Daily Tech Digest - September 25, 2017

Deloitte hit by cyber-attack revealing clients’ secret emails

The Guardian understands Deloitte clients across all of these sectors had material in the company email system that was breached. The companies include household names as well as US government departments. So far, six of Deloitte’s clients have been told their information was “impacted” by the hack. Deloitte’s internal review into the incident is ongoing. The Guardian understands Deloitte discovered the hack in March this year, but it is believed the attackers may have had access to its systems since October or November 2016. The hacker compromised the firm’s global email server through an “administrator’s account” that, in theory, gave them privileged, unrestricted “access to all areas”. The account required only a single password and did not have “two-step“ verification, sources said.

Let’s Not Get Physical: Get Logical

In the ideal future, there would be no programmers responsible for data movement. Instead, the data infrastructure would provide the illusion that all data is almost instantly available at the physical point of its need. Data consumers, including data analysts, would log on to a data catalog, shop for, and request the data they needed. That data would be described at a high level, with its business meaning clearly spelled out for both the human and the machine. (We call that computable meaning.) When a user requested data to be delivered to a certain point (perhaps a virtual point in the cloud), the data infrastructure would start copying the data from its origin, using replication techniques—meaning no potentially deforming transformations would be built into the data movement.

How to Survive Wall Street’s Robot Revolution

Consider the junior investment banker, who spends much of his or her time collecting and analyzing data and then creating reports. Consulting firm Kognetics found that investment-banking analysts spend upwards of 16 hours in the office a day, and almost half of that is spent on tasks like modeling and updating charts for pitch books. Machine learning, and natural language processing techniques, are already very good at this. Workers in compliance and regulation have a different worry: Over the last five years, their ranks have doubled, while overall headcount at banks declined 10 percent, according to research by Citigroup. Automating those activities — so-called regtech — could be good news for financial institutions looking to control the rising cost of compliance, and bad news for people looking to keep their jobs.

Data Governance: Just Because You Can, Doesn't Mean You Should

The impact of data use by businesses and government organizations on individuals, communities, and the environment is under constant scrutiny around the world. We are starting to see this formalized with security and privacy regulations such as the EU’s General Data Protection Regulation (GDPR) and the Privacy by Design approach for data systems. But even adhering to legal requirements and compliance regulations will not be enough to protect the business when it comes to ethical data use. Why? Ethical concerns precede legal and compliance requirements. And the stakes are large. Brand reputation is at risk. One wrong move could cause a significant loss, if not the whole business to fail.

Transforming processes with big data: Refining company turns to SAP Process Mining

A key component of the effort to improve process management is SAP Process Mining by Celonis 4.2.0, a process mining software that uses "digital traces of IT-supported processes" to reconstruct what happens in a company. The application shows all of the process variants, and it provides visualization of all currently running processes. The technology is expected to play a critical role in the effort to enhance processes, providing full transparency and analysis so the company can observe business processes directly from the vast data present in IT infrastructure systems such as its SAP enterprise resource planning (ERP) platform. Based on the analytical findings and process key performance indicators (KPIs), the company will be able to identify process improvement opportunities, Rajatora said.

From accounting to code: one woman’s journey to a career in tech

The pressure to find that first role can feel overwhelming, and often people take the first semi-suitable job they find, at the expense of their actual passions. Getting that first experience may well open the doors to something better, but it could also colour your experience of this new industry, for better or worse. As far as I was concerned, I’d had a lot of experience working with traditional banks in my previous role, and spent at least four or five hours each day attempting to complete straightforward tasks across seven banks in five different countries. This meant that fintech and its potential to transform the banking landscape felt like a very attractive prospect to me, and that Starling Bank’s mission was something I felt strongly about.

The Battle for the Cloud Has Not Even Started Yet

The real war will break out when solutions, offered via the cloud, can support business innovation and business differentiation: When cloud solutions drive business benefit directly and not benefits to IT. For that to happen we need to talk about what a business does (its business processes and decisions) and how a business operates, not what IT does and how IT operates. This might seem like a small point but in the overall scheme of things, in the overall war, I think this is a massive point. If I am lucky I might even be around long enough to be proven right (or wrong). So this is where my little framework starts to be useful. Yes, IaaS is a well-known battle field and the armies are out there fighting it out. Of the next battle fronts, PaaS and SaaS will form up. In fact they are forming up already though they are not seen as important yet by many.

Digital is a Strategic Vehicle for Business Disruption

According to the research findings, the top three success factors for customer experience transformation is: 1. customer centric culture, 2. management/leadership buy-in, and 3. visibility into and understanding of the end customer experience. The research also revealed that customer experience (CX) leaders are more likely to be using emerging technologies and creating personalized and omni-channel experiences. CX leaders are also more likely to use data to predict and anticipate consumer needs, understand lifetime value, and track customer advocacy. CX leaders also have a much higher sense of urgency - they believe there is no time to waste in transforming to deliver a superior customer experience. Data is at the heart of meeting the elevated expectations of today’s connected customers.

CISOs' Salaries Expected to Edge Above $240,000 in 2018

A candidate's skills, experience, and the complexity of the role will all need to be taken into consideration when assessing which salary percentile is appropriate. "The midpoint salary is a good indicator of someone who meets the requirements of an open role," Reed says. The midpoint range for CISOs and information systems security managers have improved over the past couple of years. For example, the Dark Reading 2016 Security Salary Survey found the median annual salary of IT security management was $127,000. But fast forward to 2018: the Robert Half Technology survey expects information systems security managers to earn as much as $194,250 if in the 95th percentile salary range, followed by $164,250 for the 75th percentile, $137,000 at the midpoint, and $115,250 at the 25th percentile, according to the report.

Facebook Relents to Developer Pressure, Relicenses React

"We won't be changing our default license or React's license at this time," said Wolff, who apologized "for the amount of thrash, confusion, and uncertainty this has caused the React and open source communities." Furthermore, he said, "We know this is painful, especially for teams that feel like they're going to need to rewrite large parts of their project to remove React or other dependencies." One developer in that camp is Matt Mullenweg -- the main guy behind the popular WordPress platform -- who threatened to redo project Gutenberg, a "block editor" from the WordPress community designed "to make adding rich content to WordPress simple and enjoyable." "The Gutenberg team is going to take a step back and rewrite Gutenberg using a different library," Mullenweg said in a Sept. 14 post.

