie, people who scrounge for tidbits of information) make better predictions than hedgehogs (ie, people who have one big idea). As a corollary he also said that we should be suspicious of overly precise or accurate predictions as they are very likely to be wrong. I was discussing this with someone recently and he said, quite accurately, something along the lines of “yes but the last time I heard you on the radio, you sounded like a hedgehog”. A fair point.

The thing is, when you are called by the TV or radio or newspaper folk, they’re not looking for foxes. Foxes are dead air. They’re looking for hedgehogs.

Many years ago, when I was not long in the consulting business, I went on a media training course. It was run by a couple of ex-journalists (one of whom, if I remember correctly, worked for the FT and one for radio) and although I don’t remember too much about it, I do remember their advice on press comment. We did an exercise where we pretended to work for a big company (it may have been a bank) and in response to a couple of different kinds of press enquiry we had to compose a comment for journalists. I can remember agonising over my response to the imaginary press enquiry and getting told off by the course leader who pointed out to me that my goal was to get the company name into the paper in a non-negative context — I wasn’t being judged on my spelling and grammar — and he said something to the effect of “in six months time, no-one will remember what the story was or what you said, but when one of your guys walks into a client’s office, the client will think ‘oh right, Consult Hyperion, I read something about them in the FT / saw something about them on Sky News / heard something about them on Radio 4’ and that’s your job”. Or something similar. But I got the message.

I took the message to heart. So if a journalist calls and says, for example, “why is UK card fraud up 17% in the first six months of this year”, I don’t respond with a very detailed (and very accurate) account of trends in card usage, technology roadmaps, chargeback management and such like”. You get one sentence, one soundbite. So, in this case, you might say something like “well it is largely due to the rise in online fraud” or whatever. And that will get the company name on screen.

Screenshot 2013-12-16 19.23.55

When you are working for a client, though, you are a fox. You have to be careful to assemble all of the relevant information and try and make sense of it, to glean a plan from the pickings. Is Bitcoin the currency going to succeed? Who knows, but here are the factors we think are relevant and on balance we think unlikely. However, there may be some opportunities to use Bitcoin or Bitcoin-like technology in your business to create a new product. And so on. Is our mobile wallet secure? Well, here are the results of our detailed risk analysis and the key countermeasures that will reduce exposure to management levels. This sort of thing won’t get you on the telly, but it’s what we do and it’s why we have been successful.

At a charity event I attended earlier in the month, a friend came me up to me and asked if had been on BBC radio in the last couple of weeks. I told them that I had and asked them what show they had been listening to and what the topic of discussion was. “I don’t remember”, she said, “probably Radio 4. It was something to do with the internet. I thought you sounded very knowledgeable. Does your company do a lot of that sort of thing?”. In actual fact I’d been on the BBC World Service talking about Bitcoin. But it doesn’t matter what the programme was or what I was talking about, exactly as predicted by the hacks that trained me all those years ago. What matters is that I sounded like I knew what I was talking about!

There’s a similar dynamic around blogging. This blog is, I hope, a good example. We try to make it interesting and relevant to clients and potential clients, but we also try to make it entertaining. This is more difficult than it seems, because we want to post fun stuff about exciting applications or new technology in the secure electronic transaction space but on the other hand we don’t want to give away anything we are actually working on for clients until they decide to go public with it. This can be quite a conundrum: looking at the recent example if HCE, we’re we’d been working on projects for a couple of years before any of clients said anything about it in public.

Foxes and hedgehogs. Case closed.

In the future, everyone will be famous for fifteen megabytes

Let’s use Parliament to crack down on porn

Internet porn and surveillance is all the rage in the newspapers today. The general sense of middle England, as far as I can see, is that they want to police to snoop on their children (to stop them seeing stuff like The Daily Mail) and their neighbours (in case they are terrorists or child pornographers) but not on themselves. Hhmmm. No good will come of this. The bad news is that government ministers have decided to do something about.

