Tuesday, September 05, 2017

Cyber Insecurity

I know what you Tweeted last summer. Also this summer. And during that particularly nasty rainstorm in the winter of 2015. In fact, I know what you posted on YouTube, Reddit, Instagram, and Flickr. (Also VK, if you happen to be into Russian social networking.) And if you posted anything while you were supposed to be hard at work in an office building or manufacturing plant, well, there's a pretty good chance that I can find that out, also.

This is a series of social media posts that originated in my old
high school over the past several days. I can click on the icons
and see who posted what. 
Of course, none of this is secret, right? You didn't really post it on the Internet and expect it to remain private, did you? I mean, c'mon, if there's anything the Web is bad at, it's maintaining your privacy; just ask any number of breached and outed and exposed criminals, trolls, Hollywood insiders, and a slew of embarrassed  AshleyMadison.com members. (Not that one might not be all four, of course.)

The Internet is great at sharing information; that's what it was made for. (No, it wasn't set up to provide a backup communication net in the event of a nuclear attack. It was invented and intended for use by university researchers looking for ways to communicate and share data.) Unfortunately, it's not so great at protecting information.

As someone who has worked on the security side of technology, I have access to some tools that might make my search a little easier, simpler, or faster, but the truth is that all of that information is out there. Everything you've ever typed. Every Google search you've ever made. (Yes, even that one.) Everything you've posted, commented, searched for, or communicated is stored somewhere; and all it takes is a little time and effort to uncover. If it's supposedly protected by virtue of it being stored on a "secure" site (think Facebook, Dropbox, your corporate network, etc.), well, I have bad news for you. As security-conscious sages (including former FBI director Robert Mueller) have said many times: "There are only two types of companies: Those that have been hacked and those that will be hacked." (I might add a subset of the first type: those that have in fact been hacked, but don't know it yet.)

Robert Mueller was the 6th director of the Federal
Bureau of Investigation. He is currently occupied
with other security-related endeavors. Image in
the public domain.
But I'm not necessarily talking about sophisticated, hardcore tech attacks here, the sort of thing that some shady operator in a basement in Odesa or Kiev or Omaha might use to force his way through a firewall or other cyber defense. Those types of attacks certainly exist. But why would anyone go through the trouble? It's time-consuming and expensive, and it requires skills that most of us don't have. And besides, there's often no need. The info is either already out there (in the form of social networking posts and other communications—many of which can easily be viewed or uncovered with a bit of sleuthing) or else it can be had simply for the asking.

That's what social engineers do. When they need the keys to the (yours, your boss's, your client's) kingdom, they just ask. Of course, they might have to lie a bit. (Well, let's say prevaricate. It sounds better.) They might (read: probably will) get in simply by emailing you a dodgy link. Occasionally, they might need to invent some pretext to get into an office: Perhaps the social engineer shows up at your place of business in a blue shirt holding a clipboard, and wearing a baseball cap with a service company logo. He either just waltzes in (if your company is foolish enough to leave its campus buildings unlocked) or else stops at the reception desk to tell the folks manning the desk that he's "here to check on your <insert name of make and model> corporate printers, to ensure that they're working correctly." Or perhaps he's (supposedly) with a janitorial service and he'd like to see if he can outbid your current provider, the name of which he just happens to know. (He also knows how much they're charging you. In fact, he seems to know a lot, more than enough to convince you that he's on the up-and-up.)

Or maybe he keeps it simple. He just picks up the phone and starts calling your employees; when someone answers, he says, "Hey, Sarah, this is Todd from IT. We're working on something here and I need to get into your system to see if you've been updated. It doesn't look like the last security update was installed, for some reason." Of course, he's using a phone-spoofing application that makes his call look as if it's coming from inside your building, so for all you know, it's legit. (Do you know everyone in your IT department? Really? Everyone?) And you wouldn't want your system to be out of date, would you? Vulnerable to attack?! If the caller is good—and professional social engineers are very, very good—odds are that "Todd" will eventually find someone to give him a password; after that, he's off to the races. And by "off to the races," I mean that he's successfully infiltrated your network. (Note that I’m saying “he,” but keep in mind that the social engineer could just as easily be female. There are some truly exceptional social engineers out there who happen to be ladies. I don’t think that they’re necessarily better liars or any more duplicitous than the guys, but perhaps we’re simply not expecting to get hacked by a woman. Whatever it is, the ones I know of or have met are very good at this.)

You see, social engineers are hackers of a sort, but they don't hack systems; they hack people. And people are easily hacked. We're great targets, because we're trusting and we're helpful. I hate to say it, but we need to learn to be more suspicious and wary. C'mon, people—stop being so nice, so trusting! We should all be more like those people we see writing in comments on the Internet: angry, cantankerous, distrustful. Well, maybe only a little like them. No need to get nasty or insulting.

And here I'm going to put in a plug for my friend, Chris Hadnagy. Chris runs Social-Engineer.com (and Social-Engineer.org), a penetration-testing company that specializes in using social engineering to uncover weaknesses in your company's "human network." He and his team are very good—scary good, in fact.  They can lie and wheedle and schmooze their way into almost any network. If you're wondering if your network has weaknesses, it does, trust me—especially your human network. It's porous and shaky at best, and Chris and his folks can help uncover those weaknesses. But my favorite of Chris's endeavors is the Innocent Lives Foundation (ILF). The foundation specializes in unmasking child predators and in providing useful, usable evidence to law enforcement officials so that these people can be found and prosecuted. It's a worthwhile endeavor with a talented board of directors and headed up by a guy who's the epitome of the "white hat hacker." (Also, he has a very large, vicious-looking dog, the name of which I can never remember, so I keep referring to it as "Fluffy." Someday, "Fluffy" is going to show up on my front porch and drag me out to the woods and bury me like a very large bone, and I'll never be seen again. So, if you don't hear from me…)

Monday, August 14, 2017

Amazon & Teddy Roosevelt

Many of us (including myself) have had a wonderful time for the past several years bashing those huge, soulless corporations. And for good reason, too. Many of them really do seem to lack souls; they care only about the bottom line and apparently not much about either their customers or their employees. They have managed to acquire many of the perks and trappings of person-hood, with very few of the responsibilities. (We all recall the 2010 Court decision that gave them many of the same rights as people, but it really goes all the way back to an 1886 decision determining that corporate money was protected by the due process clause of the 14th Amendment.)

