Daily Tech Digest - November 30, 2017

5 Questions to Ask About DDoS Pricing


As DDoS attacks grow more frequent, more powerful, and more sophisticated, many organizations turn to DDoS mitigation services to protect themselves against attack. DDoS protection vendors range in all shapes and sizes, from dedicated DDoS mitigation providers to CDN vendors who add website DDoS protection, to ISPs who resell DDoS protection as an add-on. As a result, the quality and cost of such service can vary wildly, and many customers end up purchasing protection packages that are either inadequate, or too big for their needs, resulting in unnecessary costs. ... Paying for attack traffic is particularly a concern if you rely on your CDN provider, your ISP, or your public cloud host for DDoS protection, because these providers charge customers according to the amount of traffic. In such cases you will essentially be paying your provider to be attacked, which can quickly escalate to tens of thousands of dollars (or more) per attack.



Millennials could change ‘hero’ mentality in IT departments, says Gartner

“Maybe new recruits have some skills, they have some capabilities they can bring to your organisation in terms of new thinking, in terms of how they collaborate,” he said. Tiny Haynes, Gartner research director of infrastructure, said organisations can benefit from the “experience versus enthusiasm” of young recruits to create a more collaborative working environment. Entrepreneur Margaret Heffernan, also speaking at the Gartner event, said an individualistic environment in the workplace can have an adverse effect. “For decades, we used to believe the best way to manage people at work is you get the high performers and you put them all into fantastic departments and projects and you get them to compete furiously for recognition, for bonuses, for promotions,” she said. “We found that instead you create huge amounts of dysfunction, huge amounts of aggression and huge amounts of waste.”


How to ensure IT works on the right projects

IT project management, IT spending, IT priorities
The first step in improving IT’s impact on your business is to understand whether the business’s perception of IT is reality and then position your IT organization to leverage their knowledge to support the business. It’s all about developing a strong partnership with the business and empowering your IT team to do more. Once you have your team aligned, you need to paint the vision for all that IT can be. In the digital era, IT can do more than put in systems; we can develop new products and services. That’s a greater level of influence than IT has had before, and your team needs to know that. There is a journey of taking IT from a liability to an asset and then to an enabler of value capture, and finally to being a value creator itself. Your whole team needs to understand the journey and that it doesn’t happen overnight.


Why Your Board Is Critical To Digital Transformation Results

Nick-Evans-Digital-Transformation
The survey which looked across four pillars of digital transformation maturity, including strategy and vision, people and culture, process and governance, and technology and capabilities, found the majority of companies were still in the early stages of their digital maturity based on a scale of early (1.0), developing (2.0) and maturing (3.0). ... One of the most surprising findings of the survey was the correlation between board-level priority for digital transformation and the achievement of transformational results. The results when digital was a top 3 board-level priority were surprisingly higher than when digital was simply a top 3 CEO-level priority ... Board-level prioritization of digital transformation is needed to create the impetus for change and to fuel investments; perennial skills such as leadership, culture and change management are needed to promote understanding and buy-in


The importance of data mining

The importance of data mining
With the help of data warehouses, information is extracted from a wide range of systems, converted into an ordinary format and uploaded into the data warehouse. Extract, transform and load or ETL is the name given to this sophisticated process. When the obtained info is merged and converted, experts can work with the data. In the past, the consolidation of information was conducted within a specific time frame like – once a day, once a week, bi-weekly or monthly. One of the main reasons why intervals were used was the fact that databases had to be offline while the data was processed. As you are probably aware, the business that is open 24 hours a day, 7 days a week can’t be down simply because data must be updated. As a result of that, many businesses and organisations had old, obsolete and/or irrelevant data. Even with irregularly updated data, organisations in the 1990s were operating fine, but today it’s impossible to run a business in this way.


What is two-factor authentication (2FA)? How to enable it and why you should

keys authentication
The notion of 2FA as a best security practice is no longer even remotely new. Google brought the advanced form of online security into the mainstream conscience with the launch of multilayered protection for enterprise customers in 2010 and then for all Google users in 2011. Facebook followed soon after. Yet, according to a recent report by the Pew Research Center, only 10 percent of American adults can correctly identify a two-factor-enabled login screen from a set of four choices.  Another report, from Duo Labs, estimates a measly 28 percent of Americans actually use 2FA on a regular basis. More than half of those surveyed by the firm had never even heard of it.  That, to put it mildly, is troubling. "People should all be looking at 2FA, even for minor things — if they're just buying toothpaste at a shopping site," says Patrick Wardrop, chief product architect of IBM's Identity and Access Management division.


Machine Learning and Big Data Know It Wasn’t You Who Just Swiped Your Credit Card


The algorithm knows right away if your card is being used at the restaurant you go to every Saturday morning — or at a gas station two time zones away at an odd time such as 3:00 a.m. It also checks if your transaction sequence is out of the ordinary. If the card is suddenly used for cash-advance services twice on the same day when the historic data show no such use, this behavior is going to up the fraud probability score. If the transaction’s fraud score is above a certain threshold, often after a quick human review, the algorithm will communicate with the point-of-sale system and ask it to reject the transaction. Online purchases go through the same process. In this type of system, heavy human interventions are becoming a thing of the past. In fact, they could actually be in the way since the reaction time will be much longer if a human being is too heavily involved in the fraud-detection cycle.


Adversarial machine learning tops McAfee’s 2018 security forecast


Serverless apps enable greater granularity, such as faster billing for services, but they are vulnerable to attacks exploiting privilege escalation and application dependencies. They are also vulnerable to attacks on data in transit across a network, and potentially to brute-force denial of service attacks, in which the serverless architecture fails to scale and incurs expensive service disruptions. “Serverless apps that are quickly implemented or rapidly deployed can use an inappropriate privilege level, leaving the environment open to a privilege escalation attack,” said Samani. “Similarly, the speed of deployment can result in a function depending on packages pulled from external repositories that are not under the organisation’s control and have not been properly evaluated.” There are also new risks, according to Samani. “By looking at the URL, we can tell if the request is going to a serverless environment.


