Science, Values, and the Priority of Evidence

It is now commonly held that values play a role in scientific judgment, but many arguments for that conclusion are limited. First, many arguments do not show that values are, strictly speaking, indispensable. The role of values could in principle be filled by a random or arbitrary decision. Second, many arguments concern scientific theories and concepts which have obvious practical consequences, thus suggesting or at least leaving open the possibility that abstruse sciences without such a connection could be value-free. Third, many arguments concern the role values play in inferring from evidence, thus taking evidence as given. This paper argues that these limitations do not hold in general. There are values involved in every scientific judgment. They cannot even conceivably be replaced by a coin toss, they arise as much for exotic as for practical sciences, and they are at issue as much for observation as for explicit inference

Posthumanist Education

link_to_subscribed_fulltex

Human factor security: evaluating the cybersecurity capacity of the industrial workforce

Purpose: As cyber-attacks continue to grow, organisations adopting the internet-of-things (IoT) have continued to react to security concerns that threaten their businesses within the current highly competitive environment. Many recorded industrial cyber-attacks have successfully beaten technical security solutions by exploiting human-factor vulnerabilities related to security knowledge and skills and manipulating human elements into inadvertently conveying access to critical industrial assets. Knowledge and skill capabilities contribute to human analytical proficiencies for enhanced cybersecurity readiness. Thus, a human-factored security endeavour is required to investigate the capabilities of the human constituents (workforce) to appropriately recognise and respond to cyber intrusion events within the industrial control system (ICS) environment. / Design/methodology/approach: A quantitative approach (statistical analysis) is adopted to provide an approach to quantify the potential cybersecurity capability aptitudes of industrial human actors, identify the least security-capable workforce in the operational domain with the greatest susceptibility likelihood to cyber-attacks (i.e. weakest link) and guide the enhancement of security assurance. To support these objectives, a Human-factored Cyber Security Capability Evaluation approach is presented using conceptual analysis techniques. / Findings: Using a test scenario, the approach demonstrates the capacity to proffer an efficient evaluation of workforce security knowledge and skills capabilities and the identification of weakest link in the workforce. / Practical implications: The approach can enable organisations to gain better workforce security perspectives like security-consciousness, alertness and response aptitudes, thus guiding organisations into adopting strategic means of appropriating security remediation outlines, scopes and resources without undue wastes or redundancies. / Originality/value: This paper demonstrates originality by providing a framework and computational approach for characterising and quantify human-factor security capabilities based on security knowledge and security skills. It also supports the identification of potential security weakest links amongst an evaluated industrial workforce (human agents), some key security susceptibility areas and relevant control interventions. The model and validation results demonstrate the application of action research. This paper demonstrates originality by illustrating how action research can be applied within socio-technical dimensions to solve recurrent and dynamic problems related to industrial environment cyber security improvement. It provides value by demonstrating how theoretical security knowledge (awareness) and practical security skills can help resolve cyber security response and control uncertainties within industrial organisations

Neural network algorithms for fraud detection: a comparison of the complementary techniques in the last five years

Purpose: The purpose of this research is to analyse the complementary updates and techniques in the optimization of the results of neural network algorithms (NNA) in order to detect financial fraud, providing a comparison of the trend, addressed field and efficiency of the models developed in current research. Design/Methodology/Approach: The author performed a qualitative study where a compilation and selection of literature was carried out, in terms of defining the conceptual analysis, database and search strategy, consequently selecting 32 documents. Subsequently, the comparative analysis was carried out, in turn being able to determine the most used and efficient complementary technique in the last five years. Findings: The results of the comparative analysis depicted that in 2019 there was a greater impact of research based on NNA with 11 studies. 27 complementary updates and techniques were identified related to NNA, where deep neural network algorithms (DNN), convolutional neural network (CNN) and SMOTE neural network. Finally, the evaluation of effectiveness in the collected techniques achieved an average accuracy ranging between 79% and 98.74% with an overall accuracy value of 91.32%. Originality/Value: Being a technique which is applied and compared in diverse studies, ANNs uses a wide range of mechanisms concerning training and classification of data. According to the findings of this research, the complementary techniques contribute to the progress and optimization of algorithms regarding financial fraud detection, having a high degree of effectiveness concerning on-line and credit card fraud

