Wednesday, September 29, 2010

LinkedIn users targeted for spam attacks

Cybercriminals began a campaign Monday that targeted LinkedIn users in a concerted spam attack, Cisco senior security researcher Henry Stern told ZDNet UK on Tuesday. What differentiated the campaign from others was the scale of the attack and the fact that it targeted business users, he said.

"The combination of extremely high volume and the focus on business users suggests the attackers are interested in employees with access to online bank accounts," said Stern. "We've provided LinkedIn with the information they need to take action against the spammers."

At one point on Monday, over a quarter of the spam hitting Cisco nodes was due to this particular attack, Stern said, with billions of emails being sent. The emails were not targeted, but were designed for LinkedIn users to self-select, he added.

For more on this story, read Spammers try to dupe LinkedIn users in Zeus attack on ZDNet UK.

ZeuS botnet: Stealing bank access codes via SMS

The latest criminal activity linked to the ZeuS botnet is a software package tailored to BlackBerry and Symbian mobile phones that picks off SMS messages, apparently to break the two-factor authentication code, which mobile bank customers use to access their accounts.

Dubbed MITMO (man in the mobile) by IT security services firm S21sec, the attacker steals both user name and password from infected phones, and uses that information to access the victim's online bank account. When the bank sends the unique, temporary two-factor access code to the victim's cell phone, the malware intercepts it and forwards it to the attacker. The attacker enters the code and gains access to the user's bank account.

Software Development and the Illusion of Control

What I'm about to tell you will either: a) scare you to death, or b) make you nod your head in agreement. Which reaction you have will depend upon your perspective and position in the software development process.

With few exceptions, you do NOT have as much control over the software development process as you may think.

I can see half of you stridently shaking your heads (fists) and saying things like 'but we have tools and processes and even a strict policy of re-use, backed up by a fully documented re-use catalogue.'

This thinking provides a comforting (but false) illusion of control, and the reality is that most organisations have software developers who will find ways of working around the 'process,' so that they can actually deliver working and valuable code.

Organisations who spend a lot of time trying to formalise re-use efforts with catalogues, or who view communities as committees are wasting valuable time delivering a shelf full of 3-inch thick white binders that very few developers actually look at or even read.

I can also see the heads shaking out there now because some of you work for companies that provide tooling to help accomplish some of the 'process' of Application Lifecycle Management. There is nothing wrong with tooling to help you better organise your software development efforts.

However, even the best tooling cannot overcome the basic human desire to avoid the constraints of admin and red tape. The best approach is to first develop a 'community.' Community members are here because they're interested, not primarily because it's their job.

Achieving a community is not as simple as following a 10 step list to success. It takes serious thought and a dedicated grass roots effort supported by a committed management structure. Tooling is useful once you've identified who your stakeholders are in the community and how they work together.

Even then, you sometimes have to adjust the tools to fit your community's expectations. However, the overriding goal of tools should be to help loosely couple the community together, not constrict or control them into an overly formal process that people will simply push back against and actively seek ways to get out of. This is where having an outside community consultant come in to help jump-start the process can help.

People ask can a tool enforce certain strict processes, or function as a re-use catalogue/repository? The answer is, that while it can do that to a certain degree, we encourage you to view the tool not as a compliance enforcement tool nor is it intended to develop a virtual shelf full of thick binders, for no one to read or use.

Instead, look at any tool with a critical eye. Examine closely the collaboration features (wikis, discussion forums, and even trackers) and ask yourself how will these help you foster a community while you organise and identify your software assets.

Ultimately, software development should be weighted toward producing useful and working code, which is very much part of the Agile/Scrum manifesto. It is not there to generate reams of documentation to feed the process machine.

An organisation's time and money are better spent building, supporting and facilitating a community, not building committees, because your good developers will become frustrated and actively find ways around delays and impediments to getting the job done.

It's much more productive to support, facilitate and foster that creative behaviour to the benefit of the community, than to try and stifle, and fight against it.

Inclusive Fitness, Population Genetics and the origin of altruism

Sparks fly over origin of altruism

When British geneticist J. B. S. Haldane was asked if he would risk his life to save another, he is alleged to have replied that he would only do so to save at least two brothers or eight cousins.

His reasoning was that this would preserve enough copies of his genes to justify his own death. This idea - that animals are more likely to show altruistic behaviour towards individuals they are related to, is called kin selection.

Haldane's colleague William Hamilton later drafted a mathematical description of the phenomenon, known as inclusive fitness, which assigns numerical values to the costs and benefits of an animal's actions. In theory, inclusive fitness makes it possible to calculate the extent of the spread of a given altruistic behaviour throughout a population e.g. staying with your parents to raise your siblings. 

Hamilton's mathematical formula has been used for decades by biologists studying cooperation in animals and was a major inspiration for Richard Dawkins's The Selfish Gene.

