It's time to talk about productivity again

Remember when everybody used to obsess over productivity? That conversation has fallen out of fashion in recent years. But it's time to bring it back.

The reason is that productivity crashed this year.

A productivity decline in the second quarter of this year was the largest ever recorded by the Bureau of Labor Statistics. (It recovered very slightly in the third quarter.)

Changes in productivity appear to shed light on the remote work/work-from-home trends. A simplistic view is that productivity went up when more people worked from home, then crashed when many were forced to come to work again.

I'm a strong advocate for remote work, but I think this conclusion is wrong.

What is it about Provençal cuisine that makes it so irresistible?

Great farmers, highly skilled chefs, a long tradition of country cooking, a brilliant Mediterranean fishing coastline in the South of France, the world’s greatest farmland and the double influences of French cooking specifically, and Mediterranean cooking generally. And truffles! 

Provence is also one of the world’s great wine countries. 

Like Italian and Greek food culture, Provençal gastronomy is a “cuisine du soleil,” a profoundly Mediterranean cuisine based on seafood, olive oil, beans, herbs and plenty of vegetables. 

Provence dishes favor the world’s tastiest lamb; most amazing produce like tomatoes, cherries, berries and more; a delicious salmon-looking trout called the Sorgue trout; and many other incredible ingredients. 

But it’s also specifically French, with the world’s greatest cheese, wine and bread.

But here's why the food of Provence is so amazing

I'm on TWiG!

Don’t miss This Week in Google, with hosts Leo Laporte, Jeff Jarvis, Ant Pruitt and guest: Me! Watch here now.

We talk about the FTX celebrity fallout, Elon Musks Twitter blunders, the end of Protocol, the Swifty Ticketmaster crunch, all manner of Mastodon matters, Amazon layoffs, narcissistic billionaire troubles, the fate of Evernote, birdsong, NASA’s moon launch, Google Wallet on Fitbit, Android Auto and more!

Subscribe to TWiG.

Get the show notes, download, associated links and more.

Get episodes ad-free by joining Club TWiT!

How the DNSChanger shutdown changed cybersecurity

On the morning of July 9, 2012, the world braced for an “internet doomsday”: a full-scale crash of the global internet.

Except it didn’t happen. And that non-event represented the culmination of a long and successful coordinated action taken between a huge number of organizations, spearheaded by the FBI.

It was one of the most remarkable operations in the history of cyber crime, and it led to lasting changes in how professionals think about and defend against malicious cyberattacks. 

Here's how the DNSChanger malware reaction changed cybersecurity forever. 

Why are cloud misconfigurations still a major issue?

Cloud misconfigurations are by far the biggest threat to cloud security, according to the National Security Agency (NSA). The 2022 IBM Security X-Force Cloud Threat Landscape Report found that cloud vulnerabilities have grown a whopping 28% since last year, with a 200% increase in cloud accounts offered on the dark web in the same timeframe.

With vulnerabilities on the rise, the catastrophic impact of cloud breaches has made it clear that proper cloud security is of the utmost importance. And so the question arises: Are your organization’s misconfigured cloud resources being advertised to malicious hackers?

How ‘synthetic media’ will transform business forever

The biggest technology-driven trend to affect business in the coming years is synthetic media. Yet this phrase is rarely even uttered in boardrooms and on Zoom meetings.

It’s time to clarify what synthetic media is, and why it’s going to be so impactful.

Synthetic media is any kind of video, pictures, virtual objects, sound or words that is produced by, or with the help of, artificial intelligence (AI). This category includes deepfake content, text-prompted AI-generated “art,” virtual content in virtual reality (VR) and augmented reality (AR) environments, and other new content types.

Many synthetic media tools started as obscure academic research or limited-beta online playthings. But it’s now on the brink of making a colossal splash in business, marketing, media and, well, human culture.

How colossal? In the book “Deepfakes: The Coming Infocalypse,” author and synthetic media analyst Nina Schick estimates that some 90% of all online content may be synthetic media within four years.

Here's why media is going synthetic

Digital nomad pro tip: Don't skimp on a backpack!

My backpack failed me in the worst way. The zippers failed at the Marseille Airport rental car lot. The backpack was less than a year old. 

In October of last year, I bought the Endurax Camera Drone Backpack. I liked it because it had a flat drone launching pad, a rain-proof cover, lots of space and cost only a hundred bucks on Amazon

Big mistake. 

