Daily Tech Digest - January 15, 2018

Blockchain Company Wants to Create Alternative Decentralized Digital Economy

Blockchain Company Wants to Create Alternative Decentralized Digital Economy
One recently proposed solution to this is Pocketinns, which aims to disrupt this space by acting as a collection of marketplaces. Nearly anything you can think of would be available on the platform – its goal is to turn all the current monopolies on their heads by providing a safer, secure alternative platform by offering the same quality promised by these giant corporations.The company already has a home sharing and vacation rental marketplace active and live in Europe with 50,000 properties and is looking at adding another 250,000 properties in the next few months and all of this happens at zero percent commission. Pocketinns looks to follow the monthly subscription model by offering multiple services on one single platform.In addition, the future vision includes building an internal financial network used to support the internal transactions which include payment processors, remittances, banking, etc.

20 years on, open source hasn’t changed the world as promised
This chicken-and-egg conundrum is starting to resolve itself, thanks to the forward-looking efforts of Google, Facebook, Amazon, and other web giants that are demonstrating the value of open-sourcing code. Although it’s unlikely that a State Farm or Chevron will ever participate in the same way as a Microsoft, we are starting to see companies like Bloomberg and Capital One get involved in open source in ways they never would have considered back when the term “open source” was coined in 1997, much less in 2007. It’s a start. Let’s also not forget that although we have seen companies use more open source code over the past 20 years, the biggest win for open source since its inception is how it has changed the narrative of how innovation happens in software. We’re starting to believe, and for good reason, that the best, most innovative software is open source.

Why you’ll fire Siri and do the job yourself

ObEN’s PAI approach is one answer to the question of how virtual assistants with agency might function. We’ve assumed for years that virtual assistants will do more than just answer our questions, which is mostly what they do today. Future virtual assistants should buy things, negotiate fees, automatically remind co-workers of their deadlines and more. Consider Amy, the x.ai virtual assistant. Amy is A.I. that interacts via email and schedules meetings. Amy has a personality and can make decisions in an email conversation, such as the meeting participants and the Amy virtual assistant negotiating available times for meetings. Amy is a virtual person, and many people who encounter Amy assume they’re interacting with a real human. If our virtual assistants are to be “personalities” like Amy, they could also be virtual representations of ourselves. This approach is actually more transparent than the A.I. that’s currently used.

Safeguarding your biggest cybersecurity target: Executives

Safeguarding your biggest cybersecurity risk: Executives
“Executives need to internalize that they are targets,” says Bill Thirsk, vice president of IT and CIO at Marist College. “Cyber attackers take time to watch, plan, practice, hone, and harden their art before going after a high-value target. Attackers have the luxury of stealth, time, duplicity, and multiple platforms for designated random attacks — all of which work against normal human behavior, curiosity, and the need for connectedness.” An executive’s “digital footprint” needs to be understood and gaps must be closed as a matter of practice, Thirsk says. Social accounts should be registered, confirmed, and monitored, he says. But getting executives to buy into protection is a challenge. “Every statistic I’ve seen shows that executives are the least likely to adhere to policies that they expect everyone else to follow,” says Paul Boulanger, vice president and chief security consultant at SoCal Privacy Consultants. “In part, this is because they are the people most willing to sacrifice security for convenience.”

IT service management effectiveness hampered by lack of metrics

According to the study, the increasing demand placed on IT operations is resulting in teams taking on more work than they can handle. Axelos found that this could be having a negative effect on their reputation. “Despite struggling to keep up with demand and working beyond realistic expectations, they are still perceived as delivering poor performance,” the report stated. IT operations and development teams said they wanted to eliminate inefficient practices. The study found that 55% of ITSM professionals who took part in the survey showed an interest in identifying and eliminating wasteful work through the use of continuous service improvement, DevOps and agile practices. Axelos found that larger organisations tend to recognise lack of visibility as a problem, while smaller organisations struggle more with inefficient processes and understanding customer needs.

