Episode One Hundred and Ninety Six: Noticings; Insecure; No Jobs But What We Make

by danhon

0.0 Sitrep

Monday 23 February 2015, 8:15pm. I had two wisdom teeth out on Friday morning: general anaesthetic, not even counting back from ten and the next thing I remember is waking up in the same dentist’s chair with a whole bunch of gauze in my mouth before being slowly bundled into a car and collapsing into bed at home. That meant pretty much the entire weekend lost to both getting over the anaesthetic and dealing with the Percocet, plus drinking lots of smoothies.

I did not get my CD with my CT data, so I have no animated gif of my jaw. This is disappointing, and only a little less irritating than having to deal with the consequences of two teeth being extracted from my mouth for the next five weeks or so.

1.0 Noticings

No, not those noticin.gs[1], but instead some things that I’ve noticed lately. Denise Wilton popped up in my timeline with an observation about the way Twitter was letting users know about some of its new features[2] (“Wonder how many ‘no’s you need to give Twitter before it stops asking if you like a feature. Guess it’s trying to wear me down.”) which prompted me to have a think about it’s not just *how* you say something, but also *when* and how often you say something, too. You can have as friendly or approachable a tone of voice as you want (and lately, it seems that pretty much the only tone of voice you’re going to get in this new age of designer-driven products and services *is* an overly familiar matey one), but it doesn’t really matter if the product in question is, well, a bit psychotically insistent at reminding you about what it wants to tell you.

Another person in one of my streams commented about what ad retargeting feels like, and yet another about the practice of increasing sales conversion. These are the practices that, when enacted by a person, would seem downright creepy, but we seem to tolerate in some sense when we’re interacting with machines and systems. It is one thing, for example, for a salesperson at Target to greet you on your way into the store, yet another thing for another salesperson to ask a “guest” if they have been able to find everything they’ve been looking for so far, but I bet that none of those salespeople would follow you out through to the parking lot, follow your car, wait outside your house, and then whilst you were sat down to dinner, tap on the window and hold up a packet of crisps that you’d temporarily but in your shopping cart, but then left, and ask if you wanted to change your mind and buy them now.

The argument, of course, is that there’s probably a whole bunch of data supporting the notion that reminding people about abandoned items in shopping carts result in a certain percentage increase in purchase conversion, and that, well, that’s probably worth doing. Because, of course, you don’t really get to quantify any potential loss of goodwill involved in repeatedly getting in touch with a customer and asking if they want to buy that thing or not.

I don’t know if my go-to example of Zappos does this. It would seem at first glance to go against their customer-service-at-all-costs attitude, but then I also similarly wouldn’t be surprised – given their acquisition by Amazon – if they *did* do such a thing. As with everything, it feels a bit like nuance, but also that the environment is a little like a zero-sum game. It doesn’t matter if your particular service is more respectful of peoples’ time and bunches up said notifications if the environment in general is toxic. Your basket reminder may well be the straw that breaks the camel’s back.

[1] http://noticin.gs
[2] https://twitter.com/denisewilton/status/568638472455659521

2.0 Insecure

I wrote, a while back in episode 188[1], that given the Target hack and the Sony hack, what we should be afraid of is a principle of mediocrity and that we would depressingly find out that such breaches were the norm, and not in fact the exception. So the recent news that Anthem, a health insurer based in the United States, had been subject to a breach that potentially dated back to April 2014[2], isn’t really surprising, just, well, more of the same. And then, the news that Lenovo had – in the name of “customer experience” – pre-installed malware on certain of its computer products that effectively (and by effectively, I actually mean: pretty damn effectively, for those who chose to take advantage) allowed bad actors to man-in-the-middle any attempted secure communication involving those machines.

I suppose what I’m getting at here is this: what are we supposed to do, or expect, when a *computer manufacturer* makes a decision in its business interests that is so clearly aligned *against its customers interests* – ie: it gets to make money off the installed malware – and is also clearly incapable of judging the risks of installing said malware? Was it purely that the profit motive was too big? Was there genuinely (and I find this hard to believe) no-one at Lenovo who could have been capable of assessing whether the malware was fit for purpose? Of course there probably was: one can only assume that they just weren’t involved in the decision making to pre-install the malware in the first place.

So not only do we have to worry about practically infinitely-resourced state-sponsored actors like the NSA and GCHQ, who at this point you have to admit: yes, I suppose it was their job to break into Gemalto and get the private keys behind as many 3 and 4G SIMs as possible, but we also have to worry about *stupendously incompetent* computer hardware manufacturers. You could look at this and say: well, IBM probably wouldn’t have done that so a good fifteen years ago you still would have been safe buying a ThinkPad, but I guess another way of saying it is this: the business managers in charge of selling computer products don’t understand the software systems that they’re selling, and are clearly in no position to effectively audit them. You’d be forgiven for thinking that we’re now stuck between the wall of an internet effectively riddled with holes, and a variety of rocks where commercial interests are presumably so strong that it’s difficult to distinguish between pure incompetence and malice.

