Blockchain expert discusses a world without usernames and passwords
The core principles of blockchain, he explained, can be applied to anything
and can be useful for a variety of things, including
authentication. "Right now, we have this problem with authentication. If
you go to a bar and ask for a beer, you give them your license to prove age.
But the issue is that they don't just get proof that you're 21, they get your
name, actual age, address, organ donor and more," he said. "We have these
imprecise identity and authentication systems where to establish a fact,
whether it be age or paying taxes, you have to collect a lot more information
than you need just because of the medium of how it's done. So many companies
become data warehouses as a consequence of that mandate and they end up
storing huge amounts of information about people. If they get hacked, that
information gets leaked." Blockchain proponents have spent years figuring out
a unified place to store credentials while also finding ways to prove facts
about people by only revealing the minimum amount of information
necessary. "We can use zero knowledge cryptography and these things to
say: 'Hey, you're over the age of 21. I won't know how old you are but I can
get proof you're over 21. I can know you live in New York but not get your
address," he added.
Building Security into Software
When a new technology wave sweeps over the security discipline - such as
mobile code security, IoT security, or ML security - one important exercise is
to think about how the seven touchpoints can be applied in order to make
security progress. When it comes to many technologies, source-code analysis is
the easiest security touchpoint to apply first. Why that is the case should be
obvious: Regardless of the process you may have used to come up with your
code, your code can be subjected to static analysis. That is, just about every
software project has code. Well, to a point: Static analysis of a dynamic
node.js assembly may not be possible depending on when, where, and how the
assembly is put together. In fact, the move to dynamic languages is having a
deep impact on the base effectiveness of code review using a static analysis
tool. Likewise, a DevOps approach elevates the importance of security
operations (touchpoint 7), which is now defined in code itself. Containers are
code, and container configuration is code. Container orchestration is code,
too! So securing a system by design obviously must include operational aspects
that may have been left to the IT guys in the past.
Phishing Attacks Traced to Indian Commercial Espionage Firm
Multiple details appear to reinforce that Dark Basin's operators were Indian
and working in India, including the repeat use of custom-built link-shortening
services named Holi, Rongali and Pochanchi, of which the first two are names
of Hindu festivals, while the latter appears to be "a transliteration of the
Bengali word for '55,'" according to Citizen Lab. Researchers said they found
online a copy of BellTroX's phishing kit source code, as well as log files
detailing testing activity, which uses the same time zone as India. Citizen
Lab says employees also boasted online about conducting some attacks that
traced back to link-shortening services seen in multiple BellTroX hack
attacks. "We were able to identify several BellTroX employees whose activities
overlapped with Dark Basin because they used personal documents, including a
CV, as bait content when testing their URL shorteners," Citizen Lab says.
"They also made social media posts describing and taking credit for attack
techniques containing screenshots of links to Dark Basin infrastructure.
BellTroX and its employees appear to use euphemisms for promoting their
services online, including 'Ethical Hacking' and 'Certified Ethical Hacker.'"
A new digital ecosystem to transform the lives of Nigerians across the globe
“Sparkle will be transformational for Nigerians across the globe and I am
hugely excited to be launching it today. Sparkle is redefining Nigerian
commerce by merging financial services with a seamless lifestyle solution. We
are removing barriers using technology and data, driving inclusion at scale.
In doing so, we are empowering Nigerians to fulfil their potential,
democratizing access to valuable solutions for both business and personal
needs.” Sparkle is partnering with VISA, Microsoft and PwC Nigeria to achieve
its vision of redefining Nigerian commerce. The partnerships will provide
industry leading expertise in APIs, cloud computing, data science, machine
learning, tax and financial advisory services for the benefit of Sparkle’s
customers. The services offered by Sparkle are all licensed by the CBN. The
launch of Sparkle comes at a time when most of Nigeria’s population (79%) have
mobile connectivity, with 39% having access to mobile broadband connections1.
This young and growing population – currently over 195 million people2 – are
also digital natives, with social networks forming part of everyday
life.
Android 11's most important additions
The Android 11 Beta is significant for a couple of reasons. First, even though
Android 11 itself has been in a public developer preview since February, this is
the first time it's being made easily accessible to average users — and the
first time it's anywhere near stable enough to be advisable for regular
phone-totin' folk to use. (That being said, it still isn't something a typical
phone-owner should install, especially on a primary phone you rely on for work.)
But beyond that, this week's release gives us our first real look at what's
likely the complete picture — or something very close to it — of what Android 11
represents. The early developer previews were kind of like rough skeletons, in a
sense, and this beta release adds in the meat around those bones. That means
some of the flashiest, most high-profile features of the software are now in
front of us, and while there aren't any huge surprises, there's certainly some
noteworthy stuff — including a newly refined notification panel that separates
out conversation-centric alerts and places them in their own dedicated section,
the long-awaited debut of Android's Bubbles multitasking system, a fancy new
control panel for connected devices, and a new universal media player with
better tools for controlling audio across multiple devices.
