“There may be nothing I’ve seen wreck the careers of high-performing, hardworking people more commonly than stepping into a manager role the person isn’t ready for,” tweeted Kieran Snyder earlier this month. The CEO of linguistic analysis firm Textio then follows up this with some very cogent remarks about knowing when to take that leap into management that really resonated with me.

This is because I faced a similar circumstance in my own career back in 1990, when I took the job to run Network Computing, a brand new computer publication. I have often mentioned that decision as a pivot point in my professional life in these essays, At that time, I was managing a group of about a dozen editors for PC Week — and this would be a big promotion to running an entire publication, hiring its entire staff, and learning how to get the magazine from words to a coherent whole. It shaped the rest of my career, to be sure.

I also addressed this topic a couple of years ago in this post about whether super coders should take the next step into management. It is worth reviewing that piece and listening to a discussion with Jaya Baloo and Troy Hunt on the subject.

Snyder lays out four important questions you need to ask yourself whether or not you are ready:

1. Can you communicate complex expectations clearly? And behind this question is also holding people accountable — and avoiding eventual disappointments — for these expectations too. Even when you know this, it is still hard to achieve. “This is an issue I have faced, and often management fails to set clear expectations,” said Alan Elmont, who has been a recruiter and staffing professional for decades. “This has been particularly an issue with small companies or mid-sized companies that are growing too quickly.”
2. Can you engage and mange conflicts well? Being fair in these fights is more important that being well-liked.
3. Where do you fit in the scale between being a hero and being predictable? “Managers mostly do hero work to compensate when their team isn’t delivering,” she says. That could be caused by a variety of failures, such as unclear feedback or expectations or poor solutions delivery — or a combination.
4. Finally, do you have the right combination of technical skills and a solid functional foundation to properly lead your team? That is a tough one to dispassionately assess, either by yourself or with your prospective hiring manager.

Now let me take another moment from my career when I got a job to run another publication. It was a major failure, and because I couldn’t do any of the first three things that Snyder mentioned above. I barely lasted a year there before being fired. I should have spent more time understanding the lay of the landscape and the management style of my eventual boss. Now, this happened years after my Network Computing anecdote, so you would think being older and more experienced I would have spotted the danger signs. But no, I was too caught up in the thrill of being chased for a new job. Live and learn.

While on the topic of career development, I had an opportunity to talk to a group of mid-career folks who are considering jobs in cybersecurity this week. You can see my slides below, and some of the issues that we discussed.

If you are incarcerated, either in a local jail or a state or federal prison, chances are you are paying too much for your phone calls, in some cases more than 10x what a landline call from the outside would cost. While these rates are regulated by the FCC, the regulations aren’t comprehensive and the prison and jail providers have come up with various ways to soak inmates, paying high commissions to the local authorities. A recent report by the Prison Policy Initiative goes into details. “At a time when the cost of a typical phone call is approaching zero, a few companies are charging millions of consumers — the families of people in prison — outlandish prices to stay in touch with their incarcerated loved ones.” Although a few jails have reasonable rates such as one or two cents per minute for calls, most charge more, with the average jail charging $3 for a 15-minute call.

These calls are made on pre-paid phone cards, which have largely replaced the collect calls that were once the mainstay of the prison population’s communications. Remember dialing 0 to get the operator? That is no longer an option as of this year for non-landline AT&T customers. Sadly, this means few people will remember Ernestine, that lovable character by Tomlin.

The PPI report shows which states have the most egregious phone plans, how rates have dropped as the FCC widened its enforcement, the differences between local and long-distance rates and how local jails in general charge more than the state and federal prisons. It shows the oligarchy involved: three phone vendors (ViaPath, ICSolutions and Securus account for 88% of the suppliers to prisons and jails). And it offers some solutions and improvements to make these calls more affordable.

But until things change, these prices could be why many people behind bars have obtained contraband cell phones. While there are some jails and prisons that do allow them, for the most part they are banned. There are some good reasons to prohibit them as you might imagine. But there are also some good reasons why people use them.