Quote for the day:

"No plan survives contact with the future. No security is future proof. That's the joy and terror of cyber security." -- J Wolfgang Goerlich‏

Daily Tech Digest - September 24, 2017

How to Get One Trillion Devices Online

I think it’s easy to paint the optimistic picture of what, if we get all of this right, it could mean for our future. One trillion devices isn’t an absurd number. But these types of new technology can be very fragile. It’s interesting comparing CRISPR [the gene-editing technology] to genetically modified crops: GM crops had some bad publicity early on, and that essentially killed the area for a while, whereas CRISPR has had lots of positive publicity: it’s cured cancer in children. IoT will be similar. If there are missteps early on, people will lose faith, so we have to crack those problems, at least to a point where the good vastly outweighs the bad.

The developers vs enterprise architects showdown

Planning out and managing microservices seems like another area where EAs have a strong role for both initial leadership and ongoing governance. Sure, you want to try your best to adopt this hype-y practice of modularising all those little services your organisation uses, but sooner or later you’ll end up with a ball of services that might be duplicative to the point of being confusing. It’s all well and good for developer teams to have more freedoms on defining the the services they use and which one they choose to use, but you probably don’t want, for example, to have five different ways to do single sign-on. Each individual team likely shouldn’t be relied upon to do this cross-portfolio hygiene work and would benefit from an EA-like role instead, someone minding the big ball of microservices.


Human Brain Gets Connected to the Internet for the First Time

“Brainternet is a new frontier in brain-computer interface systems,” said Adam Pantanowitz, ... According to him, we’re presently lacking in easily-comprehensible data about the mechanics of the human brain and how it processes information. The Brainternet project aims “to simplify a person’s understanding of their own brain and the brains of others.” “Ultimately, we’re aiming to enable interactivity between the user and their brain so that the user can provide a stimulus and see the response,” added Pantanowitz, noting that “Brainternet can be further improved to classify recordings through a smart phone app that will provide data for a machine-learning algorithm. In future, there could be information transferred in both directions – inputs and outputs to the brain.”

Impact of Cyber Security Trends on Test Equipment

The trend of applying cyber security practices to test systems makes sense for several reasons, most notably the increased cyber-security incidents that exploit unmonitored network devices. The second reason this trend makes sense is that security practices and technology for general-purpose IT systems are more mature. However, this trend does not make sense categorically for at least two reasons. Primarily, IT-enabled test systems are less tolerant of even small configuration changes. Users of IT systems can tolerate downtime and may not even perceive application performance differences, but special-purpose test systems (especially those used in production) often cannot tolerate them. Second, test systems often have security needs that are unique. They typically run specialized test software not used on other organization computers

This Is What Happens When a Robot Assassin Goes to Therapy

In an email to Singularity Hub, series creator EJ Kavounas said, “With everyone from Elon Musk to Stephen Hawking making dire predictions about the possible dangers of machine intelligence, we felt the character could inject black comedy while discussing real issues of consciousness and humanity’s relationship with the unknown.” Nina starts with Alastair Reynolds, a psychiatrist. During their meeting she explains her past to him, and after watching a recording in which she detonated a missile to kill someone, she breaks into tears. So we know she has feelings—or at the very least, she’s good at faking them. “The biggest thing I try to keep in mind when playing Nina is that everything she does and says was specifically programmed to mimic human behavior and language,” according to actor, Lana McKissack, who plays Nina.

What is cellular IoT and what are its use cases

While LoRa offers the benefit of addressing ultra-low-power requirements for a range of low-bit-rate IoT connectivity, it is faced with a range limitation and must piggyback an intermediary gateway before data can be aggregated and sent to a central server. The cost of deploying multiple gateways for a range of different IoT scenarios would defeat the very economic purpose of using an arguably low-cost solution like LoRa. Moreover, solutions like LoRa are not suited for a wide range of those IoT applications where HD and ultra-HD streaming is a prerequisite. 5G would potentially address a range of both low-bit-rate and ultra-HD IoT connectivity requirements, while also obviating the need to have an intermediary gateway, thus leading to additional cost savings. Moreover, 5G would have the potential to cover as many as one million IoT devices per square kilometer

Gel-soaked conductive ‘fabric’ has potential for energy storage

As electric power becomes more important for everything from ubiquitous computing to transport, researchers are increasingly looking for ways to avoid some of the drawbacks of current electricity storage devices. Whether they are batteries, which release a steady stream of electric current, or supercapacitors, which release a sharper burst of charge, storage devices depend on conductive electrolyte fluids to carry charge between their electrodes. Susceptible to leakage and often flammable, these fluids have been behind many of the reported problems with batteries in recent years, including fires on board aircraft and exploding tablet computers (the later being caused by short-circuiting inside miniaturised batteries).

Lambda vs. EC2

Unlike its predecessors, the underlying Lambda infrastructure is entirely unavailable to sysadmins or developers. Scale is not configurable, instead Lambda reacts to usage and scales up automatically. Instead of using EC2, Lambdas instead use ECS, and the containers are not available for modification. In place of a load balancer, or an endpoint provided by Amazon, if you want to make Lambdas accessible to the web it must be done through an API Gateway, which acts as a URL router to Lambda functions. ... One of the major advantages touted by Amazon for using Lambda was reduced cost. The cost model of Lambda is time-based: you’re charged for requests and request duration. You’re allotted a certain number of seconds of use that varies with the amount of memory you require. Likewise, the price per MS varies with the amount of memory you require.

Artificial Intelligence: The Gap between Promise and Practice

The majority of companies underestimate the importance of rich and diverse data sets to train algorithms, and especially the value of “negative data” associated with failure to successfully execute a task. Talent shortages and unequal access to data engineers and AI experts compound matters. Privacy and other regulations as well as consumer mistrust also temper progress. Whereas such barriers may be expected to decrease over time, there are also more subtle barriers to AI’s adoption that will need to be overcome to unlock its full potential. Algorithmic prowess is often deployed locally, on discrete tasks; but improved learning and execution for one step of a process does not usually improve the effectiveness of the entire process.

Researchers Develop Solar Cells That Can Be Sewn Onto Clothing

“The ideal wearable portable solar cell would be a piece of textile. That exists in the lab but is not a sellable product.” This new research from the RIKEN and Tokyo teams has taken that textile a big step forward from lab curiosity to actual product. What they have done is create a cell so small and flexible that it could, in time, be seamlessly woven into our clothing, rather than awkwardly placed on the outside of a jacket. These solar cells are phenomenally thin, measuring just three millionths of a meter in thickness. Given a special coating that can let light in while keeping water and air out, the cell was able to keep efficiently gathering solar energy even after being soaked in water or bent completely out of its original shape.

