Cisco reports highlight widespread desire for data privacy and fears over remote work security
Cisco has released two studies examining how workers feel about the current
state of play when it comes to remote work security and data privacy, finding
that thousands around the world are increasingly concerned about how their
employers are handling the massive societal changes that have occurred over
the last six months. The "Consumer Privacy" report includes findings from a
study of responses from more than 2,600 adults in 12 countries across Europe,
Asia, and the Americas. The "Global Future of Secure Remote Work" report has
insights gleaned from over 3,000 IT decision makers in the Americas, Japan,
China, and Europe. Both reports indicate that remote work is now a
permanent part of the new normal, with 62% of respondents telling researchers
that more than half of their workplace is working remotely since the onset of
the coronavirus pandemic. Despite the massive shift to telecommuting, the vast
majority of people who responded to the survey said they did not trust the
digital tools they used for work. Workers and consumers are particularly
concerned about the privacy protections built into the tools they use for work
and nearly half of all respondents said they do not feel that most businesses
can effectively protect their data today.
How To Protect Yourself From Unexpectedly High AWS Bills
Set up billing alerts. If you are using AWS, even for a small task, please
please please set up billing alerts. They are not required during setup, but
if you are a non-enterprise user, I would consider this step mandatory as
AWS will not alert you to dramatic increases in charges unless they bypass
15K which is already an incredible amount of money. Read the pricing
table…carefully. If you are installing a new service, make sure to carefully
read the pricing table. Amazon will sometimes set ridiculous defaults for
container size which you might not see until the bill comes in. Do
understand however that this might not be good enough, as bugs, loose API
keys, and improper installations can do crazy things. Consider using another
service. If you are a non-business individual user or small-business user,
you might want to consider using another service. AWS is built for
enterprise customers, and as such an enterprise wallet. Yes, it can be very
cheap, but consider this: after my little mix up, I could have payed $150 a
month over all of the years I used AWS and still come out ahead. Yes, AWS
might be cheap at first, but one mistake can make it very expensive.
Learn from the hype surrounding kale – don’t rush Kubernetes
It requires more than just Kubernetes to achieve business outcomes, and hype
surrounds the technology and term Kubernetes. A lot of false expectations
exist too. Some companies may have heard on the IT grapevine that Google,
AWS, Netflix, and Microsoft bet on Docker as a container format and
Kubernetes as the orchestration engine – that the technology can scale and
provide infrastructure at the same level as the big players. Simultaneously
they may not be aware that the whole business model of such companies
focuses on making infrastructure fluid and immediately available. Regular
customers have a very different business model, with solutions based on
trusted platforms by trusted partners that have solved virtualisation in the
past, and those partners now have solutions to achieve the same outcomes
with containerisation. Of course, Kubernetes technology also has its
benefits. Businesses can become more efficient in their use of IT and
achieve better results, faster, from development life cycles. They’ll
produce better software via more automation and standardisation.
Organisations can then use software to explore new business opportunities,
experiment with the best ways to profit from ideas, and evolve accordingly.
Quote for the day:
"Failures only triumph if we don't have the courage to try again. -- Gordon Tredgold
Ubiq Rolls Out Encryption-as-a-Service Platform Aimed at Developers
Encryption has always been a fundamental part of computing — many of the early uses of computers were for cracking codes — and the technology has always been difficult to implement correctly. Despite the fact that there are many open source encryption efforts, adoption has remained low until the data-security capabilities could be integrated into technology. Even companies immersed in security and technology have had poor adoption rates. Google, for example, only had encryption implemented in half of its products in 2014, although the company claims that share is 95% today. On the development side, encryption errors continue to be prevalent among applications, irrespective of the programming language. Cryptographic errors are the second most common software vulnerability, occurring in 62% of applications, just behind information leakage, which occurs in 64%, according to application security firm Veracode. Encryption failures are also a significant factor in the severity of many data breaches. From the theft of unencrypted e-mails from Stratfor in 2012 to the failure to encrypt data in publicly accessible databases and Amazon S3 buckets, the failure of developers and operations workers to lock down every step in the data life cycle has led to reoccurring breaches.Researchers open the door to new distribution methods for secret cryptographic keys
The researchers suggest a simple do-it-yourself lesson to help us better
understand framed knots, those three-dimensional objects that can also be
described as a surface. “Take a narrow strip of a paper and try to make a
knot,” said first author Hugo Larocque, uOttawa alumnus and current PhD
student at MIT. “The resulting object is referred to as a framed knot and
has very interesting and important mathematical features.” The group tried
to achieve the same result but within an optical beam, which presents a
higher level of difficulty. After a few tries (and knots that looked more
like knotted strings), the group came up with what they were looking for:
a knotted ribbon structure that is quintessential to framed knots. “In
order to add this ribbon, our group relied on beam-shaping techniques
manipulating the vectorial nature of light,” explained Hugo Larocque. “By
modifying the oscillation direction of the light field along an “unframed”
optical knot, we were able to assign a frame to the latter by “gluing”
together the lines traced out by these oscillating fields.” According to
the researchers, structured light beams are being widely exploited for
encoding and distributing information.