AI Begins to Infiltrate the Enterprise

Image: Shutterstock
The data that feeds AI systems can also present obstacles. "The gathering and curation of data is a key challenge," said Patience. "We see that over and over again, where either organizations don't have enough data, or they have it and can't get access to it.” Then there are the problems with the technology itself. While AI research has advanced incredibly quickly in recent years, we still don't have a general artificial intelligence that truly thinks and learns the way humans do. As a result, human interactions with AI are sometimes less than satisfactory. "The 'klutziness,' if you will, of a computer itself is a serious challenge," Hadley said, adding, "The opportunities for mistakes and disasters from the point of view of the customer experience are much more likely." That leads to a bigger issue: trust. "The overarching issue in the whole development of the field is do people trust the results that they get out of a machine?" Reynolds said.

Spectre and Meltdown explained: What they are, how they work, what's at risk

thinkstock 500773792 cpu processor
The problem arises because the protected data is stored in CPU cache even if the process never receives permission to access it. And because CPU cache memory can be accessed more quickly than regular memory, the process can attempt to access certain memory locations to find out if the data there has been cached — it still won't be able to access the data, but if the data has been cached, its attempt to read it will be rejected much more quickly than it otherwise would. Think of it as knocking on a box to see if it's hollow. Because of the way computer memory works, just knowing the addresses where data is stored can help you deduce what the data is. ... Spectre and Meltdown both open up possibilities for dangerous attacks. For instance, JavaScript code on a website could use Spectre to trick a web browser into revealing user and password information. Attackers could exploit Meltdown to view data owned by other users and even other virtual servers hosted on the same hardware, which is potentially disastrous for cloud computing hosts.

Don't Use a Blockchain Unless You Really Need One

Most CoinDesk readers are probably familiar with the usefulness of decentralization in a monetary context (and if you're not, take a look at recent articles about cryptocurrency adoption in Iran, Venezuela, Russia and, ahem, the alt-right). The neutrality, censorship-resistance and openness of a permissionless network mean it will attract the odious along with the oppressed, and the software doesn't decide which is which. But why is decentralization worthwhile in the data use case? "Today, every piece of content and media you have is living somewhere owned by somebody," Ravikant explained. ... Then the conversation took a turn that I have to admit made me roll my eyes at first. "If someone creates a new Pokemon card game or a Magic the Gathering card game" online, he continued, the characters are "living and owned by a certain company in a certain format. You can't just go and reuse those assets."

IOT Security Needs A White Knight

wireless network - internet of things [iot]
A lack of quality control and the presence of a host of very old devices on IoT networks might be the most critical security threats, however. Decades-old hardware, which may not have been designed to be connected to the Internet in the first place, let alone stand up to modern-day security threats, creates a serious issue. “You have over 10 billion IoT devices out there already … and a lot of these devices were created in 1992,” noted Sarangan. Moreover, the huge number of companies making IoT-enabled hardware makes for a potentially serious problem where quality control is concerned. Big companies like Amazon and Microsoft and Google make headlines for their smart home gizmos, but the world of IoT is a lot broader than that. China, in particular, is a major source of lower-end IoT devices – speakers, trackers, refrigerators, bike locks and so on – and it’s not just the Huaweis and Xiaomis of the world providing the hardware.

Forget the CES hype, IoT is all about industry

Forget the CES hype, IoT is all about industry
In addition to all the new product previews, this year’s CES is full of summits, seminars, presentations and other sessions devoted to helping consumer products companies make, sell, deploy and monetize everything from smart cars and smart homes to smart cities. But I’m here to tell you that none of that really matters much to the future of the Internet of Things (IoT). Nope, despite the CES hype, the IoT is really all about industrial and business devices, networks and applications. Here’s the thing: The consumer side of IoT is consumed by the faddish and spectacular, not the everyday and useful. Just consider the kind of IoT products that have been featured at CES in previous years: There was the infamous smart toothbrush (expect more of those this year, too), not to mention smart hairbrushes and refrigerators. Not exactly must-haves for most people.

