Daily Tech Digest - August 25, 2017

How Python makes programming simple

Because Python is easy and fast to write, that saves developer time, although this typically comes at the cost of execution time. The same programs in other languages—like C, C++, and Java—may take longer to put together, but they typically run many times faster than a Python app. But Python can also run fast when it needs to, because many third-party libraries for Python are written in faster languages like C. All Python has to do is plug into such a library, and it can run at or close to the speed of those languages when performance matters. Mastering new things in IT is always tricky, whether it’s containerization, devops, or extracting a little meaning from a lot of data. Python is designed to give you a leg up on getting all those things done, both now and into the future.


The current state of government cybersecurity is 'grim,' report says

When it comes to cybersecurity readiness, US government organizations aren't doing so hot. In a recent report from SecurityScorecard comparing the security practices of 18 industries, government ranked no. 16. "In the midst of investigations into a potential 2016 election hacking, regular major malware events, and an overall increase in the number of sophisticated cyberattacks, the report highlights that the government sector is lagging compared to almost every other industry," the report said. For the report, SecurityScorecard analyzed 552 local, state, and federal organizations to see how their security practices stacked up across 10 key categories. The only two industries that ranked lower were telecom (no. 17) and education (no. 18). For government, that's actually an improvement over last year, the report said, when it ranked dead last.


Indian CIOs to benefit from emerging and maturing technologies: Gartner

“This year’s Hype Cycle demonstrates the keen interest Indian organizations are taking in both emerging and maturing technologies,” said Pankaj Prasad, Principal Research Analyst - Gartner. “The market is witnessing the entry of local vendors in emerging, as well as mature, technology segments, including areas such as IoT robotic process automation offerings and machine-learning-based technologies,” added Prasad. ... Some technologies, such as mobile money, social analytics and robotic process automation offerings, will support new ways of doing business across industries. Technologies such as machine learning, IoT and smart city frameworks are of a transformational nature, which will result in a significant transformation within the industry dynamics and in the creation of a new ecosystem.


Susanne Kaiser on Microservices Journey from a Startup Perspective

Microservices come with complexities like multiple independent services, operational & communication complexity, partitioned data, and the complexity of eventual consistency. This comes with challenges of transformation to microservices, such as the need for different skills & tools, and untangling the core functionality; the team still has to take care of the existing system, and the transformation takes longer than anticipated. Kaiser said the monolith to microservices journey in reality is evolutionary. ... The key concept of modeling microservices is loose coupling between the services and high cohesion within a service. The team also identified bounded contexts for microservices with well defined business functions.


Distributed data centers boost resiliency, but IT hurdles remain

Organizations should create an "assurance construct" to address those questions and show CIOs and CTOs how data traverses the network and how failover works, Traver said. That way, the entire business understands the level of resiliency that its infrastructure delivers. At this point, only major public cloud players, such as Google Cloud Platform, have the resources to establish true cloud-based resiliency with complete consistency across all data centers in the network, Lawrence said. "It's probably not something that enterprises will be able to aspire to -- perhaps not at least for the next decade and a half -- but perhaps when they have enough sites and different colos, it might be possible," he said. Ultimately, the kind of resiliency an organization pursues should depend on its applications.


15 noob mistakes even experienced developers still make

If you’re not writing C or C++, Make is probably not your friend. Make launches another compiler process for each file. Most modern languages are not designed to have a separate process launched for each file. Also resolving dependencies in a language like Java using Make is nearly impossible. I once worked at a large network equipment company and shortened its build process from three hours to like 20 seconds by converting its build to Ant. A shell script is also usually a bad move in the end. I recently wrote a shell build for a lab because I didn’t want everyone to have to download a whole Java tool set to run one little lab. I thought it was a good move, but it was a noob mistake (as always) because the next version of the software it depended on broke everything (as always).


.NET Standard 2.0 Is Finalized for Consistent API Usage

The .NET Standard project for Visual Studio 2017, hosted on a GitHub site belonging to the .NET Foundation, was announced last September. Microsoft said .NET Standard will replace Portable Class Libraries (PCLs) as the de-facto tooling story used by developers for building multi-platform .NET libraries. ".NET Standard solves the code sharing problem for .NET developers across all platforms by bringing all the APIs that you expect and love across the environments that you need: desktop applications, mobile apps & games, and cloud services," Microsoft said in a huge blog post (with nearly 200 comments) explaining the standard in detail. Apparently facing developer confusion about exactly what .NET Standard is for, Microsoft has devoted some guidance to explaining it, even pointing to an analogy written by David Fowler.


Why cybercriminals like AI as much as cyberdefenders do

“AI is a hammer that can be used for good or bad,” said Jim Fox, a partner, principal and cybersecurity and privacy assurance leader at PwC. “And if your adversaries have a hammer, you'd better have one, too.” In the right hands, this mighty hammer can do a lot of good. Artificial intelligence software can monitor all network activity and quickly discern odd patterns that could indicate foul play, even if such patterns haven’t been flagged before. It can learn over time to discern truly suspicious behavior from normal patterns. Last year's Petya malware attack made decisions "at machine speed,” says one cybersecurity expert. “Nobody was guiding that malware. They wrote an intelligent program to do all that.”Adobe StockAt the New York-based investment bank Greenhill & Co., Chief Information Officer John Shaffer sought a better way to deal with zero-day attacks.


What do macOS and Android have in common? Both are booming malware markets

macOS hasn't been doing well on the malware front lately. Q2 2017, Malwarebytes says, was bigger for macOS malware than the entirety of 2016. Add to that the discovery of more new macOS malware families in 2017 than any year on record and you have a clear indicator of the vulnerability of Apple computers. The threats facing macOS are different than Android or Windows, which is somewhat good news. Rather than ransomware and malware, which the report says is the smallest concern for macOS, PUPs and adware dominate. Many popular macOS apps have been found to contain threats—even those on the App Store. Popular websites for downloading software, such as Softonic and Macupdate.com, have also been found to contain malicious installers.


Handset makers may need to reboot data collection rules

“The dangers to privacy in an age of information can originate not only from the state but from non-state actors as well. We commend to the Union Government the need to examine and put into place a robust regime for data protection,” the Supreme Court judges said in their ruling. Even before the court’s verdict on Thursday, the government directed 30 handset makers including Apple, Samsung, Micromax and Xiaomi to share the procedures and processes used by them to ensure the security of mobile phones sold in the country by August 28. Handset makers insist they-’re already protecting user data on the phones they sell. “We have always stood for securing the user data. User data on all our devices are fully secure, in compliance with the necessary laws and regulations,” said a spokesperson from Oppo.



Quote for the day:


"Continuous improvement is better than delayed perfection" -- Mark Twain