Daily Tech Digest - August 26, 2019

Samsung Galaxy Note 10 DeX Windows 10
Just because the Galaxy Note 10 Plus isn't the laptop replacement I've been looking for, it could be the primary computing device for workers who spend most of their time either in the field or moving between branch offices. I can easily see salespeople using the S Pen to click through the slides of a client presentation on a Note 10 Plus that's connected to a conference room TV. Regional managers who travel between stores could work directly from their Note 10 Plus provided their company had an external keyboard/mouse/display combo or loaner computer available at each site. And true field workers who rarely need to type on a keyboard during the day (like officers with the Chicago Police Department, which is running a pilot program with Samsung's DeX in Vehicle solution), could definitely use the Note 10 Plus for most tasks, if their companies take the time to ruggedize the phone...at a $1,099 a device you don't want to drop this thing on a factory floor or have it fall off the back of a truck on a construction site.

NASA Astronaut Accused Of Hacking Bank Account From Space

The New York Times report details how Summer Worden, Anne McClain's estranged spouse, put her skills as a former U.S. Air Force intelligence officer to work when she suspected McClain had been accessing her bank account. Having contacted her bank for details of the locations of logins to the account, Worden discovered one of the computers, where her login credentials were used from, was registered to NASA. McClain was aboard the International Space Station at the time, due to be part of the ill-fated all-female spacewalk, and putting two and two together led Worden to the conclusion that she had found her bank account hacker. McClain, who has since returned to Earth following her six months in space, has admitted that she did, indeed, access the account while aboard the International Space Station. The newspaper report stated that, under oath and via a lawyer, McClain insisted she was making sure there were sufficient funds in the account to care appropriately for the child they had been raising together.

Gartner Hype Cycle deems software-defined networking obsolete

The Gartner report is blunt and refreshing. For instance, check out this part: "Don't get caught up in SDN hype and claims that commercial products are 'SDN' or be persuaded that SDN is the answer to all networking problems since clearly this has not transpired." The same could be said for other hyped networking technologies. Instead, Gartner advised, enterprises should focus on solving specific problems within their networks and evaluate networking services based on their ability to deliver operational value. On a positive note, SDN shook up the networking industry by challenging established vendors and affecting subsequent market developments. SDN, for instance, spurred the rising use of white box switches, open source hardware and the development of independent network switch software providers. Fortuitously, for enterprises, traditional networking vendors also shifted their focus to innovate around network operations and management.

The Death of Agile and Beyond

Despite the cry that from the agilists that agile is dead/failing, it remains popular and is becoming increasingly "fashionable" among the senior executives. Surveys by Deloitte and McKinsey show that more than 90% of the executives believe that "becoming agile" is a high priority. And of course, any high priority aspiration often comes with a mandated time-constraint. The first problem with these aspirations is the imposition; they rob people of the opportunity to choose agile as a way of being. However, the bigger problem is that these aspirations are missing a key element: the sense of why. Think of impact mapping for enterprise agility; impact mapping is a way of mapping any goal using four ordered questions why, who, how and what. Why is the most important aspect; in the case of the need to be agile, answering "Why do we aspire to be Agile" properly and keeping these reasons in the forefront of the discussion invites teams into agility instead of imposing it on them. However, in most mandated enterprise agile transformation the conversation focuses on the who, how and what.

Software-defined perimeter – the essence of trust

millennials trust
Today, the IP address is no longer sufficient to define the level of trust for a user. IP addresses lack user knowledge to assign and validate the trust. There is no contextual information taken into consideration. This is often referred to as the IP address conundrum. Therefore, as an anchor for the network location and policy, we need to look beyond the ports and IP addresses. Network policies have traditionally focused on what systems can communicate with each other. The permit or deny is a very binary framework to use in today's dynamic environment. It has resulted in a policy that is either too rigidly defined or too loosely defined. This is where the software-defined perimeter finds the middle-ground. ... The considerable benefit of using an identity provider is that it acts as a gateway for users to authenticate against the same centralized trust. However, VPNs or other gateway services require a different database with a different management process. This can create an overhead to either add or delete the users from different databases. Having everything controlled in one central database provider is the key to managing a single set of controls of trust. Essentially, in SDP, a user validates against an externally facing IDP and then the user is authenticated against the identity store.

