Daily Tech Digest by Kannan Subbiah

June 10, 2014

“It Depends” and “I Don’t Know”
Just like Croesus, contemporary decision makers crave certainty. Executives are frequently called upon to synthesize multiple viewpoints, many of which may be outside their area of expertise, into a coherent decision. An expert’s opinion of what’s “right” can be a seductive thing. Likewise, technologists are often uncomfortable with ambiguity, and rightly so. Implementing contradictory requirements is difficult, to say the least. Uncertainty, however, is a fact of life. Pretending that it does not exist is neither honest, nor effective. Picking a number without any basis in reality does not serve to eliminate it. In fact, elimination of uncertainty is a fool’s errand. As Tom Graves stated in “Who will lead us out of our uncertainty”:

Salesforce.com: Let's Build Apps For Wearables
The heart of Salesforce Wear is a collection of open-source reference apps -- called the "Salesforce Wear Developer Pack" -- that helps developers build wearable apps that connect to the company's Salesforce1 mobile app platform. The "reference apps" provide examples of how Salesforce built apps for the aforementioned wearable device types. The company makes the code open source for developers to learn from and then use to build their own enterprise apps. It's no secret at this point that wearable devices are popping up quickly and creating new ways for businesses to connect with customers and employees. Research firm IHS predicts that roughly 50 million wearable units will be sold in 2014, and more than 180 million are predicted to sell in 2018.

Facebook Adds Another 9 to HBase Availability
To improve HBase’s availability, Facebook developed HydraBase, which offers a fairly thorough re-architecting of a typical HBase topology. As the Facebook engineering team explains in a recent blog post, HydraBase provides higher availability (from 99.99 percent to 99.999 percent), greater data consistency, and faster failover times than the master-slave replicated setup. The technology is able to do this, without expanding the storage footprint, by effectively “decoupling” the logical and physical replication in HBase, Facebook says. “Instead of having each region being served by a single region server,” the Facebook engineering team writes, “in HydraBase, each region is hosted by a set of region servers.

Ten Technology Opponents You Can Beat
The Wild West is upon us again. We live in a world where new threats pose to cause harm in ways most of us never dreamed possible. Most of us know to look before crossing the street, beware of parking lot sales people, and watch out for bait-and-switch tactics. However, it's time for our society to adopt a new set of street smarts - technology skepticism. Blindly trusting electronic resources, connectivity, or services puts our identities, finances, and privacy at risk. It's time to pay attention and take precautions, and we're going to show you what you're up against and what you can do about it.

Designing Connections
No one disputes that new technologies, including the ubiquitous Internet and World Wide Web along with social media, have changed our lives and how we work and play. Most people who use these technologies can point to many positive things that have resulted. What we tend not to focus on, though, is the primary downside of our digital connectivity. While we’re all busy using our various devices, doing everything from finding a restaurant nearby to sharing an experience we’ve had with acquaintances to working from home and thus avoiding contributing to a clogged highway, we may also be separating ourselves from direct human contact. And that may exact a severe price on society.

Data Analytics: Reaping the Data Dividend
To be sure, realizing the full potential of this data dividend will require that financial institutions no longer settle for status quo. Instead, they can look to cloud-based, big data analytics as a viable solution. Rather than deploying costly, on-premise compute grids that are left unused much of the time, cloud-based computing resources offer flexible, high-performance computing capabilities that give financial institutions the context they need to deal with emerging risks appropriately. These same solutions can be used to harness new streams of data and the capabilities of machine learning and cloud-based analytics tools, ensuring banks that their "single source of truth" is informed by all of the data available within the organization, rather than merely relying on data within a particular line of business.

Are You Measuring Your Security Program’s Effectiveness?
Although measuring different security processes and activities in isolation can be useful, a more important aspect of performance is measuring the relationships between different processes and recognizing how they align with your overall security strategy to form a defense-in-depth. As your security metrics mature, key risk indicators (KRIs) and key performance indicators (KPIs) should be established by leveraging data gathered from various sources and then represented in spreadsheets, dashboards and custom tools built on industry recognized frameworks.

Confronting an Employee Over Email? 5 Tips for Doing it Right
Confrontation (especially work confrontation) is never fun for anyone. But even more uncomfortable than trying to say something unpleasant to someone’s face is trying to express those feelings over email. As the co-founder of a completely virtual organization that has more than 120 contributors all over the world, I’ve had my fair share of awkward confrontation emails. So, what should you do if you find yourself in an emailing predicament? Here are a few tips.

