October 26, 2015

Computer Security and Privacy: Benefits and Risks of the Internet of Things

Kohno was an author on the first publications demonstrating the security risks of wirelessly reprogrammable pacemakers and defibrillators. Former Vice President Dick Cheney even had doctors disable the wireless mechanism in his defibrillator due to hacking concerns. Kohno stresses that the benefits of these devices outweigh the security risks and that patients should have no qualms using them. However, he believes that device manufacturers must improve the security of current and future devices. Roesner has led groundbreaking work in the area of online data collection, trying to identify who is gathering information and what's being done with it. With further support from NSF, she led the development of a tool called ShareMeNot.


The grip banks have over their customers is weakening

If banks are not willing or obliged to share, there are services that will retrieve current-account data without the bank’s approval. These startups ask customers to share their online banking passwords, in order to log into their accounts and copy and paste page upon page of online statements. Such “scraping” happens in a legal grey area. Banks moan about their terms of service being breached. British regulators frown upon it, for security reasons, making life difficult for would-be Mints; American regulators are said to be unhappy as well. Services such as Yodlee, a Californian outfit, offer to scrape or download bank records, whichever is least inconvenient. Online lending platforms are wary of scraping: customers are understandably reluctant to hand over their passwords.



HP just dropped out of the public cloud – now what?

Fast forward six months, and this week HP announced via a blog post that it is “grounded in the cloud” and will sunset its HP Helion Public Cloud on Jan. 31, 2016. The company said it would not comment any more on the issue. Forrester Research Principal Analyst Dave Bartoletti says that when doubts about HP’s public cloud business direction emerged in the spring, it sent a signal to customers that the company was deprioritizing the public cloud. He says this week’s public admission was good. “It’s important for them to move forward and re-align their strategy,” he says. HP isn’t the first to bow out of the public cloud market or change up its approach.Rackspace last summer announced it would offer managed public cloud services instead of commodity, race-to-the-bottom cloud pricing for IaaS.


Overcoming “New Vendor Risk”: Pure Storage’s Techniques

Here’s the problem, though: these same smaller emerging companies are often doing verycool things that have the potential to solve a whole lot of problems. In today’s rapidly shifting storage market, sticking with the status quo is becoming an unpalatable choice as companies seek to gain the benefits of new features and new platforms. In order to help customers gain a sense of comfort around their platform, Pure Storage has put together a program with three key points, each intended to address important customer concerns. Called Evergreen Storage, this program is intended to help customers maintain their storage investment with Pure. Consider the traditional storage buying cycle. Every few years, you replace what you have and go through a labor-intensive data migration process in order to stand up the new storage and decommission the old.


Bridging Microsoft Word and the Browser

The POI library supports Office Open XML file formats - OOXML. It contains the API to read the various sections of the documents. On loading the document into POI memory, it has all the metadata and content of the document. We can read this information easily by traversing the various sections (e.g. paragraph, table, table cell etc.). However, the generation of HTML equivalent elements is not possible with POI alone. ... Xdocreport is built on POI core and POI-OOXML with generic OOXML-SCHEMAS. It will load the document with the help of POI core and read the content and metadata with the help of poi-ooxml and ooxml-schemas. Since it uses the schema library, it is easy to navigate through the elements of the document. Xdocreport provides the visitor style API to read each section of the document and generate the content in HTML.


Using Automation to Supplement Agility

One of the biggest challenges is that despite the promise of improving the manner in which the application design and development phases proceed, the focus remains on satisfying functional requirements while largely ignoring the data requirements. At the same time, the data design teams often fret about each detail of the model, resulting in designs that often do not resonate with the application development teams. ... Data modeling tools must evolve in lock-step with evolving development methodologies. Adopting aspects of the Agile methodology to enable faster cycling, closely-coupled interactions between designers, developers and their business clients and more rapid turnaround for changes in underlying data architectures. Some facets of the data modeling approaches are prime for renovation.


CIOs And CMOs Must Rally To Lead Change

CMOs will have good partners, though. As they continue to break free of IT gravity and invest in business technology, CIOs will be at their sides. 2016 is the year that a new breed of customer-obsessed CIOs will become the norm. Fast-cycle strategy and governance will be more common throughout technology management and CIOs will push hard on departmental leaders to let go of their confined systems to make room for a simpler, unified, agile portfolio. Firms without these senior leadership efforts will find themselves falling further behind in 2016, with poor customer experience ratings impacting their bottom line. Look for common symptoms of these laggards


Turing Phone: The hacker-resistant smartphone with stretchable storage

"Since data will be stored with a trustworthy tag which belongs to the user who issues the key it doesn't matter where the data is stored, the user may retrieve it when desired. There's always a way to check where the keys are, much like the blockchain technology behind Bitcoin." Underpinning this distributed storage is the security provided by Turing Robotics Industries (TRI), which started out as a company researching decentralised cryptographic keys. In the five years since TRI was established, the firm developed the Identity Based Authentication Infrastructure that will provide the foundation for the system.



Building Microservices With Java

This article does not discuss whether microservices are good or evil,nor whether you should design your app for microservices upfront or extract the services as they emerge from your monolith application. The approaches described here are not the only ones available, but they should give you a pretty good overview of several possibilities. Even though the Java ecosystem is the main focus in this article, the concepts should be transferrable to other languages and technologies. I have named the approaches in this article container-less, self-contained, and in-container. These terms may not be entirely established, but they fulfill their purpose here to differentiate the approaches. I will describe what each means in the sections that follow.


Artificial intelligence can go wrong – but how will we know?

“Deep learning produces rich, multi-layered representations that their developers may not clearly understand,” says Microsoft Distinguished Scientist Eric Horvitz, who is sponsoring a 100-year study at Stanford of how AI will influence people and society, looking at why we aren't already getting more benefits from AI, as well as concerns AI may be difficult to control. The power of deep learning produces “inscrutable” systems that can’t explain why they made decisions, either to the user working with the system or someone auditing the decision later. ... “Backing up from a poor result to ‘what’s causing the problem, where do I put my effort, where do I make my system better, what really failed, how do I do blame assignments,’ is not a trivial problem,” Horvitz explains



Quote for the day:

"Nobody who ever gave their best regretted it." -- George Halas