Where to Find What?

I have confessed on this blog that I have Mr. Monk DVDs for a reason. We like to categorize, tag, painstakingly re-organize, and re-use. This is reflected in our Innovations in Agriculture …

The Seedbank: Left-over squared timber met the chopsaw.

The Nursery: Rebirth of copper tubes and newspapers.

… as well as in my periodical Raking The Virtual Zen Garden: Updating collections of web resources, especially those related to the heat pump system.

Here is a list of lists, sorted by increasing order of compactification:

But thanks to algorithms, we get helpful advice on presentation from social media platforms: Facebook, for example, encouraged me to tag products in the following photo, so here we go:

“Hand-crafted, artisanal, mobile nursery from recycled metal and wood, for holding biodegradable nursery pots.” Produced without crowd-funding and not submitted to contests concerned with The Intersection of Science, Art, and Innovation.

Social Debt (Tech Professional’s Anecdotes)

I have enjoyed Ben Horowitz’ book The Hard Thing About Hard Things. Farnamstreet’s review is perfect so I will not attempt at writing one. I will focus on one idea I found most intriguing.

I read Horowitz’ book as an account of dealing with hard decisions in general, about having to decide alone, about personal accountability, about having to pick the lesser of two evils.

The idea that stuck with me in particular is Management Debt, and Horowitz also blogged about this.

… management debt is incurred when you make an expedient, short-term management decision with an expensive, long-term consequence.

You accumulate Management Debt if you try to fix an organizational issue quickly by acting inconsistently. Horowitz’ example: You might give an employee a raise in order to stop her from leaving the company. But she had discussed her plans with another employee who then wonders why she stayed; so she feels pressed to explain the reason to him. Then others learn how to blackmail you in order to get a raise, etc..

From my short stint as a manager I am familiar with such situations but I rather like to extend the concept to Social or Political Debt. I believe that we, as human social animals, tend to focus on resolving the conflict right in front of you, rather than considering seemingly abstract consequences in the future.

I am thinking of the expert bombarded with all kinds of requests. As a professional it is hard to avoid them: People who to want to pick your brain and just like to have 5 minutes so you can glance over their problems. For free. Trying to help all of them – on top of working with paying clients – would be the equivalent of trying to copy a full book at the photocopier but yielding to anybody who wants to copy just a single page.

As a fallible human you might give in to the most intrusive requester just to get rid of him or her. You think that explaining your seemingly cold-hearted rationale would take more time and would be more emotionally taxing than just fulfilling the request.

But those people will return with more problems, and their acquaintances will, too. You have incurred debt, and there is interest rate. The moment of refusal might be difficult though, in particular with requests in the blurry area between business and private. How to say No to that alleged or self-declared old friend?

I am a believer in 1) Stating clearly what you don’t want and don’t do (rather than focusing on the positive) without feeling the need to explain yourself and 2) “Principles” – a short list of your values, or guiding principles you always follow. Both need need to be ingrained in your mind so that you react accordingly in case you receive those e-mails and calls out of the blue.

The paradoxical or sad thing is that explanations are most often futile. There are many good reasons – both ethical and business-wise – for not jumping onto such requests. The obvious one being limited time and treating all clients equal, but the best one in my point of view being the value of true expertise: Based on years of experience you might only need five minutes to solve a problem that requires somebody else doing days of research. That’s exactly why those first minutes might be the most valuable.

I am speaking from experience although such things fortunately did happen to me rarely. But when they did, it was freaking me out. I once got a call from an unknown lawyer who was in the middle of installing his very own Public Key Infrastructure; he started asking technical questions before introducing himself. I tried to explain that I was actually charging people for such services, and that I assumed he did not do legal counselling for free either. His response was that he was maintaining all his IT stuff by himself – just this topic was too complicated for him so he needed advice. So services should be free if a professional solves a particularly tricky problem. This defies common sense.

I also thought I had a killer argument, non-refutable. I am actually providing technical information on ‘the internet’ – the same sort of answers or materials I would charge clients for. The difference is that I am not obligated to do this, so I pick this case by case. I believe in open-source-style sharing in a community of like-minded members. I am a believer in demonstrating skills in real time instead of showing off certificates – it goes without saying this might include giving away some valuable advice for demo purposes at the start of a business relationship.

Unfortunately, this demo-for-business argument that is used too often by people who want to milk your know-how forever – just testing how far they can go – without ever really considering a ‘business relationship’. As soon as you tell them the answer to the next question will not be free of charge anymore, they suddenly stop asking.

Fortunately, I get enough feedback by providing so much detailed information for free!!. A few people who don’t get it would not shatter my confidence. Interestingly, people who still challenge me (But then you don’t have time for me??) are those whom I would not consider part of any ‘sharing’ communities or get their spirit in the slightest. I think all those issues belong in the category: Either you get it immediately and communication is based on tacit understanding what is normal and appropriate – or all explanations are in vain.