Continuous monitoring key to retail cyber security, says Ponemon
Failure to scan for databases, said Sabo, could also result in failure to identify improper segmentation of networks in contravention of PCI DSS. “Continuous monitoring at the database tier is essential because the perimeter can no longer be trusted and organisations need to know what is going on in their core networks,” he said. Database encryption was recommended by 49% of respondents, while chip and pin technology for payment cards was supported by 45% and data leak prevention technology by 39%, only 18% mentioned IT staff education. Despite these insights and changes in technology and threats, organisations continue to allocate the bulk of their budget (40%) to network security.

Video Lesson Introducing Scrum and Agile
The video lesson Scrum fundamentals by Tommy Norman is a downloadable training which gives an introduction to agile software development using Scrum. In the lesson Tommy explains all the basics from Scrum like the roles, artifacts, and events, and explains how they can be used by teams. He also provides insight into the history of agile and the agile values and principles. InfoQ interviewed Tommy about why he made this introduction training, the roles, artifacts and events of Scrum, User Stories and collaboration in teams, and on-line resources where people can learn more about agile.

Quote for the day:

"Time is the scarcest resource and unless it is managed nothing else can be managed." -- Peter Drucker

June 09, 2014

IoT, IPv6 Coming To The Connected Home
The only current shortcoming to IPv6 is how slowly it's being rolled out, but I see this changing. The latest World IPv6 Launch measurements published by the Internet Society (ISOC) show an increase in network operator deployment. For example, Comcast is currently at 28%, about 10 times its rate from a year ago. As service providers bring IPv6 connectivity to the home, users need to make sure the appliances and other devices they buy are capable of using IPv6 as a transport. Your service provider might not be supplying IPv6 yet, but it will soon. Make sure that shiny new connected device won't become a paperweight when IPv6 is brought to your house.

Optimism, pessimism, and fatalism — fault-tolerance, Part 2
Finally, let’s consider fault-tolerance within a single long-running job, whether that’s a big query or some other kind of analytic task. In most systems, if there’s a failure partway through a job, they just say “Oops!” and start it over again. And in non-extreme cases, that strategy is often good enough. Still, there are a lot of extreme workloads these days, so it’s nice to absorb a partial failure without entirely starting over.Hadoop MapReduce, which stores intermediate results anyway, finds it easy to replay just the parts of the job that went awry; and Spark, which is more flexible in execution graph and data structures alike, has a similar capability.

Why I’m Betting on Julia
Normally I use one language to make something work, and a second language to make it fast, and a third language to make it scream. This pattern is fairly common. ... Julia's only drawback at this point is the relative dearth of libraries — but the language makes it unusually easy to interface with existing C libraries. Unlike with native interfaces in other languages, you can call C code without writing a single line of C, and so I anticipate that Julia's libraries will catch up quickly. From personal experience, I was able to access 5K lines of C code using about 150 lines of Julia — and no extra glue code in C.

Using Tools to Create Mobile Apps Quickly
With the shift comes a need for speed, but not so much so that security and performance requirements suffer. How to maintain the balance between rapid delivery and quality assurance falls to the testing teams. Into the fray comes cloud-based testing efficiencies. Our next innovation case study interview therefore highlights how Perfecto Mobile is using a variety of cloud-based testing tools to help its developers rapidly create the best mobile apps for both enterprises and commercial deployment. BriefingsDirect had an opportunity to learn first-hand how rapid cloud testing begets better mobile development when we interviewed Yoram Mizrachi, CTO and Founder of Perfecto Mobile, based in Woburn, Mass.

Sensitivity Analysis in Multiple Imputation for Missing Data
This paper reviews the concepts of multiple imputation and explains how you can apply the pattern-mixture
model approach in the MI procedure by using the MNAR statement, which is new in SAS/STAT® 13.1.
You can specify a subset of the observations to derive the imputation model, which is used for pattern
imputation based on control groups in clinical trials. You can also adjust imputed values by using speciﬁed
shift and scale parameters for a set of selected observations, which are used for sensitivity analysis with a
tipping-point approach.

Supercomputer passes Turing Test by posing as a teenager
The event has been labelled as "historic" by the organisers, who claim no computer has passed the test before. "Some will claim that the Test has already been passed," said Kevin Warwick, a visiting professor at the University of Reading and deputy vice-chancellor for research at Coventry University. "The words Turing test have been applied to similar competitions around the world. However, this event involved the most simultaneous comparison tests than ever before, was independently verified and, crucially, the conversations were unrestricted.

XPocalypse, not now
Fossen's thesis -- that cyber criminals would "bank" Windows XP vulnerabilities and put them to use onlyafter April 8, 2014 -- was not his alone. Microsoft believed it, too. Several times in the last 12 months, the Redmond, Wash. company warned Windows XP customers to get the lead out, ditch the creaky, leaky OS or face a certain surge in attacks. The most notable was in October 2013, when Tim Rains, director of Microsoft's Trustworthy Computing group, cited statistics from the firm's own telemetry to suggest that post-retirement Windows XP malware infection rates could jump dramatically. So far, nothing.

