Daily Tech Digest - February 23, 2017

Here's why self-driving cars may never really be self-driving

The issue with self-driving vehicles extends well beyond safety; it's also a legal one. As autonomous vehicles gain in popularity, liability questions about who is to blame when an autonomous car crashes are also growing. If an autonomous car crashes, who is at fault? The driver -- even though the car was driving itself? The manufacturer? The developer who created the autonomous software? "Supposed I write a piece of software and it has an inherent flaw. It starts causing injuries and property damage. Am I protected? The answer is: Unlikely," said Michael Overly, a partner and intellectual property lawyer with Foley & Lardner LLP. "People whose property was damaged or they were injured would sue for negligence."

2017 Predictions For AI, Big Data, IoT, Cybersecurity, And Jobs From Senior Tech Executives

The recent success of deep learning in tasks such as image recognition and machine translation has served as a catalyst for investments in and experimentation with AI and Bill Franks, Chief Analytics Officer, Teradata, predicts that “Deep learning will move out of the hype zone and into reality.” Says Franks, sounding a note of caution: “Deep learning is getting massive buzz recently. Unfortunately, many people are once again making the mistake of thinking that deep learning is a magic, cure-all bullet for all things analytics. ... While deep learning will be in place at a large number of companies in the coming year, the market will start to recognize where it really makes sense and where it does not. By better defining where deep learning plays, it will increase focus on the right areas and speed the delivery of value.”

Insecure Android apps put connected cars at risk

While compromising connected car apps might not directly enable theft, it could make it easier for would-be thieves. Most such apps, or the credentials they store, can be used to remotely unlock the vehicle and disable its alarm system. "Also, the risks should not be limited to mere car theft," the Kaspersky researchers said in a blog post. "Accessing the car and deliberate tampering with its elements may lead to road accidents, injuries, or death." While manufacturers are rushing to add smart features to cars that are meant to improve the experience for car owners, they tend to focus more on securing the back-end infrastructure and the communications channels. However, the Kaspersky researchers warn that client-side code, such as the accompanying mobile apps, should not be ignored as it's the easiest target for attackers and most likely the most vulnerable spot.

Fighting the hidden enemy: how can your organisation combat cybercrime?

Administrative frameworks, however, can achieve only so much. When it comes to improving cybersecurity, employees also have a vital role to play. Again, there are two sides to this coin. One concerns the human vulnerabilities associated with cybercrime. As efficient as a firm’s cyber strategy might be, one simple mistake from an employee can render these defences futile. ... At the same time, any internal threats must be treated with this same level of vigilance. As a significant number of cyberattacks reported by organisations are actually carried out from within the company, it is not unreasonable to claim that many of these breaches could have been avoided, had employees been able to recognise that their colleague was stealing valuable information. Again using education as a resource, firms can promote a culture of self-regulation which allows rogue workers to be identified and reported before their efforts are successful.

Reinforcement learning

Reinforcement learning copies a very simple principle from nature. The psychologist Edward Thorndike documented it more than 100 years ago. Thorndike placed cats inside boxes from which they could escape only by pressing a lever. ... Reinforcement learning works because researchers figured out how to get a computer to calculate the value that should be assigned to, say, each right or wrong turn that a rat might make on its way out of its maze. Each value is stored in a large table, and the computer updates all these values as it learns. For large and complicated tasks, this becomes computationally impractical. In recent years, however, deep learning has proved an extremely efficient way to recognize patterns in data, whether the data refers to the turns in a maze, the positions on a Go board, or the pixels shown on screen during a computer game.

Data-related jobs see huge growth in January hirings

Data processing/hosting/related services also had a healthy January, posting 1,200 new jobs. That segment had been adding an average of 233 per jobs per month on average in 2016. Commenting on this segment, Foote noted that employers need to scale to stay competitive. “When they dig their heels into a solution that works, be it in cloud, security, big data, mobile, or digital technology, they tend to add headcount because they know these people will be making contributions for a long time to come,” Foote said. ... “Ideally each new hire must have a measurable impact on the business: they can’t just be a cost item for them. What will drive new job creation in 2017 will be hiring in niche areas such as big data and analytics, information/cyber security, cloud computing, and certain areas of applications development and software engineering like DevOps and digital product development.”

A hard drive's LED light can be used to covertly leak data

The latest hack leverages the LED activity light for the hard disk drive, which can be found on many servers and desktop PCs and is used to indicate when memory is read or written. The researchers found that with malware, they could control the LED light to emit binary signals by flashing on and off. That flickering could send out a maximum of 4,000 bits per second, or enough to leak out passwords, encryption keys and files, according to their paper. It's likely no one would notice anything wrong. "The hard drive LED flickers frequently, and therefore the user won't be suspicious about changes in its activity,” said Mordechai Guri, who led the research, in a statement. To read the signals from the LED light, all that’s needed is a camera or an optical sensor to record the patterns.

A Sweeter Spot for the CDO?

First of all kudos for a correct use of the term Venn Diagram Second I agree that the role of CDO is one which touches on many different areas. In each of these, while as Bruno says, the CDO may not need to be an expert, a working knowledge would be advantageous. Third I wholeheartedly support the assertion that a CDO who focusses primarily on compliance will fail to get traction. It is only by blending compliance work with the leveraging of data for commercial advantage in which organizations will see value in what a CDO does. Finally, Bruno’s diagram put me in mind of the one I introduced in The Chief Data Officer “Sweet Spot”. In this article, the image I presented touched each of the principle points of a compass. My assertion was that the CDO needed to sit at the sweet spot between respectively Data Synthesis / Data Compliance and Business Expertise / Technical Expertise. At the end of this piece,

The March Of Financial Services Giants Into Bitcoin And Blockchain Startups In One Chart

It should be noted, though, that consortia are not included on the chart below. One such example is R3 CEV, which counts a bevy of banks and insurers including Credit Suisse, JPMorgan and Deutsche Bank collaborating to advance ledger solutions and standards that meet banking requirements. R3 has hit a few bumps of late, with Goldman Sachs and Santander – among others – leaving the consortium in favor of private blockchain investments. Among the financial services investors are insurance providers such as TransAmerica, New York Life, and Mitsui Sumitomo Insurance Group (MSIG); payments giants including Visa, MasterCard, and American Express; as well as banks like Mitsubishi UFJ Financial Group (MUFG), Citi, Santander, and Canadian Imperial Bank of Commerce (CIBC).

Amid cyberattacks, ISPs try to clean up the internet

Even when ISPs send warning messages to users, what then? Not every PC user knows how to resolve a malware infection, Clayton said. For ISPs, it can also be a matter of cost. “Of course we want to see ISPs helping, but they are in a competitive market,” he said. “They are trying to cut their costs wherever they can, and talking to customers and passing on a message is not a cheap thing to do.” In addition, ISPs can’t identify every malicious cyberattack. Most hacking attacks masquerade as normal traffic and even ISP detection methods can occasionally generate errors, Clayton said. “If you have a 99 percent detection rate, in an academic paper, that sounds fantastic,” he said. “But that basically means one out of 100 times, you’ll be plain wrong.”

Quote for the day:

"If you don't make it easy for people to do the right thing, you're wasting money on security awareness." -- Angela Sasse