SECURITY AS A MACHINE - STRUGGLING BETWEEN ORDER AND CHAOS

Our intension is to describe the abstract environment and the elements of information security. We bring together the basic concepts and patterns of thought of information security with the Deleuze & Guattari’s concepts of machine and territory. Security can be seen as a value-driven machine that produces security on various levels. Value growth and dominating market logics provides the fuel for the machine. It is comprised of three levels: physical, technical, and social. Change in any of the levels will affect the social agent, for example an employee. In the value-driven process, territories are established. They are safe zones with a certain order and rhythm. Insiders are brought in to the order. While this is done, the social agents within the territory are subjected to the praxis of the security machine that desires to control them completely. Thus, compliance of the subject is sought. Yet, compliance is based upon subject’s relation to the self, ethics of the self, which cannot be reached from the outside. As the body becomes a centre of the struggle, and as value dominates the rationale and reason, ethics of the self stands as a wall between education and policies, forming the most difficult element to control

Epistemically Detrimental Dissent in Climate Science

Dissent, criticism and controversy are integral to scientific practice, especially when we consider science as a communal enterprise. However, not every form of dissent is acceptable in science. The aim of this paper is to characterize what constitutes the kind of dissent that impedes the growth of knowledge, in other words epistemically detrimental dissent (EDD), and apply that analysis to climate science. I argue that the intrusion of non-epistemic considerations is inescapable in climate science and other policy-relevant sciences. As such there is the need to look beyond the presence of non-epistemic factors (such as non-epistemic risks and economic interests) when evaluating cases of dissent in policy-relevant science. I make the claim that the stable factors in the production of are the presence of skewed research and the effective dissemination of this ‘research’ to the public; the intrusion of non-epistemic values and consideration is only a contingent enabling factor

Inferring Others' Hidden Thoughts: Smart Guesses in a Low Diagnostic World

People are biased toward believing that what others say is what they truly think. This effect, known as the truth bias, has often been characterized as a judgmental error that impedes accuracy. We consider an alternative view: that it reflects the use of contextual information to make the best guess when the currently available information has low diagnosticity. Participants learnt the diagnostic value of four cues, which were present during truthful statements between 20% and 80% of the time. Afterwards, participants were given contextual information: either that most people would lie or that most would tell the truth. We found that people were biased in the direction of the context information when the individuating behavioral cues were nondiagnostic. As the individuating cues became more diagnostic, context had less to no effect. We conclude that more general context information is used to make an informed judgment when other individuating cues are absent. That is, the truth bias reflects a smart guess in a low diagnostic world

Atheism and Agatheism in the Global Ethical Discourse: Reply to Millican and Thornhill-Miller

Peter Millican and Branden Thornhill-Miller have recently argued that contradictions between different religious belief systems, in conjunction with the host of defeaters based on empirical research concerning alleged sources of evidence for ‘perceived supernatural agency’, render all ‘first-order’, that is actual, religious traditions positively irrational, and a source of discord on a global scale. However, since the authors recognise that the ‘secularisation thesis’ appears to be incorrect, and that empirical research provides evidence that religious belief also has beneficial individual and social effects, they put forward a hypothesis of a ‘second-order religious belief ’, with Universalist overtones and thus free of intergroup conflict, and free of irrationality, since supported (solely) by the Fine-Tuning Argument. While granting most of their arguments based on empirical research and embracing the new paradigm of the atheism/religion debate implicit in their paper, I contend that Millican’s and Thornhill-Miller’s proposal is unlikely to appeal to religious believers, because it misconstrues the nature and grounds of religious belief. I suggest that their hypothesis may be refined by taking into account a view of axiologically grounded religious belief that I refer to as ‘agatheism’, since it identifies God or the Ultimate Reality with the ultimate good (to agathon)

