June 04, 2014

CSO: System logging a vital computer security tool
Where's the data that people are going to build that intelligence from? I still see system logging as a really interesting piece of it. At Tenable, we're pushing a strong continuous monitoring model: Being able to collect information about everything that's going on in your systems and your networks at all times. It's going to shorten your response time in the event of a breach. It's going to allow you to improve your security if you identify things that are going wrong. It's going to allow you to have a clue of how your systems and network are being used.


Java Foreign Function Interface
JEP 191 provides a Foreign Function Interface at the Java level, similar to JNA or JNR. It will allow easy access to native functions, and will manage native memory at the JVM level. It will also support a future JSR for a standard Java FFI. The Java FFI API can be used for implementing native-backed features like NIO, advanced file system metadata, and process management. Using the FFI API will be the preferred way to bind native code and memory, instead of JNI. JEP 191 does not include enhancements to JNI, although these may go into the JSR process. JNI is the current standard programming interface for writing Java native methods and embedding the Java virtual machine into native applications.


Intel wants your next PC to have no wires
Intel is also chasing wireless charging. Laptops and tablets will be able to recharge simply by putting them on tables or other surfaces, much like smartphones and tablets, Skaugen said. Intel is leading the development of new wireless charging specification that will support power delivery of 20 watts and more to enable magnetic resonance wireless charging of laptops. Skaugen showed a laptop being charged wirelessly when placed on a table. The screen got brighter as the laptop got closer to the table, indicating that the PC was being wirelessly charged. Skaugen also showed a Lenovo Yoga laptop with wireless charging.


Beyond Cortana: What artificial intelligence means for the future of Microsoft
Cortana is, at heart, a user experience for an artificial intelligence, as Lee says. "What the user sees is a UI that's intended to be like a personal assistant, built using the basic building blocks for natural interaction," he says. It's the AI behind it that's handling much of what it does — or rather, a series of different neural networks and rules engines that are the closest to AI we have today. They're designed to make inferences from your personal data, to be prescient (not creepy). It's here that Nadella's ambient intelligence comes in to play, As Lee asks: "Can we mine all the data we have access to, and then extract intelligence?"


The Amazon Model: If You Can’t Beat ’Em, Work with ’Em
Amazon has successfully employed the coopetition strategy in three distinct phases, the authors found, all of which had a significant impact on the company’s performance as well as the global book business. Following the introduction of the Amazon Marketplace, the second coopetitive rollout occurred in the spring of 2001. Though it initially began as an agreement with Borders—one of Amazon’s stiffest bricks-and-mortar rivals—to operate Borders’ online store, the platform gradually expanded to help many different retailers, including Netflix, through Amazon Services.


Google, in promoting encryption, calls out Microsoft and Comcast
The use of encryption has gained added attention since last year's leaks about U.S. government surveillance, prompting more service and software providers to promise customers they'll keep their data safe. Encryption is meant to scramble messages and other data so it can only be read by the sender and receiver. Google has been encrypting all Gmail messages by default since 2010. But encryption only works when it's supported by email providers at both ends of an exchange. In the figures it released Tuesday, Google said between 40 percent and 50 percent of all emails sent between Gmail and other providers during May were not encrypted in transit.


Apache Kafka: Next Generation Distributed Messaging System
Kafka is a fast, scalable, distributed in nature by its design, partitioned and replicated commit log service. Apache Kafka differs from traditional messaging system in: It is designed as a distributed system which is very easy to scale out; It offers high throughput for both publishing and subscribing; It supports multi-subscribers and automatically balances the consumers during failure; It persist messages on disk and thus can be used for batched consumption such as ETL, in addition to real time applications. In this article, I will highlight the architecture points, features and characteristics of Apache Kafka that will help us to understand how Kafka is better than traditional message server.


Heartbleed attack research shows risk to enterprise wireless networks
Not enough testing has been done on Cupid to know exactly what details could be exposed in the memory of vulnerable systems, Grangeia noted, but he speculated that the private key used for the TLS connection and the credentials used to authenticate the connection are likely to be compromised in such an attack. Grangeia did confirm that the default installations of wpa_supplicant, hostapd and freeradius are all exploitable via Cupid on systems running Ubuntu with a vulnerable version of OpenSSL. Android users running versions 4.1.0 and 4.1.1 with a vulnerable OpenSSL implementation may also be susceptible to Cupid, said Grangeia, because all versions of Android use wpa_supplicant to connect to wireless networks.


Facebook encrypts data links to hinder government intrusion
Getting encryption across Facebook was important, but not an easy task, Stefancik said. "We like encryption because it is mathematically strong, we understand its properties, it's easier to control, but that said, it is really hard to deploy. It's not like we wake up one morning and flip a switch. It has performance implications, there's still compatibility issues between devices," he said. But the benefits were good, and Facebook as a site was encrypted 100 percent on by default for all interactions with users as of last year, he said. Facebook has four teams responsible for security: technical security, security infrastructure, site integrity, and safety, but Stefancik said that everyone in Facebook was taught to keep security front and centre in mind.


Scalability from datacenter to IoT: Q&A with Intel
Actually our approach to IoT has been pretty interesting. When Brian Krzanich our CEO introduced the concept of IoT, we took two approaches - one is to go to the industry first which is our usual way, the other way was to introduce the concept to the open community. We are supporting the maker community with products like Galileo and Edison directly through the community. We have taken a completely different approach. This has opened up these products to innovations from different areas, from schools, from small system integrators, and from individuals.



Quote for the day:

"The real leader has no need to lead - he is content to point the way." -- Henry Miller