Wi-Fi in 2018: What will the future look like?

smart city - wireless network - internet of things edge [IoT] - edge computing
802.11ax's key technology is something called orthogonal frequency-division multiplexing, or OFDM. This is a transmission technique that, in essence, allows multiple devices to share not only the same access point, but the same Wi-Fi channel at the same time. Previous-generation Wi-Fi can’t do that, so OFDM means that 802.11ax has a substantial leg up on current technology, particularly in terms of large numbers of devices sharing the same access point. But experts don’t think that 2018 will see widespread deployment of the new standard. For one thing, it has yet to be formally ratified by the IEEE, although that won’t stop large vendors from releasing 802.11ax gear before the standard is official. But beyond standardization issues, there’s also the simple fact that enterprise Wi-Fi is only just beginning to deploy 802.11ac wave 2


Making an effective case for increasing the data security budget

A variety of factors affect the affordability issue, but the lack of availability with the cybersecurity professional community also compounds the problem. One source, the Global Information Security Workforce Study, released in June 2017, that found the cybersecurity workforce gap is on pace to hit 1.8 million in 2022, a 20 percent increase since 2015. The lack of cybersecurity funding combined with too few trained cybersecurity analysts and engineers adds up to an IT security disaster. This assumption is shared by 56 of those surveyed who said their companies are underprepared to identify and respond to a security incident, while 45 percent believed their organization suffered a breach in the past year. Educating stakeholders of the tremendous risks that exploits and breaches pose to the health and success of the business is one of the greatest challenges CIOs and CEOs face when allocating resources to meaningful and effective security initiatives.



Quote for the day:


"It is better to fail in originality than to succeed in imitation." -- Herman Melville


Daily Tech Digest - November 29, 2017

Forget robots, what's the reality behind the AI hype?

Robot sophia
With all this innovation there is no denying that many of the roles we currently do will change. In fact, according to the World Economic Forum, 65% of today's school children will do jobs that haven't yet been invented. Employers need to prepare for these changes now. While we may not know the exact nature of what the new roles will look like, or how existing roles might evolve, we do know that almost all of them will involve digital skills. A great place to start, therefore, is in raising all your employees' digital skills quotient. UK businesses and tech leaders should also look to work with the government to ensure the digital skills they need in the future are part of today's school curriculum. We are just scratching the surface when it comes to assessing the impact of AI on businesses. 


Man typing on macbook
The flaw in MacOS High Sierra - the most recent version - makes it possible to gain entry to the machine without a password, and also have access to powerful administrator rights. “We are working on a software update to address this issue,” Apple said in a statement. The bug was discovered by Turkish developer Lemi Ergin. He found that by entering the username "root", leaving the password field blank, and hitting "enter" a few times, he would be granted unrestricted access to the target machine. Mr Ergin faced criticism for apparently not following responsible disclosure guidelines typically observed by security professionals. Those guidelines instruct security experts to notify companies of flaws in their products, giving them a reasonable amount of time to fix the flaw before going public.


The Apache Software Foundation Announces Apache® Impala as a Top-Level Project

Apache Impala is deployed across a number of industries such as financial services, healthcare, and telecommunications, and is in use at companies that include Caterpillar, Cox Automotive, Jobrapido, Marketing Associates, the New York Stock Exchange, phData, and Quest Diagnostics. In addition, Impala is shipped by Cloudera, MapR, and Oracle. "Apache Impala is our interactive SQL tool of choice. Over 30 phData customers have it deployed to production," said Brock Noland, Chief Architect at phData. "Combined with Apache Kudu for real-time storage, Impala has made architecting IoT and Data Warehousing use-cases dead simple. We can deploy more production use-cases with fewer people, delivering increased value to our customers. We're excited to see Impala graduate to a top-level project and look forward to contributing to its success."


Associative memory AI aids in the battle against financial crime

Neural connections
According to Sheppard, associative memory AI technologies are best thought of as reasoning systems that combine the memory-based learning seen in humans—recognizing patterns, spotting anomalies, and detecting new features almost instantly—with data.Applications of associative memory AI in the enterprise are varied. “Our strategy is to build comprehensive decision systems for financial services, supply chain management, and manufacturing and defense. ... These systems combine what we think are the best of learning approaches, such as deep learning, traditional statistical machine learning, associative learning, and others. Our goal is to deliver a sum that is much greater than its individual parts.” Intel has developed a sharp focus on the financial services industry, with its October launch of the Intel Saffron Anti-Money Laundering (AML) Advisor. 


Amazon adds security monitoring and threat defence with GuardDuty

Announcing the new offering on Tuesday night at AWS re:Invent, Stephen Schmidt, ... explained that Amazon GuardDuty can be enabled with a single click, and has removed the complexity of operation previously required for threat detection. "Continuous security monitoring is what we all strive for, but doing this at scale, without slowing down your business, is complex and expensive," Schmidt said. "Traditionally, threat detection requires you to deploy and maintain dedicated security infrastructure, which frankly is hard to automate, doesn't scale at all, and many existing solutions were designed for on-premise environment." GuardDuty consumes multiple data streams, including several threat intelligence feeds, staying aware of IP addresses and domains flagged as malicious, while also learning to identify malicious or unauthorised behaviour in a users' AWS account.


5G and the Need for Speed

Car speedometer speed fast
5G is Plaid for cellular networking – a next-generation mobile network that promises not only ten-times the available spectrum, for ten-times the download speeds, but across ten-times the devices and with a fraction of the latency. The move from 1Gbps to 10Gbps speeds will support bandwidth-intensive applications like high-definition video and virtual reality, and near real-time connections will enable ultra-low latency applications like autonomous cars, remote surgery and specialized applications within the Internet of Things (IoT). 5G is impressive, but – spoiler alert – it isn’t entirely new. The road to 5G runs through 4G wireless infrastructure, and improvements to 4G technologies like carrier aggregation, small cells, massive multiple-input and multiple-output (MIMO) and beamforming will satisfy our need for 5G speed.


The FCC's Attack On Net Neutrality

That net neutrality didn't harm sector investment isn't really debatable. Just ask industry executives from Frontier, Comcast, Cablevision, Sprint, AT&T, Sonic and even neutrality public enemy number one, Verizon all of who are on public record telling investors the "net neutrality killed sector investment" claim simply isn't true. That this concept is a canard is also supported by public SEC filings and earnings reports, as well as the billions being spent on spectrum as these companies rush toward the fifth generation (5G) wireless networks of tomorrow. Most of the sector's dollar-per-holler economists just cherry picked specific windows of time to track CAPEX increases and declines, intentionally ignoring that many of these changes have nothing to do with net neutrality as well as numerous large scale fiber deployments .


