Sunday, January 15, 2017

 

Phishing for Friends


This is about how impersonators may try to pass for some of the people you consider friends and acquaintances, and what I suggest one do about it, with little explanation of why they do so. Impersonation on Facebook does not imply "I was hacked" or that it is imperative to change password. It might just mean one or more of your friends is too friendly (and not wary enough) with strangers, that you are too free with information about who your friends are, or both.

I received an invitation to become "Friends" on a popular social network today, once again. I recognized the name, it was that of someone who might conceivably want to become more intimate, since we had friends and experiences in common, but why now? And I have seen enough impersonators of other friends by now to be wary: I always check out the available information on the source of the invitation before replying, now, but have not always done so. It was clearly a new account, with only two friends as yet.

It wasn't long ago that I received a similar invitation, but from someone with whom I was already connected (if one believes the name given). It was easier to check that said person was already in my contacts list, refuse the invitation, report the invitation to "the powers that be," and post a message on the original's stream to warn any other friends; the warning may not be very helpful, who knows who will see it in time (before accepting the impersonator' invitation) but one hopes. And I hope he was not actually the original trying to replace his account (he hasn't responded one way or the other, so I have a slight lingering doubt).

How does this happen? Common reaction is "I've been hacked! Must change password!!" Let's think about it. The new profile, that of the imitator, typically shows cover page and profile portrait pictures, and may not show much else, as if it is the account of someone starting over because they got locked out somehow. The imitator also has a list of people to invite to connect. The pictures are easy, on a network like Facebook they are necessarily public--anybody can see and copy them, knowing whose they are. I presume that the imitator/impersonator gets access to the list of friends of the impersonated, then sends invitations. Many of us leave our friends lists visible to at least some others, for various reasons. The friends list may not be public, that is one of the privacy settings one may tighten; one may even make it completely only-me private. Important (as stated in the sequence of texts on the page cited above)
If you’re friends with someone, you’ll be on their friend list and it’s up to that friend who sees their list.

The impersonation does not require "being hacked" or having an impersonator acquire access to one's account. It only requires an impersonator having access to a list of people to "invite" to connect.
The impersonator might, if the impersonated person keeps the list my-eyes-only or friends-only, use the friends lists of one of the friends of the impersonated (or more friends' lists, particularly if they overlap). So one is a candidate for impersonation if any or several of one's friends share their lists of friends, even if one does not, oneself. And the impersonator is probably, depending on sharing policies, a friend or a friend of a friend, and I am tempted to add "new" to friend unless there is some reason to imagine that they have been dormant and suddenly decided to start impersonating.

Why do they bother? That I find harder to say. What is clear is that with their impersonation account, they will have a view of all information their new "friends" share only with friends, be that photos, timeline posts, contact information, friends list. They will also enter the category of "friends of friends" of all those new friends, and gain access to everything other friends of those new friends share with that category. There is thus a wide range of information they might be seeking, and they might just be trawling to see what they can happen upon, and where they can extend their imposture-based web.

What to do about it as individual users is not a simple question to answer. I suggest three axes: what one shares even only with friends, one's privacy settings for information imposters might exploit, and one's vigilance when one receives invitations.

First, one should recognize the risk of making a mistake and connecting with an imposter.  What they see you cannot make them un-see.  Same as for friends with whom you later have a quarrel and end your connection.  As my grandmother used to say, twirl your tongue in your mouth some number of times before speaking (to give yourself time to recognize something better not said); same goes for sharing, especially since everything you share in digital media is recorded and impossible to deny.

Second, privacy settings for friends list, especially. One can make one's friends list private, and check that all one's friends do, too, and estrange any friends that don't: that will make it much harder for the potential imposter to know who to invite. It may be dissuasive. But one might lose a lot of friends that way, and one might--as one's friends might--have good reason to display one's friends list: to help disambiguate for people who are looking for you (my room-mate from 1975-6 I still haven't found, and his name is much more common than mine so I'm counting on him to find me) and want to be sure they have the right one. One of the things that soured the invitation today was the lack of friends; if the phisher is lucky, that may change, and snowball as people recognize the others who have already "arrived."But had the friends not been visible to me at all, I would have considered that suspicious and would have been at least as wary of the invitation.

