Daily Tech Digest - February 28, 2019

istock-808157766-1.jpg
Risk Based Security, the private operator of competing database VulnDB, aired their grievances with the public CVE/NVD system in their 2018 Vulnerability Trends report, released Wednesday, with charged conclusions including "there is fertile grounds for attorneys and regulators to argue negligence if CVE/NVD is the only source of vulnerability intelligence being used by your organization," and "organizations are getting late and at times unreliable vulnerability information from these two sources, along with significant gaps in coverage." This criticism is neither imaginative, nor unexpected from a privately-owned competitor attempting to justify their product. In fairness to Risk Based Security, there is a known time delay in CVSS scoring, though they overstate the severity of the problem, as an (empirical) research report finds that "there is no reason to suspect that information for severe vulnerabilities would tend to arrive later (or earlier) than information for mundane vulnerabilities."



Will Digital Banking and Cashless Economies Lead to Chaos?


Digital banking systems may be ‘convenient,’ but there is little doubt that they often fail, with the consequences of a failure being significant. On June 1, 2018, shoppers in the United Kingdom were left stranded, unable to make purchases with their Visa cards. The outage, which lasted for several hours, caused significant disruption and exemplified the problems of monopolized reliance on digital infrastructure. In another example, TSB, a leading British retail and commercial bank, recently faced scrutiny for its mishandling of the migration of its digital infrastructure, that left thousands of customers unable to access their online and mobile banking accounts for up to five days. According to the Financial Conduct Authority, financial institutions in the United Kingdom have reported a 138 percent increase in technology outages and an 18 percent increase in “cyber incidents” this year to date. ... As transactions move online, the amount of data available about one’s finances and purchasing habits increases. Does the current digital infrastructure have appropriate safeguards to protect against data breaches?



Most AI developers are now ultimately directed towards achieving a basic goal. They are charged with the responsibility of building AI models that would aptly substitute direct human efforts. This need comes in recognition to the inadequacies of human labor efforts, which are characterized by inaccuracy, inefficiency and other failures. For example, artificial intelligence has been pointed at to possess the potential for more accurate medical practices. Thus, you can be sure of a more accurate surgical procedure using this framework than is currently available by most humans. Hence, we can say that the opposites of the inadequacies of human efforts are precisely the benefits of artificial intelligence to our world. However, even though work is ongoing in significantly constructing the usefulness of this technology, truly significant achievements are yet to come. AI is all around us, but often times we don’t notice it. For instance, Facebook uses AI technology for its image recognition.



The FTC Probably Doesn't Need A New 'Big Tech' Task Force. It Just Needs To Do Its Job

While there's certainly a lot of solid complaints to be made about "big tech" giants like Facebook and Google (especially on the privacy front), it's also pretty obvious that a lot of the recent criticisms of "big tech" aren't being made in good faith. Claims of "censorship" of conservatives, for example, usually don't hold up under scrutiny, and are often driven by folks who wouldn't be facing these problems if they didn't behave like legendary assholes on the internet in the first place. Similarly a lot of the recent criticism of big tech is coming from telecom giants eager to saddle Silicon Valley giants with unnecessary regulation in a bid to hoover up a bigger slice of the online advertising pie. On the one hand, telecom giants like AT&T and Verizon just got done convincing the FCC to effectively neuter itself, leaving any remaining oversight in the lap of an FTC they know won't (and often can't) hold them accountable.


How To-Do is integrating with more and more of the Microsoft ecosystem


To-Do integration is much simpler than these older ways of connecting tasks to Outlook. Sign in to both Outlook (or Outlook.com) and To-Do with the same account and tasks and the lists you organise them into will just sync between the two tools. (If it's a Microsoft account, it has to use outlook.com, not a Yahoo or Gmail email address.) You can create tasks and mark them as complete in either app, and drag tasks from one list to another in either app. Even the emoji you can use in list names to customise the To-Do icons appear in Outlook. Under the covers, To-Do is rather like a specialised viewer for Outlook and Exchange tasks, although it doesn't support all the Outlook task features. You can only have one due date, rather than separate start and end dates; task statuses like in-progress or 25 percent complete, and details like mileage won't show up in To-Do; and you can't set task work hours, different priority levels or assign an Outlook category.


