The Black Liszt

Category: Experts

  • Summary: Software Experts

    This is a summary with links to my posts on software experts. For medical experts see this:

    https://blackliszt.com/2023/08/summary-the-medical-industrial-complex.html

    The hype about experts is so extreme, it’s important to take a bit of time mocking it. After all, experts confirm that experts are super-smart and never make mistakes!

    https://blackliszt.com/2021/04/experts-are-super-smart.html

    Medical doctors considered blood-letting to be a standard part of medical practice until well into the 1800's. They continued to weaken and kill patients with this destructive "therapy," even as the evidence against it piled high.

    The vast majority of software experts strongly resemble medical doctors from those earlier times. The evidence is overwhelming that the "cures" they promote make things worse, but since all the software doctors give nearly the same horrible advice, things continue.

    https://blackliszt.com/2019/02/what-software-experts-think-about-blood-letting.html

    The Wannacrypt ransomware attack caused havoc world-wide in major corporations and government institutions. It's a textbook lesson in a number of subjects including the worthlessness of most Experts and the rank illiteracy of otherwise highly educated journalists about computing.

    https://blackliszt.com/2017/05/the-ransomware-hack-attack-lessons-from-the-experts.html

    Governments are filled with Experts, particularly on important subjects such as security. In 2017 the US government declared that the Russian government hacked important US entities. The official report was filled with impressive-sounding evidence that demonstrated the incompetence and/or duplicity of the agencies that issued it. The majority of the US press simply echoed the nonsense.

    https://blackliszt.com/2017/01/russia-hacks-dnc-podesta-email-fake-news.html

    Big Data is one of those subjects that is widely touted but opaque to most people. It’s a classic forum for Experts to have their statements taken as infallible. A famous expert in Big Data and elections made an error in a recent election that clearly illustrates typical Expert behavior of seeking an outcome instead of the truth.

    https://blackliszt.com/2017/04/big-datas-big-face-plant.html

    Experts and anointed authorities of various kinds, both academic and commercial, have been the front lines of resistance to innovation for centuries. They are the firewall keeping rogue ideas outside the environments they oversee, protecting them from bad influences that their naïve but innocent charges might inadvertently adopt.

    https://blackliszt.com/2020/05/experts-vs-innovation-new-book.html

    Groups like Gartner sell expertise as a service. Go to them if you want to know the best thing to do! The real value of such groups is to help executives avoid risk and avoid blame when things go wrong. Innovation? Industry-acknowledged experts are not the way to go.

    https://blackliszt.com/2017/05/the-value-of-computer-industry-advisory-groups.html

    If you're doing something new and want to do it right, it's natural to seek the help of someone who's been there and done that. If you want to do the thing in an innovative way, that's all the more reason to seek expert help. The trouble is, however useless experts are in general, they’re worse when it comes to innovation. The history of manned flight is a good example.

    https://blackliszt.com/2016/07/innovation-and-experts.html

     

  • The Experts are Clear: Control your Blood Pressure

    Most of us have heard about high blood pressure. It's one of those conditions that afflict a large number of people. Nearly half of American adults are said by the AHA to have it! You may be able to control it by maintaining a healthy lifestyle, things like avoid eating saturated fats, salt and alcohol, keeping your weight down and getting exercise. Fortunately, there are drugs that can help keep it under control.

    Why should anyone care? Strokes! Heart attacks! Premature death!

    Is this one of those things that floats in the air but isn't real? Let's take a look at what people who know what they're doing say about it.

    The American Heart Association (AHA)

    Blood pressure is all about the heart, right? So let's start with the medical association that's all about keeping our hearts healthy. They make it very clear why we should care:

    Health threats diagram

    Those folks at the AHA may be doctors who can't write legible prescriptions, but they were sure able to rope someone into producing a scary diagram! OK, you've got my attention. Here's the facts with blood pressure:

    HBP

    What can I do?? What if I maintain a good weight, eat a heart-healthy diet, cut back on salt and the rest and my BP is still scary? There are medications.

    How long will you have to take your medication? Perhaps for the rest of your life.

    OK, then. If that's what has to be done to avoid the things in the scary diagram above, then so be it.

    More American Heart Association (AHA)

    I decided to dig a bit deeper. When did they come to this conclusion?

    Here is a chart from the AHA as it was in May 2010:

    Screenshot 2022-04-15 150201

    Compare this to the same chart on the same site in April 2022, shown earlier.

    It appears some things have changed! Basically they've decided to crank up the alarm level on most of the numbers. You can observe the differences yourself; Stage 2 hypertension is a good example. In 2010 you had it if your numbers were more than 160/100, while now it's 140/90. In 2010, if your pressure was below 140, you didn't "have" hypertension — just "prehypertension." Now, stage 1 hypertension starts at 130.

    I did some research. The change happened in 2017. Here is the AHA's news release on the subject:

    High blood pressure should be treated earlier with lifestyle changes and in some patients with medication – at 130/80 mm Hg rather than 140/90 – according to the first comprehensive new high blood pressure guidelines in more than a decade. The guidelines are being published by the American Heart Association (AHA) and the American College of Cardiology (ACC) for detection, prevention, management and treatment of high blood pressure.

    The guidelines were presented today at the Association’s 2017 Scientific Sessions conference in Anaheim, the premier global cardiovascular science meeting for the exchange of the latest advances in cardiovascular science for researchers and clinicians.

    Rather than 1 in 3 U.S. adults having high blood pressure (32 percent) with the previous definition, the new guidelines will result in nearly half of the U.S. adult population (46 percent) having high blood pressure, or hypertension.

    A whole lot more people have high blood pressure! I sure hope they did their homework on this. Reading on we find:

    The new guidelines were developed by the American Heart Association, American College of Cardiology and nine other health professional organizations. They were written by a panel of 21 scientists and health experts who reviewed more than 900 published studies. The guidelines underwent a careful systematic review and approval process.

    OK, it looks like a whole team of experts was in on this one. 

    Harvard Medical School

    Better check with the people who train the best doctors. Let's make sure this is really up to date.

    Harvard

    Here's what they have to say:

    Arteries that are tensed, constricted, or rigid offer more resistance. This shows up as higher blood pressure, and it makes the heart work harder. This extra work can weaken the heart muscle over time. It can damage other organs, like the kidneys and the eyes. And the relentless pounding of blood against the walls of arteries causes them to become hard and narrow, potentially setting the stage for a heart attack or stroke.

    Most people with high blood pressure (known medically as hypertension) don't know they have it. Hypertension has no symptoms or warning signs. Yet it can be so dangerous to your health and well-being that it has earned the nickname "the silent killer." When high blood pressure is accompanied by high cholesterol and blood sugar levels, the damage to the arteries, kidneys, and heart accelerates exponentially.

    Sounds scary. Can I do anything about it?

    High blood pressure is preventable. Daily exercise, following a healthy diet, limiting your intake of alcohol and salt, reducing stress, and not smoking are keys to keeping blood pressure under control. When it creeps into the unhealthy range, lifestyle changes and medications can bring it down.

    They agree. There are pills I can take.

    Department of Health and Human Services (HHS)

    Let's make sure the government is on board. After some looking it was very clear that HHS is in favor of keeping blood pressure under control. Finding out exactly what they think and what they're doing proved to be a bit of a challenge. Here's some of the things I learned our government is doing to help us:

    • They have published standards and require reports requiring health providers to specify the frequency of visits and other things they are performing with their patient population to control blood pressure.
    • They sponsored the Million Hearts Risk Check Challenge, asking developers to create a new consumer app that informs consumers of their general heart risk, motivates them to obtain a more accurate risk assessment by entering their blood pressure and cholesterol values, and directs them to nearby community pharmacies (and other locations) offering affordable and convenient blood pressure and cholesterol screenings.
    • The Surgeon General issued a Call for Action to Control Hypertension. It's a major document issued in 2020. Sadly, the link to the document was broken, so I wasn't able to read this important initiative. But here's a helpful diagram about it:

    Hhs

    The fact that the document was issued is impressive. The section introducing it has a stirring ending: "We must act to preserve the nation’s cardiovascular health now and into the future. Together, we’ve got this!"

    Conclusion

    Governments and the big authorities in the field are united in the effort to keep us all more healthy by encouraging us all to address the "silent killer" of hypertension. They want us to address it first of all by lifestyle changes, but if that fails, medication is available to keep things under control. Even if we have to take a couple pills a day for the rest of our lives, that's a small price to pay for having a longer, healthier life.

     
    This is an issue that similar in many ways to the goal of maintaining a heart-healthy diet that minimizes saturated fat in meat and dairy products, and to combating LDL, the "bad" cholesterol in our blood; they all contribute in their own ways to keeping us healthy.
     