What one can and should do is not click on "accept invitation" until one has vetted the source of the invitation. In some cases it is easy because one has communication through other channels (real life, telephone, etc.) or the invitation is apparently redundant (connection already existed). In others it may be harder, and I have failed in at least one instance when I recognized a dozen friends in the new account's list and assumed it was a replacement account (someone was hacked or locked out and began anew) rather than an imposter; I realized too late, and someone may have learned whatever I share with friends and nobody else. When in doubt, hesitate, wonder what you'll lose by waiting, think about who to ask, and then do ask.

Addendum

On Facebook, one can use the "Report" procedure, initiating it on the suspect profile page. It is accessed by clicking on the little "..." button next to"Following", "Message" in the lower right corner of the cover photo area.  For yesterday's invitation, I did so, choosing "fake" as my objection.  Facebook replied just a few hours later,
Thanks for your report - you did the right thing by letting us know about this. After reviewing the profile you reported, we've decided to follow up with the account owner directly. When we think a profile may be fake or pretending to be someone else, we ask them to confirm their identity. If we see something on a profile that goes against the Facebook Community Standards, we remove it.

Tags: :

StumbleUpon Toolbar Stumble It!

Sunday, January 08, 2017

 

Waze and Means


I have used the Waze application (for mobile phones with the Android OS) for a few road trips.  I like its "updatedness"--timeliness, its provision of information on incidents and solicitation of revisions from later drivers. I dislike the inefficiency caused by poor mobile phone coverage, and suspect that Waze avoids routing through such areas even if they might provide advantageous itineraries.

I have been using ViaMichelin to prepare driving plans for many years; sometimes I would print out the whole long itinerary, sometimes I would prepare (and print or hand copy) my own distilled version of the key turns and changes of direction. That mostly worked well. However, there were a couple of times their route instructions referred to signs which did not match those we saw (I had trouble navigating one junction with a competent navigator reading the instructions to me), and they tend to use street names for which one has difficulty finding signs, if there are any. Their instructions through Besançon pretty much always leave me lost in the middle of town wondering which way to head out. Once I pulled in to a bakery's parking lot and asked the first person who came by for directions; her first response was "show me your itinerary," presuming I had one (ViaMichelin or Mappy or something else) because, well, one should have a computer-issued itinerary, at that time in the progress of technology. Then one of the last times I tried to get through Besançon with a pre-calculated itinerary, I hailed a couple of young men I supposed competent to answer my question about where next to turn while we were waiting at a traffic light; they suggested we pull over to discuss it, and I accepted. They did not rob me, at knife point or otherwise, they indicated a right way to go, and suggested I buy I GPS navigation aide.

I don't consider a GPS navigation aide worthwhile for the little I travel. But when I was buying a next car, I did not reject one just because it had been equiped with a Garmin GPS navigation aide; nor did I commit to buying the Garmin map updates. For the few automobile trips I make to places I haven't been I can buy paper maps from IGN and others.

I used the Garmin GPS navigator on a trip a few months ago. I was annoyed by its insistance on using theoretically faster roads even if that meant a detour and a toll to pay. I later learned how to set it to avoid toll roads, but not how to accept them for a worthwhile time savings. It did not have real-time traffic information. It was no better than ViaMichelin for traversing a town center like that of Carpentras, which I think took me three loops (twenty minutes or more) to succeed. And then it took me up a mountain to a closed road, then around and down through a tourist-crowded village. I'm inclined to use it for details when close, not for choice of longer distance roads and routes.


The application Waze for "smartphones" equipped with GPS offers an alternative to devices like the Garmin navigator/navigon. It has the advantage of enabling users to annotate current conditions, providing reports of vehicles on the shoulder, dead animals on the road, mobile radar monitors, congestion, and so on. Or, for those who pass later, indicating whether or not the condition is still the case. And not asking for money.
Waze benefits from the interaction with its users, whether that be to monitor their progress and deduce driving conditions, or to provide a set of notifications of distractions and dangers.
Waze has a problem with areas having poor or no mobile phone coverage. It cannot provide information about current conditions if it cannot receive bulletins, which is understandable, but worse, it seemingly cannot track one's progress with GPS-only data, it needs to check back via a phone/data link to get server-side comments and recommendations. When coverage comes and goes, it may not "know" whether one is on the right road, may beep frequently while recommending to get on some road or other--which may be the one one is currently on. {comment from 2015)
To avoid this inconvenience, Waze may well--I would--avoid recommending routes through areas with poor mobile phone coverage, so as to prevent disappointment and frustration of users who expect constant tracking of their progress and next instructions. But then how does one navigate from Pirmasens to Niederbronn or Bitche?
Probably, Waze will transfer more data and software to the phone to navigate seat-of-the-pants and log and take notes and feed back recommendations, decisions, and outcomes later. But that is just a guess. Tags: :

StumbleUpon Toolbar Stumble It!
 

