AI Will Not Destroy Humanity

AI doesn’t pose an extinction risk. And it has already created brand new jobs in the catastrophizing industry.

The only reason AI industry leaders like Sam Altman and Demis Hassabis jump on that bandwagon is to encourage more government red tape. If you are a powerful incumbent, asking for as many constraints to your industry as possible makes sense. The EU, ever happy to regulate industries originating elsewhere, is delighted to oblige. With compliance departments of thousands, these massive organizations can handle any amount of regulation thrown at them. But a lean startup will get regulated out of business.

The most fascinating part of AI is local, small-scale AI. We currently have massive, centralized AI running in enormous data centers. But since LLaMA escaped from the Facebook lab, tinkerers and hobbyists have already built Large Language Models on their local computers. But, of course, OpenAI, Microsoft, and Google would like small competitors to be regulated away.

Did You Hear the One About the Gullible Lawyer?

You need the best arguments to win a discussion, get a project approved, or win a court case. But, if you are short of preparation time, you might take a shortcut like the New York Lawyer who asked ChatGPT for help.

Ever willing to help, ChatGPT offered six cases supporting the lawyer’s argument. Unfortunately, they were entirely made up. That might work if you write a marketing blog post, but it does not hold up in court. The gullible lawyer claims he did not know that ChatGPT might be hallucinating but is, of course, facing sanctions for lying to the court.

IT professionals know that ChatGPT cannot be trusted to answer truthfully. It is not much of a problem for a programmer because the compiler or the unit tests will catch defective answers. But the rest of the world doesn’t know.

Now is the time to remind everyone in the organization of your company policy on using ChatGPT and its ilk (you do have such a policy, right?). Tell the story of the gullible New York lawyer to make the point clear.

Cloud Means Aomeone Else is in Control

Cloud services mean you are at the mercy of someone else. It is bad enough that hackers broke into Western Digital’s My Cloud service and encrypted their customer’s data. But many private customers are now learning what it means to use WD’s cloud-based login service. It means that even though your data is stored on your own NAS device in your own basement, you still cannot get at it when WD is down.

If you are using any cloud-based login service in your organization, ask your CISO how people would log in and access ressources if that service is down.

Where is the Profit

“But we’re a startup!”

“That’s not enough anymore. How will you become profitable?”

This is the essence of discussions between startups and their VC funders today and increasingly between big companies and their shareholders. Unfortunately, Ford’s CFO didn’t get the memo because he is still trying to pass off their $3 billion loss on electric vehicles with the “consider-us-a-startup” excuse.

Increased shareholders’ attention is also forcing all the big tech companies to kill off many of their loss-making projects that do not have any path to profitability, with an accompanying bloodbath of firings.

An audit showed that 47 of the 98 Danish municipalities were running AI projects. Two of these had provided value.

Do you have realistic business cases behind your projects? Or is the business case a collection of rosy assumptions retrofitted onto a project someone just wanted to do? It is better to find and kill vanity projects than to be called to the CEO’s office to explain why you are frittering away the company’s money. Contact me if you want an independent outside opinion on your project portfolio.

Once you Grow up, you Need to Stop Moving Fast and Breaking Things

Moving fast and breaking things can be fine for a startup. They might need to iterate several times and maybe even pivot once or twice before they achieve product/market fit. It is not OK for an established business. Facebook has long since given up on this strategy, but Twitter, under Elon Musk, has rediscovered it. By thrashing around and changing direction daily, they are alienating both the users and the advertisers who were supposed to pay. If you want to move fast, roll out changes to a small percentage of your users. A mature continuous delivery organization practices blue/green deployment, but even if you are not doing CI/CD, you can still test changes with a small subset of your users. Don’t uncritically inflict the latest great idea on your entire user population. #itleadership #innovation #makeitliveuptoitspromise

Beware of Asymmetric Risk/Reward Profiles

Would you continue to sell a lock based on technology that has been known for 14 years to be trivially easy to hack? Of course not! But Scantron in Denmark has merrily been foisting insecure locks on unsuspecting Danish apartment administrators. Even after a worried renter told them about the problem in several emails and even physical letters (!), they ignored the problem. It took a media shitstorm to make them realize the errors of their ways.