Minister explains why we MUST force Google to crack down on web filth

[From Why I, as a mother, am determined to protect my children from the depravity of internet porn: Minister explains why we MUST force Google to crack down on web filth | Mail Online]

The woman quoted here is Maria Miller, the MP for Basingstoke. Her background is in advertising and marketing, which is why I suppose she sees Google as the gateway to world. But my point is that if MPs do decide to go ahead with some “dangerous dogs”-style legislation, whereby internet companies are forced to block certain websites and charge their customers for the privilege of being censored, I suggest they use Parliament as a test case for a few months. The news that parliamentary PCs are used to access foot fetish, adultery, gay cruising resources and, most intriguingly, a website for women who posed naked next to cats, suggests that the Parliamentary firewall might be a hard case to test bad law.

Harry Potter, a barrister specialising in obscenity cases, said: ‘Having viewed the material, it does not in my opinion fall foul of the law as constituting extreme pornography. It is, however, undoubtedly hardcore pornography.’

[From MPs¿ computers used to access porn sites, including foot and fat fetishism, more than 2,500 times | Mail Online]

Seriously? “Harry Potter”? The man’s life must be a misery. Anyway, it won’t work, of course. Even if the internet titans that Maria refers to were able to come up with software that could distinguish between an MP viewing legal foot fetishism and an MP viewing illegal “extreme” foot perversions, the firewall will be trivially circumvented. I was using a customer’s network the other day when I clicked on a link to a story about credit card fraud. The story turned out to be in the Sun newspaper, and the customer had sensibly blocked access to Britain’s favourite newspaper’s website on the grounds that it contained “nudity and/or content of an adult nature “. So I logged in via a VPN and carried on. I did the same at a friends house when I was checking something on the Pirate Bay. Virgin had blocked it, so I went to by VPN. The last time I was in the US and wanted to listen to the football on BBC Radio Five, iPlayer told me that I couldn’t, so I logged on via a VPN that made me appear to be in the UK and listened to the match. And if I was a pervert MP looking for porn when I should be voting on an Internet censorship bill, I would do the same thing.

In fact, I saw an article about people snooping on Wi-Fi in cafes and hotels so I decided to go via VPN whenever out and about. I’m sure I can’t be the only person who has gone down this route and I’m sure that the use of VPNs will continue to grow significantly over the coming years. Every time someone gets a letter from their ISP complaining on behalf of record companies that that person has been visiting filesharing sites, the VPN vendor’s share prices will go up accordingly.

Oh, and for what it’s worth, you have to imagine that the “declines” reported in file sharing and cyberlockers severely undercounts those things too, as using some rather basic tools can let people hide that sort of information from being collected — and the efforts by Hadopi to “educate” the public likely educated them about how to use VPNs

[From Three Strikes May Decrease File Sharing, But If Sales Keep Dropping, Who Cares? | Techdirt]

Now, you have to wonder if this is a good thing. After all, if the copyright mentalists and MPs drive us all to use VPNs for everything, life will actually get harder for the forces of law enforcement who have legitimate reasons to want to monitor Internet traffic. If everything is encrypted, PRISM will need more computing power than the planet has to offer in order to track to down international ne’er-do-wells. Hollywood’s stupid deep packet inspection (DPI) nonsense won’t work, but nor will anyone else’s. So my challenge to MPs is this: tell us what you want. Do you want the Internet set up so that Sony, the Daily Mail and the Bulgarian Mafia can see what websites you are visiting, or not?


In the future, everyone will be famous for fifteen megabytes

Teutonic order. I’m a fan.

Since I am flying around Europe in economy class a lot at the moment, one of my pet hates is the abuse of the carry-on rules, particularly (I’ve observed) by women. The rule is ONE carry-on. Like all sensible travellers, I have a sturdy piece of Samsonite that was specifically purchased to fit exactly the airline carry-on dimensions. Here it is. ONE carry-on with my laptop etc inside.


I took a Lufthansa flight recently. I was behind a woman who was clearly taking the piss. As well as a carry-on the same size as mine she had a laptop briefcase and a gigantic purse. Here is the photographic evidence of same.


Imagine the magnitude of my schadenfreude then when, as we started to board, she was pulled out of line and told she had to check the largest bag. I couldn’t understand the conversation, but from the gesturing and facial expressions, I think she was trying to pull a gender-specific exemption on the grounds that her gigantic purse didn’t count in the grand airline reckoning. But good old Lufthansa. Rules are rules, and she was politely but firmly made to check it. As, I noticed, were a number Chinese travellers in a tour group and an American family who were pulling a similar stunt.