[Draft] Download to Ciphered File -- Tool Not Found

"Cloud storage" --redundant (or not) -- has become popular over the past five or more years. This provides a certain workstation independence, access to one's data from any connected device (phone, PC, television set), continuity if one loses one's phone, tablet, computer. But it also provides vast collections of information one would like to keep private, and others might like to copy or take hostage, stored "somewhere" one has never been. Let's neglect, for now, the "take hostage" aspect, assuming Google, Microsoft, Box, Dropbox, hubIC, iCloud and others take sufficient precautions to ensure that user data is backed up and can be restored after any event of malicious "ransomware" ciphering or similar attack.  How does one make sure (as sure as possible) that what one stores in "the cloud" remains confidential?

Let us acknowledge  that breaches of cloud storage providers have also occurred, as these stores have become more attractive to cyber-burglars. For the most part, these breaches have acquired passwords and useful login information; sometimes more, like payment card information and electronic correspondence; sometimes much more (like the OPM breach[FIXME]). Storage in "the cloud" (i.e. someone's Internet-connected computer) is safer if what one stores is ciphered and very hard for others to read; ciphering does not prevent piracy and a degree of theft, but it does improve privacy. So how does one cipher one's files before storing them in "the cloud"?

Some storage providers, such as rsync, encourage and claim to expect clients to cipher their content before sending back-up copies to remote storage; enveloc, I believe, provides the ciphering (AES256?) as part of the transfer-to-storage mechanism for their commercial clients. One can use BitLocker or alternative (non-Windows) systems to have ciphered disks or partitions, but aren't files stored in this way automatically deciphered before transfer to cloud storage? How should one store ciphered files one want to keep ciphered, even during replication, until use?

 One's bank statements, for instance: how might one automatically save one's downloaded bank statements (or sextapes, heh heh) to a ciphered, less-vulnerable file?  Available locally (to decipher when wanted), to move or replicate to the cloud for safekeeping.  The browser typically uses https for the transfer from the bank to one's terminal, which is pretty fine, but then deciphers and saves an ordinary file. One should cipher (encrypt) such files (then remove traces of what was first saved --how?), particularly if one is going to keep back-up replicates of the file in the "cloud". Wouldn't it be nice if the browser fed the downloaded file into a ciphering engine (such as gnupg) or itself re-ciphered with AES or another symmetric key cipher on the way to saving locally? That would be safer, and more convenient for automatic copies to redundant storage.


I have used emacs with GnuPG to edit and to store ciphered files, which works fine for locally-created files almost all of the time--it did hang once during a save of changes I did not want to lose. But this incident notwithstanding, it is the reference for me of pipelining ciphering. I ask emacs to open a .gpg file, it calls GnuPG to prompt me for the pass phrase, it then receives the deciphered file from GnuPG (I suppose) after I enter the pass phrase correctly. And then when I save (changes) it hands the stream off to GnuPG to cipher and record.

What I would like is simply a browser extension to which I could pipeline a downloaded file to cipher with a key I would provide and method I would choose, prior to writing to storage. Like the way emacs will write a gpg file using gnupg when called to save a file. Then I would have files I could easily and confidently back up off-site, and confidently leave on my computer.



Tags: :


StumbleUpon Toolbar Stumble It!

Thursday, February 26, 2015

 

Power to the Bases


Often without being aware of it, we express quantities using polynomials. I vaguely remember learning about a variety of other ways of representing numbers in writing, several decades ago in a history of mathematics course. My notes are not at hand, though, so take for example the Roman numerals as an example of non-polynomial representation.

The symbols used in Roman numerals are I, V, X, L, C, D, and M. Let us recall that these correspond, in our decimal (powers of ten) representation, to 1 (=I), 5 (=V), 10 (=X), 50 (=L), 100 (=C), 500 (=D), and 1000 (=M). Our 4 is written "IV", one before five; and 6 is written "VI", one after five. Similarly, 40 is written "XL", ten before (or less than) fifty; however, 49 is not written "IL" but "XLIX", nor is 45 written "VL" but "XLV": the decrementing prefix is only the allowed to be the next smaller symbol. Or is it? "LC" makes no sense (it equals "L") nor does "DM" (equal to "D"), but I believe "CM" is permitted, as is "IX". The rule might be "the next smaller symbol unless that is half the decremented symbol, in which case it is the next smaller than the half." Then "M" could be decremented by "C" but not by "X", "V" or "I". In any case, numbers are sums of symbolised quantities, with a little subtraction thrown in to shorten the symbol string, analogous to measuring with weights on a balance.

