Monday, December 29, 2008


Phishing is now a common source of computer crime. The trend of phishing through email and websites is growing at high speed. It has become a threat to computer users as a major source of malicious software as well as a way to steal personal information. Scientific American published an article recently on how to foil phishing scams which provided some useful information on how to protect yourself.

First of all, upon a phish attack, do not blame your lack of computer knowledge or the complicated procedures of using anti-virus software. Phishing is not based on computer tricks. It is based on human greed and carelessness. You have yourself to blame if you are phished.

Here are some examples: E-mail from a bank warning you that your online banking services was in danger of being deactivated, from Apple complaining that you had unpaid bills for music downloads, from an airline offering you the opportunity to earn a quick $50 for filling out a survey, and from the Red Cross asking you to contribute money to help earthquake victims in China. These messages are all very convincing and looked authentic, but they are all fraudulent e-mail known as phish.

Phish e-mail are written by professionals to resemble legitimate communications, often from reputable companies familiar to you. They usually create a sense of urgency and ask you to take immediate action to avoid a consequence or receive a reward. The response commonly required is for you to log in to a web site or call a phone number to provide personal information. Sometimes you only need to click on links or open e-mail attachment for your computer to become infected by malicious software. The details of phishing scams may vary, but their aim is to trick you into giving away information which can be used to break into your accounts and steal your money or identity. Phishing exploits human vulnerabilities and uses simple psychology targeting inattention or misdirecting attention.

As the phishing email do not contain malicious codes, the common techniques used by anti-virus software do not normally work. However, computer security experts are still able to develop phish filters aiming at the characteristics of phishing email. They include:
- Age of domain. Newly created domain less than 12 months are suspectable;
- Known logo images. Page contains known logos but is not a domain owned by the logo owners;
- Suspicious URL. URL contains @ sign, hyphen, an IP address or more than five dots;
- Suspicious links. Link on page contains @ or hyphen;
- Forms. Page contain a text entry field;
- Lexical signature search result. URL does not match address or Google-ranked legitimate page.

The filters use a combination of these signs to identify phish. However, some legitimate email may also have such characteristics. When the filter is not sure, a warning may be displayed so that the recipient of the email may exercise judgment. Other signs include a sender who is not familiar to you, an urgent message which is suspicious, or a threat which may not be realistic. You should also take a look at the website address appearing at the browser's status bar when you place the cursor over a link to see if it is suspicious.

The computer security experts noted that the major vulnerability is the lack of awareness of users towards phishing. A research showed that many users did not take notice of the warning sent by the phish filter. The experts considered that anti-phishing training should be improved. The combined efforts of law enforcement, computer security experts and computer users are needed to reduce the success of phishing.

Friday, December 26, 2008

Earth Rise 1968 -- 更正


原來當時太空船是沿著月球赤道的軌道飛行。太空人見到的景象,是月球表面垂直在太空船的右面,而地球就在左面,上方是正北。下面這幅調整後的照片是我們常 見的北上南下的地球。


Earth Rise

Thursday, December 25, 2008

Earth Rise 1968





Earth Rise

Wednesday, December 17, 2008

Tramway 1967



Monday, December 15, 2008

Internet security suite

I read from e-zone this week an article on the latest trend in the Internet security scene. It is a suite of topics and many of them are well known. But the article provides the current situation which is worthy of refreshing our awareness of the problem.

Statistics collected by Kaspersky Lab show that, in 2008, the highest computer intrusion events were caused by Trojan-ware, 92.56%, followed by viruses, 3.96% and other malicious software, 3.48%. The Trojan Horse software mainly came from network games and phish website. Other malicious software include advertising software, risk software, hoax, pornographic software and fraud tools. Among them, fraud tools have the highest growth. Some of them are even disguised as security software.

According to the anti-virus software company, Symantec, the common traps leading to Internet security breaches in 2009 could likely be the following.

Trap 1: Mutated hostile software. Newly developed hostile software are able to mutate by themselves. They will change their form and then be distributed to other users.

Trap 2: Social network threats. The latest trend is phishing software spreading on the popular social network sites. Many third party software linked to social network are phishing for the account information of users.

Trap 3: False financial institutions website. Taking the opportunity of the global financial crisis, many phishing websites and email are targeting such concern of users. They would disguise as financial institutions and phish for financial account information.

Trap 4: Junk mail. Owing to the economy downturn, many companies are more willing to put in resources for the development of junk mail for the purpose of advertising as well as increasing click-counts.

E-zone conducted a survey on the level of worry of Internet users regarding the problem of Internet security. The survey results show that the biggest worry is on Trojan. 40% of all users are worried that they could be attacked. The overall results are:
Trojan -- 40%
Keylogger -- 23%
Virus -- 15%
Adware -- 12%
Spyware -- 10%

The reason for the relatively low worry level of other attacks is that anti-virus software are quite common and useful nowadays. Many users feel that a computer well protected by such software could effectively eliminate the risk of viruses, adware and spyware to a large extent. However, more covert attacks such as Trojan Horse and Keylogger are not easy to detect and thus cause more worry.

A security expert from the Hong Kong Computer Emergency Response Team offers some additional tips on Internet security:

1. Windows automatic update. Microsoft Windows is the most commonly used operating system. It is also the most attacked system and vulnerabilities are found frequently. Luckily Microsoft also has a good defense system and any known vulnerability is dealt with quickly. Program patches are issued frequently to update the Windows system. One should set the Windows operating system to automatic update for effective protection. Many other software do not issue program patches at all. This does not mean they are safe. It is just that the companies do not fix the software vulnerability.

2. Browser automatic update. Internet browser is one of the major gateways to the Internet. Many malicious software exploit vulnerability of browsers for attack. An up-to-date browser will provide better security. At present, Firefox 3.0 offers automatic update for its browser.

3. False website. A current trend of computer fraud is from false websites of financial institutions. Extra attention must be paid when visiting such websites, including your favourite banks. It is advisable to access these websites only from your own bookmarks.

4. Email links. Many phishing websites and malicious software hide their links in email. It is important to check whether the email sent to you is from a reliable source, and whether the addresses of the links are suspicious.

5. Browse for security news. The expert recommends browsing HKCERT for update news on Internet security. This is probably an advertisement for HKCERT, but it does provide useful information. There are many other such information centres around the world.

6. ActiveX. The expert suggests de-activating ActiveX in your browser which may open a loophole for attack. But many useful software use ActiveX. It is a personal judgment whether you like to take the risk. I only de-activate ActiveX temporarily whenever I found something suspicious.

Friday, December 12, 2008

Grade Structure Reviews

The LegCo Panel on Public Service will discuss a paper on grade structure reviews on 15 December, next Monday. This is a very useful subject for HR managers as it is an essential topic of civil service human resource management. There are three reviews: one on the directorate, one on disciplined services and one on two civilian grades. If you are interested on the reviews, you can go to the JSSCS website to read the full reports. If you only have a little reading time, you can choose the read the LegCo paper which has a gist of the recommendations of the review reports.

The reports are published under the name of the Standing Committee on Directorate Salaries and Conditions of Service, the Standing Committee on Disciplined Services Salaries and Conditions of Service and the Standing Commission on Civil Service Salaries and Conditions of Service. But the reviews were conducted by a team of experienced executive officers in the JSSCS, or more accurately a team of retired officers. Grade structure review is a large and complex exercise which occurs infrequently at large interval. Under the present thinking of GGO, this is additional work of a temporary nature on a project basis which could be undertaken by NCSC staff. But where can you hire very experienced NCSC staff for such high level complex work. The only answer is the experienced retired officers who were engaged in previous grade structure review exercises. I must congratulate on a job well done. I also hope there were many serving officers working in the team, lest the experience would be lost with the retired officers really retiring.

The two civilian grades under review are the government lawyer grades and the veterinary officer grade. For the lawyer grades, there would be no improvement to the grade structure nor the pay scale. There are recommendations not related to the grade structure: viz. to conduct regular establishment reviews, to be more responsive to staff concerns about the working environment, to streamline and expedite the recruitment process, and to provide more continuing professional development opportunities. All these are applicable to all grades not under review.

I think it is very hard to compare the pay of a government lawyer to those in private practice. For a good lawyer in private practice, the reward could be astronomical. This is the same everywhere. For government lawyers, there is the commitment to serve for the justice of the people rather than the justice of the private clients.

The review report recommends that the starting pay of the Veterinary Officer rank should be raised by two points from MPS29 to MPS31. This would bring it on par to medical doctors. Two more recommendations are worthy of noting. One is the bonded traineeships to veterinary students in universities. This is actually the same practice some years ago in the form of government training scholarship which I think is quite feasible. Some serving officers are such government trainees. This could ensure a supply of veterinary officers for a few years, and increase the pool of veterinary surgeons in Hong Kong in the long run.

The other recommendation is to explore with local universities the desirability and feasibility of introducing veterinary training in Hong Kong. This is narrow thinking. Local universities should explore introducing academic subjects based on the need of Hong Kong rather than the recruitment difficulties of government officials. Hong Kong is a city with limited agriculture and husbandry. Its civilian veterinary needs are mainly on pets, plus some limited requirements by the Jockey Club and Ocean Park. With reasonable reward, Hong Kong people returning from overseas with veterinary training may be sufficient.

