Daily Tech Digest - April 03, 2020

How to balance privacy concerns around facial recognition technology

facial recognition technology
Facial recognition without an individual’s consent has been at the center of controversy in recent news. It’s often associated with widespread surveillance and a breach of civilian privacy. Its use should be distinguished as a technology that removes control from the person whose likeness is being captured without consent — in some cases to catch bad actors or known terrorists, but in other cases, the intent is more malicious. For example, American billionaire John Catsimatidis was recently criticized for using the Clearview AI app to profile his daughter’s date. Catsimatidis simply captured a photo of the individual and uploaded it to the app to conduct a full-fledged background check. ... This use case can and should be considered an abuse of the technology and needs to be reinforced by regulatory bodies. Facial authentication, on the other hand, gives the individual full control by offering a choice as to whether they would like to allow the technology to identify them. Facial authentication is performed to protect logins and is permission-based — it offers a superior level of account protection compared to usernames and passwords, knowledge-based authentication or even SMS-based two factor authentication.


FCC wants to add a new swath of bandwidth to Wi-Fi 6

hack your own wi fi neon wi fi keyboard hacker
The driving factor, as ever, is the bottomless demand for spectrum caused by the increasing use of wireless just about everywhere, and the FCC’s announcement cites projections from Cisco that say about 60% of worldwide data traffic will move across Wi-Fi links within the next two years. Using the full 6GHz spectrum – all 1,200MHz of it – is part of the Wi-Fi 6 (802.11ax) standard that can’t be put into use until it is freed up by the FCC. With that spectrum extension in place the standard is known as Wi-Fi 6E, and devices with new silicon would be needed to implement it. “By doing this, we would effectively increase the amount of spectrum available for Wi-Fi almost by a factor of five,” said FCC chair Ajit Pai in a statement. “This would be a huge benefit to consumers and innovators across the nation.” But the incumbent licensed users of parts of the 6GHz spectrum – which are mostly businesses using microwave links for wireless backhaul and public safety services – aren’t pleased. The Utilities Technology Council is one of several groups that has been critical of earlier proposals to open the 6GHz band to broad-based unlicensed use, saying in response to Wednesday’s announcement that assurances that existing users would be protected from interference are unconvincing.



Cnvrg.io launches a free version of its data science platform

3D illustration Rendering wave of binary code pattern Abstract background.Futuristic Particles for business,Science and technology background
Ettun describes CORE as a ‘lightweight version’ of the original platform but still hews closely to the platform’s original mission. “As was our vision from the very start, cnvrg.io wants to help data scientists do what they do best – build high impact AI,” he said. “With the growing technical complexity of the AI field, the data science community has strayed from the core of what makes data science such a captivating profession — the algorithms. Today’s reality is that data scientists are spending 80 percent of their time on non-data science tasks, and 65 percent of models don’t make it to production. Cnvrg.io CORE is an opportunity to open its end-to-end solution to the community to help data scientists and engineers focus less on technical complexity and DevOps, and more on the core of data science — solving complex problems.” This has very much been the company’s direction from the outset and as Ettun noted in a blog post from a few days ago, many data scientists today try to build their own stack by using open-source tools. They want to remain agile and able to customize their tools to their needs, after all.



Australian Privacy Foundation labels CLOUD Act-readying Bill as 'deeply flawed'

"It enshrines an inappropriate level of discretion and weakens parliamentary oversight regarding interaction with governments that disrespect human rights. "It is a manifestation of a drip by drip erosion of privacy protection in the absence of a justiciable constitutionally-enshrined right to privacy in accord with international human rights frameworks." The remarks were made in the opening of APF's submission [PDF] to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) and its review of the Telecommunications Legislation Amendment (International Production Orders) Bill 2020. The Bill is intended to amend the Telecommunications (Interception and Access) Act 1979 (TIA Act) to create a framework for Australian agencies to gain access to stored telecommunications data from foreign designated communication providers in countries that have an agreement with Australia, and vice versa, as well as remove the ability for nominated Administrative Appeals Tribunal members to issue certain warrants.


Windows 10 security: How the shadow stack will help to keep the hackers at bay

ms-shadow-stack-4-code-execution-mitigations.jpg
Microsoft and Intel worked together on a design called Control-flow Enforcement Technology (CET) several years ago, which adds the new Shadow Stack Pointer (SSP) register and modifies the standard CPU call and return instructions to store a copy of the return address and compare it to the one in memory -- so most programs won't need any changes for compatibility. If the two addresses don't match, which means the stack has been interfered with, the code will stop running. "The shadow page table is assigned in a place that most processes or even the kernel cannot access, and this is supported by a new page table attribute that is not even exposed right now and people can't query it either," Pulapaka said. "The idea is that you will not be able to see that it exists, and you will not be able to touch it -- and if you try to touch it, the kernel doesn't allow it to allow any arbitrary process to touch it." CET also includes some forward call protection: indirect branch tracking does a similar check to CFG but in hardware. The CET specification was first released in 2016 and for compatibility, silicon released since then has had a non-functional version of the instruction that marks indirect branch addresses as safe.


Cyber security matters more than ever

Networks can be accessed in multiple ways, remote offices are common, there is an abundance of bandwidth and cyber security harnesses the power of artificial intelligence and other advanced technologies to help make the mobile office a reality. With more and more people now able to work from home and an estimated 4.1 million people electing to do so, companies need to ensure their cyber security extends beyond the confines of the office walls. With the increasing escalation of the COVID-19 situation in Australia, organisations have closed their physical premises and are enforcing work from home policies to ensure the health, wellbeing, and safety of employees. With much of the workforce now tapping into their home networks to enable business and operational continuity, this raises serious cyber security issues. The State of Cybersecurity in Asia Pacific survey by Palo Alto Networks found that almost half of respondents stated their biggest cyber security challenge was their employees’ lack of cyber security awareness. Imagine if those employees are working from home and accessing devices used by the family for business purposes, this exposes the employee to potential exploitation by cyber criminals and puts the employer at risk.


Zoom Rushes Patches for Zero-Day Vulnerabilities

Zoom Rushes Patches for Zero-Day Vulnerabilities
In recent days, Zoom has faced intense scrutiny over the platform's security and privacy. On Wednesday, researchers revealed that a Zoom feature that's designed to help individuals within an organization quickly connect to others through the desktop app can expose email addresses, full names and profile photos to other users who should not have access, according to Motherboard. Zoom also issued an apology this week for sharing large sets of user data by default with Facebook, blaming the social network's software development kit, which it has removed from its iOS app. Exposed users' data included IP addresses and device model. Zoom has now stopped that data sharing practice and updated its privacy guidelines (see: Zoom Stops Transferring Data by Default to Facebook). On Monday, the New York Times reported that New York Attorney General Letitia James sent a letter to Zoom asking about the company's privacy and security practices. The letter also sought information about vulnerabilities "that could enable malicious third parties to, among other things, gain surreptitious access to consumer webcams," according to the report.


Are you overengineering your cloud apps?