Many years ago I had been asked literally if I would like to work for free. Corporations send out request for proposals and ask for lots of free concepts and presentations – until they have gathered enough know-how from all the potential vendors invited so that finally they have learned enough from the ‘pitches’ and can do the whole project on their own. Finally I had my antennas finely tuned to all your typical manipulations methods (I have already told X you will do [unpaid honorable engagement] Y – if you don’t, this will get me into serious troubles!). Many people are driven by short-term impulses, not by malice (I have to solve this problem or my boss will kill me!) and they respond to logical arguments: What would you say if you were a paying client and find out that I do free consulting for other people at random? Some manipulators are hopeless cases though, especially if they think they provide something in return that is actually less than useless to you.

Horowitz’ war stories resonated with me more than I expected. He emphasizes dealing with organizationally or psychologically difficult issues head-on. I read his advice as: Better act sooner than later, better state the ugly truth upfront. Better take some decision at all, even if it is just 55% versus 45%. Communicate clearly, don’t use fluffy phrases. Sometimes people explicitly appreciated my way of saying No immediately and unambiguously, instead of endless dithering and not trying to hurt anybody which seems to have become fashionable in times of Networking and You Will Always Meet Two Times.

wine-clarity

Searching my own images for own that would represent both mental clarity as well as difficult decisions – I zoomed in this one immediately. (Vineyards close to my home village, evening at the beginning of May.)

Although this is tagged with ‘rant’ it should not be interpreted as what I actually consider pointless and energy-draining – endless rants about common practices in your industry sector that you cannot change but have to live with. I am in the Love It, Change It, Or Leave It camp. I have also been writing about the past, and often a single annoying event of that sort had made me shift gears.

I believe the best – and most productive – way to cope with weird requests is to either: Respond clearly and immediately using a standardized I-don’t-do reply, then ignore them as an accidental, misguided question that just happened to end up in your inbox; or: to analyze if an aspect of your previous communication might have invited such inquiries, and improve your future communications. And don’t aim at being liked by anybody, anytime.

When I Did Social Engineering without Recognizing It

I planned to read something about history this summer.

Then I picked the history of hacking. My favorite was Kevin Mitnick’s autobiography – the very definition of a page-turner.

The book is free of hardcore technical jargon and written for geeks and lay audience alike. Readers are introduced to the spirit of a hacker in the older sense of the word: Mitnick’s hacks were motivated by the thrill of exploring systems but he never gained financially.

Kevin Mitnick successfully obtained the latest source code of cell phones,

reports on security vulnerabilities in operating systems, and legitimately looking birth certificates of deceased children to setup new identity – due to his combination of technical skills and mastery of social engineering. He got people to reveal corporate information they should not. Pieces of information are seemingly innocuous in their own rights – a name of server, a corporate directory of employees – but it helps the social engineer to learn the lingo and pose as a trusted insider.

Computer-police

I adhere to the conventions re hackneyed images (Wikimedia).

I often had been called way too honest – and thus not getting anywhere in life, professionally. So I was asking myself:

Could I con people into breaking rules? The intuitive answer was of course No.

But then the following anecdote emerged from a dark corner of my mind.

A long time ago I had worked as an IT Infrastructure Manager – responsible for quite a colorful IT environment run partly by subversive non-official admins. I actually transitioned into that role from supporting some of the latter. One of the less delightful duties was to keep those subversive elements from building rogue websites and circumvent the bureaucratic corporate content management system – by purchasing internet domains like super-fancy-product-name.com and hosting these services where they figured I would not find it.

I also had to clean up legacy mess.

One time we had to migrate an internet domain hosted on behalf of an Another Very Important Organization to one of their servers. Routine stuff, had the domain been under our control. But it was tied to a subversive website a department had once set up, working with an external marketing consultancy. The consulting company was – as per the whois records – the official owner of the domain.

Actually the owner listed was not even that company was a person employed by that company but not working for them anymore. I consulted with the corporate lawyers in it would have been a legal knot hard to disentangle.

However, I had to transfer the stuff right now. Internet domains have a legal owner and an administrative and a technical contact. The person able to do the transfer is the latter but he or she must not do it unless instructed to do so.

I tracked down and the technical contact and called him up. The tech-c’s phone number is public information, very easy to find back then – nowadays you might need a tiny bit of social engineering to obtain it.

I explained the whole case to him – the whole truth in all details. He was a helpful network administrator working for a small internet provider. Having to deal with a typical network admin’s predicament immediately built a kind of bond. This is one of the things that makes working in IT infrastructure management enjoyable – in a job you are only noticed if something goes wrong. (The rest of the time you are scolded for needing too much money and employing too much personnel).

The result was that the domain was technically transferred to the intended target organization’s server immediately. But: If somebody asks you how this has been done – it wasn’t me!