Monetizing the Internet of Things (IoT)


While it’s true that there are lots of insights at the edge, especially in enabling a new family of operational use cases, most of the insights at the edge are very tactical. Just as there is a big difference between data and analytics, there is an even more significant difference between insights and action, which is the difference between having insights versus making insights actionable. Insights without action are…well, why bother. Insights are not valuable until they are delivered to a user that can apply those insights to make better decisions. And for the more operational and strategic use cases, those decisions happen at the core and cloud. ... Ultimately, the goal of any IoT initiative should be to couple these new sources of IoT data with advanced analytics to power the business. We can use the Big Data Business Model Maturity Index as a guide to help us to create an IoT Data Monetization Roadmap


Capital markets transformation: evolution not revolution

Fintech is no longer seen as the enemy. Capital markets organizations are now willing to collaborate more to deliver some much-needed innovation. They look at co-innovation to maximize budgets and decrease risk while leaving in-house resources working on key differentiating projects rather than custom development and on premises capabilities. Gone is the rhetoric of "us vs. them" as investment banks and asset managers take their place in a new ecosystem and reinvent themselves as technology companies. Over the past 20 years, electronification has gained importance for trading and lifecycle activities, but capital markets firms must consider the changing habits and behaviours of their clients and own personnel. They also must contend with new players benefitting from lower technology costs to develop new solutions and change current practices.


The Incredible Convergence Of Deep Learning And Genomics


Out on the road, we were having a pretty good run. Convincing people was an uphill battle, but we leveraged the least intuitive aspect of Chromputer — the ATAC-seq 2D data — to demonstrate the utility of the model. We would do so with an “AI vs human” exercise. With about 100 pixels out of 600,000 pixels “on” in this sparse input data, it is virtually impossible to guess what this image-like signal means. But check out Chromputer transforming this data into a representation that maps to an enhancer — a DNA control element that can affect gene expression from as far as a million base pairs away. Pretty impressive. With the representation in the 4th layer, I could guess this is not a CTCF, a protein responsible for the genome’s 3D architecture, because it is typically surrounded by positioned nucleosomes indicated by circular clusters in the bottom half of the image.



Quote for the day:


"Know that the thing that is easiest to do is rarely the thing that is best to do." -- Robin Sharma


Daily Tech Digest - November 28, 2017

chair spotlight
CISOs who assume all the responsibility for the organization regarding decisions on risk put their jobs at risk. In this case the CISO defines what the company will and will not tolerate from a security, risk and compliance standpoint—rather than being the facilitator of communication, Curran says. “Too many security people think they shoulder the burden for the organization and that the ‘technical’ knowledge is beyond the business,” Curran says. “As a result, they do not communicate the risk at all, effectively stifling management’s ability to decide how much investment they should make to address the risk.” A CISO “must be able to articulate risk and security solutions to a board or senior executives who are not familiar with security, so they can make informed decisions on risk tolerance,” Curran says.


How CRM's Are Creating Time For High Priority Tasks

Customer Relationship Management (CRM) provides a business with centralized application software to carry out its daily activities. The software manages a business, tracks customers, identifies a target market, receives customer feedback, analyzes data, tracks sales, manages tasks and documents, ensures sales mobility and facilitates social media integration into the business. As a result, effective CRM software should be capable of moving customer prospects through all purchasing stages without any major challenges. Therefore, establishing and maintaining the CRM software requires a distinct sales pipeline, established sales practice, prioritizing of activities in the sales pipeline, dedicating time blocks for each activity, analyzing the sales and making frequent reports. CRMs create time for high priority tasks by grouping the sales tasks as vital, important or optional.


Why We Can't Trust Smartphones Anymore

smartphone shocked group
Quartz reported this week that for the past 11 months, Android has been sending user location data back to Google, even if location services are off, no apps have been used and the phone is without a SIM card. The location data is based on proximity to cell towers, something called “Cell ID.” A Google spokesperson told me that in January, Google “began looking into using Cell ID codes as an additional signal to improve the speed and performance of message delivery.” Google never used or even stored this data, and the data had no connection to location services, targeted advertising or other functions. The company basically turned it on with the intention of exploring performance tweaks later. Google plans to remotely terminate this location function over the next month for all users as a result of the controversy. The termination does not require a software patch or download.


How did Linux come to dominate supercomputing?

How did Linux come to dominate supercomputing?
“There wouldn’t be Linux if it weren’t for Unix,” said Steve Conway, research vice president for Hyperion Research, the high-performance computing (HPC) unit of IDC. “The Unix era gave way to the Linux era because Linux is more open and not vendor-specific. So, here was a chance with Linux for the whole community to have one main flavor of an operating system.” None of the major Unix flavors supported the x86 architecture, either. Sun did with SunOS, which was a text-based OS, and it had Solaris on x86 but never made a big push for it. All the other Unixes were on custom RISC processors. Of course, no one saw the massive rise of x86 on the server, either. Prior to Linux, the only heavily supported x86 Unixes out there was The Santa Cruz Operation with Xenix and FreeBSD out of the University of California at Berkeley.


Internet censorship: It's on the rise and Silicon Valley is helping it happen

"A decade ago, our main concern was governments implementing filtering mechanisms to censor the internet. Today that remains a problem, but more and more, Silicon Valley companies are willing to comply with takedown requests from authoritarian governments," she said. According to York, in the past few months, the EFF has seen Snapchat and Medium comply with the government of Saudi Arabia, an attitude "unthinkable in previous years". "Internet censorship creates inequality -- economic inequality, inequality of ideas, educational inequality, and more," she said. It's up to the people to protect their digital rights, as "governments are working together in their bids for repression, closure of borders, the implementation of mass-surveillance, or cooperation on censorship", York said. 


4 ways to prevent QSR data breaches


One of the biggest trends in restaurant service is the ability to accept card payments at the point of service via mobile point of sale (mPOS). An mPOS solution frees your staff from being tied to the service counter or server station, and it enables seamless card acceptance from anywhere a sale may occur. Secure payments can be accepted in virtually any environment—ranging from a restaurant table or drive thru, to a food truck or pop-up location at a special event. Notably, many mPOS solutions are also EMV-enabled and offer P2PE and tokenization for added security, making them an ideal choice to protect customers and ensure PCI compliance. Increasingly, casual dining and table service restaurants are adopting mPOS and wireless terminals to offer Pay-at-the-Table convenience to their patrons, including acceptance of EMV chip cards and NFC/contactless payments such as Apple Pay and Android Pay.