Quote for the day:

"Change is the end result of all true learning." -- Leo Buscaglia

Daily Tech Digest - September 23, 2017

Domain-Driven Design Even More Relevant Now

Compromises and trade-offs in software are unavoidable, and Evans encouraged everyone to accept that "Not all of a large system is going to be well designed." Just as "good fences make good neighbors", bounded contexts shield good parts of the system from the bad. It therefore stands to reason that not all development will be within well-defined bounded contexts, nor will every project follow DDD. While developers often lament working on legacy systems, Evans places high value on legacy systems, as they are often the money makers for companies. His encouragement for developers to "hope that someday, your system is going to be a legacy system" was met with applause.

At its most basic level, the monetary system is built around the idea of storing and transferring value. Banks are not going to disappear; there are still high-level efficiencies and advantages to having banks aggregate stored value and deploy it at a targeted rate of return. For example, a bank can write thousands of mortgages and then securitize a portion of said mortgages; this is never going to be a process suitable for the crowdfunding model. Blockchain technology creates numerous benefits across industries and applications, especially in regard to value-transfer. Banks can realize extraordinary efficiencies, streamline their back-office functions and reduce risk in the process. Smart contracts introduce the added dynamic of constraints and conditional operations for transferring or storing value only when certain conditions have been met and verified.

The Digital Twin: Key Component of IoT

In the real world, this might be a machine going into different fault and run states, where the effect of an input on the machine's state depends on the state the machine is in at the time. If I go far enough back in time, I realize that my system did receive an input "A", and so by the rules of my system, the later "B" results in my model producing the output "X". However if I don't go back far enough, I will think that I only got a "B", and the output should be "Y". But how far back is "far enough"? The input "A" might have arrived 100 milliseconds ago, or it might have arrived yesterday, or just before the week-end. Which means that I cannot just pick up and run my model over a selected time period any time I want to get an answer -- apart from the sheer impracticality of crunching the numbers while the User waits for an answer.

How Startups Can Source Data To Build Machine Intelligence

Data is the fuel of the new AI-based economy. Companies, consumers and web-connected devices create terabytes of data that enforce AI research and innovation. Some companies, like Google and Facebook, acquire data thanks to their users who provide ratings, clicks and search queries. For other companies, data acquisition may be a complicated process, especially if they need an enterprise solution for a limited number of members instead of a one-size-fits-all solution for millions of users. Luckily, the emerging AI markets offer a broad range of options for companies to kickstart their AI strategies. As a venture studio partner, I see startups struggling with sourcing the initial data sets for their business problems. That's why I've listed the most popular ways young companies can source data for their AI businesses.

The Challenges of Developing Connected Devices

Many startups can afford to be scrappy at the start and only have a few employees while gaining momentum; when your product is a connected device it is more difficult to build a small team with the range of skills needed to launch a successful product. Luckily, there are plenty of external resources available to these companies that can help. If a founding team is strong with hardware, they can use an agency in order to get their first software suite built. There are also services that they can leverage to help with the build and distribution chain. Any place where work can be offloaded in order to focus on value increases their chances of success. They can then start hiring out a team to save money once they have traction.


New alliance advocates the blockchain to improve IoT security, trust

The alliance says that the groups' open-source tools and property will help the enterprise register IoT devices and create event logs on decentralized systems, which in turn will lead to a trusted IoT ecosystem which links cryptographic registration, "thing" identities, and metadata ... "The world is beginning to recognize the potential of blockchain technology to fundamentally reshape the way business is done globally - and we're still just scratching the surface," said Ryan Orr, CEO of Chronicled. "At this early stage we think it's vitally important to establish an inclusive framework that ensures openness, trust, and interoperability among the many parties, in both the public and private sectors, that we believe will begin to adopt blockchain technology over the next several years."

Ethereum’s inventor on how “initial coin offerings” are a new way of funding the internet

In general, you know that when you have public goods, public goods are going to be in very many cases underfunded. So the interesting thing with a lot of these blockchain protocols is that for the first time you have a way to create protocols and have protocols that actually manage to fund themselves in some way. If this kind of approach takes off, potentially, it could end up drastically increasing the quality of bottom-level protocols that we use to interact with each other in various ways. So ethereum is obviously one example of that, we had the ether sale, and we got about $8 to $9 million by, I guess, basically selling off a huge block of ether. If you look at lots of cryptocurrencies, lots of layer-two kind of projects on top of ethereum, a lot of them tend to use a similar model.

New Theory Cracks Open the Black Box of Deep Learning

It remains to be seen whether the information bottleneck governs all deep-learning regimes, or whether there are other routes to generalization besides compression. Some AI experts see Tishby’s idea as one of many important theoretical insights about deep learning to have emerged recently. Andrew Saxe, an AI researcher and theoretical neuroscientist at Harvard University, noted that certain very large deep neural networks don’t seem to need a drawn-out compression phase in order to generalize well. Instead, researchers program in something called early stopping, which cuts training short to prevent the network from encoding too many correlations in the first place.

How to Measure Continuous Delivery

Continuous delivery is all about improving the stability and speed of your release process, so unsurprisingly you should measure stability and speed! Those are intangibles, but they’re not hard to measure. In How To Measure Anything, Douglas Hubbard shows how to use clarification chains to measure intangibles - you create tangible, related metrics that represent the same thing. Luckily for us, the measures have been identified for us. In the annual State Of DevOps Report Nicole Forsgren, Jez Humble, et al. have measured how stability and throughput improve when organisations adopt continuous delivery practices. They measure stability with Failure Rate and Failure Recovery Time, and they measure throughput with Lead Time and Frequency. I’ve been a big fan of Nicole and Jez’s work since 2013

The Decline of the Enterprise Architect

No matter their place in a lumbering bureaucracy or how many eye-rolls they may inspire among developers, these people are smart, competent, and valuable to their organizations. So my opinions and criticisms have nothing to do with the humans involved. That said, I think this role is on the decline, and I think that’s good. This role exists in the space among many large software groups. In the old days, they coordinated in elaborate, mutually dependent waterfall dances. These days, they “go agile” with methodologies like SAFe, which help them give their waterfall process cooler, more modern sounding names, like “hardening sprint” instead of “testing phase.” In both cases, the enterprise architect has a home, attending committee-like meetings about how to orchestrate the collaboration among these groups.

Quote for the day:

"Your excuses are nothing more than the lies your fears have sold you." -- Robin Sharma

Daily Tech Digest - September 22, 2017

6 Mistakes that will kill your Agile transformation even before it begins

Scrum, DevOps, SAFe, Kanban, Continuous Delivery. With so many different buzz words floating around the Agile sphere, it can be easy for companies to get excited and bite off more than they can chew. Every organization is different in its readiness to adopt Agile and needs to carefully consider many factors when deciding how to start the journey. Smaller organizations or teams such as start-ups or IT departmenst of larger companies may be able to immediately start practicing Scrum. On the other hand, larger organizations that have traditionally worked in a waterfall fashion or are in heavily regulated industries, may find it difficult to make the big changes that accompany a framework such as Scrum. As a result they may get discouraged or quit altogether if they run into problems, early on.

