Daily Tech Digest - December 14, 2018

Technology Penetrating Fashion World

New technologies and textile innovations are not only changing how the fashion industry functions, but also how its products interact with the environment and consumers. Streamlining processes, developing more efficient systems, and modernizing operations within the fashion and retail industry are indispensable components of the fashion tech sector. Supply chain technology makes processes more efficient, while the use of data analytics, social media tools, artificial intelligence and augmented reality help guide purchasing and business decisions. The blockchain is a new digital record guaranteeing product safety, authenticity and ethical standards as records cannot be altered once added to the blockchain. Consumers can rest assured where and out of what material an item was made, who it was made by, the conditions they worked in and how much they were paid. Textile innovations and recycling processes are playing a major role in the development of a more sustainable future of fashion. 


Wine doesn't enable all Windows applications to run on Linux. But it does a good job. And that's even with Wine's developers not having access to the full story on Windows' APIs and system calls. Microsoft's software engineers, of course, have full access to Windows' internals. In addition, for several years now, Microsoft's WSL developers have been working on mapping Linux API calls to Windows and vice-versa. A lot of the work needed for Windows apps to run without modification on Linux has already been done. In short, Windows developers won't have to worry about modifying their applications. Microsoft could, without too much trouble, make it possible for them to keep running on Linux without major changes. With many applications, no change at all will be needed. For example, Office 365 now brings Microsoft more cash than MS-Office. With Microsoft doing all it can to get customers to move to cloud-based apps from shrink-wrapped programs, the underlying desktop operating system loses its importance.


Imagining banking without keyboards, apps or screens

Bank of America, Erica advertisement
The challenge facing banks, according to executives, is finding meaning and context for banking services in a simulated and automated environment.More simply, can the tangible quality of handling money translate into virtual service? The answer that banks are gravitating toward relies on crafting experiences suitable for the technology that are available at any given moment. “The way we like to think about this topic is from the perspective of the customer,” Ben Soccorsy, senior vice president of Wells Fargo virtual channels, said at a recent industry conference. “We like to think of it in the realm of contextual banking, with the notion of our customers being more hyperconnected” to multiple devices. “What can they do in banking within that context?” David Hoffman, the global banking and capital markets leader for PwC in the United States, asks banks to think of future technology innovation in the realm of what the firm calls “the art of the possible.”


Machine identity protection development gets funding boost


Venafi’s Machine Identity Protection Development Fund aims to address issues such as these directly, by building a community of funded developers to accelerate industry’s ability to protect machine identities, including hardware, software, platforms, containers, algorithms, apps and websites that are used by consumers and businesses on a daily basis.  Unlike other funds, Venafi said it was not a referral programme to third parties like venture capitalists (VCs) or private equity partners. Instead, the fund provides direct sponsorship from Venafi to incentivise developers to build integrations that speed up the industry’s ability to protect all machine identities. The fund will initially focus on integrations with DevOps tools and frameworks, cloud providers and data visualisation providers.


Android security audit: An easy-to-follow annual checklist

Android Security
Android security is always a hot topic on these here Nets of Inter — and almost always for the wrong reason. As we've discussed ad nauseam over the years, most of the missives you read about this-or-that super-scary malware/virus/brain-eating-boogie-monster are overly sensationalized accounts tied to theoretical threats with practically zero chance of actually affecting you in the real world. If you look closely, in fact, you'll start to notice that the vast majority of those stories stem from companies that — gasp! — make their money selling malware protection programs for Android phones. (Pure coincidence, right?) The reality is that Google has some pretty advanced methods of protection in place for Android, and as long as you take advantage of those and use a little common sense, you'll almost certainly be fine (yes, even when the Play Store guards slip up and let the occasional bad appinto the gates). The biggest threat you should be thinking about is your own security surrounding your devices and accounts — and all it takes is 20 minutes a year to make sure your setup is sound.