This is the same concluding remark uttered by an admin in another telco later – whom I had convinced to provide me some password of a company. Also that inquiry of mine and reasons given were true and legitimate as I was doing it on behalf of a client – the password owner.

In both cases there was a third party, a client or colleague or employer, who was quite happy with the results.

But there weren’t any formal checks involved – people did not ask me for a verifiable phone number to call me back or wanted to talk to my boss or to the client. If I just had fabricated the stories I would have managed to get a domain transferred and obtain a hosting customer’s password.

Rusty and Crusty PadlockThe psychologically interesting part of my job was that I didn’t have real power to tell departments what they must or must not do. I could just persuade them.

I think this is an aspect very common to many corporate jobs today – jobs with with grand titles but just a bunch of feeble dotted lines to the rest of the corporate universe and its peripheral contractors’ satellites – some of which you never meet face-to-face.

Combine that with an intricate tangle of corporate guidelines and rules – many of them set up to enforce security and compliance. In some environments people hardly get their jobs done without breaking or bending a subset of those rules.

Social engineering in some sense is probably what makes companies still being able to function at all.

Career Advice – Borrowing Wise Words from a Sailing Hacker

On researching SSL-related hacks, I have stumbled upon the website of notable security researcher Moxie Marlinspike.

Marlinspike is also a sailor and working on diverse projects, such as Audio Anarchy – a project for transcribing anarchist books into audio format. On his About page he says:

I like computer security and software development, particularly in the areas of secure protocols, cryptography, privacy, and anonymity. But I also secretly hate technology, am partially horrified with the direction “geek” culture has gone.

and

In general, I hope to contribute to a world where we value skills and relationships over careers and money, where we know better than to trust cops or politicians, and where we’re passionate about building and creating things in a self-motivated and self-directed way.

I call myself Subversive El(k)ement, Security Consultant, Search Term Poet, and Luddite in Disguise … how could I not relate

So it was not a surprise that I found myself in total agreement with his career advice.

Moxie’s post starts with

What I want to say, more often than not, is something along the lines of don’t do it;

This is reminiscent of Via Negativa I learned about from Nassim Taleb’s writings. I have also  found it more helpful to state what I don’t like instead of phrasing so-called SMART goals. When planning positively you try to target a small point in the vast space of options – likely to be missed – in contrast to the negative approach of avoiding a subset of options and keeping a considerable part of them in reach.

From the famous Stanford Prison experiment Moxie draws a simpler lesson as an individual – and it seems more palpable to me than that grand discussions about morals and free will:

 … just be careful what job you take, because your job will change you.

You should look at the people working in a certain environment or industry sector and think twice if you want to become like them. This is not self-evident: At times I was dead set to break into a world whose representatives were anti-role-models – but of course I wanted to revolutionize the whole sector. Finally I have found out that it is more rewarding to go where the people are to whom you can relate with.

Moxie talks about choices we all make, and how the first of those, early in our careers, are defined by supporting structures like family, school, or university:

When we arrive at the ends of these funnels, it’s possible that the direction we’re facing is more a reflection of those structures than it is a reflection of ourselves. Self-determination in a moment like that can’t simply be about making a choice, it has to start with transforming the conditions that constitute our choices. It requires challenging the “self” in “self-determination” by stepping as far outside of those supporting structures as possible, for as long as possible.

It is silly to attempt at rushing through our lives, taking conscious decisions as early as possible and trying to cast your perfect CV in stone, as

There’s no rush to get started early on a never-ending task.

Moxie concludes that in relation to the inquiries about career advice, he is:

… likely to respond with something like “if I were you, I’d hitchhike to Alaska this summer instead.”

He advocates

… doing the absolute minimum amount of work necessary to prevent starvation, and then doing something that’s not about money, completely outside of supporting structures, and not simply a matter of “consuming experience”

I can anticipate objections, and you can also find them in the comments on his Moxie’s post. How to pay the bills? How to feed the kids?

Actually I have re-written this post several times because of this – but, alas, I will not be able to avoid all ambiguity. All I want to say is that Moxie’s post struck a chord with me. Though targeted to students it is this classical advice to the younger self that exactly that self might not like. It took me ~20 years to come to that conclusion and act accordingly.

I think the primary target group of articles like this are people who arguably have choices but don’t use them – people who err on the side of caution. I don’t want to downplay the predicament of the single mum working two jobs but rather speak to the unhappy Head Chief Architect Officer of Something Sounding Really Impressive But Actually Doing Unnerving Grunt Work That Just Happens To Be Extremely Well Paid.

I am also not at all trying to evangelize among those who wholeheartedly enjoy their stressful jobs. There is this subtle dance of intriguing yet stressful work and inspiration that makes it enjoyable nonetheless. The big caveat here is that you need to find out on your own what exactly stresses you out in a fatal way – and this is not necessarily straight-forward. It is to be experienced, not to be determined by theorizing.

