Daily Tech Digest - October 03, 2018

Lady Justice
The problem with many of the standard metrics is that they fail to take into account how different groups might have different distributions of risk. In particular, if there are people who are very low risk or very high risk, then it can throw off these measures in a way that doesn't actually change what the fair decision should be. ... The upshot is that if you end up enforcing or trying to enforce one of these measures, if you try to equalize false positive rates, or you try to equalize some other classification parity metric, you can end up hurting both the group you're trying to protect and any other groups for which you might be changing the policy. ... A layman's definition of calibration would be, if an algorithm gives a risk score—maybe it gives a score from one to 10, and one is very low risk and 10 is very high risk—calibration says the scores should mean the same thing for different groups. We basically say in our paper that calibration is necessary for fairness, but it's not good enough. Just because your scores are calibrated doesn't mean you aren't doing something funny that could be harming certain groups.


Here’s a solution to the AI talent shortage: Recruit philosophy students image
Who would have thought it? If schools and universities are going to help create a generation that is equipped to support the AI revolution, they might be better off teaching philosophy and psychology. Sport might be a good analogy. If you are trying to hire talent, you might be better off hiring staff while they are young, grabbing them from school or university as part of placements perhaps, an approach Melanie Oldham explains in this piece. It is an approach that sports clubs are fully versed in — football teams with their academies and talent scouts, scouring the playing fields on a Saturday morning. It often works out as a more effective approach than getting the cheque book out and buying players after they emerge. But for Rinku Singh and Dinesh Patel the route to stardom in baseball was not conventional. They joined the American baseball world after entering a talent contest in India. It was an unorthodox recruitment process made famous by the movie ‘Million Dollar Arm.’



What Is Deep Learning AI? A Simple Guide With 8 Practical Examples


It encompasses machine learning, where machines can learn by experience and acquire skills without human involvement. Deep learning is a subset of machine learning where artificial neural networks, algorithms inspired by the human brain, learn from large amounts of data. Similarly to how we learn from experience, the deep learning algorithm would perform a task repeatedly, each time tweaking it a little to improve the outcome. We refer to ‘deep learning’ because the neural networks have various (deep) layers that enable learning. Just about any problem that requires “thought” to figure out is a problem deep learning can learn to solve. The amount of data we generate every day is staggering—currently estimated at 2.6 quintillion bytes—and it’s the resource that makes deep learning possible. Since deep-learning algorithms require a ton of data to learn from, this increase in data creation is one reason that deep learning capabilities have grown in recent years.


A CIO forges a data strategy plan for creating actionable data


Information that you don't think is relevant right now can change in value. So wherever we can put a hook to preserve information for the future, we'll do that. Even if we don't take all the content and turn it into actionable data, we may take that data and leave it unstructured. We always like to leave that door open if there's information that the client has but can't think of a business case to use right now. ... It's a way of representing information -- subject, predicate, object. You start with metadata: You pull the information out about the data you're working with. Say I'm working with a journal article, so who is the author? What college did the author go to? That's just raw data. Now you want to relate that to other data. You have this author who attended this university and got this degree. Now you have not just three pieces of data, you have three related pieces of information that give you much more context.


Facebook Breach: Single Sign-On of Doom

Facebook Breach: Single Sign-On of Doom
"Due to the proliferation of SSO, user accounts in identity providers are now keys to the kingdom and pose a massive security risk. If such an account is compromised, attackers can gain control of the user's accounts in numerous other web services," according to "O Single Sign-Off, Where Art Thou?," a recently published report into "single sign-on account hijacking and session management on the web" authored by five researchers at the University of Illinois at Chicago. In the case of the Facebook breach, for example, its SSO system could have been used for a range of other sites, including its own Instagram, as well as Tinder, Spotify and others. "Our study on the top 1 million websites according to Alexa found that 6.3 percent of websites support SSO. This highlights the scale of the threat, as attackers can gain access to a massive number of web services," the researchers say. ... "Another very critical yet overlooked problem is that the stolen tokens can be used to obtain access to a user's account on other websites that support Facebook SSO *even if the user doesn't use Facebook SSO* to access them," he adds. "This depends on third-party implementations."