The front panel, which exposed the entire innards of the backpack, closed with two zippers, which met in the middle. 

Some months ago, one of the zipper's sliders slipped off the "teeth" or "chain" of the zipper. It was inconvenient, but I kept using it with the other zipper. 

Then, a couple months ago, the second zipper slipped off as well. I had to carry the backpack horizontally with both arms in front of me to the rental car. (I understood the possibility of using pliers to re-connect the sliders. But I had lost faith in the zipper.)

Once we arrived at our apartment in Provence, I used the mini day pack that attaches to, and came with, my Meridian rolling luggage. The pack is handy, but it's really a minimal, poorly protected skimpy backpack. That's what I used for the next two months. I carried it across France, Spain and Morocco. I wore it in the Sahara desert. 

In that tiny backpack I squeezed my brand-new M1 MacBook Pro, my iPad Pro and my Sony A7 III dslr into the backpack, using T-shirts for padding. 

During two months of travel, the flimsy backpack damaged the expensive Pad & Quill cover for my laptop, and probably damaged my camera. It was painful to wear. When it rained, I had to take shelter because I knew the backpack couldn't handle the rain. 

It was a stressful, painful two months, thanks to the failure of my backpack. 

But no more. 

I just bought the Peak Design 45L Travel Backpack (pictured above). It cost three times the amount as my previous backpack, and worth every penny. It has super high-quality, waterproof zippers. All the materials are extremely high quality, plus it has a gazillion great features that you can research if you're interested (mostly around the designs for wearability, access and straps). It's really an incredible backpack. I also bought a small "Camera Cube" to optimize the protection and use of my DSLR. 

My point is not to praise the Peak Design backpack specifically, but to offer the following advice: Don't fuck around with your backpack purchase if you're an internationally traveling digital nomad, especially one like me who carries expensive gear. 

My attempt to save a few bucks almost cost me thousands of dollars in damaged equipment, nearly wrecked my back and created needless stress while traveling. 

When you buy a backpack, get one that will not fail you. When you're abroad carrying expensive gear, backpack failure is not an option. 

What CISOs want to see from NIST’s impending zero trust guidelines

Cybersecurity at U.S. federal agencies has been running behind the times for years. It took an executive order by President Joe Biden to kickstart a fix across the agencies. The government initiative also serves as a wake-up call to enterprises lagging in getting zero trust up and running. 

There’s much to be learned, and much to be gained, by CISOs from NIST’s zero trust guidelines. Above all, understand that the zero trust era is truly here.

Quit quitting on the quiet quitters

Though definitions vary, quiet quitting is the deliberate withholding by an employee of their full potential effort at work.

The Gallup organization calls "quiet quitters" "actively disengaged workers," and their percentage has, in fact, risen in the past two years.

But the "quiet quitter" label is new, enabling the concept to go viral on social media.

Technically, the phrase is misleading. Quiet quitting is explicitly undertaken as an *alternative* to quitting. 

But quiet quitting represents a breakdown in communication. And that's the biggest problem. The problem isn't the "quitting" (that isn't quitting). The problem is the "quiet" part.

It's time to communicate. So don't quit on the quiet quitters.

Nearly all surveyed voice actors fear being replaced by AI

A survey by the UK's union for performing arts workers, Equity, found that 93% of audio artists thought AI posed a threat to their jobs. 65% of all members thought the same. 

AI-based audio tools aren't in the union, don't get tired and work super fast., for example, can create an audiobook in 10 minutes in 43 languages. Great piece in the Financial Times

Clothing store hires virtual model as the computer-generated face of their brand

The clothing store PacSun has hired Instagram "influencer" Lil Miquela as their new model. 

Miquela is a fake person created by a Los Angeles software company called Brud. The simulated human, who has 3 million followers on Instagram, previously did "modeling" work for Calvin Klein and often appears superimposed in photographs interacting with real humans. 

Instagram posts on the @lilmiquela account generate confused but enthusiastic comments: 

How you been ????

Bestie you look hot!

I love you

Surely they know that there is no Miquela there. What's disturbing is that people do know, but don't care. They seem to want to interact with an influencer, but don't care that the influencer they're interacting with isn't there at all. 

