What has changed

It’s been a long time since posted anything to the blog; I’ve been that busy but I am going to try to get something out once a week going forward.

The technical complexity of the security landscape has increased dramatically since I last posted but are we more secure? No.

RackSpace & Cloud Hosting

While researching hosting providers the results returned an Article 8 Reasons I hate Rackspace with the Fiery Passion of a Thousand Suns:

This article confirmed my suspicions about RackSpace based on other things I had heard.  The funny part is that Google Ad Services dropped in a banner Ad for Rackspace on an article that is rant against the company. I wonder how many click through conversions they get?

Kubla Khan is Always With Us

Samuel Taylor Coleridge penned his famous poem Kubla Khan, a Vision of a Dream under the influence of a few grains of opium taken for dysentery. One can only wonder what the fifth great Khan himself was under when he ordered the building of 4,000 ships in a year for the second invasion of Japan. Perhaps he was only drunk on power. Nevertheless, it too was a catastrophic failure in which nearly everyone perished in a typhoon.

The Japanese myth had it that it was magical wind that did in Kubla Khan’s fleet. Modern archaeology tells a slightly different story. The grandson of Genghis Khan’s order led to shoddy craftsmanship, and using river vessels with flat bottoms to meet the artificial deadline. When placed under the duress of a typhoon, a statistical outlier, the vessels lacked the required design and therefore resilience to withstand the storm.

Again and again people plan based on best case scenarios ignoring the outliers whose impact is catastrophic. Completion dates are imposed based on the perception of what timeline is acceptable to the boss, or blind bottom up task by task time estimates. This carries on today, whether it is ambitious government, ambitious business, or ambitious IAM . We hear repeatedly stories of hard-nosed leaders saying, “I told them I wanted it yesterday and they made it happen.” While these stories appear regularly in the press, the stories we don’t hear (unless the magnitude is large) are the numerous small failures where “I wanted it yesterday” is a loser. I assure you these out number the success stories but there is no one out their bragging about that, “Hey everyone, boy did we lose money this week” or “I would like to congratulate the team for missing every deadline I imposed on them.”

It is no different then the gambler bragging about his winnings and strangely silent on his losses. As Nassim Taleb has said, “We don’t learn that we don’t learn.”

SAP Beauty Contest

Back in May SAP held its annual Sapphire conference simultaneously in Frankfurt and Orlando.  The self proclaimed “IT industry’s premier customer conference” featured once again keynotes by SAP executives,  customer presentations and key sessions.  For all the promotion and clamor of these events, the entire focus is not on the customer, it is on SAP.  It’s SAP’s annual chance to propagandize their failures and promote their successes.  In my own attendance at these events not once did I ever feel it was anything more than an SAP beauty contest.  The contest, of course, is for publicity and public awareness.  There are only two rules required to do a customer presentation at Sapphire:

  1. It must be about whatever SAP is pushing hard in the sales channel.
  2. It must make SAP look good.

As long as you follow those two rules, you are welcome to insert a modicum of technical merit and brag about how great you are.   And while my criticism is most likely not appreciated, and it may cost me, I think SAP’s success has caused them to become careless and  lose touch with their customers.  Because of this, they are at risk of missing market opportunities that will be exploited by niche competitors.  Even if you are dominant industry player, your fall happens faster than your ascent, ask General Motors.

Coda: Unstructured Data

As promised this the last time I will ever write about the oxymoron unstructured data; I already feel like a Harpy in The Wood of Self-murderers except I am torturing those who have committed intellectual suicide.  Some of you reading this may find this post harsh but as Richard Bandler observed you only need to feel insulted if it applies to you.

Google unstructured data and it returns 700,000 hits.  Wikipedia starts with this definition:

Unstructured data (or unstructured information) refers to masses of (usually) computerized information which do either not have a data structure or one that is not easily readable by a machine.”

The hyperlink to data structure says this:  “In computer science, a data structure is a way of storing data in a computer so that it can be used efficiently. It is an organization of mathematical and logical concepts of data.”

