Daily Tech Digest - November 13, 2021

New law needed to rein in AI-powered workplace surveillance

“AI offers invaluable opportunities to create new work and improve the quality of work if it is designed and deployed with this as an objective,” said the report. “However, we find that this potential is not currently being materialised. “Instead, a growing body of evidence points to significant negative impacts on the conditions and quality of work across the country. Pervasive monitoring and target-setting technologies, in particular, are associated with pronounced negative impacts on mental and physical wellbeing as workers experience the extreme pressure of constant, real-time micro-management and automated assessment.” The report added that a core source of workers’ anxiety around AI-powered monitoring is a “pronounced sense of unfairness and lack of agency” around the automated decisions made about them. “Workers do not understand how personal, and potentially sensitive, information is used to make decisions about the work that they do, and there is a marked absence of available routes to challenge or seek redress,” it said.

New Application Security Toolkit Uncovers Dependency Confusion Attacks

Application security teams will most likely implement the Dependency Combobulator at the CI level, says Moshe Zioni, vice-president of security research at Apiiro. For example, if the team uses Jenkins for its CI process, the toolkit may be used as part of the build process. Another place to use the toolkit would be during code commits and push requests, in which every change in dependency imports will be sent to the Dependency Combobulator for inspection and decision-making. “It can potentially be interconnected via a plugin but that's a more convoluted way that is not easily supported out of the box and will need some extra development work," Zioni says. There are numerous other tools that act similarly to Dependency Combobulator. Snyk offers snync, an open source tool to detect potential instances of dependency confusion in the code repository. Sonatype offers developers a dependency/namespace confusion checker script on GitHub which checks if a project has artifacts with the same name between repositories, and to determine whether the developer has been impacted by a dependency confusion attack in the past.

Managing the risks and returns of intelligent automation

Most companies do not yet have the appropriate structures and tools to effectively manage the risks and returns of intelligent automation. Specifically, different aspects of system development and operation (such as implementation and system management, risk and resilience management, and business-process optimization) are often managed by various functions in a fragmented way. Furthermore, organizations typically lack robust frameworks, processes, and infrastructure to ensure the effective risk and return assessment of AI and automation. It’s therefore increasingly critical for companies to incorporate automation-specific considerations into their broader AI- and digital-risk-management programs. To drive strategic decisions across the organization, institutions can create a holistic view of both the benefits and risks of intelligent automation—including where these tools touch critical processes and where there might be vulnerabilities. They also need to understand not only how to simplify and automate processes, but also how to systematically reduce risk and improve institutional resilience. For this purpose, five key tactical steps can be considered across the automation and AI life cycle

Upgrading to Intel 12th-gen Alder Lake: Motherboard, cooler, and more

For performance, you have three options: The Core i9-12900K, Core i7-12700K, or Core i5-12600K. They scale down in performance and price, with the top chip sporting 16 cores for around $600 and the bottom 10 cores for around $300. All three chips are unlocked for overclocking, so you can push them beyond the rated clock speed. The KF-series processors are identical to their K-series counterparts. They come with the same number of cores, same boost clock, and same power limit. The only difference is that KF-series processors don’t include integrated graphics. All of these processors pair best with a discrete graphics card, so you can save a little bit of money by going with the KF-series model. If you’re focused on gaming, we recommend the Core i5-12600K most. It’s the best gaming processor you can buy right now, sporting a massive core count and solid clock speeds for a reasonable price. The Core i9-12900K is overkill for gaming, but its extra cores are excellent for content creation, as you can read in our Core i9-12900K review.

Why Pulsar Beats Kafka for a Scalable, Distributed Data Architecture

Software developers today prefer to work with open source. Open source makes it easier for developers to look at their components and use the right ones for their projects. Using a modular, flexible, open architecture not only enables the right mix of best-of-breed tools as the business – and the technology – evolves; it also simplifies the ability to scale. By taking a fully open source approach, developers can support their business goals more easily. In fact, companies using an open source software data stack are two times more likely to attribute more than 20 percent of their revenue to data and analytics, according to a recent research report by DataStax. When your developers have the option of using open source projects, they will pick the project that they think is best. This can lead to the issue of creating a level of consistency and cohesiveness in your data stack. Without some consistency of approach, managing the implementation will get harder as you scale. Building on the same set of platforms that carry out their work in the same way can lessen the overhead.