Quote for the day:

"An approximate answer to the right problem is worth a good deal more than an exact answer to an approximate problem." -- John Tukey

Daily Tech Digest - January 14, 2018

Strategy and Innovation Roadmapping Tools

EIRMA Roadmapping ViewThe ways of doing roadmapping have existed for some time, but supporting software has not. Motorola is credited with the development of roadmapping in the 1970s to support integrated product and technology strategic planning. Unfortunately, many have struggled with drawing, and coloring boxes and connecting lines in different tools for over 20 years. This doesn’t have to be the case today. ... Added analytical capabilities in this group of strategy and innovation roadmapping tools may cover techniques such as scenario planning , Delphi, Blue Ocean and more . Such analysis may be disconnected from in-flight efforts; but, such analysis may also allow for future plans to be considered in light of current state results. Analysis techniques for the Marketplace are also integral to creating and delivering strategy and innovation in many organisations. The marketplace we’ve profiled in our Market Guide for Strategy and Innovation Roadmapping Tools supports many of these techniques

NASA Awarded A Grant For Ethereum Blockchain-Related Research

Among the goals of the program are measures to protect NASA vehicles from collisions with space junk orbiting the earth, which can damage or completely incapacitate them, and the processing of highly complex data. At the helm of the research project is Dr. Jin Wei (sometimes credited as Jin Kocsis or Jin Wei Kocsis), an assistant professor with the University of Akron's Department of Electrical and Computer Engineering.  A write-up published by the Collier Report of US Government Spending, which shares a significant amount of language with a project summary ostensibly penned by Wei, describes plans to develop a "data-driven resilient and cognitive networking management architecture." Wei's team will also conduct research into decentralized computing mechanisms that could prove instrumental in processing "the massive amount of high-dimensional data" often collected by NASA spacecraft.

By 2020 83% Of Enterprise Workloads Will Be In The Cloud

By 2020 83% Of Enterprise Workloads Will Be In The Cloud
Digitally transforming enterprises (63%) is the leading factor driving greater public cloud computing engagement or adoption today. 66% of IT professionals say security is their most significant concern in adopting an enterprise cloud computing strategy. 50% of IT professionals believe artificial intelligence and machine learning are playing a role in cloud computing adoption today, growing to 67% by 2020. Artificial Intelligence (AI) and Machine Learning will be the leading catalyst driving greater cloud computing adoption by 2020. These insights and findings are from LogicMonitor’s Cloud Vision 2020: The Future of the Cloud Study. The survey is based on interviews with approximately 300 influencers LogicMonitor interviewed in November 2017. Respondents include Amazon Web Services AWS re:Invent 2017 attendees, industry analysts, media, consultants and vendor strategists. The study’s primary goal is to explore the landscape for cloud services in 2020.

Blockchain: can the law keep up?

The legal implications of a disruptive technology such as blockchain vary as the technology is applied to different sectors and applications. Some of the key considerations are as follows: ... Distributed ledger technology is, just as described, distributed. There is no fixed location of a transaction, a registry or an application. It is therefore critical that the parties to any arrangement involving this technology have expressly agreed and recorded the jurisdiction and governing law which is to apply to the arrangement. Some jurisdictions are starting to address the legal and regulatory matters around blockchain. ... Contractual and legal issues must be seen from a different angle with blockchain technologies. How are service levels and performance defined? What is the liability position? In particular, the enforceability of an arrangement involving blockchain should be considered carefully.

The Future of Humans - Intersection of HR & AI

Artificial intelligence is transforming our lives at home and at work. At home, you may be one of the 1.8 million people who use Amazon's Alexa to control the lights, unlock your car, and receive the latest stock quotes for the companies in your portfolio. In total, Alexa is touted as having more than 3,000 skills and growing daily. In the workplace, artificial intelligence is evolving into an intelligent assistant to help us work smarter. Artificial intelligence is not the future of the workplace, it is the present and happening today. Time is not far when AI will be contributing to every business function to make transactions effective & efficient. Human Resources will not be able to stay form it for a long time and all HR professionals should embrace this change gracefully and make the most of it. Artificial intelligence is all about analysing, breaking down and transforming data into humanized format, which is easy to interpret and study. A good example of AI is the suggestions and predictions that we get from our smartphones without having to be reminded for the same.