Digital locks have an asymmetric risk/reward profile. The reward is small – you save a little by not having to administer physical keys and re-key locks. The risk is huge – someone might copy a key, turn it into a master key, and rob hundreds of apartments.

When you are evaluating digitalization projects, be very careful about those with such an asymmetric profile. Almost every organization has digitalization projects with a better risk/reward balance than digital locks…

IT Leadership has to Harness the Power of AI

AI has finally gotten really useful inside the IT organization. Most of the examples on the internet are frivolous and amusing, like how to remove a peanut butter sandwich from a VCR, written in the style of the King James Bible. But ChatGPT is helpful for mundane tasks in IT as well.

I’ve been fixing open issues in a small open-source project recently. One of the issues was that part of the code would concatenate strings to build SQL statements. That’s a classic SQL Injection vulnerability. ChatGPT can fix these bugs faster than I can. So I tell the AI, “please rewrite the following to use bind variables,” and give it the code.

Another example is working we legacy shell scripts. My sed/awk skills are rusty, but I can give a convoluted shell statement to ChatGPT, and it will patiently explain all the options and exactly how it works.

Many of your programmers are already playing with ChatGPT, GitHub Copilot, and other AI tools. You might as well embrace it. Set up a knowledge-sharing community for those curious about how AI can help IT. Have them present to you and the rest of the IT department. You’ll be amazed if you haven’t played with ChatGPT and its ilk.

Blockchain is Still a Solution Looking for a Problem

It turns out nobody wanted a blockchain solution. There are still crypto enthusiasts hodling their Bitcoin, but enterprise blockchain was a solution in search of a problem.

I did believe Danish shipping giant Maersk Lines and IBM had found a place where it made sense to build something blockchain-based when they announced their TradeLens platform. The idea was that all the many, many people involved in shipping a container of plastic bric-a-brac from Shenzen to Long Beach would all put their information on a blockchain. That would provide an immutable history of everything about that container.

After IBM closed down its entire blockchain business earlier this year, it was a matter of time before Maersk pulled the plug. Today, they admitted that “TradeLens did not reach commercial viability,” and the project is officially dead.

I believe a land register in a corrupt country somewhere was also planning to use blockchain, but it’s been a while since I last heard about it. In all likelihood, the existing corrupt businessmen and politicians have killed it.

If you know of any successful enterprise blockchain project, I would love to hear about it.

You Don’t Have to Move Just Because You’re Ready

I was worried when I saw Denmark ranked no. 4 in “The Global Cloud Ecosystem Index 2022.” I was afraid that we had somehow stumbled into the cloud trap without my noticing. But it turns out the index is not about actual cloud adoption, only cloud readiness.

Being ready for the cloud means having affordable, fast internet connections, digital public services, data protection regulations, and a well-educated workforce. I’m all for that.

But the fact that we can doesn’t mean we should. Just like the fact that you could move some of your services to the cloud is not an argument for doing it. There are some systems where there is a sound business case for moving to the cloud. But for most existing systems, attempting to move to the cloud destroys value.

Good Intentions are not Enough

“We have the ambition to test disaster recovery twice a year.” That’s not something anybody in a professional IT organization would say, is it? Ambition? I have the ambition to create a spam- and hate-speech-free Twitter alternative powered by unicorns and rainbows, but unless I act on my ambition, nothing will happen.

Nevertheless, critical Danish infrastructure was operated on that principle. The common login system that everything from banks to tax authorities to municipalities uses is operated by a company called Nets. They apparently got to write their contract with the state themselves because it contains the ridiculous “ambition” instead of an actual requirement.

They did run a test on May 28, 2020. They did not run a test in November 2020, as was their ambition. Nor in May or November 2021. Not even in May 2022 did they test it. So when they crashed the system in June 2022 due to undocumented changes and other unprofessional shenanigans, the disaster recovery unsurprisingly failed.

Please tell everyone this story. When you are done laughing at the incompetence of central Danish authorities and their vendors, make sure you are testing your own disaster recovery…