Are you overengineering your cloud apps?
People building applications on public clouds have a multitude of cloud services that can be integrated into that application with little time and very little money. AI services, such as deep learning and machine learning, are often leveraged from applications just because of the ease of doing so. In many cases, the use of AI within a specific application is actually contraindicated. Other tempting services include containers and container orchestration systems. Although these are a great addition for a good many apps, I’m seeing them more and more force-fit these days. Developers are being lured by their hype. The trade-off here is that overengineered cloud apps are more costly to build, overly complex, and thus harder to operate over time. Indeed, they may double the cost of cloudops after deployment, as well as double the cloud bill you’ll get monthly. Cloud app designers and developers need to focus on the minimum viable features that the cloud applications need to solve the core problems. An inventory control application perhaps does not need a machine learning system bolted on, but a fraud detection system does.


Microsoft to hospitals: 11 tips on how to combat ransomware

ransomware2018.jpg
Ransomware can be damaging to any business, as it holds critical data hostage; with most companies, the loss can be measured financially. But when a hospital is attacked with ransomware, the cost can be measured in human life, either through direct patient care or through research being done on vaccines and medicine. Further, hospitals are now so focused on the coronavirus that medical staff and employees may forget the usual security protocols when dealing with email and other content. All of this makes them potentially easy prey for ransomware. Though a range of criminal groups and campaigns are known to employ ransomware, Microsoft in its blog post focused on REvil, also known as Sodinokibi. This campaign exploits gateway and VPN flaws to gain entry into organizations. This type of strategy is especially rampant now as so many more people are working from home or remotely. If successful, these attackers can steal user credentials, elevate their privileges, and then move across compromised networks to install ransomware and other malware. Gangs like REvil use human-operated methods to target organizations most vulnerable to attack.


Is remote work the new normal?

remote work
As COVID-19 continues to spread, remote work is no longer an experiment, but a requirement in many nations. While it represents a huge change, the results of a research conducted by OnePoll and Citrix, reveal that a majority of employees around the world are adapting to working from home and believe it will become the new normal for the way work gets done. “Remote work is not business as usual. It represents a totally new way of thinking and operating and can be a difficult adjustment for employees and employers to make,” says Donna Kimmel, Chief People Officer, Citrix. “But business must go on, even in times of crisis. And as the research makes clear, companies that give their people the right tools can help them make the transition, empower them to be and perform at their best, and emerge stronger when conditions improve.” As Kimmel notes, remote work is a completely new concept for most employees. ... “You can have the best technology in the world. But if you don’t provide employees with resources to help them make the adjustment, they won’t use it and continue to engage and be productive,” Kimmel says.




Quote for the day:


"A good objective of leadership is to help those who are doing poorly to do well and to help those who are doing well to do even better." -- Jim Rohn


Daily Tech Digest - April 02, 2020

A crypto-mining botnet has been hijacking MSSQL servers for almost two years

botnet world map
The brute-force attacks that seek to guess the password of MSSQL servers have sprayed the entire internet. Guardicore says that since May 2018, they've more than 120 IP addresses used to launch attacks, with most IPs coming from China. "These are most likely compromised machines, repurposed to scan and infect new victims," Harpaz said. "While some of them were short-lived and responsible for only several incidents, a couple of source IPs were active for over three months." Harpaz said that the botnet has been in a constant churn, with the botnet losing servers and adding new ones daily. Per Guardicore, more than 60% of all hijacked MSSQL servers remain infected with the Vollgar crypto-mining malware only for short periods of up to two days. Harpaz said that almost 20% of all MSSQL systems, however, remain infected for more than a week, and even longer. Harpaz believes this is because either the Vollgar malware manages to disguise itself from the local security software, or the database isn't running one in the first place.


Thousands of potential phishing sites created to target Zoom users image
As well as targeting companies through Zoom, cybercriminals are trying different cyber scams to trick companies. These scams include impersonation on social media platforms or phishing emails. The scams are aimed at tricking employees into giving money away, provide the credentials to cloud-based applications, or pay fake invoices. This increase in online fraud is a significant threat that most companies are not prepared for. Yoav Keren, CEO, BrandShield, said: “With global businesses big and small become increasingly reliant on video conferencing facilities like Zoom, sadly, cybercriminals are trying to capitalise. Businesses need to educate their employees quickly about the risks they may face, and what to look out for. The cost of successful phishing attacks is bad for a company’s balance sheet in the best of times, but at the moment it could be fatal. “BrandShield protects some of the biggest corporations in the world and we takedown thousands of threats across websites and social media. 


Edge will evolve, from local deployments to regional, to the core; from regional to regional, or from regional to core. Increasingly, users won’t want to rely on public wide-are network (WAN) to relay data between datacentres or integrate data from different applications, especially since IoT apps mean a lot of integrated data. “Colocation provider VPNs and virtual interconnections are able to offer a kind of private routing,” Ascierto says. “You can track where the data is routed; it doesn’t go on the internet and a black hole appears at the core.” Edge computing startup Vapor IO signed a deal with network provider Cloudflare in January to roll out on the former’s Kinetic Edge integrated edge colocation, networking and exchange services platform. Nitin Rao, head of global infrastructure at Cloudflare, says the interconnection ecosystem includes small datacentres at wireless aggregation hubs, owned by investors. 


Coronavirus with world map and biohazard symbol
It’s not that these applications of AI are bad, but rather that they belong to a set with few actionable outcomes. If your big data analysis of traffic supports or undercuts a proposed policy of limiting transportation options in such and such a way, that’s one thing. If your analysis produces dozens of possible courses of action, any of which might be a dead end or even detrimental to current efforts, it’s quite another. Because these companies are tech companies, and by necessity part ways with their solutions once they are proposed. Any given treatment lead requires a grueling battery of real-life tests even to be excluded as a possibility, let alone found to be effective. Even drugs already approved for other purposes would need to be re-tested for this new application before they could be responsibly deployed at scale. Furthermore, the novel substances that are often the result of this type of drug discovery process are not guaranteed to have a realistic path to manufacturing even at the scale of thousands of doses, to say nothing of billions. That’s a completely different problem!


Danger / threats  >  storm clouds / lightning
DNS vendor BlueCat says it has been tracking the use of DNS over HTTPS (DoH) – a method of encrypting queries to prevent visibility into DNS traffic patterns. Over the last week through March 27, the company said it has seen a massive increase in the use of DoH across its customer base wrote Ben Ball, director of strategy and content marketing at BlueCat in a blog about the trend. “In the course of a single weekend, the number of endpoints attempting to use DoH went from an average of 90 to about 1,400. That’s a 1,500% increase in the use of DoH. Around 45% of these queries are from Firefox (which now activates DoH by default). Aside from that, we’re seeing queries to eleven different DoH services from all kinds of applications. DoH usage is fairly uniform across our customer base as well – this isn’t one company or industry vertical; this is a broad trend. While we haven’t seen any clear indications that any of these queries are from DoH enabled malware, that is an emerging threat that we are tracking,” Ball stated.


