December 28, 2015

The Most Innovative And Damaging Hacks of 2015

Not a week went by in 2015 without a major data breach, significant attack campaign, or serious vulnerability report. Many of the incidents were the result of disabled security controls, implementation errors, or other basic security mistakes, highlighting how far organizations have to go in nailing down IT security basics. ... But looking beyond the garden-variety attacks and vulnerabilities lends great insight into the future of malicious activity and how to defend against it. And 2015 had its share of intriguing invasions, each of which highlighted the modified techniques that lead to new forms of breaches or pinpoint areas in need of new defenses. The past year saw cyber criminals adopting innovative approaches and state-sponsored actors becoming bolder.


Google’s Quantum Dream Machine

Google and quantum computing are a match made in algorithmic heaven. The company is often said to be defined by an insatiable hunger for data. But Google has a more pressing strategic addiction: to technology that extracts information from data, and even creates intelligence from it. The company was founded to commercialize an algorithm for ranking Web pages, and it built its financial foundations with systems that sell and target ads. More recently, Google has invested heavily in the development of AI software that can learn to understand language or images, perform basic reasoning, or steer a car through traffic—all things that remain tricky for conventional computers but should be a breeze for quantum ones. “Machine learning is a core, transformative way by which we’re rethinking how we’re doing everything,” Google’s CEO, Sundar Pichai, recently informed investors.


Big banks battle startups with new apps and services

Startups enjoy three kinds of advantages over more established firms, according to Benjamin Ensor, another analyst at Forrester. “Firstly, they are not regulated. Secondly, [startups] do not have legacy systems that can make it difficult to do new things fast. They are also not constrained by legacy thinking that can sometimes hamper big, hierarchical established firms. Thirdly, startups have often been quicker to embrace new technologies,” Ensor says. Yet tech wizardry alone isn’t enough to help the established players. Instead, CIOs need to work hand-in-hand with CMOs who are developing solutions that “transform the customer experience” while also driving revenue growth, says Forrester’s Condon. That said, established firms such as CBW Bank, Stearns Bank, Barclays and TD AmeriTrade claim to be coming out with new and more astute financial services.


Innovation Risk & Return: Horizons, Uncertainty and the Teddy Bear Principle

The 3 Horizons approach can be used to manage different areas of future business concurrently, albeit with different managerial approaches given the different requirements and characteristics. It can give a view of how innovation and other business-building activity such as M&A could extend a company’s reach into new sectors. It can provide a time horizon to business growth in new and existing areas. It can give a perspective on the potential for new technology platforms and new markets ... Horizon 1 is where most managers feel comfortable. It’s where the highest degree of apparent certainty exists and, intuitively, the lowest risk. It has the highest proportion of incremental projects and rarely presents a “bet the business” option. Horizon 2 has higher corporate uncertainty, and Horizon 3 presents high corporate and industry uncertainty.


The World's Smartest Cities What IoT And Smart Governments Will Mean For You

"A smart city is a city that uses digital technologies or information and communication technologies—connected via an intelligent network—to address challenges within city communities and across vertical industries. These challenges may include parking, traffic, transportation, street lighting, water and waste management, safety and security, even the delivery of education and healthcare. A smart city relies on technological solutions that enhance its existing process to better support and optimize the delivery of urban services, to reduce resource consumption and contain costs, and to provide the means and the opportunities to engage actively and effectively with its citizens, with its visitors and with its businesses."


Mobile internet is now just the internet

First of all, the internet is finally reaching some kind of maturity – at least in the sense that it is a truly global, ubiquitous communications system – and therefore a stable foundation on which all kinds of new things can be run. Secondly, the smartphone will the key to everything for the foreseeable future. And finally, the emerging new tech-world order is a duopoly, consisting of Apple – with its product-design flair and mastery of marketing and supply-chain management – running a high-end, incredibly profitable, tightly controlled ecosystem made up of both hardware and software; and Google, with unchallenged mastery of search, a dominant (though not total) grip on Android, and huge investments in robotics, cloud services and AI controlling the mass market.


Digital leaders at DHL, CVS defend against, exploit digital disruption

Increasingly, DHL is turning to technology to build relationships with package recipients. In Germany, DHL is piloting an unusual partnership with Amazon and Audi that would enable DHL to deliver packages to the trunks of Audi customers. "It's something … that might not be recommended for countries with high security issues because you might find the package, but not the car," Ciano joked. "It's on the high end, the extreme of innovation." ... talent management isn't simply about recruitment; retention is also important, Tilzer said. Rather than lose skilled, in-demand talent to new opportunities outside the company, Tilzer said it's important to figure out how to create similar opportunities within CVS, a strategy that seems to be gaining momentum these days.


AngularJS in Action - An Interview With Lukas Ruebbelke

The first step when approaching performance in any application is to optimize the user experience. The next step is to apply tried and true architectural principles like composing your application with fine-grained, single responsibility units of code. There are still some tricks that you can do to get that extra bit of performance out of your application if you need it. If you are binding to a collection of complex objects, I will sometimes transform those objects into a shallower version of itself that only contains just the properties I need to display. One way data binding is another great optimization if you are not going to need to redraw the view. Manually adding pagination to a large list of items also helps. Anything you can do to reduce the number and complexity of the items you are binding to on the page is going to help.


The Next Wave of Cybercrime Will Come Through Your Smart TV

Smart TVs are essentially computers, with USB ports, operating systems and networking capabilities no different than smartphones. But unlike computers and mobile devices, smart TVs often don't require any authentication. "Basically with these TVs, if you are in the same room, you're always going to be treated like you're the owner of the TV," said Craig Young, a computer security researcher with Tripwire. ... Smart TVs don't run antivirus software, and it's questionable whether that would be a practical solution to stopping cyberattacks. While antivirus software could work, it also could degrade performance, and the question becomes "whether running security software on the TV is going to mean your Netflix is going to become choppy," Young said.


RESTful Considered Harmful

RESTful web service does not natively support many enterprise-grade features of APIs like batching requests, paging, sorting, searching and many others. There are competing suggestions, like query parameters, request headers, etc. I remember an hour long discussion about flexible searching API we had some time ago. ... RESTful web services are CRUD-oriented, rather than business- or transaction-oriented. Countless times we had to carefully map business terms into simple create/update/delete actions. World isn't that simple and not everything can be simply described in create or update sentences. And even if it can, often RESTful endpoints are awfully awkward and artificial.



Quote for the day:


"No amount of source-level verification or scrutiny will protect you from using untrusted code." -- Ken Thompson