Learn what to test in a mobile application
Mobile devices present different issues than desktop computers and
laptops. For example, tilting a mobile device could cause the app to
render in landscape form and look odd -- this won't happen on a laptop. A
user can lose network connection briefly, which causes state problems.
And, in some cases, notifications from other applications can interrupt
the system. Anyone on a mobile device could experience these issues during
everyday use. These problems might be impossible to simulate with a test
automation tool. Automated mobile test scripts don't offer enough value to
justify the time necessary to write them for every possible condition.
Testers can be more successful if they follow the 80/20 rule: Assume 80%
of failed tests stem from 20% of test cases. When these test scripts
break, something is likely broken with the application. Check for these
kinds of issues when the team rewrites the UI, or brings in a new GUI
library or component. Test the software as a system when it first comes
together, and before major releases under challenging conditions. The
first few times QA professionals field test an app -- i.e., take a mobile
device on a long car ride, or swap between cellular data and Wi-Fi -- it
might take a few days.
Translating lost languages using machine learning
Spearheaded by MIT Professor Regina Barzilay, the system relies on several
principles grounded in insights from historical linguistics, such as the
fact that languages generally only evolve in certain predictable ways. For
instance, while a given language rarely adds or deletes an entire sound,
certain sound substitutions are likely to occur. A word with a “p” in the
parent language may change into a “b” in the descendant language, but
changing to a “k” is less likely due to the significant pronunciation gap.
By incorporating these and other linguistic constraints, Barzilay and MIT
PhD student Jiaming Luo developed a decipherment algorithm that can handle
the vast space of possible transformations and the scarcity of a guiding
signal in the input. The algorithm learns to embed language sounds into a
multidimensional space where differences in pronunciation are reflected in
the distance between corresponding vectors. This design enables them to
capture pertinent patterns of language change and express them as
computational constraints. The resulting model can segment words in an
ancient language and map them to counterparts in a related language.
On the trail of the XMRig miner
Alongside well-known groups that make money from data theft and ransomware
(for example, Maze, which is suspected of the recent attacks on SK Hynix
and LG Electronics), many would-be attackers are attracted by the
high-profile successes of cybercrime. In terms of technical capabilities,
such amateurs lag far behind organized groups and therefore use publicly
available ransomware, targeting ordinary users instead of the corporate
sector. The outlays on such attacks are often quite small, so the
miscreants have to resort to various stratagems to maximize the payout
from each infected machine. For example, in August of this year, we
noticed a rather curious infection method: on the victim’s machine, a
Trojan (a common one detected by our solutions as Trojan.Win32.Generic)
was run, which installed administration programs, added a new user, and
opened RDP access to the computer. Next, the ransomware
Trojan-Ransom.Win32.Crusis started on the same machine, followed by the
loader of the XMRig miner, which then set about mining Monero
cryptocurrency. As a result, the computer would already start earning
money for the cybercriminals just as the user saw the ransom note.
5 steps to learn any programming language
Some people love learning new programming languages. Other people can't
imagine having to learn even one. In this article, I'm going to show you
how to think like a coder so that you can confidently learn any
programming language you want. The truth is, once you've learned how to
program, the language you use becomes less of a hurdle and more of a
formality. In fact, that's just one of the many reasons educators say to
teach kids to code early. Regardless of how simple their introductory
language may be, the logic remains the same across everything else
children (or adult learners) are likely to encounter later. With just a
little programming experience, which you can gain from any one of several
introductory articles here on Opensource.com, you can go on to learn any
programming language in just a few days (sometimes less). Now, this isn't
magic, and you do have to put some effort into it. And admittedly, it
takes a lot longer than just a few days to learn every library available
to a language or to learn the nuances of packaging your code for delivery.
But getting started is easier than you might think, and the rest comes
naturally with practice.
Articulating Leadership through Nemawashi and Collaborative Boards
Many meetings are just conversations with no conclusion and it seems that we cannot get over that. The point is that we need both: meetings and conversations, but we shouldn’t mix them. Nemawashi puts order here, separating conversations and meetings, similar to what Scrum does with the different events, where each one has a clear purpose. Meetings are formal, concrete, to the point; and there should be no surprises. It is the official acknowledgement of everything previously discussed and we just get together to have everyone on the same page. It is the formal moment when decisions are communicated and officially agreed on. Conversations instead take place ad-hoc, as often and as long as needed, involving only the necessary (and engaged) participants. This is where focused discussions take place. ... People are deciding on things anyway all the time, but on the wrong things. One clear symptom is too much effort on details and important points being missed or late, while everyone is "busy". Collaborative Boards is where teams and leaders meet. They articulate top-down challenges through bottom-up proposals, keeping them aligned towards the vision and focusing on what really matters.Quote for the day:
"Failures only triumph if we don't have the courage to try again. -- Gordon Tredgold
No comments:
Post a Comment