Windows 10 bug that broke internet connectivity gets patched – here’s how to install the fix


Affected users are those running a VPN (or proxy) who might experience net connectivity issues with some applications (or the system may indicate there’s no internet connection, even if there actually is – a more minor glitch where connectivity isn’t actually disrupted). ... Note that Windows 10 users won’t get this new fix from Windows Update, as is commonly the case (at least not yet, at the time of writing). Rather, it is necessary to grab this one manually and install it that way. Luckily, this is a simple process which we’ll explain in full now. If you’re running Windows 10 November 2019 Update or May 2019 Update, head over to the Microsoft Update Catalog here and download the relevant version for your system. All you need to do to install the file is double-click on it once downloaded, and then follow the instructions. Version 1909 is the November 2019 Update and version 1903 is the May 2019 update (as you’ll see, there’s also a version for those running Windows Server). Almost all users will need to download the relevant patch for x64-based systems, if you’re running 64-bit Windows 10, which is highly likely.


The Future Of Data Science

The Future of Data Science
As of today, most of the data science usage is centred on descriptive, diagnostic or predictive analytics. In the future, the new-age data science practice will allow the service provider to generate content that is profitable and enriching for the consumer. Let me elaborate on this further. In one household, there are different consumer needs for online content on platforms like Netflix or Amazon Prime. My content consumption as a business professional is very different from that of my teenage kids. Today, it is difficult to track the individual user preferences as the service provider might not understand the actual user who is holding the remote in his or her hand. However, once we move to use voice, it will be easy for the machine to understand if the consumer is an adult or a teenage kid. Within a single user ID, then, the content that will be pushed will be very different and more relevant for the consumer. Once, such interactions start between the human consumer and the machine that understands the human voice (tone to predict mood/emotions), there are limitless possibilities to personalise the content, and then charge a premium for it.


Microsoft directly warns hospitals, 'Fix your vulnerable VPN appliances'


"Through Microsoft's vast network of threat intelligence sources, we identified several dozens of hospitals with vulnerable gateway and VPN appliances in their infrastructure," the Microsoft Threat Protection Intelligence Team revealed in a new post. "To help these hospitals, many already inundated with patients, we sent out a first-of-its-kind targeted notification with important information about the vulnerabilities," it added. The alert contained information about how attackers can exploit the flaws, and a "strong" warning that the affected hospitals need to apply security updates that will protect them from exploits.  One group the Microsoft team has been tracking is the REvil, aka Sodinokibi, ransomware gang, which is known for making massive ransom demands on businesses and government agencies. In January it was caught targeting unpatched Pulse Secure VPNs, as well as flaws in enterprise Citrix servers. The ransomware gang hasn't developed new attack techniques but rather has repurposed tactics from state-sponsored attacks for new campaigns that exploit the heightened need for information in the current coronavirus crisis.


Is Kubernetes becoming the driving force of enterprise IT?

Is Kubernetes becoming the driving force of enterprise IT? image
In a world where innovation and time to market is a top priority, Day One developers need to be able to efficiently provision infrastructure and get coding. Using a managed platform that provides ready access to everything needed to run containers and Kubernetes consistently across a hybrid environment (including support and security) means application and developer teams can spend more time solving business problems. Many organisations will want their hybrid environment to include multiple public clouds. This means they need to be aware of how much flexibility and freedom they’ll want for using the technologies of their choice—including emerging innovations like Quarkus, which lets you build cloud-native applications; or Operators, a way of packaging Kubernetes-native applications for easier management. Ultimately, this means understanding the difference between an open platform and a proprietary one.


Thousands of PCs break exaFLOP barrier

supercomputer / servers / data center / network
An exaFLOP is one quintillion (1018) floating-point operations per second, or 1,000 petaFLOPS. To match what a one exaFLOP computer system can do in just one second, you'd have to perform one calculation every second for 31,688,765,000 years. While the supercomputing stalwarts continue to build their systems, Folding@Home just crossed the exaFLOP barrier ahead of IBM, Intel, Nvidia, and the Department of Energy. Folding@home is a distributed computing project running for 20 years. It was administered first by the chemistry department at Stanford University and as of last year, by Washington University in St. Louis. Its software runs on individual PCs and remains idle as long as the computer is in use, then it kicks in when the PC is idle. The project simulates how proteins misfold and cause diseases such as cancer and Alzheimer's Disease. Proteins self-assemble in a process called folding. When a protein misfolds, disease can occur. By simulating protein misfolds, Folding@Home seeks to understand why they misfold and perhaps how to prevent it and undo the damage.



Quote for the day:


"Don't just hope to have a great day; do everything to make it a great day! Live Intentionally!" -- Bruce Van Horn


Daily Tech Digest - April 01, 2020

Providers address capacity, supply-chain challenges brought on by COVID-19

A globe, centered on the United Kingdom, surrounded by global connections.
In terms of physical infrastructure, Netflix had to overcome some supply-chain obstacles. "We have had multiple fires at this point with our supply chain," Temkin said. For example, the primary server manufacturer for Netflix is located in Santa Clara County, Calif., where residents have been ordered to shelter in place. "We had 24 hours to figure out how to get as many of the boxes out of there as we possibly could," he said. Netflix has resolved those supply issues, for the most part, by sourcing elsewhere. "By and large, we've been able to use most of the infrastructure we have deployed. Partners like Equinix have been great about getting cross-connects provisioned quickly where we need them in order to get interconnects beefed up in certain markets," Temkin said. On the content-production side, there's not a lot happening – at Netflix or anywhere else – as studios halt film and TV production to avoid further fueling the outbreak. "One of the big challenges we are trying to figure out is: what parts of it can we restart?" Temkin said.


Key risk governance practices for optimal data security

From cyber security standards to policies around articulating data handling processes and providing transparent updates, the organization needs to clearly understand all of the compliance standards relevant to it. In addition, it needs to make sure its regulatory readiness processes extend to not just internal compliance and risk management but also to compliance with regulations like General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). This is especially important for heavily regulated industries such as banking, financial services, technology, where many of the organizations’ business models are rooted in customer data To support the two elements above, the organization needs to undertake a sustained effort to seamlessly map out its data handling process across the stages of acquisition, storage, transformation, transport, archival, and even disposal. 


The overriding factor that separates IT and security teams is organizational misalignment; the two teams often report up through different management structures. The executives leading each faction -- the CIO and CISO, respectively -- typically have different goals, which are measured and rewarded by disparate key performance indicators (KPIs). In addition, the CIO is often perceived as being higher in the executive pecking order. To create a culture of shared security across the organization, give the CISO and other IT security leaders more status and authority. Include them in the strategy, planning and early development phases of new IT and application projects and treat them as a trusted partner. Shared authority at the executive level requires shared goals. IT operations and security teams will likely continue to have separate budgets and distinct projects, but hold managers in each organization accountable for common -- or at least comparable and tightly related -- objectives and KPIs.