CEOs Must Do These 3 Things To Turbocharge Innovation


High innovators use culture management to promote transparent and collaborative cultures. This represents one of the biggest factors that distinguishes them from lagging innovators – it separates the cohorts by a margin of nearly two to one. The comments from the survey respondents speak volumes – particularly those classified as lagging innovators. They advocate for the mere basics of culture development, tools, processes and metrics. For guidance on this front, the medical device maker Medtronic warrants a look. For decades, the company’s CEOs have frequently highlighted the company’s innovation strategies and projects at global all-employee meetings. During routine reviews, project leaders evaluate progress against technical and patient-service metrics.


Cloud, Agile and What Startups Can Teach the Enterprise

Software engineering is still a young discipline. Until the Agile Manifesto challenged the accepted waterfall-based development model, software creation borrowed most of its processes from that of hardware. But those older, hardware-like methodologies failed to take advantage of software’s biggest benefit: that it’s soft. What has emerged in the last 15 to 20 years is the idea of “failing quickly.” Developers want to get products in front of users as early as possible, learn from their mistakes, and iterate better versions quickly. This new process takes advantage of the “softness” of software and ultimately sculpts better products. Mantras like “fail quickly” assume that some large percentage of ideas are bad. The faster you can get those ideas in front of people and find out how they perform, the more “at bats” you’ll get and the better your chances are at finding an innovation.


Resiliency in the age of cloud services

hybrid cloud
The emergence of cloud and IaaS has dramatically changed the way we think about application resiliency. Thin provisioning and auto-scaling for rapid deployment of new resources are now possible as conditions change and workloads shift. Spinning up secondary and tertiary DR environments is easy. There are now technologies that enable active/active setups, such as multi-master database replication systems and global load balancing technologies like those provided by modern DNS and traffic management services. Today, we’re seeing a new shift in the way resilient applications are built, because of the emerging criticality of cloud services in application stacks. Cloud services include Software-as-a-Service (SaaS)-style technologies like cloud storage, Database-as-a-Service (DBaaS), Artificial Intelligence-as-a-Service (AIaaS), content delivery networks (CDNs) and Managed DNS networks.


Developing a Google Chrome Extension using Angular 4

It seemed quite a daunting challenge; but after puzzling out how to register our Angular app as a Chrome extension, choose the optimum build process and configuration and to use the messaging system, it proved to be a great opportunity to learn some new technologies in depth. The use of Angular 4 makes the developer’s life easier because the projecat acquires a well-defined structure. It can can be more easily maintained and enhanced thanks to the modularity of Angular. Also, TypeScript, as a superset of JavaScript, brings the object-oriented programming experience with strong typing to the development of client-side browser-based applications. This article describes the general approach, the problems I needed to face, and the solution I adopted.



Quote for the day:


"Leadership cannot really be taught. It can only be learned." -- Harold S. Geneen


Daily Tech Digest - November 27, 2017

Through the eyes of machines

‘Understanding of the environment by robotic systems will be a big game changer for the new industrial revolution,’ stated Puli┼í, of Photoneo. ‘Robots, as machines, are nearly perfect, being precise and robust, but they are blind. With 3D vision, they will get their eyes. Their usage will be much wider with improved flexibility. ‘The eyes and brains of robots will come in the form of new 3D cameras and deep learning systems that will not only be able to identify what has happened based on a past experience, but they will be able to predict what may happen in the future.’ Vision-equipped logistics robots are a potential example, offering the ability to pick up containers and move around a facility autonomously. Imaging in 3D would enable them to anticipate structures and objects, recognise where humans are, and understand where they are going and how to navigate around them safely.


UK only average in terms of digital public services


“The UK is undoubtedly a leader in terms of digital innovation and the design of user-centric services, so it might seem surprising that this year’s eGov Benchmark shows it slightly falling behind the group of the biggest European economies in terms of digitising its services,” said Niels Van Der Linden, principal Consultant at Capgemini Consulting. “The UK has developed a number of very smart digital initiatives, and is now working hard to implement these solutions across its entire public sector. The challenge for the UK in climbing up the ranks is to increase the availability of key enablers such as electronic identification and [authenticated sources of information so data can be reused], where other countries have already made steps forward.” To be pulled up on this, the UK must be doing badly, because the total use of electronic identification was only possible in one of two European public services (52%)


Raw data is like raw fish – refine it, or throw it back to sea


Any new insight creates an impact only when it is really applied. For some time the industry has been talking about “actions” as a key step to turn insights into value. But sometimes we have a tendency to look at actions as if they are some magical new capability we need to invent. In reality, we can take a more down-to-earth view. Every day operator teams and individual employees already make multiple decisions, take action, create change, implement procedures – all guided by different work processes. Operationalizing insights is about the ability to enrich these work processes with new intelligence from analytics. In simple terms – to help people to do their best work. Let me give you a real-life example. One Nokia analytics customer had a process of proactively reaching out to possible churners as a result of bad quality in their network home environment. 


Stephen Hawking says Artificial Intelligence could be our undoing


Hawking dropped this bombshell during a technology conference in Lisbon, Portugal. He says the only way we can prevent it is if we find a way to control computers. According to him, computers have the ability to “emulate human intelligence and exceed it.” And since we’re constantly looking for ways to improve AI it could be the best thing for society or the worst. “We just don't know,” he said. “So we cannot know if we will be infinitely helped by AI, or ignored by it and side-lined, or conceivably destroyed by it.” He admitted that AI does have the potential to reverse the damage done to the natural world or even eradicate poverty and disease, but it’s the uncertainty of the future that sets off alarms for him. And we have to be ready for a worst-case scenario. Hawking says we have to learn how to prepare for an avoid risk with AI as it can bring along new dangers and can disrupt the economy. Earlier this year, he said humans have about 100 years to leave Earth to survive as a species. He’s become more vocal about finding a new planet to live on. Why so? Mainly because we’re running out of room on the planet we’re on, and our natural resources are disappearing. And, you know, there is global warming to think about.


8 Low or No-Cost Sources of Threat Intelligence

Image Source: BeeBright / Shutterstock.com
While just about every security industry vendor website offers up information on the latest threats, some are better than others. Here, we 'll point out the sites that are the most informative and useful. We called on Roselle Safran, president of Rosint Labs, to work with us to build a meaningful list. Safran's extensive experience in cybersecurity includes several years of service in the Executive Office of the President and Department of Homeland Security during the Obama administration. Safran included some obvious choices from federal government sources, but she also struts her cybergeek sruff by offering up some lesser-known sites that track ransomware and malware. We combined forces with Safran to develop a list that will give novices the threat intelligence amuse-bouche they need while supplying some intel red meat for experienced security pros.