Why the Organisation of the Tomorrow is a Data Organisation

A car company should no longer see itself as a car manufacturer, but as a software company that is in the business of helping move people from A to B. It should look at how the company can do so in the most reliable, comfortable and safe way. Whether it produces cars, self-flying taxis or develops an Uber-like app are then questions that can be asked. The same goes for, for example, a bank. They are not a financial institution, but a data company that enables people to store money and make transactions safely. Whether this is done using a cryptocurrency or as a mobile-only bank are then questions that can be asked. Nowadays, any company, regardless of the industry, should see itself as a data company. When seeing an organisation as a data company, it allows you to remove any inhibitors that prevent the business from delivering the product or service in the most efficient, effective and customer-friendly way.

Machine Learning's Greatest Potential Is Driving Revenue In The Enterprise

These and many other insights are from the recently published study, Global CIO Point of View. The entire report is downloadable here (PDF, 24 pp., no opt-in). ServiceNow and Oxford Economics collaborated on this survey of 500 CIOs in 11 countries on three continents, spanning 25 industries. In addition to the CIO interviews, leading experts in machine learning and its impact on enterprise performance contributed to the study. For additional details on the methodology, please see page 4 of the study and an online description of the CIO Survey Methodology here. Digital transformation is a cornerstone of machine learning adoption. 72% of CIOs have responsibility for digital transformation initiatives that drive machine learning adoption. The survey found that the greater the level of digital transformation success, the more likely machine learning-based programs and strategies would succeed. IDC predicts that 40% of digital transformation initiatives will be supported by machine learning and artificial intelligence by 2019.

Key considerations of AI, IoT and digital transformation

IoT is a key driver of both the machine learning and AI craze. With the volume of data produced by machines and people on a daily basis becoming unmanageable, it has become increasingly difficult to make use of this information — and the proliferation of connected sensors only serves to further up the ante. Without AI and machine learning, making heads from tails of this data is downright difficult and creates problems for businesses looking to use their data. With digital transformation at the forefront of many business initiatives, applying AI to IoT can help drive the innovation and business effectiveness that many companies are hoping to achieve. Applied correctly, companies can change the way they operate through the use of these digital technologies to realize key competitive differentiators. Some industries are more proactive in this regard than others, which is best observed in Constellation Research’s recently released “Business Transformation 150.”

In 2018, AI will be listening and watching us more than ever: Is our privacy under threat?

Finding Alexa or Google Assistant (or even both) inside a television or speaker is no longer a surprise. But as the smart home of the future finally becomes an attainable reality, artificial intelligence is appearing everywhere. At CES it was in fridges and ovens, washing machines, dryers and even light switches. Yes, we are at a stage where even the most humble of household devices — the light switch — has been given a microphone, speakers, and a blue pulsating light to indicate when it is listening and thinking. Somehow, while our backs were turned, our light switches became intelligent. The revelation of widespread surveillance efforts by the NSA and Britain's GCHQ are still a recent memory. Yet the giants of Silicon Valley are fitting microphones and cameras in every room of our house. The Amazon Echo Spot is designed as a bedside alarm clock — yet it has a small camera, an always-listening microphone and an always-on internet connection.

Blockchain and the Rise of Transaction Technology

Administrations transact with citizens to provide them with trusted public services. They transact with businesses and governments, too. Sometimes citizens transact with government through business. Within strategic sectors, like energy or utility business, transacting is key. In an increasingly data-focused economy, transacting data can even be said to be a special type of virtualized critical infrastructure. This is why states and businesses need to focus on assuring trusted data structures. Blockchains and distributed ledgers, then, can be considered a tool for ensuring data integrity, immutability and trust. It does not mean we need to port everything to blockchain. But it can mean provide an additional, transaction layer to existing data structures, a robust audit trail on what happens on our critical infrastructure. In this way, the possible role of distributed ledgers within digital state infrastructure too often goes unrecognized.