Some consider Miquela to be the future of branding. As a model "she’ll never age, clothes will always fit her perfectly in advertisements, and she’ll always do exactly what you ask of her," according to Input magazine.

Come to think of it, those are great qualifications for actors -- either wholly fabricated or re-creations of living actors.  

What you need to know about the metaverse office of the future

It’s easy to say, as many have in recent months, that the office of the future is in the so-called metaverse or that the metaverse is the solution to remote and hybrid work issues.

It’s easy because the word “metaverse” does not have a universally accepted meaning.

For example, if the statement “The office of the future is in the metaverse” means people start their day by putting on virtual reality (VR) goggles, sitting at a virtual desk using a virtual computer surrounded by avatars, and going to virtual meetings in a universally shared extended-reality virtual space, I would strongly disagree with that prediction.

If, however, the statement means that, in addition to the tools we have now, we’ll also sometimes use augmented reality (AR) and VR briefly for specific purposes, I would not only agree, I would say:

“Of course — this has been assumed for decades. This is obviously going to happen.”

Forget the hype and wishful thinking. Here's how "metaverse" technologies will affect the future of work.

Why your company should subscribe to podcasting

The remote work revolution comes with challenges that have not been remotely solved in most organizations that have made the transition.

Among these challenges are:

  • Remote onboarding;
  • Zoom fatigue and remote meeting overload;
  • Up-to-date cybersecurity and tech training;
  • Culture-building by remote staff;
  • Asynchronous communication

The solution to these problems may be right there in your pocket: podcasting. Here's why. 

The past, present and future of endpoint management solutions

Endpoint management is a simple concept that’s become more complex over time. Initially, it was about provisioning and managing the computers and devices that people use in your organization in the bring your own device (BYOD) and mobile computing era. Then the Internet of Things (IoT) made things far more complex. And now perimeter security is being replaced by zero trust. 

The evolution of endpoint management is one of tackling increasing complexity. Here's what you need to know. 

The Guelaguetza: Oaxaca’s epic indigenous cultural event of food, dance, music and spectacle

The Guelaguetza: Oaxaca’s epic indigenous cultural event of food, dance, music and spectacle

Each summer, the city of Oaxaca dresses up in retina-searing colors and transforms itself into the most important indigenous cultural event anywhere in the Americas.

We've had the privilege of attending this year's Guelaguetza Festival for the first time, thanks to the help and courtesy of Oaxacan friends. And we have loved every minute of it.

Here's what the Guelaguetza is all about

How remote work will improve lives — and destroy cities

Remember when tech workers were ruining San Francisco by their very presence?

The crisis peaked between 2014-2017 when the booming tech industry was blamed for driving up the cost of real estate. Tech companies drove high demand for office space and also rental housing.

Now they're being blamed for ruining San Francisco — by their absence.

The absence of tech and other workers is crushing city budgets and services, which could cause a chain reaction leading to the decay and shrinking of urban centers.

NIST supply chain security guidelines: 10 key takeaways

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) recently published updated guidance for reducing cybersecurity risks in supply chains.

Titled “Software Supply Chain Security Guidance,” the update is NIST’s response to directives issued by an executive order by President Joe Biden, designed to improve cybersecurity in the United States. 

This NIST guidance is assumed to target federal agencies. However, NIST points out that it can apply to all kinds of organizations. It’s one of the most thorough references out there for cyber supply chain risk management. 

Don’t want to read a 326-page document? Here are the 10 key takeaways that can inform your efforts to secure your supply chain.

Don’t get too emotional about emotion-reading AI

Call it “artificial emotional intelligence” — the kind of artificial intelligence (AI) that can now detect the emotional state of a human user.

Or can it?

More importantly, should it?

For the most part, and for now, the use of emotion AI tools may be misguided, but mostly harmless, as long as everyone involved truly consents. But as the technology gets better, and face-interpreting, body-language reading technology approaches mind-reading and lie detection, it could have serious implications for business, government, and society.

In general, all this is part of a new phase in the evolution of AI and our relationship to the technology. While we’re learning that it can solve myriad problems, we’re also finding out it can create new ones.

Why meetings don't work anymore

Meetings don't work.

Or, at least, the majority of staff meetings are time-wasting, productivity-killing, creativity-stifling products of wishful or delusional thinking.

Before the pandemic and its mass movement to remote and hybrid work, meetings were already problematic.

We've all seen how meetings fail.