    We should all have our blood pressure checked and do what we have to do to keep it under control. If, that is, we want to live a long, heart-healthy life. Naturally there are contrasting views on this seemingly settled topic, for example here.
     

  • The Facts are Clear: Don’t Take Cholesterol-lowering Drugs

    I have described the background and evidence of the diet-heart fiasco — the hypothesis-turned-fake-fact that you shouldn't eat saturated fat because it raises your "bad" LDL cholesterol, which causes heart disease. Not only is it wrong — eating saturated fat is positively good for you!

    This deadly farce has generated a medical effort to lower the cholesterol of patients in order to keep them healthy. There have been over a trillion dollars in sales for cholesterol-lowering statin drugs so far.The entire medical establishment has supported this as a way to prevent heart disease.There's just one little problem, now proved by extensive, objective real-world evidence and biochemical understanding: Cholesterol, including the "bad" LDL, is NOT a cause of heart disease. Even indirectly. Lowering LDL via diet change or statins does NOT prevent heart disease. So don't avoid saturated fats or take statins!

    Here's the kicker: higher cholesterol is associated pretty strongly with living longer, particularly in women! And the side effects of the drugs are widespread and serious!

    Basic facts

    Let's start with a few facts:

    • Eating fat will NOT make you fat. Eating sugar will make you fat.
    • The human brain is 70% fat.
    • 25% of all cholesterol in the body is found in the brain.
    • All cells in your body are made of fat and cholesterol.
    • LDL is not cholesterol! HDL isn't either! They are proteins that carry cholesterol and fat-soluble vitamins. Lowering it lowers your vitamins.

    To get the big picture about the diet-heart hypothesis (the reason why you're supposed to take statins in order to lower your cholesterol in order to prevent heart disease), see this post on the Whole Milk Disaster. For more detail, see the post on why you should eat lots of saturated fat.

    To get lots of detail, read this extensive review of Cholesterol Con and this extensive review of The Clot Thickens — and by all means dive into the books. Here is an excellent summary written by an MD explaining the situation and the alternative thrombogenic hypothesis. Here is a recent paper in a peer-reviewed journal reviewing to what extent blood cholesterol causes heart disease.

    The Bogus Hyposthesis

    How did thing get started? Stupidity mixed with remarkably bad science. Here is a brief summary of a PhD thesis examination of the build-up to the Cholesterol-is-bad theory:

    The cholesterol hypothesis originated in the early years of the twentieth century. While performing autopsies, Russian pathologists noticed build-up in the arteries of deceased people. The build-up contained cholesterol. They hypothesised that the cholesterol had caused the build-up and blocked the artery leading to a sudden death (the term “heart attacks” was not much used before the end of World War II).

    An alternative hypothesis would be that cholesterol is a substance made by the body for the repair and health of every cell and thus something else had damaged the artery wall and cholesterol had gone to repair that damage. This is the hypothesis that has the memorable analogy – fire fighters are always found at the scene of a fire. They didn’t cause the fire – they went there to fix it. Ditto with cholesterol. The alternative hypothesis did not occur to the pathologists by all accounts.

    The pathologists undertook experiments in rabbits to feed them cholesterol to see if they ‘clogged up’ and sure enough they did. However, rabbits are herbivores and cholesterol is only found in animal foods and thus it’s not surprising that feeding animal foods to natural vegetarians clogged them up. When rabbits were fed purified cholesterol in their normal (plant-based) food, they didn’t clog up. That should have been a red flag to the hypothesis, but it wasn’t.

    Then Ancel Keys got involved, and the bad idea became gospel.

    Population studies

    Before taking drugs like statins to reduce cholesterol, doesn't it make sense to see if people with lower cholesterol lead longer lives? The question has been examined. Short answer: people with higher cholesterol live longer

    Here is data from a giant WHO database of cholesterol from over 190 countries:

    Men

    More cholesterol = longer life for men, a strong correlation. Even more so for women, who on average have HIGHER cholesterol than men:

    Women

    When you dive into specific countries and history, the effect is even more striking. Check out the Japanese paradox

    To illustrate the Japanese paradox, he reported that, over the past 50 years, the average cholesterol level has risen in Japan from 3.9 mmol/l to 5.2 mmol/l. Deaths from heart disease have fallen by 60% and rates of stroke have fallen seven-fold in parallel. A 25% rise in cholesterol levels has thus accompanied a six-fold drop in death from CVD (Ref 6).

    And the strange things going on in Europe led by those cheese-loving French:

    The French paradox is well known – the French have the lowest cardiovascular Disease (CVD) rate in Europe and higher than average cholesterol levels (and the highest saturated fat consumption in Europe, by the way). Russia has over 10 times the French death rate from heart disease, despite having substantially lower cholesterol levels than France. Switzerland has one of the lowest death rates from heart disease in Europe with one of the highest cholesterol levels.

    Hard-core RCT's (Randomized Controlled Trials)

    RCT's are the gold standard of medical science and much else. You divide a population into a control group for which nothing changes and a test group, which is subjected to the treatment you want to test. It's hard to do this with anything like diet! But it has been done in controlled settings a few times at good scale. The results of the RCT's that have been done did NOT support the fat-cholesterol-heart-disease theory and so were kept hidden. But in a couple cases they've been recovered, studied and published.

    A group of highly qualified investigators has uncovered two such studies and published the results in the British Medical Journal in 2016: "Re-evaluation of the traditional diet-heart hypothesis: analysis of recovered data from Minnesota Coronary Experiment (1968-73)." They summarize the results of their earlier study:

    Our recovery and 2013 publication of previously unpublished data from the Sydney Diet Heart Study (SDHS, 1966-73) belatedly showed that replacement of saturated fat with vegetable oil rich in linoleic acid significantly increased the risks of death from coronary heart disease and all causes, despite lowering serum cholesterol.14

    Lower cholesterol meant greater risk of death. Clear.

    The Minnesota study was pretty unique:

    The Minnesota Coronary Experiment (MCE), a randomized controlled trial conducted in 1968-73, was the largest (n=9570) and perhaps the most rigorously executed dietary trial of cholesterol lowering by replacement of saturated fat with vegetable oil rich in linoleic acid. The MCE is the only such randomized controlled trial to complete postmortem assessment of coronary, aortic, and cerebrovascular atherosclerosis grade and infarct status and the only one to test the clinical effects of increasing linoleic acid in large prespecified subgroups of women and older adults.

    Moreover, it was sponsored by the most famous proponent of the diet-heart hypothesis: Ancel Keys. So what happened? Here's a brief summary from an article in the Chicago Tribune after the 2016 BMJ study was published:

    Second, and perhaps more important, these iconoclastic findings went unpublished until 1989 and then saw the light of day only in an obscure medical journal with few readers. One of the principal investigators told a science journalist that he sat on the results for 16 years and didn't publish because "we were just so disappointed in the way they turned out."

    From the BMJ 2016 paper:

    The traditional diet heart hypothesis predicts that participants with greater reduction in serum cholesterol would have a lower risk of death (fig 1, line B). MCE participants with greater reduction in serum cholesterol, however, had a higher rather than a lower risk of death.

    The number, proportion, and probability of death increased as serum cholesterol decreased

    Wowza. The "better" (lower) your blood cholesterol levels, the more likely you were to die. In fact, "For each 1% fall in cholesterol there was a 1% increase in the risk of death."

    Problems with Statins

    Not only do statins not work to lengthen lives, taking them is a bad idea because of their side effects. This is a starting place. For example, check the side effects of a leading statin:

    11

    Good effects vs. side effects

    We know for a fact that lowering your blood cholesterol is a bad idea. We know the drugs that do it have side effects. It's natural to think that the drugs normally do their thing and in rare cases there are side effects. Often, this is far from the truth. Here are excerpts from an article that explains the basic medical math concept of NNT

    Most people have never heard the term NNT, which stands for Number Needed to Treat, or to put it another way, the number of people who need to take a drug for one person to see a noticeable benefit. It's a bit of a counterintuitive concept for people outside medicine, since most people probably assume the NNT for all drugs is 1, right? If I'm getting this drug, it must be because it is going to help me. Well, wrong.

    What about the side effects of statins?

    Many people who take the drug develop chronic aches and pains. The drug also causes noticeable cognitive impairment in a proportion of those taking it, and some even end up being diagnosed with dementia – how big the risk is unfortunately isn't known, because proper studies haven't been carried out that could answer that question. Additionally, the drug causes blood sugar levels to rise, resulting in type 2 diabetes in around 2% of those taking the drug – it is in fact one of the most common causes of type 2 diabetes.

    NNT applied to statins:

    Well, if you've already had a heart attack, i.e. you've already been established to be at high risk for heart attacks, then the NNT over five years of treatment is 40. In other words, 39 of 40 people taking a high dose statin for five years after a heart attack won't experience any noticeable benefit. But even if they're not the lucky one in 40 who gets to avoid a heart attack, they'll still have to contend with the side effects.

