Career and Life Advice for New Master of Science in Analytics Graduates

I’ve been the sponsor for a new Toastmasters Club at Southern Methodist University. As a soon-to-graduate student started talking about the excitement of having a real paycheck in the near future, I gave her my standard financial advice–set aside savings first. I decided to expand that and write about career and life advice for new analytics graduates. The following are my thoughts for the class of 2015.

Start a Lifetime Habit of Saving Money

Your first job will be unusually well paying compared to the jobs most of your peers over the last couple of years have gotten. After you get a decent professional wardrobe for work, your first goal should be to start a lifetime of saving money. When I graduated from college with a Chemical Engineering degree, the best advice that I ever received came from my brother-in-law who pointed out that at age 65, saving $2,000 per year from age 22 to 30 is the same as saving $2,000 per year from age 30 to age 65. It depends a little on what investment rate you use, but this is consistently true; after 8 years, saving $2,000 per year will generate about $2,000 per year in earnings. Saving early in life will give you flexibility later on that is sadly unusual in our society.

The two obvious reasons for saving are to prepare for emergencies like massive layoffs when your company is in trouble, and for retirement. There is another reason that no one ever talks about but which is perhaps more profound: the ability to survive being ethical. In your ethics classes, discussions have probably centered around what is right and what is wrong. Most people have this figured out without difficulty. What many people don’t have figured out is how to survive behaving ethically when a manager or someone with control over your job pressures you to do something that is not right and might even be illegal. If you live in a huge house, drive the latest luxury car and live paycheck-to-paycheck, you will be hard pressed to refuse, and the person pressuring you will know it. If you drive an old car, live in a small house and have a year’s salary in the bank, the person will probably know that too, and is unlikely to even try to pressure you into doing something unethical, because the implied threat of firing is not going to crush you. Knowing what is right is easy; doing what is right is not at all easy, but is much easier when you have a strong financial cushion.

A final reason to save is just the peace of mind. During the early 1990s, IBM went through a very difficult time with new layoffs and site closures announced weekly. There were many couples where both worked at the company. Some required two very good incomes to make their house payments and car payments. They were so stressed out about getting laid off that their job performance suffered, and becuase their job performance suffered, they were ultimately laid off. Those with financial situations that were sustainable on one income did not get stressed, their job performance did not suffer, and they did not get laid off.

Never, Ever Invest Your 401K in Your Employer’s Stock

At IBM, I saw a number of people whose life savings shrank significantly when the stock declined in the early 1990s at the same time that they were laid off. At Enron, many employees had their life savings invested in Enron stock, and lost their savings and job at the same time when the company collapsed. The same thing happened to employees at MCI/WorldCom, and to partners at Arthur Anderson when those firms collapsed.

Do not lose your job and your savings at the same time. Don’t put your 401K savings in your employer’s stock.

Start a Lifetime of Continuous Learning

With the exception of the underlying math and statistics, everything that you learned over the last year will be financially obsolete within three or at most five years. You should plan now to read several business and technical books each year, every year. As one consulting manager once told me, “you only need to be one page ahead of the customer in the book, but you must ALWAYS be one page ahead.”. Spend freely on books. If a $50 book saves you an hour on a task, it has paid for itself. Most $50 books will save you scores of hours on Internet searches.

If you read the manual for a product or package from cover to cover, you will be a top expert overnight.

Do Your Own Technology Forecast

Perhaps the most significant single lecture of my academic career was on technology forecasting–the most obvious case was what does Moore’s Law mean for new computer applications. By applying technology forecasting to your career and the tools that you learn, you will be able to avoid career threatening dead ends. For example, at one point in my career, I was responsible for helping IBM’s customers determine when to move document images from expensive disk storage to cheaper optical storage and realized that the relentless drop in disk storage prices would make this decision pointless about 18 months in the future. With this knowledge, I was able to plan a career move from IBM’s document imaging products to data warehousing tools–another use for my core database and optimization skills.

Make your own decisions about what products will be winners and losers, and invest your skills in those products.

