December 31, 2014

The Greatest Tech Wins and Epic Comebacks of 2014
While 2014 didn't bring much in the way of revolutionary technology, it was a great year for refinement. The products and services we've relied on for years became cheaper and more accessible, while once-difficult concepts like virtual reality and mobile wallets starte to look a little more practical. And if you look hard enough, you can even find some examples where the government didn't screw everything up. Here are the top 10 products, companies and ideas that emerged victorious in the tech world this year.


REST-y Reader
In the first list are books that speak directly to the work of HTTP, APIs, REST, and Hypermedia. These are certainly not the only books on these subjects but they are the ones I find myself referring to most often in my own work. The second list contains books that, while not directly in the field of APIs, have affected my thinking on the way we design and implement stuff on the Web. I had a hard time narrowing down this list and there are quite a few more I’d add but I’ll save that for another time. Finally, I added a section named "Other Resources." These are sources that I have found useful over time that are not in full-on book form.


11 things to consider before going to work for a startup
The fact of the matter, according to Robert Half Technology data, is that 8 out of 10 employees prefer the structure and stability of an established organization over the volatility of the startup market ... We hear a lot about startup success stories, but the fact is that most fail. Different statistics put the average failure rates from 40 percent to as high as 90 percent. According to this Wall Street Journal article, 3 out of 4 startups fail. What does that mean for you? It means you’ve got to do your research and make sure the organization you go with has the best chances of survival.


The Top Technology Failures of 2014
All successful technologies are alike, but every failed technology flops in its own way. Success means a technology solves a problem, whether it’s installed on a billion smartphones or used by a few scientists carrying out specialized work. But many—maybe most—technologies do not succeed, typically because they fail to reach the scale of adoption that would make them relevant. The reasons for failure aren’t predictable. This year we saw promising technologies felled by Supreme Court decisions, TV cameras, public opinion, and even by fibbing graduate students.


Technology’s Impact on Workers
The internet and cell phones have infiltrated every cranny of American workplaces, and digital technology has transformed vast numbers of American jobs. Work done in the most sophisticated scientific enterprises, entirely new technology businesses, the extensive array of knowledge and media endeavors, the places where crops are grown, the factory floor, and even mom-and-pop stores has been reshaped by new pathways to information and new avenues of selling goods and services. For most office workers now, life on the job means life online.


Nine insanely long-running tech lawsuits
At the center of Charles Dickens's Bleak House is the fictional court case of Jarndyce and Jarndyce, a dispute over an inheritance that has gone on for decades. It may have been inspired by the legal wrangle over the estate of William Jennens, which incredibly dragged on for more than a century and ended only when legal fees had devoured all that remained of Jennens's vast wealth. The tech industry has seen a number of long-running lawsuits as well. While none have gone on for quite so long, the fast pace of technological change means that often, no matter who wins or loses, the tech world has changed so much by the time the verdict arrives that it becomes difficult to remember what the argument was about in the first place.


Delivery by drone: French postal video shows it can be done
News reports say from France say the test took place near the town of Pourrières, which is in the southern region of Provence. La Poste has not specified when the service will be in full swing, but suggested that it anticipates using Géodrone to provide service to residents in remote mountainous and maritime regions. The Géodrone project represents another impressive achievement for France’s emerging unmanned aircraft industry. Earlier this year, drone enthusiasts in the Alps conducted a Star Wars-style pod race in a French forest with the permission of the local government. Meanwhile, a researcher in Holland has showed how an ambulance drone can deliver a defibrillator to a heart attack victim in under two minutes.


Infrastructure Analysis -- A New Culture of Analytics
there is a significant amount of information that organizations can learn through deeper analysis of the underlying infrastructure. A time map of the time network architecture is useful for large corporate networks improving a legacy of unreliable, imprecise, un-adaptable time sources across the network and applications. A time map can identify, for example: an application server responsible for distributing unreliable time across the network and all applications that rely on it, time distribution networks falling out of sync when companies glue time distribution networks together ...  if the system is relying on the sources that sync back to the same source, and how far downstream the tie source is and how reliable it is.


India blocks 32 websites, including GitHub, Internet Archive, Pastebin, Vimeo
Internet users in India are starting to lose to access websites including GitHub, Internet Archive, Pastebin, and Vimeo under an order from India's DoT (Department of Telecom). It appears an order to block the sites issued on December 17 is taking effect -- albeit unevenly. Today, Centre for Internet and Society (Bangalore, India) Policy Director Pranesh Prakash posted a copy of the notice listing the 32 blocked URLs. ... Problems accessing GitHub are going to be especially painful for India's enormous developer workforce, and will definitely impact both India's domestic and outsourced software development business sector.


Windows Server cloud support unlikely bedfellow for Google
From Google's perspective, Microsoft is a dominant force in enterprise computing, any service that doesn't support Microsoft technologies could face extinction in the enterprise. The move also shows that Google is willing to open itself up to a competitor's technologies if it is in the best interests of mutual customers -- a trait Microsoft seems increasingly willing to manifest as well. Running Windows on Google may increase the likelihood of further price-competition wars in the cloud space. Google does not have much of an edge or a differentiator against Amazon Web Services (AWS) or Microsoft, so it is primarily left to compete on price.



Quote for the day:

"You have to put in many, many, many tiny efforts that nobody sees or appreciates before you achieve anything worthwhile." -- Brian Tracy


December 30, 2014

Consumerization Of Government Services Starts With Case Management
With a case-centric approach, agencies can track information more efficiently, make automated intelligent decisions, and route casework accordingly. This can mean serving a specific customer and fulfilling a request, or working across agencies to achieve a shared result, such as solving a crime, reducing the time required to determine whether a citizen is eligible for certain benefits, or even responding to a natural disaster and supporting recovery. The move to digital is critical if agencies wish to improve their standard of service -- and it means taking a holistic perspective at how your agency interacts with customers and considering new ways to leverage technology.


The World's Biggest Data Breaches, In One Incredible Infographic
In late November, hackers targeted Sony Pictures Entertainment in an unprecedented cyber attack. This led to the exposure of thousands of sensitive emails from Sony executives and threats to release more if the release of the film "The Interview" wasn't canceled. While this breach was indeed historically devastating, it's not the first successful cyber attack on a big corporate powerhouse. The folks over at Information Is Beautiful have put together an amazing infographic with the biggest data breaches in recenty history. You can see when the attack happened, who it happened to, and how large the impact was.


Alleged tech support scammers come up with all kinds of alibis to counter complaints
All four allegedly operated telemarketing scams where consumers were told that their Windows PCs were infected with malware or needed to be optimized to work properly. Some consumers had contacted the companies themselves after seeing their websites or search result ads, while others had been cold-called by the firms. The "help" provided was largely worthless, and in some cases the companies' representatives planted malware on the victims' PCs, the FTC and Microsoft charged. Customers were charged hundreds for the calls or fast-talked into expensive multi-year service contracts.


The Future of Everything? It’s About People Connecting with People
While a majority of organizations are starting to embrace social, mobile, real-time to various extents, if you really stop to think about it, they are simply running to where they think customers are rather than taking the time to understand why they’re in each channel, what they expect and how they (and you) define value. More importantly, there needs to be an integrated experience in these channels that align with the new customer journey that’s taking shape and evolving every day. The traditional funnel that exists today, or what I refer to in the new book as the Cluster Funnel, reflects how businesses are organized today.