The problem, say Nowak and Tarnita, is that the calculations just don't work in the real world because they rely on a limiting set of conditions that nature does not stick to. For example, they are only valid for interactions between pairs of animals, which is fine for solitary species whose individuals rarely meet, but no use in studying thousands of ants sharing a colony. What's more, they do not work for populations that are under strong pressure to evolve.

These and other limitations, Tarnita says, mean that the maths of inclusive fitness is not relevant to the real world. Instead, she says biologists should use the models of population genetics, which focus on interactions between different gene variants. 

These models avoid the messiness of predicting the consequences of behaviour and don't require any dubious assumptions.

Tarnita has shown that by using standard population genetics equations, it is possible to produce an all-encompassing model. She explained that when she plugged Hamilton's conditions into her model, its equations simplified to those of inclusive fitness

Hamilton's maths, she concludes, describes a special case of a broader model of how all behaviours evolve: it is not wrong, but limited.

Monday, September 27, 2010

Jimi Heselden, Owner Of Segway Inc., Dies In Segway Accident

Multi-millionaire Jimi Heselden, the owner of Segway Inc. since December 2009, has died after reportedly driving a Segway scooter off a cliff and into a river.

The fatal accident allegedly occurred at Heselden's West Yorkshire estate, according to the Daily Mail. He was "using one of the machines--which use gyroscopes to remain upright and are controlled by the direction in which the rider leans--to inspect the grounds of his property," writes the Daily Mail. "A spokesman for West Yorkshire Police said today: 'Police were called at 11.40am yesterday to reports of a man in the River Wharfe, apparently having fallen from the cliffs above.'"

Police told the Telegraph that a "Segway-style vehicle" was recovered at the scene of the accident.

Hesco Bastion, the company of which Heselden was chairman, confirmed Heselden's death in a statement given to the BBC. "It is with great sadness that we have to confirm that Jimi Heselden OBE, has died in a tragic accident near his home in West Yorkshire," said the Hesco Bastion spokesperson.

Indirect reciprocity

Direct reciprocity can best be captured by the principle “You scratch my back and I’ll scratch yours” and is the driving force of a large part of chimpanzee social behaviour.

Indirect reciprocity can be summed up by the principle: “You scratch my back and I’ll scratch someone else’s” or “I scratch your back and someone else will scratch mine”.

There is little or no evidence of indirect reciprocity amongst chimpanzees. This should come as no surprise given the significant linguistic skills required to exhibit indirect reciprocity compared to direct reciprocity.

For example, if my act of kindness towards a stranger is witnessed by others, it can benefit my reputation only if they are able to go and tell their friends about it, an ability that is quite beyond chimpanzees.


The Plato Code - We are all ignorant

What was Plato’s positive philosophy?

Plato depicted the brilliant talk of earlier philosophers, but never stepped forward to state his own views directly. Every reader wrestles with this problem of Platonic anonymity.

Most of us form some opinion of Plato’s central agenda and philosophy but, strictly speaking, this is more or less conjecture.

The range of possible views is illustrated by the minority, in both ancient and modern times, who concluded that Plato was a destructive sceptic with no positive views at all. For them, Plato was merely a brilliant provocateur. His final allegiance was to Socrates’ claim that we are altogether ignorant.

TPM: The Philosophers’ Magazine | The Plato Code

Sunday, September 26, 2010

Jobs I could not do: Stairway to Heaven

Without these guys, you wouldn’t have broadcast radio or TV. It’s hard to watch beyond the 1min 30sec mark.

The Body Language of Liars

"Detecting deception is really about looking for discomfort at three critical junctures in an inquiry.
  • The first is when the person first hears the question and how they respond to hearing that question (is there comfort or discomfort). 
  • The second part has to do with how they process that information, how long they take to answer it, and how troubled they are to think about the answer. 
  • The third phase has to do with how they answer the question; are there speech errors, hesitation, vocal inflections indicative of distress, discomfort displays or lack of emphasis. 
In all three of these critical phases, depending how well the question is formulated and asked, we have an opportunity to assess for comfort and discomfort."

"Having laid this information out, I would caution that the best we can say, unless we actually know the truth, is this: if the person did poorly in all three areas (hearing, processing, and answering the question), there are likely issues there that need to be explored because their behavior, lacking so much discomfort, is suggestive, but not conclusive of deception.

I would be reluctant to call someone a liar merely because they respond poorly in all three areas, but I would certainly pursue the topic further to see what caused this behaviour."

These are the words of Joe Navarro, a former FBI Counterintelligence Agent and the author of a fascinating book; "What Every Body is Saying."

For additional articles, look on his web site; or follow him on Twitter: @navarrotells @navarrotells

Iran Fights Malware Attacking Computers

The Iranian government agency that runs the country’s nuclear facilities, including those the West suspects are part of a weapons program, has reported that its engineers are trying to protect their facilities from a sophisticated computer worm that has infected industrial plants across Iran.

