Daily Tech Digest - February 03, 2020

Why UK's Huawei decision leaves the fate of global 5G wireless in US hands

"The UK has been doing business with Huawei for a long time through Openreach. They had been operating, with oversight, in the country for years," noted Doug Brake, who directs broadband and spectrum policy for Washington, DC-based Information Technology & Innovation Foundation. Openreach, to which Brake refers, is the division of top British telco BT responsible for deploying fiber optic infrastructure. It had been partnering mainly with Huawei until last November, when it began an evaluation process in search for additional partners. "So for the UK to come out and publicly brand them as a high-risk vendor, cordon them off to only 35 percent of the access network — not even let them into the core network," said Brake, "really puts Huawei in a tight box." For its part, Huawei did what it could Tuesday to thwart any possible interpretation of tightness, or a box. Omitting any mention of security or exploiting back doors in the infrastructure, Huawei Vice President Victor Zhang issued a statement, reading in part: "This evidence-based decision will result in a more advanced, more secure, and more cost-effective telecoms infrastructure that is fit for the future..."

Lex: An Optimizing Compiler for Regular Expressions

This perhaps isn't the fastest C# NFA regex engine around yet, but it does support Unicode and lazy expressions, and is getting faster due to the optimizing compiler. A Pike Virtual Machine is a technique for running regular expressions that relies on input programs to dictate how to match. The VM is an interpreter that runs the bytecode that executes the matching operation. The bytecode itself is compiled from one or more regular expressions. Basically, a Pike VM is a little cooperatively scheduled concurrent VM to run that bytecode code. It has some cleverness in it to avoid backtracking. It's potentially extremely powerful, and very extensible but this one is still a baby and very much a work in progress. The VM itself is solid, but the regular expressions could use a little bit of shoring up, and it could use some more regex features, like anchors.

Google launches open-source security key project, OpenSK

FIDO is a standard for secure online access via a browser that goes beyond passwords. There are three modern flavours of it: Universal Second Factor (U2F), Universal Authentication Factor (UAF), and FIDO2. UAF handles biometric authentication, while U2F lets people authenticate themselves using hardware keys that you can plug into a USB port or tap on a reader. That works as an extra layer on top of your regular password. FIDO2 does away with passwords altogether while using a hardware key by using an authentication protocol called WebAuthn. This uses the digital token on your security key to log straight into a compatible online service. To date, Yubikey and Google have both been popular providers of FIDO-compatible keys, but they’ve done so using their own proprietary hardware and software. Google hopes that by releasing an open-source version of FIDO firmware, it will accelerate broader adoption of the standard. Google has designed the OpenSK firmware to work on a Nordic dongle, which is a small uncased board with a USB connector on it.

Early use of AI for finance focused on operations, analytics

Anecdotal evidence suggests AI excels at financial processes that involve repetitive operations on large volumes of data. "It will eliminate the need for people to do a lot of the boring, repetitive work that they're doing today," Kugel said. "It will make it possible for systems to wrap themselves around the habits and requirements of the user, as opposed to the user having to adapt how they work within the limitations of technology." Data quality will also improve and, with it, the quality of analytics as AI gets better at flagging errors for people to correct, Kugel said. AI is also helping with tedious accounts payable tasks, such as confirming that goods were received and that an invoice contains the right items, Tay said. Companies that use automated payments are deploying machine learning to scan payment patterns for deviations. "If the machine learning algorithm tells them that the probability of the goods having been received and everything being good with that specific invoice, they'll pay that immediately," Tay said.

SaaS, PaaS, IaaS: The differences between each and how to pick the right one

Businessman using mobile smartphone and connecting cloud computing service with icon customer network connection. Cloud device online storage. Cloud technology internet networking concept.
In theory, PaaS, IaaS and SaaS are designed to do two things: cut costs and free organizations from the time and expense of purchasing equipment and hosting everything on-premises, DiDio said. "However, cloud computing services are not a panacea. Corporate enterprises can't just hand everything off to a third-party cloud provider and forget about them. There's too much at stake." Internal IT departments must remember what DiDio calls "the three "Cs: communication, collaboration and cooperation,'' which she said are all essential for successful business outcomes and uninterrupted smooth, efficient daily operational transactions. "When properly deployed and maintained, IaaS is highly flexible and scalable,'' DiDio said. "It's easily accessed by multiple users. And it's cost effective." IaaS is beneficial to businesses of all types and sizes, she said. "It provides complete and discretionary control over infrastructure… Many organizations find that they can slash their hardware costs by 50% or more using IaaS." However, IaaS "requires a mature operations model and rigorous security stacks including understanding cloud provider technologies,'' noted Vasudevan. IaaS also "requires skill and competency in resource management."