    How many patients are told about NNT? If you haven't had a heart attack, the NNT is vastly greater than 40, and yet statins are prescribed when cholesterol is "too high" no matter what. Many of the side effects happen in 10% of the cases, which is four times greater than the number of people who are "helped." Doctors who do this are indeed members of the "helping profession;" the question is, who exactly are they helping?

    Here, here and here are more details about NNT for statin use.

    Conclusion

    If you value science, you should not worry about lowering your cholesterol. If you value your life and health, you should be happy to have high cholesterol. Likewise, you should avoid taking cholesterol-lowering drugs because in the end they hurt you more than they help you. If you're worried about pharma companies losing profits, it's a much better idea to just send them a monthly check — forget about their drugs!

     

  • The Facts are Clear: Eat Lots of Saturated Fat

    The experts and authoritative institutions are clear: you should eat a low-fat diet and take drugs to reduce your blood LDL cholesterol to safe levels in order to make your heart healthy.  Here is their advice about saturated fat and about blood cholesterol. The capital-E Experts are wrong. They were wrong from the beginning. There was never any valid evidence in favor their views, in spite of what you might read. The quantitative and biochemical evidence is now overwhelming.  Here is my summary of the situation. In this post I’ll cover more of the evidence.

    Origins and growth of the saturated fat – cholesterol – heart hypothesis

    How did such a bogus theory get started? An experiment with intriguing results was one start. Here's a summary:

    The hypothesis harks back to the early part of the twentieth century, when a Russian researcher named Nikolai Anitschkow fed a cholesterol [animal fat] rich diet to rabbits and found that they developed atherosclerosis (hardening of the arteries, the process which in the long run leads to cardiovascular disease). … Rabbits, being herbivores, normally have very little cholesterol in their diets, while humans, being omnivores, generally consume quite a bit of cholesterol. Regardless, the data was suggestive, and led to the hypothesis being formulated.

    A paper titled “How the Ideology of Low Fat Conquered America” was published in the Journal of the History of Medicine and Allied Sciences in 2008. Here is the abstract:

    This article examines how faith in science led physicians and patients to embrace the low-fat diet for heart disease prevention and weight loss. Scientific studies dating from the late 1940s showed a correlation between high-fat diets and high-cholesterol levels, suggesting that a low-fat diet might prevent heart disease in high-risk patients. By the 1960s, the low-fat diet began to be touted not just for high-risk heart patients, but as good for the whole nation. After 1980, the low-fat approach became an overarching ideology, promoted by physicians, the federal government, the food industry, and the popular health media. Many Americans subscribed to the ideology of low fat, even though there was no clear evidence that it prevented heart disease or promoted weight loss. Ironically, in the same decades that the low-fat approach assumed ideological status, Americans in the aggregate were getting fatter, leading to what many called an obesity epidemic. Nevertheless, the low-fat ideology had such a hold on Americans that skeptics were dismissed. Only recently has evidence of a paradigm shift begun to surface, first with the challenge of the low-carbohydrate diet and then, with a more moderate approach, reflecting recent scientific knowledge about fats.

    The early chapters of The Big Fat Surprise book provide a good summary with details of the rise to dominance of the low-fat & cholesterol-is-bad theory.

    Strong Data Showing that Saturated Fat is Good

    There were problems with the diet-heart hypothesis from the beginning.

    The first chapters of The Big Fat Surprise have summaries of studies that were made on peoples around the world who subsisted almost exclusively by eating animals and/or dairy, all of them strongly preferring fatty organs over lean muscle.

    A Harvard-trained anthropologist lived with the Inuit in the Canadian Arctic in 1906, living exactly like his hosts, eating almost exclusively meat and fish. “In 1928, he and a colleague, under the supervision of a highly qualified team of scientists, checked into Bellevue Hospital  … to eat nothing but meat and water for an entire year.” “Half a dozen papers published by the scientific oversight committee that scientists could find nothing wrong with them.”

    George Mann, a doctor and professor of biochemistry, took a mobile lab to Kenya with a team from Vanderbilt University in the 1960’s to study the Masai. They ate nothing but animal parts and milk. Their blood pressure and body weight were 50% lower than Americans. Electrocardiograms of 400 men showed no evidence of heart disease, and autopsies of 50 showed only one case of heart disease.

    Similar studies and results came from people in northern India living mostly on dairy products, and native Americans in the southwest. There were many such studies, all of them showing that the native peoples, eating mostly saturated fat, were not only heart-healthy, but free of most other modern afflictions such as cancer, diabetes, obesity and the rest.

    Of course the question was raised of other factors that might lead to these results. The questions have been answered by intensive studies. For example, some formerly meat-eating Masai moved to the city and lost their health. For example, Inuit who changed their diet to include lots of carbohydrates supplied by government were studied by doctors who determined they lost their health.

    From the book:

    In 1964, F. W. Lowenstein, a medical officer for the World Health Organization in Geneva, collected every study he could find on men who were virtually free of heart disease, and concluded that their fat consumption varied wildly, from about 7 percent of total calories among Benedictine monks and the Japanese to 65 percent among Somalis. And there was every number in between: Mayans checked in with 26 percent, Filipinos with 14 percent, the Gabonese with 18 percent, and black slaves on the island of St. Kitts with 17 percent. The type of fat also varied dramatically, from cottonseed and sesame oil (vegetable fats) eaten by Buddhist monks to the gallons of milk (all animal fat) drunk by the Masai. Most other groups ate some kind of mixture of vegetable and animal fats. One could only conclude from these findings that any link between dietary fat and heart disease was, at best, weak and unreliable.

    One of the foundational studies in the field is the Framingham Heart Study, started in 1948 and still going on.

    In 1961, after six years of study, the Framingham investigators announced their first big discovery: that high total cholesterol was a reliable predictor for heart disease.

    This cemented things. Anything that raised cholesterol would lead to heart disease. The trouble came thirty years later, after many of the participants in the study had died, which made it possible to see the real relationship between cholesterol and mortality due to heart disease. Cholesterol did NOT predict heart disease!

    The Framingham data also failed to show that lowering one's cholesterol over time was even remotely helpful. In the thirty-year follow-up report, the authors state, "For each 1% mg/dL drop of cholesterol there was an 11% increase in coronary and total mortality."

    Only in 1992 did William P. Castelli, a Framingham study leader, announce, in an editorial in the Archives of Internal Medicine:

    In Framingham, Mass, the more saturated fat one ate … the lower the person's serum cholesterol … and [they] weighed the least.

    Game over! No wonder they've kept it quiet. And not just about heart health — about weight loss too!

    Here is an excellent article with references to and quotes from many journals. Here is the introduction:

    Many large, government-funded RCTs (randomized, controlled clinical trials, which are considered the ‘gold-standard’ of science) were conducted all over the world in the 1960s and 70s in order to test the diet-heart hypothesis. Some 75,000 people were tested, in trials that on the whole followed subjects long enough to obtain “hard endpoints,” which are considered more definitive than LDL-C, HDL-C, etc. However, the results of these trials did not support the hypothesis, and consequently, they were largely ignored or dismissed for decades—until scientists began rediscovering them in the late 2000s. The first comprehensive review of these trials was published in 2010 and since then, there have been nearly 20 such review papers, by separate teams of scientists all over the world.

    Far from believing that saturated fat causes heart disease, we can be quite certain that it's positively healthy on multiple dimensions to eat it — it's people who don't eat enough saturated fat who end up overweight and sickly!

    Sadly, there are still Pompous Authorities who assure us with fancy-sounding studies that we really should avoid eating fat. This study from 2021 dives into just such a fake study — a RCT (random controlled trial) study — that purported to show that eating fat remains a bad idea. Wrong. Here's the summary:

    Hiding unhealthy heart outcomes in a low-fat diet trial: the Women’s Health Initiative Randomized Controlled Dietary Modification Trial finds that postmenopausal women with established coronary heart disease were at increased risk of an adverse outcome if they consumed a low-fat ‘heart-healthy’ diet.

    These books by Dr. Malcolm Kendrick dive in more deeply and are moreover a pleasure to read. Among other things, The Clot Thickens explains the underlying mechanisms of arteriosclerosis (blood clots, heart disease) and what actually causes them.

    Here are several articles with evidence from many scientists on the subject of saturated fat.

    Latest Results

    The evidence continues to pour out — not that the vast majority of "professionals" change their tune about what constitutes a healthy diet. Here is a new paper published by Oxford written by cardiologists.

    1

    The authors asked exactly the right question:

    Cardiovascular disease (CVD) is the leading global cause of death. For decades, the conventional wisdom has been that the consumption of saturated fat (SFA) undermines cardiovascular health, clogs the arteries, increases risk of CVD and leads to heart attacks. It is timely to investigate whether this claim holds up to scientific scrutiny.