The agency, the Atomic Energy Organization, did not specify whether the worm had already infected any of its nuclear facilities, including Natanz, the underground enrichment site that for several years has been a main target of American and Israeli covert programs.

But the announcement raised suspicions, and new questions, about the origins and target of the worm, Stuxnet, which computer experts say is a far cry from common computer malware that has affected the Internet for years. A worm is a self-replicating malware computer program. A virus is malware that infects its target by attaching itself to programs or documents.

Stuxnet, which was first publicly identified several months ago, is aimed solely at industrial equipment made by Siemens that controls oil pipelines, electric utilities, nuclear facilities and other large industrial sites. While it is not clear that Iran was the main target — the infection has also been reported in Indonesia, Pakistan, India and elsewhere — a disproportionate number of computers inside Iran appear to have been struck, according to reports by computer security monitors.

Given the sophistication of the worm and its aim at specific industrial systems, many experts believe it is most probably the work of a state, rather than independent hackers. The worm is able to attack computers that are disconnected from the Internet, usually to protect them; in those cases an infected USB drive is plugged into a computer. The worm can then spread itself within a computer network, and possibly to other networks.

The semiofficial Mehr news agency in Iran on Saturday quoted Reza Taghipour, a top official of the Ministry of Communications and Information Technology, as saying that “the effect and damage of this spy worm in government systems is not serious” and that it had been “more or less” halted.

But another Iranian official, Mahmud Liai of the Ministry of Industry and Mines, was quoted as saying that 30,000 computers had been affected, and that the worm was “part of the electronic warfare against Iran.”

ISNA, another Iranian news agency, had reported Friday that officials from Iran’s atomic energy agency had been meeting in recent days to discuss how to remove the Stuxnet worm, which exploits some previously unknown weaknesses in Microsoft’s Windows software. Microsoft has said in recent days that it is fixing those vulnerabilities.

It is extraordinarily difficult to trace the source of any sophisticated computer worm, and nearly impossible to determine for certain its target.

But the Iranians have reason to suspect they are high on the target list: in the past, they have found evidence of sabotage of imported equipment, notably power supplies to run the centrifuges that are used to enrich uranium at Natanz.

The New York Times reported in 2009 that President George W. Bush had authorized new efforts, including some that were experimental, to undermine electrical systems, computer systems and other networks that serve Iran’s nuclear program, according to current and former American officials.

This also raises the question as to whether Germany and Siemens are aiding Iran in developing their nuclear capability.

Friday, September 24, 2010

Seth Godin - Quieting the Lizard Brain Video: The 99 Percent

About this presentation
Bestselling author and entrepreneur Seth Godin outlines a common creative affliction: sabotaging our projects just before we show them to the world. Godin targets our "lizard brain" as the source of these primal doubts, and implores us to "thrash at the beginning" of projects so that we can ship on time and on budget.

About Seth Godin
Seth Godin is a bestselling author, entrepreneur, and agent of change. His recent books, which have graced the New York Times, Business Week, and Wall Street Journal bestseller lists, include Tribes, Purple Cow, The Dip, and All Marketers Are Liars.

Seth was founder and CEO of Yoyodyne, the industry's leading interactive direct marketing company, which Yahoo! acquired in late 1998. He holds an MBA from Stanford, and was called "the Ultimate Entrepreneur for the Information Age" by Business Week.

Blog site:

Isopraxism: Body language makes a world of difference

Isopraxism is an anthropological explanation of how we pull toward the same energy. It is referred to in explaining why, when the person we're with steps off the curb, we follow him or her by crossing the road; or why at the dance, nobody wants to go on the dance floor when there's nobody out there, but as soon as it gets crowded everybody wants to go.

In team sports it explains how if one person gets discouraged, especially the leader, the entire group is immediately affected. In fact, the research says the more powerful the person is, in terms of status and admiration, the faster their mood and demeanour transfers to the rest of the group. This can be done equally quickly by their body language, in a non-verbal fashion.

Read more:

Where do Good Ideas come from? - Steven Johnstone

Where do good ideas come from? Places that put us together. Places that allow good hunches to collide with other good hunches, sometimes creating big breakthroughs and innovations.

During the Enlightenment, this all happened in Parisian salons and coffee houses. Nowadays, it’s happening on the web, in places that defy your ordinary definition of “place.”

In four animated minutes, Steven Johnson outlines the argument that he makes more fully in his soon-to-be-published book, Where Good Ideas Come From: The Natural History of Innovation. The video is the latest from the RSAnimate series.

Thursday, September 23, 2010

Long Range WiFi Edges Nearer With FCC Decision

A new class of devices able to create WiFi-like connections that span miles rather than meters just jumped significantly closer to market. The Federal Communications Commission (FCC) has made a crucial decision on the rules that will regulate such devices, which will use the "white spaces" between TV channels that were freed up by the analogue switch off.