A story last month by the Marshall Project, a criminal justice advocacy group, describes many situations where inmates have used cell phones for furthering their education, obtaining medical care, and making money from various legit online activities. One prisoner interviewed for the article has a website for selling his artwork, others are day traders in stocks or cryptocurrencies or are freelance writers. Working remotely has been a boon for these sorts of things, which I find interesting.

The best situation was a group of 300 across the country that was learning computer programming using Harvard’s CS50 online classes. They use group messaging to communicate with each other, just like any other online class. We have several groups doing this here in St. Louis as part of our coding academies.

As I said, these stories are nice but still inmates run the risk of having extended sentences or other punishments. Years ago I gave a speech in Singapore. I recall a news story while I was there where an inmate was caught with a cellphone, he was there because of what we would consider a minor offense. His sentence was changed to life in prison as a result.

I asked last November if we were witnessing the end of Twitter, and point out that the company has become more town dump than town square. Let’s review what has happened at Twitter and what we have learned about its internal operations since then. The short answer: things are worse, but not necessarily in ways that were anticipated when Elon took the company private.

Yes, there have been some notable service outages, which is to be expected given how most of its engineering staff has quit or been fired over the past several months and because one of its major data centers was shuttered. But for the most part, the service is still running. That’s great, and we could credit Elon for perhaps picking the right people to keep the lights on. (This is why I use the “supposed” adjective in the title of this piece.)

There is this behind-the-scene story about what has happened post-Elon at Twitter in New York Magazine, taken from reporting from former employees’ interviews, and well worth reading. In summary, it was complete chaos. There is also another Washington Post piece that summarizes three primary source documents: First is the Jan.6th committee’s “Purple team report” draft that was never adopted by the full committee (and that the Post has published here.) The other two documents are transcripts of testimony of two former Twitter staffers taken by the committee last fall: one by “J Johnson” (a pseudonym) who was an engineer and part of a safety policy review team and one by Anika Navaroli who was a senior safety policy domain specialist with a legal and free speech background. I will return to these documents in a moment.

One of Elon’s major rallying cries has been to attempt to neutralize the bots. This isn’t a new problem: I first wrote about the problem with bots and their abuses of Twitter more than 10 years ago. I saw my own follower count plummet right after his takeover – whether that was people terminating their own accounts or through any bot cleansing I can’t really say. Clearly, this was never much of a priority at Twitter beforehand.

Another Elon focus was to reinstate previously banned users, most notably our former president who had nearly 88M followers when he was kicked off on January 8, 2021. Part of the reinstatement is that you can now review all his tweets — he has not posted anything since his reinstatement. (There is also this archive of his entire tweet corpus, including deleted tweets for your own reference.)

Before I dive into the Jan. 6 documents, I should mention one other historical note. Last summer, after the revelations of Mudge’s tenure at the company, I wrote about some of its major infosec operational failures. Ironically, Mudge was fired in January 2022 for poor performance and ineffective leadership, something which seems to be the new normal for post-Elon Twitter.

The Mudge report provides context for the great failures of social media to moderate their most dangerous and hateful content, which is documented in the Jan. 6 committee’s Purple team report which outlines these failures as it relates to that fateful date at the Capitol. The draft document was supposed to be included as an appendix to the full committee report but only made it as far as a draft. It covers more than a dozen different social media properties and how they wrestled with their content moderation policies, “terrified of the backlash they would get if they followed their own rules and applied them to Trump,” as Johnson testified. “My safety policy team colleagues were still very unclear about what we should be doing. Twitter leadership were aware of the risks we raised, but they didn’t do anything to help address those risks and concerns. They were reluctant to intervene and block these tweets.” Instead, the social networks helped amplify these messages. The Purple draft report shows just how hard it is to turn this around: the tools are blunt-force instruments at best.

Using language such as “locked and loaded” or “Be there, it will be wild” or the debate comment “stand back and stand by” concerned the moderation teams, who consistently raised alarms at how these words were being amplified across their network. Johnson testified: “There was never, to my knowledge, leadership convening a meeting and saying, Violence has broken out. You have the green light to take it all down. That never happened.”