    They found and went through more than ten years of recent published studies, p through 2021. Here is their conclusion:

    Findings from the studies reviewed in this paper indicate that the consumption of SFA is not significantly associated with CVD risk, events or mortality. Based on the scientific evidence, there is no scientific ground to demonize SFA as a cause of CVD. SFA naturally occurring in nutrient-dense foods can be safely included in the diet.

    Here is a summary in a journal of the history and latest research on the subject, focused on the national nutrition guidelines, which maddeningly fail to reflect the facts about this subject.

    What more needs to be said?

     Conclusion

    This is an incredibly important issue regarding the health of people. It's also an in-progress example of the difficulty of shifting a paradigm, even when the evidence against the dominant paradigm (avoid eating saturated fat, use drugs to keep your cholesterol low) is overwhelming. Could it be possible that billions of dollars a year of statins and related cholesterol-lowering drug sales has something to do with it? Then again, when was the last time you heard a prestigious Expert or institution say "Sorry, we were wrong, we'll try hard not to blow it again; we won't blame you if you never trust us again."

  • The Experts are Clear: Keep your Cholesterol Low

    Everyone knows it’s important to maintain a healthy diet, things like avoiding fatty meat and fish and whole-fat dairy products. All the experts tell us it’s so, and the nutrition guides on food products help us choose food wisely. Everyone knows what “fat” is. Most of us have also heard of “cholesterol,” but it’s not so clear just what that is. It gets clear when you visit a doctor, have your blood tested, and hear the doctor tell you that your cholesterol levels dangerously high. The doctor says you’ve got to get your cholesterol under control, or else your odds of getting heart disease and dying early go way up.

    The doctor will probably tell you that you can help yourself by eating less saturated fat, which causes cholesterol to rise. Depending on how high your numbers are, the doctor may also put you on statin drugs, which lower your cholesterol levels the same way other drugs help lower dangerously high blood pressure. It’s just something you have to do in order to lead a long and healthy life. Are you ready for an incapacitating heart attack, or are you going take a couple pills every day? Is that so bad?

    The CDC

    Let’s make sure this is really true. Let's go to the federal CDC, the Center for Disease Control and Prevention.

    CDC

    Hey, they've got a whole section on cholesterol! Fortunately the CDC makes clear that it’s a myth that all cholesterol is bad for you. There’s HDL, which is good for you. And then there’s…

    LDL (low-density lipoprotein), sometimes called “bad” cholesterol, makes up most of your body’s cholesterol. High levels of LDL cholesterol raise your risk for heart disease and stroke.

    They go on to explain exactly why LDL is bad for you:

    When your body has too much LDL cholesterol, it can build up in the walls of your blood vessels. This buildup is called plaque. As your blood vessels build up plaque over time, the insides of the vessels narrow. This narrowing can restrict and eventually block blood flow to and from your heart and other organs. When blood flow to the heart is blocked, it can cause angina (chest pain) or a heart attack.

    There is something you can do with your diet to help things:

    Saturated fats can make your cholesterol numbers higher, so it’s best to choose foods that are lower in saturated fats. Foods made from animals, including red meat, butter, and cheese, have a lot of saturated fats.

    But then, in the end, the important thing is to avoid getting a heart attack or stroke. The good news is that that there are drugs to help:

    Although many people can achieve good cholesterol levels by making healthy food choices and getting enough physical activity, some people may also need medicines called statins to lower their cholesterol levels.

    Department of Health and Human Services (HHS)

    Is the government united in the effort to reduce bad cholesterol. Let’s make another check, to the appropriately named Department of Health (HHS).

    Apparently the whole world, according to WHO, is sure that heart disease is a huge killer:

    Cardiovascular diseases—all diseases that affect the heart or blood vessels—are the number one cause of death globally, according to the World Health Organization (WHO).

    They’re also sure that, in addition to diet, cholesterol has a firm place on the list of heart-harming things:

    Your health care provider can assess your risk for cardiovascular disease through preventative screenings, including weight, cholesterol, triglycerides, blood pressure, and blood sugar.

    The American Heart Association (AHA)

    How about the professional organization of heart doctors – what’s their position on cholesterol? It’s pretty clear:

    LDL cholesterol is considered the “bad” cholesterol, because it contributes to fatty buildups in arteries (atherosclerosis). This narrows the arteries and increases the risk for heart attack, stroke and peripheral artery disease (PAD).

    Harvard Medical School

    Better check with the people who train the best doctors. Let's make sure this is really up to date.

    Harvard

    Here's what they have to say:

    Too much LDL in the bloodstream helps create the harmful cholesterol-filled plaques that grow inside arteries. Such plaques are responsible for angina (chest pain with exertion or stress), heart attacks, and most types of stroke.

    What causes a person's LDL level to be high? Most of the time diet is the key culprit. Eating foods rich in saturated fats, trans fats, and easily digested carbohydrates boost LDL

    OK, but what if for various reasons diet doesn't get things under control?

    Several types of medication, notably the family of drugs known as statins, can powerfully lower LDL. Depending on your cardiovascular health, your doctor may recommend taking a statin.

    Conclusion

    The science has spoken. The leading authorities in the field of heart health speak it clearly, without reservation and without qualification. Heart attacks are a leading cause of death everywhere.  Blood plaques cause heart attacks. Blood plaques are caused by having too much LDL, the bad cholesterol, in the blood. Your LDL is raised by eating too much saturated fat. You can reduce your chances of getting a heart attack by strictly limiting the amount of saturated fat you eat and by taking drugs, primarily statins, that reduce the amount of LDL.

    Why wouldn’t any sane person at minimum switch to low-fat dairy and lean meats, if not go altogether vegan? And then, to be sure, get their blood checked to make sure their LDL level is under control.  The only one who can keep you healthy is YOU, blankity-blank-it! And if you by chance run into some crank telling you otherwise, you shouldn’t waste your time.

  • The Experts are clear: Don’t Eat Much Saturated Fat

    Any reasonably aware person knows that it’s important to maintain a healthy diet. High on the list of what “healthy eating” means is limiting the amount of saturated fat in your diet. This impacts all the meat and dairy products you consume. You should only drink reduced-fat milk for example. If you must eat meat, make sure it’s lean, and never eat something obviously fatty like bacon. This isn’t just something experts say at their conferences. It’s the official recommendation of all government bodies, and brought to the attention of ordinary people by nutrition labels on food products. Warning: there are contrarian views on this subject.

    Cheese

    Here’s a nice goat cheese I bought:

    Goat cheese front

    When you turn it over, here’s most of the nutrition label:

    Goat cheese back

    Wow, calories must be important – they’re first and in big type. Right after calories comes Fat.  It must be really important, because I’m told not just how much fat there is, but how much of the fat I’m allowed to eat a day is in each serving.

    This is interesting. There’s 6 grams of Total Fat, which is only 8% of my daily allowance, but 4 grams of the Fat is Saturated Fat, 2/3 of the total, and that’s 20% of my daily allowance. Couldn’t be clearer: I can eat a fair amount of fat, but I’d better make sure that only a tiny part of it is Saturated. Doing the arithmetic, they only want me to eat 20 grams of Saturated fat, while I’m allowed 76 grams of Total Fat.

    I wonder if I’m getting this right, because some of those labels seem like things you should get lots of, like vitamins and potassium. I’d better check.

    FDA

    Oh, good, the FDA’s food label page  links right to a whole initiative they sponsor, the Healthy People initiative! How great is that, they’re concentrating on the big picture, keeping us all healthy. What a great government we have!

    Here’s what they have to say about diet at a high level:

    Healthy diet

    Pretty clear, huh? Just like I said above: eat only lean meat, and low fat dairy. Saturated fats are bad for you. Everyone knows it. The importance is so great, it’s on the label of nearly every food product.

    American Heart Association (AHA)

    Let’s admit it, though, sometimes the government lags behind the latest science. Let’s make sure that’s not the case here.

    What about the major medical organization that concentrates on heart, the American Heart Association? Their position seems very clear:

    Heart

    They sound pretty sure about themselves. Why are they so certain? Here's what they say as of November 2021: "Decades of sound science has proven it can raise your 'bad' cholesterol and put you at higher risk of heart disease."

    OK, there are decades of science backing them up. Still, it's pretty broad, talking about not eating "too much" saturated fat. Do they have something more specific to say? Here it is:

    AHA

    Hmm, how does that relate to the FDA's food label? On the cheese label above, the Saturated Fat was 4g, which is 20% of the recommended total. Arithmetic: if 4g is 20%, then 20g is the limit imposed by the FDA, which is almost 50% more than the professional organization of medical cardiologists recommends! I thought our government was looking out for our health — the FDA should get with it!

