What’s shocking is not that Zcash had a flaw. It’s that just a handful employees knew about it and kept it secret for eight months before fixing it. The way the team handled the issue probably wouldn’t be quite so controversial if Zcash were a traditional software company. But this is crypto, where enthusiasts expect everything to be transparent and decentralized. Perhaps more important, this episode is a reminder that we lack clear definitions to distinguish between “centralized” and “decentralized” blockchain systems—even as policymakers have begun attaching real legal implications to these labels. The story begins in March. According to a lengthy blog post, that’s when Zcash cryptographer Ariel Gabizon discovered a “subtle cryptographic flaw” in an academic paper Zcash relied on to develop its technology. Zcash uses a fancy cryptographic tool called a zero-knowledge proof to let users transact anonymously. It allows transactions to be validated without giving away any other information about them.
A common misconception about fintech is that it's automating lending professionals out of the process. In our experience, lenders take their products and experiences into the cloud because it makes their operations more efficient. It also enables their teams to provide the personal touches and guidance that first-time homebuyers often want. One tactical way to do this is by giving loan teams tools that automate manual tasks like document collection. This gives loan officers more time to focus on driving new business and, in turn, grow revenue. They're also able to spend more time providing the kind of advice that drives borrower satisfaction ... Whether or not lenders have caught on, online marketplaces have set millennials' expectations around design, user experience and speed for the entire home buying process, not just the home search. About 65% of borrowers will start their real estate search online, according to PWC's Digital Mortgage 2.0 report. That's more than any other channel.
According to Craig Young, computer security researcher for Tripwire's VERT, the ES File Explorer 'Open Port' vulnerability is far more serious than originally reported. "The truth is that attackers do not actually need to be on the same network as the victim phone thanks to DNS rebinding," said Young. "With this attack model, a website loaded on the phone or by any user on the same network can directly interact with the vulnerable HTTP server. This enables a remote attacker to harvest files and system information from vulnerable devices. An attack could be launched through hacked web pages, malicious advertising, or even a tweeted video." ... The simplest example would be a public Wi-Fi like a café. In this scenario, anyone else on the same Wi-Fi could use a freely available hacking tool to identify phones or tablets connected to the network and running the vulnerable application. The attacker could use this program to list what files and apps are on the device as well as general information about the system.
According to Yaz Khoury, director of developer relations at the nonprofit ETC Cooperative, Google’s staff took note of this increased focus on fostering use cases. “They approached me,” Khoury said of Google, adding that BigQuery support is about “merging the gap between people who are very familiar with the blockchain data structure” and technologists who are more familiar with querying other types of data. Khoury is already using BigQuery to map out ETC ownership distribution beyond exchanges and the two millionaires who helped grow the ethereum spinoff, ethereum co-founder Charles Hoskinson and Digital Currency Group founder Barry Silbert. Now that Khoury said people can search for ETC blockchain data across all of Google Cloud’s BigQuery products – and that hopefully, less-crypto-savvy technologists will experiment on their own as well. Despite its nascent user base, this Google support comes at a fortuitous time for the ETC community. ETC Labs, funded by the parent company Digital Finance Group, invested $100,000 in six of the projects participating in the inaugural class of the accelerator program.
ERP systems are some of the most complex software ever invented, and reinventing them as cloud native products may be the work of a decade or more. The major ERP vendors have created SaaS versions of their software, but they’re different enough that implementing them is almost always a large project rather than a simple upgrade. That means ditching investments in customizations, which are often important to tailoring an ERP to meet a company’s needs. At the same time, SaaS ERP is essentially a new outsourcing model for familiar software. There is nothing revolutionary or transformational about it. In fact, anyone making the leap needs to analyze what familiar functions and industry-specific capabilities are missing from the SaaS version. Occasionally, we hear of SAP or Oracle ERP customers making the change anyway because they want to “start over.” However, most can’t afford to throw away the effort they have sunk into tailoring their existing system to meet their needs.
