September 01, 2014

CryptoWall ransomware held over 600,000 computers hostage, encrypted 5B files
The CryptoWall command-and-control servers assign a unique identifier to every infection and generate RSA public-private key pairs for each one. The public keys are sent to infected computers and are used by the malware to encrypt files with popular extensions -- movies, images, documents, etc. -- that are stored on local hard drives, as well as on mapped network shares, including those from cloud storage services like Dropbox and Google Drive. Files encrypted with an RSA public key can only be decrypted with its corresponding private key, which remains in the possession of the attackers and is only released after the ransom has been paid.


Business Services: What are they, really?
As a starting point, we can focus on the business processes from the process landscape comprised of core and noncore functionality. These processes can usually be represented at various abstraction levels referred to as process levels in a process model (e.g. descriptive, analytical/operational, and executable). Business services can then be identified and extracted from these levels with a top-down approach. Higher abstraction levels provide inputs for composite Business services, while lower levels provide inputs for fine grained candidates. Such a focus on processes and Business service candidates would also help identify functional redundancy across the enterprise. Still the results from such approach may differ from one organization to another.


Q&A with Marshall Van Alstyne, Research Scientist MIT Center for Digital Business
I think of “platform” as a combination of two things. One, a set of standards or components that folks can take up and use for production of goods and services. The second thing is the rules of play, or the governance model – who has the ability to participate, how do you resolve conflict, and how do you divide up the royalty streams, or who gets what? You can think of it as the two components of the platform—the open standard together with the governance model. The technologists usually get the technology portion of it, and the economists usually get the governance and legal portions of it, but you really need both of them to understand what a ‘platform’ is.


Big Data’s Two-Way Customer Conundrum
Yes, big data can address all of those things as well, though you won’t hear this side of the industry touted as its biggest benefit. And yet, it certainly should be. By approaching big data as a customer-centric imperative, not merely a money-making strategy (though that is important as well), companies can use it to a customer’s benefit. The end game: better customer service, increased convenience, greater brand loyalty and, ultimately, higher customer lifetime value from every single customer that engages with a brand.


Nigeria launches new biometric ID card - brought to you by Mastercard
"There are many use cases for the card, including the potential to use it as an international travel document," Onyemenam said. "NIMC is focused on inclusive citizenship, more effective governance, and the creation of a cashless economy, all of which will stimulate economic growth, investment and trade." The new cards carry two photographs of the holder, and a chip storing an individual's biometric information including 10 fingerprints and an iris scan using a system developed by Cryptovision. Nigeria first attempted to introduce identity cards 10 years ago and, as well as modernising the service delivery and improving bureaucracy ...


UK lags France and Gemany in big data analytics, but sees itself ahead
British IT executives seem to be more drawn to the view that doing big data means employing MapReduce and NoSQL specialists rather than taking a “holistic view of how new data types can be joined to relational data”, said Duncan Ross, director, data science at Teradata. MapReduce is a programming model for large-scale data processing, and the Hadoop framework is an example of it. Ross added: “It is possible that this is a side-effect of the UK being slightly ahead of Europe on the big data bandwagon, and seeing it more as a technology-focused activity than a business one.


Five SDN protocols other than OpenFlow
While the Open Networking Foundation defines OpenFlow as the first standard communications interface between the control and forwarding layers of an SDN architecture, it may not remain the predominating protocol. With all of its promise, OpenFlow also poses a slew of challenges from scalability to security. Most troubling, network vendors must create supporting switching in order for OpenFlow to take hold industry wide. While most network vendors have already developed OpenFlow-based equipment, they're also designing SDN architectures that use alternate communication methods -- including existing networking protocols, such as MPLS and NETCONF.


The future of mobile commerce is commerce
“Mobile commerce” is a bit of a rabbit hole. As a concept it makes sense to look at all the ways in which users will transact on their mobile devices. But mobile commerce encompasses a number of entirely different spaces. A Square-enabled mobile POS, a video game offering in-app purchases, FeLiCa’s tap-to-pay system at train stations, and a retailer’s mobile-enabled website all fit the criteria, but there’s very little overlap. The spectrum of mobile commerce into can be divided into six distinct areas:


Will the meteoric rise of Android popularity result in an insecure platform?
This particular topic is very hard to nail down. First of all, you have to know what mobile malware is. Google is constantly on the lookout for malware-infected apps. What constitutes a malware-infested app? Let's take a look at one of the most recent notorious pieces of mobile malware to hit Android -- BadNews. This malicious code looked like a framework for serving up ads in ad-based software. What the code did was send your private data (including phone number and IEMI) to a server (not surprisingly, a Russian server). It can't be debated that this is malware. Google recently removed 32 applications (mostly Russian language) from the Play Store that contained the BadNews code.


Stories of Collaboration in Remote Teams
Lisette Sutherland and Elinor Slomba have been collecting and sharing stories from people whose business models depend upon getting remote teams right. These stories showing how remote TEAMS COLLABORATE, bridge distance, build trust and get things done together will be described in the upcoming book Collaboration Superpowers: The Field Guide. InfoQ interviewed Lisette and Elinor about how people work in remote teams, which tools they use to collaborate and communicate, and what it takes to work remotely as a team.



Quote for the day:

"A life spent making mistakes is not only more honourable, but more useful than a life spent doing nothing" -- GB Shaw