Based on my experience, anecdotal as it is, I dare hypothesize that there is an impressive percentage of respected middle-class corporate employees who do ponder about an alternative life as that iconic free sailor. My job role had been that of a technical consultant ever since but I had become more of a project psychologist at times. I was to hear surprising confessions – after we had left the formalities of the professional negotiations behind and people started philosophizing over coffee.

Generally speaking, I believe that most of us living in stable democracies are freer than we think. I am saying this as the inhabitant of a country whose primary mentality is not exactly shaped by entrepreneurial spirit and daring. I know how the collective submission to alleged obligations work.

As for using kids as a main counter-argument to a ‘free’ life-style, I was reminded of that most recent controversy about adventurous parents living and rising their kids on boats. – an impossible life for most people. Considering their life-styles too risky gives proof of how warped our sense of risks and probabilities is, and how over-valued spectacular risks of The Uncommon are in comparison to the dull, but near certain health risks of the accepted, sedentary living in a modern civilization.

We do make choices all the way, and be it just choosing the life expected from us by those supporting structures. When we are grown up we don’t have much excuses for not taking accountability – and this does not at all mean a perfectly streamlined career plan.

Quoting Moxie again:

Be careful not to discover a career before you’ve discovered yourself.

The best advice is not to follow any advice (incl. this one), question everything, and decide for yourself.

Still from Kon-Tiki movie

From a documentary about Kon-Tiki (Wikimedia) – not sure if it is the new movie.

This post will be filed under Life – a collection that recently struck me as much too serious and solemn.

In any case – if that happened again, I would just like everybody to know that I have never been happier; and I am weighing my words carefully.

Diffusion of iTechnology in Corporations (or: Certificates for iPhones)

[Jump to technical stuff]

Some clichés are true. One I found confirmed often is about how technologies are adopted within organizations: One manager meets another manager at a conference / business meeting / CIO event. Manager X show off the latest gadget and/or brags about presents a case-study of successful implementation of Y.

Another manager becomes jealous inspired, and after returning home he immediately calls upon his poor subordinates and have them implement Y – absolutely, positively, ASAP.

I suspect that this is the preferred diffusion mechanism for implementing SAP at any kind of organization or for the outsourcing hype (probably also the insourcing-again movement that followed it).

And I definitely know this works that way for iSomething such as iPhones and iPads. Even if iSomething might be not the officially supported standard. But no matter how standardized IT and processes are – there is always something like VIP support. I do remember vividly how I was one told that we (the IT guys) should not be so overly obliging when helping users –  unless I (the top manager) needs something.

So trying to help those managers is the root cause for having to solve a nice puzzle: iThings need to have access to the network and thus often need digital certificates. Don’t tell me that certificates might not be the perfect solution – I know that. But working in some sort of corporate setting you are often not in the position to bring up these deep philosophical questions again and again, so let’s focus on solving the puzzle:

[Technical stuff – I am trying a new format to serve different audiences here]

Certificates for Apple iPhone 802.1x / EAP-TLS WLAN Logon

The following is an environment you would encounter rather frequently: Computer and user accounts are managed in Microsoft Active Directory – providing both Kerberos authentication infrastructure and LDAP directory. Access to Wireless LAN is handled by RADIUS authentication using Windows Network Protection Server, and client certificates are mandatory as per RADIUS policies.

You could require 802.1x to be done by either user accounts and/or machine accounts (though it is a common misunderstanding that in this way you can enforce a logon by 1) the computer account and then 2) the user account at the same machine.) I am now assuming that computers (only) are authenticated. This the iDevice needs to present itself as a computer to the logon servers.

Certificates contain lots of fields and standards either don’t enforce clearly what should go into those fields and/or applications interpret standards in weird ways. Thus the pragmatic approach is to tinker and test.

This is the certificate design that works for iPhones according to my experience:

  • We need a ‘shadow account’ in Active Directory whose properties will match fields in the certificates. Two LDAP attributes needto be set
    1. dnsHostName: machine.domain.com
      This is going to be mapped onto the DNS name in the Subject Alternative Name of the certificate.
    2. servicePrincipalNames: HOST/machine.domain.com
      This makes the shadow account a happy member of the Kerberos realm.

    According to my tests, the creation of an additional name mapping – as recommended here – is not required. We are using Active Directory default mapping here – DNS machine names work just as user’s UPNs (User Principal Name – the logon name in user@dmain syntax. See e.g. Figure 21 – Certificate Processing Logic – in this white paper for details.)