    Harvard

    Hold on here, let's not jump to conclusions. Let's check in with that incredibly prestigious medical school, Harvard Medical School?

    Here’s what they have to say in an article from November 2021:

    Aa

    Isn't it wonderful that they make it clear that it isn't just bacon and fatty cheese we need to be careful about? Reading a bit further,

    Capture

    Higher than the AHA, but lower than the FDA. I guess they don't all read the same scientific studies, or something. But at least they all agree that Saturated Fat is bad for you. Reading a bit farther in the article, they say plainly that eating too much Saturated Fat "can raise the amount of harmful LDL cholesterol in your blood. That, in turn, promotes the buildup of fatty plaque inside arteries — the process that underlies most heart disease."

    Couldn’t be clearer.

    Mayo Clinic

    Just to be absolutely, double-plus positive, maybe it's worth checking one of the best hospital medical systems in the world, the Mayo Clinic. They're doctors, after all, not researchers or institutional employees. Let's see what they say. OMG! Look at what I found in the section on nutrition myths!

    Eating fat will make you fat. The fat-free and low-fat diet trend is a thing of the past (80s and 90s, to be exact). Yet, some individuals are still scared of fat.

    Isn't that what all this focus on fat avoidance is all about? Let's read on:

    Be aware that fats aren’t created equal. Choose heart-healthy unsaturated fats, such as olive and canola oil, nuts, nut butters and avocados over those that are high in saturated and trans fats, including fatty meats and high-fat dairy products.

    Now I get it. The FDA nutrition food label had a high limit for fats in general (which are OK), but a low limit for saturated fats, the bad kind. So the Mayo Clinic is on board too. All the experts agree!

    Conclusion

    There are crazy people out there who ignore the clear message of the government, the Experts and leading authorities in the field of health and nutrition. Some of these crazy people even write books, the obvious intent of which is to make more of the population lead crappier lives and die sooner. Here's a brief summary. Why the FDA, the agency supposedly charged with keeping us healthy, permits these health-destroying, misinformation-filled books to be published, I have no idea.

    Regardless of the distractions: government and the big authorities in the field are united in the effort to keep us all more healthy by encouraging us all to strictly limit the amount of Saturated Fat we eat.

  • Experts are Super Smart

    It's something I always knew, but I just couldn't make the nagging doubts that would pop up from time to time go away. Finally, at long last, the evidence has arrived: experts really are super smart and expert at what they say and do!

    Capture

    The evidence can be found in this article.

    This is an extra relief to me personally, since I've expressed such strong support for the authority of experts in the past, giving examples of their prescient ability to analyze and predict with super-human accuracy.

    I need worry no more. The evidence has arrived. Experts truly are everything I had hoped they were!

  • Experts vs Innovation New Book

    Experts and anointed authorities of various kinds, both academic and commercial, have been the front lines of resistance to innovation for centuries, up to the present. They are the firewall keeping what they consider to be rogue ideas outside the protected environments they oversee, protecting them from bad influences that their naïve but innocent charges might inadvertently adopt. It’s a good thing they’re on the job – otherwise things would be chaos and nothing would get done!

    This pattern is raised to a new level when the subject isn’t some specific business domain like healthcare, but the process of innovation itself. As you may have noticed, many organizations now have the expensive modern equivalent of “suggestion boxes,” departments devoted to fostering innovation in the organization, led by a Chief Innovation Officer. Government officials have gotten into the game, establishing centers for innovation, and “incubators” for startups. Eager not to be left behind, academia has jumped into the game, with august professors doing what they do best: pronouncing truths and activities designed to promulgate them.

    There was a time in my relatively innocent past when I was willing to give the experts a pass. Hey, how can you know everything? I know I don’t!  They’re probably just trying to keep their organizations from being taken down by harebrained ideas, and sometimes they fail to recognize a true innovation when it appears! I no longer believe that pleasant, forgiving fiction. They’re also not evil geniuses immediately recognizing a juicy innovation when it sniffs around the door, and stamping it out before it can start making changes. The truth is far worse: the vast, vast majority of them wouldn’t know a practical, effective innovation if it came up to them and slapped them in the face! See this and this for more.

    The bulk of front-line experts act this way to “protect” their organizations against scary change. They go to great lengths on multiple dimensions to assure that nothing upsets the status quo. Here is detail about the measures they take to prevent innovation, and simple methods to overcome the measures – which the experts are universally ignoring.

    But the elite of the experts are experts in entrepreneurship – people who are “expert” in enabling people who want to create and lead innovation to make it happen. These experts on innovation are like experts on being expert. We are definitely still in the middle of an “innovation” bubble, with everyone acting like it’s a new thing. In fact, it’s looking like less of a bubble these days, and looking more like something that’s going to stick around. Here’s some information about the bubble and how we got here.

    I’ve seen so much of this over so many years, and been so disgusted with the useless wisdom of experts, that I’ve put together some preliminary thoughts, drawn from experience and observation, about how innovation happens. See this.

    Imagine my surprise when I read an article about entrepreneurs that actually made sense! I'd never heard of the guy, Carl Schramm.  It appears from the article that he knows a bunch of stuff about entrepreneurs and innovation that matches up pretty well with my observations, but is actually backed by … real data! OMG! One of my initial shocks was learning that he was a real professor at a real university, even with a PhD, but that … he had worked as an entrepreneur! How is that possible? How did he manage to slip by the super-strict requirements that prevent anyone who actually knows something from experience becoming a Professor?? Maybe it helped that he had been the head of the Kaufman Foundation, the largest foundation devoted to the study of entrepreneurs and innovation, and that instead of just doling out grants, he did real studies to gather real data. What an idea. You think maybe the people who run Departments of Computer Science could get inspired? Sorry, forgive me, you caught me dreaming the impossible dream there…

    I’m not finished reading the book yet, but here it is:

    Burn business plan book

    As you might guess from the title, he talks a lot in the beginning about that near-universal requirement for getting innovation funded, the dread business plan. He trashes it. Vigorously and effectively. No, he doesn’t trash this or that business plan, he trashes the very idea that business plans are both essential and good. He’s right! For exactly the same reason (he doesn’t say this, I’m saying it) that project management in software development is not just brain-dead, but a positive impediment to getting good software done!

    If you are ready to learn about a different and better way to be an entrepreneur, check out this book.

  • What Software Experts think about Blood-letting

    Software experts do NOT think about blood-letting. But ALL medical doctors thought about blood-letting and considered it a standard and necessary part of medical practice until well into the 1800's. They continued to weaken and kill patients with this destructive "therapy," even as the evidence against it piled high.

    The vast majority of software experts strongly resemble medical doctors from those earlier times. The evidence is overwhelming that the "cures" they promote make things worse, but since all the software doctors give nearly the same horrible advice, things continue.

    Blood-letting

    Blood-letting is now a thoroughly discredited practice. But it was standard, universally-accepted practice for thousands of years. Here is blood-letting on a Grecian urn:

    11

    Consider, for example, the death of George Washington, a healthy man of 68 when he died.

    GW death

    Washington rode his horse around his estate in freezing rain for 5 hours. He got a sore throat. The next day he rode again through snow to mark trees he wanted cut down. He woke early in the morning the next day, having trouble breathing and a sore throat. Leaving out the details, by the time of his death, after treatment by multiple doctors, about half the blood in his body had been purposely bled in attempt to "cure" him of his sickness!!! If he hadn't been sick before, losing half the blood in his body would have killed him.

    If you are at an accident and you or someone else is bleeding badly, what do you do? You stop the bleeding, because if you don't, the person will bleed to death. That's now. Then? You bleed the sick person because it's the universally accepted CURE for a wide variety of sicknesses.

    Bloodletting was first disproved by William Harvey in 1628. It had no effect. It remained the primary treatment for over 100 diseases. Leaches were a good way to keep the blood flowing. France imported over 40 million leaches a year for medicinal purposes in the 1830's, and England imported over 6 million leaches from France in the next decade.

    While blood-letting faded in the rest of the 1800's, it was still practiced widely, and recommended in some medical textbooks in the early 1900's. We are reminded of it today by the poles on barber shops — the red was for blood and the white for bandages; barbers were the surgeons who did the cutting prescribed by doctors.

    Blood-letting in software

    By any reasonable criteria, software is at the state medicine was in 1799, when everyone, all the experts, agreed that removing half the blood from George Washington's body was the best way to cure him.

    If you think this is an extreme statement, you either don't have broad exposure to the facts on the ground or you haven't thought about what is taken to be "knowledge" in software compared to other fields.

    I hope we all know and accept that the vast majority of what we learn and come to believe is based on authority and general acceptance. This is true in all walks of life. Of course not everyone believes the same thing — there are different groups to which you may belong that have widely varying belief systems. But if you're somehow a member of a group, chances are very high that you accept most things that most members of that group believes.