Parasitic Order Machine. A Sociology and Ontology of Information Securing

This study examines information security as a process (information securing) in terms of what it does, especially beyond its obvious role of protector. It investigates concepts related to ‘ontology of becoming’, and examines what it is that information securing produces. The research is theory driven and draws upon three fields: sociology (especially actor-network theory), philosophy (especially Gilles Deleuze and Félix Guattari’s concept of ‘machine’, ‘territory’ and ‘becoming’, and Michel Serres’s concept of ‘parasite’), and information systems science (the subject of information security). Social engineering (used here in the sense of breaking into systems through non-technical means) and software cracker groups (groups which remove copy protection systems from software) are analysed as examples of breaches of information security. Firstly, the study finds that information securing is always interruptive: every entity (regardless of whether or not it is malicious) that becomes connected to information security is interrupted. Furthermore, every entity changes, becomes different, as it makes a connection with information security (ontology of becoming). Moreover, information security organizes entities into different territories. However, the territories – the insides and outsides of information systems – are ontologically similar; the only difference is in the order of the territories, not in the ontological status of entities that inhabit the territories. In other words, malicious software is ontologically similar to benign software; they both are users in terms of a system. The difference is based on the order of the system and users: who uses the system and what the system is used for. Secondly, the research shows that information security is always external (in the terms of this study it is a ‘parasite’) to the information system that it protects. Information securing creates and maintains order while simultaneously disrupting the existing order of the system that it protects. For example, in terms of software itself, the implementation of a copy protection system is an entirely external addition. In fact, this parasitic addition makes software different. Thus, information security disrupts that which it is supposed to defend from disruption. Finally, it is asserted that, in its interruption, information security is a connector that creates passages; it connects users to systems while also creating its own threats. For example, copy protection systems invite crackers and information security policies entice social engineers to use and exploit information security techniques in a novel manner.Parasiittinen järjestyskone – tietoturvaamisen sosiologia ja ontologia Tämä tutkimus tarkastelee tietoturvaa prosessina eli tietoturvaamisena. Se keskittyy erityisesti kysymykseen siitä, mitä muuta tietoturva tekee kuin suojaa. Tutkimus ponnistaa ”tulemisen ontologiasta” ja sen käsitteistä ja ruotii, mitä tietoturva toimiessaan tuottaa. Tutkimus ammentaa kolmesta eri tieteen haarasta: sosiologiasta (erityisesti toimijaverkostoteoriasta), filosofiasta (erityisesti Gilles Deleuzen ja Félix Guattarin koneen, territorion ja tulemisen käsitteistä sekä Michel Serresin parasiitin käsitteestä) ja tietojärjestelmätieteestä, josta väitöstutkimuksen kohde juontaa juurensa. Sosiaalista hakkerointia ja ohjelmistomurtajia – kräkkereitä – analysoidaan tietoturvan murtumisen esimerkkeinä. Yhtenä olennaisimmista tutkimustuloksista on, että tietoturva on itsessään aina keskeyttävää ja häiritsevää: tietoturva analysoi ja näin keskeyttää jokaisen sen kanssa kosketuksiin tulevan entiteetin siitä huolimatta, oli kyseinen entiteetti sitten haitallinen tai ei. Tämän väliintulon seurauksena entiteetistä tulee aina erilainen (tulemisen ontologia). Tietoturvaaminen pyrkii järjestämään suojeltavat ja suojelevat entiteetit erilaisiksi hallittaviksi alueiksi, territorioiksi. Tietojärjestelmien alueet (esimerkiksi järjestelmän järjestetty sisäpuoli ja järjestämätön ulkopuoli) ovat kuitenkin ontologisesti samantasoisia. Ainoa ero territorioiden välille syntyy siitä, miten ne ovat järjestettyjä. Toisin sanoen haittaohjelmat ovat samanlaisia kuin hyötyohjelmatkin – molemmat käyttävät järjestelmää. Ainoa ero muodostuu niiden suhteesta järjestykseen. Kyse on siis siitä, kuka käyttää järjestelmää ja mihin tarkoitukseen. Toiseksi tutkimus osoittaa, että tietoturva on aina ulkopuolinen lisä suhteessa suojattavaan järjestelmään (näin tietoturvaa voidaan serresläisittäin kutsua parasiitiksi). Kun tietoturvaaminen luo suojaa järjestämisen kautta ja kun se yrittää ylläpitää järjestystä, se tulee luoneeksi suojeltavalle järjestelmälle uuden järjestyksen, joka rikkoo aiemmin olemassa olleen järjestyksen. Esimerkiksi kopiosuojaus on suojattavalle ohjelmistolle täysin ulkoinen tekijä. Kun kopiosuojaus lisätään järjestelmään, siitä tulee erilainen. Näin tietoturva, jonka pitäisi olla häiriöiden poistaja, häiritseekin itse suojattiaan. Tutkimus väittää, että tiedon turvaaminen keskeyttämisineenkin luo yhteyksiä. Esimerkiksi tietoturva yhdistää käyttäjät järjestelmiinsä, mutta se luo samoin myös omat uhkansa. Esimerkiksi kopiosuojaus kutsuu luoksensa kräkkereitä ja tietoturvapolitiikat houkuttelevat sosiaalisia hakkereita. Molemmat, kräkkerit ja hakkerit, keksivät tietoturvalle uuden käyttötavan.Siirretty Doriast