Daily Tech Digest - September 24, 2022

Tackling Developer Onboarding Complexity

A common thread in onboarding, and more broadly on reducing developer cognitive load, is the concept of “golden paths” or “paved paths.” Ultimately, the idea is to reduce complexity and get to the bare bones of what needs to be learned or done to increase developer velocity and safety. Mostly, once the cultural aspects of onboarding are covered, this comes back to the “golden path” platform created for developers, which includes the tools and processes that are proven to work but aren’t handcuffs. Once a developer knows how to walk, for example, platforms should be flexible enough to let them run. Humanitec’s CEO, Kaspar von Gr├╝nberg, said, “Perhaps more important than fancy golden paths is to agree on the lowest common tech denominator to empower developers to work faster. Why run ultra-complex things if there is an alternative? It is like taking a tractor to do your grocery shopping, which is not productive. If you scatter things all over the place, you are not getting the effects of scale, and the tools you bring in are not delivering ROI. This is why I advocate for the value of standardization. Standardization forms the lowest common tech denominators, clearing the way for individual freedom where needed.”

How devops in the cloud breaks down

First is the obvious issue: talent. To do devops in the cloud, you need devops engineers who understand how to build and use toolchains. More important, you need engineers who know how to build toolchains using cloud-based tools. Some (but not many) people out there have these skills. I see many companies fail to find them and even pull back devops to traditional platforms just so they can staff up. Sadly, that’s not a bad strategy right now. Second, the cloud rarely has all the tools you’ll need for most devops toolchains. Although we have a tremendous number of devops tools, either sold by the public cloud providers or by key partners that sell devops cloud services, about 10% to 20% of the tools you’ll need don’t exist on your public cloud platform. You will have to incorporate another provider’s platform, which then leads to multicloud complexity. Of course, the need for those absent tools depends on the type of application you’re building. This shortage is not as much of a problem as it once was because devops tool providers saw the cloud computing writing on the wall and quickly filled in the tool shortages. 

Tesla is set to introduce its prime 'Optimus' robot

"Autopilot/AI team is also working on Optimus and (actually smart) summon/autopark, which have end of month deadlines," Musk wrote while responding to a Tesla fan club account on Twitter. Musk's Texas-based company is reportedly considering ambitious plans to use thousands of humanoid robots within its factories before eventually extending to millions globally, per a job posting. According to Musk, who is now promoting a vision for the company that extends far beyond producing self-driving electric cars, the robot industry may eventually be worth more than Tesla's automobile income. A source familiar with the situation claimed that as Tesla holds more internal discussions on robotics, the buzz is growing within the organization. ... For Tesla to be successful, it will have to display robots performing various spontaneous acts. Such evidence might help Tesla stock, which is currently down 25 percent from its 2021 peak, according to Nancy Cooke, a professor of human systems engineering at Arizona State University.

Researchers Say It'll Be Impossible to Control a Super-Intelligent AI

Rules such as 'cause no harm to humans' can't be set if we don't understand the kind of scenarios that an AI is going to come up with, suggest the authors of the new paper. Once a computer system is working on a level above the scope of our programmers, we can no longer set limits. "A super-intelligence poses a fundamentally different problem than those typically studied under the banner of 'robot ethics'," wrote the researchers. "This is because a superintelligence is multi-faceted, and therefore potentially capable of mobilizing a diversity of resources in order to achieve objectives that are potentially incomprehensible to humans, let alone controllable." Part of the team's reasoning came from the halting problem put forward by Alan Turing in 1936. The problem centers on knowing whether or not a computer program will reach a conclusion and answer (so it halts), or simply loop forever trying to find one. As Turing proved through some smart math, while we can know that for some specific programs, it's logically impossible to find a way that will allow us to know that for every potential program that could ever be written.

The Mutating Cyber Threat

Although each best practice is important, having a programmatic approach is essential for success, Kaun said. “Too many organizations look at security as a list of individual tasks such as perimeter protection and patching, but in reality they all have to work together.” As best practices mature and become part of corporate culture, and as people become educated and equipped to apply those best practices, true change and improved security begins to evolve. “A common adage in security is ‘people, processes, and technology,’ Cusimano noted. “Two of those involve people because people have to adhere to the processes.” The human element is the ultimate toolset, including awareness, collaboration, support, and maintenance. “A proper security program is properly educated and equipped people applying best practice policy and procedures, aided by technology,” Kaun said. “While the right technology will accelerate the effort, if you do not have the global view, the appropriate people, and contextual data to act upon, you will struggle.” Establishing that culture is critical but won’t happen overnight, Cusimano said. He recalled the transition to a safety-first culture in many manufacturing plants.

