Many potato chips contain, for example, dairy products (often sour cream or cheese). These are not vegan. Additionally, there are, for example, bacon-flavored ones. 
8 Likes
Iâve pondered in several Varttis how the AI revolution should, at some point, also manifest as clear losers on the stock market (at least in the eyes of investors) instead of just AI companies skyrocketing.
Well, now itâs really starting to show. 
34 Likes
Do these count? 
2 Likes
As a young and naive open-source devotee, I used to ask why the company didnât use âfreeâ software, preferring instead to pay large lump sums for licenses etc. annually. (For the youth: back then in the early 2000s, there was no monthly subscription-based software.)
I heard the reasons why. They prefer to buy something ready-made and packaged, and above all, they want someone to call when thereâs a fault in the product or someone to ask for help.
Is the nightmare of organizations, Shadow IT, really the new normal going forward? Departments developing their own software solutions and giving the middle finger to lifecycle models and other illusions of order desperately maintained by IT architects?
Maybe times really are different; organizations are practicing a laissez-faire approach and letting all software bloom. Change must come regardless â if we imagine AI benefits will magically emerge just by bolting Microsoft Copilot onto the desktop, the job will remain half-done. The change is bigger than the classic traditional way of buying product X and imagining it will handle the job.
In this light, the software industryâs âde-SaaS-terâ (my own term) sounds exaggerated. Not because AI couldnât already handle many kinds of utility software, but because corporations donât easily bend to the kind of agility that in-house software development would require. (As a curiosity, even in the 1980s and 90s, organizations had a surprising amount of self-made software. Maybe those times are experiencing a renaissance?)
10 Likes
Yum. Looks like delicious trail food.
Could be compared to pemmican: Pemmikaani â Wikipedia
2 Likes
Iâm a bit limited with my taste buds in that these various flavored potato chips donât really appeal to me. Bacon as bacon, on the other hand, is an absolute treat.
Jamie Oliver once quipped that bacon adds more flavor to vegetarian food. And just last week I was wondering about this vegan bacon seasoning. But when you stop to think about it, surely bacon seasoning wouldnât be some kind of ground-up pigâs butt anyway.
3 Likes
This hits close enough to my own work that Iâll share some perspectives 
The bigger the company, the more administration there is. The task of this administration is to create and maintain order, whether that order consists of policies, principles, or other rules and guidelines. Over time, this kind of order tends to exist for the sake of orderâthat is, for its own sake. People are hired as maintainers of order who, from the perspective of the companyâs value creation, produce nothing, but they see their work as equally important. After all, that is what they have always done for a livingâmaintained.
Well, once a sequence of events like the one above has continued long enough, it actually becomes the companyâs prevailing culture; residual risks in everything are minimized, and changes that are too large are rejected. In practice, the company begins to regress because no one learns or develops, and it shields itself from outside influence.
Then the unfortunate reality occurs: one day, some poor soul hires a 27-year-old junior in the prime of their life to replace a retiring Pertti. From day one, this junior starts wondering why this and that arenât being done. For a while, this junior manages to achieve all sorts of things through sheer diligence, until they hit the realities of a large corporation: the company has hard boundaries, such as roles being tied to the systems they maintain, and these individualsâ ability to see beyond their own responsibilities is zero. Any change that would require looking at competencies, role assignments, or restructuring requires management support, but management is part of the same culture and doesnât know how to conceive of a state different from what they have maintained for years!
The increasingly digital world, especially in the 2020s, has significantly challenged large companies that operate in a client-provider type arrangement. That is, they have sometimes outsourced even their core competencies to partners and settled for coordinating work through commercial contracting. These people certainly know how to demand payment terms and draft framework agreements that require data processing agreements, but none of them know how to design or innovate anymore in the industry where their employer generates its revenue.
After all this ranting, Iâll summarize: management in particular should look at all their support functions and ask the question: What should the support function actually be doing, and what expertise would that require? Business development in 2026 is so digital in nature that it is outright strategic for processes like manufacturing, distribution, or sales to be in the hands of your own employees, and for these people to understand the missing enablers that allow for growth.
38 Likes
NNirvi too appreciated it and maybe still does 
Take a trip down memory lane:
Command & Conquer arrived with a bang in late 1995. After that, the RTS genre was never the same again, and sweet chaos filled the screens of PC gamers around the world as they commanded their troops - also against each other. How many points did the game get in its review back then? Is it worth building a base at the foot of a cliff? Does the loss of troops sting? Pin on your stripes and get ready to reminisce!
6 Likes
Am I the only one, or are others also thinking about how reporting on block trades is entirely a matter of perspective?
Sometimes people talk about someone buying a block (apparently the reporter is long in this case), and other times itâs reported that someone wanted to get rid of a block (a negative view of the target). However, the situation is always the same; in a block trade, there is always a buyer and a seller.
6 Likes
I was actually thinking the same thing when I posted that.
I wrote it that way because the realized price was, in my opinion, low enough compared to recent averages that I thought the seller was the one with a greater need for the transaction.
Iâm not sure if that line of reasoning makes any sense.