The multi-cloud/hybrid IT environment will come to dominate the enterprise

Multi-Cloud Enterprise
“Cloud buyers have access to more capabilities than ever before, but the result is greater complexity. It is a nightmare for enterprises to calculate the cost of computing using a single cloud provider, let alone comparing providers or planning a multi-cloud strategy,” said Dr. Owen Rogers, research director at 451 Research. “The cloud was supposed to be a simple utility like electricity, but new innovations and new pricing models, such as AWS Reserved Instances, mean the IT landscape is more complex than ever.” Flexibility has become the new pricing battleground over the past three months, with Google, Microsoft and Oracle all announcing new pricing models targeted at AWS. Analysts believe there will be a market opportunity for cloud dealers that can resolve this complexity, giving users simple and low-cost prices – similar to how consumer energy suppliers abstract away the complexity of global energy markets.


Four Secrets for Turning Insight into Execution


A well-designed leadership off-site is a great place to generate the big ideas that can take your business to the next level. You bring in a speaker, have an in-depth discussion, walk through an analysis, and suddenly, light bulbs go off. People see what they’ve been missing or what has been holding them back. Unfortunately, as soon as people leave the event the light often begins to fade, and even those who complete planned tasks can lose sight of the big idea. Managers may be rigorous about their vision for implementation, but still find that execution varies widely — putting their business at risk and damaging trust and confidence on the team. “Are we going to have another one of those meetings where everyone signs up for stuff, and then no one does anything?” becomes an all-too-common refrain.


Blockchain could be used for citizen identity services, says Reform


Reform suggests that a blockchain app is built across government departments such as HM Revenue & Customs (HMRC), Home Office and Department for Work and Pensions (DWP) which would act as a layer on top of current databases. ... “This means moving from siloed departments holding different and even contradictory versions of a person’s identity to a user-stored identity, in an identity app on a smartphone,” the report said. “User control will move from low to high, with blockchain providing the technology to achieve it. Unlike today’s identity management model, individuals will have access to their public service identity and will authorise who can see it, and in what form.” Reform said this could also include the use of biometrics to add an extra layer of security, where a citizen could scan their face or fingerprint to access and share identity data with government on their smartphone.


60 Cybersecurity Predictions For 2018


The following list of 60 predictions starts with three general observations and moves to a wide range of cybersecurity topics: Attacks on the US government and critical infrastructure, determining authenticity in the age of fake news, consumer privacy and the GDPR, the Internet of Things (IoT), Artificial Intelligence (AI) as a new tool in the hands of both attackers and defenders, cryptocurrencies and biometrics, the deployment of enterprise IT and cybersecurity, and the persistent cybersecurity skills shortage. IoT vulnerabilities will get more critical and more dangerous. Despite this, there will be no real changes in US law to regulate these devices. This isn't a very risky prediction; Congress is currently incapable of passing even uncontroversial laws, and any IoT regulation faces powerful industry lobbies that are fundamentally opposed to government involvement.


12 Myths Of Data Analytics Debunked

12 myths of data analytics debunked
“Nowadays there are so many open source as well as other tools available in the marketplace that can help you start to show the value of data analytics,” Varma says. “You need to have a good understanding of your internal data storage and what problem you’re trying to solve. Cloud is also making it easy to try analytics to solve a business problem.” Modern analytics “are based on cloud systems and big data architecture, which by definition are quite less expensive than traditional data warehouse systems,” adds Beatriz Sanz Saiz, global leader of analytics at advisory firm EY. “Also, data and analytics are typically applied to achieve three outcomes: improve process efficiency, revenue growth, and proactive risk management,” Saiz says. “So overall, the application of data and analytics drive significant [cost] benefits to any company.”



Quote for the day:


"Humility is a great quality of leadership which derives respect and not just fear or hatred." -- Yousef Munayyer


Daily Tech Digest - November 26, 2017

A Global Collaboration to Create “Artificial Organisms” Just Went Live

Image credit: Mindfire
Many experts agree that the development of artificial intelligence will be a significant paradigm shift for humanity. Author James Barrat calls AI “our final invention.” Dr. Ben Goertzel, a robotics scientist and Chairman of SingularityNET, a private AI software company, echoes this sentiment, saying that the advent of AI will cause all human invention to become obsolete. Kaufmann likens true AI with the myth of Prometheus giving fire to humanity: the technology, he believes, will start a new chapter for human-kind. Even more, Russian president Vladimir Putin said that the country that leads in AI development “will be the ruler of the world.” Which is exactly what Mindfire is hoping to prevent. “Mindfire is not owned by a company, it’s not owned or triggered by a government, it is organized by the people and for the people.” 


High-flying cryptos: Digital currencies and the bubble question

High-flying cryptos: Digital currencies and the bubble question
The curiosity and openness is tempered by what Constantin Gurdgiev, an academic and economic researcher and advisor writing for financial analysis website Seeking Alpha, describes as "an unknowable bubble". He references the chart below, which has been doing the rounds in crypto circles recently. ... He argues cogently that, although it is difficult to judge whether the chart shows bitcoin to be in a bubble, "Absence of evidence is not the same as evidence of absence. But, taken together with the general lack of credible fundamentals-linked modelling of the crypto-currency, this means that, at this point in time, Bitcoin price can be potentially driven solely by… err… expectations held by its enthusiasts, plus the incentives by the predominantly China-based investors to avoid extreme risks of capital controls and expropriations."


In These Small Cities, AI Advances Could Be Costly

“Big cities provide greater opportunities for synergies among creative, highly technical people, and that’s why they attract them,” explains Iyad Rahwan, an associate professor at MIT and the corresponding author of the paper. “The other dynamic is that cashiers and waiters are less idle in big cities than small cities, so large cities need fewer of them in proportion to their size.” As a result, he says, large cities have fewer routinized occupations that are more likely to be automated and relatively more technical and managerial occupations, which are less likely to be impacted by automation. ... The study is likely to draw comparisons to other recent high-profile economic analyses of automation and jobs. A 2013 University of Oxford paper estimated the susceptibility to “computerization” of more than 700 occupation types and forecast that 47 percent of U.S. employment was at “high risk” of automation


These 7 Disruptive Technologies Could Be Worth Trillions of Dollars


Scientists, technologists, engineers, and visionaries are building the future. Amazing things are in the pipeline. It’s a big deal. But you already knew all that. Such speculation is common. What’s less common? Scale. How big is big? “Silicon Valley, Silicon Alley, Silicon Dock, all of the Silicons around the world, they are dreaming the dream. They are innovating,” Catherine Wood said at Singularity University’s Exponential Finance in New York. “We are sizing the opportunity. That’s what we do.” Wood is founder and CEO of ARK Investment Management, a research and investment company focused on the growth potential of today’s disruptive technologies. Prior to ARK, she served as CIO of Global Thematic Strategies at AllianceBernstein for 12 years. “We believe innovation is key to growth,” Wood said.