    This is no less true in science-based fields than others. The difficulty of changing widely-held beliefs in science has been deeply studied, and the resistance to change is strong. See for a start The Structure of Scientific Revolutions. I have described this resistance in medical-related subjects, and in particular showed how the history of scurvy parallels software development methods all too well.

    But at least, to its great credit, medicine has gone through the painful transition to demanding facts, trials and real evidence to show that a method does what it's supposed to do, without awful side-effects. That's why we hear about evidence-based medicine, for example, while there is no such thing in software!

    I hear from highly-qualified and experienced software CTO's that they are going to lead a transition of their code base so it conforms to some modern cool fashion. One of the strong trends this year has been the drive to convert a "monolithic code base" (presumed to be a bad thing) to a "micro-service-based architecture." When I ask "why" the initial response ranges from surprise to a blank stare — they never get such a question! It's always smiling and nodding — my, that CTO is with-it, no question about it.

    Eventually I get the typical list of virtues, including things like "we've got a monolithic code base and have to do something about it" and "we've got to be more scalable," none of which solves problems for the company. When I press further, it becomes obvious that the CTO has ZERO evidence in favor of what will be a huge and consequential investment, and has never seriously considered the alternatives.

    As is typical in cases like this, when you scan the web, you see all sorts of laudatory paeans to the micro-service thing, very little against it. Most important, you find not a shred of evidence! No double-blind experiments! No evidence of any kind! No science of any kind! What you also don't find is stories of places that have embarked on the micro-service journey and discovered by experience all the problems no one talks about, all the problems it's supposed to solve but doesn't, and the all-too-frequent declarations of success accompanied by a quiet wind-down of the effort and moving on to happier subjects. Because of my position working with many innovative companies, this is exactly the kind of thing I do hear about — quietly.

    Conclusion

    We've got a long way to go in software. While software experts don't wear white coats, the way they dress, act and talk exudes the authority of 19th century doctors, dishing out impressive-sounding advice that is meekly accepted by the recipients as best practice. No one dares question the advice, and the few who demand explanations generally just accept the meaningless string of words that usually result — empty of evidence of any kind. It's just as well; the evidence largely consists of "everyone does it, it's standard practice." And that's true!

    Software experts don't think about blood-letting. But they regularly practice the modern equivalent of it in software, and have yet to make the painful but necessary transition to scientific, evidence-based practice.

     

  • The Value of Computer Industry Advisory Groups

    The value of the famous computer industry advisory companies is much less than most people think. Take the example of Gartner Group, whose exemplary customer service I discussed elsewhere. Gartner employs some highly knowledgeable, helpful people. Gartner wants you to think is that it's the place to go to find experts. And you can find them there, as I explain here. But as a company, Gartner and its kin are mostly formalized gossip services for big-company IT folks.

    The origins of advisory services

    Imagine, in pre-Gartner days, groups of IT execs getting together by geography or at industry conferences. They all naturally want to learn what others have done in terms of purchasing gear, because it’s expensive and things change a lot. As they exchange information, it’s clear that some are kind of behind the times, others have made similar choices to everyone else, a few are out there – with new stuff from the usual vendors, or with something new from a new vendor.

    Everyone wants to avoid career risk. There’s a strong tendency to reversion to the mean, i.e., doing what most of the others are doing. The tendency is strongest concerning vendors, and after that products within a vendor; e.g. “I always buy GM cars, when I get more money I’ll upgrade to a Caddy.”

    Gartner comes along with a deal: you tell me what your choices are and a bunch about your business, and I’ll put everyone’s choices together and feed back to you a better, broader-based version of the results of the networking and gossiping you used to do, so you don’t have to spend the time. Even better, I’ll put it in an authoritative package so that if you’re ever questioned about your choices by non-IT people in your organization, you have our endorsement to fall back on; e.g., “yes we had a disaster, but it happened to everyone who made the best available choice at the time.” What a huge win, and cheap for the value.

    For example, here's how they explain their most famous graphic, the "magic quadrant."

    Gartner quadrant

    What is it? Yes, there's some dressing, but a vendor only gets to the best place, the upper right, if lots and lots of people buy their products. It's little but a graphical illustration of products by popularity.

    This is the value they add. All their categories and analysis is just a prettied-up version of what everyone tells them.

    The value of advisory services

    So who actually listens to Gartner and follows their advice? Exactly the kind of buyers who avoid risk at all cost. They go to Gartner, who tells them what people like them are buying. So they can buy the same thing. And be safe!

    If you're running a big-organization IT operation, commercial or government the way most people do, that's exactly what you want. Your operation is, almost by definition, bloated, inefficient, over-the-top expensive and riddled with problems. Saving a few bucks or doing things a little better isn't going to get you promoted. When a disaster strikes, the fact that your decisions were "mainstream" tends to bullet-proof you against recriminations.

    In this context, Gartner is indispensable. Your decisions weren't just mainstream; you can point to Gartner — Gartner says they're excellent decisions. So there!

    Advisory services and innovation

    What if you run an organization and for some reason are really motivated to innovate? What if you're a hot young tech group building next-generation products and want to find buyers? What is Gartner's role?

    It's simple: if you really want to innovate, avoid experts at all cost. Period. Gartner and anyone like them included. Here is lots of detail and a juicy example of why.

    The people and organizations who value Gartner are least likely to buy from a 1% market share vendor with a product that’s ahead of the market. Who is most like to buy such a product from such a vendor? Someone who is in big trouble, desperate, or one of those thinks-for-themselves buyers at the front end of the Geoff Moore adoption curve.

    How about the small to mid-market? Similar rules. It's true that the buyers mostly don’t know or care about Gartner. Who cares about people who buy giant, expensive systems from HP, IBM, EMC and the rest? They focus on their business, and don’t give a hoot about products and vendors – though someone they’ve heard of would be nice. They’re like homeowners buying a heating/cooling system – mostly they’re buying from the local dealer, who they depend on to sell them something good and then support it. The dealer matters as much as the product. Gideon Gartner can just Giddy-up out of town, he doesn’t matter in this world. But at the same time, the buyers are still mostly failure-avoiding. They don't want innovation. They want works and cheap.

    Product Innovation

    There aren’t a lot of ways to break in with a new technology product. The ways I’ve seen are pretty much summarized in this blog post, which includes links to further material, including my book on the subject.

    The most important concept is simple. 95+% of the market will never buy from you. Ignore them and their gossip-aggregators. The vast majority of the big, Gartner-esque buyers won’t give you the time of day. You need to find some narrow market niche to focus your energy on, and dominate that tiny sub-market. Then you can grow from there.

  • The Ransomware Hack Attack: Lessons from the Experts

    The Wannacrypt ransomware attack is in the news because it's causing havoc world-wide in major corporations and government institutions. It's a textbook lesson in a number of subjects including (but not limited to): the hopeless incompetence of major institution management in general, and IT management in particular; the worthlessness of most people said to be experts; how dead simple most cyber-security is; the rank illiteracy of otherwise highly educated journalists about computing; the incompetence of our super-spook institutions.

    The authoritative New York Times

    Of course, we turn to the venerable NYT to get the facts about this important story. Here's the head:

    A1

    It's clear from the headline that the substance of the story is beyond the grasp of the generally super-bright Times authors (look at the bottom of the story, the author had lots of help), so we're going to have a treat: lots of experts!

    First some facts

    Let's start with a couple simple facts.

    The software in question is "ransomware" that users are tricked into running on their computers. The software is normally an attachment to an email message that an unwitting user (being kind here) clicks on. Once it runs, the software encrypts all the files on the computer, making them unusable. It then displays a helpful announcement of what it's done and how to get your files back. Here's a sample, taken from a nice summary of the situation:

    A2

    At this point, most people panic. Loads of hospitals in the UK were infected, for example, and mostly shut down.

    There's more! Once installed, the software probes all the computers connected to the same network, and tries to infect them with the ransomware using an error in some deep-in-the-guts thing normal users would never encounter called SMB. This means that once a single user in an organization has fallen for the bait and gotten the software, it quickly spreads. This part of the evil software is the "worm."

    Here's how the New York Times describes it:

    A3

    The underlying reality — the important facts

    Here are the most important things to know about this "audacious global cyberattack."

    • The ransomware spread by the usual means: emails to gullible users. To their credit, the Microsoft Windows Defender group quickly identified the problem and released an update that detects and removes it.
    • Only obsolete and improperly maintained Microsoft Windows computers were affected by the worm. Loads of systems were hit in hospitals running Windows XP, which Microsoft stopped supporting years ago. Supported versions of Windows that had installed all recent patches were not hurt. The relevant patch was released months ago. It is the worm part of the malware that infects servers, which is particularly harmful.
    • The bad guys are only charging $300 in Bitcoin to unlock your computer. That's a small price to pay to learn the lesson of keeping your system up to date!
    • If you really don't want to pay, all you have to do is wipe your machine and restore it from a backup. And then maintain it properly. I gather from all the furor that on top of using obsolete software, the affected sites fail to follow standard backup procedures.
    • The bad software itself has been publicly available for months, ever since being walked out of the NSA and published. It was only a matter of time.
    • It's not exactly genius software. A clever guy managed to do a simple thing that disabled the worm aspect of it worldwide! Details here from the guy himself.