Startup uses machine learning to support GDPR’s right to be forgotten

“Every user has over 350 companies holding sensitive data on them, which is quite shocking,” says Ringel. “Not only that, but this number is growing by eight new companies a month, which means our personal footprint is highly dynamic and changing all the time.” According to Ringal, the conversation about data privacy needs to focus much more on data ownership. “Privacy is all about putting fences around us, preventing our personal information being shared with other people,” he says. “But the problem with that is that we miss out on the fun – every day we use online services and share our data with companies because it is convenient and efficient. Now, with GDPR, we can actually take our data back whenever we choose.” Once users know where their data is, Mine helps them reclaim it by submitting automated right-to-be-forgotten requests to the companies with the click of a button. For users on the trial version of Mine, the startup will email the request to the company and copy the user in to follow up communications.

Serverless Cloud Computing Will Drive Explosive Growth In AI-Based Innovation

As cloud computing has advanced, more companies have made the transition to the cloud-based platform as a service model (PAAS), which delivers computing and software tools over the internet. PaaS can be scaled up or down as needed, which reduces up-front costs and allows you to focus on developing software applications instead of dealing with hardware oriented tasks. To support this shift toward the PaaS cloud, public cloud companies have begun heavily investing in building or acquiring serverless components that have pre-built unit functionality. These out-of-the-box tools allow organizations to test new concepts, iterate and evaluate without taking on high risk or expense. In the past, only large companies with considerable resources could afford to experiment with AI-based innovation. Now startups or small teams within larger enterprises have access to cloud-based, prepackaged algorithms offering different AI models that can fast-track innovation.  Let’s explore practical examples of how this trend helps democratize innovation in artificial intelligence by minimizing the time, money and resources needed to get started.

The Past, Present And Future Of Oracle’s Multi-Billion Dollar Cloud Bet

Larry had more confidence than I did. He was sure of it. I was more cautiously optimistic. We started running our little business on QuickBooks because we hadn’t built our system yet. When our system got to the point where we could run our own business’ business on it, I imported our QuickBooks file and saw our business in a browser at home. I was at home looking at all the key metrics of how we were spending, and how we were growing, and who our employees were, all there in the browser. That’s when I was sure it was going to work because I knew we were first to do that. I felt that with Larry’s strong backing we’d be able to reach a lot of companies, and that’s what happened. He was sure from the very beginning. It really was his idea to do it as a web-based application. He was the pioneer, and this was before Salesforce.com started, which he was also involved with. He wanted to do accounting, and I encouraged us to move beyond just accounting, and together we came up with this concept of the suite, and thus the name of the company, ultimately, became NetSuite.

Rogue IoT devices are putting your network at risk from hackers

Security standards for IoT devices aren't as stringent as they are for other products such as smartphones or laptops, so in many cases, it's been known for IoT manufacturers to ship highly insecure devices – and sometimes these products never receive any sort of patch either because the user isn't aware of how to apply it, or the company never issues one. A large number of connected devices are also easily discoverable with the aid of IoT search engine Shodan. Not only does this leave IoT products potentially vulnerable to being compromised and roped into a botnet, insecure IoT devices connected corporate networks could enable attackers to use something as trivial as a fitness tracker or a smart watch as an entry point into the network, and use it as means of further compromise. "Personal IoT devices are easily discoverable by cybercriminals, presenting a weak entry point into the network and posing a serious security risk to the organisation. Without a full view of the security policies of the devices connected to their network, IT teams are fighting a losing battle to keep the ever-expanding network perimeter safe," said Malcolm Murphy, Technical Director for EMEA at Infoblox.

Europe’s new API rules lay groundwork for regulating open banking

The EU and the U.K. have both passed laws that explicitly require their banks to create application programming interfaces and open those APIs to third-party developers. And banks in the U.S. should take notice. These new laws are paving the way to standardization for open banking which could lead to rapid innovation and a competitive advantage for the European banking system. These new laws are also more friendly to fintech companies as it streamlines access to a growing network of bank data. Fintechs within the U.S. must create individual data sharing agreements with each bank partner, and the negotiations for each partnership can be resource intensive. However, in the EU a fintech can get access to all bank APIs through registering as an account information service provider (AISP) or payment initiation service provider (PISP). This could create a situation where the U.S. may lose out on technology investments and see innovative financial professionals leave the nation to work in the rapidly advancing open-banking environment within the EU.

Quote for the day:

"The ability to summon positive emotions during periods of intense stress lies at the heart of effective leadership." -- Jim Loehr

No comments:

Post a Comment