All of this is nothing new, of course. Bashing corporations and finding ways to keep them in check goes way back. My favorite corporation-basher is probably Teddy Roosevelt. In 1901, TR said, "To permit every lawless capitalist, every law-defying corporation, to take any action, no matter how iniquitous, in the effort to secure an improper profit and to build up privilege, would be ruinous to the Republic and would mark the abandonment of the effort to secure in the industrial world the spirit of democratic fair dealing."

TR was one tough dude. Read Mornings on
 to find out just how badass he
really was.
TR was a bit of a hard-ass. Seriously. This is a guy who, in 1912, got shot just before he was due to give a speech, continued on to the venue, gave the speech, and only then went to the hospital.

One of our favorite corporate targets of late has been Amazon. The company burst upon the scene in 1994 as an online bookseller, but quickly began selling . . . well, just about everything. Today there is almost nothing you cannot buy on Amazon.com, from widgets to watches, from glasses to guitars, and from fishing tackle to fishing boats. But they occasionally engender some bad press by being a bit too heavy-handed, and there are some ugly stories about their hiring and personnel practices. (I've known some Amazon employees, and many have said that it's a meat-grinder, very competitive, and that the best person doesn't always get that promotion. Admittedly, most of the employees to whom I've spoken have been somewhat disgruntled. I haven't found any gruntled employees who are willing to talk.)

Still, I buy lots of stuff on Amazon. They have excellent prices and speedy (usually free) delivery. But most of all, they have wonderful customer service.

Some time back, I bought a generator on Amazon. This is a small, portable machine meant to be carried along in our truck when we take our trailer out "boondocking." For the uninitiated, "boondocking" is camping in unimproved areas that lack water, power, and sewer services. Basically, you're (usually) out in the middle of nowhere, often not even in any sort of actual campsite or campground. We have solar panels and batteries, and we carry our own water and sewer tanks; if the batteries ever ran down and we really needed power, we could use our generator to top off our batteries or power any 120V items that were absolutely necessary. You know, like a hair dryer. Or a microwave. Or, during baseball season, a television.

The generator in question. Image courtesy of Champion
Power Equipment.
The generator arrived in a timely fashion, left on our front porch by our friendly UPS driver, whom we never see but who must exist, because we keep finding things on our porch. After a week or so, I finally got around to taking the generator out of the box, only to find that one of the internal pieces (a combination rectifier/heat sink/circuit board, if you're curious about that sort of thing) had somehow been dislodged, either during manufacturing or shipping. My guess was that somewhere along the line, the thing had been dropped. I called the manufacturer's tech support number and got in touch with a young man named Brian, who was happy to either approve warranty repairs or send me instructions on how to repair it myself. I opted for the latter, because the nearest qualified repair facility was a good 40 minutes away and, more importantly, would not be able to get to my little generator for at least 3-4 weeks. Since I intended to leave on a trip in about 2 weeks, I opted to give it a shot, so Brian sent over instructions.

The instructions were pretty straightforward, and I managed to get the rectifier back in its slot, suffering only minor injuries in the process. But when I filled it with oil, the oil immediately began leaking from the bottom of the generator. I suspected that, when the generator was dropped (or run over by a bus, or possibly thrown through a 10th-story window), something important had cracked and now it would no longer hold oil.

So, I went camping without my generator. That's how brave I am. I was prepared to be out in the wilderness, surrounded by bears and wolves and aardvarks and such, and me without a hair dryer!
We have some portable solar panels much like the ones pictured here.
Alas, they will not power a hair dryer. Image courtesy of Renogy.
When we came home, I went to that portion of Amazon's website dedicated to returns and was informed that, since more than 30 days had passed, the item could no longer be returned. I sighed. I wrung my hands. I fixed my monitor with the steely gaze I had perfected as an English teacher, but none of this did any good. (Come to think of it, it hadn't done much good when I was a teacher, either.) Anyway, I wrote a note in the provided Comments box, explaining my plight, and resorting to that most heartrending entreaty of young children everywhere: "But . . . but, it wasn't my fault!" I sent it off and pretty much forgot about it, assuming that I would have to find a way to box up and lug the generator 45 miles to the repair facility, and figuring that I would not see it again for months. Or ever.

But then I got an email from a very nice young lady who works for Amazon's customer service department.

Let's digress for just a moment . . .  Have you noticed that "customer service" has become a bit of a misnomer? When is the last time you dealt with such a department and came away feeling like you actually were a valued customer and had been offered actual service? Yeah, that's what I thought. With a few exceptions (Apple comes to mind), we all dread making calls to tech support or customer service lines. It's rarely productive and never pretty.

But that's not the case with Amazon. The email from Lagna (which, quite appropriately, turns out to be a Hindu name meaning "auspicious") said that Amazon wished to “obviate” my inconvenience, followed by—and I’m paraphrasing here:

"Oh, sorry. That was unfortunate. We don't like it when that stuff happens. We're going to give you your money back. Please order a new generator, and go ahead and keep the old one; maybe you can get it fixed, use it for spares, etc. Oh, and we'll expedite the shipping on the replacement and also refund those shipping charges."