The 2015 State of the U.S. Health & Fitness Apps Economy
It’s difficult to know what the best apps are for anything. So many apps populate Google Play and Apple App Store for each category that it is nearly impossible to know what is quality and what is merely mediocre. To help people understand what the best apps are for tracking their health & fitness and medical goals, Applause, the 360º app quality company, introduces the ARC 360 research report on The 2015 State Of The U.S. Health & Fitness Apps Economy. The report also helps companies determine where they stand in terms of quality vis-à-vis their competitors.


Designers Are Ditching The Mouse For The “Flow” 3D Motion Touch Controller
Co-founder Tobias Eichenwald thinks there are better ways to work than squinting at a screen. He wants Flow to let you control your computer “blindly, unconsciously, naturally” — like a guitar. Normally, designers have to dig through Photoshop menus, then use a clumsy mouse or hit the bracket button, which changes things in increments that are too big. “You can never do pixel-perfect graphics” says Eichenwald. With Flow, you can bump up or down the hue or brush size in Photoshop, alter model angles in AutoCAD, switch layers in Illustrator, select frames in a video editing app, and more.


5 Hyperscale Lessons For Mainstream Datacenters
In 2014, industry watchers have seen a major rise in hyperscale computing. Hadoop and other cluster architectures that originated in academic and research circles have become almost commonplace in the industry. Big data and business analytics are driving huge demand for computing power, and 2015 should be another big year in the datacenter world. What would you do if you had the same operating budget as one of the hyperscale datacenters? It might sound like winning the lottery, or entering a world without limitations, but any datacenter manager knows that infrastructure scaling requires tackling even bigger technology challenges -- which is why it makes sense to watch and learn from the pioneers who are pushing the limits.


2015 Prediction: FinServ & Regulators Will See Opportunity in Internet of Things
some legal gray areas might be whether it would be okay if a third party aggregated the farm information, combined it with satellite imagery of fields, and sold subscriptions to trading shops? If so, would that service come under regulatory scrutiny? And if that data could affect share price, how public would this data be? Would regulators call foul on firms that could not correlate the sensor data and flag suspicious employee behavior? What responsibility would a firm have to adopt these surveillance measures? "Regulators are going to be tapping into all these techniques and speeding up," Bates said. It is very probable they will leverage sensor data to track more people and things, just as firms will use the data to innovate their strategies.


Neglected Server Provided Entry for JPMorgan Hackers
The relatively simple nature of the attack — some details of which have not been previously reported — puts the breach in a new light. In August, when Bloomberg News first reported on the attack, which ultimately compromised some account information for 83 million households and small businesses, the bank’s security experts and the Federal Bureau of Investigation feared a sophisticated adversary. Some suspected the attack, possibly with backing from Russia, was intended as retaliation against economic sanctions levied by the United States and its allies in response to Russia’s policies in Ukraine. By mid-October, however, that theory began to fray, and the F.B.I. officially ruled out the Russian government as a culprit.


WiFi Preps for 5G, IoT Roles
The so-called NG60 study group has had just two meetings so far and may require as much as two years to complete its first draft standard. It is working on an upgraded version of the 60 GHz version of WiFi, 802.11ad, capable of delivering 20 Gbit/s over a very short range. Ultimately, NG60 also may include hardware support for mesh networks that could deliver a Gbit/s over 200 to 400 meters for backhaul links on small-cell base stations. Researchers at InterDigital Inc. are building a prototype of a 60 GHz directional mesh architecture using electronically steered phased array antennas that could support up to five hops.




Quote for the day:

"Great things are not something accidental, but must certainly be willed." -- Vincent van Gogh


December 29, 2014

5 Insights From The SEC Whistleblower Program Annual Report That Will Impact 2015
2014 showed a record growth of tips and complaints submitted to the SEC whistleblower program (over 10%), matched with a record number of awards. ... The SEC has authorized 14 whistleblowers to receive awards since the inception of the program, but 9 of these were in 2014. A partner with law firm Proskauer Rose L.L.P. in Chicago, Steven J. Pearlman, commented on the growth trend mentioned in the report, “I think that we would expect to see for the fiscal year 2015 report is another increase, and probably a marked increase, because of the $30 million award. The concern from an employer perspective is that this may very well lead to a lottery-playing dynamic.”


Amazon’s 2014 Holiday Sees Mobile Shopping Approach 60% Of Total Volume
Last year, Amazon reported that more than half of its customers were using mobile devices to shop, so there’s relatively little change with this year’s total only ‘approaching’ 60 percent. Still, both represent a huge change from prior holiday shopping seasons, indicating that transactions on mobile devices is becoming the default option, and that this isn’t just a fleeting fad or freak occurrence. Amazon’s Prime membership increase is likely the Christmas gift Jeff Bezos is most excited about, as their premium service tier is arguably the key to the company’s long-term strategy, as well as its revenue and profitability goals.


The Cost Of Healthcare Data Access
Reading this might already be alarming some business leaders out there. Some clinicians might argue that better shielded data could hurt patients. But wait, hear me out. I'm not proposing a SIPRNet for healthcare. I'm suggesting that first we must assess whether the efficiency of anywhere, anytime access to data is worth the risk of harm to our organizations and even to us personally, should armed assailants target us. Curbing remote access to data that isn't needed remotely is a great first step. Second, I'd like to call for new information delivery technologies capable of differentiating between internal and external access, and behaving accordingly so that large quantities of data can't be accessed from outside our protected networks.


Technology That Took Us a Step Back
Recently Reddit asked if you could erase one discovery or invention, what would it be. Some of the non techie ones included: Land mines, leaded petrol, napalm, children's beauty pageants, one-ply toilet paper, glitter, 24 hour news networks and reality television. In this slideshow we pluck out a few techie-related ones. Add to the list in the comments section below.


HP named leader in 1st Magic Quadrant for Deduplication Backup Appliances
Gartner published its first ever Magic Quadrant for Deduplication Backup Target Appliances to help storage professional’s short list vendors. We believe that this report is a testament to a growing recognition that backup and recovery is the next critical frontier in data center modernization. In the report, Gartner positioned HP within the Leaders Quadrant with only one other vendor. I want to share with you our take on the reasons why. “By 2018, 50% of applications with high change rates will be backed up directly to deduplication target appliances, bypassing the backup server, up from 10% today.”*


Cloud and analytics are forcing data center transformation
“High-performance computing, which used to be a bit of a niche market, is becoming mainstream as more people want to crunch their data. So this is blowing new life into HPC while the cloud is driving an all new model for compute,” Andreoli told theCUBE host Dave Vellante. As organizations adopt different approaches to implementing that model, HP is adding variety to its server portfolio. Most traditional enterprises are taking the converged infrastructure route, replacing their dis-aggregated architectures with integrated modules that combine hardware building blocks into a single chassis with built-in management software to reduce administrative overhead.


Five Rules for Strategic Partnerships in a Digital World
Partnerships have always been a critical strategy for businesses looking to grow in unfamiliar markets, tap new customer segments, or sell additional products or services. They have also always been notoriously tricky to make work. Too bad, because in today’s hypercompetitive, hyper-connected marketplace, partnerships have taken on even greater strategic importance and complexity. Both business-to-consumer and business-to-business companies are in an arms race to develop innovative user experiences, expand distribution, and capture new sources of monetization.