Although the FCC voted in November 2008 to open up these white spaces, the exact rules governing how they could be used were not decided. Companies of all sizes, ranging from Google to startups, with plans for gadgets and services using white spaces have been waiting since then. Some have spent money lobbying for rules favorable to rapid development of a whole new sector.

A key concern was whether the FCC would stick with a previous suggestion that white spaces devices must constantly listen out for broadcasts from TV stations and also wireless microphones to ensure they wouldn't cause interference. Today the commission decided that this isn't necessary. Instead, the rules will require devices to be capable of knowing their location and using an online database to find out which channels are active in their area.

"The ruling is in the right direction to help us quickly get white spaces devices onto the market, Ranveer Chandra of Microsoft Research who built the world's first white spaces network on the company's Redmond campus, told me.

"Making hardware able to get sensing right is very difficult, particularly for wireless microphones which all have different signals." False positives are a problem when listening for wireless mics, says Chandra, because their signals are so low powered.

Being able to use the software-centric database approach will allow much speedier development compared to the alternative, which would me coming up with new chip designs, he says.

Although Chandra and colleagues experimented with sensing too, the Microsoft network also demonstrates how a database could be used. They developed a cloud-based service to which a device can supply its location and receive back an accurate description of the whitespaces available, based on the position, power and height of nearby transmitters. They also built a website where you can check the white spaces in your area.

The FCC is yet to release the full technical details of the rules, which are expected late today. When these details are released, the real work will start, says Chandra. "Over the next couple of weeks we and others will need to look at that very closely," he says, to work out just what the rules allow for.

Google Warning Gmail users on China Spying Attempts

Google is using automated warnings to alert users of its GMAIL messaging service about wide spread attempts to access personal mail accounts that may indicate wholesale spying by the Chinese government. The victims include one leading privacy activist.

Warnings began appearing when users logged onto GMAIL on Thursday, according to Twitter posts from scores of GMAIL users. Upon accessing their accounts, users encountered a red banner reading "Your account was recently accessed from China," and providing a list of IP addresses used to access the account.

Users were then encouraged to change their password immediately. Based on Twitter posts, there doesn't seem to be any pattern to the accounts that were accessed, though one target is a prominent privacy rights activist in the UK who has spoken out against the Chinese government's censorship of its citizens.

Alexander Hanff of Privacy International in the UK said he saw the warning when he accessed a GMAIL account this morning. Hanff set up the personal account, which Hanff created in 2005 when he operated the Torrent Web site DVDR-Core, an early target of the Motion Picture Association of America in its battle to stop copyright piracy.

Hanff said he immediately changed the password, at Google's suggestion, and said the attempts to access his account from China were recent - occurring within the past couple months.

He only rarely accesses the account and does not use it for e-mail related to his work for Privacy International. Still, he said the account is easily discoverable online for those looking to contact him via e-mail, which might have made it a target.

However, a survey of other GMAIL users who were warned suggests that the China-based attacks were widespread and lacked a clear pattern. Andrew Turnbull, editor of The Extraordinary Marketing Blog and a recent business school graduate from Alberta, Canada was one.

Others included media consultants, doctors and gamers from the U.S., Canada, Columbia and countries in Europe - most without any clear personal or professional connection to China. Google did not immediately respond to a request for comment.

Hanff, of Privacy International, said he believed the attack on his account was random, not targeted at him as a privacy rights advocate. Those who accessed his account wouldn't have had access to any sensitive information related to his work for Privacy International, but would have found "a hell of a lot of spam," Hanff said.

However, he acknowledges that he may have come to the attention of the Chinese Government after a speech he gave at a EU-China Human Rights Network seminar that was attended by high level Chinese government officials. Hanff said he spoke about issues such as freedom of speech, differences between Europe and China and China's record of suppressing free speech.

Google and its GMAIL messaging system, along with the networks of other high profile U.S. and European firms, were known to have been compromised by attackers believed to be affiliated with the Chinese Military.

Those attacks, code named "Aurora" temporarily caused a rift in relations between the search giant and the Chinese government, with Google suspending all filtering of its search results in China. Recently, experts have warned that a new round of attacks similar to the original Aurora attacks had been detected, though its unclear if the e-mail hacking is related to that wave of activity.

Thursday, September 16, 2010

The Next Big Thing In BPM: Real-Time Process Guidance

The Next Big Thing In BPM: Real-Time Process Guidance

First step is to identify best practices for combining social networking with BPM and identifying specific patterns on how BPM and social are coming together. Some patterns that have been identified thus far include:
  • Collaborative Discovery – Extending process discovery and design to include interactive real-time involvement of business users, customers, and partners.
  • Shared Development – Extending process development methodology and tools to support development collaboration between business and IT roles.
  • Process Guidance – Provide real-time suggestions and guidance for completing a particular activity based on real-time analytics and/or social network analysis (i.e., crowdsourcing techniques).