In a polynomial (or whole powers of the base) representation, the number of symbols used is the same as the base, and there is one for each unit increment. In other words, they use counting symbols: 1, 2, 3, … and a "0". The symbols are used to express numbers as sums of whole multiples of the base, and the base is generally understood and not explicitly written. There is no subtraction involved.  A small example may help clarify how this works.

Let's take base 3: its symbols may be 0, 1, 2 (for their familiarity to us). The following table shows the way some numbers in our familiar base-10 (decimal) system are represented in that base. Numbers less than the base are written with their symbol; a number as big as the base is written "10" meaning "1 time the base and no more", followed by "11". "20" means "two times base + 0" and "21" means "two times base plus one". Then "100" means "one time base times base + 0 time base + 0". "1000" means "base times base times base + 0 times base times base + 0 times base + 0". In the last column, 42 is 27+9+(2x3)+0, since 3x3x3=27 and 3x3=9.

Decimal01234567891042
Base-30121011122021221001011120

Since there is a symbol for each whole number less than the base, the position of the symbol can be understood to correspond to the multiple of the base it is counting, with a "0" used to fill a position not needed for the sum. Consequently, if the base is known it does not have to be written with each term. We can write "11203" instead of "(1x3x3x3)+(1x3x3)+(2x3)+0" (here the subscript 3 indicates the base in use since it might not otherwise be known).

Is the nature of the following sequence now apparent?

101010, 1120, 1012, 132, 110, 60, 52, 46, 42, 39, 36, 33, 30




And now?


1010102, 11203, 10124, 1325, 1106, 607, 528, 469, 4210, 3911, 3612, 3313, 3014


Tags: :

StumbleUpon Toolbar Stumble It!

Thursday, October 09, 2014

 

On Buying Postage by Correspondence


The Objective

A postal service ought to be able to leave a sheet or two of stamps in a mailbox, oughtn't it? Assuming the stamps are bought and paid for, of course. It turns out the United States Postal Service cannot, or will not, if the buyer is overseas, even if the delivery address is in the United States.

Consider the scenario of someone in another country who needs--or just wishes--to send a self-addressed stamped envelope to someone in the United States. How can they do this? They might be able to place an order, send payment to the U.S.P.S. and have the stamps sent to them. If for some reason the U.S.P.S. does not want to ship stamps abroad--but why would they not?--perhaps the stamps could be delivered directly to the intended beneficiary of the stamped envelope, and the envelope sent separately.

The Experiment

The U.S.P.S. does offer postage stamps for sale via an Internet ordering and payment system. The experimental protocol used entailed the following steps.
  1. Create a personal U.S.P.S. customer account.
  2. Place an order for a sheet of stamps. In this case, stamps of type "Global Forever" were selected as the most appropriate for mailing from the U.S. to anywhere in the world without concern for tariff changes.
  3. Pay.
  4. See whether the stamps arrive.

The Results

Customer Account Creation
The customer account creation was quite straightforward. In addition to name, one is required to provide an e-mail address, phone number, and physical postal address. Perhaps inappropriately, an address in the United States, that of the intended recipient, was entered. It was tested for authenticity, and a foreign address might (probably) have been rejected. Interestingly, the phone number entry field did allow the possibility of entering an "Int'l" number.
Actually, there was a curious glitch, but which was not insurmountable. The password for the account was to meet certain conditions: at least seven characters, a letter and a number, and allowed --but not required--to contain punctuation marks from a given list. A first password composed of five digits, two letters and an allowed punctuation mark was refused by the system with a message "Must contain one number" or words to that effect. A second password candidate containing only one digit (and one punctuation mark) among the many letters was accepted.
Placing the Order
Once the appropriate article had been identified and put in the shopping cart, order confirmation was attempted. The address as entered during customer account creation was rejected by the system for having an invalid telephone number. An alternate delivery address form was proposed by the system; the only country in the "Pick a Country" list is the "United States" so clearly it would not be possible to have the delivery abroad (other than to various armed forces and similar alternative 'states').
Interruption of Test
Since the order placement could not be completed for either delivery goal, the test was ended at that step.