A government perspective: Tech Trends 2019

Globe
Many public organizations are finding that each individual advancement in technology—for example, blockchain, or digital reality, or serverless architecture—is powerful, but that the real power emerges when they combine. Finding jobs that new technologies can do is a first-level challenge. Finding ways to integrate a constellation of new technologies into a new operational paradigm is the next-level challenge that’s unfolding right now. Public-sector organizations have much to learn from each other. They can draw useful lessons from their counterparts in private enterprise, and indeed from other nations. Each agency is on a path toward greater digital adoption, but they’re at different places on that journey. What do they have in common? A commitment to mission-driven service.


It’s time to start some serious research into the ethics of AI


There was a general view among panellists that the need for more AI ethics research should not be read as a need for more regulation. Elisabeth Ling, managing director of researcher products and research metrics at Elsevier, said that among members of the European Commission’s high-level expert group for AI - of which she is a member - the ethics debate is, “hard and hot.” However, “There seems to be a consensus that jumping to regulation would not be the right thing to do,” she said. “We already have quite strong laws in place in Europe.” It is important to distinguish between regulating algorithms and regulating the way they are used, said Nick Jennings, vice provost for research and enterprise at Imperial College London. In the former case, “I can’t think of a sensible way in which that would make sense,” he said. But, “when [algorithms have] been trained and have data inside them and they can make decisions and they’re being used in a given application, then it is a different business.”


Why the industrial IoT is more important than consumer devices

8 surprising IoT trends to watch for in 2019
“The edge is basically any place — a wind farm, a factory — where data is generated, analyzed, and largely stored locally,” Nelson said. “Wait? Isn’t that just a data center? Sort of. The difference is the Internet of Things.” His point is that most of the vast amounts of data that is machine-generated doesn’t need to go very far. “The people who want it and use it are generally in the same building,” he noted, quoting Gartner’s prediction that more than 50 percent of data will be generated and processed outside traditional data centers — on the edge — although “snapshots and summaries might go to the cloud for deep analytics.” But Nelson wasn’t sure about what kind of edge architectures would prevail. The edge might function like an interim way station for the cloud, he noted, or we could see the emergence of “Zone” networking — edges within edges — that can conduct their own analytics and perform other tasks on a smaller, more efficient scale.


VMware offers pure open-source Kubernetes, no chaser


Unless you've been hiding under a rock in the IT world, you know Kubernetes, the container orchestration program of choice, is hotter than hot. Everyone's using it, adding on to it, offering it as a service, the list goes on and on. But VMware wants you to know that, if all you want is Kubernetes without all the fancy trimmings, well, it can give you that, too, with VMware Essential PKS. PKS includes upstream Kubernetes; reference architectures to inform design decisions; and expert support to proactively guide you through upgrades or maintenance and help you troubleshoot it if you need a hand. That's all. That's it. If that sounds familiar, well it should. Last November, VMware acquired Heptio. This company, which was founded by two Kubernetes creators, Joe Beda and Craig McLuckie, used essentially this business model. Indeed, you could argue, that VMware Essential PKS is just a new coat of pain on Heptio's previous offerings.


Monitoring and Managing Workflows Across Collaborating Microservices


In its essence, orchestration for me means that one service can command another to do something. That’s it.That’s not tighter coupling, it is just coupled the other way round. Take the order example. It might be a good idea that the checkout service just emits an order placed event but does not know who processes it. The order service listens to that order placed event. The receiver knows about the event and decides to do something about it; the coupling is on the receiving side.  It is different with the payment, because it would be quite unnatural that the payment service knows what the payment is for. But it would need that knowledge in order to react on the right events, like order placed or order created. This also means it has to be changed whenever you want to receive payments for new products or services. Many projects work around this unfavorable coupling by issuing payment required events, but these are not events, as the sender wants somebody else to do something.



Quote for the day:


He who cannot be a good follower cannot be a good leader. - Aristotle


No comments:

Post a Comment