Daily Tech Digest - December 30, 2019

Doing the right thing: The rise of ethics in tech

Doing the right thing: The rise of ethics in tech header
"Culture means a lot of things," Schlesinger continued. "Culture in the broadest terms—in terms of tools, processes, norms, narratives—is bringing all of the things that ladder up to creating the kind of organization that is needed to then build the kind of products, features, and tools that society can benefit from." Today, we're at the point with ethics in technology that we were with automobiles in 1966, he noted, after Ralph Nader's 1965 book, "Unsafe at Any Speed," exposed and heightened awareness around the dangerous engineering practices involved in building cars at the time, resulting in new safety initiatives. "We've all awakened, and it's kind of unique that we're even having this conversation at a mainstream tech conference," Schlesinger said. "We're at the beginning stages of this evolution toward that kind of informed, just, rewarding culture in tech that holds itself accountable for the kinds of things we want to build. And ultimately, that is about showing our moral math." However, Paula Goldman, chief ethical and humane use officer at Salesforce, argued that we're not in 1966 but the early 1900s, with its waves of innovation and new norms.

Financial Services Could Never Do This Before

Financial Services Could Never Do This Before
The cloud offers a tremendous new opportunity to scale your infrastructure on-demand and offload some of the expense of data management, especially as it relates to new workloads or testbed environments. Yet the reality is, for most financial services institutions, much of the data resides on-premise in data centers and will continue to for a long time – dictated by regional jurisdictions, data security concerns or just historical preference to control the data. Financial services organizations need a new approach. Flexibility to manage data across environments is critical. Today, organizations need an enterprise data cloud that offers the ability to ingest, process, store, analyze, model any type of data (structured, unstructured, or semi-structured data), regardless of where it lands — at the edge, on premise, in the data center, or in any public, private, or hybrid clouds.

GDPR: Moving Beyond Compliance

While more organisations move to develop a senior leadership approach to data privacy, in the year and a half since GDPR, a growing number of businesses are trying to put data privacy on the radar of their entire employee base. In these organisations, it is becoming everyone’s mission to have an understanding of provenance and the use of information, with everyone taking accountability for how the organisation collects, uses, and shares personal information. The idea of accountability is that “we say what we do and we do what we say” and, importantly, “we stand by doing what we do.” This culture of accountability is something that is also being extended to how organisations talk to their customers about data privacy. Increasingly, businesses are being open and inclusive, telling customers about what they are doing with personal information and how they are protecting it. In doing so, they recognise the need to close the gap in terms of the expectations, responsibilities, and actions relevant to privacy protections and information ethics. With big data breaches, such as recent ones that exposed the data of almost 400 million people, it is no wonder that the general public is becoming wary about parting with their personal information.

Cisco 2020: Challenges, prospects shape the new year

Cisco is attacking the cloud provider market by addressing its hunger for higher bandwidth and lower latency. At the same time, the vendor will offer its new technology to communication service providers. Their desire for speed and higher performance will grow over the next couple of years as they rearchitect their data centers to deliver 5G wireless services to businesses. For the 5G market, Cisco could combine Silicon One with low-latency network interface cards from Exablaze, which Cisco plans to acquire by the end of April 2020. The combination could produce exceptionally fast switches and routers to compete with other telco suppliers, including Ericsson, Juniper Networks, Nokia and Huawei. Startups are also targeting the market with innovative routing architectures. "Such a move could give Cisco an edge," said Tom Nolle, president of networking consultancy CIMI Corp., in a recent blog.

Don’t Let Impostor Syndrome Derail Your Next Interview

Even when you’re well prepared for an interview and know that you’re perfectly qualified for the job, it can still be a nerve-racking experience to walk into a room full of strangers and prepare to be judged. To manage your jitters, start by controlling the controllable elements of your interview experience. If you’re worried about arriving punctually, for example, try taking multiple routes to your destination before the day of the interview to see which one gets you there fastest, with the least amount of traffic. Managing nervousness around the interview itself is another area where you can be proactive. In Cliff’s case, he decided to build in extra time before the interview for a 10-minute walk around the block. During this scheduled pre-meeting stroll, Cliff planned to focus on deep breathing to help ratchet down his stress response. I recommended that while walking, he take a minute or two to inhale for a count of four seconds, hold his breath for two seconds, and then exhale for a count of four seconds. He found this process deeply calming, and it allowed him to enter the interview setting feeling more confident and settled.