Navaroli testified: “I do not remember ever seeing any threat model or threat analysis leading up to the election. Del Harvey was the executive in charge of Twitter’s content moderation and security teams. Navaroli said Harvey didn’t understand the need for policies to limit Trump’s speech, or the urgency to put them in place prior to the election of Nov. 2020, or that there was a gap in coverage of existing Twitter policies. Navaroli called it magical thinking, and that Harvey refused to take any potential threats seriously. This continued into 2021, when she eventually left the company.

Her testimony highlights the lack of any content analysis tools at Twitter: she used the same public search function on Twitter’s website like any of us. “All we had were hammers, and we needed scalpels, something more nuanced.” She also mentions that “Trump was a unique user who sat above and beyond the rules of Twitter. His tweets weren’t deleted, which is what happened with other world leaders,” (think Maduro of Venezuela or Bolsonaro of Brazil). She concludes that Trump and Twitter had a symbiotic if not parasitic relationship, and that Twitter bears the responsibility for Trump’s incitement to violence was posted and amplified. “I believe that January 6th was planned, orchestrated, and carried out on the Twitter platform within and right in front of our eyes using plain language and hashtags. And Twitter, in my eyes, bears the responsibility for hosting and promoting incitement to violence that led to the loss of life on January 6th.”

What does this mean for the future of Twitter? Here are a few of my thoughts:

• Content moderation will continue to be hard, especially at the intersection of on and offline activities.
• The legal environment is in a state of flux, with new cases before the Supreme Court as I wrote about last fall on Avast’s blog.
• The social media landscape is complex and the interactions among the players are not well documented. Users of one network who are banned move quickly to others where they can ply their hate and incite violence. Coordination across platforms doesn’t exist.
• There is little operational transparency of the social network operators. The Jan. 6 committee staffers got a lot of information as part of their work, some of which can be seen by the public, but most of it hasn’t yet been published. The Purple team draft raises lots of issues, and has numerous recommendations. Whether any will ever be implemented is anyone’s guess, but chances are slim that most won’t.

CBD is not what you think it is. I know many of us think that CBD has something to do with drugs, but another version of the abbreviation has to do with central bank digital currencies or CBDC to be more accurate. As the legal spectacle of  Sam Bankman-Fried of FTX unwinds in various courts, it might be time to focus our attention on CBDC and how the world’s banks are moving quickly into this legal type of cryptocurrency — call it bitcoin for banks if I want to be cute about it.

The idea is taking hold around the world. The Atlantic Council keeps track of these projects and to date 11 countries have active CBDC programs, mostly in the Caribbean plus Jamaica, Bahamas, and Nigeria. Yes, that Nigerian prince wants your bitcoins! How ironic can that be? Another 17 countries are engaged in pilot projects, most notably in China (which intends to expand its pilot from 230M people to cover the remainder of its population in 2023) and other parts of Asia along with several in the Middle East, including Saudi Arabia, UAE and Iran. And Australia, Thailand, Brazil, India, South Korea and Russia intend to continue or begin pilot CBDC testing in 2023.

CDBC has a lot of different reasons for this growth spurt.

• First off, banks want to be a safer source of crypto. Certainly, a central bank moves slowly because they have to. But there is a lot of appeal and they want to be involved.
• They also want to promote financial inclusion by providing easy and safer access to money for their unbanked and underbanked populations. Governments and central banks realized they needed a faster way to get money in people’s hands.
• They can introduce competition and resilience in the domestic payments market, which might need incentives to provide cheaper and better access to money. This is not a new idea: net-based payments have been around since the 1990s. But the central banks could help make payments more efficient and also lower transaction costs.
• CBDC also can help create a new category of programmable money, through smart contracts and other new payment automation methods.
• The banks see an opportunity to improve transparency in money flows and make these flows more seamless.
• The open source community has responded. MIT is spearheading an “Open CBDC” effort that has the US Fed’s interest.
• Finally, the banks need to have better ways to transfer funds internationally. A cross-country CBDC system could be the solution, avoiding any need for the SWIFT system. The Ukraine war has also motivated banks to get on board with better international tracking methods that a cryptocurrency could provide.

CBDC isn’t for every country: there have been two cancelled projects so far — in Senegal and Ecuador — but that is to be expected.

