Daily Tech Digest - June 19, 2020

The Rise of TensorFlow

IT teams working with deep learning initiatives can enhance that innovation through production quality management. Many aspects of software development, such as Test-Driven Development (TDD) and Continuous Integration/Continuous Development (CI/CD) are being incorporated into DataOps, and consequently, MLOps. IT teams can seek opportunities to establish robust data pipelines created from MLOps practices. The instances can provide clues for translating lessons learned that could potentially fit the machine learning concepts applied to quantum computing. Quantum computing research is very nascent, with many theories and calculations that feel more at home in a Star Trek episode than in a real-world application. But the TensorFlow community is growing with encouragement from Google. Google offers a few notebook tutorials that users can demo, along with an installation guide. During the Google I/O19 Summit, TensorFlow advocate Josh Gordon shared that 1,800 developers had been contributing trial and production-ready projects using TensorFlow. The high interest in the developer community to explore TensorFlow capabilities holds even higher potential to yield valuable insights in quantum computing research and applications.

Coming Soon: 'Trust Mark' Certification for IoT Devices

The program proved "that you can have an independent, agnostic, vendor-sponsored certification program provided you have the right checks and balances in there," Tett says. The Trust Mark program will have an independent decision authority that decides whether products are approved, Tett says. The products will be evaluated by separate, independent testing facilities. In other countries, a host country IoT association can promote and market that evaluated products that have gone through the program, Tett says. "IoT is not just an Australian problem," Tett says. "It's the world's problem." The testing program will have two phases. First, manufacturers will develop a statement of claims, describing security, safety and privacy aspects of a device. Those could include "baseline" aspects, such as policies on default passwords, how encryption is used and how the device can be patched. They also could include information about specific security features, such as how the device securely transmits personal data. In the second phase, an accredited test facility will verify the manufacturer's claims and issue a letter of recommendation. But a decision authority will decide whether a device passes or fails. If it passes, it will be certified.

5 Things You Can Do Right Now to Prepare for the Post-Coronavirus Business World

Cybersecurity is already an important topic to large businesses, and with the EU's General Data Protection Regulation, California's Consumer Privacy Act and other privacy laws, as well as countless news stories about the cost and impact of data breaches, it is something smaller businesses are being forced to confront head on. With the surge in employees working remotely during the virus outbreak, we have seen more and more data breaches and cyberattacks. Employees using unsecured infrastructure and third-party tools are two of the leading causes of potential breaches. Combine this with data storage and access practices that violate privacy laws — for example, telemedicine on non-HIPAA-compliant platforms — and suddenly the need for secure solutions takes center stage. ... With the unprecedented business shutdown across America, businesses will be increasingly looking at ways to have a greater degree of control over their expenses. These will include businesses requesting shorter contract durations, emergency clauses and provisions in agreements, ways to have a more easily scalable workforce utilizing temporary workers and temporary agencies, and an overall desire to lower expenses, especially recurring

How to Secure Machine Learning

Building security in for machine learning presents an interesting set of challenges. Primary among these is the fact that in any machine learning system data plays an outside role in system security. In fact, my view is that the datasets an ML system is trained, tested, and ultimately operated on account for 60% or more of overall security risk, while the learning algorithms and other technical aspects of the system (including source code) account for the rest. For that reason, in my work with BIML, I have focused my attention on architectural risk analysis sometimes called an ARA, (touchpoint number two for software security), as the most effective approach to get started with. This stands in contrast to starting with touchpoint one (code review), but the reasons why should be mostly obvious. In a January 2020 report titled, "An Architectural Risk Analysis of Machine Learning Systems: Toward More Secure Machine Learning," BIML published an ARA as an important first step in its mission to help engineers and researchers secure ML systems. In the report, we painstakingly identified 78 risks. Of those 78 risks, I present the top five here.

PowerPoint 2016 and 2019 cheat sheet

The most important feature that launched with PowerPoint 2016 for those who work with others is live collaboration that lets people work on presentations together from anywhere in the world with an internet connection. To do it, you must be logged into your Microsoft or Office 365 account, and the presentation must be stored in OneDrive, OneDrive for Business or SharePoint Online. However, while Office 365 subscribers or anyone using PowerPoint Online can see the changes that other users of those versions make to a shared presentation in real time as they happen, PowerPoint 2016 and 2019 users have to save their presentations periodically to see and share changes. So while it is live collaboration, it’s not real-time visibility into that collaboration. Still, it does allow you to work with others on the same presentation at the same time. To collaborate on a presentation, open it, then click the Share icon in the upper-right part of the screen. If you haven’t yet saved your file in OneDrive, OneDrive for Business or SharePoint Online, you’ll be prompted to do so. Clicking the Share button opens the Share pane on the right-hand side of the screen. Think of the pane as command central for collaboration.