The result of this firm but fair application of the widely-displayed policy was that embarkation and disembarkation of a full 737-300 was smooth, with none of the BA-style to-ing and fro-ing trying find space in lockers or negotiating with grumpy travellers as to whether they can put the gigantic purse under the seat in front instead of in the overhead lockers. The plane still wasn’t on time though.

In the future, everyone will be famous for fifteen megabytes.

I was on the sofa with a visionary

There was an article in The Daily Telegraph that I read on the plane yesterday. It’s titled “The happiest marriages start on the internet” and it’s about a large-scale survey that appears to show that couples who met on the web have a substantially lower rate of divorce and report higher levels of satisfaction. The article says that survey did not investigate why online marriages are more successful. But I know why.

A great many years ago, I took part in a programme about internet dating on a Sky channel. It was so long ago that I can’t remember when it was (late 1990s I would guess) or what the programme was called or even what channel it was on. Anyway, the idea of the show was they that would have a relationship expert and a technical expert on the sofa with a number of couples who had met through the then-new channel of internet dating. Since they couldn’t find a technical expert, they called me and, since I will do literally anything to get the company name on screen, I went along.

It was really fun. They asked me a few questions about internet security and how you could be sure whether the person you were talking to was who they say they are. I told them, essentially, you can’t. On the internet, no-one knows you’re a dogbot, and so on. But what I do remember is that the female relationship expert, who I think was a psychologist, said unequivocally that in the long run it would be internet dating that is the norm and that the idea that you would choose a mate while drunk in a bar would be considered ridiculous. I may be remembering incorrectly, but I think she made two main points about this.

The first was that internet dating enabled people to get to know each other a lot better before they met, so they could make much more accurate long-term selections.

The second was that women would benefit from this mode of dating because it enabled them to evaluate multiple men simultaneously and thus greatly improve their odds of selecting an appropriate mate. Women are pickier than men, so the online mode is very helpful to them.

The expert also absolutely predicted that in a few years time, internet couples would have a better success rate than non-internet couples, a prediction that appears borne out by the statistics I saw in yesterday’s paper.

I’m embarrassed I can’t remember her name, because she was spot on.

In the future, everyone will be famous for fifteen megabytes.

Jackie No

The “The Law of the Telephone” by Herbert Kellogg in The Yale Law Journal 4(6) (June 1895) is a fantastic read. It begins by establishing that the basis of the law of the telephone is the law of the telegraph:

Like all common carriers the telephone company may establish reasonable conditions which applicants must comply with; and the use of profane or obscene language over a telephone may justify a company in refusing further service, on the same ground that a telegraph is not liable for a failure to send immoral or gambling messages.

Thus the new medium inherits from the old one. But is this true in social terms? Whole books were written to set out an etiquette for the telephone and to explain to the person in the street how to use the new technology in a civilised manner. I predict we are weeks, perhaps hours, away from a similar book for new Google Glasses users. I can see that there has already been plenty of thinking about the ethics of wearable computing, so we should probably start there rather than wait for new regulation evolve to govern us.

He also said that in deference to social expectations, he puts his wearable glasses around his neck, rather than on his head, when he enters private places like a restroom.

[From Privacy Challenges of Wearable Computing – NYTimes.com]

I remember reading something about memes once. I can’t remember where it was ever couldn’t find it through superficial googling, but I remember the example that was given, which was the way that women started to wear sunglasses pushed up on the top of their heads apparently in emulation of Jackie Kennedy, wife of the noted philanderer Jack Kennedy. I’ve no idea whether this is true or not and I’m sure someone will be else send me a picture of a woman wearing sunglasses on the top of her head before Jackie Kennedy was born, but the example stuck with me and returns whenever I think about the spread of means within a population, evolving social norms and the role of media. So it is with great pleasure that I announce the first new meme for Google Glasses. I call it the “Jackie No” rule. It is this: when you go into a public restroom, you should push your Google Glasses to the top of your head, Jackie Kennedy style, to signal to anyone you might meet that you are not a pervert. I imagine that there are many circumstances where merely wearing Google classes will arouse suspicion you are not entirely normal, but here is one case where the inherent boundaries that make a civilised society possible must be made explicit for the safe functioning of civil society.