Most meetings in the office result from a policy to hold regular — often weekly — staff "update" meetings. Or they're the result of procrastination. We can't make a decision right now, so let's schedule a meeting. Or some new initiative, problem, or idea inspires action, and scheduling a meeting feels like action.

Once the meeting begins, eyes glaze, and some meeting participants start mentally tuning out the conversation while pretending to pay attention. (Others don't even pretend; it's become increasingly normal or acceptable to stay glued to a laptop or phone screen during meetings.

Meetings are often dominated by attention-seekers, ladder climbers, extroverts, and long-winded speech-makers. In contrast, others mostly remain silent with little to no correlation between saying something and having something to say.

Meetings suppress creative thought. Most end in a fog of vagueness, without clear objectives, deadlines, and assignments.

And employees hate them.

Here's why meetings don't work anymore and what to do instead. 

[About this newsletter. My "Future of Work" email newsletter is published by Foundry. The newsletter is both ad-free and free of charge. BUT, because Foundry newsletters are aimed at technology and business professionals, you'll be asked some basic information as part of the subscription process. Please provide! I'd love for you to subscribe to my Future of Work newsletter. -Thank you! -Mike]

Hospital ransomware attack: Here’s what a cybersecurity success story sounds like

Major ransomware attacks are scary, but against hospitals, they are even worse. One notable attack in August 2021 forced Ohio’s Memorial Health System emergency room to shut down (patients were diverted to other hospitals). In all hospital attacks, the health, safety, privacy and lives of patients face risk. But this incident also shows that whether targets are hospitals or any other kind of organization, the time and money spent preventing attacks is almost always worth it. 

But what do you do if protective measures fail? What can be done once an attack is already happening? 

One health care IT director set a fantastic example of what to do when an active ransomware attack was detected.

What cybersecurity teams can learn from the US Cyber Command’s ‘Hunt Forward’ operations

After decades of playing defense, the United States government went on the offense in the past few years against global state-sponsored cyber attackers. U.S. Cyber Command conducted “hunt forward” operations recently in 16 countries, including in Ukraine, as part of a policy set in 2018. 

This policy involves partnering with foreign countries on finding cyber threats against them. The idea is that, instead of the U.S. and its smaller allies each facing common adversaries alone, they do so together. The U.S. provides more resources and its allies provide access to its critical networks. What can cybersecurity teams working with other organizations learn from their tactics?

It's time to bulldoze your open-plan office and start over

Before COVID-19, open-plan offices were on the rise. Facebook's new Menlo Park headquarters boasted the "largest open floor plan in the world," for example.

The open-plan office obsession, which probably peaked around ten years ago, was based on what I've called "collaboration bias" — the under-examined assumption that ad-hoc social encounters are more valuable for business, creativity, and productivity than un-interrupted "deep work."

But a series of recent surveys shed new light on the misguided disaster that is the open-plan office and the importance of private offices, regardless of where they are.

While employees hated open-plan offices before, disdain for open-plan offices is greater now than before the pandemic, according to a survey by Framery, which makes sound-proof booths for offices. Some 41% say their ability to concentrate in an open-floor plan office significantly worsened after the pandemic.

But let me be very clear: Open-plan offices are a threat to your company's ability to succeed. 

[About this newsletter. My "Future of Work" email newsletter is published by Foundry. The newsletter is both ad-free and free of charge. BUT, because Foundry newsletters are aimed at technology and business professionals, you'll be asked some basic information as part of the subscription process. Please provide! I'd love for you to subscribe to my Future of Work newsletter. -Thank you! -Mike]

One year after the Colonial Pipeline attack, regulation is still a problem

The privately held Colonial Pipeline company, which provides nearly half of the fuel used by the East Coast — gasoline, heating oil, jet fuel and fuel for the military totaling around 100 million gallons a day — was hit by a double-extortion ransomware attack by a DarkSide group in May of 2021. 

In reaction, the company shut down pipeline operations and IT systems. Next, they brought in FireEye’s Mandiant to conduct cyber forensics. 

The event triggered panic in national security circles. After years of talk about whether a state-sponsored cyberattack could shut down major infrastructure or utilities on a massive scale, it seemed like that fear finally came true. In fact, the company was motivated by money and chose to shut down.

Still, the Colonial Pipeline attack mobilized the federal government into action. And that action is what’s still causing lingering problems.