And sure enough, I ordered a new generator, which appeared on my doorstep a few days later, and my account was credited the original purchase price, plus shipping. I decided that my inconvenience had indeed been "obviated." If you’re following along here, I ended up with two generators, only one of which I paid for. The other one is broken, of course, but I’d imagine that I could get it repaired, now that time is not an issue. Or I could use it for parts or donate it to Habitat for Humanity.

Amazon has become a powerhouse, of course, largely due to its pricing, inventory, and reasonable shipping policies. But the real reason so many of us go back to Amazon is the customer service. Even before The Generator Incident, I've leaned toward Amazon because if the item arrived broken, the company took it back, no questions asked. Wrong size? No worries. Not up to your expectations? Not a big deal. Send it back. You didn't mean to order that one? Not a problem; send it back. One of their third-party vendors screwed up? Not an issue; send it back and we'll deal with the vendor.

Of course, the thing is that Amazon makes a ton of money; the company can afford to offer good customer service. Amazon knows that what it loses in sales or margin, it can make up in repeat sales to satisfied customers. And so they try very, very hard to create satisfied customers.

So, good for them, right?! But that begs a very real question: How come Amazon can afford to offer truly good customer service, but other companies, companies that also make a great deal of money selling products or services to us, seemingly cannot? What's up with Verizon and Sprint? And what about Comcast and Time-Warner and the other cable companies? How about Best Buy? Your bank?

And don't even get me started on the airlines.

Sunday, July 16, 2017

Cry 'Havoc,' and let slip the . . . llamas of war?

First, my apologies to Shakespeare. Sweet Will's Mark Antony never actually mentions llamas in Julius Caesar. More's the pity, of course. Think what a llama or two would have added to the play!

But back to business. Or in your case, a possible loss of business. That is to say, yes, you may lose your job. Technology is disrupting many industries, and people fear that their jobs will be taken over by computers, AI, robotics, etc. I wrote about the topic in Leveling the Playing Field, and my take on the subject was mostly positive. My position was (and is) that, yes, technology will obsolete many jobs, but that those job losses will be more than made up for by new jobs required by the new technology. (I realize that this is small comfort to the suddenly unemployed grocery cashier who finds that he or she must retrain in order to qualify for one of those new jobs. More about that in a bit…)

Naturally, thinking about tech disruptions and job losses made me think of llamas.

Llamas are awesome animals. They're smart, social, and loyal, and quite popular: In the U.S. alone, there are well over 150,000 llamas roaming the countryside or penned up in pastures or corrals. (There are also another 100,000 or so alpacas, a camelid related to the llama, wandering the country.)

Moose, protecting his barnyard. He was a
good llama.
Llamas are great guard-dogs. Well, I suppose technically they would be guard-llamas. At any rate, they're very protective and not many coyotes or foxes would dare invade a chicken coop or henhouse guarded by a shaggy, angry, 400 lb. beast whose heart has sworn undying fealty to the chickens he loves. (Actually, I don't know if llamas really love chickens; I just liked writing that.) My friends Linda and Dale once owned a llama named Moose whose job it was to protect their chickens, and Moose took his job very seriously; the household dogs quickly learned to stay away from Moose and the chicken coop. Moose liked nothing better than to stomp on a barnyard interloper, so along with the household dogs, all the foxes, weasels, coyotes and sundry other murderous creatures in the area also learned to stay away. (Since they had a llama named Moose, I once suggested that Linda and Dale get a moose and name it Llama, but for some reason this was not a suggestion that appealed to them.)

Anyway, almost everyone likes llamas, and that includes the Israeli army. For years, the Israeli Defense Forces (IDF) has used them as porters to haul equipment over rough terrain. A llama, after all, can carry more than 25% of its body weight over hills and mountains, and through ravines and gullies that would stop even the hardiest of soldiers. The IDF loves its llamas.

Or it did, anyway. Recently, the IDF has decided to phase out the "llama corps" (that would make a very interesting shoulder patch, as well as a great name for a band), replacing it with . . . you knew I was getting to this . . . a robot. The new robot's specs are classified for the moment, but observers say that the mechanical llama (which is undoubtedly NOT what it will be called) will look and act much like the Roboteam PROBOT, which can reliably carry up to 1,500 pounds over rough terrain.

It's hard to argue with their decision. A llama can carry 80 pounds or so and needs to be fed, groomed, and rested daily; replacing it with an unsleeping, tireless machine that always does exactly what it's told and can carry about 18 times what a llama can carry just seems to make sense. And of course, the robot will never spit at you, which llamas have been known to do with some regularity. (Also, it's probably important to note that a sexually aroused male llama produces a mating sound called an "orgle." I would recommend avoiding an "orgling" llama, lest you become the object of his affections. I would imagine that robots almost never "orgle.")

This is the Roboteam PROBOT, to which the company refers as an
"All-Terrain Carrier and Recon Robot." It's definitely not as cute as
Moose. Image courtesy of Roboteam.
Then again, the robot isn't perfect. Robots are not cute or fluffy. Robots do not grow wool that can be made into coats and hats and scarves. And robots cannot (for the time being) make new robots, whereas llamas, when left to their own devices, do an excellent job of making more llamas. (Also, a baby llama is called a cria, which is about the cutest name for a llama puppy ever.) Each new robot, on the other hand, must be individually machined, assembled, and programmed, at a cost of maybe $100K each. However, I would imagine that the IDF is into efficacy and efficiency, and not so much into cute and fluffy; they're apparently willing to spend this kind of money in order to equip their troops with the latest technology, even at $100K apiece.