I couldn’t make this up if I wanted to;  so according to the Wikipedia author(s) the only thing that qualifies for unstructured data would be a pseudo random number generator, books, magazines, and printed documents.  I can’t imagine this is what he had in mind when defining the term.  He most likely used unstructured knowledge to write it, that and a crayola.

Those with whom I have argued over this term tend to respond in three ways.  For some when I have shown them the denotative nonsense of it , fall back to its connotative meaning.  “I agree with you; it is an oxymoron but the term is useful to distinguish between data in databases and the all the other data”  A utilitarian argument for a term whose descriptive power is based on a shared hallucination of meaning.   Apparently once you have gathered a sufficiently large number of idiot enthusiasts you have a powerful semantic swarm for persuading the me-too masses.  Others, less bright or perhaps intellectually honest will argue that when you put the words together they take on new meaning, like mixing colors I suppose or the German compound noun and LSD. Now, you really can see the meaning.  Finally, there are the invincibly ignorant whom no argument conceived could convince otherwise.

What has this term contributed to the advancement of computer science, to knowledge, or to decision making?  Anyone?  As far as I can tell it has only contributed to marketing, to pseudo-intellectual posturing, pretense of knowledge,  the selling of quackery and of course, as always, a PhD thesis.

Bludgeoning GRC

I’m driving off the road with this post. At Catalyst and on their blog Burton Group objects to the sloppy use of the general marketing term ‘GRC’. Back at the start of June, Securosis blog called it ‘dead’ setting off other rounds of posting. I suppose it’s dead in the same way firewalls and NIDS are. Regardless, I missed it until Matt pointed it out to me.

Trent Henry wrote this:

We always try to create a list of key themes for the research year — things that are top-of-mind to clients, represent interesting trends for the industry, or are potential market “gotchas.” This year we looked at the emerging discussion of “GRC” and scratched out (sic) heads. We didn’t get it. In fact, we thought the market messaging and product direction(s) were potentially deleterious, so one of our key themes was to debunk the solution space of GRC (that’s “Governance, Risk management, and Compliance” in case you were unaware; of course, as further evidence of the meaninglessness of glomming these words together, some vendors use “GRC management,” which drops the individual management from risk management. On the other hand, it also implies a such thing as “governance management,” which, if not redundant, I don’t know what is; but don’t get me started down the semantic idiocy path…)

Get him started? He’s already there no one told him. While they were debunking GRC perhaps they should have turned the gimlet eye onto their own blather; this from a Catalyst conference announcement:

Today’s enterprise has more unstructured data, streaming through more information channels, than most information architects might have predicted just a few years ago…

It continues..

With the advent of enterprise-class semantic technologies, a new layer of capabilities has been added to what SOA has traditionally provided. Foremost among them is context management. With Semantic SOA, data services are no longer tethered to source schema or data structure; by applying a context management framework across the architecture,… This presentation will provide an overview of best practices in designing and deploying a Semantic SOA, including relevant use case examples and illustrated by a real-world Semantic SOA deployment.

A link takes us to this bullet point at the web site:

The convergence of structured and semi-structured information, with SQL and XQuery

“Unstructured data” is complete nonsense. Here are some definitions from answers.com:

Data: Factual information, especially information organized for analysis or used to reason or make decisions.

Unstructured: Lacking a definite structure or organization; not formally organized or systematized.

Information always has a structure otherwise it’s just noise or a stream of random characters. It’s just not in a form that makes machine inferencing easy. I predict in just a few years we will be hearing about Federated Semantic SOA, which I suppose would be an on demand union of context frameworks across arbitrary boundaries permitting the synthesis of entirely new domains of knowledge completely separated from logic. I predict it will need XML, lots of it. At least 2Mb of tags for every 8 bits of information. It will support unstructured data, semi-structured data, semi-unstructured data, and of course, virtual-unstructured data.

As a side note, this is the perfect metaphor for the XQuery approach.