Welcome to queirozf.com

Recent Posts


Software developers program to a machine, but we must be reminded that the actual end-users for systems we build are always humans.

With that in mind, and taking into account what we know about how humans interact with Computer Applications, we can derive a few ways in which we can enhance our applications using insights from neuroscience and psychology.

Cognitive Load

Broadly speaking, the term cognitive load refers to the amount of information you can keep in your head (short-term memory, actually) at the same time.

One of the things that demand more of our attention when working with information systems, for instance, would be dealing with irreversible actions.

Deleting or otherwise making permanent changes to data requires that users think very carefully over all possible outcomes such actions could lead to.

Irreversible actions put a strain on users' minds. All possible scenarios have to be considered before action is taken.

Cognitive load can also contribute to stress in the workplace. It also affects the impression users will have of your systems. Systems which don't overburden users' cognitive load (with irreversible actions and otherwise requiring them to have large amounts of data in their minds (as opposed to in the screen)) will seem easier and more pleasant to work with.

An example of How 2-step Removals can Lessen your Users' Cognitive Load

A simple way you can help users feel more at ease when using an information system you have designed (and help reduce errors as well) is to implement some form of 2-step removal of domain objects.

Deferring actual removal until the day after (like a rubbish bin) can help reduce users' tension and cognitive load.

Most information systems deal with objects - in fact, the core of information systems is actually concerned with managing these objects (creating, reading, updating and deleting them - the old CRUD acronym). So you can bet that a significant percentage of your users' time will be spent on destructive actions (not necessarily destroying objects, but changing system state, such as updating, creating and deleting).

A significant percentage of the actions carried out by users in software systems will cause some sort of state change.

If you have a simple safeguard in place to "let objects sit in the rubbish bin until they are actually removed" for instance, it could help users interact with your system in a more relaxed manner; they don't have to think very hard before deleting an object, because changes won't be actually put into effect until a day after - plenty of time to change one's mind should there be any need.

Implementation

As to the actual implementation of such safeguards, one relatively simple way to do it is to use database flags (could be a BOOLEAN or INT column on the table that represents that record) where your objects are actually persisted.

Rather than actually removing a record from the database when a user clicks Delete, just set this flag to true to signal that this item is marked for deletion.

In addition to that, you need a script that runs regularly (maybe at the end of each day) and searches the database for records which have been marked for deletion - only then are such records actually deleted.


References


These are some of the relevant factors that have contributed to the rise of new concepts like Internet of Things (IOT for short) and Big Data - terms that have since left the realm of academia and entered the mainstream.

IPv4 to IPv6 Transition

We are right in the middle of a large transition from old-fashioned IPv4 to IPv6, but what does it mean for us? In comparison with IPv4, IPv6 supports 10²⁸ as many endpoints!

This means that it will be possible for every single device (no matter if we're talking about thousands of heat sensors in a forest) to be connected to a network interface - being able to send and receive data from potentially any other Internet-ready device in the world. Any tiny piece of hardware could, theoretically, be uniquely identifiable via an IP.

IPv6 supports 10²⁸ more addresses than IPv4

Explosion of Devices and Data

In addition to the wider amount of addresses available through IPv6, the cost of hardware has gone down over the last few years, while newer and faster CPUs and hard disks have been developed.

This has contributed to what is being called the commoditization of processing power and storage space.

Last year (2013), there were over 10 billion connected devices, and this number will climb as high as 50 billion by 2020, according to an estimate by networking equipment maker Cisco. source

hockey stick effect

                            The hockey stick effect

Key areas

  • GI Systems

    GIS, short for Georaphical Information Systems is the umbrella term for systems whose objective is to store large quantities of coordinates and/or some extra information related to them.

    With the increase in the number of mobile and handheld devices, as well as the aforementioned explosion in the number of overall (including static) devices, it has become ever more convenient to store event locations and/or user actions as defined points in time and space in GISs.

  • Sensors

    Sensors are becoming economically viable for many industry sectors such as manufacturing, agriculture, energy generation and so on.

Each sensor typically emits data at a predefined rate or when some threshold conditions are met. This means lots of data gets sent to a database and needs to be acted upon, sometimes even in real time.

  • Social Media

    User-generated content is rising to heights never before seen, now that large populations (which until very recently didn't have access to the Internet) are becoming regular Internet users all around the world.

    It is hard to evaluate if social media has been more of a consequence of this phenomenon than one of the causes thereof, but social networks are among the organizations where most data is being kept nowadays - many popular open source tools for big data manipulation originated in places like Facebook, Google and Yahoo.

