March 21, 2015

IoT and smart devices need ethical programmers, says Gartner
At Level 3, Evolutionary Ethical Programming, tech companies would need to introduce ethical programming as part of a connected device that learns and evolves, because the more a smart device does learn, the more it departs from its original design. Here the user would maintain overall control, but the smart device would have some degree of autonomy. How future devices are trusted by users will become key at this level, said Gartner. For example, if a smartphone app is not trusted to report your business expenses accurately, or if an autonomous car was not trusted to safely navigate a dangerous stretch of road, the user would be able to take back control.


Goodbye, Internet Explorer
The changes both to the browser and the branding make a lot of sense. Internet Explorer, first released in the mid-1990s, dominated the browser market at its peak in the early 2000s, but it came to be associated with poor security and compatibility with other browsers and has since languished. Spartan’s success is critical if Microsoft is to remain relevant in the Web browser business—a market in which it used to dominate but now trails Google’s Chrome. According to data from StatCounter, in February, Chrome had 43.2 percent of the global browser market (including desktop, mobile, and other platforms), while Internet Explorer captured 13.1 percent and Firefox had 11.6 percent.


Artificial Intelligence Is Almost Ready for Business
The biggest application of Watson has been in health care. Watson excels in situations where you need to bridge between massive amounts of dynamic and complex text information (such as the constantly changing body of medical literature) and another mass of dynamic and complex text information (such as patient records or genomic data), to generate and evaluate hypotheses. With training, Watson can provide recommendations for treatments for specific patients. Many prestigious academic medical centers, such as The Cleveland Clinic, The Mayo Clinic, MD Anderson, and Memorial Sloan-Kettering are working with IBM to develop systems that will help healthcare providers better understand patients’ diseases and recommend personalized courses of treatment.


Premera, Anthem data breaches linked by similar hacking tactics
One of Deep Panda’s attack methods is to create fake websites that imitate corporate services for companies. In Anthem’s case, the attackers set up several subdomains based on “we11point.com,” which were designed to mimic real services such as human resources, a VPN and a Citrix server. By targeting Anthem employees with phishing emails and luring them to the fake sites, it may have been possible for the attackers to collect the logins and passwords and eventually access the insurer’s real systems. ThreatConnect, an Arlington, Virginia-based security company, found that Premera appears to have been targeted by the same style of attack.


Facebook releases open source ORC reader for Presto
"The level of SQL functionality that's implemented in Presto I think is unprecedented in the Hadoop world," Navruzyan says. "They decoupled the distributed SQL query engine from the underlying data store. This was a really great design decision." ... "We are always pushing the envelope in terms of scale and performance," writes Dain Sundstrom, a Facebook software engineer and creator of Presto. "We have a large number of internal users at Facebook who use Presto on a continuous basis for data analysis. Improving query performance directly improves their productivity, so we thought through ways to make Presto even faster. We ended up focusing on a few elements that could help deliver optimal performance in the Presto query engine."


Agile and Enterprise Architecture
“The real value of enterprise architecture is not in making better architectures…it’s in making a better enterprise” Gary Doucet, Chief Architect, Government of Canada Treasury Board of Canada Secretariat GC. How does enterprise architecture support agile that seems to focus on “light” processes? Are the two concepts in conflict with one another? In my view they complement one another ... True agility enables teams to have access to accurate as-is content as modeled artifacts and to move towards to-be artifacts in a collaborative managed environment. This implies that models are not only used in projects, but also in daily operations i.e. managing change requests and service requests.


Latest Dridex Campaign Evades Detection with AutoClose Function
“The user is enticed to enable macros and open the attachment, and when they open it, they see a blank page and, under the hood, nothing bad happens,” said a Proofpoint advisory. “Instead, the malicious action occurs when the document is closed. The macro payload, in this case, listens for a document close event, and when that happens, the macro executes.” The use of this type of VBscript function, Proofpoint said, is effective against sandbox detection capabilities. Malware that delays execution isn’t necessarily a new evasion tactic, but attackers have been getting innovative about side-stepping security protections in place. For example, sandboxes and intrusion detection software became wise to short delays in execution times. By executing only when the document closes, this current string of Dridex seems to have taken the next step.


Virtual Reality Advertisements Get in Your Face
The huge value of the online advertising market suggests it could be lucrative to experiment in this area. According to Magna Global, a media market researcher and investor, digital media revenue rose 17 percent in 2014 to $142 billion. It’s expected to climb another 15 percent to $163 billion globally this year. Dallas-based Airvirtise certainly hopes advertisers will be willing to try to reach people inside virtual scenes. It’s working on virtual 3-D models that are integrated with real-world locations, which it discerns from longitude, latitude, and elevation—think a giant Angry Birds game in a park or a life-size virtual car you can walk around.


Web Application Firewalls - Enterprise Techniques 
WAFs compare requests to generic attack signatures and application specific policies for the web application being protected and alert or block violations. A WAF can follow a positive or negative security model to develop security policies for an applicatin. ... The negative security model is acchieved by compiling a list of attack signatures, comparing web traffic against those signatures blocking the traffic that matches. Blocking only what is known as bad is considered the more functional approach in business perspective. ... negative security model does not provide protection against unknown attacks.


Public sector slow to pick up on the internet of things, says Gartner
"The majority of IoT spending for smart cities will come from the private sector. This is good news for technology service providers (TSPs) as the private sector has shorter and more succinct procurement cycles than public sectors and cities," said Bettina Tratz-Ryan, Gartner research vice-president. Tratz-Ryan urged technology companies to plan, engage and position their offerings now, or risk missing out on the money-spinning opportunities. “We expect commercial IoT implementations to be used across multiple industries, such as smart energy, environmental service or journey planning, which will offer TSPs the opportunity to monetise IoT by building IoT-related service models," said Tratz-Ryan.



Quote for the day:

"The measure of success isn't if you have a tough problem, but whether it's the same one you had last year." -- J.F. Dulles