New Congress may move swiftly to raise H-1B cap
There is no certainty that these efforts to raise the H-1B cap will succeed, and it's possible that acrimony with the White House over immigration will derail action on an H-1B-specific bill. Another factor in the mix might be former Florida governor Jeb Bush, who may be about the closest thing to an announced candidate for the Republican presidential nomination that his party has right now. If Congress takes up any immigration issue, he may speak out. Bush, who recently announced on Facebook that he has "decided to actively explore the possibility of running for President of the United States," is a strong advocate for raising the H-1B cap, much like his brother, former President George W. Bush.


Six IT nightmares that will keep us all awake at night
Are you looking forward to 2015? I know I am. 2014 was okay, but I will definitely be glad to leave it in the past. But as we look forward to 2015, the lessons and experiences of 2014 will haunt us IT folks. So whether you're a CEO, CTO, CIO, CMO, CDO, CFO, CXO, IT manager or just a rank-and-file engineer, here's a list of what's going to cause nightmares and what we'll be cleaning up throughout the upcoming year.


Innovation Machine
Traditional financial accounting is a great way to run a business — and the most efficient way to kill new ideas. We have to agree on a new framework for accounting against early-and-mid-stage businesses before they’ve gained enough traction to be measured on revenue. This framework is based on three phases of product development and Dave McClure’s Pirate Metrics. Each phase has it’s own set of metrics that matter. “Do you have a problem worth solving?”



Quote for the day:

"Example is not the main thing in influencing others. It is the only thing." -- Albert Schweitzer


December 28, 2014

The future is Machine Learning, not programs or processes.
But how practical is such machine learning to simplify process management for the business user. Does it require AI experts or big data scientists and huge machines? Absolutely not, as it too uses the LESS IS MORE approach. Recognized patterns are automatically compacted into their simplest, smallest form and irrelevant information is truncated. But in 2007 it still used IT data structures and not business terminology. Using an ontology to describe processes in business language enables human-to-human collaboration and run-time process creation, and simplifies human-computer cooperation.


Hayim Makabee on the Role of the Software Architect
In this talk Hayim will present the practical aspects of the role of the Software Architect, including the architect’s contribution at the diverse stages of the software development life cycle, and the cooperation with the diverse stakeholders: Developers, Team Leaders, Project Managers, QA and Technical Writers. Hayim Makabee was born in Rio de Janeiro. He immigrated to Israel in 1992 and completed his M.Sc. studies on Computer Sciences at the Technion. Since then he worked for several hi-tech companies, including also some start-ups. Currently he is a Research Engineer at Yahoo! Labs Haifa.


From Print to Digital: Adopting Standards, Transforming Paradigms
Pearson is the world's largest education company,. Pearson executive Ryan Hunt will outline how digital and technology have triggered Pearson's reinvention as a worldwide learning provider rather than a textbook publisher, and how Pearson is leveraging and driving the development of global standards including instigating the EDUPUB initiative.


Next-Gen Business Analytics Paving the Way to Success in 2015
Business analytics give arrangements which help to settle on key choice and business strategies by gathering expansive data and information. You would find that it does have not simple but complex data like profits, losses, transactions, marketing return, customer feedback and so forth. Normally business analytics programming is utilized to create these sorts of information. This is not another term; however it has ended up being more exact and organized with time. Individuals frequently require a legitimate structure to assess the gigantic measure of data and information accessible.


2014 in Numbers: Huge Valuations, Shocking Security Stats, and a Big Climate Deal
55 percent: Proportion of the supposedly secure servers on Alexa’s list of the million most widely used websites that were vulnerable to a two-year-old vulnerability in the widely used encryption software library known as OpenSSL, including 44 of the top 100. When the flaw was found this year, many website operators scrambled to address the vulnerability, but patching efforts seemed to stall just months after the initial discovery, and hundreds of thousands of devices could still be vulnerable.


Cynefin 101 – Portfolio Management
The Cynefin practice of ritualised dissent is used here to review and validate the initiatives and this is something that most organisations are not good at. It is all too common, due to the siloed structure of most organisations, for an initiative to be proposed from an individual or small group of people without wide review and support. This technique ensures that a wide review is undertaken and therefore when it presented it is more likely to be complete and supported. The idea behind the practice are similar to UCL’s Vincent Walsh idea of ‘trashing’. Again the idea is that a proposal is reviewed in a rigorous manner to ensure that it fully formed. This practice ensures an objective review of the idea and removes the subjectively.


Identifying and Mitigating Multiple Vulnerabilities in NTP
Multiple Cisco products exhibit vulnerabilities when processing crafted Network Time Protocol (NTP) IP version 4 (IPv4) packets. These vulnerabilities can be exploited remotely without authentication and without end-user interaction. Successful exploitation could allow arbitrary code execution or result in a denial of service (DoS) condition. Repeated exploitation attempts could result in a sustained DoS condition. The attack vector for exploitation is through NTP using UDP port 123 over IPv4 packets. An attacker could exploit these vulnerabilities using spoofed packets.


A Guide to Choosing a Next-Generation Firewall
It is important to note that these five vendors were selected as they were highlighted in the most recent industry reports; they're not the only NGFW vendors on the market today and enterprises have other options. We simply highlight five of the highest rated devices according to NSS Labs' testing and our own evaluation of the products. ... The bottom line is that all of the products discussed here are from well-respected vendors and each provides a complete NGFW solution. Because of this, it will come down to the individual specs and features that will sway each buyer to one product over another.


Lockdown: Information Security Threats on the Edge of 2015
Look at information security threats. While the number of high-profile attacks may go up or down in any given year, there will always be attacks, and there isno "magic bullet" to prevent them from occurring. What does change is the scope. The adoption of new technologies leads to new attack vectors. Malware authors, malicious individuals and groups, and nation-states all have the necessary discipline (and in many cases, the resources) to exploit our increasing technology footprint.


JPMorgan Chase’s Weak Link—and What It Means for Healthcare
One is that the breach occurred during a period of high turnover in the bank cybersecurity team. It’s also possible that vetting of outside vendors might also have been an issue: he same group of hackers that penetrated the JPMorgan network attacked JPMorgan’s Corporate Challenge charitable race website, which was run by a separate company. Another issue is related to the bank’s size, and the difficulty of securing the networks of companies that had been acquired. In JPMorgan’s case, the name “Bank One”—a bank that was acquired in 2004—still appears in a web URL, according to the Times.



Quote for the day:

"Instead of worrying about what people say of you, why not spend time trying to accomplish something they will admire." -- Dale Carnegie

December 27, 2014

UPS ORION Advanced Analytics Case Study
We then learned another lesson on the difference between “feasible” and “implementable”. There must be a balance between consistency and optimality. Advanced optimizations are great at rearranging things to find the lowest cost alternative. But that means that from day-to-day, they could significantly change a route just to save a penny. As you can imagine, drivers don’t like this and neither do customers.  We chose to add business rules and subjective parameters to limit and control the day-to-day variations. This not only improved consistency and acceptance by the drivers, but made the solution from ORION more understandable to front-line personnel, all while continually improving the experience for our customers.


Microsoft and Google Make Odd Bedfellows
It’s true, their businesses are more similar than they used to be, or rather Microsoft has evolved to compete more directly with Google’s cloud model, but there are ways both of them benefit from some of the same trends and developments. Technology firms believe in technology solutions the way capitalists have faith in capitalism and the Pope accepts the Church as true. So, in many respects, you would expect Microsoft and Google to have a similar job of persuading all of us that technology is the answer to all our ills.