What Are CRM Integrations? Everything You Need To Know

A CRM system reaches its full potential when it’s connected with other applications and software. “CRM integration” is the act of connecting a CRM system with other systems, and simply means that a business’s customer data can be seamlessly integrated with third-party systems. These third-party systems might be unrelated to the CRM system, but the data they generate or use can make CRM work better, and vice versa. Integration will look quite different for different types of businesses. For some, it’s as simple as linking a CRM system with a few functions of a company website, which can be done via integrations already built into CRM software. However, more complex businesses will need to integrate a CRM platform with a variety of other systems, including ones that are equally or more complex, such as an ERP (enterprise resource planning) system. Most CRM system integrations require connecting through APIs (application programming interfaces). A tool called “integration platform as a service” (iPaaS) that facilitates information sharing between third-party systems has become common for performing CRM integrations.

Leveraging social media background checks to balance friction and risk

Partly driving this trend is new legislation such as PSD2, the EU directive that mandates stronger fraud prevention checks to complete payments. Coming into full effect on 14 September 2019, the anti-fraud aspect of PSD2 is essentially equivalent to hitting every new shopper with a hardcore 3DS2 check, requiring more than one point of authentication from shoppers in a fashion similar to multi-factor authentication practices. What is now the established approach to deterring fraudsters at checkout relies on biometrics to verify users, including selfies combined with scans of ID documents, as well as voice, fingerprints and other data elements. For instance, we have seen such measures adopted by popular players in the fintech landscape, such as Revolut and the recently rebranded Wise. While, according to Visa, consumers have taken well to biometrics, with 61% finding them easier and 70% finding them faster than passwords in the context of payments and banking, their applications vary considerably, from a quick scan to time-consuming multi-layered requests that might even require the shopper to switch devices.

Quantum computing skills are hard to find. Here's how companies are tackling the shortage

Quantum computers operate on inherently different principles to classical computers, requiring a new approach to problem-solving and a workforce consisting of academic, technical, and businesses expertise. No one candidate is going to possess all of these. "It involves so many different skills: we need classical hardware engineers, we need software engineers, we need mathematicians, we need simulation and modelling experts," says Edmondson. "I think the challenge for us is, if we go to hire a classical engineer, they don't have the physics background; if we hire a physicist, they're not used to working with classical hardware engineering – analogue design is new to them." Another fundamental challenge for businesses is getting people interested in technical fields to begin with. Not only are fewer young people taking IT and STEM-related subjects at school, but research also suggests that younger generations aren't all too confident about their chances of landing a career in tech either.

In-person and hybrid meeting strategies in the COVID era

It is a mess. And it's not likely to change anytime soon. Business leadership has to plan as if this level of disruption will remain the new normal for the foreseeable future, because it probably will. In that context, how do we do meetings? Sure, we had the answer back at the beginning of COVID: We all just used Zoom or Teams. But now? Now we have some people in the office and some at home, and we still have to sync up and work through business challenges. Let's start with conference rooms. As it turns out, crammed conference room meetings weren't as prevalent as we may remember. Office planning company Density Inc. did some really interesting polling back in 2019, before the pandemic hit. Density found that, 76% of the time, conference rooms were used by four people or fewer. In fact, 36% of the time, conference rooms were used by just one person. I'm guilty of that. During my years working in an office, I camped out in a conference room as much as possible. My cube was noisy and there were constant drop-ins, but if I moved to a conference room, I could get some peace and quiet and get my writing or research done.

Pace of Cybercrime Evolution Is Accelerating, Europol Warns

Unfortunately, the cybercrime-as-a-service ecosystem makes a number of malicious services and tools available for easy access - including the ability to access call centers, as not just cryptocurrency scammers but also ransomware operations continue to do to attack or contact victims. Budding criminals, who may not have deep technical knowledge, can also purchase ready-to-use strains of ransomware and other malware, tap bulletproof hosting sites or rent botnets to aid their attacks, and seek guidance via cybercrime forums. To combat this, Europol notes that law enforcement agencies continue to target so-called "gray infrastructure," referring to services that are marketed by criminals to other criminals. "Gray infrastructure services include bulletproof hosters, rogue cryptocurrency exchanges and VPNs that provide safe havens for criminals," Europol says. While such services cannot always be disrupted, police have continued to do so on numerous occasions.

Quote for the day:

"If you fuel your journey on the opinions of others, you are going to run out of gas." -- Steve Maraboli

No comments:

Post a Comment