Daily Tech Digest - June 24, 2023

Technologists Want to Develop Software Sustainably

Ingrid Olson, principal with application security at Coalfire, explains organizations such as the Green Software Foundation can help educate and unite developers interested in learning more about green development practices. "In the right economy developers can also 'vote with their feet' by seeking out employment with companies that advocate for more environmentally sustainable development practices," she says. She adds everyone is a stakeholder either directly or indirectly in the effort to create more sustainable software development practices. "In addition to the environmental benefits of green software development, in the long term there are also a lot of potential financial benefits from development practices that result in reduced carbon emissions," Olson says. ... Tegan Keele, KPMG US climate and data technology leader, explains software that includes complex computational models, like AI and ML, typically require more computing "horsepower" to develop, test and run. "The more intensive that process, the greater proportion of a data center’s computing power that process takes up," he says.

Shift in Sprint Review Mindset: from Reporting to Inclusive Ideation

It's useful to remember that our brains are wired to expect things based on what we've experienced before: it's extremely helpful when the situation is similar, but it can also prevent us from being open to new but important nuances. The new corporate language, certain experiences and time spirits should be learned. There may be times when your attention can make a big difference. For example, you may share a seemingly mundane suggestion in a meeting, only to notice a distinct shift in the atmosphere of the room. It's like walking into a bad neighborhood in a new country and instinctively feeling like an outsider. The level of danger is different, of course, but in both cases it's important to investigate and learn from these new experiences. Therefore, like a seasoned traveler, change agents should be extremely open-minded and strive to understand the culture they're entering, while not blending in and staying true to their values and beliefs. It's important to understand the value and function of the current Sprint Review processes, while resisting "it won't work in our environment" and other skepticism. 

The Rise of Developer Native Dynamic Observability

Dynamic observability comes to address and solve these challenges. Basically, as opposed to static logging, with dynamic observability developers enjoy end-to-end observability across app deployments and environments directly from their IDEs. This translates into reduced MTTR, enhanced developer productivity and overall cost optimization since developers debug and consume logs and telemetry data where and when they need it rather than monitoring everything. Dynamic observability has emerged as a pivotal approach in modern software development, enabling teams to gain deep insights into system behavior and make informed decisions. It goes beyond traditional testing and monitoring methodologies, offering a comprehensive understanding of system patterns, strengths and weaknesses. ... Dynamic observability represents a paradigm shift in software development, enabling developers to gain a detailed understanding of system behavior and make informed decisions. Using tools and practices that go beyond traditional testing, it empowers teams to create robust and reliable systems.

Monolithic or microservices: which architecture best suits your business?

In the monolithic world, you’re dealing with one single codebase. The simplicity of this model makes it a great choice for small-to-medium-sized applications. But, as the business grows, so do the challenges. Every change, no matter how small, requires a full redeployment. Scaling particular functions can turn into a headache, with these slowing down your go-to-market speed and impacting your responsiveness. On the other hand, the microservices approach works like a small, self-contained team that collaborates, but can also work independently. This architecture gives you the flexibility of scaling, updating, and deploying each service independently — great for scalability, but with added complexity. Imagine trying to coordinate different teams spread out around the world, each with its own time zone and function. Managing microservices is a bit like that. Choosing the right architectural style isn’t just about handling the technology stack, it’s about aligning your tech with your business strategy. 

Microsoft slammed for hitting European cloud users with ‘unfair, additional’ charges

The issue can be traced back to a Microsoft licensing-related policy change in 2019 that stopped customers from deploying on-premise Office 365 licenses on third-party infrastructure. According to the report, this move may have generated an estimated €560m in first-year license repurchase costs for European enterprises. “An additional surcharge of €1bn, relating to licensing surcharges imposed on non-Azure deployments of SQL Server, may further be attributed to the policy change,” said the report. “If this Microsoft tax equals €1bn per year for just one product among potentially hundreds, the overall cost to the European economy as it looks to move enterprise and productivity computing to the cloud must be estimated to be significantly higher.” It goes on to make the point that this additional spend is money that could be used to accelerate the pace of digital transformation for European enterprises and, in the case of the public sector, this is taxpayers’ money that is being “unfairly diverted to already-dominant players”.

