We tend to expect that AI systems perform intellectual tasks as well as we do — or better. That’s a reasonable thing to expect since we all know that “AI is outperforming humans at more and more tasks.” It is. It even beat a Go champion. However, our minds are much more flexible than AI systems. Think about recommendations: you meet an interesting person at a startup event. Let’s give him a name: it’s John. John enjoys talking to you and appreciates your knowledge of business and technology - he asks for a recommendation of a book that will help him gain more knowledge about these things too. You quickly run through all the titles in your head. There’s book A, B, C, D, E… OK, John, I’ve got it. You should read (insert title here). How did you know what you should recommend to John? Your brain scanned the information you’ve gathered so far — what John knows, what he was interested in when talking to you, what his style is - to assess which book will be best for him, even though you have no idea about his actual taste in books. You had a feeling he’ll like it, and you might be right. Now, let’s look at an AI system that “meets” John. John enters the website of an online bookstore and he’s instantly welcomed with a list of bestselling books.
WhiteHat Security isn’t the only organization that has addressed problems with app vulnerability remediation. Their report is the among most recent, but Deloitte, Edgescan and other organizations have made similar revelations. The risks associated with app security issues are too grave to ignore. A report from Positive Technologies found that inadequate web app security was responsible for 75% of network penetrations. Another study published earlier this year found that 46% of websites had high security vulnerabilities, which was largely due to app security flaws. The discovery of app security flaws coincides with a 38% increase in SQL injection attacks. Since many security breaches are caused by security vulnerabilities in web apps, remediation needs to be a top priority moving forward. Organizations need to take a variety of measures to deal with web app security risks. The following findings have been highlighted by multiple independent web security reports, which suggests they warrant the most attention. Security analysis must be performed during the development stage of enterprise applications - Security issues are sometimes introduced during updates or patches after the initial app is released.
Alan Edelman, Jeff Bezanson, Stefan Karpinski, and Viral Shah started to create Julia in 2009, and they took inspiration from Python. Their objective was to create a programming language for better and faster numerical computing. They launched the 1st version of Julia in February 2019, and it’s an open-source language. Julia caters specifically to scientific computing, machine learning, data mining, and large-scale linear algebra. The language also caters to distributed and parallel computing. The creators of Julia wanted a language as fast as C, moreover, it should be as dynamic as Ruby. They intended that their creation should be as useful for general purpose as Python, however, it should be as useful as R for statistics. The team of 4 lead developers also wanted Julia to have the good features of Perl and MATLAB. Read more about the history of Julia in “Julia | Definition, Programming, History”. Julia has seen plenty of development already. At the time of writing, its stable release is v1.2.0, which was released in August 2019. Despite it being a new language, the usage of Julia is picking up, as you can read in “How a new programming language created by four scientists now used by the world’s biggest companies”.
A smart contract is a self-executing contract where the terms of the agreement between the buyer and the seller are directly written into lines of code. The code and the agreements are contained therein exist over a distributed, decentralized blockchain network. Smart contracts allow for trusted transactions and agreements to be carried out among anonymous parties without the need for a central entity, external enforcement mechanism, or legal system. This way, the transactions are transparent, irreversible, and traceable. Implementing smart contracts across various blockchains is made possible through Solidity, the high-level object-oriented programming language. ... Solidity was first developed by Gavin Wood, Yoichi Hirai, Christian Reitweissner, and many other core contributors of Ethereum to help develop smart contracts. With the Ethereum blockchain leading the way as a major smart contract platform, many alternative blockchains want to make use of Solidity compatible contracts to run on their networks. Smart contracts that are deployed on the Ethereum network can be easily ported to alternative blockchain networks.
Increasingly, though, the biggest benefit of edge computing is the ability to process and store data faster, enabling for more efficient real-time applications that are critical to companies. Before edge computing, a smartphone scanning a person’s face for facial recognition would need to run the facial recognition algorithm through a cloud-based service, which would take a lot of time to process. With an edge computing model, the algorithm could run locally on an edge server or gateway, or even on the smartphone itself, given the increasing power of smartphones. Applications such as virtual and augmented reality, self-driving cars, smart cities and even building-automation systems require fast processing and response. “Edge computing has evolved significantly from the days of isolated IT at ROBO [Remote Office Branch Office] locations,” says Kuba Stolarski, a research director at IDC, in the “Worldwide Edge Infrastructure (Compute and Storage) Forecast, 2019-2023” report.