Sunday, December 7, 2008


四川著名技藝:變面。連劉德華都要學。在四川看文藝 表演一定有這個項目。變面表演又一定包括噴火。火焰一閃即逝,拍得一張清晰的照片已很幸運。





Wednesday, December 3, 2008

生死戀 Love is a many-splendored thing

睇戲。生死戀 Love is a many-splendored thing; 由威廉荷頓和珍妮花鍾斯主演。睇下睇下竟然唔知佢講乜。原來呢套戲於1949年在香港實地拍攝,有不少49年香港景色。網上短片將有香港景色的片段剪輯起來,一段段不連戲。如果真係想睇戲就中計。如果想懷舊一下歷史就好岩睇。

Wednesday, November 26, 2008

Reinventing management for the next century

Harvard Business Review asked me to participate in a survey to prioritize an agenda of 25 items of management innovation for the next century. The items were drawn up by MLab (Management Lab) with a group of scholars and executives. They are thoughts on how should management's principles, processes, and practices change for companies to thrive in the next 100 years. These ideas are by no means conclusive and thoughts are still being given to their importance. However, we could treat them as a preview of what are ahead of us. Possibly some of them could be the leading edge management theories in the next few decades. So they are worth taking a look.

I completed the survey with the government, and in particular the grade, in mind. I was asked to label the degree of importance of each item, and the position of my organization at them as well as the direction she was moving. Sadly in my mind, the government and the grade failed in many areas and showed no sign of probable improvement in the near future. I was pessimistic on our hierarchical structure and democratization of decision making, which I think would not change easily. Also, I am worried on the prospect of reducing fear and increasing trust. Just look at our public discussion forum like EGRIN. Seems we have a lot of fear and lack trust in public exposure.

The 25 items are:

1. Ensure that management’s work serves a higher purpose.
Management, both in theory and practice, must orient itself to the achievement of noble, socially significant goals.

2. Fully embed the ideas of community and citizenship in management systems.
There’s a need for processes and practices that reflect the interdependence of all stakeholder groups.

3. Reconstruct management’s philosophical foundations.
To build organizations that are more than merely efficient, we will need to draw lessons from such fields as biology, markets, democracies, and theology.

4. Eliminate the pathologies of formal hierarchy.
There are advantages to natural hierarchies, where power flows up from the bottom and leaders emerge instead of being appointed.

5. Reduce fear and increase trust.
Mistrust and fear are toxic to innovation and engagement and must be wrung out of tomorrow’s management systems.

6. Reinvent the means of control.
To transcend the discipline-versus-freedom trade-off, control systems will have to encourage control from within, rather than constraints from without.

7. Redefine the work of leadership.
The notion of “the” leader as a heroic decision maker is untenable. Leaders must be recast as social-systems architects who work to enable innovation and collaboration.

8. Expand and exploit diversity.
We must create a management system that values diversity, disagreement, and divergence as much as conformance, consensus, and cohesion.

9. Reinvent strategy making as an emergent process.
In a turbulent world, strategy making must reflect the biological principles of variety, selection, and retention.

10. De-structure and disaggregate the organization.
To become more adaptable and innovative, large entities must be disaggregated into smaller, more malleable units.

11. Dramatically reduce the pull of the past.
Existing management systems often mindlessly reinforce the status quo. In the future, they must facilitate innovation and change.

12. Share the work of setting direction.
To engender commitment, the responsibility for goal setting must be distributed in a process where share of voice is a function of insight, not power.

13. Develop holistic performance measures.
Existing performance metrics must be recast because they give inadequate attention to the critical human capabilities that drive success in the creative economy.

14. Stretch executives’ timeframes and perspectives.
Discover alternatives to compensation and reward systems that encourage managers to sacrifice long-term goals for short-term gains.

15. Create a democracy of information.
Companies need holographic information systems that equip every employee to act in the interests of the entire enterprise.

16. Empower renegades and disarm reactionaries.
Management systems must give more power to employees who have their emotional equity invested in the future rather than in the past.

17. Expand the scope of employee autonomy.
Management systems must be redesigned to facilitate grassroots initiatives and local experimentation.

18. Create internal markets for ideas, talent, and resources.
Markets are better than hierarchies are at allocating resources, and companies’ resource allocation processes need to reflect this fact.

19. Depoliticize decision making.
Decision-processes must be free of positional biases and exploit the collective wisdom of the entire organization.

20. Better optimize trade-offs.
Management systems tend to force either-or choices. What’s needed are hybrid systems that subtly optimize key trade-offs.

21. Further unleash human imagination.
Much is known about what engenders human creativity. This knowledge must be better applied in the design of management systems.

22. Enable communities of passion.
To maximize employee engagement, management systems must facilitate the formation of communities of passion.

23. Retool management for an open world.
Value-creating networks often transcend the firm’s boundaries and can render traditional power-based management tools ineffective. New management tools are needed to build complex ecosystems.

24. Humanize the language and practice of business.
Tomorrow’s management systems must give as much credence to timeless human ideals such as beauty, justice and community as they do to the traditional goals of efficiency, advantage, and profit.

25. Retrain managerial minds.
Managers’ traditional deductive and analytical skills must be complemented by conceptual and systems-thinking skills.

Sunday, November 23, 2008

Phone heaven in the Vatican

I read this in a hotel in Japan. It was a copy of Los Angeles Times, specially produced in co-operation with the Yomiuri Shimbun 讀賣新聞. The article was written by Sebastian Rotella in Vatican City in Rome. When I was back in Hong Kong, I read it again at the Los Angeles Times website. For news, the world is flat.

The article revealed that the technology of the early 21st century has produced a phenomenon known as "phone hell": an audio inferno where callers are tormented either by mechanized voices or human ones with less soul than the machines. We experience much of such hell in Hong Kong with so many IVRS systems. Whenever you call a bank, phone company, many other companies, or government departments, very often we hear mechanized voices, or the voice of a receptionist repeating answers hundreds of times a day. More often, although we call local, the phone is answered by someone in Guangzhou, or India, or Malaysia.

Within the audio inferno, The reporter discovered a phone heaven in the Vatican, whose switchboard is manned by no one other than the nuns of the order of the Sister Disciples of the Divine Master. If you are interested in the full description of this heaven, please read the full article.

Many calls to the Vatican are routine inquiries about papal activities, hotels, or museums. That information is available in a recorded message as well. But Vatican has also preserved an oasis in the often harsh subculture of switchboards. For 50 years, the nuns have operated the Vatican switchboard. They are the gatekeepers of the Holy See. The sisters field half a million calls a year from all over the world. They assist the friendly, the loud, or the troubled negotiate a labyrinthine of the Roman Catholic Church bureaucracy. The Vatican has accepted modernization; the sisters will get some state-of-the-art assistance soon. But the sisters are determined that the human touch of the Vatican switchboard will never change. There are ten nuns from locales as diverse as India and Poland. Their average age is close to 60.

At least once a day, the switchboard receive phone call from someone insisting on speaking directly with the Pope himself. The sisters respond with tact and never say no. They try to see if a priest, the press room or a church official can help. However, sometimes the caller will not be satisfied with even a bishop.

The sisters also remember a frequent caller who identifies himself as Saint John the Baptist. This caller asks to be addressed as Saint John and prays with the nuns. Also, quite a number of people call and say they need an exorcist. It seems exorcism is a very important issue of the Catholic faith.

Friday, November 21, 2008

Tiger cart 老虎拉車




Wednesday, November 12, 2008

The Church of the Holy Sepulchre 聖塚教堂


希臘正教 Greek Orthodox
亞美尼亞教皇使徒 Armenian Apostolic
羅馬天主教 Roman Catholic
埃及正教 Coptic Orthodox
埃塞俄比亞正教 Ethiopian Orthodox
敘利亞正教 Syriac Orthodox

基督教在聖塚教堂並沒有立足之地,因為它只在數百年前成立,沒有捲入千多年前的鬥爭。在聖塚教堂之內,六個教派之中以希臘正教勢力最大,其歷史最久遠。耶穌死後其門徒不斷被猶太人和羅馬人打壓,只為地下教派。直至公元四世紀,君士但丁大帝始立之為國教,其母后海倫拿更到以色列尋找新約所述的各個地點建立教堂,其時已是耶穌死後約四百年。情形等於我們在現時二十一世紀去找尋清朝初期的明朝人士反清事件地點。究竟此地點是否真確?最後定論在一九八六年由耶路撒冷考古學家 Dan Bahat 作出。他說我們不能確定,但現時沒有其他地點可以推翻這說法。君士但丁大帝的東羅馬帝國就是在現時希臘,最古老的新約官方版本是古希臘文,而希臘正教就是最早使用聖塚教堂的教派。其後東羅馬帝國崩潰,正教四散到各地再各自發展。






我從聖海倫拿小教堂 Chapel of St. Helena 進入聖塚教堂。只見狹窄的地方設有幾個不同教派的祭壇和座位,印象很深刻。這幾幅照片的祭壇應該是屬於亞美尼亞教皇使徒、希臘正教、羅馬天主教和埃塞俄比亞正教。





Monday, November 3, 2008

Insecure behaviour

You may think that it is very careless or very unfortunate to have your computer infected with virus. Shouldn't we be very cautious in surfing the Internet, watching out for danger every step of the way, and shying away from anything dangerously attractive. What do other people do when surfing?