Making Better Data-Informed Decisions to Navigate Disruptions

Traditionally, companies have managed risks across domains that, while often volatile, were nevertheless limited in scope. Market dynamics, disruptive technology, and regulatory risks can change dramatically quarter to quarter, for example, but business leaders often rely on several key assumptions about broader global trends. However, the events of recent years have made manifest that business and political leaders can no longer rely on these assumptions. A lingering pandemic and its impacts have drawn into question traditional supply chain and risk management approaches. Social and political concerns have introduced new regulatory risks to businesses across industries. Global economic uncertainty lingers. Climatic risks require business to reconsider both their current supply chain strategies and long-term geographic footprints. Finally, geopolitical risks—including war and sanctions —and the uncertainty of some international agreements have upended traditional assumptions about the security of long-term investments

Six skills you need to become an AI prompt engineer

Prompt engineering is fundamentally the creation of interactions with generative AI tools. Those interactions may be conversational, as you've undoubtedly seen (and used) with ChatGPT. But they can also be programmatic, with prompts embedded in code, the rough equivalent of modern-day API calls; except, you're not simply calling a routine in a library, you're using a routine in a library to talk to a vast large language model. Before we talk about specific skills that will prove useful in landing that prompt engineering gig, let's talk about one characteristic you'll need to make it all work: a willingness to learn. While AI has been with us for decades, the surge in demand for generative AI skills is new. The field is moving very quickly, with new breakthroughs, products, techniques, and approaches appearing constantly. To keep up, you must be more than willing to learn -- you must be voracious in learning, looking for, studying, and absorbing everything you possibly can find. If you keep up with your learning, then you'll be prepared to grow in this career.

Author Talks: Create your ‘reinvention road map’ in four easy steps

The first step, the search, is fascinating. This is when you are collecting information, collecting experiences. What’s key about it is that most people don’t realize it’s unintentional. This is the stuff that is going to take you to your transition, to your reinvention, but you don’t know it at the time. For career people, maybe it’s a side hustle or just a random interest, a hobby. That’s the search. The second step is the struggle. The struggle is where you have disconnected, or you’re starting to disconnect, from that previous identity, but you have not figured out where you are going. It’s really uncomfortable, and we don’t like to talk about it. When we tell these reinvention stories, we tend to skip over this part. But it’s incredibly important, as the struggle is where all the important work gets done. The struggle often doesn’t end until you hit the third step, the stop. The stop might be something that you initiate: for example, I quit my job. But it may be something imposed on you—for example, you lose your job. Or it could be a trauma, like a divorce or an illness in the family or a pandemic. 

6 strategic imperatives for your next data strategy

In many industries, depending on how your customers consume and extract value from your products and services, your data can be monetized across multiple layers in the tech stack, from raw data itself and data with various forms of post-processing applied for added insights, to data consumed via visualization and analytics tools, and data consumed via industry applications such as digital twins. In the architecture, engineering and construction (AEC) industry, for example, these scenarios might include geospatial data like aerial imagery offered directly via an ecommerce-enabled website, drone-based photogrammetry of roadways and bridges with AI-enabled defect analysis, like Manam, traffic congestion data visualized via a GIS platform, like Urban SDK, or EV charging data provided by a live digital twin. ... Look for opportunities to combine your own data with third-party data, including open data, where applicable, for added value and for tools that support data ingestion, transformation, and integration to feed into a variety of analysis tools including GIS and digital twins.

China-sponsored APT group targets government ministries in the Americas

The campaign ran from late 2022 into early 2023. It also targeted a government finance department in a country in the Americas and a corporation that sells products in Central and South America. There was also one victim based in a European country, according to the report. ... Graphican can create an interactive command line that can be controlled from the server, download files to the host, and set up covert processes to harvest data of interest. This technique was used earlier by the Russian state-sponsored APT group Swallowtail in a campaign in 2022 to deliver the Graphite malware. “Once a technique is used by one threat actor, we often see other groups follow suit, so it will be interesting to see if this technique is something we see being adopted more widely by other APT groups and cybercriminals,” Symantec said in its report. Flea has been in operation since at least 2004. Initially, it used email as the initial infection vector, but there have also been reports of it exploiting public-facing applications, as well as using VPNs, to gain initial access to victim networks. 

Quote for the day:

"A sense of humor is part of the art of leadership, of getting along with people, of getting things done." -- Dwight D. Eisenhower

No comments:

Post a Comment