“Smart” Software Can Be Tricked into Seeing What Isn’t There
The researchers can create images that appear to a human as scrambled nonsense or simple geometric patterns, but are identified by the software as an everyday object such as a school bus. The trick images offer new insight into the differences between how real brains and the simple simulated neurons used in deep learning process images. Researchers typically train deep learning software to recognize something of interest—say, a guitar—by showing it millions of pictures of guitars, each time telling the computer “This is a guitar.” After a while, the software can identify guitars in images it has never seen before, assigning its answer a confidence rating.


Examining New Mission-Focused Capabilities
The video at this link and embedded below captures the content and dialog of a webinar which examined new capabilities of Cloudera and Intel, with a focus on capabilities that provide a full stack solution to many key enterprise mission needs. The webinar included insights by Cloudera’s Senior Director of Technology Webster Mudge and Intel’s Enterprise Technology Specialist Ed Herold, plus questions from an informed audience. Results of the recent CTOlabs.com white paper on this topic were also presented.


Security Prediction: The Rise of the Third-Party Risk
Over the next year, third-party providers will continue to come under pressure from targeted attacks and are unlikely to be able to provide assurance of data confidentiality, integrity and/or availability. Organizations of all sizes need to think about the consequences of a supplier providing accidental, but harmful, access to their intellectual property, customer or employee information, commercial plans or negotiations. And this thinking should not be confined to manufacturing or distribution partners. It should also embrace your professional services suppliers, your lawyers and accountants, all of whom share access, oftentimes to your most valuable data assets.


IT Professionals Not So Jolly This Holiday Season
"With a more global workforce and customer base, companies must be able to cater to various time zones, cultures and customs, even through the holidays. Every minute the network or the site is down is a blow to productivity," he said."Further, we have to remember security for the network never takes vacation. It requires constant vigilance to ensure that an organization's most critical data is kept safe." Since many users aren't experienced remote workers, when they attempt to be online over the holidays, survey respondents noted that more than half (57 percent) of users experience problems with network access.


Business Intelligence Analysts as Architects
Likewise, an architect who doesn’t understand how to translate their artistic visions is less an architect than just a competent artist. When a building owner is truly receptive to the architect suggesting what “could be done” and why it might be useful to have that functionality, great things happen. Similarly, a business sponsor is more likely to embrace an IT partner who, because of an in-depth understanding of their goals, can offer suggestions that would otherwise be overlooked. The best Business Analysts can envision underlying possibilities in data that offer valuable business intelligence in ways the business may not even be aware. Thus, like a skilled architect, the skilled Business Analyst can solidify the vision and map the practical implications to a blueprint.


Singapore Wants a Driverless Version of Uber
Lam Wee Shann, director of the futures division for Singapore’s Ministry of Transport, said during a panel held at MIT last month that the government wants to explore whether autonomous vehicles could reduce congestion and remake the city into one built around walking, bicycling, and public transit. “Singapore welcomes industry and academia to deploy automated vehicles for testing under real traffic conditions on public roads,” Lam said in a follow-up e-mail interview. He declined to say whether Google or any other companies pursuing driverless cars have contacted Singapore yet.


6 aging protocols that could cripple the Internet
The biggest threat to the Internet is the fact that it was never really designed. Instead, it evolved in fits and starts, thanks to various protocols that were cobbled together to fulfill the needs of the moment. Few of those protocols were designed with security in mind. Or if they were, they sported no more than was needed to keep out a nosy neighbor, not a malicious attacker. The result is a welter of aging protocols susceptible to exploit on an Internet scale. Some of the attacks levied against these protocols have been mitigated with fixes, but it’s clear that the protocols themselves need more robust replacements. Here are six Internet protocols that could stand to be replaced sooner rather than later or are (mercifully) on the way out.


Enterprises Quickly Moving Beyond Cost Reduction To Customer-Driven Results
Business analytics is a pivotal factor in 35% of enterprises adopting cloud computing today, and 73% are seeing improved business performance after implementing cloud-based applications and strategies. These and other insights are from the KPMG study, 2014 Cloud Survey Report: Elevating Business in the Cloud. KPMG’s annual survey of enterprise cloud computing adoption finds there is a significant shift away from cost reduction alone to a more customer- and data-driven mindset on the part of C-level executives interviewed.



Quote for the day:

"Unless you try to do something beyond what you have already mastered, you will never grow." -- Ralph Waldo Emerson


December 26, 2014

Developing a Modern Data Management Strategy
Setting aside data growth and dissemination, the majority of the employee workforce is not concerned about the management of data; they are simply concerned with having the ability to access data when and where required. With the introduction of bring your own device (BYOD) policies, mobile access poses an additional complication for organizations. If adequate data management policies are not put into place alongside an organization’s BYOD initiative, it can result in employees saving duplicate copies of large datasets remotely versus pulling it from a central repository. Duplication can quickly multiply capacity, compliance and regulatory concerns, as well as waste valuable storage space.


5 Reasons Why Excel Isn't Enough for Financial Reporting
Despite the compactness and versatility, it’s not necessarily the best knife, corkscrew or screwdriver. You might be able to get by in some situations with the Swiss Army Knife, but as the job gets bigger, you need a separate knife, corkscrew and maybe even multiple screwdrivers. ... For a small company with limited users and needs, they might be able to do all of their financial reporting and analysis within Excel. Basic data analysis, calculations and even visualizing simple tabular data can be achieved in some form or another. But as the company grows and becomes more complex, there needs to be a more robust financial reporting tool with more controls and oversight.


Why Digital Business means going web-scale
It’s a term coined by Gartner to describe the new approaches to computing pioneered by cloud services firms such as Google, Amazon, Rackspace, Netflix, Facebook and so on. These approaches potentially enable orders of magnitude of improved service delivery when compared to many of their enterprise counterparts. Gartner has identified six elements to Web-scale IT: industrially-designed datacentres, Web-oriented (or microservices) architectures, programmable management, velocity-focused processes, a collaborative organisation style and an innovation-centric and learning culture.


Patting down the pachyderm: Big data prognostications for 2015
Elephants are astonishingly intelligent creatures. Long ago, on a family vacation to Indonesia, I had the pleasure to see a troop of trained elephants perform close-up in an audience-interactive show. As I witnessed one of the animals crouch down around my intrepid firstborn, I was relieved to see that it was smart enough to follow its trainer’s instructions, sensitive enough to the boy’s presence and agile enough to execute the entire maneuver like the professional performer he is. As 2014 draws to a close, the proverbial elephant that we call “big data” is smarter, more sensitive and more agile than ever. It’s got a much more varied array of advanced analytics riding on its broad back.


Hundreds of Portuguese Buses and Taxis Are Also Wi-Fi Routers
A massive mobile Wi-Fi network that could be a model for many cities was launched in the city of Porto, Portugal, this fall. Buses and taxis are equipped with routers that serve as mobile Wi-Fi hot spots for tens of thousands of riders. The routers also collect data from the vehicles—and from sensors on trash bins around the city—and relay it back to city offices to help with civic planning. More than 600 buses and taxis are part of the network, which is now serving 70,000 people a month and absorbing between 50 and 80 percent of wireless traffic from users who otherwise would have had to use the cellular network.