Normally I think my position would be to not worry about this kind of stuff – that the kind of advanced persistent threat isn’t really something that applies to the everyday individual, but it’s clear now that, in principle, all it would take is for you to be identified as someone who’s merely collateral damage. Look, if I wanted to, say, find out what Nike’s product line for next year was going to be, it wouldn’t be so hard to spear-phish a whole bunch of people who not only a) worked at Nike, but b) worked at their known agencies, and c) might have access to commercially sensitive information. Throw a couple of Windows exploits through emails to account managers, sit back, and Bob’s pretty much your corporate intelligence officer based in China.

[1] http://tinyletter.com/danhon/letters/episode-one-hundred-and-eighty-eight-the-new-normal
[2] Anthem Breach May Have Started in April 2014 – Krebs on Security

3.0 No Jobs But What We Make

Is Sarah Connor’s election slogan where she campaigns upon a platform of a robust social safety net as well as ambitious education and re-training for a) a workforce that’s going to be skilled-and-automated-out as well as a workforce that is wondering what to do with its liberal arts degrees. (Surprise: those liberal arts degrees should keep going until they find themselves at the intersection with Technology Avenue whereupon they might find some jobs on Main Street).

Anyway, via Metafilter[1], the good news that we don’t have to worry *as much as we were worrying* about robots taking away our jobs[2], due to the reason that: well, duh, the jobs should have gone away already. That said, there is a comment in the original article pointing out that Summers is stuck in 1980s land where a bunch of disintermediation hasn’t taken place yet. Summers argues that whilst an end goal of automation might be a whole bunch of self-checkout lanes (it turns out that we don’t really want that, but anyway) he thinks that to get from here to there, we’d need “a million people” running around migrating from one checkout system to the other, neatly avoiding the whole self-serve/software-as-a-service/”dark-IT” patch that has been growing increasingly relevant to those who thought they were in charge of corporate IT. Sure, this isn’t as much a problem in places like Target, where you don’t get to turn up one day to work as a cashier with your iPad in one hand and your Square reader in the other and proclaim that you’ve got a much cooler way of checking people out, but instead it happens *everywhere else* and instead happens to Target last. This isn’t necessarily the loss of a bunch of jobs at Target as it is *not as many jobs being needed* for a whole new area of growth to happen. National Cash Register[3] – who I’m only aware of because for some reason NCR made one of the early computers (a 386DX running at 16 MHz, thanks very much) that my dad borrowed and took home from work – still pretty much sells “cash registers”, in the expanded term of “point of sale systems”, but as of 2014 still employees about 29,000 people. Square, on the other hand, might employee up to 1,000 people, and a cursory Googling revealed that Paypal might employ around 13,000 employees.

Conversely, the International Business Times (yeah, I know) reckons that Blockbuster had a peak of 60,000 employees worldwide in 2004[4], whereas Netflix might employ around 2,000[5]. This isn’t necessarily “automation” or “robots” getting rid of jobs, but it certainly is the impact of the machine age. And, even, there’s the wonderful example of Netflix disrupting itself by inexorably moving away from its original DVD-by-mail business (arguably a hack whilst it waited for connectivity to catch up with its founder’s vision) to digital delivery of video. I’m not arguing that those 60,000 jobs that Blockbuster provided employment for should come back: just pointing out that 60,000 jobs did disappear, and jobs like that will probably keep disappearing. Those 60,000 retail jobs first went to centralised distribution centers, and then slowly faded away as it turned out that you didn’t need to stuff a disc in the mail, you could just have servers stuff bits down a pipe instead.

(An idle thought: is the availability of YouTube instrumental tutorials a net good thing or bad thing for music teacher jobs? One of the examples of high-speed internet links was always the remote teaching thing, but I can easily make the argument in my head that for a lot of people, non-interactive recorded video is good enough for learning an instrument and that it might, instead, widen participation – for musical instruments where access is cheap and available enough – to result in more demand for music teachers. Anyway)

I don’t really see how this is going to go away. Part of the argument with all of this replace-humans-with-automation/APIs is that we’ll end up with more leisure time, but I don’t strictly see that happening. It feels like it’s quite easy for the available work to take as much time as it needs to; that work will expand to fill the available time. I saw this at my time with Wieden – there were certain clients who would quite happily noodle away on a brief for, say, a stupendously large sporting event, and only approve script until the very last minute whereas other clients would be happy to have something shot and in the can up to 18 months prior.

[1] Everyone should take it easy on the robot stuff for a while – ennui.bz, Metafilter
[2] The One Where Larry Summers Demolished the Robots and Skills Arguments – Mike Konczal
[3] NCR – Wikipedia
[4] The Sad End Of Blockbuster Video: The Onetime $5 Billion Company Is Being Liquidated As Competition From Online Giants Netflix And Hulu Prove All Too Much For The Iconic Brand
– IB Times, and what a ridiculously long headline
[5] Netflix – Wikipedia

9:16pm. More of a petering out there than a satisfying conclusion, I feel.