"Over the last five years you've seen more and more countries gaining offensive cyber capabilities. You have a lot of different tiers, but none of them are at the level of the big four attackers that we talk about," says Sahar Naumaan, threat intelligence analyst at BAE Systems. "There's a huge number in that second and third tier that are upcoming that haven't got to the level of professionalised level of APT you see from other states: but it's only a matter of time before you see them develop," she says. While they don't sit up there with the most sophisticated hacking groups – at least yet – some of these operations have already emerged onto the world stage. One of these is APT 32, also known as OceanLotus, which is a group working out of Vietnam that appears to work on behalf of the interests of its government. The main target of attacks are foreign diplomats and foreign-owned companies inside Vietnam. Many of these campaigns begin with spear-phishing emails that encourage victims to enable macros to allow the execution of malicious payloads. It's not a sophisticated campaign, but it appears to be doing the job for now – and that's enough.
“Developers envision a system that is a constellation of satellites with solar panels, about 10,000-square meters, or about the size of a football field or tennis court,” writes Scott Turner of the Albuquerque Journal. The Air Force Research Laboratory (AFRL), in Albuquerque, along with defense technology company Northrop Grumman have just announced that they plan to spend $100 million dollars developing the hardware, called the Space Solar Power Incremental Demonstrations and Research (SSPIDR) project. Two kinds of solar-panel technology are in common use on land now. Photovoltaic solar panels work by converting energy from the sun into electricity. They don’t have moving parts, so are inexpensive to maintain, unlike turbines. Another kind of solar panel uses mirrors and lenses. They grab, and then concentrate sunlight, producing heat, which then operates steam turbines. “This whole project is building toward wireless power transmission,” Maj. Tim Allen, a manager on the project, told Turner. It will “beam power down when and where we choose.” Precise power beams will automatically track the target that needs the power, too. “We can put them down in specific locations and keep them there,” he says.
As an implementer, if you get a comment to rename a variable but think the suggested names are similar, with no clear difference: accept it. As a reviewer, if you want to suggest a change, but you cannot explain a clear advantage for your suggestion: skip it. You may think, "My solution is as good as my peer's solution. Why should I retreat?" The answer is clear. Your assumption is wrong. What seems equally good to you, may not be true for your teammate. If in your weighting system, the options are equivalent, you are the one who can tolerate it and show flexibility. So do it. Save the debate for the cases that matter to you. ... In comments and comment responses, don’t complain or blame, just append your reasoning if it’s not clear. Commenting can be a hard situation on its own. You are going to disagree with a teammate; you are going to catch a problem in their work. So don’t make it even harder by complaining. When your teammate reads your note, they may not read it with the same tone and strength you intended. If it’s a negative sentence, it’s not a surprise if they read it as a shout in their face or as it was written with total contempt. Emoji icons can help, but it’s difficult to show both seriousness and respectfulness with an emoji!
The goal of this new initiative is to build a wireframe for fighting abuse perpetrated with the aid of stalkerware. The coalition plans to operate on multiple fronts to achieve this. It will work with antivirus vendors to improve the detection of known stalkerware apps that are often used by abusers to spy and track their partners. It will also work to develop and share technical guides on how to deal with stalkerware at the level of frontline non-profits that handle victims of domestic abuse. Finally, the coalition hopes that sometime in the future, it will establish partnerships with law enforcement agencies to go after the companies that sell stalkerware apps. In alphabetical order, founding members of the Coalition Against Ransomware include Avira, the Electronic Frontier Foundation, the European Network for the Work with Perpetrators of Domestic Violence (WWP), G DATA CyberDefense, Kaspersky, Malwarebytes, National Network to End Domestic Violence (NNEDV), NortonLifeLock (formerly Symantec), Operation Safe Escape, and the WEISSER RING.
Quote for the day:
"Leaders who won't own failures become failures." -- Orrin Woodward