COVID-19 puts new demands on e-health record systems

Electronic Health Records [EHR] / digital medical data, monitor health status, doctor, laptop
IT staffers are also required to update EHR systems as additional clinical workers are drafted for duty. “Some health providers have reported that they're being kept very busy with setting up processes for quickly onboarding new staff and changing their role within the system,” said Jones. “That requires a change in configuration of the EHR in terms of their role-based access, and in some cases it is creating new user accounts.” As workflows are updated to deal with the COVID-19 response, it is important that EHR systems don’t impede clinicians’ work, are straightforward and seamlessly integrate with existing care delivery processes. “The EHR workflow really needs to disappear into the background as providers ramp up to address COVID-19 capacity surges,” said Jones.  “At a fundamental level, all EHRs need to be working as intended — now more than ever,” said Bensinger. “And not only clinical workflows and features. You want to be sure that the registration and billing components are also collecting accurate and complete information.


Who’s responsible for protecting personal information?

protecting personal information
Americans are split on who should be held most responsible for ensuring personal information and data privacy are protected. Just over a third believe companies are most responsible (36%), followed closely by the individuals providing their information (34%), with slightly fewer holding the government most responsible (29%). Half of Americans don’t give companies (49%) and government (51%) credit for doing enough when it comes to data privacy and protection. Notably, compared to the other countries surveyed, Americans are most likely to put the burden on individuals—in fact, it’s the only country where the individual consumer outranks government as most responsible. “Americans are outliers compared to other countries surveyed in that they are willing to accept a lot of the responsibility in protecting their own data and personal information,” says Paige Hanson, chief of cyber safety education, NortonLifeLock. “This could be the year Americans truly embrace their privacy independence, particularly with the help of new regulations like the California Consumer Privacy Act giving them control over how their data is used.”


Can cloud computing sustain the remote working surge?


Currently, cloud providers are still doing a good job in distributing resources among tenants, but at some point rationing measures may need to be implemented to respond to overwhelming demand. Not all cloud services are going to drown though. Matthew Prince, co-founder and CEO of Cloudflare, said that providers may have “individual challenges spurred by the pandemic” – their ability to cope with the shift in usage is highly dependent on their IT architecture. Major cloud providers such as Amazon have expressed confidence in meeting customer demand for capacity. By and large, public cloud providers seem to be coping well with the skyrocketing demand – there has yet to be any issues of major cloud crashes just yet. What providers should really be concerned about is the challenges that will come post-pandemic. By then, enterprises would have already recognized the unquestionable value of cloud, and will double down on cloud migrations. Cloud providers must make sure that their data infrastructure is prepared to support data at unprecedented scales. Warren Buffet once remarked: “you will only find out who is swimming naked when the tide goes out.”


Writing Microservices in Kotlin with Ktor—a Multiplatform Framework for Connected Systems


Ktor (pronounced Kay-tor) is a framework built from the ground up using Kotlin and coroutines. It gives us the ability to create client and server-side applications that can run and target multiple platforms. It is a great fit for applications that require HTTP and/or socket connectivity. These can be HTTP backends and RESTful systems, whether or not they’re architectured in a microservice approach. Ktor was born out of inspiration from other frameworks, such as Wasabi and Kara, in an aim to leverage to the maximum extent some of the language features that Kotlin offers, such as DSLs and coroutines. When it comes to creating connected systems, Ktor provides a performant, asynchronous, multi-platform solution. Currently, the Ktor client works on all platforms Kotlin targets, that is, JVM, JavaScript, and Native. Right now, Ktor server-side is restricted to the JVM. In this article, we’re going to take a look at using Ktor for server-side development. ... routing, get, and post are all higher-order functions. In this case, we’re talking about taking functions as parameters. Kotlin also has a convention that if the last parameter to a function is another function, we can place this outside of the brackets.


Get ready for the post-pandemic run on cloud

Get ready for the post-pandemic run on cloud
Business seems to change around pain. In the past weeks companies that had already migrated to public cloud had a strategic advantage over those still operating mostly in traditional data centers.  Traditional data centers are the responsibility of enterprise IT, and as such they are run by human employees who have to deal with mandatory lockdowns or even self-quarantine and may not be able to operate remotely. I have a CIO friend of mine who has a down physical storage system and a direct replacement sitting next to it, shrink-wrapped and ready to be installed. So far, he can’t get enough qualified staffers physically in the data center to make the swap. As a result, a major system is not operating, and they are losing millions a week. Those who have migrated to public clouds don’t have to deal with such things. The virtual and ubiquitous nature of cloud computing that scared so many IT pros during the past several years is actually one of the major reasons to move to public cloud. The weakness for enterprise IT recently has been the inability to support a physical set of systems that need physical fixes by humans.


Using Zoom while working from home? Here are the privacy risks to watch out for


Privacy experts have previously expressed concerns about Zoom: In 2019, the video-conferencing software experienced both a webcam hacking scandal, and a bug that allowed snooping users to potentially join video meetings they hadn't been invited to. This month, the Electronic Frontier Foundation cautioned users working from home about the software's onboard privacy features. Here are some of the privacy vulnerabilities in Zoom that you should watch out for while working remotely. ... Employers, managers and workers-from-home, beware. Zoom's tattle-tale attention-tracking feature can tell your meeting host if you aren't paying attention to their meticulously-composed visual aids. Whether you're using Zoom's desktop client or mobile app, a meeting host can enable a built-in option which alerts them if any attendees go more than 30 seconds without Zoom being in focus on their screen.  If you're anything like me, your Zoom meetings rarely consume your full screen. Jotting down notes in a separate text file, adding dates to calendars, glancing at reference documents or discreetly asking and answering clarifying questions in a separate chat -- these key parts of any normal meeting are all indicators of an engaged listener.


Neural computing should be based on insect brains, not human ones

A drone, hovering in the woods.
Marshall is referring to a form of deep-learning computing for which developers are creating electronic architectures that mimic neurobiological architectures that could replace traditional computing. Deep-learning computing falls within artificial intelligence in which computers learn through rewards for recognizing patterns in data. A difference is that in deep learning neural processes are used. Variations include neuromorphic computing that I wrote about here that can analyze high- and low-level detail such as edges and shapes. Bees “are basically mini-robots,” says Marshall, quoted in the Daily Telegraph. “They’re really consistent visual navigators, they can navigate complex 3-D environments with minimal learning and using only a million neurons in a cubic millimeter of the brain.” That size element could grab the attention of developers who are working toward tiny robots that communicate with each other to self-organize and could be used, for example, to move objects in factories.