“A CBDC could be an opportunity for a ground-up redesign of our legacy payment systems, offering a chance to reimagine market roles and incentives and to solve foundational problems in our financial system,” as the OpenCDBC project writes in their FAQ. The trick is navigating the numerous challenges around protecting user and payment data, understanding the resulting impacts to financial stability, and to properly leverage the current innovation in the private crypto sector. Certainly, that is a lot to consider.

It isn’t a rhetorical question. We are certainly witnessing a unique moment in social media history and in the evolution or devolution of Twitter. I am gathering my thoughts for an interesting presentation that I have at the end of the week at a local high school entrepreneurship class.

For more than six years, I have been a guest lecturer at a class called Spark that meets at a local disused shopping mall. The topic of these lectures is how to use social media, and in particular Twitter, to promote your new business. I offer some of the spectacular Twit fails (remember Jonathan Schwartz’s resignation from being the CEO of Sun? Remember Sun?) and lessons learned by adults that can apply to the young business-owners-to-be  The students are fascinating as they try to imitate the now iconic Shark Tank pitches. They are largely self-funded, low budget operations, but what they lack in venture funding they more than make up for tremendous passion and insight into their nascent businesses.

This year there were two different sections of students, a nod towards the growing popularity of student business owners. My first lecture was about a month ago, and I basically used the same set of slides that I have had, updated through the years as we made the transition from presidents using Blackberries to presidents using their own social media networks. That was the before times. We knew Elon was up to something, we just didn’t know the deets.

Now we do. And so far the Bird is not faring well. Thousands of layoffs. Whipsawing technical requirements that literally change by the hour. Troll Tweeting by your CEO is not a way to set corporate (or national) policy. In my Spark classes over the years I have been consistent that the students should avoid any mention of sex, politics and religion. The new Twitter CEO has adopted the opposite stand. I don’t think things are going to end well.

Remember Orkut, Friendster, SixDegrees or Myspace? They have all come and gone over the past 25 years. Twitter may soon enter that realm. I feel as though I am witnessing the breakup of my first marriage, or the collapse of the British Monarchy and the less that I say about either of them the better.

Twitter has evolved from being the world’s town square and the global media assignment story editor to the place for shaming. Those blue checkmarks that seemed so valuable back in 2012 or so have turned into Troll-a-rama. Someone impersonating Eli Lilly’s account brought the stock price down the next day. And as if that wasn’t enough, a reporter for the Washington Post was able to obtain two fake accounts within minutes, impersonating a comedian and a US Senator (with prior permissions from both).

Many of my tech journo colleagues have begun the migration to Mastodon. You can find me here. I am still Tweeting too, but leery of what will happen. It is interesting to set out to learn another social media network. Hindsight is great: I am glad that I didn’t invest much time in Google+.

While I was preparing the new presentation for my Spark class, I also watched the 2021 documentary 15 Minutes of Shame, which was co-produced by Monika Lewinsky. It was well done, and shows us how public shaming has evolved since her Clinton intern days. I think Twitter’s new model is more the town dump than the town square.

My session should be interesting.  You can view my new slides here on Slideshare.

My blog went down this weekend for a couple of hours. What I want to tell you is how I learned that after all these decades working and writing about IT, I still could have lost some data, despite having what I thought were well-thought out backup procedures. Turns out I was still exposed.

Back about 20 years ago, I had my office in a small commercial building that had a music shop and a Subway on the first floor: my office was directly over both establishments. One day there was an electrical fire in the music shop, which happened when I was out taking a walk. When I returned I saw smoke rising off in the distance, and as I got closer I realized that was my building that had the fire.

That was the day that I learned about offsite backups. Back then, I had made copies of my data on tapes — tapes that were neatly stacked at the end of my desk. Had the fire damaged my building (fortunately for all of us, it didn’t), I would have been in big trouble.

Another time I was hosting my email server at a friend’s server. The friend’s basement got flooded, and my server was ruined. Thankfully he had backups and eventually I was back in business. I learned another lesson that day: make copies of everything (including the actual emails of you, my loyal subscribers) offsite.