Q&A on the Book "Humans vs Computers"

Modern software delivery is a constant struggle to abstract, simplify and model some part of the real world into a useful automated process. However, lack of domain knowledge, time pressure and imperfect information often lead us to oversimplify the real-world, so edge cases fall through the cracks. For example, complex distributed systems built around microservices often require some kind of production monitoring that tries to process transactions end-to-end with test data, and remove those test cases at the end of a successful check. It's difficult to imagine how something like that can cause serious damage, until you know that someone called Jeff Sample ended up stranded in Buenos Aires when the airline operating the connecting flight deleted his ticket without any trace.

EU’s new data privacy law creates headaches for U.S. banks

“A European data subject can make requests on what data the bank has on it, and can make changes and request deletion of the data,” said Roth, who is a former chief privacy officer at American Express. “These require business practices that banks don’t have in the U.S.” Companies with multiple legacy systems will face one of the toughest challenges, Dingle said. “The first problem you will have when you deal with GDPR is that you have to somehow be able to reconcile how the data flows between all these different databases, even though they were made in different times, they may have different formats [and] the data might be called something different,” she said. “That’s why a lot of these beautiful ideas of GDPR are very difficult in reality for people to execute on.”

Training soft skills into AI technology

While it was once thought that computers would never be able to demonstrate true emotional intelligence, examples are starting to blur those lines. In one study, computers were able to detect criminals with a high degree of accuracy just by looking at their facial features and movements. This means they’re getting good at reading people, a key social attribute that aligns with some degree of EQ. Closer examination shows that while the computers may be able to read people, that doesn’t necessarily mean they can understand people. They were able to pick out the criminals by analyzing incredible amounts of data about facial features. The decisions the computers made were based not on insight, but on algorithms. There are plenty of similar examples in which a machine can demonstrate the appearance of empathy when they’re actually just running the numbers.

Digital Disruption Demands Demystification

There are several broad themes to this year’s hype cycle, with a particular focus on disruption and disruptive opportunities. In the context of disruption, some of these are still at the innovation trigger stage–being used by some brave souls willing to take a change and deal with challenges of new technologies (or applications of technology). Broadly, Gartner sees AI and human-centered design in this stage. Further along the curve is customer experience and intimacy. Some grouping are moving toward the trough of disillusionment, as the hype grows without being replaced by enough tangible examples and paths to success. Finally the core areas of the Nexus of Forces (cloud, mobile, social, and information) are rapidly moving toward the plateau of productivity. Exploring the details will help you have appropriate expectations as you embark on your change initiatives.

What Is Edge Computing And How It's Changing The Network

Edge computing is a “mesh network of micro data centers that process or store critical data locally and push all received data to a central data center or cloud storage repository, in a footprint of less than 100 square feet,” according to research firm IDC. It is typically referred to in IoT use cases, where edge devices would collect data – sometimes massive amounts of it – and send it all to a data center or cloud for processing. Edge computing triages the data locally so some of it is processed locally, reducing the backhaul traffic to the central repository. Typically, this is done by the IoT devices transferring the data to a local device that includes compute, storage and network connectivity in a small form factor.

Three ways the Internet of Things and the GDPR will impact Third Party Risk

With the IoT, the impact could potentially be even more threatening. Instead of “just” stealing data, an IoT hack could potentially take over the functionality of the device being hacked. For example, a IoT-hacked car could be driven off the road, or the systems and controls of a home could be manipulated. Another issue is the potential loopholes in firewalls – giving access to networks – that a poorly-designed IoT device could provide ... The GDPR explicitly introduces a general mandatory notification regime. When there is a personal data breach, a supervisory authority needs to be notified within 72 hours once an organization becomes aware of a breach, and impacted individuals must also be notified if a certain threshold is met.

The Top 10 Adages in Continuous Deployment

Continuous deployment involves automatically testing incremental software changes and frequently deploying them to production environments. With it, developers' changes can reach customers in days or even hours. Such ultrafast changes have fundamentally shifted much of the software engineering landscape, with a wide-ranging impact on organizations' culture, skills, and practices. To study this fundamental shift, researchers facilitated a one-day Continuous Deployment Summit on the Facebook campus in July 2015. The summit aimed to share best practices and challenges in transitioning to continuous deployment. It was attended by one representative each from Cisco, Facebook, Google, IBM, LexisNexis, Microsoft, Mozilla, Netflix, Red Hat, and SAS.

Java SE 9 and Java EE 8 Released Today

"Introducing a module system into a language and platform like Java SE, 20 years after its creation, when a large portion of the world's systems are running on it, is a very serious change," said George Saab, ... Once developers get used to it, modularity has the potential to make their lives easier by allowing them to, as Oracle puts it, "reliably assemble and maintain sophisticated applications." The module system reduces the size and complexity of both Java applications and the core Java runtime itself. It also makes the JDK more flexible, allowing developers to bundle just those parts of the JDK that are needed to run an application when deploying to the cloud. "This version of Java SE will provide millions of developers [with] the updated tools they need to continue building next-generation applications with ease, performance and agility," Saab said today in a statement.

Five changes to the way people will use banks in the future

While banks in the past have taken something of a one-size-fits-all approach, expect services to become much more tailored to your individual needs in the future. Behind this development will be data - or, rather, the more intelligent use of data - by banks. From the way we spend our money to the things we actually buy and the devices we use to log in to our account, banks can use data to build unique profiles of their customers. There are also external data points that can be used, from social media profiles for example. Of course, no bank should be using any of this data without the customer’s explicit consent, but the potential for highly personalised banking services should be a strong draw for many people. For instance, who wouldn’t appreciate discount offers on items you buy regularly sent directly to - and redeemable through - their smartphone?

Quote for the day:

"Anyone who lives within their means suffers from a lack of imagination." -- Oscar Wilde

Daily Tech Digest - September 21, 2017

Manage access control using Redis Bitfields

Access control based on action is a flexible, granular approach to securing your resources. Each user is given a list of things they can do and when the user attempts to perform any action, you check the user’s capabilities against what is required of that action. Sounds simple enough, right? This can be a tricky thing to code and it has to be as fast as possible because whatever latency, transit, or computation time this step requires is overhead that cuts into the processing you need to do with the rest of your app (likely stuff you care more about than capabilities and privileges). First, let’s look at a highly efficient way of storing capabilities and later we’ll explore some more advanced functionality. The heart of this approach is to use binary data, which might seem strange. Redis, unlike many databases, can manipulate and store binary data directly.