Make Sure that Some Portion of Your Skills are Based Upon Open Source Software

Today, this might seem obvious, but it is worth talking about nonetheless. Open source software should be an important component of your career planning, as for the most part, no single entity controls a product as is the case with commercial software. With commercial software, a single individual at a single company can make a decision that will make portions of your skill portfolio obsolete overnight. While in graduate school, I wrote a lot of code using IBM’s C++ libraries; those skills and that code became worthless overnight when IBM discontinued that set of libraries. The same thing occurred when IBM abruptly changed direction for data warehousing products and made a set of skills obsolete overnight.

In the open source world, products don’t gain traction unless they are reliable and useful, and when they lose popularity, they tend to do so over a long period, giving you more time to replace that skill set.

Knowing open source tools also makes it possible for you to move to smaller companies. If the only statistics package that you know is SAS, your job opportunities will be limited to firms that already have SAS, or have the money budgeted to purchase it. If you stats skills are based upon R and other open source tools, you can go to just about any company, because you won’t need to convince management to purchase an expensive tool portfolio.

Read the Business Press and Your Company’s Financial Statements Regularly

When IBM went through near bankruptcy in the early 1990’s, the Wall Street Journal usually had information on layoffs about a week before they were announced, and the information was much more complete than the internal statements. Similarly, the quarterly statements had a lot of information that was helpful in understanding what was happening, and what expense reduction actions were going to occur in the future. Understanding whether management is working to manipulate numbers like “sales, general and administrative expense” or to improve fundamentals will give you insight into the future viability of the company, and whether or not it is a good place to stay long term.

As a manager, you probably will not be able to answer all of your employee’s questions about the financial health of the firm, but you can teach your employees how to read financial statements. This approach can help morale tremendously when a company is in financial difficulty.

Take Vacations Where the is No Cell Service

With cell phones, the days when you could escape from work and unplug on the weekend are long gone. As a member of the class of 2015, you may never have experienced a vacation where your parents were completely disconnected from work. It is a truly wonderful though increasingly rare experience. Disconnecting from work and drawing boundaries is important for your mental health and for organizational health as well; it is better to find out that the organization doesn’t have skills redundancy while someone is on a routine vacation than to find out when a critical employee quits or is hospitalized.

Look at your cell phone provider’s service map and find a place where the coverage map is blank. That is where you want to go for some of your vacations.

Details

Written by Bruce Moore

Published: 12 May 2015

Created: 12 May 2015

Last Updated: 13 May 2015

Hits: 2774

• Speech

Counterfeit HTTPS Certificates and Browser Updates

In Maintaining Digital Certificate Security, Google describes a March 20 case where a CNNIC, a Chinese Certificate Authority that was listed in the root certificate lists for all of the major browsers gave its private keys to an Egyptian company that then placed the keys in a man-in-the-middle proxy that can intercept secure communications. MCS then issue counterfeit certificates for Google.

Google Chrome and Firefox have both issued updates to revoke the root authority of CNNIC. If you have one of those browsers, you have probably seen messages to update to a newer release containing the updated root certificate store. At this writing, Microsoft blocked the MCS issued certificates, but has not updated Internet Explorer to revoke CNNIC's root CA. Apple has also revoked the MCS issued blocked the MCS issued certificates. For statements from browser vendors, see

• Google Chrome article Maintaining Digital Certificate Security
• Firefox article Revoking Trust in one CNNIC Intermediate Certificate
• Blog post regarding Apple Apple Leaves Chinese CNNIC Root In OS X and iOS Trusted Stores
• Microsoft Internet Explorer Article Improperly Issued Digital Certificates Could Allow Spoofing

Manually Revoking a Root Certificate in Safari

To manually revoke the CNNIC certificate in Safari, Revoking Chinese CNNIC Root Certificate in Mac OS X provides instructions for OS X.