Of course, as with other disruptive technologies, this is going to put some folks out of work. I don't know how many llama wranglers (another good name for a band, but of course it'd have to be a country band) will be prepared to make the leap from training and grooming camelids to working with the robotic versions of Moose and his friends. The jobs will be there, of course: As robots become smarter and more ubiquitous, we'll need ever more roboticists, technical illustrators, programmers, QC engineers, designers, systems analysts, assemblers, machinists, and more. (Not to mention people to design, build, and maintain the buildings in which these new devices will be created.) In the end, technology almost always adds career options, but locally, people who are not ready to relearn, rebuild, and retrain for those new careers are going to be in for a tough time. In our parents' and grandparents' day, one worked in one career (indeed, often for one company) for a lifetime; now we're transitioning into an era in which workers must always be ready to shift gears, change companies, leave jobs, and even switch careers.

As a side note, I'm pretty sure the Roboteam developers could program PROBOT to "orgle" if they wanted. In fact, knowing programmers as I do, I would be very surprised if they haven't already done so. I mean, c’mon; there's simply no way they could resist. Someday, on some battlefield in a far-off land, a PROBOT is going to suddenly become . . . amorous. Pity the poor soldier marching beside this beast when instead of beeping placidly, it suddenly begins to "orgle."

Sunday, June 25, 2017

Birdhouses & Submarines

As some may recall, I wrote a book. (Still waiting for that call from Oprah…) The book is about how technology has become democratized and how all technology eventually ends up in the hands of the masses—and when the masses get hold of it, some great (and also a few not-so-great) things tend to happen: we build and invent and innovate in ways the creators of the technology may never have considered.

Well, one of the things the book talks about is information, and how (due largely to the invention of the computer and the Internet) information has also been democratized: that is, many, many more of us have easy access to more information than ever. (We also democratized misinformation, but that's a subject for another post.) Simply put, information is now at the fingertips of many more people than ever before; for those people, laziness is the only reason for not knowing the answer to any number of factual questions. (A couple of caveats here: First, I realize that this technology—and therefore this information—is not available to everyone; there are still plenty of people without decent [or any] Internet access, and people who can't afford computers. I mean, there are people without access to decent food and safe water; a MacBook and fast Internet access is WAY down on their lists. Second, not everything can be answered via the Internet, and the very definition of "facts" can become a bit fuzzy—especially when it comes to interpreting those facts. So, I'm no Pollyanna, just so you know, and I'm not saying that this is, to quote both Voltaire and Kris Kristofferson, "the best of all possible worlds.")

My granddaughter got to meet Kris
Kristofferson at last summer’s family
reunion. Too late to meet Voltaire, I
suppose; maybe I’ll give her a copy of
But back to information access. It will help in this exercise for the reader to understand that I'm a dork. A complete klutz. A home repair disaster on a massive scale. Generally speaking, I can't build things. I can't fix things. I have built birdhouses in which no self-respecting bird would ever live. I once installed a garbage disposal in such a fashion that whenever the disposal turned on, so did the blender on the nearby counter. I have made multiple trips to Home Depot or Lowes so that I could buy materials to "fix" a wall or a sink, only to discover that my feeble attempts at repair, far from saving me money, had actually added to the final cost, because I then had to hire a pro to undo my repair attempts so that the wall or sink or whatever could be repaired the right way. (This is not merely expensive, it's embarrassing.)

Sadly, though I have many friends and several brothers-in-law who are irritatingly good at this sort of thing, I'm a bit of a hopeless case.

BUT… I now have access to information. Lots and lots of information. I have Google, I have YouTube, I have digital access to a vast network of experts of various stripes, and all of them are positively eager to tell and even show me how to do stuff. If you enter "how to" into Google's search field, you get well over 3 billion results. If you enter "how to build," you get about 244 million. "How to fix" will net you about 99 million hits or so. If you wander over to YouTube (which, not surprisingly, is owned by Google) and enter "how to adjust a carburetor," you'll see that there are some 89,000 videos on the topic. (Which is amazing, considering that cars don’t even use carburetors anymore. Must be a lot of people repairing lawnmowers, older cars, and motorcycles.)

Now, you do need to learn to separate the wheat from the chaff, of course. Not all of these results are useful, accurate, helpful, or even truthful; but a great majority of them will help you get that wall built, that truck tuned, or that dishwasher fixed. (My wife once found a random part lying in our antique dishwasher. It seemed like an important part, the kind of part that a machine built to wash dishes would need. I was about to call a repair person, but by the time I got around to it, Lesley had used the Internet to track down the name and purpose of the part and read up on how to reinstall it. Result, one working dishwasher and no bill. It was a homeowner's triumph, and a serious savings, although I do occasionally have to listen to the story of how Lesley fixed the dishwasher while I dithered.) And the range of topics is incredible; there are almost 500,000 videos on building and setting up a saltwater aquarium! Are there that many people raising sharks and octopuses and such?

See this beautiful birdhouse? This is NOT the birdhouse I
built. You can tell because it’s straight and well-made and
stable, and because any bird would be proud to call this
birdhouse home. Image by Frank Vincentz,used under
the terms of the GNU Free Documentation License.
Anyway, we now live in Oregon with Lesley's mom, and I've made it my goal to be helpful around the house. Up to a point, this is easy. I can sweep off the deck. (We live in a forest only about 120 yards from the ocean; 8 billion pine needles fall on the house and surrounding area every time there's a puff of wind.) I can clean and organize. I can haul and move and drag stuff around.

But the other day, something awful happened. The kitchen faucet began to leak. It was terrifying. At first, I'd hoped it was a temporary thing. Maybe it would heal or something. Maybe it was simply possessed by evil spirits, and they would move on after a few days and go haunt someone else. (I made a list of people whom I thought could use a good haunting, and left it near the sink. Didn't seem to do any good.)

It kept leaking. In fact, over the next day or so, it began leaking worse; obviously something had to be done. I offered to build a birdhouse for it, but that didn't seem to help. Eventually, I knew I was going to have to try to fix it.