  • Logs

    Disk space has become so cheap that most devices and applications are configured to log everything that can be logged in the off chance it might some day, somehow, be useful for someone.


References


The sheer scale of the data required for and new developments in monitoring IT infrastructures with traditional SIEM (Security Information and Event Management) solutions has been prompting changes for all but the most naive of these systems, and most of these changes involve dealing with and analysing large data sets, hence the connection with the whole Big Data movement.

Big Data is changing the landscape for SIEM providers; in most cases it's not just a difference of scale - just throwing bigger and faster hardware just won't do.

Some of the issues that arise in the day-to-day operation of such systems are as follows:

Long Time Horizons

Data (in the form of logs, mostly) needs to be stored for increasingly long periods of time because sometimes the context is what separates a real threat from false positives.

One small incident is perhaps not relevant if it happens only once but the same issue happening every day for six months might be indicative of something lurking around the corner.

This means that an effective SIEM system needs to have elements to detect and act upon these APTs (Advanced Persistent Threats).

Inadequate Technologies

Most SIEM solutions are based on a traditional, relational Database Management System, which are not meant for this type of large, unstructured and relatively static data.

Inconsistent Data Formats

The sheer variety of log types and formats presents, in and of itself, a challenge for traditional SIEMs which are generally based upon database systems which really need some sort of regularity to the data. Companies are trying to move away from having to define each new log format in terms the underlying persisting layer can understand.

Store Once, Read Multiple Times

Logs and other types of monitoring information (both real-time and otherwise) aren't meant to be edited or changed in any way. They are mostly timestamped and automatically generated by devices and/or applications.

Many companies therefore find themselves using technologies meant for other types of data, which further contribute to aggravate the problem.

Not Knowing what to Look For

Users don't always know what they must look for when trying to establish a correlation between different events (now and/or in the past); maybe after an incident has taken place they want to carry out a forensic examination.

SIEM solutions must allow for ad hoc reporting and visualization so that end-users can use the system in ways the original designer didn't think about.

Stretching this notion a little bit, we can see many users using their SIEMs as some sort of log search engine which provides unopinionated visualization for the logs, providing tools for users themselves to see correlations and connections between the data sources rather than doing it itself.

Similar Data that Doesn't Look So

Different devices sometimes describe data in specific ways that makes it extra difficult for systems to determine what's similar and what's not.

For example, you might have two firewalls in your network and one logs drops as DROP: <IP> <TIMESTAMP> and the other logs it as DENY <TIMESTAMP> <IP> or something like that. Systems need to be able to infer similarities like these and treat them as a single entities (Firewall Drops) and smooth out small noise like this.


References


In today's tightly regulated and interconnected world, it's very useful to have ways to shield yourself (perhaps even benefit) from the cost of complying with regulations and making sure security incidents are, to the best of your ability, prevented.

Logs and security event information are key areas to leverage if you want to stay ahead of other businesses in your area. The sheer volume of logs and event data collected from all sorts of devices has increased sharply over the years, due mostly to decreased costs in hardware (hard disks and memory, basically).

SIEMs have, for the last years, been the preferred way of keeping track of such information in the workplace, but it's not always easy to justify investing in such products when the benefits are not so tangible.

We (IT Management) are generating as much, if not more, data within our enterprise than our actual business units are.

Here are some of the quantifiable benefits of installing a SIEM solution at your organization.

Regulation Compliance

SIEM solutions may be the most cost-effective ways to comply to regulations and they can protect you from fines and/or lawsuits.

Increasing Efficiency/Slashing Downtime

SIEMs can, in addition to their obvious security value, help you visualize infrastructure bottlenecks and points of concern, due to the way they make information available to you.

This can even impact other business areas that, in one way or another, could make use of data that is shown on SIEMs for security purposes only, such as marketing, development and senior management.

More Effective (Centralized) Log Storage and Visualization

Easier and cheaper to train staff (from different backgrounds - compliance, development, system administration and so on), since they will all be using a single system - a single interface - for log viewing, troubleshooting and forensic analysis.

Adding a Layer Between Viewing Logs and Having Access to the Machines where these Logs are Generated

You could use a SIEM solution to allow people to view (and even analyse) logs while not letting them having root and/or admin access to the underlying infrastructure.

Identifying Hitherto Unknown Usage Patterns

SIEM systems can be used for general data exploration. This is particularly the case when users do not know what they are looking for.

Users do not always know what they are looking for.

If the system provides easy-to-use data visualization and manipulation facilities (charts, graphs and tables), users can find out novel ways to derive value from SIEM solutions - ways the original designers never envisioned.