7 Likes
You hit the nail right on the head with this great post! You only need to look at what happened to agile development in the corporate world to easily see how AI is going to end up. The anarchist idea of agile development was to return power to the teams, let them be self-directed in their work with maximum flexibility, and take responsibility for their own work environment and methods. But that kind of activity can absolutely not be permitted, so as a counter-strike by the old guard, a counter-revolutionary, top-down, maximally inflexible daily reporting ritual-scrum was implemented everywhere.
Now that any Jane or Joe can ask an AI language model to create a PowerShell script or a piece of code for their own program, it will be blocked in the coming years for security and data privacy reasons by restricting the execution of oneâs own code and scripts on work computers. In many workplaces, itâs already becoming apparent that employees have used ChatGPT for Excel editing, after which the use of external chatbots was banned and employees were instructed that only the Excel-integrated Copilot may be used for processing company data. You know, that lobotomized Microslop solution that refuses to make any direct edits to Excel and for which, on top of everything, the company has to pay a hell of a lot.
In smaller companies, this problem obviously doesnât exist, as they might not have even had time to hire some âcompliance officerâ admin-jesus to harass employees and restrict their productivity
37 Likes
I donât quite see the point of taking out a loan for the same amount youâd put up as cash collateral?
Itâs quite hard to believe that no bank would grant such an amount. Apparently, your son is at the very beginning of his entrepreneurial career and canât yet show any income from the business, e.g., for a full year?
1 Like
If I try with desperate fervor to link this theme to investing, the classic saying âonly when the tide goes out do you discover who has been swimming nakedâ comes to mind. In the same way, AI is bringing us a world where an individualâs ability to create software (or anything else digital) is no longer tied to previously essential tool-specific skills in the same way, but rather to oneâs own ability to create something new and innovative.
If anything is scary about the AI transition, it is precisely that we can no longer hide behind âdigital complexities,â but could instead do all sorts of things if we just had the energy or, more importantly, the wit.
And I wouldnât make this an age issue. There are ârebelsâ among us more experienced folks, too. Iâll admit that tilting at windmills has caused the old lance to go limp. (And Viagra wonât help with that.) Management hates chaos, which is exactly what team- and individual-led development actually is. Under the pressure of information, bosses buy into whatever promises to reduce chaos and let them focus on what they deem essential. Thatâs why outsourcing and software acquisitions are popularâthey are used to outsource problems off the managersâ desks. The rest is handled by the various controllers and gatekeepers that management loves for the reasons mentioned above.
Therefore, paraphrasing Juice [Leskinen] with quite a bit of experience under my belt, Iâd say that âbureaucracy cannot be taught other than by taking it behind the corner and putting it out of its misery.â Young 27-year-olds might now have the opportunity of a lifetime to create something new in their own environment. Itâs better to avoid the fight and avoid pointless arm-wrestling against corporate management culture. And if you somehow manage to win that, remember that the HR department is the âfinal bossâ of the game!
6 Likes
Pride goes before a fall.
Characters, characters, Iâd just like to fill themâŠ.â«â«
6 Likes
Reading your message gave me a sense of dĂ©jĂ vu, and Iâve been pondering the same things. I work in the IT department of a medium-sized (by Finnish standards) company, and I have my hands in many things, including data security, compliance, auditing, risk assessment, and management.
Having spent several decades developing various scripts, problem-solving, and internal software solutions, I can say that both perspectives of this beast have become familiar. Here, itâs good to understand that in the corporate world, responsibilities, legislative requirements, and damage risks are often significantly greater than for a novice coder making customer management and billing software for Pirkko the plumber or Pena the hairdresser using ready-made, freely downloadable modules and a couple of PS scripts.
For example, in AI, only the Copilot Work side can be used to process material that is confidential or internal to the company. This is because we cannot be sure that ChatGPT or DeepSeek wonât âsuck up our inputsâ and use them for further training of their models. Once company customer data is entered into the internet, you canât get it back. Itâs always good to keep the rule of thumb that âthe Internet does not forget.â In such cases, we could inadvertently violate, among others, GDPR regulations, where fines for a large corporation can be substantial.
The EU GDPR sets a maximum fine of âŹ20 million (about ÂŁ18 million) or 4% of annual global turnover â whichever is greater â for infringements.
A homegrown script transferring customer data unencrypted over the internetâeven accidentally to the wrong serverâor simply storing it in the cloud without user authentication can be enough for a penalty. Itâs easy, of course, to use a public OneDrive share when you donât need to remember any credentials and can access it from anywhere. 
Furthermore, appropriately positioned corporations might be NIS2 entities.
Who do the obligations apply to?
The regulation applies to critical sectors of society. The organizations subject to the regulation are either essential or important depending on their size, sector, and criticality.
What does NIS2 require then?
Compliance with cybersecurity risk management obligations
Oops. Sounds bureaucratic.
The entity must have an up-to-date cybersecurity risk management operating model in place to protect communication networks and information systems, as well as their physical environment, from incidents and their impacts.
Oh boy. For this, an assessment, a plan, and documentation must be made.
