Category Archives: Security

Energy, History, Security

LSE Report on Cycling Benefits

Leave a comment

As I mentioned a few months ago, I attended the London School of Economics in the early 1990s and commuted every day by bicycle from outside of Greenwich to the Strand, about 10 miles each way.

No matter rain or shine, light or dark, I was pushing the pedals like a Victorian only 100 years late to the party. It was great fun although I was almost always the only cyclist on the road. In fact, come to think of it, I never saw another cyclist on the road back then, not even as I flew along with traffic above the banks of the Thames.

Crossing Tower Bridge in the rain at night on smooth metal grates in-between thundering lorries and at their speed is just one of the risks I learned to manage with skill and experience.

However, after six months I had to cut back and eventually stop riding due to the effects of harsh pollution on my lungs. The unregulated diesel fumes and particulates caused permanent damage and created the feeling of almost constant illness — a risk for which I tried but was unable to find any workaround. My GP literally told me to stop riding so far and so often because the London air was poisonous.

It is therefore amusing to me to read the brand new LSE report on the benefits of cycling that claims it can reduce illness.

Dr Alexander Grous of LSE’s Department of Management calculated a “Gross Cycling Product” by taking into account factors such as bicycle manufacturing, cycle and accessory retail and cycle related employment
[…]

  • Cycling to work is associated with less all-cause sickness absence. Mean absenteeism in cyclists is significantly lower than in non-cyclists with a significant relationship between frequent cycling and absenteeism, with regular cyclists taking 7.4 sick days per annum, compared to 8.7 sick days for non-cyclists
  • Frequent cyclists save the economy £128 million in absenteeism per year, projected to save a further £1.6 billion in absenteeism over the next 10 years
  • Compared with the rest of Europe, the UK has the highest number of sick days taken each year, with 225 million days estimated to have been taken in 2010 at a cost of £17 billion. This equates to around £600 per employee per annum, and an average of 7.7 days per person

I get the impression the report writers are not long-term cyclists as they leave out numerous other benefits. They definitely don’t read this blog. Even worse than the omission of the effects of pollution on cyclists is the omission of cycling benefits as a zero-emission transportation option. They also omit the benefits of social networking, as I’ve written about before in regard to an English propaganda movie. And the report omits the resilience of cyclists to natural disasters, as documented after the Japanese Tsunami; bicycles work without fuel supplies, fair roads, electric grids…they are the most effective form of transportation for national security and resilience to infrastructure failure.

It’s great to see cycling catch on in England but perhaps the greatest point of all is that England was full of cyclists after WWII for the reasons I mention above. Their decision to follow the US model of the automobile was a huge mistake if you run the numbers.

Thus, I find the LSE report a great start but embarrassingly weak analysis. Can they really directly attribute better health to cycling or is it just a correlation related to an overall lifestyle or even culture (e.g people who buy bikes already are healthy)? I would have added a long list of direct health and security benefits to the LSE report from cycling (e.g. zero emissions) to the gross product as well as call out the massive losses and costs since the decline of the last English cycling boom in the 1940s. Finally, I might even have tried to explain why cycling fell out of style.

Security

The Green Silence by Brooks

Leave a comment

So many people comment on my shoes I thought I might as well put the information here for reference. TSA staff all seem to stare at my feet when I pass through a checkpoint, for example. Just the other day a TSA worker came over to me personally during a pat-down to compliment me. I guess if you work for the TSA you know shoes but they were really interested in my Brooks The Green Silence in Deep Royal/Brilliant Blue.

Although I study and practice social engineering every day these shoes have far exceeded any expectation I could have had. They have become one of my favorite tools to passively initiate conversations and mine for information. This photo shows how the left/right shoe colors are opposed to each other, which has really grown on me. I look forward to seeing more people with opposed colors on their feet.

I originally bought them because of their minimalist yet highly-efficient design for running (ultra-light, foot-wrap) and even more importantly the BioMoGo material.

We’ve added a non-toxic, natural additive to the MoGo compound that encourages anaerobic microbes to munch away once it hits an active enclosed landfill. Traditional Ethylene Vinyl Acetate™ (EVA) midsoles can last up to 1,000 years in a landfill. BioMoGo’s microbial munch rate is 50 times faster, biodegrading nutrients into reusable byproducts. Over the course of, say, 20 to 25 years or so, Brooks alone can save 29.9 million pounds of landfill waste. For you pigskin fans out there, that equals 1,277 football fields covered one shoe deep!

It sounds great yet my first pair (Black/Kelly Green) wore out in just 300 miles, which I am told by Brooks is to be expected. That is the only frustrating point for me since I doubt we can see 30 million pounds of waste saved if we our shoes wear four times faster. On the flip side the wear showed me a lot about how I was running and what to improve. Brooks has an answer for this too.

The best solution for all would be to keep waste from being generated and thus reducing the need for landfills. But with the current state of technology and the lack of existing alternatives for durable performance materials from rapidly renewable resources, Brooks feels improving the end-of-life outcome for its highly durable midsoles is currently the best available option.

Brooks specifically makes a point of educating people to reuse their shoes (see The Green Room) and supports organizations like Soles4Souls by donating shoes that can be reused by needy populations. But even after nine lives, shoes eventually will be thrown away—usually ending up in a landfill—and we are working to create a positive outcome for this that doesn’t currently exist.