How Much Longer Until Flash Storage is the Only Storage?
While it’s clear that flash array storage features a number of advantages in comparison to HDD, these advantages don’t automatically mean it is destined to be the sole storage option in the future. For such a reality to come about, solutions to a number of flash storage problems need to be found. The biggest concern and largest drawback to flash storage is the price tag. Hard drives have been around a long time, which is part of the reason the cost to manufacture them is so low. Flash storage is a more recent technology, and the price to use it can be a major barrier limiting the number of companies that would otherwise gladly adopt it. A cheap hard drive can be purchased for around $0.03 per GB. Flash storage is much more expensive at roughly $0.80 per GB.


Android Lollipop tips its hat to photographers with RAW support
When you snap a shot with your Android camera, the internal software compresses the image into a .jpg file. To the untrained, naked eye, that photo usually looks pretty spectacular. The thing is, what you see is what you get. You can't really manipulate that photo on any low level. It's compressed and saved in a read/write format, so the images can be more easily edited with a bitmap editor (such as The Gimp or Photoshop). With RAW images, the data has been minimally processed from the image sensor. Many consider RAW images to be the digital equivalent of the old school negative. These RAW images will have a wider dynamic color range and they preserve the closest image to what the sensor actually saw.


The Future of Data Scientists
Over time, the skill set for this group has evolved. We’ve seen a convergence of technological and math skills, and qualified data scientists are now part software architect and part mathematician. Data scientists must be able to understand technology and implement solutions in various languages while at the same time keep up with the advances in mathematics and machine learning that drive the profession. Even the brightest minds have had to embrace technology tools to complement their analysis as the need to identify patterns in huge volumes of multidimensional data has outpaced the human brain’s ability to do so. Raw computing power has also become increasingly important as organizations demand that decisions be reached and executed quickly.


IoT groups are like an orchestra tuning up: The music starts in 2016
IoT involves linking devices that in many cases have never been connected before, or at least not on anything but a closed, specialized network. It also involves managing those objects and developing applications to make them do things together that they could never do alone. So products from different vendors eventually will have to speak the same language, at some level. If they can't, then products for connected homes, cities and factories won't ship in the largest possible numbers, which they will need to do if prices are to plummet like they have for PCs, smartphones and other products over the years. That's especially important for consumer IoT, where cost is paramount.


The Future Of Wearable Technology Is In The Enterprise (At Least For Now)
“The whole world is going to go head-worn. It’s not if, it’s when,” says Osterhout. “The decision has already been made. It’s fait accompli.” Osterhout’s company made its name developing wearable imaging devices for the military. Think of night vision, target identification, and anything else you might have seen in a Schwarzenegger movie involving robots, aliens, and explosions. “We’ve built and funded and fielded thousands and thousands of handheld computers and headworn display systems for the military in Iraq and Afghanistan. In the New Year the company may be taking a version of its product to the big International Consumer Electronics Show in Las Vegas and that would most definitely not be for a military buyer.



Quote for the day:




December 25, 2014

Top Security Highlights from 2014
2014 has been a busy and exciting year for security at Cisco! The team has worked extremely hard to provide our customers with unmatched visibility, continuous control and advanced threat protection across the entire attack continuum. Among many things, Cisco launched the first threat-focused Next Generation Firewall: Cisco ASA with FirePOWER Services. This solution delivers integrated threat defense across the entire attack continuum by combining proven ASA firewall with Sourcefire threat and advanced malware protection (AMP) in a single device. We also announced the integration of AMP into our Cisco Web and Email Security Appliances and Cloud Services, known as AMP Everywhere.


E-readers, tablets can disrupt sleep
“We knew from other published reports that light can affect sleep, so we wanted to know what kind of impact light from these electronic devices specifically would have,” Chang said.Compared to those evenings when they read books, participants who used the electronic devices prior to bedtime took almost 10 minutes longer to fall asleep, the study found. They also weren’t as drowsy in the evening, and were sleepier in the morning. By reading on electronic devices before regular sleep time, the participants shifted their bodies’ typical circadian rhythms, the researchers posited. Circadian rhythms are the biological clocks that signal to humans, and other organisms, when to fall asleep.


Ready to embrace Everything-as-a-Service? Prepare to assume more risk
It’s usually about risk — specifically, risk being transferred to the buyer. Like it or not, business and commercial terms for most “as-a-service” offerings today heavily favor the provider. This is a shock for enterprise buyers who are used to dictating everything to providers on their own contract documents — everything from limits of liability to annual security audits. With as-a-service offerings, the tables have turned. The provider transfers risk to the buyer. This is a relatively new phenomenon, and it’s because of one primary reason: multi-tenancy. The broad-based acceptance of highly standardized, massively scaled shared architectures is transforming the enterprise technology landscape, especially in the areas of sourcing and contracting.


A Testable Idea Is Better than a Good Idea
There was no ‘”aha!” moment. But there was a slow recognition that defining a testable hypothesis requires more rigor than coming up with good ideas to improve products, services and or user experiences. What’s more, a testable hypothesis comes with accountability built in: the hypothesis needs to be tested. It will pass or fail that test. Ideally, you’ll learn either way. But what’s the accountability for a good idea? The fact that a lot of people think it’s a good idea? That’s a popularity contest. The harsh reality is that good ideas have to be tested. Why not insist that people undergo the rigor and discipline of crafting a testable hypothesis? That’s how good ideas get converted into real value.


2014 in Mobile: The Year of Wearable Gadgets
Though smart watches in particular often cram a ton of features into a small package, this year some wearable makers eschewed feature creep for simplicity in an effort to woo consumers. French company Netatmo unveiled June, a jewel-like device on a leather bracelet: it keeps track of the wearer’s sun exposure and works with an iPhone app to tell you when to grab a hat or seek shade. The Hong Kong company ConnecteDevice launched a simple smart watch called Cogito that has a traditional-looking analog face but also shows some notifications. There was also a greater focus on precise biometric tracking this year. In November, startup Empatica announced a wristband called Embrace, meant for people with epilepsy.


Speech Recognition Technology Better Than Human's Exists
Recent inventions in the field of speech and machine learning should lead to major changes in how we murmur, shout, question and interrogate our devices. One of the brains behind Siri says engineers are feverishly working toward speech recognition that's smart enough to engage in authentic conversations with users. "All areas of spoken language understanding have made a lot of progress," says William Mark, a vice president at SRI International, which developed the fundamental technology behind Siri before it was acquired by Apple. "This kind of conversational interaction is where the leading edge is right now."


Composition for Partial Aggregate Domain Model
The problem still arises for enterprise applications. Imagine the company works with Domain Driven Design (DDD), where the domain are business objects they loaded in their bounded context. Due to performance reason, sometimes we want to load the full bounded context, sometimes only a part of it, some classes but not the others. One solution would be splitting the bounded context into smaller bounded contexts but it’s not always possible because we don't work anymore with a logical business set of data, so we’ll need then to join data.


Cyberwarfare: Digital weapons causing physical damage
While the attack on Sony is considered “unprecedented,” it was not the worst corporate hack in 2014. More records were stolen from JPMorgan, Home Depot and even eBay. But details of two of the scariest cyberattacks just hit the news in December...and one of those -- about Turkish pipeline explosion -- has been a secret since 2008. The other involves a digital attack on a German steel factory that resulted in 'massive damage.'


Sony hack timeline: How a silly comedy sparked real cyber-terror
The fallout has forced the studio to cancel the release of The Interview after major theatre chains decided not to premiere the movie. The comedy, which sees the two protagonists (Seth Rogen and James Franco) sent on a mission to assassinate North Korean leader Kim Jong-un, has sparked an international crisis, with hackers threatening moviegoers with a 9/11-style attack. The events mark one of the most poignant corporate breaches of security in history. MicroScope examines the events leading up to the current situation.