Interpretation

There may be a rationale for this, but what? Why not ship abroad if the purchaser pays the shipping fees? Are the fees too complicated for the post office to calculate? Perhaps the range of other products available for purchase on their site includes some not easily shipped, but why not then just mark those as not available for overseas delivery? As for domestic deliveries, there was no indication that deliveries would be necessarily registered, which might justify needing to be able to contact the recipient; yet even if they were, one can just leave a delivery notice and expect the recipient to come claim their parcel.
It is not clear whether the problem lies with the order entry system or the lacking service offering. Would the post office mail the stamps to a foreign address if the order entry system allowed capturing a foreign address? Perhaps they would, and it is just the software that is faulty.

Conclusion and Prospects

This is disappointing. The solution appears to be to get a phone number from the intended recipient, if they are willing to divulge that information. But how to ask them and hope for a reply if one cannot send a stamped self-address envelope for their reply along with the request? (This is what is called a bootstrap problem.) It seems one cannot rely on postal methods alone for this use-case, one needs telephones. That's progress?
An alternative may be to purchase printable postage --to print directly on an envelope--rather than physical stamps; it remains to be seen what "delivery parameters" would be required or omitted in that case.

Tags: :

Labels: ,


StumbleUpon Toolbar Stumble It!

Thursday, July 17, 2014

 

Round Squares and Gyration



When I began driving motor vehicles in France and England over thirty years ago, a certain style of road junction was unfamiliar to me from driving a car in California. It is the junction called a roundabout in English, rond-point in French--or so I thought. Simply put, it is a junctions of roads with an obstacle in the middle which obliges vehicles to swerve around it --clockwise in England (where vehicles and drivers are on the wrong side) and counter-clockwise in civilized lands--at reduced speed. This system is very popular in France: while the rest of the world may now have followed to a greater extent, a few years ago (2008) France boasted half the world's count--over 30,000 of them! Towns in France (but elsewhere too) may go to great effort to decorate their big round junctions, particularly at entrances to the town. (A catalogue of the artistic ones was available several years ago (2007) and the url still responds, but with an error connecting to the database. Is it still there, will access be restored?)



Driving past a particularly spectacularly decorated junction near Bitche, France, and having noticed that during these past three decades, it seems "giratoire" displaced "rond point" as the preferred term in French, I wondered whether they had also come to be called "giratory" in English. What I found was that yes, the term giratory is used in English but reserved for larger, complex junctions; and no, rond-point and giratoire (or "carrefour giratoire") are not strictly the same thing in French (at least according to a Wikipedia article on rond-point). Is "rond point" a term in French for which there is no English equivalent?

Round Squares, Traffic Circles and Circuses

The distinction in French asserted in the Wikipedia article is that a rond-point is a place (wide space) that is round, oval or polygonal but not rectangular, and which may have an obstacle (statue, stele or similar) in the center. The term was used to designate a junction from which alleys in a formal garden radiated, with no implicit rule for walkers to traverse them one supposes. They were introduced into urban street systems to enable horse-drawn carriages to negotiate turns and to turn around where streets were otherwise too narrow. Presumably, a sufficiently spacious dead end (cul-de-sac) can be termed a rond point even though it only joins a road with itself.

Dictionary Research

In addition to a couple of français/English dictionaries (Larousse, TV5) which simply translate place [Fr.] as square [En.] in the context of streets and roads, I've collected some definitions from a French dictionary (over a century old) and an American dictionary (a half century old).
From this, I conclude that

Postscript: More About Traffic Circles in France

Historical note on traffic priorities

For as long as I can remember (and probably quite a bit longer) there has been a rule applied to decide whose turn it is to enter an intersection in the absence of working traffic signals or stop signs or posted priorities: priority to the right. By posted priorities, it may be posted by signs
France road sign AB6.svg
"France road sign AB6" by Roulex 45 - Own work. Licensed under CC BY-SA 3.0 via Wikimedia Commons.
that the road on which one is travelling gives one priority over cross traffic, and side roads would normally have the complementary indication to yield to cross traffic
France road sign AB2.svg
« France road sign AB2 » par Roulex 45Travail personnel. Sous licence CC BY-SA 3.0 via Wikimedia Commons.
. Until 1984, the priority to the right was applied on giratories in France unless specifically changed by signs restricting entry to the giratory. This was the source of much confusion and frustration, some accidents, and some apparent gridlock as a giratory. The gridlock was an illusion (as I should probably try to demonstrate mathematically) because even when full, the cars could always creep forward until one could exit, but it could happen that some vehicles would be blocked by an uninterrupted flow coming in just downstream of them; this is the same problem now faced by vehicles waiting to enter while blocked by an uninterrupted flow coming in upstream of them.