UK's financial services 'at risk' without greater effort on cybersecurity
According to a report published by the BBA and PwC, seen by The Telegraph, 93pc of large organisations suffered security breaches in the past year, and seven in 10 banking chief executives see cybersecurity as a key risk to growth. British financial companies spent £700m on cybersecurity last year, the document says. “Many BBA members participate in sector and cross-sector collaboration initiatives, however some do not and this needs to change,” the report says. “Though this can be in part explained by the sensitivities of some of the issues, there is also an element of lack of awareness and cultural resistance.

A new approach in luring top tech talent: a streamlined hiring process
Getting managers to hone in on a candidate's necessary background helps recruiters better understand what type of person the business needs and allows them to identify the right people up front. "There are some managers who really need to get in the thick of it and start interviewing candidates before they have that moment when they say 'I thought I need these five things, but now I only need three of those, but there's another piece I need instead," said Gaines. Defining a job's vital skills before the talent search starts can avoid looking for an IT worker who may not exist, said Gaines. For instance, finding a Windows engineer who is a technical project manager and .Net expert would prove challenging, he said.

Upsurge in hacking makes customer data a corporate time bomb
"Information has become toxic for retailers because the more they have, the bigger a target they become," said Lamar Bailey, security researcher at IT security firm Tripwire. "The ongoing rash of attacks brings into question what information an organisation should be keeping." U.S. retailer Target ousted its CEO Gregg Steinhafel in May after the firm said foreign hackers had stolen up to 70 million items of customer data including some PIN numbers late last year. Industry watchers said purchases on its website dropped noticeably in the run-up to Christmas with the breach also sparking lawsuits and official investigations.

Quote for the day:

"The businesses and creative people I'm fascinated by have something in common: failure." -- Mad Men's Matthew Weiner

June 08, 2014

How Google Could Disrupt Global Internet Delivery by Satellite
It isn’t clear what model Google and O3b might pursue. But O3b’s satellites already offer a superior and cheaper way to deliver high-speed Internet than conventional satellite services. Satellite Internet is traditionally provided by geostationary satellites that stay over a given point on Earth. These satellites orbit at 35,000 kilometers—often adding a 600 millisecond delay to the radio signals going back and forth. Such a delay is generally considered excessive for business use. O3b satellites orbit at a relatively low altitude of about 8,000 kilometers, and the company says this means a more-tolerable 150-millisecond delay coverage to latitudes up to 45 degrees north or south of the equator, a swath of territory inhabited by 70 percent of the world’s population.

The Internet of (Secure) Things – Embedding Security in the IoT
In today’s current environments, attempts to continuously monitor enterprise security are challenged to track their current assets, which for large organizations number in the hundreds of thousands. The IoT will multiply those assets by a million or more. Today those assets are built on a variety of platforms and operating systems; the software is rarely patched and their communications are not secured. We’ve already seen examples of exploits of these systems – automobile telematics, pacemakers, smart TVs, and more. Science fiction depicts the worst of these scenarios in movies like “Terminator” or “The Matrix”, with machines taking over the world.

The Brain Hacks Top Founders Use to Get the Job Done
“So much of what we feel is instinctual, and we don’t know how to identify it," Verresen says. "If you’re a founder or a manager and you really track your physical sensations, you’d realize that you probably spend most of your time in ‘fight or flight’ mode.” Humans needed this high-adrenaline setting when we were still part of the food chain. Now it surfaces in board meetings, product releases, whenever a threat is “perceived” even if there isn’t one. “The thing about ‘fight or flight’ is that it burns through our energy without us even knowing it,” she says. This is why preserving physical energy where you can is crucial.

Serious vulnerabilities in the Linux kernel, upgrade it now!
A new series of vulnerabilities in Linux Kernel allows an attacker to lead DoS and privilege escalation attack, Debian urges upgrades for Linux users. Numerous security flaws have been discovered and fixed in the Linux kernel, patch management for these vulnerabilities is critical to avoid that attackers could have led to a denial of service or privilege escalation. Debian yesterday issued a new security update to warn its Linux users about the presence of new vulnerabilities that could be exploited for the above reasons. The vulnerabilities are: CVE-2014-3144 ; CVE-2014-3145 ; and CVE-2014-3153

Internet of Things: it's all coming together for a tech revolution
Already tech giants are getting involved, viewing this as a logical progression from the personal computer and smartphone races of previous decades. At its Worldwide Developers conference (WWDC)event last Monday, Apple introduced Homekit, an Internet of Things platform that will co-ordinate various third-party home automation accessories, allowing you to unlock your doors or turn on and off your lights via your iPhone. Google, too, demonstrated its interest by paying $3.2bn (£1.9bn) earlier this year to buy Nest Labs, a home automation company co-founded by the creator of the iPod. Already well known for its connected thermostats and smoke detectors, Nest is currently investigating a slew of other applications related to the home – everything from health tracking to security systems.