Quote for the day:

"Strength is when you have so much to cry for but you prefer to smile instead." -- Unknown

Daily Tech Digest - January 11, 2018

Cybersecurity on a network
Industrial control systems (ICS) are everywhere. These systems play a critical role in nearly every industry around the world, including electric, water and wastewater, oil and natural gas, and transportation, as the smart technology of today and tomorrow is driven by these systems. This same widespread use and importance of ICS, especially those found in critical infrastructure, also makes them a primary target for bad actors, and the increasing use of the internet is only serving to magnify the potential for issues. According to Industrial Control Systems Vulnerabilities Statistics from Kaspersky, there were only two ICS vulnerabilities detailed in 1997 (the first year this information was recorded); however, these vulnerabilities are now much more commonplace, with 189 reported in 2015.

5 ways to establish dependable edge computing

Edge computing is set to grow dramatically in 2018 and beyond. As IoT devices continue to come online in droves of tens of billions, edge data centers will grow in prevalence too, in order to collect, process and manage data when and where it’s being created. IT departments should expect to see tremendous growth and demand for reliable computing at the edge over the next few years. As edge data centers continue to play an increasingly important role in both the business and IT landscapes, we’ll see the standards for their level of predictability and uptime grow to match those that enterprises and consumers have come to expect from traditional, large data centers. So, how can you build an edge data center that’s reliable and generates value for your company? Here are five important ways IT departments should be building their edge data centers to help ensure end-to-end reliability and resiliency.

An intro to Studio 3T, a MongoDB IDE

An intro to Studio 3T, a MongoDB IDE
A good indication of whether a technology is in the plateau of productivity in Gartner’s hype cycle is when someone asks ”Is MongoDB dead?” on that bastion of, um, sane discussion, Quora. A second good indication is when there are productivity tools and at least a nascent third-party market around your technology. A third indication is when a third party creates an IDE for it: The growing third-party market is a key indication that MongoDB has moved from mere maturity to one of the dominant players in this market. Enter Studio 3T, a small European firm with its own sea mammal mascot and a reputation for being “the MongoDB GUI.” Its eponymous product is the successor to its MongoDB Chef. According to Studio 3T marketing chief Richard Collins, the company direction is as a full-fledged IDE for MongoDB. Studio 3T lets team collaborate on MongoDB charts across roles and skill levels, from the developer to the analyst to the DBA.

Report Discusses How to Approach Botnets, Cybersecurity Threats

Botnets and automated attacks include distributed denial of service (DDoS) attacks, ransomware attacks, and computational propaganda campaigns, the report noted. “Traditional DDoS mitigation techniques, such as network providers building in excess capacity to absorb the effects of botnets, are designed to protect against botnets of an anticipated size,” report authors wrote. “With new botnets that capitalize on the sheer number of ‘Internet of Things’ (IoT) devices, DDoS attacks have grown in size to more than one terabit per second, outstripping expectations. As a result, recovery time from these types of attacks may be too slow, particularly when mission-critical services are involved.” Stakeholders in all industries must be willing to coordinate and collaborate together to combat these threats. Problems must be proactively addressed “to enhance the resilience of the future Internet and communications ecosystem.”

Look at full security development lifecycle to reduce web threats

For smaller companies without a security team, this can help with patching and general security maintenance. However, it’s important to check the security measures they offer, especially in terms of security monitoring, distributed denial of service attack (DDoS) mitigation, their responsiveness to security incidents and their processes for dealing with incidents. If you need to host the website yourself, perhaps because you are delivering a web-based service that requires close coupling to your own systems, then you will need to make sure your own systems are protected and separated from the web server itself, to prevent the web server being used as a Trojan horse to attack your operational systems.  Whichever approach you take, supply chain security also needs to be considered. There have been instances over the past few years where an attacker has attacked a website tool developer and modified the code of the tools used to build a website so that every site they build includes backdoors open to the attacker, or pre-placed malware.