    The Experts weigh in

    Since my regard for experts could hardly get lower, the NY TImes article changed nothing. But perhaps some examples might be amusing.

    I love this one:

    A4

    The price goes up to $600 if you delay. Let's assume everyone delays but pays. That means no less than $1B/$600 = 1,666,667 sites would have paid, if the experts are right. I checked the relevant Bitcoin accounts a few minutes ago, and the total had yet to exceed $30,000. Way to go, experts!

    I also love the choice given: "pay the digital ransom or lose data." Right. First of all, you're stupid because you're running obsolete software. Then, you can't restore from a backup? You deserve to lose all your data, and then your job — remember, we're not talking about naive consumers here, we're talking about richly paid computer professionals!

    Our next expert dares to be named:

    A5

    Here's the part I like: "Despite people's best efforts, this vulnerability still exists…" Of course it does! Updating Windows makes the problem disappear. You can't make people update their software — even though it's their job to maintain it!!

    "…experts said that computer users in the United States had so far been less affected than others because a British cybersecurity expert inadvertently stopped the ransomware from spreading."

    First, the guy who stopped the worm part was brilliant. He did what he did very much on purpose — he just referred to what he did as something "accidental," being sleep-deprived and modest. Second, what he stopped wasn't the initial infection into a site, but the spread of the worm once it was in. There were loads of US sites infected — the numbers are random, as you would expect from whatever email list the bad guys used, and the odds of professional users clicking on the attachment.

    The Times itself attempts to explain how the clever guy managed to halt the worm aspect of the malware. Completely screwed it up. Sorry guys, maybe you should stick to quoting experts who get it wrong instead of being obviously wrong yourselves.

    Then we have security experts weighing in:

    "Yet security experts said the [Microsoft] software upgrade, while laudable, came too late for many of the tens of thousands of machines that were locked and whose data could be erased."

    The Microsoft software upgrade was made months ago. It was not too late. It's the people responsible for the machines in question who are too late. If they let their data be erased it's on them — either pay up, wipe and restore from backup, or slink away in shame.

    As to the NSA that created and released the software in question: shame on you. You probably have yet to implement the measures that would prevent more of the same in the future.

    Summary

    When you read stories like this, it's natural to form a set of impressions, including:

    • There are mysterious hackers out there who are really smart and really bad.
    • The evil hackers can cause havoc.
    • All we can do is bring in experts and try to clean things up quickly.
    • Let's hope it's not worse next time.

    All these are reasonable thoughts for a layperson to have, reading the published material.

    The truth of the matter is closer to the following:

    • The richly funded NSA develops evil software and can't keep it secure, in spite of having a budget larger than most countries.
    • Opportunistic hackers comb through stuff and sometimes put together something that could make some money.
    • A shocking fraction of the big government agencies and corporations fail to follow the most basic computer maintenance procedures (keeping software up to date and making backups), in spite of spending megabucks on IT, and so are vulnerable.
    • The experts quoted in news stories are ignorant and/or wrong, along with the stories themselves.
    • The guy who stopped the worm part of the software from working was at the opposite end of the competence spectrum from all the highly-paid executives who weren't doing their jobs.
    • Most organizations will change nothing, so something very similar will happen again.

    Sigh.

  • Big Data’s Big Face-plant

    Big Data is huge. Everybody wants it. If you're not doing it, you're hopelessly antiquated. But it has serious flaws. The high-profile role played by Big Data in the recent election provides an excellent example. Calling those efforts a "face-plant" is kind. In addition to illustrating many of the glaring flaws I have previously enumerated, this face-plant clearly and explicitly demonstrates the corrosive effects of bias: the experts weren't seeking the truth — they were rooting for an outcome. Given the undeniable predictive failure, you'd think a little self-reflection might be in order. This post uses the recent election Big Data failure as an example. The flaws it illustrates, and others, are common in Big Data efforts, and are the reason why so many of the much heralded efforts result in no substantial benefit.

    The Big Data Experts

    In recent years, Big Data election experts have attained great visibility. Their pronouncements are more closely followed than those of the candidates themselves. Nate Silver has been the reigning god, but a new one exploded onto the scene this election season. Here's the story as it appeared in Wired Magazine, just days before the election:

     Wired 1

    The story got serious attention, as you can see from more than 24,000 Facebook shares. How big is this guy and organization? Real big:

    Wired 2

    Who is this guy? Read on:

    Wired 3

    Clearly a massive math and science wonk. No one else gets into CalTech, much less gets a Stanford PhD in science.

    What did he say about the election? Of course the picture changed as election day drew close, but all the math pointed strongly to a Clinton victory.

    The debate as the election drew close was interesting. It wasn't whether Clinton would win — everyone thought she would — but since they're math guys and they know this isn't physics, they argued about the probability she would win, and about the margin predicted.

    Dr. Wang ratcheted up the probability of a Clinton win all the way up to 99%. That's pretty darn certain! Here's his argument for why such certainty was reasonable:

    2 PEC

    Yup, it was sure a giant surprise, all right!

    Here is his description of his calculations and why they're reasonable, if you can stand it. If not, that's OK, just skip ahead:

    3 PEC

    There's lots more stuff on the site. By all means check it out for a great example of self-delusion by a celebrated Professor Doctor. Here is a sample:

    4 PEC

    For any readers who actually know math and science, you'll know right away that this is a specious argument: it's a lot of words that are math-y, but they bear no real relationship to the actual probability of Clinton winning.

    Late afternoon of election day, he posted his last prediction:

    1 PEC

    This was not a search for truth

    How could Professor Doctor Neuroscientist Sam "Election Hero" Wang have gotten it so wrong? In addition to committing many of the standard errors and unusually bad interpretations of probability I've mentioned, there's another reason: Wang was not seeking truth. Dr. Wang was an advocate. He badly wanted an outcome. He wasn't predicting for prediction's sake — he was predicting to find out which races were close, so that scarce funds could be allocated to sway the outcome of those close races. How do we know? Here are Wang's own words in that same final post, which he repeats with emphasis in the comments:

    Activism

    This also explains how he got famous — he was drizzling science-y pixie-dust on the outcome that he and many other people wanted. He told them what they wanted to hear.

    Could it be that Dr. Wang has an unblemished track record of prior predictions, and let his emotions get the best of him in the 2016 election? Sadly, no.  Look at this powerful — 98% probability! — prediction, his final one before the 2004 election:

    Final prediction

    What we've got here is an advocate posing as a scientist, spouting out what his fans want to hear with lots of math-geek talk to make it sound solid, but who gets it badly wrong. Repeatedly. Surely, all right-thinking people would turn their backs on him, right? Science is about making predictions that come true, and if your predictions are wrong, you're just a promoter with no credibility, right?

    Sadly, no.

    A prospect

    There is clearly an audience for people who tell readers what they want to hear with math-y icing on top.

    Conclusion

    The Big Data juggernaut rolls along, its momentum unabated. The face-plant of Big Data analytics in the 2016 should have been a wake-up call, regardless of your political views, of the inherent dangers and deep biases that send all too many Big Data efforts into the gutter of failure. Everyone appears to have moved on unchanged, which makes sense, because it was never really about science and truth to begin with. It's sad to see exotic BIG data efforts getting lots of money and attention, when humble LITTLE data efforts are causing daily pain but starved for funding. See this. However, if you want to get value out of Big Data and associated technologies, be assured that it can be done. Just take this story as another note of caution.

  • Russia Hacks DNC, Podesta Email: Fake News

    The US government has declared that the Russian government has hacked important US entities. It has retaliated against the Russian government in response. It has now issued its official report providing the evidence of hacking. 

    The "evidence" is a joke. It proves nothing but the incompetence and/or duplicity of the agencies that issued it. The near-certain declaration that the Russian government was behind this and related hacks is fake news. The majority of the US press echos the fake news, supporting it with whatever is left of their credibility.

    Cybersecurity background

    Most large organizations have a big computer security problem. They just don't know how to get it done and don't seem to care, as repeated massive breaches have demonstrated. Government agencies are just as helpless. They issue regulations that tell corporations how to achieve security, but the regulations make things worse, and are ineffective for the government itself. There are solutions, but no one is interested.

    The Hacks

    The overall results of the hacks are well-known. In July, Wikileaks released 44,053 emails from officials of the DNC. In October, it released a large batch of Hillary Clinton campaign director John Podesta's email. Many important people immediately accused the Russians of performing the hack and providing the documents to Wikileaks.