What Is A Fileless Attack? How Hackers Invade Systems Without Installing Software

Fileless malware leverages the applications already installed on a user's computer, applications that are known to be safe. For example, exploit kits can target browser vulnerabilities to make the browser run malicious code, or take advantage of Microsoft Word macros, or use Microsoft's Powershell utility. "Software vulnerabilities in the software already installed are necessary to carry out a fileless attack, so the most important step in prevention is patch and update not only the operating system, but software applications," says Jon Heimerl, manager of the threat intelligence communications team at NTT Security. "Browser plugins are the most overlooked applications in the patch management process and the most targeted in fileless infections."

Google tightens grip on Android hardware with HTC deal

Google never entirely quit the hardware business. Since selling Moto, it has continued to release smartphones and tablets under its own brand, but these were designed and manufactured by other companies, including LG and HTC. Now Google is taking greater control of that design process, paying US$1.1 billion to HTC to acquire the team behind its Pixel devices. It will also receive a non-exclusive license to some HTC intellectual property, the companies said Thursday. The number of HTC employees affected by the deal is around 2,000, according to Reuters. The deal won't give Google any manufacturing capabilities: It will still have to outsource that work to others. And it won't knock HTC out of the smartphone market altogether: It still has a team working on the successor to its U11 flagship, launched earlier this year

DDoS protection, mitigation and defense: 7 essential tips

“A disaster recovery plan and tested procedures should also be in place in the event a business-impacting DDoS attack does occur, including good public messaging. Diversity of infrastructure both in type and geography can also help mitigate against DDoS as well as appropriate hybridization with public and private cloud," says Day. “Any large enterprise should start with network level protection with multiple WAN entry points and agreements with the large traffic scrubbing providers (such as Akamai or F5) to mitigate and re-route attacks before they get to your edge. No physical DDoS devices can keep up with WAN speed attacks, so they must be first scrubbed in the cloud. Make sure that your operations staff has procedures in place to easily re-route traffic for scrubbing and also fail over network devices that get saturated,” says Scott Carlson, technical fellow at BeyondTrust.

The Dangers of the Hackable Car

As vehicles fill up with more digital controls and internet-connected devices, they’re becoming more vulnerable to cybercriminals, who can hack into those systems just like they can attack computers. Almost any digitally connected device in a car could become an entry point to the vehicle’s central communications network, opening a door for hackers to potentially take control by, for instance, disabling the engine or brakes. There have been only a handful of successful hacks on vehicles so far, carried out mostly to demonstrate potential weaknesses—such as shutting down moving a car and taking control of another’s steering. But security experts paint a grim picture of what might lie ahead. They see a growing threat from malicious hackers who access cars remotely and keep their doors locked until a ransom is paid.

Microsoft launches data security technology for Windows Server, Azure

Microsoft claims the service, called Azure confidential computing, makes it the first public cloud provider to offer encryption of data while in use. Encrypting data while it is being manipulated is pretty CPU-intensive, and there is no word on the performance impact of this service.  “Despite advanced cybersecurity controls and mitigations, some customers are reluctant to move their most sensitive data to the cloud for fear of attacks against their data when it is in use,” Mark Russinovich, Microsoft Azure CTO, wrote in a company blog post. “With confidential computing, they can move the data to Azure knowing that it is safe not only at rest, but also in use from [various] threats.” Azure confidential computing uses a trusted execution environment (TEE) to ensure there is no way to view data from the outside, such as via a bug in the OS or a hacker who has gained admin privileges.

CIO interview: John Mountain, Starling Bank

Starling even offers software development kits to third parties to make it easier for them to develop services for its customers. “For the most commonly used languages, we do half the work for them,” he says. “This is what companies like Apple do. They say ‘there is an API [application programming interface] but we want to go a bit richer than that’ and do some of the coding themselves.” In fact, Mountain wants anything that is not core to the business, whether it be accounting software or a customer money management service, to be supplied while Starling’s internal team focuses on core competencies. “We visualise our platform as a series of concentric circles, where we ask ourselves how fundamental to the business a certain piece of software is,” he says. “Everything judged to be at the core of the operation we write ourselves.

Assemble tools to address IT compliance standards up the stack

Security and compliance work hand in hand. The threat landscape is more complex due to distributed applications being broken down into components, an increased variety of end points and dispersed data centers. "An increase in the volume and complexity of cybersecurity breaches and the potential damage that those events have on both business operations and brand reputation [are] driving greater demand for IT and security and risk management solutions," said Angela Gelnaw, security products and solutions analyst at IDC. Consequently, businesses take an expensive, multi-tiered approach to secure information. IDC expects enterprise security spending will increase from $73.7 billion in 2016 to $101.6 billion in 2020. The compound annual growth rate of 8.3% is more than twice the rate of overall IT spending that IDC predicts during the five-year forecast period.

What's Holding Blockchain Back From Large-Scale Adoption?

For those of us who believe wholeheartedly in the future of this technology, it’s up to us to figure out how we can best explain what’s actually happening and why it’s important. For example, I recently spoke at the 100x Blockchain Online Summit, and it was enthralling to dive into such deep use cases and talk through specific problems that blockchain can solve, one of which was counterfeiting in big pharma. But to an everyday consumer, or even someone with a strong tech background, the terminology alone creates some roadblocks. The biggest reason education is the first obstacle is that you have to consider who really needs to buy into using blockchain technology in order for it to scale. It’s not just theorists and coders. It’s CEOs, heads of marketing and business development, even investors who are going to decide to foot the bill—or invest in the Ethereum platform, period.

How to choose a database for your mobile apps

To require an Internet connection for mobile applications is to live in the past. If apps rely on a connection, odds are high that the experience will be sluggish and unpredictable. To avoid reliance on the network, providers of databases and cloud services have added synchronization and offline capabilities to their mobile offerings. Solutions like Couchbase’s Couchbase Mobile, Microsoft’s Azure Mobile Services, Amazon’s Cognito, and Google’s Firebase offer the all-important sync that enables apps to work both online and offline.  With so many offerings available, how does a mobile developer select the right technology for the right application? The following six key criteria are most important when evaluating mobile solutions: platform support, security, modeling flexibility, conflict resolution, sync optimization, and topology support.