Lessons on Leadership and Teamwork -- from 700 Meters Below the Earth’s Surface

Lessons on Leadership and Teamwork -- from 700 Meters Below the Earth’s Surface

“We are well, the 33 of us, in the shelter.” These words, written on a small piece of paper, created euphoria in Chile in early August and restored hope to the families of the 33 miners trapped in the San José copper mine in the heart of the Atacama Desert.

The note emerged from a duct that is now used for communication with rescuers and for sending food and medicine to the miners, who are trapped 700 meters (nearly 2,300 feet) below the earth’s surface in a small emergency shelter.

When the good news came to the outside that the miners were alive, a team led by engineer Andrés Sougarret labored to find the best alternative for reaching the tunnel of barely 30 square meters. The team was helped by experts in psychology, sociology, engineering and nutrition and by officials from NASA, who deal with similar situations of isolation encountered by astronauts.

At first, it was estimated that the team would need four months for the rescue. Now, however, the Chilean government believes that it could extract the first miners in October, thanks to a tunneling machine able to drill through the surface of the earth.

Images recorded by the miners themselves have made clear the extreme conditions they are living under, and which they will have to bear until the rescue materializes: temperatures of up to 35 degrees Centigrade (95 degrees Fahrenheit); environmental humidity of 90% and rationing of food. Above all, it has become obvious that the miners are well organized.

From the moment of the accident, they divided the shelter into zones devoted to an infirmary, recreational activity, food and dormitories. Some have assumed leadership positions that make survival possible. For example, Luis Urzúa Iribarren, who headed the shift of workers, assigned various roles to the other miners.

One miner, Mario Sepulveda, received and handled cases of food and medication that arrived from outside the mine. From the outset, Victor Segovia wrote down everything that happened during and after August 5, the day of the disaster.

The skills and leadership exhibited by the miners will be crucial to their survival, experts say.


Getting Grain to the Poor: India Grapples with Problems of Plenty - India Knowledge@Wharton

Getting Grain to the Poor: India Grapples with Problems of Plenty - India Knowledge@Wharton

Early in September, the Indian government said it would release 2.5 million tons of rice and wheat to the country's poor over the next six months. It was following orders from India's Supreme Court, which in turn had reacted to television reports that showed stacks of rotting food grain in railway yards.

"Give [the grain] to the hungry poor instead of it going down the drain," the court told the government's counsel. The court also asked the state-owned Food Corp. of India (FCI) to expand and modernize its distribution infrastructure, and noted that 50,000 tons of wheat had already deteriorated. (Only 12,418 tons were damaged, the FCI claimed later.) The case brings renewed focus on the interlinked challenges of feeding India's poor and overhauling its food grain procurement, storage and distribution infrastructure, experts tell India Knowledge@Wharton.

The issue has positioned the Supreme Court on one side and the government on the other. The court was not amused that the government had chosen to interpret an earlier ruling on the issue as a "suggestion" and not an "order." The government felt that the court was exceeding its mandate. Prime Minister Manmohan Singh told a meeting with newspaper editors -- an annual event where the government is traditionally candid about its perceptions -- that he respected the court's "sentiments" and that concessional food should be made available to the poor. However, he suggested that courts should not get into the "realm of policy formulation."

"Inspired by the sight of food grain going to waste, it is often made out to be that our central problem is that of poor food grain storage," noted Kaushik Basu, chief economic advisor to India's finance ministry. In a paper titled, "The Economics of Foodgrain Management in India," published this month, he disagrees with that assessment:

"We have to design the entire food grains policy skillfully in order to ensure that we can fulfill the right to food that we are about to confer on our citizens, and at the same time ensure that our fiscal system is able to withstand the expenditure."

The Supreme Court took umbrage at the response of agriculture minister Sharad Pawar, who had initially said the government was unable to distribute food grain for free as transportation costs were high. In addition, it was already providing generous food subsidies.


Afghan Women Battle Internal and External Hostility on their Path to Entrepreneurship

Afghan Women Battle Internal and External Hostility on their Path to Entrepreneurship

Women entrepreneurs face kidnapping, death threats and the constant fear of bombs when trying to open businesses in Afghanistan. Many women also lack a formal education after years of harsh Taliban rule that has kept them from taking formal roles in society.

These challenges and more have eroded Afghan women's confidence and fueled uncertainty about their ability to be independent as they endeavor to launch and grow successful businesses.

When 23-year-old Masooma Habibi first wanted to open a business in Afghanistan's capital, Kabul, she thought the only way it would be possible is if she had male business partners.

Yet when she was looking for such partners to turn her idea of starting an Internet installation company into reality, she found that nobody wanted to work with her because she was a woman. "I thought I cannot do it by myself, I have no experience and everyone I turned to for help refused," she says.