  • Extensions and fields in the certificate
    1. Subject Alternative Name: machine.domain.com (mapped to the DNS name dnsHostName in AD)
    2. Subject CN: host/machine.domain.com. This is different from Windows computers – as far as I understood what’s going on from RADIUS logging the Apple 802.1x client sends the string just as it appears in the CN. Windows clients would add the prefix host/ automatically.
    3. If this is a Windows Enterprise PKI: Copy the default template Workstation Authentication, and configure the Subject Name as to be submitted with the Request. The CA needs to accept custom SANs via enabling the  EDITF_ATTRIBUTESUBJECTALTNAME2 flag. Keys need to be configured as exportable to carry them over to the iDevice.
  • Create the key, request and certificate on a dedicated enrollment machine. Note that this should be done in the context of the user rather than the local machine. Certificates/key could be transported to another machines as PKCS#12 (PFX files).
  • Import the key and certificate to the iPhone using the iPhone Configuration Manager – this tools allows for exporting directly from the current user’s store. So if the user does not enroll for those certificates himself (which makes sense as the enrollment procedure is somewhat special, given the custom names), the PFX files would be first imported to the user’s store and then exported from there to the iPhone.

The point I like to stress in relation to certificates is that logon against AD is based on matching strings – containing the DNS names – not on a binary comparison of a file presented by the client versus a certificate file in the directory.

I have encountered that misconception often as there is an attribute in AD – userCertificate – that is actually designed for holding users’ (or machines’) certificates. But this is more of a Alice-tries-to-get-Bob’s-public-key-phonebook-style attribute, and it is not intended to be used for authentication but rather for encryption – Outlook is searching for S/MIME e-mail recipients’ public keys there. Disclaimer: I cannot vouch for any custom application that may exist.

Authentication is secure nonetheless as the issuing CA’s certificate needs to be present in a special LDAP object, the so-called NTAuth object in Active Directory’s Configuration Container, and per default it can only be edited by Enterprise Admins – the ‘root admins’ of AD. In addition you have to configure the CA for accepting arbitrary SANs in requests.

IPhone Fashion Valley

Happy iPhone users with their iPhones, when the product was released in 2007. I have never owned any iThing so I need to borrow an image from Wikimedia (user 1DmkIIN).

What Entrepreneurs Need to Have

Chances are that many readers had to do one of those things as corporate employees or as members of any large organization that asks management consultants for help: brainstorm on a vision, formulate a mission statement, create a business plan. As an aspiring start-up business owner  you cannot escape trainers who tell you need a have a logo designed by professionals, hire MBAs as CFOs, hire more professionals to dream up a great marketing strategy, and execute That Great Plan based on Your Sincere Belief in That Great Singular Idea.

This does not resonate with my experiences as an entrepreneur though. You might expect correctly that I would rather go for antifragile ‘dilettante’ tinkering – and all those buzz words make me remember that eerie documentary of brave new corporate world.

It is refreshing to find confirmation by a very successful founder of start-ups. I have linked Frank Levinson’s Top 10 Things You Must Have to Start a Business so often – it deserves a dedicated post. As usual I cannot resist pointing out some resemblance with Nassim Taleb‘s ideas.

Note to readers who might miss the physics in this post: Frank Levinson is a physics PhD and self-educated programmer. He has given an extensive interview about his career to the Center for History of Physics of the American Institute of Physics – the transcript can be found here. I was most impressed by his ability to deal with failure – he founded his successful venture Finisar after he had been fired as a CEO of a company he had founded himself. Levinson called it Finisar as he hadn’t finished anything before.

You Need Comfortable, Cheap Furniture – It doesn’t matter how you look but what you do.

This is in contrast to all that advice about branding and (online) reputation. Customers should not be jealous of your Porsche company car or suspect that those high rates they are charged for go into hiring designers that tweak your corporate identity every month.

Remember the coconuts!

The German title of Monty Python and the Holy Grail is: Knights of the Coconut. Horses were replaced by coconuts for budget reasons and this joke has gone viral. Monthy Python were creative and innovative because of constraints and necessities.

Levinson believes that therefore entrepreneurs need not enough money. In addition, the best money you can use is customer’s money – found the company on an existing revenue stream – or literally use your own money.

After all, it is about what Nassim Taleb would call Skin in the Game.

Pride of a Fat Baby and 1000 Ideas

Which pride does a fat baby have? Exactly: None.  In contrast to Focus on Your Core Business and Go for that Great Idea (probably accompanied by Follow Your Passion) Levinson advocates accepting project requests appearing as tangential to your aspired core business. His company did contract engineering for some years, then delivered bad products we considered good ones and finally manufactured really good products.

This is Taleb’s Optionality. Those seemingly odd projects allow for interaction with real customers, collection of feedback from the real world. Levinson also advises to love your tough customers – those who complain about the product – because they are really interested.

Non-core-business projects might give you new ideas and turn change your so-called business plan based. Actually, you should be generous with ideas and give away 1000s of ideas (for money), e.g. in contract engineering, rather than believing you have stumbled upon that singular idea – knowing exactly what the world really needs, based on your impeccable market studies.