Adopting Agile Principles In Health Care

A core tenet of our approach is that for each innovation, Inception Health establishes an Agile team composed of clinicians, engineers, managers, data scientists, and user representatives. Each team establishes an iterative cycle to improve outcomes and the value to patients, to the health professionals, and to the system overall. While the core team comprises a handful of employees, several hundreds of people from member health care systems have participated in these Agile projects. By embedding Agile principles in the integration process of innovation in the member health care systems, Inception Health has been able to integrate innovations and iterate quickly. In the past two years, Inception Health has implemented 26 innovation projects at Froedtert and the Medical College of Wisconsin Health Network, including online tools for behavioral health, diabetes management, patient engagement, campus wayfinding, and remote monitoring. To enable clinicians to prescribe digital applications at the point of care, Inception Health partnered with a company called Xealth to create a digital health formulary, tying in third-party digital health applications with the electronic health record and clinical workflows.

Hacker Claims He Can ‘Turn Off 25,000 Cars’ At The Push Of A Button

Car immobilizers hacked
Ken Munro, cybersecurity researcher and partner at Pen Test Partners, first described the hack to Forbes at the DEF CON convention in Las Vegas. He found that it was possible to turn the immobilizer on and the car off by sending a simple request via a browser. Once he'd entered the command, it took less than a second for the immobilizer to be triggered. It was as if Munro was acting as one of the SmarTrack call center employees who were permitted to turn the immobilizer on. SmarTrack systems just weren't correctly checking that the commands were being sent by an authorized user, Munro said. Munro warned that it would be impossible for anyone to start the car again with the immobilizer fitted. The only option would be to have the tech removed entirely, he added. "We now control the immobiliser, so only we can de-immobilize the car." And, if the hacker turned the immobilizer on when the car is moving, it would simply prevent the car from running as soon as the engine stopped. As Munro noted, that could be "quite nasty" if the car has an auto start and stop function. ... Munro was also critical of Thatcham Research, the industry body which had given accreditation to the SmarTrack devices, saying it was safe to use.

Choosing SIP vs. PRI: What are the differences?

Because SIP trunks are software-centric compared to PRI, they are far more elastic and scalable. Adding or reducing the number of calls a SIP trunk handles usually only takes a change in configuration on both sides of the trunk. The real limitation in the case of a SIP trunk is the bandwidth between trunk endpoints. That leads us to some drawbacks of SIP trunking. For one, many SIP trunk architectures allow a SIP trunk to ride across the same internet link that employees use to surf the internet, stream video and perform other internet-based tasks. This creates a situation where voice traffic riding across the SIP trunk can be negatively affected if there is insufficient bandwidth to handle both the calls traversing the SIP trunk and standard internet traffic. Thus, it's important to watch internet throughput closely so bottlenecks don't occur. While businesses can opt for running SIP trunks directly over the internet, telecommunications providers prefer to offer dedicated data lines directly to a customer's premises to ensure the quality and stability of their SIP trunks.

The end of project management?

clothes pins organize project management sort by ryan mcguire gratisography
As IT moves to more to a product management run organization, what are the impacts? CIOs say that the addition of product management to the mix has two impacts--increased internal customer delight and increased street cred of the CIO. When IT products are appropriate managed via product management, the impacts for the business should be digital products that are useful, usable, and get used. And CIOs suggest this is the case for both internal and external focused products. Here the business gets better aligned tools from a customer experience/user experience perspective. From this process, CIOs get to point to distinct products making an impact on the business. This is especially the case for customer-facing products where financial impact drawn from them. This makes IT more than just a cost-center that the CFO can't understand. From an organizational design perspective, teams should increasingly be based on products, not technical function. As the glue that ties disciplines to product, CIOs see the potential for clarity and transparency coming from product management and a renewed focus on data, analytics, and elevated maturity for CX, business technology, and soft skills.

Cryptography & the Hype Over Quantum Computing

So, what should we be doing now about the potential "quantum threat"? First, the cryptography research community should be focused on post-quantum secure cryptography. The good news is that this effort has been going on for years and is ongoing. The role of this research community is to make sure that we have the cryptography we need in the decades to come, and they are taking the issue seriously. (As a side note, symmetric encryption and message authentication codes are not broken by quantum computers, to the best of our knowledge.) Second, the cryptography research community should start thinking about standardization so that businesses are ready if the quantum threat does prove real. Once again, the good news is that NIST has already begun the process. But all of this is about what the "community" should do. What should you — as someone who uses cryptography to secure your business — do? Let's start with what you shouldn't be doing. You shouldn't buy post-quantum encryption and the like before standardization is complete.

Quote for the day:

"One of the advantages of being disorganized is that one is always having surprising discoveries." -- A.A. Milne

No comments:

Post a Comment