Quote for the day:


“When I look at...great experiences, it’s often more to do with the DNA than the MBA.” -- Shaun Smith


Daily Tech Digest - March 31, 2020

Nasscom seeks relief for technology startups for business continuity
Some of the important measures demanded from the government to help the startups include a rental subsidy for workspaces used by startups which are regulated/owned/managed by government agencies; blanket suspension of all deadlines including tax payment deadlines and filing deadlines until at least four weeks post lifting of all city lockdown. The industry body said that the pandemic has created a significant liquidity crunch for the sector and to ensure timely payment of salaries to employees, the banks may voluntarily provide for an overdraft facility or interest-free and equity convertible funding to startups. Nasscom has demanded a one-time provident fund opt-out option for employees. "The Government can consider providing an option to the employees for a onetime PF opt-out option for the next financial year 2020-21. In such a case, both the employee and employer's contributions towards the PF may be transferred directly to the employee. This will result in an increase in the take-home pay of the employees," said Nasscom in the representation made to the government.


Reference Architecture for Healthcare – Introduction and Principles


The good news is that information technology can solve problems of fragmentation, through smart process management, and the exchange of standardized information, to name a few. A Blueprint for the Healthcare Industry: The aim must be to help organizations provide health services with better outcomes, at lower cost, and improved patient and staff experience. We need a toolbox that is flexible, adaptable to individual needs, and that can serve a network of partners that team up to deliver care. The Patient Perspective: As a patient with a chronic disease, I monitor my health condition daily. I manage my medication with the help of my devices and adjust my lifestyle accordingly. My care providers should work with me to manage my disease. The Health Professional Perspective: As a Healthcare professional, I need to team up to coordinate delivery of care. I create, use, and share information with other care providers within a given episode of care, and across different treatment periods. The Architect and Planner Perspective: As a user of the reference architecture, I need an easy-to-use toolbox that is readily available and helps me in my daily work. It needs to align with the regulations of our industry.


Maybe the biggest challenge we face as a society is our ability to unlearn – to let go of – outdated concepts and beliefs in order to adopt new approaches. Our everyday lives are dominated by outdated concepts: change the oil every 3,000 miles, don’t wear white before Memorial Day, only senior management has the best ideas, don’t eat dessert until you’ve cleaned your plate, trade wars are easy to win, leeches work wonders on headaches, etc. Well, I’m going to throw down the gauntlet and challenge everyone to open their minds to the possibility of new ideas and new learning. That does not mean you should blindly believe, but instead, should invest the time to study, unlearn and learn new approaches and concepts. “You can’t climb a ladder if you’re not willing to let go of the rung below you.” As the new Chief Innovation Officer at Hitachi Vantara, leveraging ideation and innovation to derive and drive new sources of customer, product and operational value is more important than ever. So, Hitachi Vantara employees and customers, be prepared to change your frames; to challenge conventional thinking with respect to how we blend new concepts – AI / ML, Big Data, IOT – with tried and true ideas – Economics, Design Thinking – to create new sources of value.


How data governance and data management work together

Members of a data governance team
Although data governance provides a framework of controls for effective data management, it is just one component of the overall practice. Dan Everett, VP of product and solution marketing at Informatica, accurately described the relationship between data management and governance in a blog post. He said data governance must be implemented to be effective, while data management facilitates policy enforcement. Business size often determines how the data governance and data management responsibilities are organized and assigned. But size shouldn't be a determining factor for treating data as an enterprise asset, establishing effective data governance policies and performing high-quality data management. ... The initial data governance policies and data management procedures will most likely have gaps that lead to data quality issues. In addition, ensuring enterprise data is correct and used properly throughout the organization is fluid by nature. In other words, "things change." Data usage is highly dynamic and data governance controls and data management procedures may not always provide the guidance and best practices needed to guarantee data quality across all data stores. 


“Growing awareness around data privacy issues has compelled consumers to seek more control over their data and take some action to protect their privacy online. However, with over half of Brits saying they don’t know how to safeguard their online privacy, there is still a clear need for education on how people can keep themselves, and their data, safe online.” The extensive study found that 86% claimed to have taken at least one step to protect themselves online, such as clearing or disabling cookies, limiting what they share on social media platforms, and not using public Wi-Fi. Almost exactly the same proportion said they could still do more to protect themselves. In terms of what keeps consumers awake at night, NortonLifeLock found that 65% of Brits believe facial recognition technology will be misused and abused, and 42% believe it will do more harm than good – even though the majority also seem to support its use, with over 70% supporting its use by law enforcement.


What are deepfakes – and how can you spot them?

A comparison of an original and deepfake video of Facebook chief executive Mark Zuckerberg.
Deepfake technology can create convincing but entirely fictional photos from scratch. A non-existent Bloomberg journalist, “Maisy Kinsley”, who had a profile on LinkedIn and Twitter, was probably a deepfake. Another LinkedIn fake, “Katie Jones”, claimed to work at the Center for Strategic and International Studies, but is thought to be a deepfake created for a foreign spying operation. Audio can be deepfaked too, to create “voice skins” or ”voice clones” of public figures. Last March, the chief of a UK subsidiary of a German energy firm paid nearly £200,000 into a Hungarian bank account after being phoned by a fraudster who mimicked the German CEO’s voice. The company’s insurers believe the voice was a deepfake, but the evidence is unclear. Similar scams have reportedly used recorded WhatsApp voice messages. ... Poor-quality deepfakes are easier to spot. The lip synching might be bad, or the skin tone patchy. There can be flickering around the edges of transposed faces. And fine details, such as hair, are particularly hard for deepfakes to render well, especially where strands are visible on the fringe.


Spike in Remote Work Leads to 40% Increase in RDP Exposure to Hackers


As Covid-19 continues to wreak havoc globally, companies are keeping their employees at home. To ensure compliance and stay atop security standards, teleworkers have to patch into their company’s infrastructure using remote desktop protocol (RDP) and virtual private networks (VPN). But not everyone uses these solutions securely. Research by the folks behind Shodan, the search engine for Internet-connected devices, reveals that IT departments globally are exposing their organizations to risk as more companies go remote due to COVID-19. “The Remote Desktop Protocol (RDP) is a common way for Windows users to remotely manage their workstation or server. However, it has a history of security issues and generally shouldn’t be publicly accessible without any other protections (ex. firewall whitelist, 2FA),” writes Shodan creator John Matherly. After pulling new data regarding devices exposed via RDP and VPN, Matherly found that the number of devices exposing RDP to the Internet on standard ports jumped more than 40 percent over the past month to 3,389. In an attempt to foil hackers, IT administrators sometimes put an insecure service on a non-standard port (aka security by obscurity), Matherly notes.


Google’s CameraX Android API will let third-party apps use the best features of the stock camera


The benefit of using CameraX as a wrapper for the Camera2 API is that, internally, it resolves any device-specific compatibility issues that may arise. This alone will be useful for camera app developers since it can reduce boilerplate code and time spent researching camera problems. That’s not all that CameraX can do, though. While that first part is mostly only interesting to developers, there’s another part that applies to both developers and end users: Vendor Extensions. This is Google’s answer to the camera feature fragmentation on Android. Device manufacturers can opt to ship extension libraries with their phones that allow CameraX (and developers and users) to leverage native camera features. For example, say you really like Samsung’s Portrait Mode effect, but you don’t like the camera app itself. If Samsung decides to implement a CameraX Portrait Mode extension in its phones, any third-party app using CameraX will be able to use Samsung’s Portrait Mode. Obviously, this isn’t just confined to that one feature. Manufacturers can theoretically open up any of their camera features to apps using CameraX.