The Next Frontier in Blockchain Technology: Scaling and Commercial Optimization

The Next Frontier in Blockchain Technology: Scaling and Commercial Optimization
The architecture of the operating systems establishes a well organized “Central Business District.” In this business district each industry has its own dedicated side chain--a one to one scenario where specific issues and problems receive direct attention via the corresponding chain. The highly customizable platforms consist of one main chain, or kernel, that forms the minimum viable Blockchain. As the backbone of the operating system this main chain is used as the core from which custom operating systems can be developed. Developers can use the operating system to create specific configurations, providing adaptability that has so far eluded certain Blockchain projects. So how does this all impact scalability? In essence, a Blockchain-based operating system creates different streams (side chains) which handle very specific tasks.


What Is Blockchain Technology?


As discussed, Bitcoin’s “blockchain” allows for the creation of a unique and scarce digital asset where everyone knows the history of each bitcoin. A single bitcoin is not just a string of ones and zeros, but the first successful (at least so far) censor-proof, portable, easily transactable, durable, and secure digital asset. Bitcoin’s value is subject to the same supply-and-demand mechanics found in any marketplace. If investors find the above characteristics valuable and demand for bitcoin grows, bitcoin’s price rises and vice versa. Bitcoin’s supply is limited to 21M coins (although only about 17M have been mined so far). You can do the math, but as of this writing investors value bitcoin at upwards of $120B in aggregate. To give a sense of how the market values other cryptocurrencies, here’s some market information about some of the top ones


The Uncertain Future of Bitcoin Futures

There is a notion, popular in some circles, that the point of an investment bank is to sell people securities that will go up: that it has a duty to its customers to carefully curate its product offerings and sell them only the stuff that it personally believes in. This is not the point of an investment bank. JPMorgan sits between people who want to buy a thing and people who want to sell the thing, and it intermediates their trades. Diversity of opinion -- some people think the thing will go up, others think it will go down -- is what makes a market. If JPMorgan could only trade with clients after satisfying itself that they are right, it would never do any trades. ... Individuals and institutions who handle bitcoins, meanwhile, have been reduced to writing their private keys on scraps of paper and putting those scraps of paper in safe deposit boxes.


What Artificial Intelligence In Hands Of Adversaries Means For Cyber Defense


Security researchers have already demonstrated how AI can be used in cyberattacks. The Social Network Automated Phishing with Reconnaissance system, or SNAP_R, is a machine learning system that was as successful as a human when spear-phishing Twitter users. SNAP_R used a variety of AI-based approaches to suggest high-value targets and generate quality spear-phishing messaging based on the targets' previous tweets. Moreover, what makes SNAP_R noteworthy is the amount of phishing tweets it sent in the two-hour contest against a human. SNAP_R delivered more than four times as many spear-phishing tweets as the human did, suggesting future AI enabled cyberattacks could have a wider digital reach. AI tools can also generate fake messaging for spear-phishing attacks. SNAP_R demonstrates how these tools can accurately reflect a victim’s language patterns by monitoring personal data, such as social media accounts.


The Power of Self-Service Data Analytics in Financial Services

A self-service approach can help financial institutions break down siloes and connect data within. In the IBM report, only 53% of banking and financial markets set up their big data infrastructure to include information integration. As the use of analytics spread across organizations, particularly outside of IT, balancing governance and access becomes key for marketers to quickly acquire the trusted, accurate information they need for timely, personalized services and promotions. Sophisticated, user-friendly, self-service data analytics capabilities can also deliver untold benefits for risk management and compliance, enabling banks and financial institutions to assess and optimize risk exposure across business units. By empowering business people to analyze their own data, more people within the organization will be able to uncover hidden insights without relying on IT specialists or programmers.


Enterprise architecture and digital transformation: A framework for success

It’s important to note EA is no longer about modeling architecture, according to GCN. EA enables a common language for collaboration in digital environments. This language is a foundation for digital transformation for commercial and public-sector organizations alike. Different businesses have different technology needs and requirements. Thus, there’s more than one EA framework out there. For example, there’s the TOGAF EA model, which serves the needs of a variety of architectures. There’s also the NIST EA modeland federal EA, targeting the needs of government agencies. And though it’s an ambitious project for all but the largest organizations, there are proprietary EA models that aren’t available on the open market.



Quote for the day:


"Successful leadership requires positive self-regard fused with optimism about a desired outcome." -- Warren Bennis


Daily Tech Digest - November 25, 2017

To achieve improved fast-model training, data scientists and researchers need to distribute deep learning across a large number of servers. However, most popular deep learning frameworks scale across GPUs or learners within a server, but not to many servers with GPUs. The challenge is, it’s difficult to orchestrate and optimize a deep learning problem across many servers, because the faster GPUs run, the faster they learn. GPUs also need to share their learning with all of the other GPUs, but at a rate that isn’t possible with conventional software. This functional gap in deep learning systems recently led an IBM Research team to develop distributed deep learning (DDL) software and algorithms that automate and optimize the parallelization of large and complex computing tasks across hundreds of GPU accelerators attached to dozens of servers.


7 types of malware you need to look out for

Bots drain the resources of the infected person’s systems, and they might be causing the computer to be part of a criminal enterprise. They are also commonly used for spambots (which spam computers with ads) and botnets (which are used for distributed denial-of-service attacks). Ransomware is quickly becoming the most notorious type of malware. It’s most famous iteration is WannaCry, which infected hundreds of thousands of organisations across the globe in May 2017, but it was unlike most ransomware in that its scope was massive (because of its worming capabilities). Most ransomware is spread through phishing emails, which offers a more controlled scope. A PhishMe report from last year found that ransomware was delivered in 97% of all phishing emails. Different types of ransomware can operate in slightly different ways, but they all encrypt files and/or lock computers until victims pay for a decryption key.


