hngopher.com

       [HN Gopher] Microsoft security tools questioned for treating emp...
       ___________________________________________________________________
        
       Microsoft security tools questioned for treating employees as
       threats
        
       Author : Dotnaught
       Score  : 32 points
       Date   : 2024-08-27 19:43 UTC (3 hours ago)
        
 (HTM) web link (www.theregister.com)
 (TXT) w3m dump (www.theregister.com)
        
       | michaelmrose wrote:
       | Any test with a very small true positive and even negligible
       | false positive rate risks an unreasonably high number of false
       | positives when applied to a large population. This is especially
       | bad with a squishy non-scientific topic.
       | 
       | If you have 50,000 employees and are screening for a risk that is
       | 1 in 1M with a 5% false positive rate you are going to be very
       | disappointed when over the next decade it identifies 25,000 would
       | be shooters when you have zero actual active shooters. Even
       | better you will probably stop disregarding such a test and miss
       | if if it actually happens.
       | 
       | As awesome the fact that skynet is always watching will probably
       | cause people to manage their workspace personas to a psychotic
       | degree that will surely ratchet up workspace stress to new highs.
       | Deprived of actual data on what triggers the eye of sauron 100
       | wrong theories about how to avoid doing so will proliferate and
       | your studied population will both diverge from the norm the
       | system was designed to operate on and become progressively worse.
       | 
       | A few years later a study will prove that the AI inadvertently
       | learned to discriminate against minorities, women, or people in
       | other time zones through things the training population did
       | without thinking and the people pushing it will look like bigots.
       | Instead of ejecting we will try to fix it. Either this doesn't
       | work or if it does people accuse skynet of being woke.
        
       | dugite-code wrote:
       | If you have paid any attention to cyber security... well anything
       | in the last 5-10 years this should be expected?
       | 
       | "Insider threats" are typically the one group that any security
       | firm can actually do anything about in an _active_ manner. Every
       | other threat group comes at you, not the other way around.
        
       ___________________________________________________________________
       (page generated 2024-08-27 23:01 UTC)