    The Official Evidence

    The government's long-awaited official report of evidence that the Russians performed the hack was released last week by this government agency:

    US-CERT

    Here is how the report is described:

    US-CERT 1

    The report is 13 pages long, with a couple of linked files. The first thing that struck me was that, starting on page 5 and going to the end, the content had literally nothing to do with hacks or Russians — it was just a list of generic nostrums about how to be cyber-secure. One has to wonder where all this supposed powerful wisdom was while the US government Office of Personnel Management (OPM) hack took place; this hack resulted in the loss of highly sensitive data on over 22 million people. People who live in glass houses…

    What about the "evidence" contained on the first few pages?

    I have personally dealt with computers for a long time. I've had to fix serious problems, evaluate reports of problems and recommend solutions. There is a clear pattern of good work:

    • The person and group that did the work is clearly identified.
    • There is some kind of narrative that describes the problem and the path of discovery that leads to the conclusion.
    • Full details about the computers and software affected are provided. Is it a personal computer or a server? What version of what operating system is installed? If an application is relevant, what is the name and version of the application?
    • Full details about event data are provided, for example log files.
    • If there are anomalies, full details about them, included where and how they were found.
    • Enough data is provided so you can double-check any conclusions that may be drawn.
    • If more than one event is involved, this information is provided for each event, with all the information for example servers and operating systems clearly associated with the corresponding event.

    None of this standard information was provided in the report!  Any conclusions that are drawn, given the total lack of real, professional evidence, are therefore baseless.

    Details of the non-evidence

    The report provides no separate information about the DNC or Podesta hacks. It says nothing about whether an email server was hacked or a client. Nothing! What the report does have is a little information with generic diagrams, a very techie listing of part of a script, and a list of IP addresses. The contents of what they provided has been competently analyzed by a security firm. Here is their summary:

    Wordfence

    Let's look at the Podesta hack for a bit.

    I looked at a broad sample of the emails on Wikileaks. Podesta had a gmail account, john.podesta@gmail.com. While some of the emails were sent to another address, podesta@law.georgetown.edu, a quick look at the source of the emails (kindly provided by Wikileaks) shows that this was set up as a forwarding address, i.e., automatically forwarded to the gmail account. The source code I examined was all typical, i.e., not faked.

    No one claims Google was hacked. So it was Podesta's email account and/or the computer he used to access it. The report, of course, doesn't say. The hack could have been accomplished by any number of techniques, and certainly doesn't require sophistication.

    The list of IP addresses given is completely irrelevant for this kind of hack. If the hackers got his user name and password, all they needed to do was log in — no "attack vectors" required.

    Turning to the DNC, the report implies (but doesn't state) that the DNC server was attacked. It talks about how the hacker:

    Escalationwhich is quite impressive. How exactly did the malware "escalate privileges?" That's like saying that a lieutenant in the army suddenly became a general! By making it happen himself! It's only possible if there's a bug in the system that was hacked. Was it Microsoft Exchange? What's the bug? We'd like to know!

    Going into this made me more suspicious, because the Wikileaks site lists exactly 7 senior officials whose emails were hacked. Here's what they say:

    DNC

    All that's needed to accomplish this is a bent insider, like a junior Edward Snowden, or some good social engineering. In other words, more of the same that worked on Podesta. Otherwise, why would the hack be limited to exactly those 7 and no more?

    In other words, an examination of what was hacked leads to the strong suspicion that the "evidence" provided by the government has nothing to do with how the hacking was actually accomplished, or by whom.

    Conclusion

    Cyber-security is incredibly important. I don't care one way or the other that the DNC and Podesta were hacked. Shame on them for not caring about security when the world is full of bad guys. But I do care that many of our most important institutions such as our government and healthcare institutions fail to take it seriously, and when they do, are incapable of getting the job done. It hurts many of us, and someday could hurt us really badly.

  • Innovation and Experts

    Lots of people want to promote Innovation these days. Why not get in a top expert to help? Answer: if you want to innovate, ignore the experts! With rare exceptions, "experts" are the enemy of innovation, and supporters of the status quo.

    Experts

    If you're doing something new and want to do it right, it's natural to seek the help of someone who's been there and done that. If you want to do the thing in an innovative way, that's all the more reason to seek expert help; the innovation you need may already be out there, and who's more likely to know it than an expert?

    Turning to experts is what we do. At a basic level, that's why we have schools, degrees and certification programs. A person with an MBA is supposed to be much more of an expert about business than the average Jane or Joe. But an MBA is just an entry-level expert. What many people want is an Expert, or even better, an EXPERT!!

    An expert is someone who knows loads and loads about a certain portion of common knowledge. They can tell you what are the common practices in a given area, what they would characterize as "best practices." There may be some weird, fringe people out there working at you've-never-heard-of-it places who do things differently and make wild claims about what they do. But can you take the risk of going out on a limb and failing, when all the top organizations do X? Of course not.

    Experts are herd dogs. They get everyone to make roughly the same choices that everyone else makes, and go in roughly the same direction.

    Think about the process of selecting an expert. Don't you want someone who is generally acknowledged to be an expert? Who advises major organizations to do what the "leading" other major organizations do?

    Think about being successful as an expert. The vast majority of the potential fees come from major organizations. None of whom want to be told they're doing things all wrong. Most of whom would like validation, and maybe some minor tweaks. That's where the client list and fees come from.

    Experts want to be recognized, hired and paid by rich, mainstream organizations. Organizations want experts to help guide them to not stray too far from the pack.

    In other words, the vast majority of large organizations are like sheep traveling in a herd. If they wander off from the herd, they may get lost or hurt! Experts are like sheep dogs who bark and nip at the sheep who wander off or lag behind.

    If you want to innovate, the last thing you should want is a typical "expert."

    An expert on experts

    To get the real story on experts, let's turn to the person who is, above all others, THE expert on experts. Richard Feynman boils the subject down to terms anyone can understand:

    Science

    An "expert" is someone whose knowledge we are supposed to accept based on the authority of the expert. It's not our place to question it. The whole reason to get an expert is that we assume we can't possibly figure out what to do ourselves!

    A scientist reacts to assertions by the expert saying things like "why?" "How do you know that?" "Where are the experiments that prove that what you are saying is true?" Scientists don't take things on authority. Feynman is saying that experts are nothing more than people who say, with deep voices and calm authority, "This is the truth, my child." In any situation in which you are supposed to take things on faith, the natural reaction of the scientist is: you're definitely ignorant, and probably wrong. Why do you need the take-it-on-faith stuff if you can prove it? Science replaces faith in people (i.e. experts) with reliance on facts, proof, numbers and math.

    Experts and flight

    One of the best examples of innovation and the expert effect is the history of manned flight.

    One of the most famous experts of his day was Samuel Pierpont Langley:

    330px-Samuel_Pierpont_Langley

    He built and launched a couple unmanned planes that flew thousands of feet. He was famous. He got major funding from the government, and everyone expected him to succeed. He was the ultimate expert in aviation.

    There was just one problem. His planes all crashed. Here's one that "flew" right into the Potomac River in 1903:

    330px-Samuel_Pierpont_Langley_-_Potomac_experiment_1903

    Nonetheless, belief in the expertness of the wonderful expert Langley remained so great, in spite of his complete and utter failure to even come close to controlled manned flight, that his reputation remained high and all sorts of aviation-related things are named in his honor, from medals to airports.

    We all know who actually figured out how to make a flying machine: the Wright Brothers.

    11

    These guys built bicycles in Dayton, Ohio! No fame. No government money. In no way were they experts. But: they were scientists! In the true sense of the word — in Feynman's sense. Here's a bit of what they did:

    22

    In other words, they figured out what the real problems were, did designs, built prototypes, ran tests, and … innovated!!!  Here is one of their flights in 1904:

    1904WrightFlyer

    The rest of the story tells us a huge amount about innovation and experts. Briefly, no one believed them! They went for years trying to get government interest. Years later they were celebrated as heroes, but at the time, even the local government and press ignored them. Finally their accomplishments were accepted in 1909, when they flew up and down the Hudson River for half an hour in front of an estimated one million people, circling the Statue of Liberty.

    No one could believe that these non-expert nobodies could have solved a problem that stumped the nationally recognized, accepted experts.

    Conclusion

    If you want to know what to do, you have two basic paths.

    One is to hire an expert to tell you basically what everyone else is doing. It's a good way to be "safe," and avoid innovation of any kind. But nothing stops you from crowing about how innovative you are, at least compared to the sheep staring at your back legs!

    The other way is to be a scientist and figure out what the real problems are and how to solve them. Then do it. It's what innovators do.

    You pick. I know what my choice is.

     

Links

Recent Posts

Categories