Daily Tech Digest - December 17, 2022

Innovation vs. execution: You have to have both

Innovation requires a major marketing commitment. Humans don’t like change, but there’s no way to innovate without introducing change. You have to convince potential buyers that the benefits of the change are worthwhile. If you don’t, you could have the best product around and still falter in the market. Take the Microsoft Zune, for example. It was far more innovative than the iPod at the time. It was more robust, played video, allowed for legal music sharing, and it came in colors. But Microsoft didn’t market those differences, the design was less attractive, The Zune required a subscription, and getting video to work was … problematic. Microsoft fixed the execution problems made the Zune better looking, got video to work, and even made the subscription more compelling. But it cut back on marketing and lost even the fans it had. Innovation needs both execution and marketing to make a difference – and that the most innovative products have the highest execution and marketing needs. Tesla is popular because it hit a niche otherc armakers didn’t take seriously, the ecologically conscious buyer. And its unique vehicle (and strong customer advocacy) allowed it to take market leadership.

The Key Role of Citizen Developers in Creating Digital Transformation

Citizen developers have the potential to create meaningful DX without any of these burdens. They are only interested in the core definition of DX, making things work better, faster, less expensively to help people do a better job and enjoy doing it much more. Since they always start from the processes already in use, citizen developers can be more targeted more accurately than their code-cutting counterparts. New hardware, software, or infrastructure are only considered part of the initiative occasionally. In many cases, the end-product from an IDE may ideally suit the need and be used as-is. In worst case, the resulting program is given to the professionals to expand upon, meaning they get a head-start on development. It's based on deep knowledge of the user community, and it's already partially baked! Developers need spend much less time in discovery and development. Forrester suggests that this partnership approach, first citizen developer then professional developer, has "the potential to make software development as much as 10-times faster than traditional methods."

Why Employee-Targeted Digital Risks Are The Next Frontier Of Enterprise Cybersecurity

Employee-Targeted Digital Risk represents the threat surface of attacks that come to the enterprise via the team’s personal devices, personal accounts and digital lives. These attacks take a variety of forms, but what they have in common is that they circumvent the extensive cybersecurity controls companies have in place by targeting accounts and devices outside the company’s purview and then using that access to move laterally to company systems and data. Sometimes these incidents start with a specific target company, and bad actors will identify a vulnerable employee. In other cases, these incidents start with vulnerable or exposed personal data, and target companies are chosen opportunistically. We in the industry have been speaking on this extensively for several years—for example, Martin Casado of Andressen Horowitz dug into this problem in 2019 in The New Attack Surface is Your Life, and my company and Strategy of Security collaborated on a recent whitepaper—but only recently has the threat surface become more talked about. 

Microservices Deployment Patterns

In many cases, microservices need their own space and a clearly separated deployment environment. In such cases, they can’t share the deployment environment with other services or service instances. There may be a chance of resource conflict or scarcity. There might be issues when services written in the same language or framework but with different versions can’t be co-located.In such cases, a service instance could be deployed on its own host. The host could either be a physical or virtual machine. In such cases, there wouldn’t be any conflict with other services. The service remains entirely isolated. All the resources of the VM are available for consumption by the service. It can be easily monitored. ... In many cases, microservices need their own, self-contained deployment environment. The microservice must be robust and must start and stop quickly. Again, it also needs quick upscaling and downscaling. It can’t share any resources with any other service. It can’t afford to have conflicts with other services. It needs more resources, and the resources must be properly allocated to the service.

Are robots too insecure for lethal use by law enforcement?

The law enforcement agency argued that the robots would only be used in extreme circumstances, and only a few high-ranking officers could authorize their use as a deadly force. SFPD also stressed that the robots would not be autonomous and would be operated remotely by officers trained to do just that. The proposal came about after the SFPD struck language from a policy proposal related to the city’s use of its military-style weapons. The excised language, proposed by Board of Supervisors Rules Committee Chair Aaron Peskin, said, “Robots shall not be used as a use of force against any person.” The removal of this language cleared the path for the SFPD to retrofit any of the department’s 17 robots to engage in lethal force actions. Following public furor over the prospects of “murder” robots, the Board of Supervisors reversed itself a week later and voted 8-3 to prohibit police from using remote-controlled robots with lethal force. The supervisors separately sent the original lethal robot provision of the policy back to the Board’s Rules Committee for further review, which means it could be brought back again for future approval.