Why giratories, what are they good for?

Before arguing in favor of traffic circles, it should be noted that they have some drawbacks.


The advantages are multiple increases in efficiency and reliability.




Tags: :

StumbleUpon Toolbar Stumble It!

Tuesday, June 17, 2014

 

Arrow's Theorem and Indecision





Whether or not one can demonstrate a link between Arrow's theorem and procrastination, the possibility seems intriguing. In essence (to be elaborated below), Arrow's theorem declares the impossibility of arriving at a satisfactory consensus when there are more than two options and more than two deciders, and a definition of "satisfactory" that most might find reasonable and even minimal. This could lead to apparent procrastination if one considers the actor to have more than two possible activity options and more than two purposes that same actor wishes to achieve; the actor may be unable to reconcile the competing purposes and decide what it would be best to do now.  This effect could have consequences for design of personal time management systems.

Arrow's (impossibility) Theorem

Also known as "Arrow's paradox," the theorem can be expressed in several ways; the Wikipedia article "Arrow's Impossibility Theorem" provides both informal and formal definitions. In essence (I hope I'm getting this right) it says that when there are three or more options to rank, and three or more ways to rank them (multiple voters, or multiple criteria for deciding the ranking), it is not possible to be sure a method for computing a consensus will respect all three of the following desiderata:

  1. unanimity prevails: if an option is ranked top in all rankings, it will be ranked top in the consensus.
  2. insensitivity to irrelevant alternatives: removing an option other than the winner should not change the consensus result.
  3. no dictators: there is no individual (source of a ranking) whose ranking will always match the consensus ranking.


A Sort of "Perfection Paralysis"

If we cast this in terms of a personal decision about what to do next, any rule we might apply can only satisfy two of these three constraints. If we choose to protect the first and third (unanimity and non-dictatorship) we will be subject to unstable choices. This would lead to a situation similar to "perfection paralysis"; perfection paralysis has procrastinators postponing the risk of failure, this conundrum has procrastinators postponing the risk of pursuing the wrong activity.

For instance, we might choose to weigh importance, urgency, and likelihood of a quick success as the criteria for our possible activities, to name just three, and rank activities on those criteria. If something is at the top on all three criteria (a stop in the restroom, for instance) the unanimity rule says we should do that first. But we should not always pick the most urgent (nor always the most important or the surest to deliver a quick success), our other ranking criteria must matter. If our decision rule respects those two constraints, then eliminating even low ranked options is liable to destabilize our consensus rankings of the remaining options.

Consequences and Solutions

The consequences of this are well known and studied in social welfare functions and social choice theory, particularly voting systems design. The Wikipedia article discusses various was of attempting to change the decision problem to avoid using the problem, such as not using a ranking system, or not having more than two choices.

An example of this latter approach, and its flaws, can be found in the French presidential election system.  After a first round, if no candidate has a majority, only the top two candidates compete in a run-off election. The result is always a clear majority for the elected candidate.  However, there can be a "Condorcet candidate" (this occurred in 2007), one who would beat either of the top two candidates in a run-off, but who places third (or lower) in the first round and so cannot be elected.

In personal time and agenda management, similar tactics may be introduced to make decisions possible.  For instance, it is common to manage "work" and "life" separately, so that the criteria operable are limited to those of one or the other sphere. We don't decide whether a meeting is more urgent and important than going to the opera, we decide whether or not it fits (is more urgent and important than other work activities) in the time we reserve for work, and we decide whether or not we have time to go to the opera after work. However, this may lead to poorly considered decisions when we should be applying more criteria because more aspects matter to us. "Life" may be self, health, spouse, parents, children, and more: should each be considered separately, or should we plan our attention and efforts for each globally, as globally as we can?  How can we?

Notes

It is not clear that people are generally aware of the problem, but who knows whether they are?  It has an influence on our inability to manage trade-off decisions when more than one criterion is involved.

As I wrote this note, my purpose--and plan for it--evolved.  I wanted to note, before I forgot, the likelihood that Arrow's paradox has consequences for agenda and to-do list management, but maybe not yet develop that aspect analytically.  I wanted to note my questions about whether there is a general procedure similar to the one used for NP problems, to show that a decision problem is Arrow-ranking-paradoxical.  While I was at it, the note should be of interest and use to others.

Tags: :

StumbleUpon Toolbar Stumble It!

This page is powered by Blogger. Isn't yours?