10 Ways AI and Chatbots Reduce Business Risks

10 Ways AI and Chatbots Reduce Business Risks
Thanks to advancements in both these fields, AI-powered virtual assistants can now learn independently and provide assistance to consumers without any additional human intervention. Chatbots can also be used as fantastic internal-facing tools. Creating a quality chatbot to help your team is like providing everyone with an assistant. Although it will have limitations at first, using an internal-facing bot can help you speed up your internal processes and create an efficient communication network for all of your workers. The best part about implementing a chatbot is that you won't need to hire developers or cover expensive fees. Thanks to platforms like my company ChattyPeople, you can create bots for free and in a matter of minutes. Best of all, it uses a purely visual interface, so you won't need any coding knowledge to create an AI-powered chatbot. Plus, chatbots can be integrated into a huge variety of channels, including Facebook Messenger and Slack.


AI and IoT set to be major investment trends in 2018


More than half of the organisations surveyed expect to invest over £10 million in digital technologies such as AI, cloud, robotics, analytics, blockchain, the IoT and virtual and augmented reality. Across these technologies, seventy three per cent said they plan to invest in robotics, 63 per cent will invest in augmented and virtual reality, 62 per cent will invest in wearables, 54 per cent will invest in biometrics and 43 per cent will invest in blockchain.  The leader of UK digital transformation at Deloitte, Paul Thompson offered further insight on the firm's first Digital Disruption Index, saying:  “The first edition of the index shows that few UK businesses are successfully exploiting digital technologies and ways of working. Strategies are not coherent, investment levels are modest and the relevant skills are in short supply. As a result, the UK isn't living up to its digital potentional.”


Hadoop Security Issues and Best Practices


It wasn’t all that long ago that Hadoop in the enterprise was primarily deployed on-premise. As such, informative confidential data was safely confined in isolated clusters or data silos where security wasn’t a problem. But thatfastly changed as Hadoop developed into Big Data as-a-Service (BDaaS), took to the cloud, and became surrounded by an ever-growing ecosystem of softwares and applications. And while these innovations have served to democratize data and bring Hadoop into the mainstream, they have also created new security concerns for organizations that now struggle to scale security in step with Hadoop’s rapid technological advances. For many companies Hadoop has developed into an enterprise data platform. That poses new security challenges as data that was once siloed is brought together in a vast data lake and made accessible to a variety of users across the organization.


SophiaTX Integrates Blockchain Technology With SAP


A proof of concept (PoC), recently demonstrated to a select group of attendees in Zurich, shows how businesses can use blockchain technology to transparently and reliably exchange information between their enterprise systems in real time, with a customer invoice directly created in one SAP system automatically transferred via the SophaTX testnet to another company using a different SAP system. ... “It became apparent to us that, in order to adopt blockchain [technology] into various industries and connect to the enterprise applications, we needed to provide common building blocks across all modules of ERP, SCM and CRM systems. This led us to the concept of establishing a platform, as a key infrastructure for peer-to-peer smart transactions, prior to building industry specific solutions.” Kacina explained that different types of cross-industry scenarios have been worked out.


Weigh vendors, tools in software-defined storage products


SDS covers a huge spectrum of software offerings, from hyper-converged infrastructure (HCI) or virtual storage area network stacks to new file system approaches and object stores. Soon, we'll see specific services for point application to data flows, too. Don't ignore the option to buy prebuilt appliances. If you are thin in bare-metal integration skills, it makes sense to use third-party integrators that may be the original equipment suppliers. Ultimately, buying from the large established vendors is a low-risk approach, but it will come at a price. With any purchasing decision, avoid vendor lock-in -- especially for drives -- since there can be significant markup when compared to distribution pricing. Ask the vendor upfront whether they allow you to add third-party commercial off-the-shelf products to the appliance, especially for drives and memory.


Are AI Learning Scenarios Unpredictable Enough?

Artificial Intelligence Self Driving Vehicle Car Gaming Games Bots Robots
The core of the problem is transparency — perfect information versus imperfect information. When thinking about interplay between humans and machines from a game-theory perspective, information changes games radically. The prisoner’s dilemma is only interesting if both prisoners don’t know what the other will do — that is, both have imperfect information. If one prisoner doeshave perfect information — that is, knows what the other prisoner will do — then the dilemma no longer exists. Similarly, if humans know what AI will do, but AI systems have imperfect information, then we are creating a scenario that plays to AI’s weaknesses. Consider human resources analytics. Once job applicants figured out that automated systems were looking at keywords, they got creative and included every possible keyword in their resume — but in white font and tiny letters. Or consider customer service. An equivalent to the first law of robotics in the customer service context might be the bromide that the “customer is always right.”


Integrating IT with Business and Society

The digital technologies go hand in hand with new approaches to development and operations. “Agile” methodologies result in projects that deliver value continuously from their early stages and evolve through user feedback. “DevOps”, by combining development and operations, ensures that developers know how customers use their systems, and understand their needs. The digital practitioner is emerging as a new professional that can help enterprises harness digital technologies and methods to gain business benefit. The exact role is still evolving. As Forrester’s Charles Betz points out in his book on Digital Delivery, “Digital investments are critical for modern organizations and the economy as a whole. . . Now is an ideal time to re-assess and synthesize the bodies of knowledge and developing industry consensus on how digital and IT professionals can and should approach their responsibilities.”


Asimov’s 4th Law of Robotics

Asimov header
Historically, the human/machine relationship was a master/slave relationship; we told the machine what to do and it did it. But today with artificial intelligence and machine learning, machines are becoming our equals in a growing number of tasks. I understand that overall, autonomous vehicles are going to save lives... many lives. But there will be situations where these machines are going to be forced to make life-and-death decisions about what humans to save, and what humans to kill. But where is the human empathy that understands that every situation is different? Human empathy must be engaged to make these types of morally challenging life-and-death decision. I’m not sure that even a 4th Law of Robotics is going to suffice. A difference engine is an automatic mechanical calculator designed to tabulate polynomial functions. The name derives from the method of divided differences, a way to interpolate or tabulate functions by using a small set of polynomial coefficients.



Quote for the day:


"Problems are not stop signs, they are guidelines." -- Robert Schuller


Daily Tech Digest - November 24, 2017

chatbot.jpg
The Chatbase dashboard displays a variety of top-level statistics that can be drilled down into to get detailed information. Active users, user engagement statistics, and optimization suggestions appear on the landing page. One of the most useful features for managing bots is the Session Flow and Not Handled Messages reports—both show how users are moving through the bot's menus and when they arrive at a point where the bot can't respond properly to a request. Google says both of those screens are designed to eliminate much of the tedium of combing through bot logs for critical information. The screens enable companies to find "user messages that aren't handled well, identifies opportunities to answer more requests, and offers paths to easy optimizations that address both."