To answer your question, Cisco recently did a study on the behaviour of people regarding Internet security. The result was published in PC World.

The survey was based on interviews conducted with 2,000 employees in ten countries, the U.S., the U.K., France, Germany, Italy, Japan, China, India, Australia, and Brazil. The result showed that the risks taken by employees with company data can vary by nation and culture.

The Chinese and Indians were the most likely to bypass set security settings to access unauthorized websites, with 52%, i.e. more than half of the people, saying they would do this because it was their own business on which sites they visited. U.S. and Indian employees were the most likely to use unauthorized applications with, respectively, 74% and 79% admitting they would do such a thing with their office laptops and PCs. This is the form of risky behavior identified by IT staff as causing most data leakages. A large majority, more than two-third of employees, did it. In Germany, the biggest security problem was simply letting non-employees wander freely around the office without supervision.

Cisco realized that businesses were enabling employees to become increasingly collaborative and mobile. Data is now always in transit, in use, within programs, stored on devices, and in places beyond the traditional business environment, such as at home, on the road, in cafes, on airplanes and trains. Companies with a global footprint have to be aware of different cultures and be willing to tailor their security education to fit in with differences in attitude.

I don't know if people view Internet security differently at home and in the office. I would have thought employees should be more cautious because a slip of hand in the office could have serious consequence to the entire office network. However, the survey showed that many employees have a carefree attitude towards Internet security in the office. You can guess how Internet security is viewed at home. So, you could go with the norm and surf wherever you like. But get your anti-virus program up and running, and back up all your data.

Wednesday, October 29, 2008







國家公園管理員急謀對策,其中一個方案是 將一部份大象遷移到另一居住地。大象問題嚴重的南非克魯格國家公園 Kruger National Park 嘗試開放北部通道讓大象自行進入莫三鼻給 Mozambique 國境,但當地居民大力反對,因為象群摧毀他們的房屋和農作物。另一方法是用貨車運送大象到其他國家公園,但克魯格國家公園已是南非最大的國家公園,這個方法是杯水車薪。




被撲殺的大象如何處理呢?在非洲,物資不能被輕易浪費。象肉是千萬年以來人類的食糧,以前獵人殺死一隻象會和整個村落的人分享。現在被合法撲殺的大象屍體 會被送到肉食市場,屠宰後以鮮肉形式出售。





Friday, October 17, 2008



人類為什麼要做這個神蹟?水族館的負責人說唯一目的就是要困住鯨鯊。現時這個水族館困住了三條鯨鯊,水族館的科學家說這又是一個神蹟。究竟鯨鯊在水族館住得好嗎?科學家說以前的水族 館規模不大,鯨鯊不能轉身;現在這個魚缸,鯨鯊進食水面的食物時魚身需要保持三十度角,而魚尾就僅可不用踫到缸底。我心想這簡直是在虐待鯨鯊,因為鯨鯊是 在大海中過濾吸食微細海洋生物維生的;有沒有人搞救救鯨鯊運動呢?

Photo courtesy Millicent

Friday, September 12, 2008

The end of the world

Wednesday, 10 September 2008 was said to be the day the world would end. The reason was the powering up of LHC the Large Hadron Collider at the French/Swiss border. It would collide protons with so much force that a black hole would be created. If this black hole persisted, it would grow and suck in all mass of planet Earth. Wednesday passed uneventful. It is likely that the world will not end in the next few months even with increased collisions at LHC.


Such end of the world thinking appeared throughout history, and predictions of such an event in the future are numerous. I read an interesting article in BBC describing the fascination of mankind on this very unfortunate event. You may wish to read the article at this link.

There is nothing new with the idea that the world could end. In fact, by all historical thinking and modern scientific thinking, it is a fact that the world as we know it will come to an end one day. The most well-known scenario is the Last Judgment written in the Bible. No one is sure when it will come and it remains a delusion to scare the faithful.

The end of the world has a deep root which can be found all the way back to ancient times. There are many ancient myths on the ultimate chaos and the destruction of the human world. They are also found in all religions which use the end of world punishment for religious purposes. But the scary stories are not limited to superstition. As science advances, many scenarios are identified as possibilities of the total destruction of earth, or just the human race.

Branches of knowledge have also been developed on such doomsday scenarios. In religion, they are studied under eschatology, which are theories of the end of the world. In Christianity, millenarianism is the belief in the coming of the Judgment Day upon the millennium at the end of one thousand years. There is also the apocalypticism which is a belief based the Apocalypse regarding the end of present world order. In general, the term End Time refers to the end of the world or the end of the current age.

The end of the world could mean the destruction of the planet, extinction of the human race, or just a significant change in the situation of the human race. Science and religion have different concepts on how would the world end. Scientific theories point to catastrophic climate change, asteroid or comet strike, massive nuclear war, eruption of super-volcanoes, uncontrollable epidemics or the destabilisation of earth or moon orbit. All of them have a high probability of happening, but with an uncertain timescale. It could happen in the near future or a million year after. Religious descriptions are more abstract. They include the Last Judgment, the disappearance of Buddha's teachings, the second coming of Jesus, the cycle of ages, and some codified theory by the Zoroastrians. However, it is to be celebrated that all previous predictions of the end of the world have failed, and the human race has safely passed all such critical dates.

The question that one would ask is: why are we so fond of acknowledging the ultimate end of mankind? A psychologist explains that such thinking is deeply appealing at a psychological level because the idea of meaninglessness is deeply threatening. Human societies have always tried to create some kind of framework of meaning to give history and our own personal lives some kind of significance. To acknowledge or predict the end of the world gives impetus to a lot of human activities ranging from worshiping, accumulating resources, knowledge seeking, all are meaningful things that human energy can be focused on. Thinking about the ways the world might end, or its timing, may be fulfilling a basic human need. It comes down to an issue of power. Apocalyptic preaching and ideas often arise during times of particular discontent, war, famine or during general bad times. Prediction of the end of the world is an attempt to control the way the world works.

Monday, September 8, 2008

Fooled by Randomness

Fooled by Randomness by Nassim Nicholas Taleb

Taleb sets forth the idea that modern humans are often unaware of the very existence of randomness. They tend to explain random outcomes as non-random.

Some years ago, I had a colleague who organized a Mark 6 pool among friends. They had a database of previous Mark 6 results and from it derived that some numbers were more easily drawn than others. They then collectively bet on such numbers which they believed would have a higher probability of winning. I asked him the basis of his action. He explained that the fact some numbers appeared more frequently was real as proven by the statistics. The reason could be the material of the paint of different colour, the difference in the shape of the numbers painted, or their different position before drawing. Although the factors would be too complex to compute, the results shown in the statistics were sufficient to show the bias. By the time I left the department, the pool was still losing money.

It is not a coincident that the essence of the book is exactly on the same thinking. Taleb points out that human beings always overestimate causality, and we tend to view the world as more explainable than it really is. An example used in the book is the performance of stock and option investors. These investors use sophisticated statistical methods to analyze the performance of the market in the past and predict the future. The information they derived from analyzing the past may adequately explained what happened. However, the performance of the market on the following day has no relevance to the past. It is a Brownian movement which only depends on the factors at present. It is actually more random than expected.

For that matter, people always confuse between randomness and causality. The book gives an illustration on the two corresponding sides of such thoughts:
Randomness v Determinism
Probability v Certainty
Belief v Knowledge
Coincident v Law
Forecast v Prophecy
Lucky idiot v Skilled investor
Survivorship bias v Market out-performance
Stochastic variable v Deterministic variable
Noise v Signal

It is not surprising that such thinking would attract objection from the skilled investors. There are a lot of comments on this book defending the reliability and almost certainty of statistical analysis and prediction of market movements. However, from the market performance in recent months, I tend to believe that the market is much more random than we thought.

Since human being developed self-consciousness, or the soul if one likes to call it, we always wonder why things happened. This quest for reasons has also developed into the religion delusion. This innate property of the human mind makes it easy for us to attach reasons, whatever they are, to nearly everything. Thus we are easily fooled by the randomness of nature, which is now beginning to be recognized in modern science such as evolution biology and quantum physics. For the ordinary people, it is useful to reflect on the randomness misconceptions discussed in the book.

There is a survivorship bias in many statistical data we gather. We see the winners and try to learn from them, while forgetting the huge number of losers. The case study used in the book is the survey of the earning ability of the stock and option traders. While a lot of data on the traders in business can be gathered, the survey is actually gathering only the data from the survivors. Data on many traders who lost money and dropped out in the previous years are all ignored. Thus the statistics is unreliable. Let's say we want to survey among government executive officers on how the university graduates adapt to government work. We are only surveying the survivors of the government recruitment. University graduates who do not make it are all missed. If we conduct a survey in an online forum on the habit of people using computer, we are only surveying those surviving in the forum. Such statistics need to be qualified on their target participants. However, there is a misconception that survey with survivorship bias can be applied universally.