In the future, everyone will be famous for fifteen megabytes.

House of snores

When I was bored on a plane recently, I switched on a show I’d never heard of before called “House of Lies“. It was mislabelled as a comedy, although it didn’t have a single even mildly amusing line in it. It was exactly as uninteresting as you will imagine it to be when I tell you it is about management consultants. The main characters are meant to be from Bain or McKinsey or somewhere like that, and the central plot device (which does accord with reality) is that the main purpose of their engagements with customers is to obtain more money from the customer rather than to fix any problems. The central characters form a realistic team: a very attractive women who is used to destabilise the largely male management of target companies, the male nerd and the main business guy. They work for a caricature rainmaker.

It was superficial, boring and annoying in that it clearly thinks it is being somehow subversive when it isn’t at all. I looked up a couple of reviews as I was writing this post and was astonished to find that some people like it. There really is no accounting for taste.

Although consultants as good-guys (even thieving good-guys) is itself a tough sell, House of Lies makes it all work by having the victims – companies, executives – look like even more unsympathetic dupes who deserve what they get because of their greed or stupidity.

[From TV Review: ‘House of Lies’ Gives Showtime a Raunchy Laugher – Hollywood Reporter]

The main conceit is that the characters are more interested in having sex than in work, but I suppose that’s true of any group of highly paid professionals who spend a lot of time away from home.

My advice is to ignore the show. Real management consulting reports are often funnier.


In the future, everyone will be famous for fifteen megabytes


I started getting a lot of messages saying that people had endorsed me on LinkedIn. Many thanks to everyone who did so. I’m genuinely grateful. But I’m afraid I won’t be endorsing anyone at all. Here’s the standard response to any request for an endorsement.

Please don’t take my refusal to endorse personally! I’m more than happy to endorse you in person to anyone, but not via LinkedIn. The problem that I have with LinkedIn endorsements is this. The first time I ever got a request for an endorsement it was from a guy I’d worked for a few years before. He was very good at his job, and I happily endorsed him. The second time someone asked me for an endorsement, it was from a woman who I thought was useless. I could not face the embarrassment of refusing her, so I decided not to take part in the system. Being English, I cannot deal with embarrassment and if I endorse some people, then other people will know that I’m not endorsing them, if you see what I mean! It’s nothing personal, but the LinkedIn recommendation system just doesn’t work for me.

When it comes down to it, I’m just too English to be able use the system.


In the future, everyone will be famous for fifteen megabytes

Government’s Magic Boxes will get rid of porn

Well, excellent scoop from Channel 4. Apparently, the government has discovered a Magic Box of some description.

Internet and phone firms are preparing to install “black boxes” to monitor UK internet and phone traffic, and decode encrypted messages – including Facebook and GMail messages.

[From ‘Black boxes’ to monitor all internet and phone data – Channel 4 News]

When I say scoop, of course, I’m being sarcastic, since the plans are well-known and several years old.

Home Office officials have told senior figures from the internet and telecommunications industries that the “black box” technology could automatically retain and store raw data from the web before transferring it to a giant central database controlled by the Government.

[From Government black boxes will ‘collect every email’ – Home News – UK – The Independent]

But Channel 4 say that these boxes have some pretty amazing abilities, including that of decrypting all internet traffic. Apparently the government’s Magic Box decrypts everything, throws away the content and then sends the message headers back to the ISP for storage, although why they would bother doing this isn’t clear – why doesn’t the government store them? Anyway, the point is that the government knows what you are looking at. So…

The Prime Minister spoke recently about the possibility that internet services or devices might come with a filter on as their default setting, and said that the government should investigate that option and seek views on it.

