Daily Tech Digest - January 15, 2020

Microsoft said that it had not seen the vulnerability exploited in any active attacks, likely the reason the company classified the security patch as "Important" rather than as "Critical." The vulnerability came to light when it was discovered by the National Security Agency. In its advisory, the NSA referred to the bug as severe, saying that sophisticated cyber actors would understand the flaw very quickly, thus making the affected versions of Windows fundamentally vulnerable. The agency said it recommends that all January 2020 Patch Tuesday patches be installed as soon as possible to fix the vulnerability on all Windows 10 and Windows Server 2016/2019 systems. "The consequences of not patching the vulnerability are severe and widespread," the NSA said. "Remote exploitation tools will likely be made quickly and widely available. Rapid adoption of the patch is the only known mitigation at this time and should be the primary focus for all network owners." After finding and researching the flaw, the NSA reported it directly to Microsoft, which then took the quick step of investigating it and issuing the patch.

Researchers found that 48% of consumers are more sensitive to anti-fraud measures that disrupt their online experience than they were a year ago. This means that retailers and restaurants have an increased imperative to balance fraud mitigation and customer experience. Yet, only 64% of organizations’ customers have confidence in the security of their digital channels. In this era of high customer expectations, increasing digital fraud risk, and competition to continuously innovate, businesses must address this critical interconnection. “Opportunities for fraud increase as businesses adopt new features, such as voice ordering or mobile wallets. Businesses do this to engage their customers and provide an enhanced customer experience,” said Rich Stuppy, Chief Customer Officer at Kount. “Unfortunately, these businesses are not adopting the proper controls related to fraud. This report underscores the fact that digital innovation and the corresponding increases in revenue in these industries will never reach their full potential without integrating suitable fraud prevention initiatives.”

network variables + dynamics / digital transformation
Today’s networks need to be highly agile so changes can be propagated across the network in near real-time, enabling it to keep up with the demands of the business. Network agility comes from having centralized control where configuration changes can be made once and propagated across the network instantly. Ideally, network changes could be coordinated with application changes so the lagging performance doesn’t slow the business down. Achieving a higher level of agility will likely require a refresh of the infrastructure if the network is more than five years old, and that means adopting SDN. Traditional infrastructure had an integrated control and data plane, so changes had to be made on a box-by-box basis. This is why networks took so long to configure and lacked agility. With an SDN model, the control plane is separated from the data plane, centralizing control so network engineers define a change and push it out across the entire network at once. Older equipment isn’t designed to be software-first, so look for infrastructure that is built on a modernized operating system like Linux and that can be programmed using current languages such as Python and Ruby.

Bendable glass is the holy grail of foldable phone design. So far, plastic screens have been more prone to damage from casual scrapes than hard glass. Without a protective material, the phone's internal workings are susceptible to breaking from pressure, water, dust and sharp objects. Samsung bore the brunt of this reality when its Galaxy Fold sustained several types of screen damage before the phone officially went on sale.  With their high prices and untested designs, foldable phones are a tough sell as is. A strong cover material to protect against drops and scratches could help shift foldable phones from expensive curiosities to serious products that could one day replace your traditional shingle-shaped phone. Gorilla Glass-maker Corning showed CNET glass that's thin enough to fold without breaking, but it's still in development and isn't commercially available. If it were, we'd see a lot more foldable phones today. Without a ready supply of glass thin enough to fold in half and strong enough not to crack, splinter or break, device-makers have had to choose whether to wait for a new material or work with what they have.

Google 2020 Worry
For a long time, with all due respect to the Jeeves and other assorted yahoos of the world, Google's position as the gatekeeper to the world's information has seemed untouchable. But guess what? Amazon is little by little breaking through that barrier and — on some level, at least — threatening to make Google far less relevant than it is today. Consider: A forecast assembled by eMarketer suggests that Amazon will be the sole company to increase its revenue related to U.S. search advertising over the coming two years. Amazon, the organization believes, will jump up to represent nearly 16% of money earned from search-related advertising in America — up from about 13% in 2019 — while Google will fall from 73% in 2019 to 70.5% in 2021. Already, Amazon's ad business is believed to have grown by somewhere in the ballpark of 50% from the end of 2018 to the end of 2019, according to AdWeek, and prices for advertising on Amazon have reportedly gone up by 200% over the past couple years — all while prices for advertising on Google have remained relatively constant.