Many probabilities have skewed distributions. Many real life situations do not have a 50% probability like the two sides of a coin, but have unusual and counter-intuitive distributions. People can often be fooled by the fact that they won a bet 50 times and think that they will win next time with absolute certainty. Taleb opines that some aggressive stock and option traders eat like chickens and go to the bathroom like elephants. They earn a steady small income from selling the stocks and options, but when a disaster happens they lose a fortune. They are fooled by the randomness of the market which is hidden from them.

There is the story of black swan on probability, on which Taleb eventually wrote another book. Swans in Europe are white. People may take numerous observations to prove that swans are white. So a fact is established that all swans must be white, and the probability is 100%. However, it only takes one twist in the DNA to turn one swan black and the probability is re-written. In fact, black swans are found in Australasia. The impact of the highly improbable is severe. The more improbable it is, the harder the impact when it happens. Another joke on the false improbability is when Taleb observes an old man everyday to see if he is still alive. For eighty years, there have been about 30,000 observations and the old man is still alive. With such a large number of observations, he could conclude that this old man must be a superman who is highly improbable to die. By the track record, he may even live forever. But it only takes one death to turn the probability to zero. The truly scary thing is that the black swan could be a random event. That means it is capable of happening any time to turn a high probability totally upside down.

Wednesday, September 3, 2008

Seven online sins

It has always been said that the Internet is a jungle. It is full of danger with cyber-criminals looking for victims, and traps of deception everywhere. Notwithstanding that, Internet is a major source of information on everything. Many people nowadays cannot live without it. So, the danger has to be dealt with. In fact, many security analysts said that the Internet is just as dangerous as the street. Despite the dangerous traffic, street side crime, falling signboards, falling trees, people still go out shopping. Of course it is necessary to take reasonable steps to protect yourself, and people now generally know what not to do, say avoid giving out your bank account details, or avoid the Nigerian email scam.

Just a few days ago I read an article from CNN on seven online sins. It is a reminder of seven common sins committed by many people thus exposing themselves to cybercrimes. You may wish to read the full article here.

1. Assuming your security software is protecting you
Your anti-virus software may not be protecting you if you do not activate it all the time and update it constantly. If you just think you have such a software and then be complacent, you may be leaving a loophole in your system without knowing it. The false sense of security is very dangerous. You need to maintain the software on a regular basis if you want to be protected. An automatic updating service is a good choice.

2. Accessing an account through an e-mail link
Do not access your account through an email link, even if it is sent from your respectful banker. It could be a scam by criminals aiming to steal your logins, account numbers and other sensitive data. Such fake email has gotten so sophisticated with genuine corporate logos and legitimate style that it is impossible for people to tell the difference. In fact, most banks have stopped sending out e-mails asking for updated customer information. You should access an online account only by using the full website address of the institution in your browser.

3. Using a single password for all online accounts
It is difficult to remember many different passwords. But using just one, especially if it's simple, is dangerous. Cybercriminals have code-cracking software which could uncover passwords of common combinations. It is recommended a complex password with at least eight characters, including numerals and alphabets, should be used. You may use variations on the same password to make them easier to recall.

4. Downloading free software
Free software can be downloaded, but do it from places you know are safe, such as large and reputable downloading sites, and scan them with anti-virus software before installing. Some "free" software come loaded with spyware, which clogs your computer with ads or employs a keystroke-capture program to steal your personal information.

5. Thinking your Mac shields you from all risks
Some think Macs are much less susceptible to viruses and spyware than PCs. But surveys show that there may be a false sense of security among Mac owners, who still fall prey to phishing scams at about the same rate as Windows users. Some security analysts suggest not to use Safari until Apple puts in more protection. In the mean time, they recommend using another browser with phishing protection, such as the latest version of Firefox.

6. Clicking on a pop-up ad that says your PC is not secure
In a recent Consumer Reports survey, 13 percent of respondents said they clicked inside the ad pop-up by mistake and were redirected to a spyware site or have malicious software downloaded to their computer. It is recommended to click on the "close" button in the ad's upper right corner to close it, or better yet, enable your browser's pop-up blocker.

7. Shopping online the same way you do in stores
When entering your address and credit card information in online shopping, make sure the site is secure, such as those with URL "https:" which offers greater security. Don't shop online with debit cards, which, if stolen, offer no liability protection. It is better to use one credit card for your business transactions and a separate card for your online purchases. That way if a hacker steals your credit card number and you must replace the card, you still have another one for daily business. Some banks now issue special credit card for Internet purchases or special authentication process for online transactions.

In fact, seven is just a casual number and there are many more tricks around which could drag you down the trap. But it is useful to refresh ourselves of the common mistakes people make.

Tuesday, August 5, 2008

Cybercrime of Web 2.0

We have entered the era of Web 2.0. It is a world of intensive and extensive horizontal communication with much increased free flow of information. With the freedom, there comes increased risks in a more chaotic jungle of information. CNN recently reported on the modern trend of cybercrime which is taking advantage of Web 2.0. It is useful to know the danger around so that we can keep a close guard. If you are interested, please take a look at the article Fighting the Cybercrime Lords of Web 2.0.

Web 2.0 is mainly about mobile computing and social networking, coupled with easy website services such as blogs and social network sites. The emphasis of the web world has shifted from technological to content-oriented. The power of information flow has devolved from organizations and content providers to individuals who can create, share, obtain any information they want, including much personal information. Online communities continue to grow at a great speed through friendly social networking sites, and cybercrime syndicates continue to target these online relationships based on sharing and trust.

In the old days, cybercrime was committed by hackers who were mostly whiz kids with an attitude. They broke in the systems of organizations for fun and pride. The destructions caused were denial of service, defacing of corporate images and corruption of data. Nowadays, cybercrime is more organized and targeting on financial gains through phishing, stolen personal data, bank account and credit account data.

The cybercrime world has developed an ecosystem of its own, with services for hire. Its infrastructure includes botnets which are robotic networks of compromised or specific virus infected computers. The bot-herders of the botnets offer time and services to executive brokers and supply them with stolen data obtained by spammers and phishers. Cyber criminals may hire programmers to write malware and hackers to break into sites in order to steal email addresses and other identities. With strong social engineering techniques, many password-protected accounts can be cracked. To target the individuals, many counterfeited hooks in the form of email and websites are written in perfect languages supported by common brand logos and attractive styles. Stolen data are valuable. While credit card data can sell for only $5 to $10, sensitive data can bring in massive amounts.

Cybercrime is difficult to eradicate. Many malware advertising scammers pay irresponsible websites to serve their malicious advertisements. Hackers and spammers may hire criminal or irresponsible ISPs to host their malevolent servers and traffic. Many ISPs are not cooperative with law enforcement agencies when it comes down to disclosing the identities of their clients. Some ISPs are hosted in countries with different jurisdictions and unfriendly diplomatic contact.

In the mean time, the technical arms race between cyber-criminals and security professionals has escalated. With ever improving methodology and a consolidated effort on unified threat management, malicious e-mail should never make it to your inbox. Most of them are filtered out effectively by your ISPs. The security professionals connect honeypot computers to the Internet. These are unpatched computers subject to all kinds of cyber attacks. They are baits attracting all cyber criminal activities in real time and sending out alerts. Such weather forecast enables security professionals to prepare for attacks underway.

Same as other kinds of crime, cybercrime has become a common place problem. The encouraging message is that there is good coordination between the researchers, the security industry and other authorities working together to combat the criminals. The anti-crime effort goes all the way down to the individual. It is essential for us to be aware of what is out there.

Friday, August 1, 2008




無 (無知市民問)
感 (感覺良好醫生答)














Saturday, July 26, 2008

Spying requests

We all heard that UK has the greatest number of surveillance cameras in the world. Her citizens are also constantly being monitored on all types of communications. USA has similar development where a recent legislation gives the government greater power in monitoring overseas telephone calls and email transmissions. Many people trust the government in doing the right things, and that she will be careful in handling personal information. Such monitoring may only be used in time of crises, terrorist acts or serious crime. In Hong Kong, the Personal Data (Privacy) Ordinance has an exemption clause that law enforcement agencies may obtain personal data from data owners in case of serious crime. However, we never have any idea of the extent of the exemption.

It is interesting to read the recent article below in BBC regarding the number of "spying requests". Such requests are legitimate actions under the law for data owners such as telecommunication and Internet companies to release the personal information of their customers to the authorities. There are more than 500,000 such requests in UK last year. It should be bear in mind that this figure only represents requests put officially to the companies. They may not include covert operations where official requests were not made, nor data owned by enforcement agencies themselves. The total number of cases investigated may be ten times more, making it 5 million, or 14,000 cases per day.