A multi-tenant data center offers SDN challenges, benefits


Traditionally, an admin that adds a network device or a new server to a network would need to set aside a significant amount of time for network configuration. Dropping new network devices into a network often had a ripple effect. But with SDN, the controller can figure out how to integrate a new device into the network. While this is a huge advantage for organizations that attempt to be agile, it can cause problems with visibility. When admins add or remove multiple devices, networking or otherwise, it can be difficult to maintain real-time awareness over the networks, which can lead to significant security issues. For example, it may be easier for hackers to add devices to an SDN-enabled network if there's a lack of proper network monitoring.


9 Ways You're Failing At Business Intelligence

9 ways you’re failing at business intelligence
No technology professional looks forward to dealing with angry users. System failures and frustration points will happen. Your response to those issues will influence whether your BI initiative succeeds or fails. “The two biggest mistakes I see BI novices make is focusing too much on delivering requests and not involving end business users in the project,” explains Doug Bordonaro, chief data evangelist at ThoughtSpot. ... “When customers are yelling at you about long delivery times and service level agreements being missed, it's the obvious place to focus. Getting too involved in daily delivery misses the larger BI picture. Are you giving your customers what they need to make decisions? Do you understand what data they need? Is there a better solution to the actual problem than another report?”


Understanding Monads. A Guide for the Perplexed

With the current explosion of functional programming, the "monad" functional structure is once again striking fear into the hearts of newcomers. Borrowed from the field of category theory in mathematics, and introduced into programming languages in the 1990s, monads are a fundamental construct in pure functional languages like Haskell and Scala. Here's what most newcomers know about monads: A monad is useful for doing input and output; A monad is useful for other things besides input and output; and A monad is difficult to understand because most of the articles about monads go into too much detail or too little detail. The third bullet motivates me to write this article -- the hundredth (or maybe even the thousandth) article that introduces readers to monads. With any luck, you'll finish this article feeling that monads aren't so scary.


5 characteristics of AI technologies worth investing in


Machine learning and artificial intelligence are timely subjects that spark the public imagination. In 2016, between $26 billion and $39 billion was invested in AI, according to recent estimates from the McKinsey Global Institute, a leading private-sector think tank. That number is three times the amount spent just three years prior, an increase driven by entrepreneurial activity and technological advancements. Although thousands of venture firms are investing in sexy machine learning projects, there are very real benefits that machine learning and AI are realizing now, not in a future timeline of self-driving cars and full home automation. Smart investors and observers should consider following companies that are solving these five issues.


How Mercedes Is Preparing For The 4th Industrial Revolution


In an era of great uncertainty and disruption for automotive manufacturers, Mercedes and its parent company Daimler are jumping in full throttle as leaders of the 4th Industrial Revolution. Not only are they designing new vehicles, but their services, influence in the transportation industry and factories are transforming to embrace the new opportunities and demands of their customers. Other companies should follow their lead to thrive in the new industrial revolution. ... Not only is this revolution possible due to new technology, but it combines the physical, digital and biological worlds. There are great opportunities as well as tremendous risks within this transformation, and there will be no industry or organization who won’t be impacted in some way.


Hyper-convergence + backup software = scale-out backup nodes


The next step in the hyper-convergence process has been to collapse backup software and scale-out storage into a single product to create hyper-converged backup. A hyper-converged backup solution consolidates backup storage and software into a scale-out architecture that encompasses all the features of a backup platform. Solutions are deployed as a cluster of servers or nodes, across which the functions of metadata management, data storage and scheduling are implemented. In common with many hyper-converged infrastructure offerings, hyper-converged backup solutions implement a distributed scale-out storage layer across the cluster of nodes/servers. This provides a landing zone for backup data that can be used for recovery or “instant” restores. As hyper-converged backup products are essentially scale-out storage in their own right, many offer the ability to act as a hypervisor to a data store.


New Google Play Store malware highlights disturbing trend of multi-stage Android attacks

mobile-malware.jpg
When the app is initially installed from Google Play it doesn't even request any suspicious looking permissions. All its nefarious work is done invisibly in the background as it decrypts and runs its first payload, which in turn decrypts and runs the second one. The second-stage payload reaches out to the malware-hosting website and downloads the third-stage payload. It's at this point that the malware prompts the user to accept an installation of what seems to be a benign update—either to Flash Player, something Adobe related, or even an Android system update. If at this point the user questions the install, the whole process can be stopped without further harm—multi-stage Android attacks are literally asking you to install malware. If the install request is accepted the third payload decrypts and runs its contents: the actual malware.


2 big innovations that made Amazon's Kindle a success

Amazon CEO and founder Jeff Bezos was heavily involved in the process and challenged the team to find a way to create that wireless connection, insisting it's what customers wanted. They pulled off the feat by adding into the device a phone modem, jury-rigging the chip for downloads instead of voice calls. They partnered with Sprint, which provided the wholesale cell service. As the Lab126 team prepared to launch the new device, they joined Bezos for a two-day offsite meeting. Bezos, currently the richest person in the world but also a fan of frugality, invite the team to his parents' house in the Seattle area while his parents were on vacation in Italy, Tritschler said. Ten years later, Tritschler said tens of thousands of people still use the original Kindle device. "I smile everytime I see one on a plane," Tritschler said.


Ready For More Secure Authentication? Try These Password Alternatives

Secure authentication means moving beyond passwords
“The problem with the password isn’t the password itself. It can be hardened in certain respects,” says Heywood. “The crux of the issue is that the password is a shared secret. People reuse passwords between sites, so you’re relying not just on the security of the site you’re working with, but the security of every site you’ve ever used that password. Secrets always need to be rotated.” Passwords are transformed using a hashing algorithm that is hard to reverse. Heywood says that too many sites are using hashing algorithms that are decades old and known to be compromised. Using today’s high-speed computers, it’s relatively easy for a black hat to reverse password hashes stolen during a breach. “There are now frameworks where we can quickly validate those credentials against other website breaches or even in real time against other websites.”



Quote for the day:


"Big data is at the foundation of all of the megatrends that are happening today, from social to mobile to the cloud to gaming" ~Chris Lynch