The Promise of Machine Learning in Cybersecurity

I don’t normally like to post about news articles that cite me, but I’m particularly proud of two recent appearances.

The first is a defense of machine learning to help assist with solving some very hard but important problems in cybersecurity, on CSO Online:

I was inspired to submit content in response to Simon Crosby’s attack on machine learning on Dark Reading. While I agree with Crosby that there is a lot of snake oil and marketing in this very hot space, I feel strongly that it is dangerous to ignore techniques such as machine learning (and statistics and probabilistic methods and visualization and…), especially since those are exactly the tools that can help build exactly what Crosby is asking for: “tools that enhance their ability to quickly search for and identify components of a new attack”.

The second is an interview with me on CIM Magazine. Christopher Pollon did a great job asking the right questions, and the result was a very approachable description of exactly why machine learning and related methods hold so much promise.

Machine learning and other related mathematical and statistical methods are not magic, nor are they a silver bullet. But that doesn’t mean we should ignore them. They have do so much good and proven so effective in so many other problem domains and industries, from healthcare to power transmission to computer vision. We have only just started applying them to cybersecurity problems, and we need to keep going and learning together.

Interset in the News

We launched a number of press releases at my day job, Interset, yesterday. This was a big deal for me: the most personally rewarding parts of being in a startup are innovating technology, creating value, and generating jobs. We’ve done all three at Interset in a very short period of time, and I could not be more proud of the team.

Running Microsoft Money Perfectly on Mac OS X

I’ve been a user of Microsoft Money since 1995, so I was always a little bit sad when Microsoft sunset support for the application in 2011. I’ve always found Money better than many other alternatives I’ve tried — including the ever-popular Quicken. I just found its workflow works better for me. Of course, having almost two decades worth of data recorded in Money made it very sticky for me, too. 🙂

Fortunately, Microsoft released a free version of Microsoft Money Plus that continues to work in all modern versions of Windows. (There actually has been one patch released, but I encourage you to read Raymond Chen’s version of the patch, because it scores some serious cool geek points.)

Then about three years ago I switched to a Mac, and found myself struggling to keep using Microsoft Money as the only Windows program I couldn’t easily replace with an OS X equivalent. I tried to get it working with Wine and Crossover, but there were too many graphical and stability issues. Finally, I ended up using VMWare and Windows on a Bootcamp partition. Much more heavy weight then I really wanted to, but at least I was able to keep using my favorite financial record keeping program.

Now, fast forward to 2014, and I found myself again trying to improve how I use Microsoft Money within OS X. This time, I’m on OS X Yosemite and wanted to try using Wineskin: a relatively new project that lets you easily package Windows applications with Wine libraries and make it look like any other application on your Mac.

And it is perfect. Stunningly, absolutely perfect. No graphical issues. Reports look great. Printing reports works on my OS X default printer. Even the startup splash screen music and sound effects worked!

Microsoft Money running seamlessly on the Mac. It makes me so happy.

So, for the record, here are the steps and settings I used.

  1. Download Wineskin. Download Microsoft Money Plus Sunset Deluxe.

  2. Run Wineskin Winery. Install a Wine Engine — I used WS9Wine1.7.30 — and click “Create New Blank Wrapper”.

  3. Name the application “Microsoft Money” and click OK.

  4. Now run your “Microsoft Money” application to launch the Wineskin settings dialog.

  5. Click “Install Software”, and point to the Microsoft Money installer. This will install the software into your Wineskin app. When prompted for the Windows executable, point to “/Program Files/Microsoft Money Plus/MNYCoreFiles/msmoney.exe”

  6. Click “Set Screen Options”, and turn OFF “Decorate Windows”.

  7. Click on “Advanced Options”, then Tools > Winetricks. Within Winetricks, you’ll need to install the following two components into your Wineskin: msxml3 (MS XML Core Services 3.0) and ie6 (good old Internet Explorer 6). The UI for this is a bit confusing, so follow along here:

  • Enter “msxml3″ into the “Search for packages” edit box.
  • Expand the “dlls” control, so you see the actual package names.
  • Click on the checkbox labeled “MS XML Core Services 3.0″
  • Click the “Run” button on the right-middle of the dialog.
  • If you are instructed to download the msxml file, then you’ll also be told tomove it to the “/Users/Account/.cache/winetricks/msxml3” folder. To get there, from Finder, select Go > Go to Folder, and enter “~/.cache”. Create a folder called “winetricks” if it does not exist; if it does, enter it. Create a folder called “msxml3” if it does not exist; if it does, enter. Copy what you just downloaded to this folder.

Now follow similar steps with IE6. Note that you may need to download IE6 from http://download.oldapps.com/Internet_Explorer/ie60.exe instead of the specified location, and rename the exe file to msie60.exe before you move to wine tricks\ie6 folder. Thanks to Harry for this workaround!

  1. Click on “Test Run” and watch the magic happen! Verify that Microsoft Money appears in all its glory. If there is something wrong, the log files may help.

  2. For completeness, I like to change the icon from the Wineskin icon to an appropriate Microsoft Money icon. Now it’ll appear in the Dock and other places correctly.