So, I turned to technology. First, I used Amazon's shopping app and trained my smartphone's camera on the wayward faucet. The app recognized the faucet, one of those fancy Moens with no discernible seams or protuberances, and no obvious way of taking it apart, short of smashing it with a sledgehammer or wood-splitting maul. (Which I was willing to do, but it occurred to me that Lesley's mom might not like that idea.)

But now that I knew the make and model, I went to YouTube and discovered two things: First, these things leak like crazy. Almost every one of these fancy (and expensive!) faucets eventually leaks. And second, it's easy to fix the leak! Dozens of YouTubers (I can't type that without thinking of potatoes) have made videos about how to disassemble Moen faucets. (There's a trick to it. At the very bottom of the handle is a set screw, but the opening is hidden by a small plastic cover of the same color as the faucet. If you pry that off, you can use a 3/32nd Allen wrench—yes, it has to be a 3/32nd wrench, exactly—to remove the set screw and thus the handle. Then just tighten the plastic bolt that has come lose, and which is causing the leak. Keep in mind that it's plastic; don't over-tighten it.)

 One of the dastardly faucets that caused me so much grief.
Image courtesy of Moen.
So, the Internet saved me, and all because when Vint Cerf and Sir Tim Berners-Lee and all the other Internet pioneers created what we used to call the "information superhighway," they made it possible for people to share information about their problems and, more importantly, also about solutions to those problems.

So, now I'm thinking of building a submarine. I'm sure there's a YouTube video about how to do that. (Spoiler: I was right.) 

Saturday, June 03, 2017

Begun, The Agrarian Software Wars Have

First, thanks to all of you who waited patiently during my hiatus from this blog, as Lesley and I sold a house, packed up, and drove (very slowly, it seemed) to our new home in Depoe Bay, OR. A few people had asked if I had intended to get back to The Geekly Weekly, and—in spite of some freelance commitments—I have been anxious to return to blogging. (Because, frankly, it's fun. Also, my publisher says that this is a good way to sell books.)

And now, let's talk about farmers.

Growing up in Los Angeles, I didn't know much about farms or farmers. I figured that eggs just . . . well, showed up, somehow naturally and neatly deposited in those tidy, clean cardboard cartons. Milk was magically placed in bottles, at first, and then later on in cartons and plastic jugs. Meat was from an animal, I knew, but I liked to think of it as it came to me: clean, sanitary, packed in cellophane and Styrofoam. (And I preferred to think that nothing had died just so that I could enjoy that juicy ribeye; or that if something did have to die, it was a quick, painless death to which the animal had stoically been looking forward.) I thought of farming as something simple, elemental, and pastoral, in a Rockwellian sort of way. Farmers were close to the earth, literally and figuratively; it was, I thought, a simple, peaceful way to make a living.
A modern John Deere tractor. Image by Wikimedia user HCQ,
licensed under the Creative Commons Attribution-Share Alike
3.0 Unported license.

When I moved to Nebraska, I discovered that I was wrong about some (perhaps most) of this. I got to meet many farmers, and I worked with many men and women who had grown up on farms. They were quick to disabuse me of my naïve notions.

Farming, it turns out, is hard. It's a lot of work, and it's work that never really ends: If a farmer is not planting something, he's selling it, or tending to it, or harvesting it, or preparing the fields for the next planting. If he's not on a tractor or other piece of equipment, he's fixing or maintaining that equipment. There's almost nothing on a farm or ranch that doesn't involve some arcane set of skills and a whole lot of work. (I once accepted an invitation to go "baling hay" with a friend. It sounded like fun. It's not. It's hot, scratchy, seemingly endless work in the fields for which my puny, citified muscles were not at all prepared, and there's no rest, because the flatbed truck or trailer on which you're supposed to toss the bales—which easily weigh 870 pounds apiece—keeps moving down the field, whether you're ready or not. The woman on the trailer upon which I was attempting to toss bales of hay got a good deal of enjoyment, I'm sure, out of watching me struggle and pant. She could throw those bales around as if they were nothing; I couldn't move for days afterward.)

Farming is also expensive these days. It requires sophisticated equipment to plow, fertilize, plant, and harvest crops. (It also requires some specialized knowledge to operate such tools.) A Missouri farmer I interviewed for Leveling the Playing Field showed me a large outbuilding in which sat several large pieces of equipment: tractors, a combine, cultivators, a backhoe, etc. The farmer to whom I was speaking reckoned that he had "a few million dollars" invested in this equipment. (Of course, this is on top of the cost of land, feed, seed, fertilizer, manpower, and so on.)

The cab of a modern combine can look much like the
cockpit of a jet. Image courtesy of Challenger/Caterpillar,
So, now we know two important things about farmers: They work hard, and even the small-scale "mom and pop" farms (of which there are frighteningly few left) cost a fair amount of money to operate.

There's something else about farmers, too: They can do, fix, build, repair, or maintain just about anything. They are the ultimate in self-reliance. They have to be. If a tractor conks out, someone has to fix it, and it has to be done now, not in a few days or weeks. If a farm truck breaks down, someone needs to get it running again, and fast. If a fence is down, someone has to rebuild it. If something falls off of a piece of complicated equipment, the farmer needs to understand how the piece is supposed to work and then find a way to reattach it in such a fashion that it once again can function, at least temporarily. Trust me, if there's ever a zombie apocalypse, you want to be very good friends with a farmer. (In fact, it wouldn't hurt if you were to find a deserving farmer right now and send him a bottle of good bourbon. You know, just to pave the way before the apocalypse actually starts. Or send me the bottle, and I will see that it gets to a deserving farmer. Sooner or later.)