Even better, Brooks provides a clear answer on how their “biodegradable” material has been tested to be compliant with recognized standards

…ingredients of BioMoGo have been tested at certified independent labs per the following protocols:

Anaerobic Biodegradation. ASTM D5210 – Standard Method for Determining the Anaerobic Biodegradation of Plastic Materials. University of New Mexico Department of Microbiology…

They have become for me the ultimate shoe to better study security and compliance.

History, Security

The Cloud Race

Leave a comment

I have been trying to spread a specific story-line about cloud since I cooked it up for my BSidesLV presentation “2011: A Cloud Odyssey”.

Now each time I present at another conference several people come up and ask me for a copy of Cloud Odyssey and more insight into what I see as the core security issues for cloud.

So, soon I will post the 12M PDF of the 165 slide epic. It lacks all the animation and such, but perhaps it will still be handy as a reference to those who attended.

And here is my abridged take on the amazing opportunity that lies before us. My father’s generation of engineers focused on the Space Race — to put an astronaut on the moon. Overcoming the risk of space travel became a national obsession.

The cloud industry for my generation has brought to my mind several parallels to the space race. We stand at the edge of developing new and better ways to safely launch workloads into a high-risk environment. This is really just the beginning of the hyper environment. Those with lesser value assets at risk may have been able to launch first, just like sputnik had no pilot. The real test is to put our highest-value assets in a container that enables not only survival in cloud but also supports advanced procedures.

Kubrick’s movies pointed to serious downsides to centralized trust and automation. We are unlikely to prove this wrong. In fact, as I pointed out at BSidesLV, I did not pay Richard Bejtlich any money or prompt him to tweet like he was United States Air Force Brigadier General Jack D. Ripper during my Dr. Stuxlove presentation at BSidesSF. I could not have planned a better reaction. He fell into that all on his own and probably never realized the amazing irony.

My next several presentations (RSA Europe, RSA Beijing, ISACA SF) will draw on the space race parallel story in more detail. I will explain how to best reduce risk before you launch into the cloud and/or how to avoid the HAL effect once you are there.

Security

Gamers crack AIDS puzzle

Leave a comment

The news is about some amazing efficiency in solving problems found by using a “protein folding game” called Foldit.

Researchers have for over a decade been unable to solve the structure despite using many different methods. Even recently, the protein-folding distributed computer program Rosetta@home that uses thousands of home computers’ idle time to compute protein structures, was not able to give an answer. The Foldit players using human intuition and three-dimensional pattern-matching skills, however, were able to solve the problem within days.

The scientific article published by Nature Structure & Molecular Biology (“Crystal structure of a monomeric retroviral protease solved by protein folding game players”) concludes with some amusing analysis by the scientists.

The critical role of Foldit players in the solution of the M-PMV PR structure shows the power of online games to channel human intuition and three-dimensional pattern-matching skills to solve challenging scientific problems. Although much attention has recently been given to the potential of crowdsourcing and game playing, this is the first instance that we are aware of in which online gamers solved a longstanding scientific problem. These results indicate the potential for integrating video games into the real-world scientific process: the ingenuity of game players is a formidable force that, if properly directed, can be used to solve a wide range of scientific problems.

This reminds me of both my high school chemistry and physics teachers who would always start lab work by saying something like “now, let’s make this fun”. So the first question I get from this story is why it has taken the scientific community so long to recognize the power of channeling human intuition through an interface that doesn’t suck.

I have my theories, of course. When I worked on systems used for digital imaging and communications in medicine (DICOM), and more specifically on radiology technology, I found an odd dilemma in the medical field — the most advanced interfaces were the least desired by highly-trained practitioners.

Medical researchers had me deploying new Irix workstations with high-end graphic processors to develop 3D fly-through capabilities of the human body. After a CT or an MRI scanner was done taking images in “slices” of the body these Unix systems would put all the images back together again into a virtual human. The researchers expected doctors to jump at the chance to use 3D.

To the untrained eye, let alone a gamer, the ability to fly through a patient’s body looked like a fantastic advance in medicine. However, when surgeons and radiologists sat down to look at the big screens (20 inches was big back then) they were unimpressed.

I’ll never forget one late evening when a surgeon rushed in for a pre-op debriefing. I was called in for support, and I stood behind him as he scrolled around the 3D body. Then he said “I can’t use this nonsense”, stood up, and walked over to a wall of old fluorescent-lit white boxes covered in greyscale film images of the brain. He scanned the wall, made some “mmm hmmm” sounds and left.

I stared at the wall of “slices” of the brain. There were literally hundreds of pictures that the surgeon had to put back together in his mind. It seemed like an impressive skill but it also made me wonder why the ability to put a 2D world into 3D would prevent the ability to see in 3D.

That’s a long way of getting to the point that the history of doing things a particular way in medicine creates ruts of reliability. It takes a long time, perhaps even years, for the industry to assess, approve and then adopt technology that a gamer might take less than 24 hours to try and like.

Anyway, this story reads to me like the scientific community has finally found a way to do what others have been doing for years — leveraging gamers to solve problems. And who better to solve 3D problems than people who are highly trained in 3D visualization? That being said I also noticed a slight dig against gamers in the phrase “ingenuity of game players is a formidable force that, if properly directed”.

Are we to believe that gamers are not a formidable force if undirected, or that their own direction is not as formidable as one led by scientists? Seems to me the scientists are the ones who were in need of direction.