“Common Sense”: You Need Customers

Sounds trivial, but isn’t. Frank Levinson’s key message is that customers are people who place an order and pay for services or product received. Customers are not: People who like your idea, would love to get free samples, and do co-development.

It is so simply but yet it cannot be overstated when you read it ten times a day in articles tweeted how important it is to grow your network, exchange ideas, find partners.

It resonates with my experience: The most enjoyable business relationships start with a client really in need what I offer – I do it – the client is happy and pays in due time. Actually it always was those business relationship that naturally morph into friendships. But the alleged friendships with people who want to discuss market potential over a coffee hardly ever turn into business.

Sure, customers need to know you exist. But as Levinson I feel that advice for start-ups over-emphasizes the importance of marketing to the point of replacing the requirement of having a very product with sophisticated marketing! Professional marketing, business plans, Vice Presidents (suits) should materialize very late in the company’s growth process – before an IPO, thus probably never if you decide to remain a small privately owned business.

Social media can help to connect with potential clients – your mileage may vary depending on the very nature of your business. Yet I believe Levinson is still right in being wary about the significance of a website as engineers are shy and hope to replace face-to-face customer contact by virtual online communications.

But watch the video yourself – 19 minutes well spent:

 

Fragile Technology? (Confessions of a Luddite Disguised as Tech Enthusiast)

I warn you – I am in the mood for random long-winded philosophical ramblings.

As announced I have graduated recently again, denying cap-and-gown costume as I detest artificial Astroturf traditions such as re-importing academic rituals from the USA to Europe. A Subversive El(k)ement fond of uniforms would not be worth the name.

However, other than that I realize that I have probably turned into a technophobe luddite with a penchant for ancestral traditions.

Long-term followers might know what I am heading at again as I could only have borrowed a word as ancestral from Nassim N. Taleb. I have re-read Taleb’s The Black Swan and Antifragile. The most inspirational books are those that provide you with words and a framework to re-phrase what you already know:

Authors theorize about some ancestry of my ideas, as if people read books then developed ideas, not wondering whether perhaps it is the other way around; people look for books that support their mental program. –Nassim N. Taleb, Antifragile, Kindle Locations 3405-3406.

I have covered Antifragile at length in an earlier article. In a nutshell, antifragility is the opposite of fragility. This definition goes beyond robustness – it is about systems gaining from volatility and disorder. I will not be able to do this book justice in a blog post, not even a long one. Taleb’s speciality is tying his subject matter expertise (in many fields) to personal anecdotes and convictions (in many fields) – which is why some readers adore his books and others call them unscientific.

I am in the former camp as hardly any other author takes consistency of personal biography and professional occupation and writing that far. I was most intrigued by the notion Skin in the Game which is about being held accountable 100%, about practicing what you preach.

I eat my own cooking. I have only written, in every line I have composed in my professional life, about things I have done, and the risks I have recommended that others take or avoid were risks I have been taking or avoiding myself. I will be the first to be hurt if I am wrong. –Nassim N. Taleb, Antifragile, Kindle Locations 631-633

Taleb has the deepest respect for small business owners and artisans – and so do I. He is less kind to university professors, particularly those specialized in economics and employed managers, particularly those of banks.

Some of Taleb’s ideas appear simple (to comprehend, not necessarily to put into practice), often of the What my grandmother told me variety – which he does not deny. But he can make a nerd like me wonder if some things are probably – simply that simple. In case you are not convinced he also publishes scientific papers loaded with math jargon. Taleb mischievously mentions that his ideas called too trivial and obvious have been taken seriously after he translated them into formal jargon.

I don’t read his books as a detached scientist – it is more like talking to somebody, comparing biographies and ideas, and suddenly feeling vindicated.

A mundane example: At times I had given those woman-in-tech-as-a-role-model interviews – despite some reluctance. One time my hesitation was justified. Talking about my ‘bio’ I pointed that I am proud of having thrived for some years as an entrepreneur in a narrow niche in IT. In the written version the interviewers rather put emphasis on the fact I had been employed by a well-known company years before. Fortunately I was given a chance to review and correct it.

Asking for their rationale they made it worse: I have been told that it is an honor to be employed by such a big brand name company. Along similar lines I found it rather disturbing that admirers of my academic track record told me (in retrospect of course, when I was back on a more prestigious track) that working as a consultant for small businesses was just not appropriate.

What is admirable about being the ant in the big anthill?

I had considered my own life and career an attempt – or many attempts – to reconcile, unite or combine things opposite. Often in a serial fashion. In my pre-Taleb reading era I used to quote Randy Komisar’s Portfolio of Passions or Frank Levinson’s 1000 ideas you need to have (and discard again) as a business ower.

Taleb introduced optionality to my vocabulary, borrowed from trader’s jargon: An option is the right but not the obligation to engage in a transaction. Thus you should avoid personal and career decisions that puts you on a track of diminishing options. This is exactly what I felt about staying in academia too long – becoming a perpetual post-doc, finally too old and too specialized for anything else.