That lack of support made Habibi realize that if her dreams of starting a business were to come true, she would have to go it alone. "I have had to overcome community backlash towards a woman working in Afghan society. I was depressed after my initial partners left me alone with a business before it had even started because they did not want a woman partner," she says.

However, after Habibi was given the opportunity to join the Goldman Sachs 10,000 Women program run by the Thunderbird School of Management in Glendale, Ariz., and the American University of Afghanistan in Kabul, her attitude slowly changed.

The 10-month training program in Kabul that graduated 54 students in early 2009 is one of several around the world working to improve business skills of women entrepreneurs. "I began to meet many women entrepreneurs with successful businesses who really encouraged me and overcame a lot of similar problems I was facing. I saw that they were helping make a difference in Afghan society," says Habibi.


Lessons in Entrepreneurship and Wealth Building from the Developing World - Knowledge@Wharton

Lessons in Entrepreneurship and Wealth Building from the Developing World - Knowledge@Wharton

Animal feed in Zambia. Cookies in South Africa. Medical records systems in Botswana. Peanut processing in sub-Saharan Africa and Latin America.

In regions scarred by intractable poverty, innovative programs to build new sources of wealth through these four businesses are providing lessons for entrepreneurs hoping to create new markets and economic opportunity. In a paper titled, "Business Models: Creating New Markets and Societal Wealth", leaders of Wharton's Societal Wealth Program (WSWP) outline the critical elements of entrepreneurial wealth building based on nearly 10 years of field research supported by Wharton alumni.

The WSWP initiatives are designed to move beyond a charitable aid model for combating poverty by creating economic enterprises that lead to self-sufficiency rather than dependency and that will have a major and lasting impact. "There are plenty of charities doing things for free. What we are attempting to do is create poverty reducing businesses," says James D. Thompson, director of the WSWP, who coauthored the paper with Wharton management professor Ian C. MacMillan.

Uncertainty is a major element of any entrepreneurial undertaking and the social wealth projects -- with the goal of improving society in addition to making money -- are all the more unpredictable. "If you're going to do something that's really going to make a difference and it's bold and highly innovative, by definition it's [also] going to be highly uncertain," MacMillan notes.

Since its launch in 2001, WSWP has been involved in 10 projects and is in the early stages of evaluating two others. The four cases highlighted in the paper represent a range of outcomes from success to termination. Many of the other six projects were disengaged or significantly altered -- a rate Thompson says is comparable to findings on typical entrepreneurial startups. "You're likely, if you follow this approach, to encounter more failures than successes," he notes.

Lessons for Entrepreneurs

According to MacMillan, entrepreneurs working in social enterprises need to maintain a sense of responsibility in addition to factoring in the many business considerations that typically go into a start-up. Failure in this environment can be measured in costs to the human spirit as well as financial terms. "You don't just rush in and say you are going to help without thinking how you will actually be of help," he points out. "Secondly, if you find that your program is not working, you need to have preplanned how to exit without doing harm or leaving people in the lurch."


Wednesday, September 15, 2010

Perception of emotion is culture-specific

Want to know how a Japanese person is feeling? Pay attention to the tone of his voice, not his face. That’s what other Japanese people would do, anyway. A new study examines how Dutch and Japanese people assess others’ emotions and finds that Dutch people pay attention to the facial expression more than Japanese people do.

“As humans are social animals, it’s important for humans to understand the emotional state of other people to maintain good relationships,” says Akihiro Tanaka of Waseda Institute for Advanced Study in Japan. “When a man is smiling, probably he is happy, and when he is crying, probably he’s sad.” Most of the research on understanding the emotional state of others has been done on facial expression; Tanaka and his colleagues in Japan and the Netherlands wanted to know how vocal tone and facial expressions work together to give you a sense of someone else’s emotion.

For the study, Tanaka and colleagues made a video of actors saying a phrase with a neutral meaning — “Is that so?” — two ways: angrily and happily. This was done in both Japanese and Dutch. Then they edited the videos so that they also had recordings of someone saying the phrase angrily but with a happy face, and happily with an angry face.

Volunteers watched the videos in their native language and in the other language and were asked whether the person was happy or angry. They found that Japanese participants paid attention to the voice more than Dutch people did — even when they were instructed to judge the emotion by the faces and to ignore the voice. The results are published in Psychological Science, a journal of the Association for Psychological Science.

This makes sense if you look at the differences between the way Dutch and Japanese people communicate, Tanaka speculates. “I think Japanese people tend to hide their negative emotions by smiling, but it’s more difficult to hide negative emotions in the voice.” Therefore, Japanese people may be used to listening for emotional cues.

This could lead to confusion when a Dutch person, who is used to the voice and the face matching, talks with a Japanese person; they may see a smiling face and think everything is fine, while failing to notice the upset tone in the voice. “Our findings can contribute to better communication between different cultures,” Tanaka says.