Artificial intelligence gathers pace in Latin America
Latin firms are using AI to tackle critical regional issues, including food
security, smart cities, natural resources, and unemployment, according to the
study, with the level of sophistication of AI projects at almost the same
level as other regions. About 80% of large businesses in the region reported
having projects underway, with early benefits including increased operational
efficiency and management decision-making. This compares with 87% in North
America and 95% in Asia-Pacific. The researchers predict that by 2022, AI
projects are expected to accelerate, with almost two-thirds of respondents in
Latin countries saying they expect 21%-40% of their processes to use AI three
years from now, with the areas of fastest growth being logistics and supply
chain management, as well as sales and marketing. The report noted that all
industry sectors in Latin America have been ramping up adoption of AI, mostly
for customer service, cited by 55% of respondents. Banks and airlines in the
region have been at the forefront, taking advantage of chatbots and virtual
assistants to improve response times and lighten administrative loads. The
report also noted the emergence of a number of AI customer service-focused
startups in the region.
Survey on Agile Hints at Further Acceleration Under COVID-19
How the success of Agile projects is measured is changing, according to the
survey results. Burndown charts and the number of deliveries per day or hour,
O’Rourke says, were the prevalent metrics. This has given way to
business-related metrics taking the top spots. Customer/user satisfaction,
business value, speed of delivery, customer retention, and increased revenue
are now prime ways to gauge the success of agile projects, he says. More
companies are committing to value streams in Agile, O’Rourke says, that tie
business and IT organizations together. “Their expectation is those IT
organizations are becoming much more of a strategic piece of their
capabilities as opposed to just a cost center,” he says. Scaling of Agile is
becoming more pronounced in the era of COVID-19, O’Rourke says. The
methodology is applied increasingly across entire organizations from teams to
directors, he says. There have also been changes in how Agile is applied with
external resources, O’Rourke says. “This year, 40% of the people are using
Agile capabilities in their outsourced projects, but five years ago that was
78%.”
DevOps for beginners: Where to start learning and focusing
First, we need to identify all the gaps and bottlenecks in your organization.
A great practice to start is to map out value streams. What are all the steps
taken between a customer triggering a request for a product or service and the
associated value being delivered to them? How long does each step take? Where
is there waste and unnecessary wait times? What about getting new releases of
your software? How long does it take to get a new idea from a customer
(internal or external) implemented and usable? A pair of practices to help
with all of these questions are Value Stream Mapping and Metrics Based Process
Mapping: These exercises can help you think about the gaps and delays that
exist between end users and business lines, between business lines and
software development teams, and between software development teams and
application operations teams. Plugging these gaps and shortening these delays
is what DevOps helps improve. Next, it’s hugely valuable to take some time to
ensure you and your teams understand what DevOps is and, more importantly,
what DevOps isn’t.
Remote working: How the biggest change to office life will happen in our homes
"Whenever I would work from home before COVID," Hashmi tells ZDNet, "I would
start my day as if I was going to work, and then instead of getting onto the
tube, I'd go down to the co-working space with my laptop and my coffee, and
work there until lunchtime." When his stomach would start rumbling, he would
take the lift back up to his studio, make some food, and do some more work
there. "But I'd go back down if I wasn't working productively enough in my own
flat," adds Hashmi. "To have this workspace was really beneficial, because
otherwise you're always working in your bedroom-kitchen area." ... "This is
mostly just because the ergonomics of working in my studio aren't very
good," he adds. "Whereas all the times I've worked in the co-working space,
I've never felt physically discomforted. There's a variety in how you can sit,
or change spaces." ... now it has become widely accepted that remote working
is here to stay, even in a post-coronavirus world. And as employees start
spending a few more days at home every week, it is not only office layouts
that are going to change – but also the way we organize our homes.
Manifesto for Sustainable Agile
Technology has helped us prove that remote work at such a massive scale is
possible. Studies have long proven collocated teams are better at delivery
outcomes and gain alignment quickly. The effect of current situation will
fundamentally shift how office spaces & collocation is perceived by
individuals and leaders. In post COVID-19 era and beyond, remote working may
take a front seat giving people commute-free lifestyle combined with technology
innovations. We are all learning and experience through a global movement that
it is more important to have the power of minds, ideas and thoughts together and
collocated through digital mediums and conferencing innovations etc. Physical
collocation may prove not be an essential aspect for new normal where everyone
will master the art of remote working. ... The urge to measure individual
productivity has always been of keen interest for people who are more focused on
ROI over Impact. It has been a topic of debate over years in agile community
that rather than measuring outputs or utilisation, one should measure outcomes.
In my experience, outputs/utilisation measured in absolute number of hours or
any time unit may have a NO direct relation to intellectual outcomes.
Quote for the day:
No comments:
Post a Comment