October 01, 2015

On Monoliths and Microservices

The term software architecture traditionally implies the architecture of a single program. In vertical or microservice style architecture, the definitions like “Architecture is the decisions that you wish you could get right early in a project” is hardly relevant anymore. What part is hard to change in microservice style architecture? The answer is not the inner components of an application anymore. The difficult things to change are some of the decisions that have been made about the microservices, for example, the ways they are integrated into the system, or the communication protocols between the involved applications and etc. Thus, we at otto.de are drawing a difference between a micro-architecture of an application and the macro-architecture of the system. The micro-architecture is all about the internals of a vertical or a microservice, and is left completely in the hands of its respective team.


What Does the VolksWagon Hack Mean for IoT Security?

We are now in a time in when technology companies must provide "digital confidence." This is necessary and should be mandatory to keep customer trust. From a technology and historical point of view, consider this the beginning of a digital Cambrian explosion. In the Cambrian explosion 524 million years ago, conditions changed virtually overnight. Almost all known animal species emerged and before this, almost three billion years had passed with just a few algae and bacteria on earth. Such a comparable explosion has begun now in the digital world. ... The fact is that digital automation is now a driving force behind many aspects of life, including the cyber-attack landscape. A modern upper class car carries million lines of code in its system,


Why passion is a requirement for today's CIO

Technology, of course, is the most significant contributing factor in these concerns. With no legacy infrastructure, new entrants can disrupt old businesses at a fraction of the cost of established players. Competitors who lead in digital technology can snatch away market share, and in most industries, products are becoming more software driven. With the CEO thinking more about IT than ever, the role of the CIO is changing. ... "Passion is a reason for being," says McCabe. "It is what drives your curiosity and makes you a better and more focused leader. When you care about something, you want others to share the vision, and you strive to bring as many people as possible along with you on that journey."


This Car Knows Your Next Misstep Before You Make It

“Imagine you are driving on a highway,” says Saxena Ashutosh, the director of a project called Robo Brain at Cornell University and Stanford who oversaw the driving project. “You look to the right for a second, because you are going to make a right turn, and as you are starting to make a right turn, some other driver has pulled into the space that you thought was empty.” A car could then either issue an alert or even prevent you from pulling into the lane. The system was trained using cutting-edge machine-learning algorithms, and it could predict, with just over 90 percent accuracy, when a driver was about to change lanes in the next few seconds. A lane change was usually signaled by a glance over the shoulder along with telltale head movements and changes in steering, braking, and acceleration.


Implementing a Recurrent Neural Network with Python, Numpy and Theano

solving the Language Modeling problem also has a cool side effect. Because we can predict the probability of a word given the preceding words, we are able to generate new text. It’s a generative model. Given an existing sequence of words we sample a next word from the predicted probabilities, and repeat the process until we have a full sentence. Andrej Karparthy has a great post that demonstrates what language models are capable of. His models are trained on single characters as opposed to full words, and can generate anything from Shakespeare to Linux Code. Note that in the above equation the probability of each word is conditioned on all previous words. In practice, many models have a hard time representing such long-term dependencies due to computational or memory constraints.


Fighting Developer Fatigue with JNBridge

A better approach would be to keep as much of the .NET-based technology as possible, and start by nibbling around the margins, creating framework code in Python, and calling the more substantial .NET-based logic where needed. Later, more Python skills can be acquired and more Python code can be added, as necessary, and functionality can be migrated out of the .NET libraries if that’s what’s desired. This “go slow” approach can mitigate developer fatigue and allow you to avoid prematurely committing to new technologies that may turn out to be insufficiently robust for production use, or may soon be supplanted by even newer technologies. Note the approach described here can be used to continue using both legacy .NET and Java binaries with emerging languages.


Why Windows 10 is the most secure Windows ever

“Clearly, Microsoft thought a lot about the kind of attacks taking place against enterprise customers and is moving security forward by leaps and bounds,” said Ian Trump, a security lead at LogicNow. Device Guard relies on Windows 10’s virtualization-based security to allow only trusted applications to run on devices. Credential Guard protects corporate identities by isolating them in a hardware-based virtual environment. Microsoft isolates critical Windows services in the virtual machine to block attackers from tampering with the kernel and other sensitive processes. The new features rely on the same hypervisor technology already used by Hyper-V.


How to mitigate vendor risk in a cybersecurity environment

Performing a thorough “vendor due diligence” is critical not only when selecting a vendor, but also on an ongoing basis. This is true for third parties that host your data as well as those that have regular access to your data, including computer support vendors. You are paying for services, so you should demand security that meets or exceeds your own security standards. Prior to beginning your due diligence, you may want to identify all vendors that have access to your personally identifiable data and what data is visible to each vendor. You may then vet vendors with a full review process or other steps, including paying them a visit and asking for a full tour of their facilities and a complete explanation of their operational and security policies. This research will complement any written documentation you may already have in hand.


Navigating The Slippery Slope Of Public Security Disclosure

When considering a public message, consider our most secure US public figure, the President. We know that the President is the most guarded and protected person on the planet. What the Secret Service won’t tell us is how they accomplish this -- and that is by design. Grand visible gestures are a small fraction of the actual security measures in place, yet they serve as a visible and impressive deterrent to foul play. Strong public statements on security without specific details are good. “We employ a myriad of applications, systems and processes to ensure the protection of your personal data” is one such statement. When making your statements, avoid “naming names.” An executive I know recently made a very public announcement about hiring an “ethical hacker” as a member of his security team.


Where's the Money In Data (Part III)

Data monetization opportunities are determined by defining a problem to be solved in terms of focus and state. If the focus of the problem to be solved is external and the state is existing, then the defined monetization opportunity is developing new products, services or channels for customers. This means that you are using your customer intelligence data and applying it to their problems. And while the ultimate business goal is to increase customer loyalty and grow revenue, the data is being used to solve the needs of the customer, not the needs of the business. When using data to solve customer problems, the customer defines the value of the product or solution by variables within the scope of their intended use. This value assessment can be a moving target for businesses to identify and can make the related monetization efforts difficult.



Quote for the day:

"The most courageous act is still to think for yourself. Aloud." -- Coco Chanel