Daily Tech Digest - July 08, 2017

Robot Says "Culture" - Moving towards Teal

Teal is still just a colour. It is one of a set of colours which represent the pre-dominant state of consciousness of an organization. Influenced by Ken Wilber’s work on Spiral Dynamics, Frederic Laloux helped us reach a deeper understanding of the Teal state of consciousness in his book "Reinventing Organizations". Laloux shows how this state of consciousness has morphed over time with breakthroughs achieved at each stage enabling new methods for working which were not possible in the previous paradigms (colours). Even though the colours appeared over the course of time, this does not mean that one colour replaces another when a new shift occurs. Often, organizations get stuck in one predominant style of thinking due to it being deeply set within its culture, and this is where most organizations find themselves today- stuck.

Anti-Virus Conspiracy Theories Cut Both Ways

In case a theme isn't clear here, it's that the Russian government isn't the only cybersecurity threat in the world. But that doesn't mean any given country's cybersecurity firms are a threat. Back in 2012, for example, Schneier said it was highly unlikely that a government would attempt to compel any domestic cybersecurity firms to whitelist malware, simply because related knowledge would be so difficult to contain. "My guess is that the NSA has not done this, nor has any other government intelligence or law enforcement agency," Schneier said. "My reasoning is that anti-virus is a very international industry, and while a government might get its own companies to play along, it would not be able to influence international companies." Mikko Hypponen, chief research officer at F-Secure, also in 2012 said anti-virus firms collectively "want to detect malware, regardless of its source or purpose," and that "politics don't even enter the discussion, nor should they."

7 Layers of Security Each Business Owner Should Consider

Employees who go off to lunch with their computers on and exposed are inviting hacking, especially if those computers are in more “open” spaces of a business, such as a floor full of cubicles. Users who don’t think simple steps like locking their computers when away from their desktops, can invite an easy outlet for their information to be stolen. It only takes a few seconds for someone to use a memory card and steal your personal information. Another issue is in the disposal of old computers. Sanitizing and wiping procedures of old hard drives are at time not sufficient, and can allow hackers to retrieve information from those drives. There are a number of tools available to allow you to securely erase hard drives, or you can choose to get it done professionally. Physical security is one of the most overlooked aspects of security. If you cannot ensure that your hardware is physically secure, then there are steps you can take to improve security.

Best VPN services of 2017: Reviews and buying advice

In truth, it’s hard to select the best overall VPN. Some services are weaker on privacy, but are significantly easier to use, while others could stand an interface redesign. Nevertheless, the point of a VPN is to remain private and to have your internet activity kept as private as possible. For that reason, we’re choosing Mullvad as the best overall VPN. The interface needs a lot of work, but the company does a great job at privacy. Mullvad doesn’t ask for your email address, and you can mail your payment in cash if you want to. Like many other VPNs, Mullvad has a no-logging policy and doesn’t even collect any identifying metadata from your usage. Mullvad is also fast, even if it’s not the fastest VPN we’ve tested. Add a more user-friendly interface and Mullvad would be nearly unbeatable.

All you need to know about the move from SHA-1 to SHA-2

SHA-2 is the cryptographic hashing standard that all software and hardware should be using now, at least for the next few years. SHA-2 is often called the SHA-2 family of hashes because it contains many different-size hashes, including 224-, 256-, 384-, and 512-bit digests. When someone says they are using the SHA-2 hash, you don’t know which bit length they are using, but the most popular one is 256 bits (by a large margin). Although SHA-2 shares some of the same math characteristics as SHA-1 and minor weaknesses have been discovered, in crypto-speak it's still considered "strong” for the foreseeable future. Without question, it's way better than SHA-1, and any critical SHA-1 enabled certificates, applications, and hardware devices using SHA-1 should be moved to SHA-2.

Analyzing the Anthem Breach Class Action Settlement

"What will be interesting to see will be the kinds of claims that will be made against that [Anthem settlement] fund" Teppler says. "In the end you have [nearly] 80 million people at risk for ... identity theft," including medical identity theft, which can long-lasting ramifications. For example, he points out, if fraudsters make claims for health insurance coverage using stolen identities, those could impair individuals' ability to obtain life insurance because of false medical information being added to their records, he says. While most of the proposed provisions of the Anthem settlement are common in other data breach class action settlements, "one of things a bit novel [in the Anthem deal] is repayment of credit monitoring for already expended funds for victims," Teppler says.

Luna brings visual development to functional programming

Luna’s creators argue that because developers typically start sketching components and dependencies on a whiteboard before coding, it doesn’t make sense to then implement that logic only in text. Software can have thousands of lines of code distributed in hundreds of files, which can trip up the implementation of that visual data flow and application architecture. Tools such as UML architecture diagrams only deal with the symptoms and not the problem’s source, Luna’s creators argue. That’s why Luna features both visual and textual representations. Developers can maintain their coding habits while also having a graphical whiteboard-like interface. Luna’s visual representations reveal structure, behavior, and data flow. It allows prototyping and visual profiling to understand performance bottlenecks.

The next logical step in Google's Android-Chrome OS 'merger'

Google has little by little been bringing elements of Android into the Chromebook world. It started with a very limited and experimental attempt at making some Android apps compatible with Chrome OS devices. Then came the gradual visual alignment, with Android-like fonts and design making their way into one Chrome OS system app after another and eventually seeping into the platform's core interface. Factor in features such as the Android-Chrome connecting Smart Lock, the Android-inspired PIN Unlock, and the availability of the full Play Store on Chromebook devices—not to mention the Chrome-OS-inspired "seamless" update model that came to Android with last year's 7.0 release—and it's easy to see how all these little pieces are adding up to something big.

Intel SSD 545s review: The next great budget SSD has arrived

At $180 for 512GB, the 545s offers all the capacity and cost advantages of TLC NAND plus the sustained write speed of MLC NAND. Hands-on, the 545s was the smoothest, most consistent performer we’ve seen in a while. The OS popped, all types of file operations were silky, and there were no stutters when opening apps. The Samsung EVO is also smooth and consistent, but it drops to around 300MBps writing when it runs out of TLC-as-MLC cache. The EVO, unlike the 545s, does have its RAPID caching software, which can significantly boost everyday performance by using system RAM as cache. We’re not fans of memory caching as it increases the risk of data loss due to power failure, so we’re only mentioning that to ward off comments.

Rethinking what it means to win in security

Consider how it works in retail. A reality of selling goods is “shrinkage.” That’s a fancy way of explaining that goods get lost and stolen. The mindset requires the understanding that a situation where nothing is lost, broken, or stolen is simply unreasonable. Which causes us to consider what a reasonable amount of loss is. ... The key lesson here is that while what is considered reasonable has changed over time, it is not zero. Embedded in this shift is the economy of improvement: each reduction in shrinkage needs to cost less to obtain than the savings it generates. After all, it doesn’t make sense to spend $100 to protect $1. Coupling the cost of improvement with measured reduction in overall impact to the business is a reasonable way to understand success.

Quote for the day:

"What lies behind us & what lies before us are tiny matters compared to what lies within us." -- Ralph Waldo Emerson