Why Memory Allocation Resilience Matters in IoT

After all, modern computers, tablets, and servers count so much space that memory often seems like an infinite resource. And, if there is any trouble, a memory allocation failure or error is so unlikely that the system normally defaults to program exit. This is very different, however, when it comes to the Internet of Things (IoT). In these embedded connected devices, memory is a limited resource and multiple programs fight over how much they can consume. The system is smaller and so is the memory. Therefore, it is best viewed as a limited resource and used conservatively. ... In modern connected embedded systems, malloc is more frequently used and many embedded systems and platforms have decent malloc implementation. The reason for the shift is that modern connected embedded systems do more tasks and it is often not feasible to statically allocate the maximum required resources for all possible executions of the program. This shift to using malloc actively in modern connected embedded systems requires more thorough and systematic software testing to uncover errors.

Artificial Intelligence could steal your restaurant job. Here's how

AI-powered voice bots such as Tori will join other tech used in quick-service restaurants. Tori is a front-of-house "employee," but other robotic restaurant workers cook, clean, and serve food. Robotics and AIs in the food industry are a direct result of a crippling labor shortage, as restaurants around the country have hundreds of thousands of fewer employees than they did two years ago, according to the US Labor Department. Other uses for AI in the restaurant industry include leveraging AI-powered vision to monitor drive-thru efficiency. Companies like Plainsight offer their services to help restaurants mitigate lost revenue due to customers leaving the drive-thru because of long wait times. ... AI can also help restaurants reduce waste, which helps decrease food costs and the burden of food waste on the environment. Companies such as Winnow deliver AI-powered software to help restaurants decrease their food waste. The technology specialist created a kitchen tool called Winnow Vision, which monitors what food is thrown in the trash and automatically collects that data. It uses that information to notify kitchen staff about how much of what food is being wasted throughout the day.

New AI Bot Could Take Phishing, Malware to a Whole New Level

Since the cybercrime market for ransomware as a service is already organized to outsource malware development, tools such as ChatGPT could make the process even easier for criminals entering the market. "I have no doubt that ChatGPT and other tools like this will democratize cybercrime," says Suleyman Ozarslan, security researcher and co-founder of Picus Security. "It's bad enough that ransomware code is already available for people to buy off the shelf on the dark web. Now virtually anyone can create it themselves." In testing ChatGPT, Ozarslan instructed the bot to write a phishing email, and it spat out a perfect mail within seconds. "Misspellings and poor grammar are often tell-tale signs of phishing, especially when attackers are targeting people from another region. Conversational AI eliminates these mistakes, making it quicker to scale and harder to spot them," he says. While the terms of service for ChatGPT prohibit individuals from using the software for nefarious purposes, Ozarslan prompted the bot to write the phishing email by telling it the code would be used for a simulated attack.

California’s finance department confirms breach as LockBit claims data theft

California’s Department of Finance has confirmed it’s investigating a “cybersecurity incident” after the prolific LockBit ransomware group claims to have stolen confidential data from the agency. The California Office of Emergency Services (Cal OES) in a statement on Monday described the threat as an “intrusion” that was “identified through coordination with state and federal security partners.” The statement did not provide any specifics about the nature of the incident, who was involved or whether any information had been stolen. The California Department of Finance did not respond to TechCrunch’s questions prior to publication. “While we cannot comment on specifics of the ongoing investigation, we can share that no state funds have been compromised, and the department of finance is continuing its work to prepare the governor’s budget that will be released next month,” the statement said. While state officials remain tight-lipped about the incident, the notorious LockBit ransomware gang on Monday claimed responsibility for the attack.

Why diversity and inclusion matter for technology

There are ways in which technology firms can help improve their diversity and inclusion. Jinny Mitchell-Kent, chief operating officer at digital agency Great State, believes more needs to be done to encourage applications from different groups in the first place. “Considering where we market roles, what language we use in our job descriptions and what our hiring process is like can facilitate receiving more diverse candidates,” she says. “For example, neurodivergent people may be more receptive to an online job advert that is not on a hugely colourful background with lots of moving components.” Training existing staff can also help to ensure individuals avoid unconscious bias and become advocates for change, believes Suki Sandhu OBE, CEO and founder of diversity consultancy INvolve and executive recruiter Audeliss. “Training and workshops are critical to contextualise issues surrounding race, gender and LGBTQ+ communities within a workplace, and provide employees with a deeper understanding of diversity and inclusion’s importance and their role in driving action,” he says.

Quote for the day:

"Leadership matters more in times of uncertainty." -- Wayde Goodall

No comments:

Post a Comment