MIT and Databricks Report Finds Data Management Key to Scaling AI

“Data issues are more likely than not to be the reason if companies fail to achieve their AI goals, according to more than two-thirds of the technology executives we surveyed,” says Francesca Fanshawe, editorial director for MIT Technology Review and editor of the report. “Improving processing speeds, governance, and quality of data, as well as its sufficiency for models, are the main data imperatives to ensure AI can be scaled.” Data security is also a priority with leaders revealing they plan to increase spending on security improvement by an average of 101% over the next three years. The leader group also plans to invest 85% more in the same period on data governance, 69% more on new data and AI platforms, and 63% more on existing platforms. The report lists a few attributes of successful data and AI technology foundations, including a democratization of data to involve a greater number of data literate employees who can configure and improve AI algorithms. Openness is another attribute, with open standards and data formats allowing organizations to source data, insights, and tools externally to facilitate collaboration

Responsible AI, Blockchain in Safe and Ethical AI

Artificial Intelligence (AI) is a broad field that includes machine learning and cognitive computing where computers are programmed to mimic cognitive functions such as learning and problem solving many times faster and more accurately than a human. AI or its subset Computational intelligence, when combined with blockchain systems, can create more robust cryptographic functionality and ciphers thereby making it more difficult for cyber hackers to compromise systems. When blockchain participants have increased control over their data, they have the potential to decide with which parties and for what purposes their data are shared. To collect participant data for use in an AI dataset, participant permissions will need to be obtained.  ... The decentralized characteristics of smart blockchains can effectively help smart grids realize the transformation from centralization to distribution. The decentralization of smart blockchain breaks information barriers and realizes secure data sharing among multiple participants.

Worried about quiet quitting? These Dos and Don'ts could stop it becoming a problem

To understand the risk of quiet quitting in current employees, keep in touch with former employees and find out what made them leave the company. Their insight can help you improve culture for current employees and reduce further resignations. Deal suggests conducting thorough exit interviews with employees who leave the company and reaching out six months later to assess their experience at their new job if they have one. This six-month communication opportunity can be the route back to the former workplace for some employees. If an employee expresses dissatisfaction at their new job and an interest in returning to your company, see what you can do for them. Employees who left your company on good terms, and later want to return to their old jobs, are called boomerang employees, and they can be very beneficial to your company. ... But beware: some employees may hesitate to ask for their old jobs back. They might fear a response from former colleagues who were unhappy at their departure, or they might be concerned about an employee they didn't like who is still in the business. But if you're lucky, this is an opportunity to have excellent talent return to your company.

DevOps Is Dead. Embrace Platform Engineering

Developers don’t want to do operations anymore, and that’s a bad sign for DevOps, at least according to this article by Scott Carey and this Twitter thread by Sid Palas. ... When developers in teams don’t agree on the extent to which they should, or can, do operations tasks, forcing everyone to do DevOps in a one-size-fits-all way has disastrous consequences. The primary consequence is the increasing cognitive load put on developers. This has forced many teams to reconsider how they balance the freedom that comes from developer self-service with mitigating cognitive load through abstraction. Both are necessary: Self-service capabilities are essential to moving quickly and efficiently. ... Platform engineering uses a product approach to enable the right amount of developer self-service and find the right level of abstraction for individual organizations and teams. Successful platform teams combine user research, regular feedback and marketing best practices to understand their developers, create a platform that solves common problems and get internal buy-in from key stakeholders.

SEO poisoning campaign directs search engine visitors from multiple industries to JS malware

Deepwatch came across the campaign while investigating an incident at a customer where one of the employees searched for “transition services agreement” on Google and ended up on a website that presented them with what appeared to be a forum thread where one of the users shared a link to a zip archive. The zip archive contained a file called "Accounting for transition services agreement" with a .js (JavaScript) extension that was a variant of Gootloader, a malware downloader known in the past to deliver a remote access Trojan called Gootkit but also various other malware payloads. Transition services agreements (TSAs) are commonly used during mergers and acquisitions to facilitate the transition of a part of an organization following a sale. Since they are frequently used, many resources are likely available for them. The fact that the user saw and clicked on this link suggests it was displayed high in ranking. When looking at the site hosting the malware delivery page, the researchers realized it was a sports streaming distribution site that based on its content was likely legitimate. 

Quote for the day:

"Open Leadership: the act of engaging others to influence and execute a coordinated and harmonious conclusion." -- Dan Pontefract

No comments:

Post a Comment