Nassim Taleb does not respect nerdiness and smartness as we define it the academic way.

If you “have optionality,” you don’t have much need for what is commonly called intelligence, knowledge, insight, skills, and these complicated things that take place in our brain cells. For you don’t have to be right that often. –Nassim N. Taleb, Antifragile, Kindle Locations 3097-3099.

He suggests just passing exams with minimum score. I, nerd of stellar grades and academic fame, declare defeat – I have already repented here. But let me add a minor remark from cultural perspective: I feel that academic smartness is more revered in North America than it is in middle Europe although America values hands-on, non-academic risk taking more, as Taleb points out correctly. I had been surrounded by physicists with an engineering mindset – theoretical physics was for the socially awkward nerds and not a domain you become a rockstar in.

It would not de me good to brag about any sort of academic achievement in my ancestral country – it rather puts you under pressure to prove that you are a genuine human being and still capable of managing daily life’s challenges, such as exchanging a light bulb, despite your absent-minded professor’s attitude. Probably it can be related to our strong tradition of non-academic, secondary education – something Taleb appreciates in the praise of Switzerland’s antifragility.

I have been torn between two different kinds of aspirations ever since: I was that bookish child cut out for academia or any sort of profession concerned with analyzing, writing, staying at the sideline, fence-sitting and commenting. But every time I revisited my career decisions I went for the more tangible, more applied, more involved in getting your hands dirty – and the more mundane. Taleb’s writings vindicate my propensity.

I had always felt at home in communities of self-educated tinkerers – both in IT and in renewable energy. I firmly believe that any skill of value in daily professional life is self-taught anyway, no matter how much courses in subjects as project management you have been forced to take.

For I am a pure autodidact, in spite of acquiring degrees. –Nassim N. Taleb, Antifragile, Kindle Locations 4132-4133.

Blame it on my illiteracy but Taleb is the first author who merges (for me) deep philosophical insights with practical and so-to-say ‘capitalist’ advice – perfectly reflecting my own experiences:

My experience is that money and transactions purify relations; ideas and abstract matters like “recognition” and “credit” warp them, creating an atmosphere of perpetual rivalry. I grew to find people greedy for credentials nauseating, repulsive, and untrustworthy. –Nassim N. Taleb, Antifragile, Kindle Locations 678-680

I’d rather work some not-too-glorious jobs based on a simple feedback loop, that is: People do want something badly – I do it – they pay me, and I’d rather not (anymore): write applications for research grants in order to convince a committee or execute the corporate plan to meet the numbers.

Taleb provided very interesting historical evidence that so-called innovation has actually been triggered by now forgotten self-educated tinkerers rather than by science applying Soviet-Havard-style planning. You might object to those theories, probably arguing that we never had a man on the moon or the Dreamliner airplane without Soviet-Havard-style research, let alone LHC and the discovery of the Higgs boson. I might object to this objection by hypothesizing that the latter probably does not result in products we desperately really need (which includes big airplanes and business travel).

But I do know the counter-arguments – Einstein and the GPS, Faraday and allegedly useless electromagnetic waves that once will be taxed, WWW and CERN – and I don’t hold very strong opinions on this.

Because of the confirmation problem, one can argue that we know very little about our natural world; we advertise the read books and forget about the unread ones. Physics has been successful, but it is a narrow field of hard science in which we have been successful, and people tend to generalize that success to all science. It would be preferable if we were better at understanding cancer or the (highly nonlinear) weather than the origin of the universe. –Nassim N. Taleb, The Black Swan, Kindle Locations 3797-380

I absolutely do love theoretical physics – when other people listen to meditation music, do yoga, go to church, take walks in the sunset, wax poetic, read Goethe, are bamboozled by renaissance art: I read text books on quantum field theory. There is joy in knowledge for the sake of knowledge. So academics should be paid by the public for providing the raw material.

But I know that Taleb’s analysis is true when applied to some research I have some personal familiarity with. Austria has been a pioneer in solar thermal energy – many home owners have installed glazed solar collectors on their roofs. The origin of that success is tinkering by hobbyists – and solar collectors are still subject to DIY tinkering. Today academics do research in solar thermal energy, building upon those former hobbyist movements. And I know from personal experience and training that academics in applied sciences are really good at dressing up their tinkering as science.

Nassim Taleb also believes that organized education and organized science follows wealth, not the other way round. Classical education in the sense of true erudition is something you acquire because you want to become a better human being. Sending your kids to school in order to boost GDP is a rather modern, post WW II, approach.

Thus I believe in the value of fundamental research in science in the same way as I still believe in the value of a well-rounded education and reading the ancients, as Nassim Taleb does. But it took me several attempts to read Taleb’s book and to write this post to realize that I am skeptical about the sort of tangible value of some aspects of science and technology as they relate to my life here and now.