For more information about this study, please contact Akihiro Tanaka at

Russian Court Hears Case Against Mystery RBS Hacker

Another member of the hacking crew responsible for the $9.4m heist of RBS WorldPay is going to court in Russia, according to a local media report. A court in Novosibirsk, Russia, is taking up the case of a previously unnamed member of crew of hackers that is accused of stealing $9.4 million from RBS WorldPay, the U.S. based payment processing division of The Royal Bank of Scotland, according to a media report.

A criminal case against Eugene Anikin was forwarded to Zaeltsovskiy District Court in Novosibirsk for consideration. Anikin is believed to be the defendant referred to as "Hacker 3," one of eight individuals named in a criminal indictment filed in U.S. District Court in November, 2009, and accused of withdrawing cash from automated teller machines in 280 cities around the world.

Anikin's name did not appear on that indictment, leading to speculation that he is the individual referred to as "Hacker 3" on the indictment.

Another member of the same group, Victor Pleschuka, was sentenced to six years in prison by a court in St. Petersburg in August. Pleschuka and others in the hacking ring were accused of carrying out a sophisticated attack against RBS.

As reported by ThreatPost, the crew allegedly broke into the network of RBS WorldPay and compromised a database containing account information for employee debit cards, which are used by some companies in lieu of traditional paychecks. The hackers then raised the credit and withdrawal limits on the accounts attached to the cards and forged 44 counterfeit cards which were distributed to a ring of "cashers" to use to withdraw cash from ATMs in November, 2008.

According to reports from Russian media, Anikin received stolen bank account information from Pleschuka and gave it to other unidentified persons, who produced the fake bank cards.

Monday, September 13, 2010

Why Should Your Boss Listen to You? -- Contingency Planning & Management

There is more whining and gnashing of teeth about being left out of meetings, being the last to learn something, or not being consulted or even asked to the table at all than virtually any other topic in the security professions.

Obviously, security, business continuity, resilience, and risk issues are important, even mission critical. But if this is really true, why is it so hard to get bosses to listen more and seek us out to learn more?

As an observer of all staff functions in organizations as they advise, coach, and counsel managers and leaders, it is profoundly obvious that the single most important mistake all of these staff functions make, including security, is failing to recognize that every issue, question, problem, challenge, or opportunity a manager or leader faces is a management issue, opportunity, and question before it is any other kind of issue, opportunity, or question. Security and business resumption, two seemingly crucial functions, represent just a fraction of all issues, concepts, and problems business operators face every day.

To advise leaders and managers successfully, advice and ideas must begin where management’s thinking begins and always have a dominant management aspect or benefit beyond just the staff advice being giving at the time.

It also surprises me how many staff functionaries (in all areas of staff work) advise leaders and managers but fail to be students of management, students of leadership, or students of business operations. How can one seriously and with a straight face urge people to take advice from someone who has little or no substantive understanding of management’s challenges? I make presentations on this topic all the time. Whenever I ask an audience to tell me (with a show of hands) how many people have studied or do study leadership and managing as a part of their own personal staff knowledge-base development, only a paltry number of hands go up. Another question I ask is how many audience members read the Harvard Business Review regularly? Even fewer hands go up. It is astounding how many staff advisors fail to read even the most significant business literature. Managers read the Harvard Business Review (HBR). Managers discuss what they learn. Management tends to look to HBR for guidance and inspiration, as should those who advise them.

Study leaders and important people, but also study those that the people you work for admire. Read what bosses read, work to get a sense of the business from their perspective. It changes the way you think, it changes the way you talk, and it changes and improves the quality of the advice you give. And, not surprisingly, it will probably reduce the number of things you recommend. By altering your perception and perspective, some of the ideas you would routinely recommend without thinking, know become far less relevant or important to the organization and to you achieving your staff objectives on behalf of the boss you want to listen to what you have to say.

Most successful advisors whose performance I have witnessed over the years are keenly aware of the environment in which bosses, managers, and leaders successfully operate. It has been changing in recent years. In the old glory days of top management, getting the job of CEO was the capstone of a career. An individual worked about 20 years in an organization to get to that position, reached it at around age 50 to 55, and then, if healthy, kept the position until age 64 or 65. It was a wonderful job. The CEO worked mostly in an operations environment, made operations decisions, perhaps got a little famous, was welcome with open arms in all facilities, branch operations, and subsidiaries, and there were plenty of accolades to go around. Those days are long gone for most CEOs.

Top managers’ jobs have changed enormously. The average life span of a CEO’s career (according to a number of the larger executive search firms) is 41 months or three and a half years, and declining. The average ages of chief executives and, therefore, senior managers are declining. A generation ago, a CEO could be expected to be in their 50s, CEOs now are routinely in their 40s and their tenure is temporary. Whereas being a CEO used to be a career capstone, it is more likely today to be one stop in a career with other high level positions in the future before retirement occurs.

