Daily Tech Digest - May 05, 2020

How to teach AI to reason about videos

video reel
Visual reasoning is an active area of research in artificial intelligence. Researchers have developed several datasets that evaluate AI systems’ ability to reason over video segments. Whether deep learning alone can solve the problem is an open question. Some AI scientists believe that given enough data and compute power, deep learning models will eventually be able to overcome some of these challenges. But so far, progress in fields that require commonsense and reasoning has been little and incremental. ... The controlled environment has enabled the developers of CLEVRER to provide richly annotated examples to evaluate the performance of AI models. It allows AI researchers to focus their model development on complex reasoning tasks while removing other hurdles such as image recognition and language understanding. But what it also implies is that if an AI model scores high on CLEVRER, it doesn’t necessarily mean that it will be able to handle the messiness of the real world where anything can happen. The model might work on other limited environments, however.

CISA reiterates DNS resolution requirements

security defense (deepadesigns/Shutterstock.com)
The Cybersecurity and Infrastructure Security Agency is reminding agencies to use Domain Name System resolution services provided by CISA. The global DNS system translates website URLs into their corresponding IP addresses. However, an attacker can interfere with that translation to reroute internet traffic away from its intended destination, instead sending users to fake or spoofed websites where they can be eavesdropped on or tricked into downloading malware or revealing personal information. In a memo dated Apr. 21, CISA Director Chris Krebs reiterated that civilian agencies are legally required to use sinkholing capabilities through EINSTEIN 3 Accelerated as their primary upstream DNS resolving service. According to a Privacy Impact Assessment drafted in 2016, EINSTEIN 3 Accelerated's sinkholing capability “prevent[s] malware installed on .gov networks from communicating with known or suspected malicious Internet domains by redirecting the network connection away from the malicious domain to 'safe servers ... thus preventing further malicious activity by the installed malware."

Neuro-symbolic AI seen as evolution of artificial intelligence

"Neuro-symbolic modeling is one of the most exciting areas in AI right now," said Brenden Lake, assistant professor of psychology and data science at New York University. His team has been exploring different ways to bridge the gap between the two AI approaches. Companies like IBM are also pursuing how to extend these concepts to solve business problems, said David Cox, IBM Director of MIT-IBM Watson AI Lab. "I would argue that symbolic AI is still waiting, not for data or compute, but deep learning," Cox said. His team is working with researchers from MIT CSAIL, Harvard University and Google DeepMind, to develop a new, large-scale video reasoning data set called, "CLEVRER: CoLlision Events for Video REpresentation and Reasoning." This allows AI to recognize objects and reason about their behaviors in physical events from videos with only a fraction of the data required for traditional deep learning systems. Deep learning is incredibly adept at large-scale pattern recognition and at capturing complex correlations in massive data sets, NYU's Lake said.

Xen Orchestra latest victim of Salt cryptojackers

“In short, we were caught in a storm affecting a lot of people. We all have something in common: we underestimated the risk of having the Salt master accessible from outside,” said Lambert. “Luckily, the initial attack payload was really dumb and not dangerous. We are aware it might have been far more dangerous and we take it seriously as a big warning. The malware world is evolving really fast: having an auto update for our management software wasn’t enough. “If you are running SaltStack in your own infrastructure, please be very careful. Newer payloads could be far more dangerous,” he said. More technical details of Xen Orchestra’s experience can be read on its website. Alex Peay, senior vice-president of product and marketing at SaltStack, said it had taken immediate action to remediate the vulnerability, develop and issue patches, and communicate widely to customers about the affected versions. “Although there was no initial evidence that the CVE had been exploited, we have confirmed that some vulnerable, unpatched systems have been accessed by unauthorised users since the release of the patches,” he said.

How remote working has forced us to look beyond the traditional PC

A minor but interesting consequence seems to be an increased interest in PC alternatives -- whether because of lack of supply or simply because businesses and consumers have had to respond to changing circumstances with limited budgets. For example, the Raspberry Pi Foundation has noted that sales have rocketed during the coronavirus crisis, which it puts down to people buying the tiny computers to end battles over the single home PC during lockdown. The lastest Raspberry Pi might be diminutive, but it's powerful enough to take on the role of budget computer if need be. Chromebooks, which are slightly easier to work with if you don't have the technical skills to play with a Pi, have also been selling well. And it's not only harassed parents looking for extra PCs that have been getting creative. Here at ZDNet we've also written about how councils have been digging old laptops out of storage, putting Linux on them or otherwise lightening the operating system load, and sending them out to allow staff to work from home. An old or lower-spec device is good enough for many employees, especially if your teams only need to access cloud-based tools and/or virtual desktop services. It's been pointed out that without the option of using a wide range of cloud-computing services businesses would be in even more trouble.