BullSequana XH2000 is expected to run weather predictions faster and better than its predecessor. Florence Rabier, director general at ECMWF said: "We will now be able to run higher resolution forecasts in under an hour, meaning better information will be shared with our member states even faster." Atos's technology will also help to improve the ECMWF's "ensemble prediction" system (EPS). The program, introduced in 1992, is a way to gauge how accurate a specific weather forecast is. Instead of delivering only one forecast, the EPS produces 51 predictions, which all include slight variations in the initial weather conditions. In other words, the system gives users a range of possible scenarios, as well as the likelihood of their occurrence. For example, the program could provide a government with an estimate of the likelihood of severe flooding in certain parts of the country. Currently, the EPS's 15-day forecasts have a resolution of 18km; but with BullSequana, the ECMWF is hoping that it can run the system at a resolution of 10km.

Although the number of impacted organisations remains low, such attacks – exemplified by the ongoing Travelex crisis, the October 2019 ransoming of shipping services firm Pitney Bowes, and various attacks on public sector bodies – are more severe and usually carefully chosen, as the organised gangs behind them are looking to extort the maximum possible sum of money. Other growth areas in 2019 included Magecart infections against e-commerce websites, which hit hundreds of victims, and attacks conducted through the cloud. Check Point revealed that while 90% of enterprises now use cloud services, 67% of security teams feel they do not have proper visibility into their infrastructure. As a result, the magnitude of cloud-related attacks and breaches was up substantially, with misconfiguration of cloud resources the biggest cause. 

Ethical AI, in simple words, is about ensuring your AI models are fair, ethical, and unbiased. So how does bias get into the model? Let’s assume you are building an AI model that provides salary suggestions for new hires. As part of building the model, you have taken gender as one of the features to suggest salary. The model is trying to discriminate salary based on gender. In the past, this bias went through human judgments and various social and economic factors, but if you include this bias as part of the new model, it's a recipe for disaster. The whole idea is to build a model that is not biased and suggests salary based on people's experiences and merits. Take another example of an application providing restaurant recommendations to a user and allowing a user to book a table. The AI application is designed to look at the amount spent in previous transactions and ratings of restaurants (along with other features), and the AI system starts recommending restaurants that are more expensive.

laptop / networked binary data flows / world map
Teleportation involves the moving of information instantaneously and securely. In the “Star Trek” series, fictional people move immediately from one place to another via teleportation. In the University of Bristol experiment, data is passed instantly via a single quantum state across two chips using light particles, or photons. Importantly, each of the two chips knows the characteristics of the other, because they’re entangled through quantum physics, meaning they therefore share a single physics-based state. The researchers involved in these successful silicon tests said they built the photon-based silicon chips in a lab and then used them to encode the quantum information in single particles. It was “a high-quality entanglement link across two chips, where photons on either chip share a single quantum state,” said Dan Llewellyn of University of Bristol in a press release. Entanglement links to be used in data transmission are where information is conjoined, or entangled, so that the start of a link has the same state as the end of a link. The particles, and thus data, are at the beginning of the link and at the end of the link at the same time.

Many frameworks for implementing user interfaces (Angular2, Vue, React, etc.) make use of callback procedures, or event handlers, which, as a result of an event, directly perform the corresponding action. Deciding which action to perform (be it input validation, local state update, error handling, or data fetching) often means accessing and updating some pieces of state which are not always in scope. Frameworks thus include some state management or communication capabilities to handle delivering state where it is relevant and needed, and updating it when allowed and required. Component-based user interface implementations generally feature pieces of state, and actions scattered along the component tree in non-obvious ways. For instance, a todo list application may be written as <TodoList items><TodoItem></TodoList>. Assuming a TodoItem manages its deletion, it has to communicate the deletion up the hierarchy for the parent TodoList to be called with the updated item list.

Quote for the day:

"Leadership is particularly necessary to ensure ready acceptance of the unfamiliar and that which is contrary to tradition." -- Cyril Falls

No comments:

Post a Comment