Daily Tech Digest - August 10, 2021

Sky Computing, the Next Era After Cloud Computing

With multicloud being a priority for sky computing, a key challenge will be the buy-in of today’s market-leading cloud platforms — AWS, Microsoft and Google in particular. I asked Stoica which of the main platforms does he think will make the first move towards sky computing, and what would be their motivation? “Based on economics theory, presumably clouds that are second or third [in the market] — like Google — will be most likely to do it, because this is one way for them to get more market share. If they provide a faster or cheaper infrastructure, the sky would make it easier for them to get more workload from other clouds.” However, he also noted that application developers don’t necessarily need the permission of the big cloud platforms to attain “sky computing” functionality. “You can do it today. I can have an application — like say a machine learning pipeline — and do some data processing, some training, and some serving to serve the models. I can do the training on Google and the serving on Amazon.”

It's a Bird, It's a Plane, It's Blockchain

Amazon isn't the only major vendor to offer BaaS (Blockchain As A Service). For example, IBM leverages the TradeLens ecosystem to advance global trade with blockchain, preventing counterfeiting of pharmaceuticals and encouraging responsible sourcing of minerals. “TradeLens has already processed 42 million container shipments, nearly 2.2 billion events, and some 20 million documents,” said IBM in a statement. “In total, five of the top six global shipping carriers are now integrated onto the platform contributing to the digitization of documentation and automated workflows.” “Oracle is the enterprise blockchain dark horse,” wrote Alan Pelz-Sharpe of U.S.-based research firm Deep Analysis in a research note. “Its stealthy but deeply funded and well-sourced entry into the market follows Oracle’s well-established pattern: the firm has a history of first dismissing new technologies, only to work quietly and then launch into the new market with full force. That being said, with Oracle’s deep roots in the supply chain, financial services, and government sectors, blockchain always made more sense for it to embrace than for some of its competitors.”

The Next Evolution in Blockchain: Decentralized Identity

The first type of digital identifier in blockchain, the primitive one, is the one used for cryptocurrencies, which has a pair of asymmetric encryption keys, identifying the holder of the funds to dispose of those holdings, with the public key visible to all, and the private key, reserved for its holder. Coin transactions on some blockchains are traceable, i.e. the funds can be traced in the ledger register. For other networks, however, it is impossible, or at least difficult, to follow the sequence of the funds traded. These blockchains are referred to as privacy blockchains. Unlike Monero and Zcash, the most well-known privacy currencies that opted for the absence of traceability, Cardano maintains transparency and traceability over block records, as do many others, such as Bitcoin. Applications exist to prevent traceability on traceable blockchains. First proposed in 2013 by Greg Maxwell, CoinJoin is a method that combines multiple single-input single-output transactions into a single multiple-input multiple-output transaction. 

What are low-code databases?

It’s difficult to draw the line between a low-code database and any generic application. Many apps are just thin front ends wrapped around a database, so users may be storing their information in traditional databases without even realizing it. A layer of automation eases the flow, at least for common applications. Some open source toolkits are designed to make this simple. Drupal and Joomla, for instance, are content management systems designed to create databases filled with pages and articles. Drupal’s Webform module adds the ability to create elaborate surveys so users can input their own data. Other content management systems like WordPress can do much of the same thing, but they’re often more focused on building out blogs and other text documents. The major cloud services are adding tools and offering multiple ways to create an app that stores data in the cloud’s data services. Google’s AppSheet offers a quick way to thread together an app that is tightly integrated with the office products in G Suite. It is one replacement for App Maker, an earlier effort that recently shut down.

At Black Hat, mobile and open source emerge as key cybersecurity dangers

By its very nature, the open-source model is not set up for generating fully secure code. When you have millions of contributors from around the world, a freely usable resource of important software tools, and an ever-changing roster of maintainers, security can easily fall through the cracks. The problem is that threat actors know this as well and they are cashing in. The Equifax breach of 2017, which exposed the personal information of 147 million people, was attributed to an exploit of a vulnerability of an unpatched open-source version of Apache Struts. The threat landscape involves tools used by developers and where they store them. It was reported in December that two malicious software packages were published to NPM, a code repository used by JavaScript developers to share code blocks. In addition, an analysis by GitGuardian found 2 million “secret” passwords and identifying credentials stored in public Git repositories over 2020 alone. “Things are not getting better and on top of this, applications are growing in complexity,” said Jennifer Fernick

