Blog‎ > ‎

Security, 2FA, Stock Market Prediction Game, SOC, SecOps, GNSS, My Data, E-receipt

posted May 6, 2016, 10:57 PM by Sami Lehtinen   [ updated May 6, 2016, 11:24 PM ]
  • Very nice generic post about security and how easy it's to fail or think things in inefficient way.
  • Got annoyed with several sites which use for 2FA their own App. I wonder how incompetent engineers they got if they think that implementing 'standard' TOTP 2FA is way too hard. There's no way I'm going to install yet another crap spy app just to login to their crappy site. I think it's better just to completely opt out for such services. As example Microsoft.
  • Someone made a stock market prediction game, based on real data. Actually this is something I've been thinking about years. It's going to be interesting to see if it's economically viable, and if the data is actually valuable. Technically implementing such game isn't anything especially complex. One of the hard questions I were thinking for such game is how to make scoring interesting so that new and old players get good change to compete against each other. Of course something trivial like weekly change charts in percentages or something. Even more interesting than just getting sentiment was the thought that the players would actually trade against each other. This would also bring managing over all money supply of the in game economics into play, which is as we all know, quite complex issue. Clear change percentage comparison would make me just win by creating new accounts and betting everything on single stock, if it does well, great, if it doesn't so that's life. Of course it wouldn't earn me high relevancy on single account for long, but it would allow me as a person and holder of multiple virtual portfolios to win weekly (yet using different account). If the amount of money is meaning full, then it probably gives unfair advantage for players which have been playing the game for long. So that brings in the problem of scoring players 'fairly' so the new players won't find them immediately in situation where they've feel like they've lost. One way to run the game would be running it as limited time intervals and resets. Like 3 month cycles or something. But that would also have it's own drawbacks. If players trade against each other, and game doesn't use real world markets as data source, could allow watching more interesting market phenomenons. Like players trying to manipulate the market and be successful on it. That's where the game discussion forum / real time chat would play very important role. If there's a well known player, playing 'penny stock game', it would be interesting what happens when he announces that stock X is going to rocket. If many enough players know the player, they might try to pick up on that short term pump & dump scheme, of course thinking that they can exit in time. So that would basically make that classic pyramid scheme in a way. Except at least the more experienced players would exactly know how it's going to play out, but still be in the game, making the less experienced players to pay the bill. Afaik, this would provide more interesting game play than trying just to predict the real world market, which you've got very limited manipulation possibilities as individual investor.
  • Prepared action plans with Security Operations Center (SOC) Security Operations team (SecOps). Unfortunately no further details will be available about this.
  • Checked out GNSS Augmentation and Quasi-Zentih Satellite System and European Geostationary Navigation Overlay Service (EGNOS)
  • Read guides by The University of Texas at Austin - Information Security Office - Good basic instructions as there are on so many other sites. I just which more people would read and follow these rules.
  • Lot of discussion about My Data and why there's information being collected about me, which I can't access because it's someone else's "proprietary" information.
  • Finnish e-receipt standard is finally 'out'. And now is the the Request For Comments time is going. I studied the latest version and it looked pretty good. I'm looking forward into seeing what kind of benefits this will provide in real world and how quick or slow the actual adoption will be. This also means that I'll terminate my e-receipt project pages and dump some parts of the project to my blog. I'm way too busy with other stuff anyway, so I didn't have time to continue it earlier. National standard is anyway a great leap in forward, and there's no point of making any competing and non-compatible suggestions, which anyway would be worse that the standard created with large board or highly competent people.
  • Microsoft SQL Server on Linux - We're living interesting times for sure.