The bottom line is that you don't want to piss off a farmer. But that's exactly what John Deere seems intent on doing.

The issue has to do with software. (See? Technology—you knew I'd get to this.) Many of the newer machines, even the supposedly "simple" ones, like tractors, use software. Software feeds GPS signals from the cab of a tractor to its steering and determines when to turn and where to begin the next row. When fertilizing, software consults a database, downloads data, and determines how much fertilizer to use on a given piece of land, based on how much was used last season and the resultant yield: If this piece of land didn't perform as well as expected, perhaps it gets an extra blast of fertilizer; another field may get less fertilizer than it got last year, if it didn't really seem to need as much. (Fertilizer is expensive, folks. Farmers try to use it wisely.) If the machine has mechanisms through which grain or other substances flow, that output is metered by software so that the flow remains constant, efficient, and measurable.

What this means is that when a farmer buys, say, a tractor, he's also buying a lot of software.

People have been plowing for a very long time. No software here.
Image in the public domain, compilation copyright held by Zenodot
Verlagsgesellschaft mbH and licensed under the GNU Free
Documentation License.
Except that he's not. Not buying the software, that is. Technically, he's licensing the software, just as you and I do when we "buy" a copy of Microsoft Excel or Adobe Photoshop. We don't really own that software; we've simply licensed the right to use it under certain conditions. (A couple of those conditions being that we're not allowed to tinker with the software, say, or make copies to sell to our buddies.)

And just as we cannot look at, reverse-engineer, or otherwise fiddle with the software we've licensed, John Deere is telling its customers (read: farmers) that they cannot repair or modify—or have their local fix-it guy repair or modify—their equipment. If your John Deere tractor breaks down, you may not be allowed to fix it, even if you know how to fix it. And you may not be able to let your cousin Warren fix it, either, even though Warren has been repairing tractors all over the county for 30 or 40 years. You might have to send the machine 100 miles away or wait for an authorized technician to get out to your farm in order to get the machine repaired.

Unsurprisingly, this does not sit well with many of the farmers—the work-hardened, self-reliant men and women who A) are used to repairing equipment right there in the field, if need be and B) don't like to be told what to do in the first place.

Who could have predicted that software and farming would collide in such a manner?

It doesn't look good for John Deere, by the way. First, in a recent court case, the Supreme Court determined that if someone buys a Lexmark laser printer, Lexmark has no right to stop the buyer from refilling toner cartridges or from buying cartridges refilled by someone else. In other words, if the buyer bought the printer, he bought the whole thing, and could do with it whatever he liked. (In the Court's words: "Today, the Supreme Court reaffirmed that a patent does not confer unfettered control of consumer goods to the patent owner.") It's not difficult to imagine the Court reaching a similar decision about the software that makes your tractor or combine work.

Second, and perhaps more importantly, farmers are a sturdy, realistic lot, and they don't take well to being bullied. If competing heavy machinery companies are smart, they'll simply start offering equipment that does allow the farmer or rancher more freedom to tinker, repair, or modify equipment they've bought. Many of these farmers lease new machines every year; it will not bother them one bit to be seen in a combine that happens to be Case red, Caterpillar yellow, or Kubota orange, rather than one in the more traditional John Deere green.

Don’t piss off farmers, especially when they’re your best customers.

Tuesday, April 18, 2017

Are We Hyper-Technologized?

I love technology. After all, it's how I make a living, and I truly enjoy taking advantage of cleverly engineered, well-built tools. (And for me, "tool" could mean anything from a smartphone to a well-made crescent wrench.) I'm old enough that I still feel a bit of a thrill when I power up a computer or realize that, with modern tech, I can do things that in previous years would have been difficult, expensive, or simply impossible. Technology continues to amaze and enthrall me: drones, GPS, digital assistants, desktop publishing…. For me, all of these things bring to mind Arthur C. Clarke's famous dictum (now a bit over-used, I suppose): "Any sufficiently advanced technology is indistinguishable from magic." Much of this stuff still seems magical to me, even though I know something about how it's done.

This is an Oregon Scientific weather station much like the
one that Lesley and I have in our home and which only
one of us has learned to use.

For example, Lesley and I have the world's most awesome weather station. Among other things, it includes an electronic rain gauge that sends a very precise rainfall measurement to a central display unit that's kept in the house. Any time we want, we can simply look at the display and know that we have received exactly 2.736" of rain over the past 24 hours. (Technically speaking, we cannot do this. Lesley can do this. I have not mastered the rigorous calculus that's apparently necessary to tell the display that we want to see the rainfall totals. So I just randomly push buttons until something happens. Sometimes Lesley comes and rescues me, but most often, I end up with a display of temperature or wind direction, or possibly a readout of my next door neighbor's teenage son's digital music collection or my pickup truck's current gas mileage. Both of the last two are kind of depressing.)

The thing is that this rain gauge doesn't even really measure rainfall—not directly, anyway. It's engineered such that a small catchment collects rainwater through a funnel arrangement. That small container is attached to an arm, and once it has collected the appropriate amount of rain, based on weight, the arm swings down and dumps the rainwater out the bottom of the device. And every time that happens, a counter is incremented. Since we know how much water weighs (if you're curious, it's about 8.3 lbs. per gallon, though rainfall in Los Angeles—being full of various poisonous particulates—tends to weigh more) and how much the catchment holds, the machine can be calibrated to convert the number of times the counter has incremented into accurate measurements of rainfall.

That's pretty damned clever, isn't it? There's a lot of math and machining and electronics and manufacturing know-how in that little rain gauge.