Security matters when the network is the internet

The move to the cloud has undermined the traditional model of the “nailed-up” private network. These days most organizations live in a hybrid cloud world where many key workloads sit in the public domain. As remote working becomes the norm, applications, people, and devices will continue to communicate externally, and the logic of channeling all that traffic through the corporate datacenter just for security enforcement alone becomes questionable. So, companies need to view security as an all-encompassing architecture and look to maintain consistent policies and protections for all users regardless of where they are working from. Remote working is a model that organizations were slowly moving towards for decades. Sure, the pandemic increased the speed and scope of its implementation dramatically, but it didn’t change the overall direction of travel. It has always been the case that who you are is more important than where you are, so access policies always should have been more about identity than location. 

Why Is Federated Learning Getting So Popular

Federated learning provides a decentralised computation strategy to train a neural model. Modern day mobile devices churn out swathes of personal data, which can be used for training. Instead of uploading data to servers for centralised training, phones process their local data and share model updates with the server. Weights from a large population of mobiles are aggregated by the server and combined to create an improved global model. The distributed approach has been shown to work with unbalanced datasets and data that are not independent or identically distributed across clients. On-device machine learning comes with a privacy challenge. Data recorded by cameras and microphones can put individuals at great risk in the event of a hack. For example, apps might expose a search mechanism for information retrieval or in-app navigation. Federated averaging was implemented by researchers from University of Kyoto in practical mobile edge computing (MEC) frameworks by using an operator of MEC frameworks to manage the resources of heterogeneous clients. 

Android Malware ‘FlyTrap’ Hijacks Facebook Accounts

The threat actors use a variety of come-ons: Free Netflix coupon codes, Google AdWords coupon codes, and voting for the best football/soccer team or player. They’re not only enticing; they’re slick, too, with high-quality graphics – all the better to hide what they’re doing behind the scenes. “Just like any user manipulation, the high-quality graphics and official-looking login screens are common tactics to have users take action that could reveal sensitive information,” zLabs researchers explained. “In this case, while the user is logging into their official account, the FlyTrap Trojan is hijacking the session information for malicious intent.” The bad apps purport to offer Netflix and Google AdWords coupon codes, or to let users vote for their favorite teams and players at UEFA EURO 2020: The quadrennial European soccer championship that wrapped up on July 11 (delayed a year by COVID-19). But first, before the malware apps dish out the promised goodies, targeted users are told to log in with their Facebook accounts to cast their vote or collect the coupon code or credits.

To create AGI, we need a new theory of intelligence

“Brains are always housed in bodies, in exchange for which they help nurture and protect the body in numerous ways,” he writes. Bodies provide brains with several advantages, including situatedness, sense of self, agency, free will, and more advanced concepts such as theory of mind and model-free learning. “A human AGI without a body is bound to be, for all practical purposes, a disembodied ‘zombie’ of sorts, lacking genuine understanding of the world including its human inhabitants, their motivations, habits, customs, behavior, etc. the agent would need to fake all these,” Raghavachary writes. Accordingly, an embodied AGI system would need a body that matches its brain, and both need to be designed for the specific kind of environment it will be working in. “We, made of matter and structures, directly interact with structures, whose phenomena we ‘experience.’ Experience cannot be digitally computed — it needs to be actively acquired via a body,” Raghavachary said. “To me, there is simply no substitute for direct experience.”

IT leadership: How to find more ways to pay it forward

Today, as Zoom meetings and video calls continue to be the primary form of communication, it’s critical to hone those active listening skills. For instance, you might think it’s fine to grab a drink while someone is speaking – but in those few moments that you’re distracted, you’re not actually hearing what’s being said, nor what’s left unsaid. Face-to-face conversations force you to dial in your attention, but it’s easy to lose that focus when meetings are virtual. When I meet with someone virtually, I minimize distractions by first resolving to be present in every conversation. With the amount of digital distraction we have in today’s world, we need to commit to focusing on ourselves and those we are meeting with. I stay in the moment by setting my phone aside, turning off notifications, and closing other windows and programs on my machines. While there are certainly some challenges to coaching others virtually, there are advantages as well. Some introverts, I’ve found, tend to feel more comfortable expressing their opinions during video calls because they’re not physically surrounded by others, and this puts them more at ease.

Quote for the day:

"The signs of outstanding leadership are found among the followers." -- Max DePree

No comments:

Post a Comment