Microsoft’s “3-D Audio” Gives Virtual Objects a Voice
In a demonstration of the technology at Microsoft’s Silicon Valley lab, I put on a pair of wireless headphones that made nearby objects suddenly burst into life. A voice appeared to emanate from a cardboard model of a portable radio. Higher quality music seemed to come from a fake hi-fi speaker. And a stuffed bird high off the ground produced realistic chirps. As I walked around, the sounds changed so that the illusion never slipped as their position relative to my ears changed. That somewhat eerie experience was made possible because less than a minute earlier I had sat down in front of a Kinect 3-D sensor and been turned briefly to the left and right.

Colorado Rolls Out the Welcome Mat for Ride-Sharing Apps, Virginia Says No
Ride-sharing companies like Uber and Lyft typically take a rogue approach to launching in new cities by rolling out service first and asking permission later, or not at all. But regulators are asking the companies tons of questions. This week, officials in Colorado decided they were satisfied with the answers and legislatively authorized the operation of so-called Transportation Network Companies (a term first coined in California). But Virginia has decided that Uber and Lyft have no right to operate there, with the state Department of Motor Vehicles issuing both companies cease-and-desist letters.

The Original Sin of Software Metrics
"I wrote this article mainly to point out the original sin of software metrics and to break people away from the conception that “the metrics are good, people are doing it wrong, so more processes should be set up to make people comply with the metrics.” The end of the article has a feeble attempt to offer some solutions, but at the end of the day, it is about building a culture that taps into and nurtures intrinsic motivations, which is a topic I do not have enough experience to talk about. I hope this article has provided some basis for a discussion about management approaches in a creative industry such as software."

Google's secretive 3D-mapping project now has a tablet: here it is
This 3D-mapping technology is still considered bleeding-edge, but Lee envisions a day in which the enhanced sensing capabilities are expected in a device, much like Bluetooth is a fundamental feature in phones today. To get Project Tango where it is today, ATAP collaborated with a number of manufacturers and component suppliers to produce the necessary hardware, while universities and research labs contributed much of the software. Work in the 3D-mapping space has been ongoing for the last 20 years, but the challenge Tango tackles is condensing all that technology into a small enough device that consumers will want to carry around.

Robert Benefield on Business and Operations Collaboration
The biggest strategy I follow is I go through and say “what is the business value of these operational things?” So, say you want to improve monitoring, well, why do you want to improve monitoring, you usually want to improve monitoring so you can understand what’s going on and be able to respond more quickly to stuff. Well, why do you want to respond more quickly and know what’s going on? ... Well, because the customer might be impacted. A-ha! That’s something the business might be interested in and if you’re able to go through and say “look, today we missed things, it takes us longer to be able to respond to outages and problems that we have, it takes us longer to troubleshoot and if we get this we should see an improvement of x% or we should see our times improve in this following way.

Quote for the day:

"Do not let what you cannot do interfere with what you can do" -- John Wooden

June 07, 2014

Even Data-Driven Businesses Should Cultivate Intuition
The study found that 42 percent of respondents said they collect and analyze data as much as possible before making a decision, while an additional 17 percent said they approach decisions empirically by developing hypotheses and performing tests to prove or disprove them. In other words, 59 percent rely on data to help them make decisions. Of the remainder of respondents, 32 percent said they seek to collaborate on decisions as much as possible, while only 10 percent said they primarily rely on intuition to make decisions. "Despite the apparent popularity of data-driven decision-making, however, intuition is in fact valued highly," says Jane Bird, author of the EIU report.

Data Brokers Coming Under Scrutiny
“You may not know them, but data brokers know you,” warned FTC chairwoman Edith Ramirez. The FTC studied nine data brokers who collect personal information about consumers from a variety of sources. The data is then sold for a variety of purposes, including identity verification and product marketing. Five of the brokers examined sold marketing data while four others sold “risk mitigation products” used by clients to verify a customer’s identity or to detect fraud. Three brokers scrutinized by the agency operated “people search” websites. One concern, the FTC stressed, is that data brokers seldom interact with consumers and individuals are often unaware that personal data is being collected much less the details of industry practices.

Welcome to the era of big, bad open information. Context needed.
While it is true that we have access to more information than ever before, we are not experts on every subject. Thus, it is very difficult to digest it. My concern is that over-information the new way of hiding information. The best way to combat disinformation is to demand context for all data, the “fact-checking journalism” promoted by sites like Gapminder or Open Knowledge. Visualizing.org strives to make sense of issues through data and design with a collection site where designers and all sorts of organizations can upload and share open data sets. If we demand context and facts instead of dumb numbers, the biggest legacy of the internet of things will be a world that is more transparent and democratic.