The other alarming sign emerged is that many such requests for personal data were used in minor offenses instead of serious crimes. The examples quoted by the Interception of Communications Commission were rubbish dumping and tax avoidance. I suspect such practices are widespread. Any bureaucrat could not resist the temptation of readily available information for the expediency of doing their job.

I looked at the article and am amused to note that, on the one hand the Interception of Communications Commission and the Chief Surveillance Commissioner criticized the use of personal data in minor offenses, on the other hand the Home Secretary said it provided vital intelligence that would prevent a terrorist attack, as well as tackling "antisocial behaviour and rogue traders. It may be debatable whether freedom and human rights are infringed and to what extent. In any case, there is nothing wrong in suppressing antisocial behaviour and rogue traders. Actually, the question is what constitutes such behaviour and who can decide.

Tuesday, 22 July 2008 20:56 UK
'Spying' requests exceed 500,000

More than 500,000 official "spying" requests for private communications data such as telephone records were made last year, a report says. Police, security services and other public bodies made requests for billing details and other information. Interception of Communications Commissioner Sir Paul Kennedy said 1,707 of these had been from councils. A separate report criticizes local authorities for using powers to target minor offences such as fly-tipping.

Figures show public bodies made 519,260 requests to "communications providers" such as phone and internet firms for information in 2007. Under available powers, they can see details such as itemized phone bills and website records. But they are not allowed to monitor conversations. The total number of requests for last year - amounting to more than 1,400 a day - compared with an average of fewer than 350,000 a year in the previous two years. In his report, Sir Paul said he believed "local authorities could make much more use of communications data as a powerful tool to investigate crime".

But a separate report, by Chief Surveillance Commissioner Sir Christopher Rose, criticizes the techniques employed by local authorities to deal with minor offences such as fly-tipping or avoiding council tax. He said some councils had a "tendency to expose lack of understanding of the legislation" and displayed a "serious misunderstanding of the concept of proportionality". Some authorizing officers were inexperienced and suffered "poor oversight", he added. He called on town halls to invest in properly trained intelligence officers who could operate covertly.

Home Secretary Jacqui Smith said: "The commissioners' reports offer valuable oversight and provide reassurance that these powers are being used appropriately. "These powers can make a real difference in delivering safer communities and protecting the public - whether enabling us to gain that vital intelligence that will prevent a terrorist attack, working to tackle antisocial behaviour or ensuring that rogue traders do not defraud the public."

Thursday, July 10, 2008

Solar power

I received a notification from McKinsey Quarterly this week regarding a new article on solar power. As it came from McKinsey, you would expect that it would not be a scientific paper. Although the issue on solar power usually gives an impression of state-of-the-art technology, energy used in science fiction or an energy source which is going to save the world, the McKinsey paper is actually on management science, targetting the business environment and competitive strategies of the solar power sector.

With the limited supply of fossil fuel, and the adverse effect of this form of power generation, solar power has always been promoted as an alternative clean and sustainable energy. There has been a great expansion in the solar power sector in the last few decades, bringing some hope that it may eventually replace fossil fuel as the de facto energy source for mankind. Coupled with the rising price of fossil fuel, there is a lucrative future for the solar power industry. However, while developed countries and environmentalists are giving stern warning that emission from burning fossil fuel must be significantly curbed in the next 20 years, solar power is by no mean a saviour to help achieve this goal.

A realistic assessment based on the present rate of progress of development of the solar power industry gives an estimate that, by 2020, global installed solar capacity could be 20 to 40 times its level today. But even if all of the forecast growth occurs, solar energy will represent only about 3 to 6 percent of installed electricity generation capacity, or 1.5 to 3 percent of output in 2020. While solar power can help produce electricity with lower carbon emissions, it remains just one small piece of the puzzle to solve the energy crisis.

On cost competitiveness, an important indicator is the grid parity, which is the point when the price of solar electricity is on par with that of conventional sources of electricity on the power grid. In some regions, it is expected that solar power electricity generation will reach this point a few years away, partly due to government subsidy. However, in some countries such as China and India when the conventional electricity production cost is still low owing to ample supple of cheap coal, the time frame for solar power to achieve this goal is considerably longer.

At present, there are three types of technologies of solar power competing for cost leadership: silicon-wafer-based and thin-film photovoltaics and concentrated solar thermal power. Each has its own constraints.

Silicon-wafer-based photovoltaics

Silicon-wafer-based solar panels and their installation are costly because larger quantities of photovoltaic material are required to make the panels. Also, the technology is starting to approach the theoretical efficiency limit of 31 percent.

Thin-film photovoltaics

Thin-film photovoltaics solar panels are cheaper to make but its theoretical efficiency of 10 percent is much lower. Its durability is uncertain and some of its component materials are toxic.

Concentrated solar thermal power

Concentrated solar thermal power is the cheapest option because it engages simple technology of light reflection. However, it can only be installed at desert locations far away from its users. The simple technology also means there is not much room for cost reduction. The present forecast of the business environment is based on these three technologies. But if there is a major breakthrough such as the emergence of cheaper and more efficient nano-scale thin-film photovoltaics panel, the competitive environment will become uncertain.

On a vision of the road ahead, competitors expect that necessary technological breakthroughs will come from solar-component manufacturers, but rapid progress depends on robustly growing demand from end users, to whom many manufacturers have only limited access. While utility companies have strong relationships with residential, commercial, and industrial customers and understand the economics of serving them, they will have difficulty driving the penetration of solar power unless they have a much clearer sense of the cost potential of different solar technologies. In some regions, regulators can accelerate the move toward grid parity, as they did in California and Germany, but they can’t reduce the real cost of solar power. Poor regulation might even slow the fall in prices.

The threats will come from suppliers of components and raw materials, which will be in short supply owing to fast growth in demand. A business strategy in this direction is vertical integration. Also, there must be a close monitoring of the development of the latest technology on the possible emergence of a substitute. The dependence on government subsidy should be handled cautiously as it may not be sustainable.

Saturday, June 28, 2008


美多里 Midori,音樂神童,拉小提琴,十一歲出道,一鳴驚人。她今晚 (6月27日) 和香港管弦樂團在大會堂音樂廳演出布拉姆斯的D大調小提琴協奏曲 Brahms' Violin Concerto in D Major,是港樂今個樂季的重頭戲。雖然出道已有二十多年,但 Midori 現在只是三十多歲,仍然很年輕。她身形嬌小,站出來就是一個日本小女孩。日本人視她為國寶,所以今晚有日本註港領事和一大群日本聽眾捧場。

先說她的琴,是十六世紀的 Guarneri 瓜奈里,全名是 Guarnerious del Gesu "ex-Huberman",即曾被小提琴家 Huberman 使用過。我覺得這把琴的威力比我聽過其他演奏家的琴都要大,音色好而聲量足夠,而又有自己的性格。看 Midori 的嬌小身形,會擔心她的小提琴音量會讓管弦樂的聲響比下去;但她的琴一開聲,就聲勢懾人,和管弦樂團呼應十分從容。


布拉姆斯的小提琴協奏曲是出名難演奏的樂曲,但近年卻有幾位著名演奏家選擇這一首樂曲在香港演出,我記得上一次是去年的 Hilary Hahn。但今晚聽 Midori,可謂大開眼界。她對所演奏的音樂非常投入,肢體動作豐富,幾乎是人琴為一;另一個有如此境界的是李傳韻。這首樂曲的第一樂章又長又難欣賞, 但 Midori 掌握每一個樂句和樂段都有其獨特之處。每個樂段的變化都很鮮明地表達出來,所以整個樂章的曲式就很清楚。我對第一樂章的感覺是又聽 Midori 又聽 Brahms,即是 Brahms 的樂思可以仔細欣賞,而 Midori 的演奏藝術亦出神入化。如果這個悠長樂章覺得享受,那麼第二和第三樂章就更不用說。尤其是快板的第三樂章,一向都極受歡迎,幾乎任何演奏家的演出都好聽; 這個樂章的挑戰就是怎樣可以使在期待的聽眾更感動。Midori 的演出可以達到聽眾的期望;這是一首迴旋曲,主題多次出現,每一次她都使聽眾有驚喜,她以充滿感情和力量的演奏使到這幾個充滿匈牙利風味的樂句帶來更大的 感官刺激。

今晚亦值得一提的是因為風神襲港,港樂今個星期少了一天排練時間 (我覺得奇怪為什麼不是半天,因為大家下午都要上班),因此他們將較為生疏的史特拉汶斯基 Stravinsky 的三樂章交響曲改為奏火鳥組曲 Firebird Suite。火鳥是耳熟能詳的名曲,而樂團不用多加排練都可以演出。不知是否因此得到激勵,今晚的火鳥我覺得有超水準的演出。

Wednesday, June 25, 2008

Cloud computing

Cloud computing is the buzz word of the day, mainly because Bill Gates announced that it would be the future focus of Microsoft. But cloud computing is just a new word for an old idea. It simply means computing in the Internet, a cloud in the sky instead of your desktop.