Augmented reality, fog, and vision: Duke professor outlines importance of smart architectures

8 virtual or augmented reality
Some of the trade-offs, she said, are already fairly well-known. For instance, many tasks that aren’t terribly demanding from a compute or network perspective are best accomplished at the edge, but the advantages in terms of latency are outweighed by the cloud’s more potent computing capabilities for more complex tasks. “When the task is small, the response time is dominated by the communication time, and the communication time is much smaller for edge systems,” she said. “Once you talk about larger tasks, however, there are more resources in the cloud, so computing time becomes more of a component in response time and the cloud connection will be faster than the edge.” “We also noted that connections to the cloud are much faster in on-campus conditions than they are in nearby residential areas, and this is well-known – connections from campuses to the cloud are optimized.” It’s an important point for academic researchers, she noted. Testing systems in areas that might not have a university laboratory’s optimized network connections yields results that are much more applicable to the real-world challenges faced by businesses.


Achieving the right balance of data privacy and IT security


A comprehensive data protection strategy must consider the integration of best practices to both security and privacy. Data integrity, retention, and availability are part of the overall data protection goal for an organization, and as such, they are tied directly to individuals’ rights as data subjects. ... Privacy cannot exist without security, but security can exist without privacy – not an ideal situation for anyone concerned. With the continued advance of technology, organizations and individuals must continue to increase awareness and knowledge of data protection, data threats, and the steps required to ensure security and privacy while still maintaining effective business practices and relatable social media interactions. The way to develop a resilient privacy and data protection program is to combine privacy- and security-related thinking into a common approach that makes it easier for employees in all organizational levels to do the right thing. As we continue to move forward in the data-driven world, we must view ourselves as data subjects and strive to attain an agile balance between security and privacy interests.


New details released on Huawei's intent-based network


The new S7530-HI and S6720-HI are fully programmable Ethernet switches based on Huawei's silicon Ethernet Network Processor. The custom application-specific integrated circuit delivers advanced features and is complemented with merchant silicon for standard functions. One of the unique attributes of this intent-based network line is it includes an integrated wireless controller for unified wired and wireless network management. The S7530-HI is equipped with all Gigabit Ethernet ports, and the S6720-HI has 100 Gigabit Ethernet uplinks. That makes the S6720-HI the first programmable, fixed form-factor switch with uplinks of that speed. These switches target the campus network and are designed to work with Huawei's wireless access points, which are ready for the internet of things, because they support a range of wireless protocols, including Bluetooth, Zigbee and radio frequency ID.


How Bank of England is using Splunk for proactive security


The bank is using Splunk to move away from a reactive SOC that only responds to known threats, and is now working towards being more proactive – or, as Pagett calls it, SOC 2.0. “The proactive model is around getting in lots of data and then what we call behavioural profiling or adversary modelling,” he says. “We try to model what our attackers might do from a behavioural point of view, and then we look for those behaviours.” Pagett says hackers can change the technology and techniques they use, but it is difficult for them to change their behaviour, making this the easiest way to spot when an attack is about to happen or is under way. The bank uses Splunk to mine the datasets needed to begin predicting these shifts in behaviour. This could range from a large number of failed password attempts to something more sophisticated, such as a spear-phishing attack with booby-trapped Microsoft Word attachments.


IT pros see security win with Microsoft Managed Desktop

Microsoft administrators said they see a clear value to this managed service -- which could potentially remove some tedious aspects of desktop management -- in an age when most users prefer physical devices. "We have folks spread across the country, so we have to wait for a shipment of laptops, and then image them and get them set up for the users," said David Bussey, systems engineer at the nonprofit Public Company Accounting Oversight Board in Washington, D.C. "What [Microsoft Managed Desktop] has to offer fits some of those pain points we're going through." Microsoft Managed Desktop allows businesses to choose two- or three-year hardware refresh cycles from a list of available devices. Right now, that list is limited to Microsoft's own Surface hardware -- specifically the Surface Laptop, Surface Pro and Surface Book 2. It plans to expand device offerings with third-party partnerships, the company said.



Quote for the day:


"Scientific knowledge is an enabling power to do either good or bad - but it does not carry instructions on how to use it." -- Richard Feynman