Quote for the day:

"A treasured memory is the lasting gift of time well spent." -- Tim Fargo

Daily Tech Digest - September 20, 2017

Cybercriminals Are Using Big Name Apps To Target Unwitting Consumers

When the victim runs an app that the malware is able to simulate (a banking app, for example), it overlays this with its own fake window to steal the bank card details of the victim. The Trojan has an identical interface, with the same colour schemes and logos, which creates an instant and completely invisible overlay. So victims of the scam may not even realise that they’ve been infected. The Trojan also steals all incoming SMS messages and sends them to the cybercriminals’ Command-and-Control servers, allowing them to get access to the one-time passcodes sent by some banks to verify online banking transactions, or other messages sent by taxi and ride-sharing services. Faketoken can also monitor the victim’s calls, record them, and transmit the data to the cybercriminals’ servers.

Blockchain technology could be even more disruptive than Amazon was 2 decades ago

The highly-respected JPMorgan Chase CEO was asked last week at a global financial services conference in New York to share his thoughts on bitcoin—which can be as polarizing as President Trump. Some people love the cryptocurrency, some people hate it. bAlthough he likes blockchain technology, which bitcoin is built on top of, he began by saying he would fire any JPMorgan trader who was caught trading bitcoin, which he went on to call “stupid,” “dangerous” and “a fraud.” Dimon, who’s decidedly in the latter camp, didn’t mince his words. “You can’t have a business where people can invent a currency out of thin air,” he said. With all due respect to Dimon, some might point out that “inventing a currency out of thin air” is how we got Federal Reserve Notes and other forms of paper money in the first place. Even he admits this:

Cloud Adoption Hindered by Legacy Network Architecture

“The survey revealed an incredible level of agreement by decision makers that their network infrastructures must change in order to have a successful cloud strategy and their pace of implementing next generation networking impacts their ability to realize the full benefits of digital transformation,” survey authors stated. Ninety percent of respondents agreed that legacy network infrastructure cannot keep up with the demands of modern network infrastructure. More healthcare organizations are considering and deploying cloud-based solutions for their infrastructure and many are met with networking roadblocks that can’t be resolved without upgrading the network. Adopting a cloud solution requires organizations to migrate data from their legacy solution.

The 5 Most Exciting University AI Projects

Artificial Intelligence is one of the most exciting fields of growing technology. There are incredible advancements in AI happening on a regular basis. Many of the top universities around the world are involving themselves in some very interesting and exciting AI projects. These projects cover a pretty wide range of subjects and objectives, but they all aim to make very interesting and exciting advancements in the field of artificial intelligence. Universities ranging from the University of Washington to Carnegie Mellon to Harvard and Oxford are putting their best and brightest minds towards some very intriguing AI projects. There are a great deal of exciting and interesting artificial intelligence projects happening at universities all over the world, and these are the 5 most exciting projects.

79% of AI leaders expect employees to work comfortably with robots by 2020

The top three barriers to AI adoption in the enterprise are information security concerns, lack of clarity about where to apply AI most effectively, and siloes within the organization, especially between IT and other areas, the report stated. Genpact found that AI leaders take several steps to foster a culture that embraces the technology that laggards do not. For example, 71% of leaders allocate resources and funding toward AI-related technologies, compared to just 9% of laggards. More than half of leaders allow a training and development culture to learn new skills, compared to 15% of laggards. And nearly 60% of leaders report that their middle managers "think out of the box" and encourage innovation, while only 14% of laggards said the same.

Only 3% of Companies’ Data Meets Basic Quality Standards

We often ask managers (both in these classes and in consulting engagements) how good their data needs to be. While a fine-grained answer depends on their uses of the data, how much an error costs them, and other company- and department-specific considerations, none has ever thought a score less than the “high nineties” acceptable. Less than 3% in our sample meet this standard. For the vast majority, the problem is severe. ... The cost of these findings is difficult to predict with much precision. Still, most find a good first approximation in the “rule of ten,” which states that “it costs ten times as much to complete a unit of work when the data are flawed in any way as it does when they are perfect.” For instance, suppose you have 100 things to do and each costs a $1 when the data are perfect.

Why Dropbox decided to drop AWS and build its own infrastructure and network

Williams says for Dropbox, building the network was a business decision and it has had a positive impact on the business overall. “I think it could be argued in fact that anyone who has built a decent-sized network like this has had some effect on the business in a positive way that is actually building trust for the user and getting more users to adopt the product or service based on the quality of the service” Williams explained. The new system has certainly had a positive impact on Dropbox’s reputation with enterprise IT too. Back in the day, Dropbox often had a bad rep with IT because of unauthorized usage inside large organizations. Today, the Dropbox Business line of products combined with this in-house infrastructure and network has created a level of trust they didn’t have before.

Three Things about Networks That Every CIO Should Have on their Agenda

Within the next five to ten years, business will be transformed by digital technology, on a much larger scale than seemingly possible at first glance. Everything will be part of a globally-interconnected IT infrastructure, the Internet of Things (IoT). The IoT provides a flood of sensory data to big data analytics and allows for real-time (or near real-time) interactivity. Whatever industry, the IT network will become the foundation of every business. For example, car manufacturers are preparing for a future when cars are not simply hardware that takes us from A to B, but interconnected software platforms that provide an individualized user experience to drivers. Forklift manufacturers will provide forklifts as a service with cloud-based management and fault monitoring. The list goes on and on.

Onboarding For The Digital Workplace: Get Employees To Productivity Faster

A key theme we focus on when working with clients is clarifying what business value they will derive from their efforts. One way to do that is to create use cases for different Digital Workplace scenarios. This is so critical that it led us to develop use case catalogs with two recent clients. Each use case highlights a business scenario or process, its business outcomes, steps to achieve it, and the related success story. This has become an important tool for socializing digital working across the organization, and is sometimes even a roadmap for a new team to follow until their own unique use cases become clear. The success of this approach got me thinking that it would be helpful to share a use case example so that anyone who’s looking to better understand the Digital Workplace can see the power behind it.

How the Financial Sector is Preparing for its AI-led Future

Not only is there no going back on AI, there’s a very clear imperative to go fast-forward. In less than a decade, a whole new Generation Z will join the Millennials as the most important customers of banks. These customers, beyond tech-savvy, will be tech-innate, juggling 5 screens at a time, communicating with images, and shunning text and touch interfaces in favor of the instantaneity of voice-based commands. Understanding and serving their needs will require more than the average human ability. It will require man and machine to work together more symbiotically so people can then prepare for roles and jobs that don’t yet exist – like product predictors, customer-trend readers, maybe even managers of digital currency portfolios. The possibilities are only just beginning to emerge.

Quote for the day:

"My failures have been errors in judgment, not of intent." -- Ulysses S. Grant

Daily Tech Digest - September 19, 2017

Can DevOps deliver on digital potential?