I enjoyed Taleb’s ramblings on interventionism in modern medicine – one of the chapters in Antifragile that probably polarizes the most. Taleb considers anything living and natural superior to anything artificial and planned by Soviet-Harvard-style research – something better not be tinkered with unless odds are extremely high for positive results. Surgery in life-threatening situations is legitimate, cholesterol and blood pressure reducing medication is not. Ancestral and religious traditions may get it right even if their rationales are wrong: Fasting for example may provide the right stimuli for the human body that is not designed for an over-managed regular, life-hacker’s, over-optimizer’s life-style along the lines of those five balanced daily meals your smartphone app reminds you of. As a disclaimer I have to add: Just as Taleb I am not at all into alternative medicine.

Again, I don’t have very strong opinions about medical treatments and the resolution to the conflict might be as simple as: Probably we don’t get the upsides of life-saving surgery without the downsides of greedy pharmaceuticals selling nice-to-have drugs that are probably even harmful in the long run.

But – again – I find Taleb’s ideas convincing if I try to carry them over to other fields in history of science and technology I have the faintest clue of. Software vendors keep preaching to us – and I was in that camp for some time, admittedly – that software makes us more productive. As a mere user of software forced upon me, by legal requirements, I have often wondered if ancient accountants had been less productive in literally keeping books.

I found anecdotal evidence last year that users of old tools and software are still just as productive – having become skilled in their use, even if they do accounting on clay tablets. This article demonstrates that hopelessly outdated computer hardware and software is still in use today. I haven’t been baffled by ancient computers in military and research but I have been delighted to read this:

Punch-Card Accounting
Sparkler Filters of Conroe, Texas, prides itself on being a leader in the world of chemical process filtration. If you buy an automatic nutsche filter from them, though, they’ll enter your transaction on a “computer” that dates from 1948. Sparkler’s IBM 402 is not a traditional computer, but an automated electromechanical tabulator that can be programmed (or more accurately, wired) to print out certain results based on values encoded into stacks of 80-column Hollerith-type punched cards.
Companies traditionally used the 402 for accounting, since the machine could take a long list of numbers, add them up, and print a detailed written report. In a sense, you could consider it a 3000-pound spreadsheet machine.

I guess the operators of this computer are smiling today, when reading about the NSA spying on us and Russian governmental authorities buying typewriters again.

IBM 403 accounting machine

The machine in the foreground is an IBM 403 accounting machine where the input are punched cards; the machine in the center is an IBM 514 Reproducing Punch apparently connected to the foreground 403 as a summary punch, and the one in the background is another 403 or 402 accounting machine. (Wikimedia, Flickr user ArnoldReinhold)

I don’t advocate reverting to ancient technology – but I don’t take progress and improvements for granted either. Nicholas Carr, author of The Shallows: What the Internet is Doing to Our Brains plans to release his new book in 2014, titled The Glass Cage: Automation and Us. In his related essay in The Atlantic Carr argues:

It reveals that automation, for all its benefits, can take a toll on the performance and talents of those who rely on it. The implications go well beyond safety. Because automation alters how we act, how we learn, and what we know, it has an ethical dimension. The choices we make, or fail to make, about which tasks we hand off to machines shape our lives and the place we make for ourselves in the world. That has always been true, but in recent years, as the locus of labor-saving technology has shifted from machinery to software, automation has become ever more pervasive, even as its workings have become more hidden from us. Seeking convenience, speed, and efficiency, we rush to off-load work to computers without reflecting on what we might be sacrificing as a result.

Probably productivity enhancements kick in exactly when the impacts outlined by Carr take effect. But I would even doubt the time-saving effects and positive impacts on productivity in many domains where they are marketed so aggressively today.

Show me a single company whose sales people or other road warriors do not complain about having to submit reports and enter the numbers to that infamous productivity tool. As a small business owner I do complain about ever increasing reporting and forecasting duties inflicted upon me by governmental agencies, enterprise customers, or big suppliers – a main driver for me to ‘go small’ in any aspect of my business, by the way. Of course software would ease our bureaucratic pains if the requirements would be the same as when double-entry accounting has been invented by Pacioli in the 15th century. But the more technology John Doe is expected to use today, the more ideas CEOs and bureaucrats dream up – about data they need because John Doe ought to deliver them anyway in an effortless way.

Reading all the articles about the NSA makes me wonder if additions of painful tedious work due to the technology we ought to use is something marginal only I rant about. I had said it often in pre-public-NSA-paranoia times: I would love to see that seamless governmental spying at work to free me from that hassle. I had been confronted with interfaces and protocols not working and things too secure in the sense of people locking themselves out of the system.

So in summary I feel like an anti-technology consultant often, indulging in supporting people with working productively despite technology. Since this seems quite a negative approach I enjoy making wild speculative connections and mis-use interdisciplinary writings such as Taleb’s to make my questionable points.