Personal details for the entire country of Georgia published online

Georgia flag
Personal information such as full names, home addresses, dates of birth, ID numbers, and mobile phone numbers were shared online in a 1.04 GB MDB (Microsoft Access database) file. The leaked data was spotted by the Under the Breach, a data breach monitoring and prevention service, and shared with ZDNet over the weekend. The database contained 4,934,863 records including details for millions of deceased citizens -- as can be seen from the screenshot below. Georgia's current population is estimated at 3.7 million, according to a 2019 census. It is unclear if the forum user who shared the data is the one who obtained it. The data's source also remains a mystery. On Sunday, ZDNet initially reported this leak over as coming from Georgia's Central Election Commission (CEC), but in a statement on Monday, the commission denied that the data originated from its servers, as it contained information that they don't usually collect.


AlphaFold Algorithm Predicts COVID-19 Protein Structures

AlphaFold is composed of three distinct layers of deep neural networks. The first layer is composed of a variational autoencoder stacked with an attention model, which generates realistic-looking fragments based on a single sequence’s amino acids. The second layer is split into two sublayers. The first sublayer optimizes inter-residue distances using a 1D CNN on a contact map, which is a 2D representation of amino acid residue distance by projecting the contact map onto a single dimension to input into the CNN. The second sublayer optimizes a scoring network, which is how much the generated substructures look like a protein using a 3D CNN. After regularizing, they add a third neural network layer that scores the generated protein against the actual model. The model conducted training on the Protein Data Bank, which is a freely accessible database that contains the three-dimensional structures for larger biological molecules such as proteins and nucleic acids.



Quote for the day:


"A leader knows what's best to do. A manager knows merely how best to do it." -- Ken Adelman


Daily Tech Digest - March 30, 2020

Cassandra and DataStax: Reunited, and it feels so good

Cassandra and DataStax: Reunited, and it feels so good
While single-vendor open source projects are somewhat common, they’re verboten for ASF projects. This became an issue for Cassandra, given that years ago DataStax may have contributed as much as 85 percent of the Cassandra code, by one estimate, while also running a community content forum (Planet Cassandra), Cassandra events, and more. This led to ASF accusations that DataStax exercised (or had the potential to exercise) undue influence over Cassandra. In response, DataStax pulled back, leaving the Cassandra community to fend for itself. This didn’t dissuade companies from continuing to bet big on Cassandra. Apple, for example, had long embraced the highly scalable, high-performance distributed database, as I wrote in 2015. While the company is famously cagey about sharing how it uses technology, we do know that it runs more than 100,000 Cassandra nodes today. With such a big investment in Cassandra, Apple couldn’t afford to let it fail, so Apple worked hard to ensure that stability dramatically improved from the Cassandra 3.11 release to today’s Cassandra 4.0 release.


Russia's Cybercrime Rule Reminder: Never Hack Russians

On Tuesday, Russia's Federal Security Service, known as the FSB, announced that together with Russia's Ministry of Internal Affairs, it had detained more than 30 individuals across 11 regions of the country - including Moscow, Crimea and St. Petersburg. Subsequently, authorities charged 25 of them with selling stolen credit and debit card that traced to Russian as well as foreign financial institutions. Authorities have accused the individuals, who include Russian, Ukrainian and Lithuanian citizens, of creating more than 90 online stores to sell stolen data, as well as using the stolen card data to purchase and resell more than $1 million worth of goods. Authorities say that when they searched suspects' residences, they also seized firearms, illegal drugs, gold bars, precious coins, as well as cash: $1 million in U.S. dollars as well as 3 million rubles (worth $39,000). The infrastructure being used by the alleged criminal enterprise has been shuttered, authorities say. The FSB said one of the individuals it arrested had previously been jailed for similar offenses.


DevOps loop
The First Way is to think about the performance of an entire system or process, rather than a specific silo or team. From the first line of code to successful deployment, IT departments must focus on the big picture, and emphasize larger organizational goals rather than smaller local ones. The Second Way focuses on feedback loops. A DevOps culture should accelerate and amplify feedback loops, enabling admins to identify and address any issues as quickly as possible. The Third Way fosters a culture of continual experimentation and learning, which requires IT teams to take risks and set aside time for innovation. In a DevOps culture, celebrate -- don't admonish -- rapid experimentation and rapid failure. It's this cycle of experimentation, failure and lessons learned that continually improves a DevOps practice over time. Naturally, DevOps will shake up the way any IT organization makes and measures progress. Encourage collaboration across department lines, and listen and take action on team feedback.


special report downturn economic by anueing gettyimages 606665834 3x2 2400x1600
Don't neglect the bread-and-butter stuff, either. As Senior Reporter Gregg Keizer explains in "How businesses can save money when everyone needs Office to work from home," you can cut costs substantially by switching to the right Office flavor. Gregg's advice may hold beyond the short term, as businesses discover that employees can work just as well at home as they do in an office. So we're paying for office space...why? Cost savings sometimes arrive in the form of needed functionality you weren't aware you already had. In "10 SD-WAN features you're probably not using, but should be," Network World contributor Neil Weinberg clues in SD-WAN customers: You may not know this, but zero-touch provisioning, application-aware routing, microsegmentation, and a bunch of other stuff may already be part of your SD-WAN solution. If you were planning on procuring any of those things separately, you don't have to. Recommendations like these will sound familiar to those who have endured previous downturns. Prioritize. Cut bait on bloated projects with uncertain return. Consider free stuff, even if it might not have every feature you want.



Ministry of Defence releases defence data management strategy


According to the report, the MoD sees more effective use of data, information and the systems that manage and process data as “vital enablers of both operational advantage and business transformation”. “New and emerging technologies can provide better capabilities to our operations and greater efficiency in our supporting functions, but success will require us to consider data differently,” it noted. “If we are to deliver improvements at speed and scale, then we must start with managing our data far more effectively than we do today,” the report added. A set of seven strategic objectives is outlined in the document. These goals relate to areas such as improvements of the availability and accessibility of defence data and implementation of data governance across the MoD, so the department can ensure the accountabilities and responsibilities for its data management. The document also outlines goals such as improving the quality and veracity of the data at the MoD, ensuring the integrity, confidentiality and security of data, and driving the consistent use of decision-making data across the department to improve coherency in the information produced from it.


Adventures in Graph Analytics Benchmarking

With all the attention graph analytics is getting lately, it’s increasingly important to measure its performance in a comprehensive, objective, and reproducible way. I covered this in another blog, in which I recommended using an off-the-shelf benchmark like the GAP Benchmark Suite* from the University of California, Berkeley. There are other graph benchmarks, of course, like LDBC Graphalytics*, but they can’t beat GAP for ease of use. There’s significant overlap between GAP and Graphalytics, but the latter is an industrial-strength benchmark that requires a special software configuration. Personally, I find benchmarking boring. But it’s unavoidable when I need performance data to make a decision. Obviously, the data has to be accurate. But it also has to be relevant to the decision at hand. It’s important that my use of a particular benchmark is aligned with its intended purpose. That’s why the performance comparison shown in Figure 1 had me scratching my head. It compares the PageRank performance of RAPIDS cuGraph* and HiBench*. The latter is a big data benchmark developed by some of my Intel colleagues to measure a wide range of analytics functions—not just PageRank.