'Back to Basics' Might Be Your Best Security Weapon

Despite an influx of best-in-breed security technologies, organizations around the world are seeing a continued rise in cyber attacks. There are big implications. Financial consequences include immediate costs of investigating the breach and extend longer-term to include lawsuits and regulatory fines. Loss of customer trust can translate into declines in business. Perhaps most damaging is the impact of shutting down entire systems, which can grind operations to a halt. This is especially dangerous when the target is a critical healthcare, government, or utility provider. From the high-profile Equifax breach to payment compromises at hotel chains and retailers, security teams are increasingly under pressure to not only determine why this is happening but what can be done to fix or prevent these problems. For many companies, getting "back to basics" could be one of the most effective weapons in the war on cyberattacks.

How Cisco’s newest security tool can detect malware in encrypted traffic

Cisco ETA security
ETA collects metadata about traffic flows using a modified version of NetFlow and searches for characteristics that indicate the traffic could be malicious. It inspects the initial data packet, which is translated in the clear, even in encrypted traffic. It also records the size, shape and sequence of packets, how long they take to traverse the network, and it monitors for other suspicious characteristics such as a self-signed certificate, or whether it has command-and-control identifiers on it. All of this data can be collected on traffic, even if its encrypted. “ETA uses network visibility and multi-layer machine learning to look for observable differences between benign and malware traffic,” Cisco explains in a blog post announcing ETA. If characteristics of malicious traffic are identified in any packets, they are flagged for further ianalysis through deep packet inspection and potential blocking by an existing security appliance like a firewall.

Researchers uncover major security vulnerabilities in ICS mobile applications

Specifically, the research revealed the top five security weaknesses were: code tampering (94% of apps), insecure authorization (59% of apps), reverse engineering (53% of apps), insecure data storage (47% of apps) and insecure communication (38% of apps). “The flaws we found were shocking, and are evidence that mobile applications are being developed and used without any thought to security,” said Bolshev. “It’s important to note that attackers don’t need to have physical access to the smartphone to leverage the vulnerabilities, and they don’t need to directly target ICS control applications either. If the smartphone users download a malicious application of any type on the device, that application can then attack the vulnerable application used for ICS software and hardware. What this results in is attackers using mobile apps to attack other apps.”

Embark upon ITSM asset management with systematic tagging

Tags are just text strings attached to devices and infrastructure as part of an ITSM asset management strategy. A tag is a key-value pair, seen as metadata. It assigns common attributes to assets, so they can be logically defined and grouped. A simple key-value pair example that would prove useful for ITSM asset management is the following: stack = production. In this example, the IT infrastructure team applies the stack tag to all production servers when they are built. When the administrator needs to perform system management, such as an update, he puts the tag productioninto an update query to restrict any operations to those servers tagged with production. Other key-value pair examples include owner = QAteam and location = LosAngeles. Using this set of tags in an update rollout, the global IT manager can apply changes only to servers owned by the quality assurance (QA) team and located in the Los Angeles data center.

Humans and machines in one loop—collaborating in roles and new talent models

In the near future, human workers and machines will work together seamlessly, each complementing the other’s efforts in a single loop of productivity. And, in turn, HR organizations will begin developing new strategies and tools for recruiting, managing, and training a hybrid human-machine workforce. Notwithstanding sky-is-falling predictions, robotics, cognitive, and artificial intelligence (AI) will probably not displace most human workers. Yes, these tools offer opportunities to automate some repetitive low-level tasks. Perhaps more importantly, intelligent automation solutions may be able to augment human performance by automating certain parts of a task, thus freeing individuals to focus on more “human” aspects that require empathic problem-solving abilities, social skills, and emotional intelligence.

Quote for the day:

"The struggle you're in today is developing the strength you need for tomorrow." -- Robert Tew