April 19, 2013

CISPA permits police to do warrantless database searches
CISPA is controversial because it overrules all existing federal and state laws by saying "notwithstanding any other provision of law," including privacy policies and wiretap laws, companies may share cybersecurity-related information "with any other entity, including the federal government." It would not, however, require them to do so.


Xamarin Announces Mobile Cloud Testing Service
In a pre-release briefing, Friedman noted that Xamarin Test Cloud not only simplifies the testing process, but also makes it more robust. He explained that Xamarin Test Cloud uses object-based UI testing, which provides a stronger method for defining proper UI behavior than methods used by other UI testing tools (such as testing based on image recognition or gesture recording). Object-based testing also allows for "cross-platform test cases that adapt automatically as the UI changes," according to the Xamarin Test Cloud press release, which allows "tests [to] continue working even if changes are made to the app UI."


Unity vs. MEF: Picking the Right Dependency Injection Manager
Out of the box, MEF provides the most functionality, but has an implementation that I still think of as "quirky." And, prior to the .NET Framework 4.5, you must add attributes to a class to have it work with MEF -- you can't use MEF with Plain-Old CLR Objects (POCOs). Unity, on the other hand, works in a more obvious and natural way, making it easier to integrate into your application -- and Unity does work with POCOs.


Avoid the most common mobile development strategy mistakes
"The most common mistake architects are making is that they aren't thinking in a broad enough context. They are just thinking in terms of 'should I build a mobile application' or 'should I build a native app.' There are a lot more issues to think about," said Anne Thomas Manes (@atmanes), a VP and Distinguished Analyst at Gartner. ..."There's all of these different dimensions that go into this architectural model, so you have to make sure you've come up with the right set of questions to help you determine what is the right architecture," Manes said.


Mobile a top priority for Yahoo in 2013, Mayer says
How Yahoo will accomplish that goal is not immediately clear -- it has yet to announce any specific mobile apps or services it has in the pipeline -- but it was an objective oft-repeated during the company's first-quarter earnings call. But if the "how" is not clear, the "why" is more evident. Mobile is top of mind for all Internet firms, Google and Facebook included, and mobile will be crucial to Yahoo's efforts to increase user engagement and expand advertising revenue.


Schnucks supermarket chain struggled to find breach that exposed 2.4M cards
Increasingly, attackers have been resorting to techniques like hiding stolen data inside legitimate files and encrypting data to evade detection. "They cloak their malware or hide it within seemingly innocuous files so that it's very difficult to detect," she said. Existing forensics tools are not good enough at finding these attacks within hours, or even days, she said. "And the network and enterprise security tools are not smart enough to detect the hacking ... when it occurs.


BI architect has new options to meet growing data, analytics demands
"At one time, the options for analyzing data were limited to the products of a few big players and a handful of best-of-breed startups. Now there are a lot of options out there," said Joe Caserta, president of Caserta Concepts LLC, a New-York-based data warehouse consulting and training company. Caserta is also co-author -- with BI and data warehousing consultant Ralph Kimball -- of The Data Warehouse ETL Toolkit.


IT supply-chain security standard aims to prevent counterfeits, tampering
It seeks to lay out best practices in design, sourcing, building, fulfillment and other facets of supply chain distribution, including for integrators. It addresses the huge concern that fake or tampered electronics, hardware and software is being sold, a concern that has been voiced specifically by the U.S. government and the Department of Defense in particular.


High-density cloud databases: NuoDB + Moonshot
Enter project Moonshot, HP's new server initiative that focuses on high-density concentration of servers, each with very low-energy consumption. HP announced availability of its Moonshot offering, based on Intel S1260Atom processors, on April 8. With that product, a single 4.3U system contains 45 discrete physical servers.


KeyBox makes controlling your servers easier
Technically speaking, the KeyBox web pages and forms that you see in your browser are generated by the Jetty Open Source Web server (alternative home page here). All sensitive data are stored into an SQLite3 database, which is a single file called keybox.db. Jetty comes with the Java project management tool called Maven. A nice little introduction to creating web services with Jetty and Maven is here. Luckily, you don’t really need to study all this stuff to use KeyBox.



Quote for the day:

"Opportunity always involves some risk. You can?t steal second base & keep your foot on first!" -- Joseph Heller