This 5G smartphone comes with Android, Linux - and a keyboard.

astro-slide-modes.jpg
London-based Planet Computers is on a mission to reinvent the iconic Psion Series 5 PDA for the smartphone age. Although mobile professionals -- especially those old enough to remember the 1997 Series 5 with affection -- are often open to the idea, the company's previous efforts, the Gemini PDA and Cosmo Communicator, have had their drawbacks. The Gemini PDA, for example, is a landscape-mode clamshell device that, despite a great keyboard, is difficult to make and take calls on and only has one camera -- a front-facing unit for video calling. The Cosmo Communicator adds a small external touch screen for notifications and some basic functions plus a rear-facing camera, but you still have to open the clamshell to do anything productive. The Astro Slide, announced today via a crowdfunding campaign on Indiegogo, has a new design with one large (6.53-inch) screen that slides open to reveal the keyboard, transforming the device from a portrait smartphone to a landscape PDA via a patented RockUp mechanism.


A Practical Guide to Data Obfuscation

The simplest way to obfuscate data is by masking out or redacting characters or digits with a fixed symbol. This is often used for credit card numbers where either the leading or the tailing digits are crossed out with an “X”. ... For more advanced anonymization, we need to look at functions that support something called differential privacy. The goal here is to apply statistical methods to modify content at a larger scope, like at the table level. Imagine, say, that you need to analyze customer data but require the birthday in order to group customers by demographics. Randomizing this piece of PII is not a good idea, as it would change the overall composition of data, often making it equally distributed across the possible value range. Instead, what is needed is a function that changes every birthday so the overall distribution stays nearly the same, but individuals are no longer identifiable. It may mean adding a few days or a few weeks to each date, but is a factor of the number of overall datasets. Query engines may offer the diff_privacy() function (or something with a similar name) for that purpose, allowing you to introduce uncertainty or jitter into your sensitive data so that the above requirement can be fulfilled.


9 offbeat databases worth a look
Many of DuckDB’s features are counterparts to what’s found in bigger OLAP products, even if smaller in scale. Data is stored as columns rather than rows, and query processing is vectorized to make the best use of CPU caching. You won’t find much in the way of native connectivity to reporting solutions like Tableau, but it shouldn’t be difficult to roll such a solution manually. Aside from bindings for C++, DuckDB also connects natively to two of the most common programming environments for analytics, Python and R. ... The goal behind HarperDB is to provide a single database for handling structured and unstructured data in an enterprise—somewhere between a multi-model database like FoundationDB and a data warehouse or OLAP solution. Ingested data is deduplicated and made available for queries through the interface of your choice: SQL, NoSQL, Excel, etc. BI solutions like Tableau or Power BI can integrate directly with HarperDB without the data needing to be extracted or processed. Both enterprise and community editions are available.


Slack redesigns app as Microsoft Teams hits 44 million users


The Slack redesign contains several elements that make the product look more like Teams. The top of the app now features a search bar and navigation buttons. Slack also added tabs for files and notifications, such as when a user tags someone in a message. Even more significant, Slack now lets paid users place channels within folders. For example, a user could put several channels in a "marketing team" folder. The setup is similar to how Teams groups channels -- except in Slack, each user gets to customize the layout. The inability to organize channels into groups had been a stumbling block for many Slack users, said Irwin Lazar, analyst at Nemertes Research. Slack should be able to get some companies to switch from free to paid plans with the introduction of folders as a premium service, he said. The redesign also lays the groundwork for Slack to introduce more real-time communications features. A newly reorganized sidebar within channels features a prominent phone icon that lets users begin a video call.



Quote for the day:


"Leadership offers an opportunity to make a difference in someone's life, no matter what the project." -- Bill Owens


Daily Tech Digest - March 29, 2020

Microsoft Patents New Cryptocurrency System Using Body Activity Data
Microsoft Technology Licensing, the licensing arm of Microsoft Corp., has been granted an international patent for a “cryptocurrency system using body activity data.” The patent was published by the World Intellectual Property Organization (WIPO) on March 26. The application was filed on June 20 last year. “Human body activity associated with a task provided to a user may be used in a mining process of a cryptocurrency system,” the patent reads, adding as an example: A brain wave or body heat emitted from the user when the user performs the task provided by an information or service provider, such as viewing advertisement or using certain internet services, can be used in the mining process. ... Different types of sensors can be used to “measure or sense body activity or scan human body,” the patent explains. They include “functional magnetic resonance imaging (fMRI) scanners or sensors, electroencephalography (EEG) sensors, near infrared spectroscopy (NIRS) sensors, heart rate monitors, thermal sensors, optical sensors, radio frequency (RF) sensors, ultrasonic sensors, cameras, or any other sensor or scanner” that will do the same job.


Is Samsung Quietly Becoming a Significant Player in the Cryptocurrency and Blockchain Industry?


It is thought that Samsung has created a processor that is dedicated to protecting the user’s PIN, pattern, password, and Blockchain Private Key with a combination of their security Knox platform. This ensures that security on their new S20 range is secure. Introducing their Blockchain Keystore last year it initially only supported ERC-20 token but added bitcoin in August of last year. Using Samsung devices with Blockchain Keystore means users can store their bitcoin and crypto wallet private keys on the device. One of the most critical issues that is overlooked is the control over a private wallet key and in most cases is the reason why most crypto thefts and hacks happen, because users fail to store their tokens in the wallets they have private keys for. This then means that if bitcoin or crypto are stored on smartphone wallets, it gives users control over their private keys and removes the control and reliance on external companies. The adoption of crypto has fallen short in recent years concerning its expectations. However, user experience developments have helped innovate technology to make using crypto more accessible.



Network of fake QR code generators will steal your Bitcoin

Bitcoin cryptocurrency
A network of Bitcoin-to-QR-code generators has stolen more than $45,000 from users in the past four weeks, ZDNet has learned. The nine websites provided users with the ability to enter their Bitcoin address, a long string of text where Bitcoin funds are stored, and convert it into a QR code image they could save on their PC or smartphone. Today, it's a common practice to share a Bitcoin address as a QR code and request a payment from another person. The receiver scans the QR code with a Bitcoin wallet app and sends the requested payment without having to type a lengthy Bitcoin addresses by hand. By using QR codes, users eliminate the possibility of a mistype that might send funds to the wrong wallet. Last week, Harry Denley, Director of Security at the MyCrypto platform, ran across a suspicious site that converted Bitcoin addresses into QR codes. While many services like this exist, Denley realized that the website was malicious in nature. Instead of converting an inputted Bitcoin (BTC) address into its QR code equivalent, the website always generated the same QR code -- for a scammer's wallet.