Lean Project Management Using “Oobeya"
Oobeya is a learning method: teams learn to evaluate the voice of customers, see problems as soon as they arise, resolve problems quickly and efficiently in order to protect customers, create and use standards that improve quality and remove variability in their process, and collaborate with the whole organization. All of this contributes to developing knowledge about our own work. Smarter, more motivated professionals make better products faster. If the team is already agile, Oobeya can increase the team’s velocity and give them the tools they need to match their pace to that of the customer.



Quote for the day:

“A good person will resist an evil system with his whole soul. Disobedience of the laws of an evil state is therefore a duty.” -- Gandhi


December 24, 2014

PCLinuxOS and UEFI systems
First, when I boot the Live image, the screen comes up at the wrong resolution as noted above. Of course, this is not a fatal problem, you could just ignore it and go ahead with the installation, and deal with this on the installed system. But the screen is rather small and ugly, and it's not easy to read. The way to correct it is relatively simple, you just need to delete (or rename) the file /etc/X11/xorg.conf, and then restart the X server. It will then figure out the correct display size on its own, and the world will be a wonderful place again.


Google Wants to Turn Browser Signals of Web Encryption Upside Down
"We, the Chrome security team, propose that user agents (UAs) gradually change their UX to display non-secure origins as affirmatively non-secure," the engineers said in messages spread across several discussion forums, including Google's own Chromimum project. "The goal of this proposal is to more clearly display to users that HTTP provides no data security." Chrome's argument was that, without HTTPS and SSL/TLS encryption, traffic between a user's browser and a website is inherently unsafe. The visual display should explicitly call that out.


Ten Ways to Make Your Cloud More Efficient
Believe it or not, we are at a very critical junction point when it comes to cloud computing. Although growth has been steady, we’re about to hit a very big boom. According to the recent Cisco Global Cloud Index Report, “while the amount of global traffic crossing the Internet and IP WAN networks is projected to reach 1.6 zettabytes per year by 2018, the amount of annual global data center traffic in 2013 is already estimated to be 3.1 ZB, and by 2018 will triple to reach 8.6 ZB per year.” So in the midst of this rapid growth, how can you improve cloud efficiency to keep your environment up and running in a proactively healthy state?


A Robot Really Committed A Crime: Now What?
Two London-based artists coded a bot that randomly purchased items from a hidden or “darknet” market using Bitcoin. The bot purchased, among other things, fake Diesel jeans and ten pills of ecstasy. But it also purchased perfectly lawful items such as a stash can and baseball cap with a camera in it. You can see the items here. Are these artists liable for what the bot bought? Maybe. In the United States, at least, criminal law is predominantly statutory. We would have to look to the precise wording of the federal or local law and then apply it to the facts at hand. If, for instance, the law says a person may not knowingly purchase pirated merchandise or drugs, there is an argument that the artists did not violate the law.


The gift of time
The holiday season is often spent frenetically buying gifts, attending or hosting parties, and celebrating the end of one calendar year and the start of the next. This activity is in addition to your regular work and life activities. It can be exhausting! I think we all would be well-served by taking a close look at how we spend our time each day. Are we choosing the most effective ways to act, interact, and behave? If we slow down for a few minutes and analyze how we spend our time, we can refine our choices to serve ourselves and others better.


New per-user Windows license pricing cuts VDI costs
Microsoft has been tight-lipped about the per-user license pricing. The company declined to release list price details this week, only saying volume licensing pricing is available to customers through Microsoft partner resellers. Windows license pricing is often negotiable depending on the volume or agreements organizations have with Microsoft. But glimpses of the per-user pricing indicate some possible savings for Microsoft customers, said Paul DeGroot, analyst at Pica Communications in Camano Island, Wash., and author of Microsoft Licensing Concepts.


The CISO, the CIO, the CEO, or you: Who is really responsible for cybersecurity?
"IT security is a commodity where you can go and buy products and expertise from a provider," he says. "The same is true in regards to business security in many cases - the processes and governance are a commodity that you can purchase as a managed service." Shiraji says he would rather spend his limited IT budget on front-line operations, and then draw on specific expertise to help protect his data and guide his staff. The organisation recently received ISO 27001 accreditation and the communications support from the chief executive proved essential.


The hottest wireless technology is now sound!
Using sound for transferring data is nothing new. In the 1940s, when IBM tried to solve the problem of how to use regular telephone lines to connect two computers, it figured out a way to convert data into sound, send the sound over the phone and then convert it back into data. (Yes, I'm talking about the modem.) The benefit of using sound for data transmission was that equipment to handle the process was widely available. In the wireless era, sound is still a great option for data transmission and other uses, and for the same reason. Lately there's been a surge of innovations that harness sound waves to transmit data and do other creative things. Here's what's going on.


Seven steps to becoming a digital leader
All transformations – digital or otherwise – start with a vision from the top. The CEO and the board need to create a credible and compelling vision for the business in the digital age. And this vision has to be shared with the rest of the business to maximise the chances of it becoming a reality. In Don’t wait for a crisis to go digital I described how creating a vision for the digital age required a fresh perspective on the organisation – the outside-in view. ... in the course of conducting hundreds of interviews with organisations about their approach to digital, it became clear to him and co-authors George Westerman and Andrew McAfee that firms that struggle to become truly digital “fail to develop the leadership capabilities required to set and execute a digital vision.”


Making CIO-CMO Relationship A Success In 2015
Organizations succeed only when CMOs and CIOs share a single, customer-focused business technology agenda, says a Forrester report, and hails the CMO and CIO as the two roles that matter most for 2015. Forrester analyst and Chief Research Officer, Cliff Condon, explains in his blog that unlike before it makes little sense for CMOs to focus only on marketing and promotion. In the age of the customer, the CMO of 2015 must own the most important driver of business success — the customer experience — and represent the customer’s perspective in corporate strategy.



Quote for the day:

"Let him who would be moved to convince others, be first moved to convince himself." -- Thomas Carlyle

December 23, 2014

CIO interview: Catherine Doran, CIO, Royal Mail
According to Doran, one main concern during the recruitment exercise was avoiding a "scattergun approach". Given that it was an extended campaign, the last thing the CIO wanted was seeing job applications dwindle because of a possible impression that something was wrong. The solution to that risk was driving targeted campaigns to different communities using LinkedIn. "LinkedIn was a big deal for us, to be honest. When we were looking for architects we would target that community, do a campaign with them for a bit, then we wouldn’t do anything with them for a while. Then we’d release a set of jobs to, for example, testing professionals, then programme and project management people and so on," Doran says.


Using the Open FAIR Body of Knowledge with Other Open Group Standards
The Open FAIR Body of Knowledge provides a model with which to decompose, analyze, and measure risk. Risk analysis and management is a horizontal enterprise capability that is common to many aspects of running a business. Risk management in most organizations exists at a high level as Enterprise Risk Management, and it exists in specialized parts of the business such as project risk management and IT security risk management. Because the proper analysis of risk is a fundamental requirement for different areas of Enterprise Architecture (EA), and for IT system operation, the Open FAIR Body of Knowledge can be used to support several other Open Group standards and frameworks.