If a developer cannot easily see how to get their code into production, or the path that needs to be taken is convoluted, then, for Hill, chances are features are not being released as quickly as they could be. The situation at JLR, which is unique to certain industries such as automotive, is that there is heavy use of embedded devices. “When we are putting software into vehicles, we do not have the luxury of a web developer,” said Hill. Clearly, it is not feasible to spin up a fleet of vehicles to run automated test suites. Instead, he says the team has to rely on virtualisation and software-based infrastructure to enable it to build code that is representative of the operating environment of a production vehicle. People often argue that the cultural change is harder than the technological change, but like JLR’s heavy reliance on embedded systems, some technologies can prove immutable.

Measuring the economic value of data

On the value side of the equation, there is not a well-defined measure for data value. The value of data is really a measure of business value as a result of using or analyzing that data in some way. In addition, there is a correlation between the amount of data kept, how accessible that data is, and its value. For example, having more data makes all of the data more valuable if the use of the data depends on a historical trend. For example, use of machine learning is already changing the value of larger data sets because most machine learning algorithms work better when trained with large amounts of data. The area under the curve represents the amount of data that is created but not stored because its value is perceived to be lower than the cost to keep it.

Future Cyber Security Threats & Challenges: Are You Ready For What's Coming?

The increasing depth and volume of personal and corporate data make it a more rewarding target for cyber crooks and state-sponsored espionage or sabotage. At the same time, greater connectivity provides more potential attack vectors. This makes industry, governments and individuals uneasy and unsure how to prepare. Predicting the exact nature of future threats and how to combat them is difficult, but a new study from The Internet Society (ISOC) offers credible insight. ISOC was founded by internet pioneers Vint Cerf and Bob Kahn in 1992 “to promote the open development, evolution, and use of the Internet for the benefit of all people throughout the world.” On September 18, ISOC released its Paths to our Digital Future report, which sheds light on how the development of the internet might continue to service everyone.

Amazon innovation chief: 'We are failing and will continue to fail'

"It was this willingness to fail and trying to get things right eventually finally that led us to this very beneficial way of doing business," Misener said. The key to innovation is experimentation, Misener told the crowd. And to experiment, you have to fail. "The whole idea is this: if you really want to be innovative, you have to experiment. If you know the outcome of what you're going to do, it's not an experiment. It's more like a demonstration." Misener said too many people confuse real experiments with the type of you do in a school science class. "Undoubtedly your teacher knew what the outcome was supposed to be and you probably knew what the outcome was supposed to be," he said. "The reason? You weren't doing an experiment, you were just rehashing an experiment that was done decades, maybe centuries ago.

Hackers compromised free CCleaner software, Avast's Piriform says

Talos researcher Craig Williams said it was a sophisticated attack because it penetrated an established and trusted supplier in a manner similar to June’s “NotPetya” attack on companies that downloaded infected Ukrainian accounting software. “There is nothing a user could have noticed,” Williams said, noting that the optimisation software had a proper digital certificate, which means that other computers automatically trust the program. In a blog post, Piriform confirmed that two programs released in August were compromised. It advised users of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 to download new versions. A spokeswoman said that 2.27 million users had downloaded the August version of CCleaner while only 5,000 users had installed the compromised version of CCleaner Cloud.

Progressive web apps in Microsoft Edge: What you need to know

Under the hood of a progressive web app is a new HTML feature, the service worker. Service workers take what would have been server functionality and bring it into your web content—along with adding support for some native platform-like features. It’s that ability to abstract the web server that makes progressive web apps attractive, because the same underlying web code will work on the web for devices that don’t support progressive web apps, increasing your reach and making sure that users on other platforms aren’t left out. Service workers are event-driven scripts that respond to actions from your UI or from other service workers, giving you a simple structure that can support increasingly complex code. They’re not intended to work with your content—they send messages to and from the page, with familiar JavaScript code and libraries handling layout.

Why end-to-end encryption is about more than just privacy

Duric says the information security community should work on raising awareness about the need for privacy among regular people/Internet users. At the moment these efforts are being obstructed by Internet conglomerates, he notes, just as the tobacco industry hindered awareness raising about the dangers of smoking and passive smoking all those years ago. But those who were fighting the good fight persevered, and today everybody knowns about those dangers, and can choose for themselves whether the option is worth the risk. People need to be aware that the great power Internet giants have over us could lead to great abuses, and ask themselves what can go wrong if they choose not to protect their communications. But also, companies that sell security need to find good ways to do it – adapt methods that have worked in the past for other vendors, both for physical and digital security.

Cyber security: Media companies cannot afford to ignore risks

"Ultimately, when a company is faced with losing $10 million a day, or paying a $10 thousand ransom, executives may see a strong business reason to pay.” It’s an IT security issue but needs to be understood company-wide. “But there are also potential legal implications of paying a ransom, including US sanctions laws and anti-money laundering controls that companies should explore with counsel,” Rosen said. “Cyber security hygiene is a growing and an important component to any major business, and I think it’s only going to continue to grow. “Hackers will find new ways to infiltrate networks, and whether it’s the broadcasting and media industries or some other sector, as long as there is a desire for what you have or to manipulate what you’re doing, the threat of cyber-attacks will continue,” Rosen stated.

MPLS or IPsec VPN: which is the best?

If your real-time apps are a big part of everyday life for users in your company, don’t believe the hype and dump your MPLS network without thorough testing. Ask yourself questions like “Will having unreliable call quality hurt our customers’/prospective customers’ impression when they call our company, as they review a bid from our competitor?” Or “Will it slow our employees down if their app is unreliable or slow?” Those little things make for big losses. Put it this way… if your company has sales of only $25 million/year, a mere 1 percent loss in sales (due to lost customers, etc.), equates to a $250,000 loss. Add this to money lost from lost employee payroll efficiency and you can see how the execs will not be happy with dropped calls, glitchy apps, etc. And a $25 million company doesn’t have a big enough WAN to save $250,000+ from ditching their MPLS.

UK education system exacerbates cyber skills gap

Nick Viney, vice-president consumer at McAfee, said this insight into the widespread uninspiring view of careers in cyber security makes it clear that fixing the cyber skills gap will require more than an updated curriculum. “However, teachers are not to blame,” he said. “Our sector needs to attract new talent, but that won’t happen if the industry cannot convey the wide variety of available job opportunities or the fast-paced and challenging nature of careers. “The view of cyber security needs to change at a national level. While updates to the curriculum could help plug the skills gap and inspire a new generation of cyber experts, it won’t come into effect straight away. Instead, we need to foster new education models and accelerate the availability of training opportunities for all.”