Updates 2015-04-28

Wow, I had no idea how popular this post would be! There are a lot of troubleshooting tips in the Comments, but here are some highlights.

If you need to create a new Money file, then there is a bug in Wine that will force you to sign up for a Passport account, which will then fail. Instead, simply download a blank Money file which I have created here, and then open that in Money. Download this file, rename it whatever you’d like, and open it from Money. Once opened, you should be able to add new accounts, set a password if desired, etc.

Make sure you install IE6 using winetricks, instead of any later version of IE.

If you need to debug startup failures, the following:

  1. Navigate to ~/Applications/Wineskin
  2. Right click on your Microsoft Money application, and select “Show Package Contents”.
  3. Double-click on the Wineskin application icon.
  4. Click on “Advanced”
  5. Click on “Test Run”.

I have not yet been able to get Portfolio Manager to work. As far as I can tell, this is a bug in Wine and the way it interacts with the HTML rendering engine, so we’ll have to keep trying new Engines until this is resolved.

Updates 2015-04-28

Step 7 was tricky for some folks because of how confusing the UI is, so I’ve added some more details here.

Updates 2015-09-04

Added an alternative location for the IE6 download. Thanks to Harry for finding it!

My life as airport codes

So, I’ve been very busy lately!

Back in January (has it really been that long?) I formally accepted a role as the Chief Technology Officer of a really cool startup, FileTrek. I got the opportunity to do real-time, big data analytics, in a very exciting field: behavioral analytics as applied to the enterprise security space. I’m working with some great people, and inventing some great things. Check us out!

As part of getting our story heard, I ended up spending a lot of the past six months travelling. Here is, as best as I can reconstruct from my calendar, my life since January as defined by airport codes:

January: YYZ-YOW-YYZ, YYZ-YOW-YYZ, YYZ-YOW-YYZ
February: YYZ-YOW-YYZ, YYZ-MSP-SAN-JFK-SFO-DTW-YYZ
March: YYZ-BOS-JFK-LGA-YYZ-BOS-YYZ, YYZ-YOW-YYZ, YYZ-CLT-SFO-PHL-YYZ-YOW-YYZ
April: YYZ-YOW-YYZ
May: YYZ-YOW-YYZ, YYZ-LGA-CLT-IAH-ORD-YYZ, YYZ-ORD-SAN-ORD-CVG-IAD-YYZ
June: YYZ-YOW-PHL-DCA-CMH-DCA-YYZ, YYZ-MIA-IAH-MIA-YYZ

To be clear, this sort of travel schedule is nothing compared to my friends in Field and Sales, but for a technology guy like me, this was something else!

Cross-Platform Native Development when Design Matters: Less Expensive than You Think

I have long been fascinated by cross-platform mobile native development. I will not re-hash the argument for and against mobile development using native technologies versus HTML5-centric technologies (including Cordova); these have been well-articulated by many others. I will say that when user experience and design matters, I am firmly a fan of native development.

While developing the IBM Cognos Mobile client, which had to support multiple mobile platforms, one of the things we discovered is that it actually took fewer lines of code to develop native cross-platform applications, compared to using HTML5. We built both a web version of Cognos Mobile that supported multiple mobile devices, as well as multiple native versions of Cognos Mobile, so we were able to directly count lines of code and compare.

Why was this surprising result the case? Because we wanted a native-like experience on each smartphone and tablet, we had to write a lot of device-specific code regardless. It didn’t matter whether it was custom CSS and JS or platform-specific Objective C or C++: it turned out to be just as much work to implement a device-specific design using HTML5.

To be fair, this may not always be in the case. In particular, for Cognos Mobile:

  • Cognos Mobile is a business intelligence application that has a lot of client-side code that was not related to the interface, and
  • We developed in-house technology to translate non-UI code (like business logic) across mobile platforms, so we were able to re-use significant portions of the codebase.

So it matters (of course) on your application. I would imagine the situation is dramatically different for (say) a video game versus a simple forms application. It also matters if you are able to easily reuse native code between platforms. While we developed in-house technology at IBM, for most of us, this means re-using C/C++/Objective C code.

Regardless, what I learned from this experience is that when design matters, it’s probably less expensive than you think to stick with native approaches. And really, how else did you expect to get Super Monkey Ball? 😉

Another Book!

I’m incredibly proud to have contributed to another book! This time it’s a collection of research articles of importance to future directions in Business Intelligence, directly from some amazing university researchers. The book covers a broad range of research topics, from BI modelling, to information extraction, to information visualization.

Perspectives on BI (2013) Cover Small

Perspectives on Business Intelligence. Raymond T. Ng, Patricia C. Arocena, Denilson Barbosa, Giuseppe Carenini, Luiz Gomes Jr., Stephan Jou, Rock Anthony Leung, Evangelos Milios, Renee J. Miller, John Mylopoulos, Rachel A. Pottinger, Frank Tompa and Eric Yu. Morgan and Claypool Publishers, 2013

The book resulted from my amazing five years involved with the NSERC Business Intelligence Network, and I’m humbled to be on the cover and even be mentioned with these outstanding Canadian researchers. They are all world-class folks.