The 5G Economic Impact

The 5G Economic Impact
Despite its nascent status, the 5G ecosystem is already swimming in financial might. That same GSMA report predicts 5G technology will add $2.2 trillion to the global economy over the next 15 years. And operators are expected to spend more than $1 trillion on mobile capex between 2020 and 2025, with 80% of that spend directed at their 5G networks. While past technology evolutions primarily targeted the consumer market, the spend and return on 5G has a larger focus on the broader enterprise space. This includes connecting not just traditional enterprise workers and their respective mobile devices but connecting all electronic devices. This will involve a broader push toward edge deployments that can serve what are expected to be billions of connected and IoT devices. “With greater reliability and data speeds that will surpass those of 4G networks, a combination of 5G and local edge compute will pave the way for new business value,” ABI Research noted in a recent report, citing benefits gained from agility and process optimization; better and more efficient quality assurance and productivity improvement.


Adopting robotic process automation in Internal Audit


​With automation technologies advancing quickly and early adopters demonstrating their effectiveness, now is the time to understand and prioritize opportunities for Internal Audit robotic process automation. And to take important steps to prepare for thoughtful, progressive deployment. The age of automation is here, and with it comes opportunities for integrating Internal Audit (IA) robotic process automation (RPA) into the third line of defense (aka Internal Audit). IA departments, large and small, have already begun their journey into the world of automation by expanding their use of traditional analytics to include predictive models, RPA, and cognitive intelligence (CI). This is leading to quality enhancements, risk reductions, and time savings—not to mention increased risk intelligence. The automation spectrum, as we define it, comprises a broad range of digital technologies. As shown below, at one end are predictive models and tools for data integration and visualization. At the other end are advanced technologies with cognitive elements that mimic human behavior. Many IA organizations are familiar with the first part of the automation spectrum, having already established foundational data integration and analytics programs to enhance the risk assessment, audit fieldwork, and reporting processes.


A debate between AI experts shows a battle over the technology’s future

Why add classical AI to the mix? Well, we do all kinds of reasoning based on our knowledge in the world. Deep learning just doesn’t represent that. There’s no way in these systems to represent what a ball is or what a bottle is and what these things do to one another. So the results look great, but they’re typically not very generalizable. Classical AI—that’s its wheelhouse. It can, for example, parse a sentence to its semantic representation, or have knowledge about what’s going on in the world and then make inferences about that. It has its own problems: it usually doesn’t have enough coverage, because too much of it is hand-written and so forth. But at least in principle, it’s the only way we know to make systems that can do things like logical inference and inductive inference over abstract knowledge. It still doesn’t mean it’s absolutely right, but it’s by far the best that we have. And then there’s a lot of psychological evidence that people can do some level of symbolic representation.


Apache Flink in 10 Minutes


Apache Flink is an open-source stream processing framework. It is widely used by a lot of companies like Uber, ResearchGate, Zalando. At its core, it is all about the processing of stream data coming from external sources. It may operate with state-of-the-art messaging frameworks like Apache Kafka, Apache NiFi, Amazon Kinesis Streams, RabbitMQ. Let’s explore a simple Scala example of stream processing with Apache Flink. We'll ingest sensor data from Apache Kafka in JSON format, parse it, filter, calculate the distance that sensor has passed over the last 5 seconds, and send the processed data back to Kafka to a different topic. We'll need to get data from Kafka - we'll create a simple python-based Kafka producer. The code is in the appendix. ... Now we need a way to parse JSON string. As Scala has no inbuilt functionality for that, we'll use Play Framework. First, we need a case class to parse our json strings into. For simplicity, we will use automatic conversion from JSON strings to the JsonMessage. To transform elements in the stream we need to use .map transformation. The map transformation simply takes a single element as input and provides a single output. We'll also have to filter the elements that failed to parse.


Google Invents AI That Learns a Key Part of Chip Design

AI chip designing itself
“We believe that it is AI itself that will provide the means to shorten the chip design cycle, creating a symbiotic relationship between hardware and AI, with each fueling advances in the other,” they write in a paper describing the work that posted today to Arxiv. “We have already seen that there are algorithms or neural network architectures that… don’t perform as well on existing generations of accelerators, because the accelerators were designed like two years ago, and back then these neural nets didn't exist,” says Azalia Mirhoseini, a senior research scientist at Google. “If we reduce the design cycle, we can bridge the gap.” Mirhoseini and senior software engineer Anna Goldie have come up with a neural network that learn to do a particularly time-consuming part of design called placement. After studying chip designs long enough, it can produce a design for a Google Tensor Processing Unit in less than 24 hours that beats several weeks-worth of design effort by human experts in terms of power, performance, and area. Placement is so complex and time-consuming because it involves placing blocks of logic and memory or clusters of those blocks called macros in such a way that power and performance are maximized and the area of the chip is minimized.


This Simple WhatsApp Hack Will Hijack Your Account: Here’s What You Must Do Now

Photo Illustrations for Uber, Amazon, ISIS, Apple Health and more
The most obvious advice is NEVER to send a six-digit SMS to anyone for any reason. There have been other attacks covering other platforms using the same method. When a code is sent to your phone it relates to your phone. But there is a fix here that will protect your WhatsApp, even if the SMS code was sent onward. This fix will ensure you can’t fall victim to this crime. The code sent by SMS when you set up your WhatsApp account on a new phone comes directly from WhatsApp itself. The platform sets the code and sends it to you. But there is a totally separate setting in your own WhatsApp application that allows you to set your own six-digit PIN number. There is some confusion because these are both six-digit numbers—but they are entirely separate. Most people have still not set up this PIN number—the “Two-Step Verification” setting can be accessed under the Settings-Account from within the app. It takes less than a minute to set up. The PIN is for you to select, and even has the option of a backup email address. WhatsApp will ask you for the PIN when you change phones and also every so often when you’re using the app, that’s how secure it is.


How To Create Values & Ethics To AI In The Workplace?

AI
The widespread uptake in this technology use comes at a time when more and more businesses are proactively addressing diversity and inclusivity among their workforce. Reports suggest that the US needs a curious, ethical AI workforce that works collaboratively to make reliable AI systems. In this way, members of AI development teams need to act over deep discussions regarding the implications of their work on the warfighters using them. In order to build AI systems effectively and ethically, defense organizations must encourage an ethical, inclusive work environment and procure a diverse workforce. This workforce should involve curiosity experts, a team of professionals who focus on human needs and behaviors, who are more likely to envision unsolicited and unintended consequences associated with the system’s use and mismanagement, and ask tough questions about those consequences. According to a research report, building cognitively diverse teams solve problems faster than teams of cognitively similar people. This also paves ways for innovation and creativity to flow, minimizing the risk of homogenous ideas coming to the fore.



Quote for the day:


"A leader is not an administrator who loves to run others, but someone who carries water for his people so that they can get on with their jobs." -- Robert Townsend