The biggest change of all in management’s day and daily work today is the incursion of extraordinary amounts of non-operating activity. These are circumstances involving angry employees; maybe whistleblowers; contention and tension in the workplace; sexual harassment issues; angry customers; rogue legislators; and cities, towns, and neighbors who are becoming less and less tolerant with industrial sites and other kinds of facilities in their neighborhoods and vicinities. All of these problems and more land on the CEO’s desk. Even though there may be highly skilled people in the organization to deal with these issues, the public, critics, regulators, legislators, and the media have come to demand that the chief executive and very top managers engage in and communicate about the resolution of these issues. Put plainly, the risks to executive and organizational security and success are increasing incrementally.

Management’s problem is, of course, that none of these issues are operational in nature and dealing with them has become an on-the-job training experience, as opposed to learning how to handle these circumstances along the career path or in management school. Besides, these new threats are highly emotional and often victim-dominated circumstances that are very foreign to management.

These realizations are crucial to being a truly strategic asset to senior managers. Understanding why they are so distracted is a key ingredient in figuring out how to be heard by these individuals who need to have access to your thinking. Here, in list form, are some of the most important recommendations I can provide about beginning to get in tune with where your bosses are and what their concerns, fears, and questions are. Now when you walk in that room, you can talk and know something about more then just your staff function and more then just a narrow range of subjects beyond your area of specialization, because trusted advisors are asked to comment on a wide variety of issues, topics, questions, and circumstances.


1. Study leaders and leadership. Look for the stories of leaders you admire, and read and listen to information on their histories for the purpose of changing your way of thinking about what leaders do and why leaders make the decisions they do. This is also important because leaders study other leaders. The biggest problem leaders face is knowing what to do next. Quite often, the only place they can look for guidance is the lives and experiences of those who have gone before them.

2. Read the literature of management: Harvard Business Review, The Rotman Business Journal (University of Toronto, Rotman School of Management), Knowledge@Wharton (an eNewsletter), and Fortune Magazine. Fortune is among the best written English language publications on the planet. Find out what management literature or organizations your boss pays attention to, and start reading and monitoring them as well.

3. Ask yourself these questions:

· Do you actually care about these people? It helps if you do.

· Can you develop real expertise and interests beyond your staff expertise related to those you advise?

· Can you set aside your own problems and issues long enough to be of help?

· Can you manage your own ego involvement in solutions?

· Can you overcome the isolation your security function may have created for?

· While your security function may be connected to most parts of the organization, is it really involved in things that matter beyond the routine, day-to-day needs and concerns of the security function, or simply observe and report?

· Have you been increasing your skills and knowledge in dealing with these highly emotional situations and threatening issues that increasingly land on the desk of senior management?

Sunday, September 12, 2010

Detecting Deceptive Discussions in Conference Calls

Corporate psychology: How to tell when your boss is lying | The Economist

Corporate psychology: How to tell when your boss is lying | The Economist

“ASSHOLE!” That was what Jeff Skilling, the boss of Enron, called an investor who challenged his rosy account of his firm’s financial health. Other bosses usually give less obvious clues that they are lying. Happily, a new study reveals what those clues are.

David Larcker and Anastasia Zakolyukina of Stanford’s Graduate School of Business analysed the transcripts of nearly 30,000 conference calls by American chief executives and chief financial officers between 2003 and 2007. They noted each boss’s choice of words, and how he delivered them. They drew on psychological studies that show how people speak differently when they are fibbing, testing whether these “tells” were more common during calls to discuss profits that were later “materially restated”, as the euphemism goes. They published their findings in a paper called “Detecting Deceptive Discussions in Conference Calls”.

Deceptive bosses, it transpires, tend to make more references to general knowledge (“as you know…”), and refer less to shareholder value (perhaps to minimise the risk of a lawsuit, the authors hypothesise). They also use fewer “non-extreme positive emotion words”. That is, instead of describing something as “good”, they call it “fantastic”. The aim is to “sound more persuasive” while talking horsefeathers.

When they are lying, bosses avoid the word “I”, opting instead for the third person. They use fewer “hesitation words”, such as “um” and “er”, suggesting that they may have been coached in their deception. As with Mr Skilling’s “asshole”, more frequent use of swear words indicates deception. These results were significant, and arguably would have been even stronger had the authors been able to distinguish between executives who knowingly misled and those who did so unwittingly. They had to assume that every restatement was the result of deliberate deception; but the psychological traits they tested for would only appear in a person who knew he was lying.

This study should help investors glean valuable new insights from conference calls. Alas, this benefit may diminish over time. The real winners will be public-relations firms, which now know to coach the boss to hesitate more, swear less and avoid excessive expressions of positive emotion. Expect “fantastic” results to become a thing of the past.

Wednesday, September 8, 2010

China gearing up for WWIII