About ten years ago when the Internet was getting very versatile and popular, there were proposals for better and more powerful ASP (application service providers), in addition to ISP (Internet service providers) and CSP (content service providers). As a result, there were business challenges for the computer industry on the specifications of personal computers. While Sun Computer thought personal computers would shrink to having barebone functions and use the Internet extensively for almost all applications, IBM and some major manufacturers said that users would want a powerful personal computer, if just for their ego. The dream of Sun Computer did not materialize. First, the Internet bandwidth was not sufficient at that time to handle heavy traffic comfortably. Second, a barebone computer market would be a blow to many manufacturers which depended on expensive personal computer models.

The situation is slowly changing with more service providers offering various online applications on the Internet, and the gradual increase in the bandwidth of the Internet in many cities. The OLPC (One laptop per child) project raised the popularity of cheap personal computers, with many services provided through an Internet browser. The worry on the collapse of the personal computer industry also diminishes because people want both the convenience of cloud computing and the crunching power of their high-end computers. Recently, BBC published an article on harnessing the power of clouds, summing up the up-to-date development and the future of cloud computing. You may wish to take a look on the latest thinking.

Imagine that all you need is a device with an Internet browser and Internet connection capability, which can be a personal computer, laptop, mobile phone, interactive television set, portable media player, or anything that can connect to the Internet. You can do all the things usually done on your desktop including email, word processing, communication, database management, photo editing, music editing, video editing without having any application software on your device. All your data are portable and are available anywhere whenever you can connect to the Internet. There will not be any chore in buying and upgrading software, backing up data and maintaining notes and schedules. You no longer need to possess physically the computer software and your own data. They are in the cloud and are available anywhere whenever you want them, with an Internet connection.

Besides the convenience of just-in-time software and data storage, cloud computing can also provide processing power beyond that of a personal computer. Heavy loading applications such as voice recognition, optical recognition and video editing and rendering can be performed by a data centre through online connection. There are services which accept your upload of audio, images and video and process them for you. These data are converted into a searchable database which can help organize your memory and your life.

Security concern is a major issue for cloud computing. We heard many horror stories lately on the leakage of personal data and confidential information through Foxy, a file sharing network. Someone carelessly uploaded secret files to the sharing area. More scary, there were rumours that computers infected by a certain virus were sending out secret files without its knowing it. Data security is a forever struggle in all areas of data storage and transmission. There are always bad elements aiming at your valuables no matter they are in cyberspace, your office, your home or even in a safe. While data in cyberspace, when targetted and compromised, could be affected very quickly, the cyberspace also provides the most comprehensive protection if properly managed. Whether data in the cloud are more secure than those in the harddisk or on paper file is for each of us to judge individually.

Data backup is also an important issue. It has to be balanced with convenience. When the connection to the cloud collapses, easy access to data goes with it. I usually back up my essential data once a day. It takes less than a minute. I admit that it is not perfect because if the cloud fails I will lose the work of the day, being only able to salvage data from last night's backup. I however consider it a reasonable arrangement.

Below are some useful services already in the cloud at present and the number is growing.

Apple Mobile Me - This service synchronizes e-mails, photos and contacts between multiple devices. Your desktop, laptop and mobile device will stay in sync so long as they have access to Apple's servers in the cloud.

Google Docs - Google Docs has an intuitive interface and consists of applications normally associated with the desktop: a word processor, spreadsheet and presentation designer. Documents can be saved to the cloud or to your own machine. Multiple users can work on the same document from different computers with changes taking effect almost instantly.

Adobe Acrobat - This attractive online word processor has cloud storage space for your documents. It also includes collaboration tools and an online PDF converter.

Jooce - Jooce is a flash based desktop environment aimed at users of internet cafes. Dragging a file onto the desktop actually uploads it to the cloud giving you easy access from any internet-enabled PC.

Blender 3D - Sun's data centres are available for hire by the hour to power on-demand cloud services. Used mainly for processing scientific data, the servers can also be used for rendering animations via the open source Blender 3D software on the desktop.

Evernote - Use your phone to take a snapshot of anything you need to remember then upload it to Evernote's servers in the cloud. Any text in the images is scanned and indexed to create a searchable database.

Live Search - Microsoft's search engine for mobile phones makes heavy use of cloud processing to bring a rich experience to searching on handheld devices.

Twitterfone - This service uses speech recognition in the cloud to convert voice messages into "tweets" on the social network Twitter.

Blist - A database application with an attractive interface, how-to videos and innovative drag and drop design. Once created, your database can be shared with other users of the site.

Picnik - This is photo editing in the cloud. Upload images from your local machine or import them from another site such as Flickr or Facebook. The site's colourful buttons mask powerful photo retouching tools. It is also possible to add text, shapes or a frame to your creation.

Adobe Photoshop Express - Another photo editor which makes good use of the cloud to store your pics. Tools for editing photographs will be familiar to users of Adobe's industry standard Photoshop image editor.

Saturday, June 14, 2008



找出果與因的關係:皮膚癌 .. 皮膚細胞基因異變 .. 可能受各種外物刺激 .. 亦可能係陽光中的紫外線和宇宙射線 .. 晒得太陽多機會較大 .. 皮膚見陽光就可能有機會 .. 人可以穿衣服抵擋陽光 .. 但有些皮膚位置會暴露於陽光下.. 腳部通常有鞋著 .. 有些人唔鍾意著鞋 .. 著人字拖。呢個粗疏的關係咁長唔係個個都記得;如果只取頭尾就 = 皮膚癌 .. 著人字拖。

報導搬出 "某" 本港皮膚科專家和 "某" 英國倫敦足踝專家以掩人耳目,又亂用統計數字,話過去三個月收到至少 "兩宗" 與 "太陽有關" 的皮膚癌個案,人字拖無端端慘被扣上傳播皮膚癌的罪名。如果以陰謀論推算,可能有公司密謀推出夏日專用防晒鞋,或者著人字拖專用太陽油。


Monday, May 26, 2008

Human resource management work 人力資源管理工作




為了解公務員職位是否仍具吸引力,公務員敘用委員會與公務員事務局會進行公務員工作吸引力研究,以行政主任等職系為對象。我有點不明白為何行政主任職系會被研究;是否行政主任有招聘困難呢?似乎這兩年申請報考二級行政主任的人非常多,而大學剛畢業的學生亦視行政主任為非常吸引的職位,二萬多元的入職薪酬亦是極高水平。吳榮奎認為晉升機會不足會使某職系不具吸引力,但他又說公務員職位穩定性高是優點。不論這兩點誰比較重要,他卻說晉升機會不足可以多做培訓來補救。但究竟培訓如何補救晉升機會不足呢?是否有很多人因缺乏培訓而未能勝任較高職位,而引致較高職位有空缺都沒有適合的人晉升。又或者有培訓機會就可以填補員工對晉升的期望。我覺得這兩個理由都不成立。今年四月各職級編制對其高一級的比例是:高級行政主任 3.3 : 1, 一級行政主任 1.4 : 1, 二級行政主任 0.5 : 1,可以說是十分理想;至於其中經驗青黃不接的情況就需要時間消化。





Saturday, May 24, 2008

Mendelssohn and earthquake victims 孟德爾遜和地震死難者

孟德爾遜和地震死難者其實是沒有關係的。昨晚 (5月23日) 聽香港管弦樂團音樂會,是一心想聽孟德爾遜的小提琴協奏曲 Mendelssohn's Violin Concerto in E minor。當音樂會開始時,由原籍四川的小提琴手程立宣佈,當晚的音樂獻給四川地震死難者,然後在正式曲目前,先奏一首慢板弦樂。一曲既罷,全場靜默,沒有掌聲,大家都默哀了一會。

不知是否巧合,或是早有預兆,這晚的曲目包括莫扎特的共濟會葬禮音樂 Mozart's Masonic Funeral Music,正值這個星期的全國哀悼期;而音樂會的節目是一年前已經安排好。莫扎特原來亦是共濟會會員 Freemason,為共濟會典禮寫過合唱曲,再將之改編為在兩位高級會員葬禮上使用的管弦樂曲。雖然這曲氣氛憂鬱深沉,但不失莫札特的風格,旋律優美,有恭送升天的感覺而不太悲哀。

音樂會主菜是由祖絲科域茲 Leila Josefowicz 演奏孟德爾遜的小提琴協奏曲。這首愉快的樂曲和今晚的氣氛有點不太配合,但有誰能預料到。我覺得她有點熱身不足,之前的哀悼氣氛不知對她是否有影響,第一樂章有點不足,未能全情投入音樂中。第二樂章有改善,可能困難的樂句使她更集中精神。第三個樂章就拉得非常好,快速的運弓使樂章充滿活力。她用的一把 Guarneri 古董小提琴,約有三百年歷史,音量雖然不是太雄亮,但音色很美麗。

當晚的曲目還有海頓的第43交響曲 Haydn's Symphony No.43 Mercury,和莫扎特的第38交響曲 Mozart's Symphony No.38 Prague,是一場收獲豐富的音樂會。

Wednesday, May 21, 2008


I wrote on James Lovelock's Gaia Theory in 2005. It is a very interesting theory which states that the whole earth is an organism, Gaia, which could regulate itself. Now, when interviewed by CNN in April 2008, he said that we had done sufficient damage to upset the balance of the present world. Although Gaia could live on, she would be due for another drastic change, one that human might be excluded from the equation. The climate crisis would put the human race to the test, that the world population could shrink to 500 million and would congregate only in small areas which were still inhabitable. I append below an extract of the article, or you may wish to read the full CNN report.

