Daily Tech Digest - August 07, 2017

WannaCry 'hero' to pay $30,000 for bail, plead not guilty to Kronos trojan charges

Be a “hero” to the internet; come to the U.S. and get arrested. That is the situation that shook the security community when the FBI arrested British security researcher Marcus Hutchins after he left Def Con. Hutchins, aka MalwareTech, was arrested Aug. 2 for allegedly creating the banking trojan Kronos. Earlier this year, Hutchins was dubbed a hero for finding the WannaCry ransomware kill switch and was then doxed by reporters as a show of gratitude. His bail was set at $30,000, yet he spent the weekend in jail because there wasn’t enough time to pay the bail before the clerk’s office closed on Friday. After he is released on Monday, Hutchins will remain in the U.S. with GPS monitoring and go to Wisconsin where he will face a six-count federal indictment;


Why continuous learning is key to AI

Why do you need a machine learning library and what algorithms are important for continuous learning? Recall that in RL one needs to learn how to map observations and measurements to a set of actions, while trying to maximize some long-term reward. Recent RL success stories mainly use gradient-based deep learning for this, but researchers have found that other optimization strategies such as evolution can be helpful. Unlike supervised learning where you start with training data and a target objective, in RL one only has sparse feedback, so techniques like neuroevolution become competitive with classic gradient descent. There are also other related algorithms that might become part of the standard collection of models used for continuous learning


Fintech’s Artificial Intelligence Revolution: The Missing Link

Technology waits for no rules or regulations, and AI is no different. The potential profit associated with innovation economics also contains the risk that machine intelligence will be developed and deployed without thoughtful consideration of the potential perils. And AI brings a unique set of risk challenges. If they are not well managed, we may create new and greater risks. ...  Should something go wrong, we might not be able to define the problem a solution. Already problems with technology not nearly as complex as deep learning have disrupted the markets. There have been six “stock market crashes” due largely to flawed market operations, most notably the “flash crash” of 24 August 2015. And while markets recovered from these crashes rather quickly, the immediate causes were not immediately grasped.


6 Digital Strategies, and Why Some Work Better than Others

Digitization is enabling new, disruptive models that aggressively compete with legacy models, putting material pressure on incumbents’ revenue and profit growth. As incumbents fight back with their own digital strategies, our research shows that they often trigger a second wave of competition, closer to the notion of Schumpeterian imitation where incumbents start themselves to innovate, sometimes aggressively, against the threat of entrants slashing yet more revenue and profit growth. We estimate that on average, both waves of digital competition has taken out half of the annual revenue growth and one third of the growth in earnings from incumbents that have failed to respond to digital.


Open source is powering the digital enterprise

By leveraging broad based collaboration and strong communities of independent developers, open source innovation is transforming the very core of information technology and enabling organizations to win in today’s digital economy. As a community we all gain from these efforts. Technology is now being strategically applied to support the fast-paced and rapidly changing demands of businesses and the customers they serve. In the new digital reality, an organization’s cloud, application, IoT, and data analytics strategies (to name a few) can make or break an organization’s success. Businesses are realizing they are now in the technology business. This drive to meet business needs for innovation has in-part led to a surge in the adoption of enterprise-grade open source technology.


Robots created a language. No need to panic

The emergence of communication between "agents" -- individuals who don't have a common language to start with -- has been studied with the help of computer simulations since the 1990s. The same mechanisms emerged as in the more contemporary work: computer programs, like humans, end up finding optimal ways to communicate. The findings have been exciting to those interested in the origins of language, but they aren't about any kind of diabolical superintelligence. Our distant ancestors, who were not particularly smart, also found ways to talk to folks from other tribes, and to bargain with them if necessary. That machines can do it, too, when set a specific task on which they must work until a set outcome is achieved, is a far cry from Skynet dystopia.


How to (not) use the large object heap in .Net

Copying and moving large objects not only would involve significant overhead for the garbage collector – the GC would need twice as much memory for garbage collection – but moving large objects would be very time-consuming as well. Therefore, unlike the small object heap, the large object heap is not compacted during garbage collection. So, how is memory in the large object heap reclaimed? Well, the GC never moves large objects – all it does is remove them when they are no longer needed. In doing so, memory holes are created in the large object heap. This is what is known as memory fragmentation. One point to note here is that although the GC doesn’t compact the large object heap, it does combine adjacent free blocks in the heap to make larger blocks available.


Six Ways to Curb the Costs of a Data Breach

Missteps happen fast and have serious consequences. One example is customer communications. After a breach, the pressure to communicate quickly with customers can be intense. But ineffective communications can cause panic, dramatically increasing the rate at which customers phone into call centers and sign up for credit monitoring. Credit monitoring alone can cost $5 to $30 per person. Data breach specialists, such as PR consultants or data privacy lawyers, often have seen as many as hundreds of data breaches and are highly practiced at helping you craft a genuine story that keeps confusion – and costs – down. ... In the wake of a breach, a company may be investigated by a number of regulatory agencies. While it’s not guaranteed to occur, it is likely, and there are simple steps you can take to prevent sensational fines if it does.


What Women in Cybersecurity Really Think About Their Careers

Fewer than half came to security via IT or computer science. The rest came from backgrounds in compliance, psychology, internal audit, entrepreneurship, sales, and art. Ten percent say they joined the industry because they "like to break things." "Women in this field say it's actually fun, and they're having a good time. They are feeling they are doing meaningful and impactful work and it's deeply satisfying to them," says Wong, who also conducted deep-dive interviews with multiple women from the survey who were willing to be quoted in the final report. "You don't necessarily have to have a computer science degree to contribute." Nearly three-quarters of them say the value they bring to cybersecurity is their ability to communicate well across cross-functional teams.


Cyberwar: A guide to the frightening future of online conflict

The tools of cyberwarfare can vary from the incredibly sophisticated to the utterly basic. It depends on the effect the attacker is trying to create. Many are part of the standard hacker toolkit, and a series of different tools could be used in concert as part of a cyber attack. For example, a Distributed Denial of Service attack was at the core of the attacks on Estonia in 2007. Ransomware, which has been a constant source of trouble for businesses and consumers may also have been used not just to raise money but also to cause chaos. There is some evidence to suggest that the recent Petya ransomware attack which originated in Ukraine but rapidly spread across the world may have looked like ransomware but was being deployed to effectively destroy data by encrypting it with no possibility of unlocking it.



Quote for the day:


"Mistakes are always forgivable, if one has the courage to admit them." -- Bruce Lee