Operating a business becomes more complex daily, as organizations move to hybrid clouds and multicloud platforms, distributing information broadly beyond the network perimeter by nontechnical employees that neither have the time nor understanding to consider the security outcomes. At the same time, threats are becoming increasingly sophisticated and organized. While this ought to be a call to action to elevate the role of security to have a seat at the executive table, there still exists a mentality that security is a compliance requirement rather than a need-to-have. And from the security side, there is often the notion that "no one could possibly understand what I do, so why bother telling them about it?" Nearly every business today is now a technology business. The problem is that we've developed a culture that doesn't recognize the necessity to have open lines of communication and shared responsibility across the organization to make cybersecurity not only a priority but a standardized part of daily operational procedures.
The telecommunication sphere is under constant change due to the increasing role of the Internet services. For each telecommunication company, this may be regarded as a vast field to learn and understand the customers. Customer sentiment analysis is a set of methods applied for information processing. This analysis allows assessment of the customer positive or negative reaction to the service or product. Analysis of the aggregated data also allows revealing recent trends and reacting to the customers’ problematic issues in real-time. Customer sentiments analysis largely relies on text analysis techniques. Modern tools collect feedback from various social media sources conduct analysis and provide an opportunity of utilizing mechanisms for direct responding. The telecommunication industry is famous for its long-term experience in dealing with significant data streams for years. Due to rapid development of the internet and the evolving of 3G, 4G, and even 5G connections, telecommunication companies face the challenge of the constantly changing customer requirements.
Gitflow is a collaborative branching model that exploits the power, speed, and simplicity of Git branching. Introduced by Vincent Driessen in his classic 2010 blog “A Successful Git Branching Model”, Gitflow takes the pain out of collaborative development by allowing teams to isolate new development from completed work, allowing you to cherry-pick features for release, while still encouraging frequent commits and automated testing. As a by-product it produces cleaner code, by promoting code-reviews, even self-code reviews, thereby exposing bugs, opportunities for refactoring, and optimizations. But when it comes to implementing Gitflow in a CI/CD environment, the particulars are very specific to your development environment, and there are countless possibilities. Consequently the documentation is sparse; given the well-known branch names - master, develop, feature, etc., which branches do we build, which do we test, which do we deploy snapshots, which deploy releases, and how do we automate deployments to Dev, UAT, Prod, etc.?
As the world’s biggest supplier of networking equipment and second largest smartphone maker, Huawei is in a prime position to snatch the lion’s share of a 5G market that, by some estimates, could be worth $123 billion in five years’ time. Stalling the company’s expansion into Western markets could have the convenient side effect of letting competitors catch up. But there are also legitimate security concerns surrounding 5G—and reasons to think it could be problematic for one company to dominate the space. The US government appears to have decided that it’s simply too risky for a Chinese company to control too much 5G infrastructure. The focus on Huawei makes sense given the importance of 5G, the new complexity and security challenges, and the fact that the Chinese company is poised to be such a huge player. And given the way Chinese companies are answerable to the government, Huawei’s apparent connections with the Chinese military and its cyber operations, and the tightening ties between private industry and the state, this seems a legitimate consideration.
AI is now being developed that can truly revolutionise customer service by allowing companies the opportunity to analyse phone calls and immediately pick up essential data from them. As such, the next big move for the telecoms industry when it comes to AI will be towards integrating the technology into telephony platforms in order to help companies figure out what the immediate benefits of the data they have access to is for everyone. For instance, AI can analyse phone calls to determine the tone of the call, i.e. whether it was a positive or negative interaction, and deliver this analysis to managers, allowing them to better train call agents and gather statistics on them, which will in turn improve and automate the process. On top of this, using AI to analyse phone conversations will help companies improve their telephony offering, through the ability to offer a more personalised service and reduce waiting times.
Quote for the day:
"A good coach will make his players see what they can be rather than what they are." -- Ara Parseghian