Microsoft Announces the General Availability of Windows Server Containers

Besides the support for Windows Containers in AKS, Microsoft also announced support for private clusters and managed identities – which are intended to provide developers with greater security capabilities and to easier meet compliance requirements. Private clusters allow the use of managed Kubernetes within a closed network - without connection to the internet. And, with private clusters, the security measures of highly regulated industries such as finance or healthcare can be met. Next to the support for private clusters, AKS supports managed identities, which enables secure interaction with other Azure services such as Azure Monitor for Containers or Azure Policy. Furthermore, developers do not have to manage their service principals or rotate credentials often. Lastly, Burns wrote in his blog post about the continuous development of more integrations between AKS and Azure Advisor and bringing industry best practices right into the AKS experience. Moreover, Microsoft is committed to bringing customer learning into the VS Code extension for Kubernetes to provide developers with advice and integrate security advice into the Azure Security Center.

What is smishing? How phishing via text message works

Smishing  >  A woman looks at her mobile phone in horror when receiving a malicious SMS text message
Smishing is, essentially, phishing via text messages. The word is a portmanteau of "phishing" and "SMS," the latter being the protocol used by most phone text messaging services. Because of this etymology, you'll sometime see the word written as "SMiShing," though that's increasingly rare; people also include scam attempts via non-SMS text services, like WeChat or Apple's iMessage, under the smishing umbrella. The term has been around since at least the late '00s, though the omnipresence of smartphones in the modern era has made it a more tempting attack vector for hackers. "Vishing" is a similar type of attack that uses voice calls instead of emails or texts; the word is a portmanteau of "voice" and "phishing." ... Bank smishing is often successful for a couple of reasons. One is that many banks really do have services that text you about suspicious activity on your account. An important thing to keep in mind is that legitimate messages should contain information proving that the bank already knows who you are: they might include the last few digits of your credit card or bank account number, for instance.

Microsoft officially acknowledges Windows 10X is coming first to single-screen devices

Microsoft's official reason for targeting single-screen devices is the impact of the COVID-19 coronavirus pandemic on users' buying habits. And that may, in fact, be true, as users are likely more interested right now in tried-and-true form factors, like laptops and 2-in-1 devices than in brand-new, unproven ones. That's why Microsoft has suspended delivery of its own dual-screen Neo device, which was due this holiday season. While Windows 10X is important, it's not the only thing that matters. Windows 10, as it currently exists, is still important and more relevant than ever, Panay emphasized. He said Microsoft will be making Windows-specific developer content a big part of its Build 2020 developers conference coming up later this month. Panay's post includes some new data from Microsoft about how the current health situation has impacted Windows' usage. Windows 10 is being used 75 percent more, in terms of minutes of usage, than this same period a year ago, Panay said. This makes sense, given users are working and learning remotely and are likely less on the move/more tethered to their desks.

Changing realities of digital transformation in the public sector

Given the increase in online interactions, digital transformation in government is no longer about simply innovating, but managing scale, operational efficiency and ensuring taxpayer value for money, while user expectations, technologies and suppliers’ services are rapidly shifting. "The ability of government to continue to deliver high-quality services in times of change depends on its ability to dynamically respond to changing circumstances, legislation, policy and risk,” says Halliday. “The breadth, scale and nature of the technology that underpins public service delivery provides both enormous opportunities and significant challenges,” he adds. In the context of the coronavirus crisis, cloud-based software as a service (SaaS) becomes crucial in ensuring demands for scalability and reduced cost, as well as simpler integration of digital services, automation, efficiency and improved interactions.  Between late 2019 and early 2020, government departments seemed more willing to adopt cloud SaaS offerings, according to Halliday.

How Remote Working Is Reshaping A Future New World Of Work

Working from home has given coworkers a peak into our personal lives. And that's a good thing.
Corporate heads are speaking out more about their concerns for employee mental health as it relates to stress and anxiety, which is a shift for many business leaders. Joe Lallouz, CEO and Co-founder of technology platform Bison Trails, points out that people aren’t just choosing to work from home. They have to work remotely because of the global health crisis. And if you’re going to reduce people’s stress and anxiety about a shift in the way they work, it’s important to try to make them feel more comfortable, and a little empathy goes a long way: “The most important thing that CEOs and their leadership teams need to do is recognize that this can be very difficult for their teams. Exercising extra patience and empathy is probably the most important thing that anyone in a leadership position can do in an organization. Remember to give people the actual time it takes to adjust to these work style shifts . . . Arm your team the way you can by providing them with the information and resources they need, not just for their physical well-being, but also for their psychological and mental well-being.”

Quote for the day:

“Solitude matters, and for some people, it's the air they breathe” -- Susan Cain

No comments:

Post a Comment