Online lecture series from IBM on analytics

One of the things that kept me very busy while at IBM was education. Everyone knew that analytics was important, but surprisingly few people knew exactly what analytics was. (My boss and CTO of IBM Business Analytics, the wonderful Brenda Dietrich, had a great line: Do you remember when “analytics” was just called “math”?) There was a lack of understanding around the basics and foundation of analytics, and yet that knowledge was critical for (say) development teams to understand what was possible and how to truly incorporate analytics into their software.

As a result, my colleague and friend Jean-Francois Puget and I set out to create a series of recorded lectures on the many areas of analytics, from basic descriptive statistics, to predictive models, to optimization, to machine learning, to parallel computation to image and video analytics. We did not want lectures on products or solutions: we wanted people to learn about the science of analytics. At the same time, we did not want things to get too deeply technical or mathematical: our audience, while technical, were developers who really just needed a high level understanding and could then follow up from there.

Internally, our lecture series broke all kinds of attendance records, becoming one of the most well-attended talks ever within IBM. Clearly there was a need for this information assembled together in one place!

I am thrilled that we are now able to make this video lecture series available, at no charge, to anyone who wants it. I’m biased, of course, but I think the content is awesome.

You can read more about the lecture series on Jean-Francois’s blog and on AnalyticsZone. Kudos to the people back at IBM who are continuing to drive this effort while I am on sabbatical — you know who you are. 🙂

Trello is a Great Tool for Development

One of my goals in taking a sabbatical from developing products at IBM was to learn and discover new ways of doing things, including new tools and services.

Despite being an incredibly large company with more than 400,000 employees, IBM has done a good job keeping up with modern tools. For example, when we were acquired into IBM over five years ago, I was impressed that every employee was assigned not only an email address, but also a mandatory instant messaging account. At the time, this was quite a revelation: I could go into work, see who anyone else in the entire company was online, and have a chat with them. For real-time collaboration, particularly with global teams at IBM, this was amazing.

However, there are some fantastic tools that are being developed outside of IBM as well. For example, I was impressed by the sheer size of the Google Apps Marketplace, and by the thoughtfulness of the extensions I saw there. (I believe that all modern products and applications should be platform-like, and that supporting consumable APIs and extensions is incredibly important. A subject for another day.)

One tool outside of IBM and Google that I ended up falling in love with was Trello. The product of the always-fantastic Joel Spolsky, Trello is a deceptively simple and wonderfully delightful way of organizing thoughts, ideas, tasks and priorities. It has also integrated collaboration in a first class way, and I can see how using Trello would be a great tool during software development project — even the large ones.

I can’t do a better job of describing Trello than Spolsky himself, so I’ll just link to the launch description, here: http://blog.trello.com/launch/. His thoughts on the horizontal nature of Trello, and why that’s important, are also worth reading.

trello_wall

I am somewhat embarrassed that Trello has been around for 1.5 years, and I’m only discovering it now. This may be a good example of why I felt it was important to “step outside” for a bit. If I hadn’t heard of Trello, perhaps you haven’t either. It’s worth a peek.

 

Rediscovering Development

During my break from IBM, one of my goals was to directly re-learn some of the technology shifts over the past recent years. In particular, I have the following two goals:

Explore the areas of mobile, cloud, visualization and analytics through hands-on development. Ironically, I’ve done a lot in all four years here while at IBM, but at high strategic levels and through the leading of development teams, with only minor amounts of coding. I’ve missed the years I used to spend in addictive whole solution development — being truly responsible from everything from concept to design to architecture to implementation. (The first few products I built for Cognos were very much like this: I was essentially a one person design, development and QC team until the concept was matured enough to build a full team around. At IBM, the solutions we built tended to be so large that it was almost impossible to have them be the result of a single person only, even during the initial stages.)

Design and build using the latest techniques, tools, and thinking. During the past six years at Cognos and IBM, we had settled on methodologies, principles and tools that were probably quite leading edge at the time. But recently a lot of new thinking and technologies have emerged. It’s time to step back and re-evaluate the full landscape of what’s available to me.

Over the past couple of weeks, while resting and enjoying the wonders of both my family and Canadian camping, an idea for an interesting mobile experiment has emerged. I’m calling it Phlow, and I’m going to use that as my testbed for my self-education. I have no illusions about making a fortune through application development. This is strictly something for me to do on the side to satisfy my two goals above.

And you know what? That’s more than enough. I can’t believe how excited I am! This is going to be fun.

 

Rebooting

It’s good to reboot every once in a while.

It turns out that’s good advice for humans, too. I’m now on a sabbatical from IBM, taking a much needed break from the exciting but exhausting things I’ve been doing.

Instead, I’m going to spend more time with my family, and in addition, step back and take time to explore and discover the technology that got me started in my career. I’ll try and do a reasonable job of documenting my experiences here in my poor, underused blog. As you can see, I’ve already started doing some changes.

Ready? Here goes.

] PR#6

(Let’s see how many people recognize the reference.)