New Colorado law seeks to protect patient record privacy
“We thought the statute was pretty clear—all prescription drugs and prostheses are tax exempt and the Department of Revenue doesn’t get to make a distinction,” McGihon said, adding that Botox has 19 therapeutic uses, including treatment for Bell’s palsy and migraines. “We then became aware that there are so many ways that the state accesses people’s medical records as multiple departments said ‘We need it for this, we need it for that,’” she said. “What the hell does a revenue officer know about a person’s medical history and what they need?” McGihon added that bill supporters worked with the Department of Revenue to “make sure the language of the bill was something they could live with.”

The 6 Of Best Small Business Accounting Software
As businesses come close to the midpoint of the second quarter, thoughts, actions and planning are being done by C-Level Executives as to what needs to be accomplished for the new fiscal year. Part of this involves capital expenditure planning, what kinds and types of new projects will be taken on, and how the financial budgets will shape out to be. For this latter task, having the right accounting software package in place, especially for the small to medium business. In fact, one of our previous articles examined the steps a small business owner should take in carefully selecting the right accounting software package to best fit their needs. In this article, we take out some of that hard work for you, and examine five accounting software packages which are available to the small and medium sized business today:

SAP® Best Practices for Data Migration – Hits and Misses
The migration templates are ‘programs’ or in SAP Data Services parlance ‘jobs’ that SAP Data Services executes. These jobs fall into multiple categories. One job category downloads SAP’s configuration tables into the staging area. The framework uses the downloaded configuration / lookup data to validate the data to be migrated. A second job category handles ETL of data into SAP. Tasks such as reconciliation of data loads, status checks and creation of staging area data stores are handled by other job categories. The framework also supports creation of SAP BusinessObjects™ Universes used for reporting on the progress of the data migration project.

Digital Business Is Not “Business As Usual”
The foundation of Digital Business is the Boundary-free Enterprise™, which is made possible by an array of time- and location-independent computing capabilities – Cloud, Mobile, Social and Data Analytics plus Sensors and APIs – with Integration as the glue to enable synergy and leverage business value. In becoming a Digital Business – whether a large enterprise traditionally on the buy side of technology, a software ISV in transition or a pure-play Cloud solution provider – this challenge is significant: how to implement a platform to support a Digital Business model and then keep pace with the ongoing pace of change. Saugatuck Technology research continues to indicate that too few enterprise Business and IT leaders fully understand the challenges and opportunities of Digital Business.

Finding a Home for the Chief Data Science Officer
With the CIO/CDSO reporting structure, there are two distinct disadvantages. First, a more centralized function might be too shallow to enable the CDSO to dredge deep enough into the problems, opportunities and data to surface solutions that make a meaningful difference. Moreover, the focus of the Data Science Office might end up being too technology focused and not business driven, which could discredit the initiative. The second choice is for the CDSO to report to the CFO. Concerned with the performance of different business and functional units, CFOs can be the natural owners of the data science functions. Like the CIO-CDSO reporting model, the CDSO will have access to the entire organization.

Techniques for Algorithm Animation Using JavaScript
In the early years of the web (1995-2003), Java applets were a popular option for implementing algorithm animation. To run applets, the web browser will normally utilize a plug-in that loads Java runtime. As they became more concerned with security risks, the majority of web users have become weary of using plug-ins including applets. JavaScript, on the other hand, is run directly by the browser inside a sand-boxed environment and with limited functionality so as to minimize security risks. With the advancement of client-side web technologies (HTML5 Canvas, SVG, CSS3, DOM, etc.), JavaScript has become a viable option for implementing algorithm animation.

Requirements for Becoming a Strategic Chief Risk Officer
Managing risk strategically has gained importance in financial markets as rising capital requirements and increased regulation force banks to structure their asset portfolios and manage their assets more carefully to maximize their return on equity (ROE). In most banks, optimizing risk – getting the highest return at any given level of risk – and managing risk more dynamically over a credit cycle requires a strategic CRO to lead the effort. Even so, in many organizations the office of the CRO doesn’t have the weight it needs to make such a difference. Here are the most important requirements for chief risk officers who want to transform a middle management job into something more strategic.

Quote for the day:

“You must be willing to give up what you are, to become what you want to be.” -- Orrin Woodward

June 06, 2014

Artificial Intelligence: A New Frontier in Data Center Innovation
Romonet’s modeling software allows businesses to accurately predict and manage financial risk within their data center or cloud computing environment. Its tools can work from design and engineering documents for a data center to build a simulation of how the facility will operate. Working from engineering documents allows Romonet to provide a detailed operational analysis without the need for thermal sensors, airflow monitoring or any agents – which also allows it to analyze a working facility without impacting its operations. These types of models can be used to run design simulations, allowing companies to conduct virtual test-drives of new designs and understand how they will impact the facility.