5 Lessons George Lucas Taught Us About Innovation

Image: Pixabay
Experimentation is an important part of any innovative team. In 1979, Lucas created The Graphics Group as part of Lucasfilm’s computer division and hired Edwin Catmull to lead it. The goal of this group was to invent new digital production tools for use in live action films. They were successful in this goal and even created software used in medical and satellite imagery. However, Catmull’s team really longed to create full-length computer-generated imagery (CGI) animated films. As they struggled to build a profitable business, neither were achieving their goals. Lucas put it this way, “I didn’t want to run a company that sold software, and John [Lasseter] and Ed wanted to make animated films.” Eventually it became clear that… Someone had to be the first to push the boundaries of blending CGI and live action beyond short special-effects shots. No longer was storytelling constrained by the limitation of a human actor. This risk gave other filmmakers a platform to build from, slowly crafting new characters to where we are today; where CGI characters are nearly indistinguishable from human ones.

The Evolution Of Data Protection

DLP is only as good as the classification rigidity enforced by the organization. Classification is always too rigid and can't keep up with fluid data movement. For DLP to prevent data from egress, data must be classified correctly. Classification is complicated and fragile. What is sensitive today is not sensitive tomorrow and vice versa. Classification turns into an endless battle of users trying to manage the classification of data. Ultimately, classification and DLP deteriorate over time. DLP adds an extremely high operational overhead, as it requires users to be classification superstars, and even then, mistakes will happen. Desjardins Group, a Canadian bank, recently made news for a malicious insider who obtained information on 2.7 million customers and over 170,000 businesses. The exact details of the breach haven't been made public yet, but DLP solutions are standard in all financial institutions. PGP's encryption is a privacy tool. Users can encrypt their data so others can't access it, but PGP fails once users try to share data with other users.

California’s privacy law means it’s time to add security to IoT

California law requires IoT to have security.
If you think about the evolution of the marketplace, we’re at a state now where the technology has gotten us to a certain point. We have connectivity. Wi-Fi has gotten to a point where it’s ubiquitous. Access to the internet is pretty pervasive around the world. That’s spun this billions-of-units vision, saying that everything is going to be connected. That’s interesting, and from a technology perspective, we’re seeing that in our houses. We see the ubiquity of these connected devices in our homes. But what quickly happens is you get what I call a normative period where societal issues come to the fore, the biggest one being privacy. You go into this normative period now where everyone says we need privacy, and then you have to have some sort of governance over the devices to create an environment where you can deliver that capability in a cost-effective way. What I’m saying specifically, as it relates to privacy today, is that there are no standards. There is no threshold. Therefore, these devices can be anywhere from having zero security capability to everything in between, across the spectrum.

IoT vendor Wyze confirms server leak

Song confirmed that the leaky server exposed details such as the email addresses customers used to create Wyze accounts, nicknames users assigned to their Wyze security cameras, WiFi network SSID identifiers, and, for 24,000 users, Alexa tokens to connect Wyze devices to Alexa devices. The Wyze exec denied that Wyze API tokens were exposed via the server. In its blog post, Twelve Security claimed they found API tokens that they say would have allowed hackers to access Wyze accounts from any iOS or Android device. Second, Song also denied Twelve Security's claims they were sending user data back to an Alibaba Cloud server in China. Third, Song also clarified Twelve Security claims that Wyze was collecting health information. The Wyze exec said they only collected health data from 140 users who were beta-testing a new smart scale product. Song didn't deny Wyze collected height, weight, and gender information. He did, however, deny others. "We have never collected bone density and daily protein intake," the Wyze exec said. "We wish our scale was that cool."

How one bizarre attack laid the foundations for the malware taking over the world

The first instance of what we now know as ransomware was called the AIDS Trojan because of who it was targeting – delegates who'd attended the World Health Organization AIDS conference in Stockholm in 1989. Attendees were sent floppy discs containing malicious code that installed itself onto MS-DOS systems and counted the number of the times the machine was booted. When the machine was booted for the 90th time, the trojan hid all the directories and encrypted the names of all the files on the drive, making it unusable. Victims saw instead a note claiming to be from 'PC Cyborg Corporation' which said their software lease had expired and that they needed to send $189 by post to an address in Panama in order to regain access to their system. It was a ransom demand for payment in order for the victim to regain access to their computer: that made this the first ransomware. Fortunately, the encryption used by the trojan was weak, so security researchers were able to release a free decryption tool – and so started a battle that continues to this day, with cyber criminals developing ransomware and researchers attempting to reverse engineer it.

Quote for the day:

"The leader has to be practical and a realist, yet must talk the language of the visionary and the idealist." -- Eric Hoffer

No comments:

Post a Comment