Conflict and Resolution in the Agile World
Collaboration means conflict: Any time more than one person works on a problem, there will be disagreements about how to solve it. Whether you disagree over methodology, philosophy, tools, technology, personality or even the basic understanding of the problem, you will have to work through your disagreements to get to a solution. The more people that work together, the harder it is to get consensus. Transparency means conflict: Agile practices place a premium on transparency. Transparency allows problems to surface and be squashed. Without transparency, problems can fester, grow and ultimately become insurmountable. But with the good comes the bad. With increased transparency, there is also an opportunity for more disagreements, and conflict within the team and with external stakeholders.


Success of Health IT Rests With Business Alignment
Some in the medical community suggest that EHRs and other health IT systems would be most effective if they were to fade into the background and minimize the interaction required with the care provider. Kavita Patel, managing director of clinical transformation at the Engelberg Center for Healthcare Reform, says that practitioners would welcome technologies like motion-capture gesturing systems that would "do away with the computer in the room." "Any of these workarounds or kind of 'life hacks' that I think we can do in clinical medicine are probably something that every physician or every clinician who sees patients would want millions of," she says. "So there's an entrepreneurial mission waiting to happen."


Getting Your Data House in Order
When we talk about getting our houses in order, sometimes we mean our financials, relationships, or our actual house. What about an organization’s data house? I see many correlations between data problems and companies’ lack of organization. When I talk about getting our data house in order, I am talking about the nitty-gritty of solid data governance practice. Much has been written and discussed on the principles and frameworks of data governance, but sometimes the mechanics of making data decisions are overlooked. To me, it is a matter of embedded organization practice.



The Power of Cloud Computing
“Arguably the most essential aspect of the Cloud is its ability to provide an integration of nearly limitless numbers of data sources involving structured, semi-structured, and unstructured data,” Dataversity’s Jelani Harper writes. “Such integration spans geographic location and includes both on-premise and Cloud sources, and is frequently typified by a speed of access that comes in real time or close to real time.” Obviously, that’s not something that would be cheap or easy or maybe even possible with traditional data management tools, she adds. The article includes three sample use cases that show off cloud computing’s mad data integration skills.


5 things you should know about DDoS attacks, outages, SSL, and web performance
Last week at Radware, we released our annual Global and Network Security Report. This report is based on data gathered from a survey of 330 organizations worldwide. The survey was designed to collect objective, vendor-neutral information about the issues organizations face when preparing for and fighting against cyberattacks. The report gives a comprehensive and objective review of the past year’s cyberattacks from both a business and a technical perspective. It also offers best practice advice for organizations when planning for cyberattacks in 2015. But my favourite aspect of this report is the fascinating play-by-play insight into how today’s sophisticated attacks take place.


20 Netstat Commands for Linux Network Management
netstat (network statistics) is a command line tool for monitoring network connections both incoming and outgoing as well as viewing routing tables, interface statistics etc. netstat is available on all Unix-like Operating Systems and also available on Windows OS as well. It is very useful in terms of network troubleshooting and performance measurement. netstat is one of the most basic network service debugging tools, telling you what ports are open and whether any programs are listening on ports.


2015: The Year of the Compliance-Created Cyber Confidence Collapse?
The biggest security risk now faced by employers is not outside hackers. It is compliance experts who stay just long enough to help you tick the latest regulatory boxes, having acquired the necesary understanding of your systems and security credentials necessary to do so. The drive by the European Commission to address supposed "data protection" problems, supported by the US obsession with "Data Breach Notification", could not have done a better job in opening up opportunities for serious fraud (both high value and mass market) if they had been actively planned by organised crime.


Charlatans: The new wave of privacy profiteers
Within two days the Kickstarter project, which began at $7500, blew up into a $600,000 funding sensation. It also drew enough attention to Germar's dangerously false promises that Germar's con unraveled, fast. Within a week of all the great PR, funders began withdrawing their dollars in droves, and public outcry pushed Kickstarter to suspend Anonabox's funding campaign. But not before things got quite ridiculous -- in large part due tothis blistering Reddit thread. As it turned out, Germar's custom open source hardware product wasn't custom, or open source. Thanks to infosec community chatter on Twitter and the Reddit thread, funders and observers discovered Anonabox's entire hardware package was actually an off-the-shelf Chinese router.



Quote for the day:

“You will never see an eagle of distinction flying low with pigeons of mediocrity.” -- Onyi Anyado

December 22, 2014

Hybrid cloud adoption set for a big boost in 2015
What's helping to bridge that gap is the hybrid cloud -- a combination of using a private cloud and a public cloud, giving the user the security of a private offering and the low cost of public. While the cloud market is still immature, enterprises are starting to get their feet wet with the hybrid cloud. While they may not make a huge shift to put critical workloads or even production workloads into the hybrid cloud this year, companies are looking to experiment with it and try it out with basic apps and information. "Hybrid is at the early stages of the maturity cycle," said Krans. "Hybrid is growing, but it will take a lot of experience to really grow it for more critical applications."


10 Ways Data Center Industry Will Change in 2015
As we approach the end of 2014, those in IT who like to ponder industry trends send us their predictions for next year. Here are some of the more interesting predictions we have received from folks so far. Stay tuned for more 2015 predictions on Data Center Knowledge in the coming weeks. Here it is, our list of data center industry trends that will dominate the conversation in 2015:


Five Rules for Strategic Partnerships in a Digital World
Partnerships have also always been notoriously tricky to make work. Too bad, because in today’s hypercompetitive, hyper-connected marketplace, partnerships have taken on even greater strategic importance and complexity. Both business-to-consumer and business-to-business companies are in an arms race to develop innovative user experiences, expand distribution, and capture new sources of monetization. Digital leaders are discovering that their future depends not just on what their own companies can do, but on the capabilities, functions, channels, and insights they can tap by partnering with others.


Fog Computing and the 'Internet of Things' Analytics Hardware
Fog Computing is a paradigm that extends Cloud computing and services to the edge of the network. Similar to Cloud, Fog provides data, compute, storage, and application services to end-users. With the concept of Fog Computing, where by the network locally analyze the IoT data and take a decision on what data to be passed on to cloud. It's a concept called fog computing. And Cisco® makes it possible today with the Cisco IOx platform. Cisco IOx takes the best of Cisco IOS® Software capabilities, combines them with compute, storage, and memory at the network edge.


5 lessons to help security pros craft a New Year’s resolution
People often find themselves stressed and overwhelmed during this time of year. Looking back, they realize all the goals that are still unmet. The cyber security holiday season is no different. While some organizations might be happy they did not get breached this year, behind closed doors everyone, including the CEO, is likely wondering at what point a breach will happen; will it be in 2015? The answer, which no one wants to hear, is that a breach will happen. However, if handled correctly, the damage can be very minimal. Consider these lessons from 2014:


Obama Vows U.S. Response to North Korean Hacking Attack on Sony
There is no evidence of direct Chinese participation but the country does keep a close eye on data moving through its networks, suggesting it may have been aware of the North Korean attack and did nothing to alert officials in the U.S., the person said. When asked if China assisted in the Sony attack, Obama said the U.S. has “no indication that North Korea was acting in conjunction with another country.” ... “We will respond,” Obama said, without specifying any actions. “We will respond proportionally and we will respond in a place and time and manner that we choose.”