Mind you, we also have an old fashioned, clear plastic cylindrical rain gauge in a holder attached to the side of our deck about two feet away from the digital rain gauge. It was manufactured right here in Lincoln, Nebraska by Garner Industries, and it probably cost about $7 a few years back. If Lesley's not around to rescue me, and if I get tired of randomly pushing buttons on our fancy weather station display, I can always just glance over at the plastic "analog" rain gauge and see how much rain we got. And then . . . well, actually, that's it. I'm done. If I need to start a new countdown, I can "reset" the gauge by picking it up and turning it over so that the rainwater dumps out onto our . . . um, whatever those plants are off to the side of the deck. (Plants and weeds all look alike to me, which is how I've gotten out of weeding for the past several years.)

Or one could use a simple, inexpensive plastic rain
gauge, such as this one.
So, although I think it's kinda fun, it would be a stretch to say that we actually need a digital weather station. I like it, but I can't say there aren't other (often easier, almost always less expensive) ways to get the same information.

Sometimes we end up with technology that was created simply because it could be created or because someone thought it would be cool or because we're determined to improve on the old way of solving a problem. Much of the time, we don't really need it, and there may even be times when it's more trouble than it's worth.

Take bomb-detecting. Surely this seems like a worthwhile endeavor and something worth spending money on. So the U.S. armed services (and researchers in their employ) have spent millions on various types of metal detectors, special cameras, and chemical sniffers. This has resulted in about a 50% success rate in Afghanistan and Iraq.

Of course, being able to locate half of the IEDs (improvised explosive devices) scattered along a roadside or in a field is nothing to sneeze at. But you know what's proven to be much, much more effective? A dog. When dogs are used to patrol, that 50% jumps to 80% or more. And the thing is that DARPA (the Defense Advanced Research Projects Agency) has been trying to come up with something that's better than a dog since 1997. Can't do it. Apparently, there is nothing better than a dog. A well-trained dog is very, very good at detecting bombs. (Or hard drives, or dope, or people, or just about anything else you care to train a dog to detect.) There is simply nothing trainable on the planet that's better at literally sniffing things out. (Which makes sense. Consider that the typical human has about 5 million olfactory receptors in his or her nose, while a dog has more than 220 million such sensors. To be a dog is to inhabit a world much richer, more fragrant, and probably much more interesting than the drab one in which you and I live. Also, they get tummy rubs.)

Training and provisioning a dog costs money, of course. Some sources say that a trained bomb-sniffing dog can cost between $5,000 and $25,000 or more. (That's a rather large variance, of course. Perhaps a bomb-sniffing Bichon, being more . . . uh, portable, is worth more than a bomb-sniffing Doberman?) But even at the high end, that's much less than the cost of most hi-tech bomb-detection tools, and the dog is easy to operate and also serves other functions. And in the end, the dog simply works better than the hi-tech tools.

Bichons are SO cute that they look a bit like they
escaped from a comic strip. (Photo licensed under
the Creative Commons Attribution 3.0 Unported
license by user Rocktendo.)
Altogether, the Pentagon has, since 2004, spent about $19 billion on bomb-detecting gadgets and other hi-tech mechanisms meant to deal with insurgent networks and the IEDs they plant. (Even if a trained dog cost $20K, that means that our $19 billion would buy about 950,000 dogs. That's a lot of dogs. I'm pretty sure that if you simply let 950,000 trained dogs loose in Afghanistan, the war would be over in days. Although I'm not sure who will have to clean up the place afterward.) One of these hi-tech gadgets is VaDER (am I the only one who reads a certain evil malevolence into that acronym?), which DARPA would like us to believe stands for Vehicle and Dismount Exploitation Radar, but which is obviously just an excuse to come up with a Star Wars-themed anti-insurgency device. VaDER is a $138 million aircraft-mounted sensor that tracks moving targets from an aircraft. We don't really know how well VaDER works, because a spokesperson said only that it and related tools were "enormously useful." So, that's good; wouldn't want to spend that kind of money on something that was only "mildly useful" or "somewhat useful."

I like clever stuff, but we seem to have a facility for over-engineering solutions, is what I'm saying here. Do we really need a toilet seat that automatically closes when the user (a man, one assumes) walks away? Can't the guy just put the seat down? Or couldn't the next person to use the toilet simply put the lid down? How hard is it, really? Or maybe you need a connected weight-loss fork that vibrates when you've eaten too much! Or possibly some air-conditioned shoes? (These look suspiciously like . . . well, shoes with holes in them. Say, I guess I already have some air-conditioned shoes down in the basement! I would be willing to sell those to you for, oh, $30 each. That's $48 off!) How about a mug that lights up to indicate the temperature of its contents? So you can tell if your tea is too hot, I guess. Just take a sip, dammit! If it burns, it's too hot; go take a walk in your air conditioned shoes for a few minutes while your tea cools off a bit.

Tuesday, April 04, 2017

Your Car May Decide to Kill You. Or Not. It Depends.

I spent some time writing software and running the development side of StudyWare, a small software company based in San Diego, CA. And after our company grew large enough that we could afford to hire programmers and analysts who actually knew what they were doing, I spent several years managing those who wrote both the software and the content to be used with that software. (I can't tell you how nice it was when we got to the point where we could afford to hire real programmers. I truly enjoyed programming, and I think I did some clever stuff; but compared to the talented, experienced developers we hired, my efforts were laughably inelegant, unsophisticated, and clumsy. But hey, at least I was also slow.)

An early StudyWare software package. The
packaging and the software eventually
became much more sophisticated.
At any rate, the point is that I have been in the trenches, and I've worked with others who've been in the trenches even longer than I. So, I have indeed ridden the software dev dragon and I have tamed (or occasionally been tamed by) the beast.