Entities must implement proportionate technical, operational, or organizational management measures in accordance with the cybersecurity risk management operating model to manage risks to the security of communication networks and information systems and to prevent or minimize adverse impacts.
Surely thatâs not much work?
The cybersecurity risk management operating model and the management measures based on it must take into account and maintain as up-to-date at least:
risk management policies and assessment of the effectiveness of management measures;
policies concerning the security of communication networks and information systems;
security in the acquisition, development, and maintenance of communication networks and information systems, as well as necessary procedures for handling and disclosing vulnerabilities;
the overall quality and resilience of products from direct suppliers and services from service providers, the management measures included in them, and the cybersecurity practices of direct suppliers and service providers;
asset management and identification of functions important for its security;
personnel security and cybersecurity training;
access management and authentication procedures;
policies and procedures for the use of encryption methods and, where necessary, measures for using secure electronic communication;
detection and handling of incidents to restore and maintain security and operational reliability;
backup, recovery planning, crisis management, and other business continuity management and, where necessary, use of secure backup communication systems;
basic information security practices to ensure operations, telecommunications security, hardware and software security, and data asset security; and
measures to ensure the physical environment and facility security of communication networks and information systems, as well as essential resources.
Well, the first thing weâll likely have to do is limit that new IT guyâs enthusiasm to swap Office for that open-source alternative, as the security of the downloadable packages, download servers, and the software would have to be assessed somehow, since we donât really know whatâs inside it. And if theyâre just downloaded from some server, we canât demand any supplier to ensure that the product is one that meets GDPR requirements or that our data wonât be found in Beijing or Moscow in a weekâs time.
Well, if youâre unluckily a NIS2 entity, customers might demand some certification from you. For example, ISO-27001. What is that?
ISO/IEC 27001 is the worldâs best-known standard for information security management systems (ISMS). It defines requirements an ISMS must meet.
The ISO/IEC 27001 standard provides companies of any size and from all sectors of activity with guidance for establishing, implementing, maintaining and continually improving an information security management system.
Surely thatâs not hard to get?
Only 10 points, fortunately. What does it mean in practice?
The ISO 27001 standard contains a total of 93 different information security controls.
And the shittiest part is that someone external will come and dig through the documents and plans youâve made to ensure they actually comply, so you can get the certificate.
The ISO 27001 standard requires both internal and external audits, and the entire organization should be prepared for these.
https://www.arter.fi/iso-27001-10-keskeista-vaatimusta/Indeed, just because you have grown into a larger player with quality-conscious customers, it inevitably makes your organization more rigid in order to meet the necessary requirements. Even a small company can be a NIS2 operator and hold an ISO-27001 certificate while still being an agile player, but it requires internal structure and the right procedures in all operations, which add to the maintenance burden in the background that someone needs to handle.
Access control, maintaining the operation of security software, firewall management, locking cabinets, data retention processes, network access rights management, monitoring GDPR regulations, etc., do not happen by themselves. And if they are not followed, the result can be fines in the mildest case and the loss of customers in the worst.
For those craving a thriller, I recommend the story of when NotPetya got into Maerskâs systems in 2017. With the right security protocols, this would not have happened. The story is a learning experience for when security is seen as nothing but a cost and a hindrance to work, until the true price of ignoring security is realized. And even the best software or practices are of no use if there isnât that compliance enforcement in the background making shortcuts difficult or impossible. People always take the path of least resistance. Information security can only truly be realized when the secure way of doing things is the easiest, and all other ways are more difficult.
36 Likes
Legislation is admittedly an endless quagmire where new requirements keep cropping up that no one in the company has realized or had time to consider, and once one area is brought up to the required legal standard, a public data leak occurs somewhere else.
Does your company accept email feedback from customers? Congratulations, your email system is now processing personal data and you need to have a written description of where emails are stored, how long they are kept, and who handles them:
Want to deploy a new IT application? Not before a data protection impact assessment (DPIA):
Admittedly, the easiest way out is to outsource all this bureaucratic crap as far as possible to an external provider and demand compliance with legislation, best practices, and standards in the contract. Of course they donât actually do it, but at least the problem isnât on your desk.
9 Likes
Iâve done quality management crap myself in two different listed companies. In reality, the company is the one paying these auditing firms, so itâs easy to guess that the situation leads to a win-win scenario. Auditors take a lenient view of things and come up with some relatively easy development targets. These are then checked on again the following year.
8 Likes
Iâve started to get fed up with the incredible whining that every social media platform is full of regarding these electricity prices and all the outrage over the fact that spot-price electricity works like⊠well⊠an EXCHANGE. People are demanding price caps, even though we already have options like fixed prices. But no, they want summer exchange prices and then, say, a 5-cent price cap for the winter. Yeah, right.
The guy in the link is a character. I hope I donât offend anyone by saying this, but thatâs more of a hobby (some twisted obsession?) than a cost-saving measure.
And at the same time, thereâs an electric car in the picture with a value that is dropping by âŹ1000/month.
55 Likes
I wonder if opting for spot-price electricity has been made too easy? Perhaps there should be a knowledge test, similar to the ones banks use for more complex investment instruments?
46 Likes