Generating Reports

With all logged data (from across your whole IT infrastructure) neatly organized and classified (this being one of the main attributes of a good SIEM solution), it is just a matter of creating a simple script to harness that data and produce an executive summary with graphs and explanations to help senior management make clear decisions.


References

BrightTalk Webinar: Using SIEM/Log Management to Achieve Significant ROI (Might require free Registration)


What made America great?

First of all, I would like to say that, while not being American myself (unless you count American as those born in the American continent), I'm deeply admiring of American values and history. More than those of my own country.

I wasn't born in America nor live there but I feel every bit as American as those who do.

I consider countries to be largely arbitrarily defined borders on land thereby not being a separate entity as opposed to just its people, but I will nonetheless use the term America to refer to most of the people who inhabit the land but also those who just see themselves as American and share its values like myself.

I wasn't born in America, don't live in America and don't hold US citizenship, but it is the nation and set of values I somewhat identify with so I see myself every bit as American as someone who happens to have been born there.

I think that America as a set of ideals and values is much more relevant than America the nation-state.

The historical period I'm focusing on right here is basically 19th and 20th century America.

Disclaimer: I know I am referring to stereotypes and groups of people but I do so trying to explain things as we see them today. I know that not all Americans are like this and that not all those who are not American are not like this. People are individuals, not the groups they belong to. I also know that there were other groups that probably also helped, but I am listing those which I think were the most important.

People

America in its infancy was a blend of very hard-working and able people, like Germans, Englishmen and women, Central and Northern Europeans, Jews and also Italians and other Mediterranean Folk. More recently, East Asians and Indians have shown themselves to be very high performing and hard working people too.

The fact that most Americans aren't indigenous but rather came to America from other places is probably a very very strong natural selector, selecting individuals that, living in other oppressing and backward countries, decided to do something about it rather than wait. This is not dissimilar to entrepreneurs who take risks to produce value for themselves and others.

Immigration is highly selective. Those who immigrate to other countries are, by definition, people who, rather than wait for their situation to improve on its own, take their destinies (and their families') into their own hands and do something about it. Immigrants were entrepreneurs way before it was trendy.

Work Ethic

Americans are naturally people who do rather than wait. Perhaps because if you come from an immigrant background like many Americans (early adopters if you will) you are already out of your comfort zone.

This means that most Americans have (or at least had at some point) a deeply ingrained will to achieve through their own efforts is representative of their work ethic.

They rarely expected or felt entitled to having things given to them other than those trade for their work and creative abilities.

Abundance of Land

Having an abundance of land (mostly good for farming and/or mining) could have proved a mixed blessing (picture oil-rich african and south american countries, ripe with corruption and demagogues promising miracle solutions and/or failed ideologies to their people).

Fortunately, in the American case, it seems it hasn't. Although we obviously have no alternative history America to server as a control group, America is obviously as good as, if not more advanced than, most countries on Earth.

An abundance of land has helped America become, in addition to a great industrial power and the home of the world's best universities, one of the world's most productive agricultural economy.

Small Government

Correlation does not imply causation but logic does. While government is useful in times of war and to provide basic infrastructure, history shows us that outsourcing services to government is extremely inefficient and drains a country of its resources fairly quickly.

Aside from moral implications and the risk of tiranny, large governments stifle growth and reduce incentives for entrepreneurs and businessmen and women to experiment and find new ways of providing goods and service more cheaply, efficiently and with higher quality.

Aside from moral implications and the risk of tiranny, large governments stifle growth and reduce incentive.

As the references I've collected (1 and 2) as well as many other sources show, America was had a relatively small government (as measured by percentage of GDP) from 1900 up until very recently (although it is still a little smaller than European-style social democracies).

Prior to 1900 (18th and 19th centuries) you can imagine it was even smaller than this.

No Natural Enemies (other powerful nations as neighbours)

This is somewhat dubious but I tend to think that America's lack of enemies (particularly early on in its history) was overall a positive influence in America's greatness.

Those who argue otherwise hold that powerful enemies can bolster one's industries, motivation and resolve, as shown by the number of inventions people come up with during wars, which is certainly true.

I, however, think that "external threats" (real or otherwise) are too often used by those in charge to justify opression and impopular measures aimed at their people.

Governments around the world use the threat of an external enemy to convince their people into giving up their rights.

It would be extremely hard for politicians in America (back in the day when communication wasn't very developed; nowadays it's a different picture altogether) to justify any kind of opression and pushing of particular agendas with an appeal to "favour security over freedom" owing to supposed external enemies, due to its unique position as the sole power in North America.



reminders 11 Apr 2014 22:24
PHP Error Reporting and Logging Configuration