Microsoft wants developers to be Quantum-inspired

A Quantum Developer Kit (QDK) and new language Q# fill out the Microsoft quantum computing portfolio and are available on the open source GitHub repository. As Computer Weekly has previously reported, quantum computing is a technique that promises to solve problems that cannot be programmed using a traditional algorithm run on a classical binary computer design. Whereas traditional or classical computer architectures are very good at dealing in binary decisions, and solve problems by making discrete “yes” and “no” decisions, the complexity of some problems rises exponentially. This effectively means the problem cannot be solved in a traditional way. Giving an update to the company’s strategy, Ben Porter, director of business development at Microsoft, said: “Having spoken to customers across every industry, there is a need to study algorithms to solve complex problems.” But developing novel quantum algorithms is just the first part of Microsoft’s strategy. 

Technology in Banking: The developing role of biometrics

Multifactor authentication will soon be a requirement of industry regulation. A crucial element of the impending PSD2 regulation, and something that’s critical to the Open Banking scheme that’s just launched in the UK,is the need for banks to provide ‘Strong Customer Authentication’ (SCA) to protect users against external threats whilst not compromising their experience. Banks will need to verify an identity using at least two different authenticators. The regulation states this as ‘something you have’, ‘something you know’ and ‘something you are’, which could be translated as your device, your PIN number and a biometric feature. Since the introduction of fingerprint readers into phones, several leading banks integrated the technology into their apps. Now, the multifactor authentication requirements of PSD2 mean that all remaining European banks should at least be considering doing the same. By supporting the use of biometric authentication via a mobile device – whether fingerprint or other methods such as facial recognition – banks can provide a solution that combines security with usability, creating a better user experience.

Learning Progressive Web Apps - Book Review and Q&A

The use of “progressive” in the name is a shout out to the progressive enhancement approach to web development popularized in the early 2000s. In this context it means that a web app is progressively enhanced based on how much of the technology is supported in the browser. When your PWA runs on an older browser, one that doesn't support all or any of the PWA capabilities, it works just like any non-PWA. However, when the browser supports the core PWA technologies, additional capabilities unlock in the app depending on what code you have therein. PWAs allow you to register a chunk of JavaScript code called a service worker (SW) that runs in the browser context (as opposed to the app context). With a SW in place, your web app can do things a normal web app (a non-PWA) can't. Things like receive push notifications, enable an app to work while offline, even sync updated data with the server in the background when the app isn't running. SWs, along with a web app manifest file, also enable a more streamlined, app-controlled approach to installing the app on the user's desktop or home screen.

The new strategy for banks: Create value instead of competing

Banks should focus on creating new value instead of trying to catch up with existing and new competitors or simply contributing to apps and services that are a replication of what is already out there. Finding, developing and nurturing a new market space is a far easier thing to do and one can become a disruptor in their industry. A clear understanding of ongoing trends and the industry situation at large is key for any player in this space. One needs to study this constantly evolving business landscape in order to make better-informed and more accurate business decisions. Once banks unearth the problem areas of the industry, they can use this information to reimagine market boundaries and identify potential new customers for the industry. Before the plan has been put into action, it would be imperative to construct a roadmap to achieve your goal which aims to deliver new value to customers through it. Data is crucial for each of the steps mentioned above. Fortunately, we are currently in a digital age where the growth of data is on an exponential rise. IDC predicts that the collective sum of the world’s data will grow from 33 zettabytes in 2018 to a 175ZB by 2025, for a compounded annual growth rate of 61 percent. However, only 43 percent of ASEAN companies in 2019 were using big data to enhance their businesses, according to AOPG Insights’ report titled “The ASEAN Appetite for Data in Motion”.

Maze Ransomware Gang Continues Data-Leaking Spree

By having good security defenses in place, and up-to-date backups stored offline - so they cannot be crypto-locked by ransomware - victims can wipe and restore systems. This still takes time and energy, and doesn't address the root cause of how attackers infected systems in the first place, which organizations must also ascertain. But this strategy avoids victims having to even consider whether or not they might pay criminals. The U.S. Cybersecurity and Infrastructure Security Agency offers a detailed list of additional best practices for defending against ransomware. For organizations or individuals that fall victim, it recommends reporting the incident immediately to CISA, or a local FBI or U.S. Secret Service field office, to potentially receive help for dealing with that particular strain. Seeing gangs such as Maze continuing to notch new victims is a reminder to all organizations to get a ransomware-response plan in place - including training employees - immediately if they don't already have one. Security firm Kaspersky surveyed 2,000 business employees in the U.S. and another 1,000 in Canada last November and found that 45% said they didn't know what to do if they got hit by ransomware.

Quote for the day:

"The final test of a leader is that he leaves behind him in other men, the conviction and the will to carry on." -- Walter Lippmann

No comments:

Post a Comment