Most organizations suffered a business-disrupting cyber event

business-disrupting cyber event
The research – which surveyed 2,410 IT and infosec decision-makers in six countries – found 29 percen of respondents reported having sufficient visibility into their attack surface (i.e. traditional IT, cloud, containers, IoT and operational technology) to effectively reduce their exposure to risk. To further complicate this lack of visibility, more than half of respondents (58 percent) said their security function lacks adequate staffing to scan for vulnerabilities in a timely manner, with only 35 percent scanning when it’s deemed necessary by an assessment of risks to sensitive data. Together, these data points reveal that the tools and approaches organizations are using fail to provide the visibility and focus required to manage, measure and reduce cyber risk in the digital era. Of those organizations that measure the business costs of cyber risk, 62 percent are not confident their metrics are actually accurate.



Kubernetes vendors target container security, operations and management

Kubernetes vendors target container security, operations and management
VMware said that with the rise of cloud-native architectures built on distributed microservices, developers are encountering challenges with visibility, management and control of these new applications. The microservices that these apps are comprised of are developed on cloud-native platforms like Kubernetes or Cloud Foundry, using a variety of programming languages, and often across multiple cloud environments. “NSX Service Mesh builds on the foundation of Istio, addressing problems we’re finding in cloud-native environments. For one, NSX Service Mesh will simplify the onboarding of Kubernetes clusters and federate across multiple clouds and Kubernetes clusters. This will enable the service mesh to plug into the broader NSX portfolio and platform, creating a unified and intelligent set of policies, network services and visibility tools,” VMware wrote in a blog describing the service.


AI Driven Cyber Security- The Biggest Weapon for CSOs in the Era


Besides containing any immediate threats to cyber assets, efficient incident management entails three critical steps: remediation, recovery, and retrospection. The MDR service-driven threat management system creates a record of different incidents affecting the organisation. This recorded data then helps the security system to prevent the same attacks from taking place again. AI can significantly augment the capabilities of security experts by providing them with relevant insights to take the right call. Through a combination of advanced data analytics and machine learning, AI-driven MDR solutions can complement human-led security interventions to offer comprehensive protection of enterprise networks and data. Considering the rate of data generation and digital adoption, it is imperative that organisations have the security tools defend themselves against sophisticated threats. To achieve this, CISOs must begin investing in AI-driven solutions, as well as towards strong human-machine collaborations in the context of enterprise security – right away!


What is cryptojacking? How to prevent, detect, and recover from it

vulnerable cryptojacking hacking breach security
The simple reason why cryptojacking is becoming more popular with hackers is more money for less risk. “Hackers see cryptojacking as a cheaper, more profitable alternative to ransomware,” says Alex Vaystikh, CTO and cofounder of SecBI. With ransomware, a hacker might get three people to pay for every 100 computers infected, he explains. With cryptojacking, all 100 of those infected machines work for the hacker to mine cryptocurrency. “[The hacker] might make the same as those three ransomware payments, but crypto mining continuously generates money,” he says. The risk of being caught and identified is also much less than with ransomware. The crypto mining code runs surreptitiously and can go undetected for a long time. Once discovered, it’s very hard to trace back to the source, and the victims have little incentive to do so since nothing was stolen or encrypted. Hackers tend to prefer anonymous cryptocurrencies like Monero and Zcash over the more popular Bitcoin because it is harder to track the illegal activity back to them.


How Australia is keeping pace with microservices


The migration to microservices is seen as a way to help large companies move away from monolithic systems – not just legacy platforms – and large modern systems that can be hard to update and change. Microservices, by comparison, offer a more modular architecture in which elements can be updated independently of each other to allow incremental refresh. In its recent Predictions 2019: Software report, technology analyst firm Forrester says a sea-change is under way that will promote more widespread use of microservices. “Microservice architectures are hand-crafted by PhDs today,” it says. “Over the next year, vendors including Amazon Web Services, Google and Pivotal will prototype platforms that will bring them to the masses.



Quote for the day:


"Teamwork is the secret that make common people achieve uncommon result." -- Ifeanyi Enoch Onuoha