Daily Tech Digest - May 27, 2019

No cloud required: Why AI’s future is at the edge

More compact and capable software is paving the way for AI at the edge as well. Google LLC, for instance debuted its TensorFlow Lite machine learning library for mobile devices in late 2017, enabling the potential for smart cameras to can identify wildlife or imaging devices to can make medical diagnoses even where there’s no internet connection. Some 2 billion mobile now have TensorFlow Lite deployed on them, Google staff research engineer Pete Warden said at a keynote presentation at the Embedded Vision Summit. And in March, Google rolled out an on-device speech recognizer to power speech input in Gboard, Google’s virtual keyboard app. The automatic speech recognition transcription algorithm is now down to 80 megabytes so it can run on the Arm Ltd. A-series chip inside a typical Pixel phone, and that means it works offline so there’s no network latency or spottiness. Not least, rapidly rising privacy concerns about data traversing the cloud means there’s also a regulatory reason to avoid moving data off the devices. “Virtually all the machine learning processing will be done on the device,” said Bier

DDoS: a weapon of mass disruption

The five most commonly used in attacks were the Domain Name System (DNS) protocol, the Network Time Protocol (NTP) based weapons, the Simple Service Discovery Protocol (SSDP), Simple Network Management Protocol (SNMP) and the Trivial File Transfer Protocol (TFTP), this last of which is a new entrant into the top five. So, as new protocols are being highlighted as the source of DDoS weapons, and the total number of attacks looks set to grow, what security measures can be taken? Cybersecurity companies compile millions-strong inventories of DDoS weapons, allowing blacklisted IP addresses to be blocked. Shin says that A10 Networks can create up to 96 million entries in a blacklist. “If you can get ahead and identify them, we can use this as a strategy to prevent DDoS attacks,” says Shin. A10 Networks and its partners use several approaches, including tracking bot-herders, analysing forensic data, scanning the internet for weapons signatures and tapping networks. Shin says it is important to have an “actionable defence”.

U.S. Airports Will Use AI To Scan 97% Of Passengers' Faces Within 4 Years

Empty airport terminal waiting area
The AI system has already been placed in 15 airports across the U.S. It has currently been tested on more than 15,000 flights and identified over 7,000 travelers who overstayed their visas. CBP calculates that 666,582 passengers who arrived by plane or boat overstayed visas in fiscal 2018. The main goal of the airport scans is to catch those who have overstayed their visas. For the past few years, overstayers have represented a majority of undocumented immigrants, larger than those who enter the country illegally. However, not everyone is thrilled about this venture. Critics argue that this use of AI is an invasion of privacy and it could be of concern how this information could be used outside the airport. With access to facial recognition from many people, it could be used by hackers or given to law enforcement and used unlawfully. The documents released by President Trump explicitly said there were no limits on how partnering airlines can use this facial recognition data. CBP did not answer specific questions about whether there are any guidelines for how other technology companies involved in processing the data can potentially also use it.

VMware talks up multi-cloud era, need to transform security

"How do you make 250 security products work [together]? It's insanity," Gelsinger quipped, noting that 80 percent of security budgets were being spent on detection and response, as opposed to prevention. He called for the need to help lower enterprises' attack surface and build the underlying infrastructure to prevent security incidents from happening in the first place.  Again, VMware was looking to provide the tools to help simplify this and enable its customers to better manage their security requirements. Last August, the vendor introduced VMware Secure State to automate configuration security and compliance monitoring in native cloud environments.  Rima Olinger, AWS's global alliance lead, also spoke at the forum to pitch the cloud platform's partnership with VMware Cloud, which she said had been adopted by enterprises across various sectors including financial services and healthcare.  VMware Cloud on AWS recently launched in Singapore and also was available in Sydney and Tokyo, according to Olinger.

Top 10 Cybersecurity Risks For 2019

2019 Cyber Risk Man Assessing Servers Blue Illustration Password
Unfortunately, Cloud storage is susceptible to abuse. A large risk factor is that Infrastructure as a Service (IaaS), which is responsible for functionality, has no secure registration process. What does that imply? Provided you have a credit card, you have the key to signing up and using the cloud as soon as you are done. The simplicity, in turn, makes the cloud vulnerable to spam mails, criminals, and other malicious attacks. To mitigate the situation, it is advisable that cloud service providers develop authentication and registration processes. Additionally, they should have a way of monitoring credit card transactions. A thorough evaluation of network traffic is also crucial in eliminating cyber abuse. ... Shadow IT is software used within an organization, but not supported by the company’s central IT system. What causes a breach in shadow IT is the fact that the risk of data loss does not receive much attention when it comes to data backups. More so, there is no control over who gets to access the data. Also, the backup and recovery processes have no one to monitor.