UK airports lead move to cloud services
The system, which goes live later this month, will allow the airport to refuel and restock aircraft far more rapidly, enabling the airport to increase the number of flights departing each hour by 10%. Gatwick is also using cloud technology to develop kiosks that will cut the time passengers spend dropping off a bag to just 45 seconds. The kiosks will take information from boarding passes on the passenger’s mobile phone, so passengers do not have to type in their flight details. Also, a collaboration with the website Skyscape could eventually allow passengers to book multiple connecting flights and train tickets on a single ticket from Gatwick.

Three Questions with the Man Who Designed Beats’ Headphones
If you break Beats down, I’d say there are three things that made it work. One, we redefined audio for a very important audience: a younger audience. We said, “We’re building these headphones to be tuned to your genre of music, by the people who make that music.” So we’re creating the value there. Then we redesigned the headphone. The headphone prior to that, when I looked at it, was kind of busy and mechanical and articulated, tied heavily to an audio culture instead of a fashion culture. So we completely rearchitected, made it more streamlined, more iconic; just better looking to wear.

BYOD Disasters to Avoid
A well thought-out BYOD program will take into account the many different regulations that govern privacy issues involving mobile devices. A program that fails to address these issues might be in for some trouble down the road. BYOD programs that aren’t kept up to date with current regulations may end up breaking the law. Privacy is always a serious issue with BYOD, especially since employees are using personal devices to access company information. Companies may wish to exert greater control over devices, but if policies go too far, they may end up infringing on employees’ rights, opening the company up to lawsuits.

Data science vs the hunch: What happens when the figures contradict your gut instinct?
"It's not an analysis versus intuition debate. There is a role of intuition in the process of analysis, which you might think of as sense-checking or comparing with your experience, that can help you make sense of the data," he said. ... According to Swabey, Humble has said he behaves exactly as the 57 percent does: if the data contradicts his intuition, he will reanalyse it. "That's not to say that [Humble] does not ultimately trust data generally but if it does contradict his intuition, then that is a possible sign that something has gone wrong with the collection, the analysis or the interpretation, or there needs to be more data to put that into context."

The Era of Data
When data gets free or inexpensive (as a result of commoditization), the opportunity exists to unite people over data sets to make new discoveries and build new business models. Many companies choose Hadoop because it is a cheap data storage. This entry point is the first step on the journey to the data operating system, a term that I heard three times during past five days, notably from Doug Cutting who brought to the world Hadoop the elephant and the data operating system. This year’s Hadoop Summit starts today. It brought together 3,000 people from 1,000 organizations.

Will enterprise mobile instant messaging overtake email?
So would employees of your company even use the enterprise-provided instant messaging option, or would they just use their native messaging platform or an app like Snapchat or Viber? This is the same argument as the one regarding company-offered productivity apps vs. someone’s personal productivity apps. As an enterprise, if you offer a tool that is easy to use and you provide the proper training, your employees will be more likely to use these tools. Sometimes, instant messaging does not fall under a guideline or policy, nor do users know if they are even using the company-provided tool.

Imposing Security
Of the three flaws, Heartbleed was by far the most significant. It is a bug in a program that implements a protocol called Secure Sockets Layer/Transport Layer Security (SSL/TLS), which is the fundamental encryption method used to protect the vast majority of the financial, medical, and personal information sent over the Internet. The original SSL protocol made Internet commerce possible back in the 1990s. OpenSSL is an open-source implementation of SSL/TLS that’s been around nearly as long. The program has steadily grown and been extended over the years.

On Adopting the Mindset of an Enterprise DBA
By adopting these four key strategies, the enterprise DBA is able to accomplish a great deal more work with far less effort, thus leaving them more time to focus on more important ,but less urgent, tasks. In many ways this becomes a virtuous cycle; by freeing up time from mundane yet laborious tasks, the DBA is able to spend more time on their toolset and automation, thereby lessening the manual labor involved in their daily work even more, which in turn leaves more time for automation: Lather, rinse, repeat. Conversely, by not adopting the enterprise mindset, we find ourselves in a vicious cycle of increasing amounts of urgent, but unimportant, work as the size of our environments increase.

