 |
| Photograph by author |
Do
you know National Geographic's Science of Stupid program? That's a kind
of Funniest Home Videos, but
with a scientific explanation of why someone hit the ground in such a painful
way. It’s an educational/entertaining program, so to speak.
I
thought of that program when I saw the scene shown above yesterday. A local
hotel, where our team had retreated to discuss the way forward, has erected a
flagpole atop a gabled roof. It’s cool to have a flag at the highest point of
your building, but did they also think about the hoisting and lowering of the
flag? Or did they only think of that afterwards? And then they bought a ladder,
which turned out to be too short?
The
top ladder appears to hang from one hook, which extends through the roof. That
hook is slightly above the middle of the ladder, which could make it a nice
pivot point when someone is at the top. But luckily the ladder at the top is
still tied with a rope. Or no, it isn’t: that is the rope of the flag. Because
that ladder is too short, they bought another one and, as it were, pushed it
into the other one. Beautiful: when one moves, the other moves with it. The
bottom ladder also hangs on a hook, and - if that is the only attachment point,
which I don't know - then this ladder can also tip over when there’s someone at
the top. All in all, I would not like to be responsible for this flag. By the
way, I doubt whether it is hoisted with military precision every day at sunrise
and lowered again at sunset.
Are
there any Science or Stupid-worthy events in our profession? Of
course there are. It is not always cyber criminals that cause us problems. We
can do that to ourselves, too. How many times have we heard about data breaches
caused by organizations not having their cloud configuration in order, allowing
everyone to access the data? And you may occasionally have sent an email,
realizing two seconds later that the wrong name was in the to field. We all
make mistakes from time to time, and depending on the nature of the mistake, it
impacts our security, the privacy of our data or even business continuity.
There
are all kinds of measures to prevent such errors. For example, changes are not
immediately implemented in the production environment, but first in the test
environment. There you can observe whether that change does exactly what it is
supposed to do – no more and no less. Automated deployment then ensures that
the change is sent to production exactly as it is, and is not messed up due to
a human error (checkbox placed incorrectly, typo made). You can also leverage
the four-eye principle and have someone watch what you’re doing. We even do
that when we write notes, but then it's called a review. If I write down
something that touches on technology, I like to have some technical people
check whether I have written any nonsense. Just because I can come up with something
doesn't mean it's feasible. I don't want to live in an ivory tower.
In
that TV show you see people who have built a jumping ramp themselves and then
rush towards it with their bicycles, only to find that the landing is less
graceful than they expected. The voice-over, in a slightly mocking tone,
provides a discussion about centers of gravity, Newton's laws and why this
operation was doomed from the beginning. The message is invariably: first study
the laws of nature you are dealing with and adjust your design and movement
accordingly. By the way, the result depends on your skills; not everyone, once
in the air, is able to obediently keep their center of gravity directly above
the bicycle.
Translated
into my profession, I would say: first look at rules and regulations, and take
them into account during design and construction (security/continuity/privacy
by design). If the system needs maintenance, check what you have to take into
account and act accordingly. That may take some practice, just like a bicycle
stunt. But luckily we have test environments – unlike all those unfortunate
stunters.
And in the big bad world...
This section contains a selection of news articles I came across in the
past week. Because the original version of this blog post is aimed at readers
in the Netherlands, it contains some links to articles in Dutch. Where no
language is indicated, the article is in English. Actually, this week there
aren’t any Dutch articles, but there’s one in German.
- Outlook shares information about you with hundreds of partners (note: this article is on the site of an Outlook competitor and advertises its own product at the end, but the content still seems worthwhile to me).
- Microsoft is also being criticized in an American government report.
- Microsoft Copilot can reveal a lot of confidential information (you can skip the
commercials here too).
- A ransomware attack becomes much more
expensive if the backups are also affected (again with advertising, but okay).
- the hacker who single-handedly shut down North Korea tells his story here .
- criminals pose as lawyers and confront companies about allegedly violated copyrights.
- the German government gives tips for purchasing and using smart devices. [GERMAN]
- there was a commotion about a backdoor in a popular piece of open source software.
.jpg)
No comments:
Post a Comment