CMO & CIO Collaboration- Integrating The Best Of C-Suite Management

To achieve new pinnacles of customer delight, the CMOs and CIOs know that it’s time for the collaboration. Mature collaborations follow similar paths of evolution, transitioning from a role-specific focus to broader internal partnerships to integrated teams. As the data grows in an enterprise, the CMOs are turning to the CIOs to make sense of this information with a common goal to increase the revenue in the dynamic competitive era. The CIOs have a continuous role to play to turn new technology into revenue. They need the CMOs to help them meet the customer’s demand for this intelligent information. Thus, the CIOs and CMOs need to work together, for turning all this data into growth numbers. As the worldwide volume of data grows at least 40 percent a year, the CIOs and CTOs have come to a stage to be dependent on each other in much more collaborate manner than ever before. That’s why many CMOs are waking up to the fact that IT can’t be treated like a back-office function anymore; rather, the CIO is becoming a strategic partner who is crucial to developing and executing marketing strategy.

Most enterprise IoT transactions are unencrypted

network security / network traffic scanning
Researchers looked through one month’s worth of enterprise traffic traversing Zscaler’s cloud seeking the digital footprints of IoT devices. It found and analyzed 56 million IoT-device transactions over that time, and identified the type of devices, protocols they used, the servers they communicated with, how often communication went in and out and general IoT traffic patterns. The team tried to find out which devices generate the most traffic and the threats they face. It discovered that 1,015 organizations had at least one IoT device. The most common devices were set-top boxes (52 percent), then smart TVs (17 percent), wearables (8 percent), data-collection terminals (8 percent), printers (7 percent), IP cameras and phones (5 percent) and medical devices (1 percent). While they represented only 8 percent of the devices, data-collection terminals generated 80 percent of the traffic. The breakdown is that 18 percent of the IoT devices use SSL to communicate all the time, and of the remaining 82 percent, half used it part of the time and half never used it.

Beware of email lawsuit scam, an Android missed call con

A new kind of spam may be coming to Android phone users. The news site Bleeping Computer has a report that a security company has discovered a campaign that tries to trick users with a message that says “Missed call.” One version suggests you’re going to get a new iPhone, or there’s some sort of reward. The idea is to get you to click on an image or a link. Don’t fall for these scams. If you don’t know who a call is from, delete the message. Finally, some countries do a better job of filtering out malicious email than others. That’s one of the findings of a British information site called Merchant Machine.Thirty-six per cent of the email in Brazil carried malware, according to its research. Mexico was second with a rate of almost 30 per cent. By comparison, almost nine per cent of email in the U.S. was malicious, almost five per cent in China. The lowest was 3.6 per cent in the Middle East country of Oman. Still, all of the countries studied 60 per cent of their email had spam. The security industry and Internet service providers have to do better.

Fog computing vs. edge computing: What's the difference?

According to OpenFog, fog computing, which is also called fog networking and fogging, standardizes cloud extension out to the edge, encompassing all the space and activity between the two. Edge computing, in this case, is more limited in scope, as it refers to individual, predefined instances of computational processing that happen at or near network endpoints. With this paradigm, edge computing cannot create direct network connections between two endpoints or between an endpoint and an IoT gateway on its own; for that, it needs fog. ... Still other IT pros say the use of fog computing vs. edge computing depends specifically on the location of the distributed compute and storage resources. If processing capabilities are embedded directly within a connected endpoint, they call that edge computing. But if intelligence resides in a separate network node stationed between an endpoint and the cloud, such as a local node or IoT gateway, then it's fog.

Being an Ethical Software Engineer

What can we do if we care about ethics and want to bring it more into our practice? The main thing to do is probably to keep an open mind and keep asking questions. This is what it’s mostly about- asking questions. Thinking about what we do and how it would affect other people, and if we are happy with how it affects other people. We’re lucky because we’re in a needed profession, and we have the ability to make a stand and be heard. We need to raise those questions when we encounter them, start making these conversations, and even if we don’t have answers, at least bring it up, get people involved, raise awareness. Another powerful tool we have is choosing who we work for. There might always be some compromises when it comes to business priorities, but we can at least avoid helping the obvious ‘evil’ ones, companies that exploit their users or working in questionable fields. Early on in my career, I had a very short period of working for a company in the online gambling industry. The ease I felt leaving the job made it clear to me that feeling good about where you work and knowing that your efforts aren’t contributing to damaging society, is priceless.

Quote for the day:

"We cannot choose our external circumstances, but we can always choose how we respond to them." -- Epictetus

No comments:

Post a Comment