His view strengthens the point made by the 100 scientists in their joint letter to the Secretary-General of UN and copied to many heads of states regarding the mistake made by IPCC. The point is that we cannot fight climate change, but need to adapt to it. The adaptation needs world effort as quickly as possible, and we may be losing time on the wrong path.

If the prediction of James Lovelock is correct, then the human race may be facing the threat of extinction in this century, if not in the next few hundred years. What we should do now is to prepare the best chance of sustainability for those survived. We are facing the danger of losing arable land, potable water and clean air. It all comes down to a sustainable clean energy which could help build habitable havens with synthetic food, water and air. It is sci-fi material and we need a lot of creativity, innovation and will power.

Gaia straits: Planetary doctor says condition terminal
By Paul Willis For CNN 18 April 2008

James Lovelock is philosophical about the climate crisis. The 88-year-old scientist and originator of Gaia theory, has reached a bleak prognosis: the world as we know it is ceasing to exist. The impact of humanity has set in train processes that, according to Lovelock, are irreversible. Pollution, overpopulation and carbon emissions have already pushed the earth's delicate regulatory systems beyond the point of no return, he says, and steps to address the climate crisis can do no more than slow down the inevitable. "What we did was to pull the trigger in all of those things and set in course a motion, a change in the Earth, which is to all intents and purposes unstoppable," he tells CNN.

The legacy for future generations is a world where droughts and extreme weather are commonplace, large portions of the planet are turned to uninhabitable desert and billions of people destined to die off. He has predicted that by 2040 the Sahara will be encroaching on Europe, and by 2100 there will be only 500 million of us surviving close to the poles. It is a grim account of what's in store, and at odds with a large portion of scientific opinion that contends that if we take action now to cut carbon emissions, we can at least mitigate some of the worst effects of climate change.

The British scientist's seemingly fanciful assessments of our world have proved right in the past. In the 1960s he came up with a revolutionary understanding of how the world works. All living things, he theorized, have a regulatory effect on the Earth's environment, working together as one complete "superorganism" to sustain life. In other words, life itself creates the conditions for life. He named this holistic view of the planet: Gaia, after the Greek goddess of the Earth. At first embraced by the New Age and environmental movement, the essential truth of the Gaia hypothesis - that the Earth regulates itself - has since been adopted by the scientific mainstream.

According to Lovelock, the top down view of the planet as a whole system is why his predictions on climate change are more extreme, but also more accurate than those of leading scientific bodies like the Intergovernmental Panel on Climate Change (IPCC), which he claims is limited in its assessment because it is made up of specialists whose focus is too narrow. "The IPCC is made up largely of atmospheric physicists who are good at predicting the weather, but I'm not so sure that they are very good at predicting the future of the Earth. Likewise, the biologists who should be working with them are working separately and have produced the Millennium Ecosystem Assessments Commission's report and that's quite different from the IPCC and it's mostly concerned with biodiversity and things like that."

Oddly however, he insists that he is himself an optimist by nature. He's philosophical about the extinction of the human race, viewing it as just another stage in the Earth's life cycle. "Humans always think of these things in grand and big terms, rather than as part of the natural course of events. There are all sorts of organisms that have evolved on the earth in its long, long four billion years of history. For example, organisms like the photo-synthesizers appeared and, ultimately turned the atmosphere into one with lots of oxygen in it ... all sorts of dreadful things must have happened when that change took place. "What we're doing is small beer compared with what has happened in the past, and that's why the earth is so robust and strong and will cope with it."

As an environmentalist, he is also surprisingly upbeat about humanity in spite of the apparent mess we've made of the planet. Without realizing it, he says, humans set into motion a train of events we didn't realize we were in no position to control. "We're a wonderfully valuable species to our planet," he says. "You see the great system has existed all those years and for the first time ever it's had people talking about it, and we're part of it. So it's beginning to understand its position in the universe." Humans may face an uncertain future but Gaia, it seems, will live on.

Tuesday, May 20, 2008

Aliens are my brother

Pursuant to NOMA which is the effort of a scientist to defuse the debate between science and religion by playing ostrich, there is also effort by the Vatican to unite science and religion. I just read the article below in BBC published on 13 May. Vatican says aliens could exist. While I always thought aliens could exist because the almighty god cannot be bound by anything and that he would or would not create aliens, the notion which came from the Vatican has different meanings. Although it may be a gesture to dilute the confrontation with science in the face of religious myths being broken by science discoveries, the gesture has fundamental contradiction to the religious doctrines.

Are human (besides the Jews) the chosen people? What is the status of the aliens who may or may not be more intelligent than us, then what about other creatures?

Are aliens gods? If they are more advanced than us, then they may be able to perform miracles, govern us by supernatural power, reward and punish, and provide justice, perhaps even raise the dead.

If they have no original sin, then they may still be living in Eden. There is then no sacrifice of Jesus for them, and no basis of Christianity. Will they go to heaven after death?

Seems the Vatican is also prepared to celebrate Charles Darwin whose evolution theory is not accepted by those who believe in intelligent design and the creation.

Vatican says aliens could exist
By David Willey
BBC News, Rome, 13 May 2008

The Pope's chief astronomer says that life on Mars cannot be ruled out. Writing in the Vatican newspaper, the astronomer, Father Gabriel Funes, said intelligent beings created by God could exist in outer space. Father Funes, director of the Vatican Observatory near Rome, is a respected scientist who collaborates with universities around the world. The search for forms of extraterrestrial life, he says, does not contradict belief in God. The official Vatican newspaper headlines his article 'Aliens Are My Brother'.

'Free from sin' Just as there are multiple forms of life on earth, so there could exist intelligent beings in outer space created by God. And some aliens could even be free from original sin, he speculates. Asked about the Catholic Church's condemnation four centuries ago of the Italian astronomer and physicist, Galileo, Father Funes diplomatically says mistakes were made, but it is time to turn the page and look towards the future. Science and religion need each other, and many astronomers believe in God, he assures readers. To strengthen its scientific credentials, the Vatican is organising a conference next year to mark the 200th anniversary of the birth of the author of the Origin of Species, Charles Darwin.

Thursday, May 1, 2008

Climate Business

Harvard Business Review invited me to participate in a survey on green business, thinking I was still a senior manager of the government. In return, I was given a free copy of her Forethought Special Report: Climate Business. It is an useful report comprising twelve articles by renowned academics, covering various topics on the impact of climate change to the business environment. The articles are not very long, and are meant for fast reading. The entire report is only 16 pages long. Targeting the business community, the articles are not about the craze of environmental protection, nor the myth that it is the humankind who is destroying the planet earth.

One of the articles is co-authored by Michael Porter and Forest Reinhardt on a strategic approach to climate. Knowing Michael Porter, you would expect that he writes again on the competitive environment. The main theme of his article is the business strategies required to deal with the present competitive environment affected by climate change. On the outset, Porter states that company policy on climate change is no longer a corporate social responsibility issue; it is a business problem and should be looked at from the strategist angle rather than the philanthropist angle. Climate change creates both threats and opportunities for a business, and is a major element affecting the forces of competition. The obvious candidate is the cost of carbon emission which affects operation costs and supplier bargaining power in the form of government regulation. Besides, every firm needs to evaluate its vulnerability to climate-related effects such as regional shifts in the availability of energy and water, the reliability of infrastructures and supply chains, and the prevalence of infectious diseases. On the other hand, there are also opportunities to enhance or extend their competitive positioning by creating products, such as hybrid cars, that exploit climate-induced demand, by restructuring their industries to address climate issues, or by innovating in activities affected by climate change to produce a genuine competitive advantage. There have been many major forces in the past which dramatically reshaped the business world, such as globalization and the IT revolution. Porter considers that climate change, in its complexity and potential impact, may rival them both.

There is an article forecasting how will a warmer world look in this century. This is a pragmatic approach. The present rivalries between countries on restricting carbon emission are just political shows. Even if the targets set by the international community are met, which is unlikely, they still cannot reduce carbon emission to the level of reducing global warming. The urgent tasks at hand are actually actions required to mitigate the effect of a warmer world. The forecast presents various possible scenarios which the business sector should take into account in devising strategies.

Another target area is risk management and how to invest in global security. An article advises companies to anticipate the ways that climate change may directly affect their businesses, including supply chain breakdowns, employee migrations, and increases in diseases. In addition, they need to evaluate their risks more broadly, identifying whether the environments they operate in are susceptible to catastrophic, cascading climate-related disruption such as floods, droughts and storms. The most vulnerable will be places where the state has limited capacity to respond, the local ecosystem is fragile, urbanization is accelerating with few social services, and water supply is stretched. Companies can help these places plan for climate change and reduce their own risks by making proactive investment in tougher local air and water quality standards, and prepare themselves to help with urgent relief efforts.