Exploring Microsoft Licensing, Part 2: Don’t Get SAM’d
Microsoft isn’t auditing everyone equally. They’re cherry-picking areas that are in decline or showing signs of slowed growth. I’ve seen another area that attracts audits. Generally, customers have some sort of non-compliance that are met with steep fines. However, Microsoft will almost always offer the customer a “true up” of the non-compliance licenses as long as the customer agrees to sign a new, three year, Enterprise Agreement. This process locks you in for another three years with Microsoft with no assurances that at the end of that time they won’t audit you again. One of our recent customers was audited by Microsoft during the evaluation process and faced a steep penalty.


Version 3 of FoundationDB's Key-Value Store database announced
Let's get around all of the hype in FoundationDB's release and get to the point. Relational databases have been pressed into service in many applications because it has become a tradition, not because it is the best or most cost effective tool in the shed. I suspect this is because many developers were trained to use relational databases and now see the world though that lens. I'm reminded of something Abraham Maslow once said "If you only have a hammer, you tend to see every problem as a nail." Other approaches to database management can be more cost effective, offer better performance in some applications, be more reliable and also use system resources much better.


Decisions, decisions: Choices abound as data center architecture options expand
More companies are opting to move away from traditional data centers with rows and racks of servers because there are a number of issues to contend with in a conventional data center model, including buying your own equipment, figuring out a floor plan, installing it, testing it and maintaining it, experts say. The number of data centers worldwide will peak at 8.6 million in 2017 and then begin to decline slowly, IDC predicts, although the amount of total data center space will continue to grow as mega-data centers replace smaller ones.


Inject Novelty into Your Innovations
We look at game participation using the information about in-game achievements, which are now common practice across video-games: measures of how accomplished players are, so that they can have bragging rights with their friends. The evolution of participation in the expansion “The Wrath of the Lich King” is displayed in the graph and shows clear insights about how players respond to product updates. Before each product update, users are forward-looking, anticipating new content that is very likely more exciting than what was launched before, which leads to waiting for the new content and drops in participation (red circles in the graph).



Quote for the day:

"You got to be careful if you don't know where you are going, because you might not get there." -- Yogi Berra

December 21, 2014

2014 Is Ending, but This Wave of Technology Disruptions Is Just Beginning
The sun is setting on 2014, but we're about to watch a new wave of technologies rise and remake the world. (Katherine Frey/The Washington Post) Changes in technology are happening at a scale which was unimaginable before and will cause disruption in industry after industry. This has really begun to worry me, because we are not ready for this change and most of our leading companies won't exist 15-20 years from now. Here are five sectors to keep an eye on:


Data science handbook: 3 tips for becoming a data scientist
To get a clearer picture of the state of data science, how employers and employees alike can take advantage of it, and how you can enter the field, we spoke with some of the field’s most prominent voices: DJ Patil, co-coiner of the term “data scientist”; Michelangelo D’Agostino, formerly of Obama 2012’s data team; and Clare Corthell, creator of The Open Source Data Science Masters. We’ve distilled their insights into three main pieces of insight that we will share below.


New Ransomware Avoids Hitting the Same Victim Twice
OphionLocker uses infected websites to install itself on unpatched computers, then encrypts the victim's data with strong opensource Cropto ++ elliptical curve cryptography. The cost to recover the files is typically around 1 Bitcoin, or about US $333. According to KnowBe4, the ransom amount varies based on the victim's country, with the U.S. having the highest rates. After victims are infected and their files encrypted, the malware sends the victims to the ransomware site where they are given payment instructions. However, the ransomware does not secure delete the files or remove shadow volume copies, so a file recovery tool or a program like Shadow Explorer could be used to recover the files.


Policy frameworks can help or hinder India's tech revolution
By 2025, India could reach a "tip ping point," where the economic benefits of large-scale technology adoption accrue at an accelerating rate. For example, digital tech nologies such as verifiable digital ID and the mobile Internet used in concert will enable universal financial inclusion, potentially raising incomes of people who lacked access to banking and credit by 5 to 30%, which could add economic value of $32 billion to $140 billion per year in 2025. The administration of school and online teacher certification and training, along with blended learning--using online systems and MOOCs can boost the quality of K-12 and post-secondary institutions, and deliver $60 billion to $90 billion in economic value per year by 2025 through a better skilled workforce.


New Chip Points the Way Beyond Silicon
The semiconductor industry is finding that scaling any smaller introduces a range of problems. At one panel held during the IEDM conference, Mark Bohr, a senior fellow at Intel, estimated that silicon scaling would end in about a decade. “My general response is wild enthusiasm for any new idea,” he said. With superb electrical properties, germanium has always promised to make speedier circuits than silicon. But engineers were unable to use it to make compact, power-efficient circuits based on the industry’s established manufacturing technique, known as complementary metal-oxide semiconductor, or CMOS, technology.


Coder, sell thyself
Assuming that you have your goals in mind and are serious about the pursuit of new business, you now have to create the space to allow your business to develop. If you are currently employed by someone, you have to quit your job. If you are currently engaged in a 100% on-site contract position, you have to step away. You must create a vacuum in order to draw in new clients and project work. If you are mentally in a space where you want to find new work, but are physically occupied by an opposing force, you will repel potential opportunities. You must be aligned mentally and physically in order to draw new clients and paid project work to you.


Setting Up a Redundant Internet Connection With BGP
Many organizations have identified the Internet as a critical resource that should never be down. As a result, a redundant Internet connection is configured to help ensure there’s at least one connection to the Internet up at all times. In this post, we’ll consider the topology for a network with a redundant Internet connection that uses Border Gateway Protocol (BGP) routing. Here, BGP will do two things: learn the Internet routing table, and announce the local, publicly accessible network to the Internet. To keep things as simple as possible for those of you who’ve never worked with BGP before, we’ll do this with a single Internet router.


Point-to-Point Generic Routing Encapsulation ( GRE ) over IP Security ( IPSEC )
Diverse multi protocol traffic requirements forces the use of a Generic Routing Encapsulation ( GRE ) envelope within the IPSEC tunnel. The p2p GRE tunnel is encrypted inside the IPSEC crypto tunnel. Native IPSEC is not multi protocol and has no support IP multicast or broadcast traffic. As a result, proper propagation of routing protocol control packets cannot take place in a native IPSEC tunnel. With a p2p GRE over IPsec design, all traffic between hub and branch sites is firstly encapsulated in the p2p GRE packet BEFORE the encryption process takes place.


Organizational Resilience: The Business Continuity Institute's View
The Business Continuity Institute realises the value of BS 65000 and the thinking that comes behind it. It affirms its premise of strengthening the collaboration among ‘protective disciplines’ in order to create a coherent approach to achieving resilience. Business continuity as a discipline has resilience at its heart and the BCM Lifecycle explicitly relates to building resilient organizations. In participating in the ongoing development of organizational resilience, the BCI makes a positive case for the ‘protective disciplines’ and enabling top management buy in into our work. It also makes practitioners responsible for resilience more visible to top management, taking their work as a matter of strategic importance to the organization.


Don’t trivialise the internet of things
Walport said IoT could have a much greater impact on society than the first digital revolution, with the potential to support “an extraordinary range of applications and economic opportunities”. However, he warned there will also be potential for significant challenges around security and privacy breaches, and it will be critical that scientists, programmers and entrepreneurs behave and act responsibly. “Equally,” wrote Walport, “policy makers can support responsible innovation and decide whether or how to legislate or regulate as necessary. Everyone involved in the IoT should be constantly scanning the horizon to anticipate and prevent, rather that deal with unforeseen consequences in retrospect.”



Quote for the day:

"The problem with being a leader is that you're never sure if you're being followed or chased." -- Claire A. Murray