Pentaho: don't get blinded with (data) science
According to Pentaho, "By slashing that time, those responsible for data analysis can devote more time to the 'value added' stuff and less time on boring (but important) administrative hygiene tasks and just get things done a lot faster." ... "Having built blueprints for the four most popular big data use cases, we know advanced and predictive analytics are core ingredients for success," said Christopher Dziekan, EVP and chief product officer at Pentaho. "The highest value of insight comes from having foresight blended with hindsight to drive insight and action. The Pentaho Data Science Pack allows organizations to apply their deep domain expertise and improve their customer analytics and predictions," he added.

Quote for the day:

“Think continally about what you want, not about the things you fear.” -- Brian Tracy

June 05, 2014

CIOs should 'leave innovation to marketing'
“Because technology and digitisation are so important, we will see more and more innovative ideas come from other parts of the business,” said CEB managing director Andrew Horne. “The idea that CIOs and chief digital officers will be the source of innovation does not make sense.” If the CEB is right, the role of the CIO will refocus on the less glamorous tasks of managing the IT infrastructure, while leaving innovation to other parts of the business. “One way of looking at it is that IT looks less exciting than it has in the past,” Horne said in an interview with Computer Weekly.

Geeks Versus Jocks: CIOs, Beware Your Culture
"Put simply, Google is not where we want to be when it comes to diversity, and it's hard to address these kinds of challenges if you're not prepared to discuss them openly, and with the facts." It isn't only about racial or gender diversity -- obviously, there are geeks of every gender and race. And it isn't that geeks are bad -- they're delightful (and I count myself among them, and I even write a weekly column dedicated to them). The issue is homogeneity. As Dougherty pointed out concerning jock culture, a single-minded culture destroys conversation, engagement, and innovation, and it sublimates the minority voices (of all types) in your company.

CISOs Look to Hire White Hat Hackers to Head Off Security Breaches
"One of the things I've noticed is the escalating need for security pros at all levels, especially in the last few years," Conrad says. "When the Web was young, security was a secondary priority, but as unscrupulous people found ways to exploit vulnerabilities, it moved quickly to the top of the list, and it has stayed there," he says. However, while the demand for highly skilled security pros hasn't lessened, the available talent pool has, especially among specialized talent like vulnerability testers, penetration testers and white-hat hackers, he says.

Turn to in-memory processing when performance matters
When an entire structured database needs to be repetitively queried -- as in many kinds of data exploration, mining and analysis -- it is beneficial to host the whole database in memory. Columnar analytical databases designed for business intelligence (BI) have optimized data storage formats, although often in some partially compressed state less suitable for high-volume transactional work. In the race to produce faster analytical insights, suitable in-memory options are evolving.

Data Discovery Is Not Business Intelligence
Data discovery is related to business intelligence but it is not the same task. Business intelligence is about a set of report templates that are standardized and repeatable. Even the ad hoc section of a business intelligence platform is run against a carefully constructed data set where users can seek answers to pre-defined questions. Data discovery is much more free form. Many times data discovery users don't actually know what questions they need to ask. Even if they did, users will often find something that will make them say, "Huh. That's interesting." In data discovery, users can use their initial question as a springboard into further free form analysis. This free form analysis and data discovery provides an opportunity for a user to have a conversation with the data.

Big data creates storage security headaches for CISOs
As principal analyst, Brian Lowans puts it: "Businesses have traditionally managed data within structured and unstructured silos, driven by inherent requirements to deploy relational database management systems, file storage systems and unstructured file shares." The arrival of big data and cloud storage environments is transforming the way in which data is stored, accessed and processed so chief information security officers (CISO) need to develop a data-centric security approach themselves. "Unfortunately this is not common practice today," Lowans said. Access to public cloud services and infrastructure further complicates this process due to the potential access by cloud service providers and security vendors, said Lowans.

Regaining the technology high ground – one blog post at a time
There is naivety though. People still don't really understand what it takes to keep big, complex systems going or to manage large-scale change. They are quick to point the finger of blame when things go wrong, or complain about not keeping up with the latest cool toys, but don't always appreciate what it takes to do that in the real world. In the face of these challenges, those in charge of enterprise technology are losing influence. IT staff are not seen as the world's enablers. Their skills are becoming less valued. Their influence in their organisations is diminishing. Rebranding doesn't help. Most people don't know the difference between a CTO and a CIO.

SSL After The Heartbleed
SSL is used today for encrypting communications sessions on the Web via websites, virtual private network, email, and instant messaging sessions. But most websites today do not use SSL -- or HTTP-S -- save for high-profile ones that include financial transactions or other sensitive traffic such as banks and retailers, for example. There are an estimated 3.3 million to 4 million SSL digital certificates in circulation on the public-facing Internet, according to a University of Michigan report. Cost isn't a major hurdle for adopting SSL, experts say. Computing power isn't as expensive as it once was, and SSL isn't that much pricier than pure HTTP: it costs about $150 per year or less for an SSL certificate, says Michael Klieman, senior director of product management at Symantec.