In going green, one article raises a warning of backfiring on the purchase of REC (Renewable Energy Certificate). In the past two years, some companies declared going green by purchasing such certificates. Such products have been popularly marketed as carbon offset, and also promoted to the consumer market of the individuals. Some energy plants producing renewable energy in the form of wind farming and solar panels, and some forestry companies owning plantations which absorb carbon dioxide are selling certificates of such clean initiatives to fire-power companies and others. By doing so, the buyers claim that the cost they paid offset the pollution they created. Such claims are now being questioned as such certificates are considered to be merely pieces of paper documenting the generation of clean power by others. They don't cause clean electricity to be made and they are an after-thought printed up to bring in additional revenue. As such, most don't actually offset the buyer's carbon emission or reduce the amount of carbon put into the air.

If you are interested in the report, you can ask me for a copy.

Friday, April 25, 2008


You may have heard the famous biblical story in Matthew 22:21. When Jesus was asked whether it was lawful for Jews to pay taxes to Caesar, he pointed to a coin and said Render unto Caesar the things which are Caesar's, and unto God the things that are God's. This was a trick question, and what Jesus gave was a trick answer. It could well be said that Jesus agreed that taxes should be paid, and that Israel belonged to God not the Romans. It would not be satisfactory both to the Jews nor the Romans.

The Jews had much doubt on Christianity because what they saw was not commensurate with the Old Testament's prophecy of the messiah; especially Israel was not saved from the Romans and the Jews continued to suffer. This situation went on for over two thousand years.

The first famous attempt of a logical explanation was by Aurelius Augustinus in about 400 AD. I read about him in the book A History of Knowledge last year. Augustinus, later St Augustine, wrote the book The City of God. He emphasized on the story of Caesar's tax and proposed the distinction of earthly wealth and heaven in two different cities: the City of Man and the City of God. Thus all the prophecies of the Old Testament could be said to be delivered in the City of God. St Augustine's thesis was the golden book of the Catholic church for many centuries. However, philosophers of all times were not satisfied with the explanation and the debate went on. When religion asked the faithful to prepare for the City of God, science could not find evidence of the City of God but consider the City of Man worthy of study.

A recent development of the debate was NOMA. I read about it in The God Delusion. It was a recent proposition by Stephen Gould who was a paleontologist. On the relationship between science and religion, he proposed that these two are on two non-overlapping magisteria (NOMA). According to Gould, each "magisterium" occupies a separate realm of human understanding. NOMA principle is "the magisterium of science covers the empirical realm: what the Universe is made of (fact) and why does it work in this way (theory). The magisterium of religion extends over questions of ultimate meaning and moral value. These two magisteria do not overlap, nor do they encompass all inquiry."

It is interesting to note that the NOMA principle came from a scientist. In reality, many scientists are religious from their upbringing. The fact that their scientific knowledge constantly disproves their religious belief is hard to bear, bordering on schizophrenic. In plain language, NOMA provides a seemingly scientific answer to not answering the quest to expose the religion delusion. Richard Dawkins wrote a long passage on NOMA. Among his many arguments, there were two that I found worthy of mentioning. First, he did not agree that science would be unable and should not talk about ultimate meaning and moral value. These have been the subjects of research in many branches of scientific studies. Many answers to some extent were found but work was still going on. Second, what were the abilities of religious gurus in providing answers to the ultimate meaning and moral value? So far, we have only seen man-made doctrines and rituals claimed to have such effects but they in fact did not.

NOMA is an attempt to call a truce to the debate. This attempt is unnecessary as the debate goes both ways. Besides winning or losing in the war of words, the debate provides an on-going interest to the religion delusion for both sides. Any new scientific discovery could provide a moment of excitement of disproving a religious myth while religion would then drum up support and counter-arguments which could encourage more converts.

I think NOMA works in another way. If god is symbolic of the unknown, then he resides in all areas that science is still searching for an answer. When science approaches, god would exist in a higher level of unknown, which is another magisterium yet out of reach. As such, earthly logic and reasons in our magisterium do not apply, and all logical reasons on the existence of god or otherwise are futile. An almighty god could not be bound by the human magisterium of emotions such as love, hate, envy, anger, revenge, reward, punishment, forgiveness and pity, etc. Any attempt to ask, beg, pray, worship an idol for anything good or bad is useless because god is in a higher magisterium which would or would not overlap with ours.

Friday, April 18, 2008

The Myth of Social Cost

The Myth of Social Cost by Steven Cheung

May be Steven Cheung' books are out of fashion. I found this book selling at a nominal cost of $20. Steven Cheung said that it could hardly be called a book but rather a long paper. With a long prologue and a long epilogue, they marginally make a 93-page small book. The book may be small, but the idea is big.

The title of the book is on social cost, while the Chinese title is social damage or social loss. The main focus of the book is actually on externalities. In economics, an externality is an impact, which may be positive or negative, on anyone not party to a given economic transaction. Social cost falls into this category when the society is not a party to the transaction. Social cost generally has a negative meaning. However, externality also includes social benefit. There is social damage only when the social cost is greater than social benefit.

Externality is a subject made famous by Arthur Pigou. He advocated that externalities could be rectified by government intervention or taxation. Such kind of taxation, now known as Pigovian tax, is a tax levied to correct the negative externality of a market activity. A Pigovian tax may be levied on producers who pollute the environment to encourage them to reduce pollution, and to provide revenue to counteract the negative effects of the pollution. Pigovian taxes are sometimes called sin taxes, such as those on alcohol and cigarettes. Followed up by John Keynes, this school of thought led to the Keynesian economics which believed that the government should be responsible for shaping the economy through government spending and intervention.

Steven Cheung, together with economists Ronald Coase and others in UCLA, Chicago University, University of Washington, and Virginia Polytechnic Institute and State University were on another route finding out the flaws in the Pigovian analysis. Their line of work was best known in the achievement of Milton Friedman of the monetarist school of economic thought.

The book has a lot of mathematical presentations which are hard to understand. But the narrative part is eloquent in rebutting many illustrations of externalities used by Arthur Pigou and others. It adequately satisfies the aim of the book in exposing the myth of social cost.

Pigou raised the case of the railroad through the wheat field as an example of externalities. He proposed that the railway company should compensate the owners of the wheat field because the cinder of the train would damage the wheat. However, upon investigation, the wheat production by the railroad was increased because the train scared away the birds which fed on the wheat. Another example was the noise produced by an airport as an externality to land price. The contrary was true because the land price increased owing to its proximity to the airport.

Another famous example was the bees and apple farming proposed by Meade. He said that the bees collected pollens from the apple flowers and made honey, but the beekeepers did not pay anything to the apple farmers. Such externality should be regulated by a tax on bee keeping to compensate apple farmers. However, the truth was that bees collecting pollens also helped fertilize the apple trees. The force of the market was revealed from the fact that there were contracts between apple farmers and beekeepers on the rental of space in the apple farm for setting up beehives.

Steven Cheung explained that the book was not meant to be used as argument against government intervention. The main point was that "application of economic theory must rest upon careful empirical investigation to ensure that the facts are true, that the hypotheses are testable, and that the tests are performed." John Burton, in the epilogue of the book, added a general conclusion for public policy, "Given the inherent defects, complexity, cost and bias of an intervention solution, the general rule should be to let the price system deal with externalities whenever possible. Government intervention, domestic or supranational, is best kept as a solution of the last resort. Even so, government intervention must be carefully scrutinized, because the costs and external side effects may outweigh the benefits. The mere existence of externalities does not provide a clear case for some kind of public intervention."

Thursday, April 10, 2008

Joint Office

Those in the government long enough would know the meaning of a joint office. It is meant to deal with matters which no one department is responsible for; thus a joint office is set up comprising staff of more than one department. It does not change the subject matters. They are still things which no one department is responsible for, or more plainly: no one is fully responsible. Worse still, a joint office could be the place where different groups of civil servant shed their responsibility. Instead of jointly responsible, they each have a reasonable excuse of not to be responsible.

This typical bureaucratic practice is fully illustrated in the investigation report on water seepage problem published by the Ombudsman today. I heard the plan of setting up the joint office a few years ago and the background of the problem. At the beginning, EO were involved because HAD was one of the parties in the team owing to liaison work with private building management committees. HAD was very clever in not participating in the joint office owing to ignorance of technical matters. Actually the problem is not technical because the disputes are mainly between neighbours refusing to co-operate when the source of seepage could not be identified without entering private premises and knocking down some walls.

Water seepage is a building maintenance issue in private properties. The government is dragged in and becomes a target of criticism because sometimes, but often not necessarily, the seepage could become a public nuisance, create building structural damage, or waste potable water. Major problems such as bursting of water pipes or drainage pipes would be quickly looked at by the premises owners. Only minor problems such as stained walls or minor cracks, which might not fall into the control of government, would blow up into complaints to Ombudsman. However, my sympathy does not go to the departments. A loosely made joint office is an example of the wrong side of bureaucracy. This is a good research subject of management science on team work and group dynamic.