In other words, when it comes to building and delivering software, I speak from experience. Thus, I can say with some confidence that software behavior is largely about decision-making: Your code does a particular thing until something happens, at which point it does something else. It's a very strict, Boolean environment; the code always behaves according to some very exacting logic. (Not always the logic you had intended, mind you, but that's a subject for a different post.) Essentially, a huge part of the functionality of software hinges on decisions made about whether something is true or false. If X has happened (that is, if it's true), then do Y.  For example, if the system's internal clock has counted out X number of seconds or minutes, then Y should now occur. (In this case, perhaps Y is that a bell should chime to let you know that it's time to go turn off the stove, call your mother, or move your laundry into the dryer.) Or, if the user has entered a particular word into a textbox, find and highlight all occurrences of that word in a document. That sort of thing.

It's a very pragmatic and ruthlessly logical approach. There's not a lot of room for . . . well, heart. Software doesn't feel.

And yet, programmers do have hearts. They do feel. They do have consciences. (I know a programmer who once worked for a defense contractor that built missiles. After several years of doing that, he was looking for a graceful way out for a number of reasons. One of those reasons had to do with the products he was designing. He said, "If I do my job well, somebody dies. If I do my job poorly, somebody else dies.") So, while software may be said to have no heart, we can definitely see examples of software that has to have, for lack of a better term, a conscience of sorts. Or more accurately, it can sometimes come to represent the programmer's or designer's conscience.

One increasingly obvious example of this has to do with the design of autonomous cars. You wouldn't think that conscience or morality would enter into something so utilitarian, but it turns out that programmers working on such devices are having to make decisions that are essentially moral. They involve not math but ethics. (Or more accurately—and much more interestingly—a combination of math and ethics.)

The S60, an experimental autonomous car from
Volvo. The S60 is classed as a Level 3
autonomous vehicle: the driver must be prepared
to take control if/when necessary. (Image used
under the Creative Commons Attribution-Share
Alike 4.0 International license.)
Part of the designer's job is to anticipate certain scenarios, and to program the automobile (in this case, it's truly an automobile) to respond appropriately to certain scenarios. Thus, the car watches for pedestrians who may step in front of the vehicle, vehicles that may run a red light and enter an intersection unexpectedly, traffic signals that are about to change, etc. It's actually very impressive that these systems can almost flawlessly respond to changes in the environment and that they usually render a decision that keeps drivers, passengers, and nearby pedestrians safe. (Of course, usually is not the same as always, so we have seen accidents, some of them fatal. This is dangerous stuff, after all, and we are on the bleeding edge of tech here.)

But imagine a scenario such as this: Bob is in an autonomous vehicle that's proceeding along a one-way, one-lane street, when suddenly a pickup truck enters from a side street on his right. Bob (well, in this scenario, Bob's car) has three options: the car can veer left, veer right, or plow straight ahead. (We'll assume for now that things are happening too quickly for braking to be effective.)

Nothing good can come from any of these options. Perhaps Bob veers left, up onto the sidewalk, where an older couple is slowly making their way over to a nearby vehicle. One possible result? Two dead elderly citizens. The car could veer right, but what if on the sidewalk to the right was a group of schoolchildren being led by a teacher at the front of the line and an adult aide at the end? Possible result? Dead or injured children, along with possible harm to the adult leaders. If the car continues straight ahead, it will T-bone the truck, and the impact will almost certainly harm or even kill the driver of the truck and his passenger; the crash might also harm or kill Bob himself.

You’re probably thinking that this is far-fetched, simplistic, and unrealistic. But it (or something like it) can occur; I would bet that this sort of thing happens at least weekly in every major city. (In 2016, there were 55,350 traffic accidents in Los Angeles, and 260 people were killed in those accidents. About 229 people died in New York City accidents that year.) Of course, when a person is driving the car, that person is responsible for the split-second decision he or she is about to make. Someone is going to get hurt, no matter what. And there often isn't time for a driver to consciously think about that decision; he simply reacts. Hopefully, no one is hurt.

But the programmers and designers and analysts who build autonomous vehicles have to consider such scenarios; they do have time to think, and they have to program into the system what they feel is an appropriate response. They must tell the vehicle, "When faced with this scenario, do this." Those programmers just made a life-or-death decision. They had no choice. They have to tell the car to do something, after all. (Keep in mind that opting not to do anything is also a decision.) They have to encode the system, the "brain" of the car, to behave in a certain fashion in response to certain inputs.

So, what should they decide? Assuming that the technology has advanced to the point that the car can tell what it's about to hit (and I think that is or soon will be the case), does Bob's autonomous vehicle veer left or right? Does it put Bob at risk, or some schoolkids? Or do we aim the car at the elderly couple? Are the schoolkids' lives worth more than the lives of the two older people? Or does the car determine that Bob must sacrifice himself?

It's interesting to talk about this kind of decision-making, of course, and I have had some enjoyable discussions (and even arguments) with students about this sort of thing. (And similar logic/ethic puzzles have been around since long before the advent of autonomous vehicles.) But for the purpose of this discussion, which decision the programmers should make isn't even the main point; the important thing is that we've reached a point at which such decisions have to be (and are being) made.

Technology and morality or ethics have always been connected, of course. After all, technology is used (and misused) by people, and people are moral animals. (Or, depending on your perspective, perhaps you feel they are amoral or even immoral animals.) So how we decide to use a technology, and for what purpose, may have always been a decision that has had an ethical component. (After all, I can use a handgun to protect my family, or I can use it to rob a bank or mug that elderly couple we were discussing a moment ago. Even a lowly hammer can be used to build a home or repair a fence, harm a person or destroy the display window of a downtown shop.)

So, having to consider an ethical component in a technology is certainly nothing new. But having to program an ethical component, having to make those sorts of decisions ahead of time and at a remove, is something that many of us have not considered until now. We (or the car's designers, at least) find ourselves in an uncomfortable position: how do we decide which lives are more valuable than other lives?

That's not a decision I would want to be forced to make.