Details

Written by Bruce Moore

Published: 18 April 2015

Created: 18 April 2015

Last Updated: 18 April 2015

Hits: 3203

• Security
• Web Hosting
• iOS
• OS X
• Linux
• Windows

iOS HTTPS Vulnerability

A number of security outlets are reporting on two HTTPS vulnerabilities affecting all iOS applications that use the AFNetworking library. The original report of the first vulnerability is available from SSL MiTM attack in AFNetworking 2.5.1 - Do NOT use it in production! SourceDNA gives a measure of the number of apps that are vulnerable in the article Finding Every Vulnerable App in the App Store.

There are several ways that this vulnerability could be exploited:

• A man-in-the-middle attack via a public wi-fi access point at a coffee shop. Banking and other passwords could be stolen.
• A man-in-the-middle attack executed via DNS hijacking.
• A man-in-the-middle attack executed via router hijacking.

The list goes from easiest to most difficult to implement, and from lowest impact to highest impact. A router hijack man-in-the-middle could allow an attacker to steal passwords for all accounts that use online banking during the time that the router hijack is in place.

Determining Whether or Not Your Bank’s Application is Vulnerable

SourceDNA has provided a tool to help you determine whether or not your application uses the vulnerable libraries: see iOS Security Report. According to this tool, several major banks’ applications are vulnerable to this problem.

It is likely that attackers are using similar methods to identify vulnerable applications and banks.

Apps that use key pinning are not vulerable, but it is difficult if not impossible for a user to determine whether or not the developer has implemented key pinning.

Fixing the Problem

AFNetworking 2.5.3 contains the fix to this problem, in the line item “Change validatesDomainName property to default to YES under all security policies”, but all apps need to be recompiled and updated in the App Store. Verify that your application vendor has updated your application.

Interest in AFNetworking

To understand how much effort is being put into either remediating the problem or developing attack code, Google Trends offers some insights into how often people are searching on “AFNetworking”, as shown in Figures 1 and 2 below.

Details

Written by Bruce Moore

Published: 30 April 2015

Created: 30 April 2015

Last Updated: 30 April 2015

Hits: 2959

• Security
• Web Hosting
• iOS

Diagnosing Problems with Streaming Services on Smart TVs

Many businesses have TVs in waiting rooms and break rooms. In some cases the TVs receive their programming over WiFi connections, which can sometimes be unreliable. I was recently asked to diagnose some WiFi problems with an LG 42L-V5500 TV set and discovered some configuration problems that don’t occur in most Internet devices.

There were two symptoms:

• Frequent buffering during playback of Netflix and other streaming services.
• Intermittent situations where some smart TV applications would initialize and others would not.

The buffering problem turned out to be interference on the 802.11n 2.4Ghz channel number 6. The router was set for automatic channel selection; using the WiFi Analyzer Android application, it was clear that channel number 6 had little interference in the vicinity of the router, but much interference in the vicinity of the TV. Switching the router to channel 1 improved the signal strength registered on the TV from two to three bars. The 5Ghz channel showed four bars but the Wi-Fi Protected Setup (WPS) automatic configuration would not choose the 5G channel.

To configure the 5Ghz channel, I had to manually configure select the 5Ghz SSID, but configuration failed when the TV tried to access a domain name server (DNS). Most devices list two DNS servers during DHCP configuration, but the TV was only listing one, and it could not get a response from the DNS server.

To resolve this problem, I switched the TV to static IP configuration, and instead of using the Internet service provider (ISP) provided DNS servers, I configured the Google DNS server address of 8.8.8.8. The Smart TV went through its tests quickly and all applications initialized quickly and worked reliably.

First, it is clear that when configuring home and small business WiFi networks you must look at interference at both the router location and at the receiver location; sometimes this will require manual configuration to use 5Ghz channels where there are fewer interference problems than on 2.4Ghz channels. Second, when devices have difficulty initializing, look at DNS problems early in the diagnosis process.

Details

Written by Bruce Moore

Published: 10 April 2015

Created: 09 April 2015

Last Updated: 25 September 2015

Hits: 3003

• Network
• Entertainment