Anyway, back to the present day. For many years I have had a WordPress blog that was hosted at various internet providers. It currently lives at Pair.com, which is a solid provider that has exemplary customer support. I use the free tier of Uptrends.com to notify me whenever the blog or my main website goes down. I got the first email after I quit work on Friday about an hour into the outage, and promptly sent off a support email asking what was going on. Within minutes — it might have been seconds — I got a reply saying they were aware of it (good) and working on the fix (even better). Service was restored (a database corruption issue) later.

Now for years I have also maintained a shadow copy of my blog that is hosted on WordPress.com. Back when I did this, you could host a site with limited features for free. (Alas, now you have to pay a fee.) To do this, I first have to export my blog content from my Pair-based server to an XML file, and then import it to the WordPress.com server. That doesn’t take long, but I hadn’t done it in a few weeks.

Now what could I have done differently? For one thing, I could use a different hosting plan on Pair that is designed for managed WordPress deployments, and includes automatic backups. That plan costs more than my plain-Jane hosting account. Another way to approach this is to do more frequent manual backups. As you can see from a screencap of my files, in the past I was sort of cavalier about doing them, now I won’t be. I would have lost about three weeks’ worth of content had Pair not been able to restore my database.

So as you can see, I am a slow learner when it comes to backups. Many businesses are in the same boat: this is why ransom attacks are so successful, because they don’t backup everything, or as Joni sings, you don’t know what you’ve got until it is gone (I think she was talking about something other than digital data).

So the moral of my story: take the time to make the backups about the data that you care about and then think about what your life will be if something happens to the data that might not be mission critical, but is still important.

I live a block away from the chess complex that was the scene of a major incident last month. This is when world chess champion Magnus Carlsen (at left) literally walked off a match that he was losing to Hans Neimann, claiming Neimann was cheating with a remote computer. This week, Neimann is back in town for another chess match. This analysis by chess.com  is interesting, and while you can’t prove anything conclusively, the report says they don’t think he cheated in the game last month. He did admit to cheating at a few online games previously, however the pattern of his wins is suspicious, and the report says he probably cheated in more than a few games.

One of the things I have seen with cheaters is that they can’t just cheat a little, so this makes sense to me. If you have seen any of the various documentary films or read any of the books about Lance Armstrong’s cycling career (one of them is available here), you will likely have picked this up. Armstrong still maintains the “everyone is doing it” strategy,

Reading the chess.com report though is interesting, because I learned a couple of things. First, the latest generation of chess computers can easily beat the best grandmasters, and this is the case for mobile-based chess software over the past few years. This means that a cheater doesn’t need access to a roomful of gear, just a remote connection to someone offsite who can track the game’s play online. Remember when Garry Kasparov lost to IBM’s Deep Blue back in 1997? Garry is a fellow blogger at Avast, and you might be interested in his latest post where he analyzes the Ukraine war. Another tidbit: cheaters just need a few moves in a game to win. And most chess grandmasters have already risen to that level in their mid-teens.

The chess matches happening this week down the street here in St. Louis have taken steps to make it more difficult for the cheaters — they put in a 30-minute delay in the online matches, and only allow spectators for the beginning of each game. But as I said, cheaters will find a way around these strictures eventually. It is the same cat-and-mouse game that cyber attackers play.

If you want an even better illustration of how the cheating game is played, I would recommend watching Icarus, an amazing documentary about the Olympics-based doping efforts, from the point of view of someone who actually managed the Russian’s team cheating.  The Russians constructed a blood testing lab that had cutout befitting the KGB, so that someone’s sample was surreptitiously switched with a clean one to pass the tests. Like I said, cheaters gonna cheat. What was sad was how the consequences for these team-wide cheating were minimal.

It is sad that so much effort has gone into cheating. It really diminished my interest in professional cycling (back several years ago when this all came out) and it now diminishes my interest in chess, despite having a near-front-row seat in the neighborhood. BTW, if you do come and visit me, one incentive would be this fascinating exhibit at the World Chess Hall of Fame Museum on the historic 1972 match between Fischer and Spassky. You’ve got until next April to see it.