Quote for the day:

"In any leadership position, the most important aspect of your job will be getting your team to work together." -- Dale Brown

Daily Tech Digest - September 18, 2017

Benefits of containers seep into software-based networking

Distributed microservices at scale can create a tremendous volume of network traffic between individual containers; a leading concern is the potential increase in east-west traffic in the data center and even between container-based applications within a single server. Key challenges for networking containers include performance, automated provisioning of appropriate network resources, visibility and network management.  Network security is another issue. Containers solve some security concerns, like isolation, but may create other unknown vulnerabilities. Some current security technologies will easily support the migration to containers, while others may not. Networking can be built into container software or provided by third-party network software, such as Cumulus Networks, Pluribus Networks, 128 Technology and Big Switch Networks.

What fuelled Python's rise to become the fastest-growing programming language?

The overriding interest among Python developers in data science is reinforced by other data. Among the Python-tagged questions, the fastest growing tag is related to pandas, a data analytics software library for Python. Only introduced in 2011, it now accounts for almost 1% of Stack Overflow question views. However, the second most visited tag by Python visitors is JavaScript, likely reflecting the healthy use of Python by web developers. For finer detail, Stack Overflow broke down which Python-related frameworks and software libraries visitors were most interested in, with strong showings for the data science-related NumPy and matplotlib alongside pandas, and mixed interest in the web frameworks Django and Flask.

Machine Learning For Java Developers

Supervised learning and unsupervised learning are the most popular approaches to machine learning. Both require feeding the machine a massive number of data records to correlate and learn from. Such collected data records are commonly known as a feature vectors. In the case of an individual house, a feature vector might consist of features such as overall house size, number of rooms, and the age of the house. In supervised learning, a machine learning algorithm is trained to correctly respond to questions related to feature vectors. To train an algorithm, the machine is fed a set of feature vectors and an associated label. Labels are typically provided by a human annotator, and represent the right "answer" to a given question. The learning algorithm analyzes feature vectors and their correct labels to find internal structures and relationships between them. Thus, the machine learns to correctly respond to queries.

Q&A on the Book SAFe Distilled

SAFe scales by combining the power of agile with lean product development, and systems thinking. It creates alignment between strategy and execution from the portfolio to agile teams and vice versa. The basic building block for SAFe’s scalability are Agile Release Trains (ARTs). An ART is essentially an agile program, which contains between five to twelve agile teams that are all collaborating together, as one team, via a common mission, vision, and program backlog. If you are building a solution that requires the contributions of hundreds—or even thousands—of people, you simply launch more trains and coordinate them following the same patterns and similar roles used to coordinate multiple Agile teams. Face-to-face planning and integrated system demos helps assure collaboration, alignment, and rapid adaptation.

AI poses no threat to IT careers

“In virtualisation management, where you might be managing tens of thousands of virtual machines, the level of automation is already an order of magnitude higher, and it’s higher again with containerisation,” Hubbard said. “To IT administrators, that’s helpful. So when you ask, ‘Are you threatened by automation?’, they will say no. But the automation is replacing a full time job.” New jobs, however, are emerging, according to companies already implementing AI. In a Capgemini survey of almost 1,000 organisations which are implementing AI, either as a pilot or at scale, 83% of respondents said AI had generated new roles in their organisations. Among those that had deployed AI at scale, 63% said that no job had been axed. Nevertheless, AI technologies are being rolled out in Australia with the capacity to significantly disrupt traditional roles.

How to work with MongoDB in .Net

MongoDB uses the BSON format under the hood to represent the JSON documents at the heart of the data store. BSON or “Binary JSON” is a lightweight and efficient binary-encoded data serialization format that supports fast data traversal and searches. BSON also allows MongoDB to support data types—namely int, long, date, floating point, and decimal128—not represented in JSON.  In MongoDB documents are part of collections, in much the same way as a row is part of a table in a relational database. A document is essentially a collection of field and value pairs, which can also be nested. Note that a value in MongoDB can be a document, an array of documents, an array of BSON, or just a BSON type. Let’s look at how we can work with MongoDB using C#.

Digital forensics: The smart person's guide

Digital forensics is the extraction, analysis, and documentation of data from physical media. Why it matters: Digital life is not anonymous. As we use the web, we also scatter fragments of data in our wake. If collected, personal data fragments can present an accurate profile of our behavior and personality. Often this data trail is accompanied by legal implications. Digital forensic experts know how to assemble the picture. Who it affects: Because digital forensics experts are typically used in a legal setting, government organizations, SMBs, and enterprise companies may want to consider preemptively working with an expert to better understand potential vulnerabilities. When it's happening: Digital forensics has been a thriving industry since the mid-1970s.

Chatbots With Machine Learning: Building Neural Conversational Agents

Interacting with a machine via natural language is one of the requirements for general artificial intelligence. This field of AI refers to dialogue systems, spoken dialogue systems, or chatbots. The machine needs to provide you with an informative answer, maintain the context of the dialogue, and be indistinguishable from the human (ideally). In practice, the last requirement is not yet reachable. But luckily, humans are ready to talk with robots if they are helpful — sometimes, they can even be funny and interesting interlocutors. There are two major types of dialogue systems: goal-oriented and general conversation. The former help people to solve everyday problems using natural language, while the latter attempt to talk with people on a wide range of topics.

The Best Video Editing Software 

Video editing software ranges from free versions that are pretty bare-bones to feature-packed prosumer versions. Indeed, they vary as much as the reasons why people take up video editing—whether to make home videos, to become YouTube stars, to create VR experiences, and more. Most video editing software for consumers and mainstream users is best used for one or another of these specific functions, but there are a few generalists out there, too. For this roundup we’ll first be looking at the middle ground: Paid consumer video editing programs that cost $80 or less. Whatever your purpose, you should be able to find consumer software for less than $100 that can meet your needs. We’ll soon be updating this roundup with our top picks among free versions and prosumer versions, so stay tuned for more reviews.

Why won't enterprises take IoT security seriously?

"We're experiencing a period that's very exciting, because there is a lot of innovation going on and different parties racing to deploy new applications, devices, and techniques," Domingo Guerra, co-founder and president of Appthority, said in a panel discussion. However, not enough attention is being paid to the potential risks. "We've seen it before where we deploy smart traffic grids or street lights and never think about how to secure it or patch it until it's too late and too costly to address," Guerra said. "The main risk is not enough caution and foresight into how to address this new innovation securely." Many IoT device manufacturers do not include security in the design phase, said David Schwartzberg, senior security engineer at MobileIron. These manufacturers analyze their project from a cost perspective and time to delivery, and security often falls by the wayside.

Quote for the day:

"Before you attempt to set things right, make sure you see things right." -- John Maxwell