[From Ministers consult public on ‘opt in for smut’ plans • The Register]

Why can’t the government do this? Since it knows what you’re looking at, if you’re looking at child pornography, Nazi drug-dealing propaganda or the Labour party manifesto then the Magic Box can simply throw away the traffic. I’m thinking of popping along to the Conservative Technology Forum in a couple of weeks’ time so I’ll ask the question there: if these Magic Boxes do exist, then why doesn’t the government use them to block child pornography? And if they say that they won’t, then I’ll write the Daily Wail headline myself: “Cameron decides to allow child pornography”.

I’ve tried googling to find out how the Magic Boxes are going to decrypt SSL sessions but without success. It could be that one of the big IT suppliers has told the government that it can be done provided several hundred million quid are invested in building custom systems, and that when a billion quid has been wasted on it they will just cancel the project (like the NHS Supercomputer). One implication is obvious though: the government will have to ban VPNs and PGP.


In the future, everyone will be famous for fifteen megabytes

TEDdy bear

A few years ago, while banging my head against the brick wall that was Her Majesty’s Government’s ID Cards scheme, I had an idea for trying to explain what technology could do to deliver a better national identity infrastructure for the 21st century: use Dr. Who’s “psychic paper” as the narrative pivot, much as the technologists of a previous generation used the Star Trek “Communicator” as the template for the mobile phone.

What was an amusing notion for a talk at a small conference took hold and I developed the concept in a paper that was published in the Journal of Identity in the Information Society back in 2009 [here] and evolved the idea of the “Psychic ID”.

what started off as an idea in a discussion — basically, trying to visualise 21st-century digital identity management using Dr. Who’s psychic paper as a reference point, having given up on trying to explain keys, certificates and all the rest of the crypto-infrastructure — became a presentation and then a paper and finally a peer-reviewed paper that I’m rather proud of. I’ve found a way to explain to non-technical audiences — well, British non-technical audiences at least — that the combination of widely-available devices and intelligence can deliver an identity management infrastructure that can achieve much more than they imagine.

[From Digital Identity: I can see an article of some sort. Anyone called David?]

The idea went down tolerably well, so when I was very kindly invited to give my first TEDx talk at Sussex University I thought I’d give it a try. It was actually very difficult to know what to present. We ran through it a couple of times at the office, but I wasn’t sure who would be in the audience or what they would be interested in so it was hard to judge to contact. Anyway, it seemed to go down OK on the day, and I was quite excited when I got a link to a video of the talk.

When I saw the video, I was horrified! Points not made properly, interrupted trains of thought, stupid jokes in the wrong place (or half completed, including a good joke about banks having problems with id management), a series of distractions, key points not made properly, too many slides with variable pacing… I could go on. I rather pride myself on presenting as my only comparative advantage and contribution to Consult Hyperion, so I was, to say the least, not very happy with it.

Hence I was astonished, and genuinely flattered, to get an e-mail informing me that my talk was one of the less than one in a hundred of the TEDx talks that are shown on the main TED site. And as of today, there it is.

I won’t get over this for a while.


In the future, everyone will be famous for fifteen megabytes

Why don’t they listen to me?

I’ve been moaning about how stupid the general public are over on my reactionary parochial HTML emulation of talk radio at its worst, Citizen of Woking. But that left me wondering how come supposedly educated people can make such sub-optimal decisions about important economic matters. Consider the simple example of technology policy. The current government is supposed to be in favour of competition, progress and individual liberty. But when it comes down to it, they always cave in favour of vested interests by restricting competition, reducing economic growth and controlling the populace.

Look at the continuing fuss about Internet tracking and censorship. Economic evidence seems to suggest that a copyright term in the range of 12-15 years is best for society, balancing the rewards to IP creators and the rest of society appropriately, yet politicians keep extending the copyright term far beyond this level. This has an unfortunate spillover that leads to bad policy in other areas, such as internet privacy. Cliff Richard is against internet privacy for entirely sociopathic reasons to do with what economists call “rent-seeking regulatory capture”, but he finds a sympathetic ear in the government because a) the government don’t want privacy either – they want Chinese cyberwarriors as well as EMI and GCHQ to be able to listen in to your internet conversations – and find sobbing pop stars a useful smokescreen and b) because it’s more fun talking to pop stars than to dreary middle-aged “experts” (e.g., me).


In the future, everyone will be famous for fifteen megabytes