Don't make these virtual server management mistakes
While a virtual environment seems simple, it is an incredibly complex system to install, configure and manage. In a perfect world, we never see beyond that magic curtain because nothing ever goes wrong. Last I checked, we are not in a perfect world and things do go wrong, which means someone has to fix it. The technicians have to work with consultants and the vendor to find out what happened, a process where the more you know about what is behind the scenes, the better. It does not mean you have to be able to fix the issue yourself, but the ability to properly communicate the issue can become one of the key steps in getting your systems back online.

How Will the New Indian Government Impact Tech?
India’s IT industry is valued at more than $100 billion now. It took the industry 15 years to reach this milestone. But now, with Modi leading the show, the industry is expected to reach the $200 billion milestone within the next five years. One key factor behind this is of course the improving global economic outlook. But the real fuel is going to come from within. With increased investments in infrastructure, agriculture, water management, energy generation, eGovernance, health and education, there are going to be a lot more domestic jobs for tech players of all sizes. So there’s every possibility that while businesses will be trying to get jobs from the international market, the focus is going to shift to getting domestic projects.

Quote for the day:

"The best way to find yourself, is to lose yourself in the service of others" -- Gandhi

June 04, 2014

CSO: System logging a vital computer security tool
Where's the data that people are going to build that intelligence from? I still see system logging as a really interesting piece of it. At Tenable, we're pushing a strong continuous monitoring model: Being able to collect information about everything that's going on in your systems and your networks at all times. It's going to shorten your response time in the event of a breach. It's going to allow you to improve your security if you identify things that are going wrong. It's going to allow you to have a clue of how your systems and network are being used.

Java Foreign Function Interface
JEP 191 provides a Foreign Function Interface at the Java level, similar to JNA or JNR. It will allow easy access to native functions, and will manage native memory at the JVM level. It will also support a future JSR for a standard Java FFI. The Java FFI API can be used for implementing native-backed features like NIO, advanced file system metadata, and process management. Using the FFI API will be the preferred way to bind native code and memory, instead of JNI. JEP 191 does not include enhancements to JNI, although these may go into the JSR process. JNI is the current standard programming interface for writing Java native methods and embedding the Java virtual machine into native applications.

Intel wants your next PC to have no wires
Intel is also chasing wireless charging. Laptops and tablets will be able to recharge simply by putting them on tables or other surfaces, much like smartphones and tablets, Skaugen said. Intel is leading the development of new wireless charging specification that will support power delivery of 20 watts and more to enable magnetic resonance wireless charging of laptops. Skaugen showed a laptop being charged wirelessly when placed on a table. The screen got brighter as the laptop got closer to the table, indicating that the PC was being wirelessly charged. Skaugen also showed a Lenovo Yoga laptop with wireless charging.

Beyond Cortana: What artificial intelligence means for the future of Microsoft
Cortana is, at heart, a user experience for an artificial intelligence, as Lee says. "What the user sees is a UI that's intended to be like a personal assistant, built using the basic building blocks for natural interaction," he says. It's the AI behind it that's handling much of what it does — or rather, a series of different neural networks and rules engines that are the closest to AI we have today. They're designed to make inferences from your personal data, to be prescient (not creepy). It's here that Nadella's ambient intelligence comes in to play, As Lee asks: "Can we mine all the data we have access to, and then extract intelligence?"

The Amazon Model: If You Can’t Beat ’Em, Work with ’Em
Amazon has successfully employed the coopetition strategy in three distinct phases, the authors found, all of which had a significant impact on the company’s performance as well as the global book business. Following the introduction of the Amazon Marketplace, the second coopetitive rollout occurred in the spring of 2001. Though it initially began as an agreement with Borders—one of Amazon’s stiffest bricks-and-mortar rivals—to operate Borders’ online store, the platform gradually expanded to help many different retailers, including Netflix, through Amazon Services.

Google, in promoting encryption, calls out Microsoft and Comcast
The use of encryption has gained added attention since last year's leaks about U.S. government surveillance, prompting more service and software providers to promise customers they'll keep their data safe. Encryption is meant to scramble messages and other data so it can only be read by the sender and receiver. Google has been encrypting all Gmail messages by default since 2010. But encryption only works when it's supported by email providers at both ends of an exchange. In the figures it released Tuesday, Google said between 40 percent and 50 percent of all emails sent between Gmail and other providers during May were not encrypted in transit.

Apache Kafka: Next Generation Distributed Messaging System
Kafka is a fast, scalable, distributed in nature by its design, partitioned and replicated commit log service. Apache Kafka differs from traditional messaging system in: It is designed as a distributed system which is very easy to scale out; It offers high throughput for both publishing and subscribing; It supports multi-subscribers and automatically balances the consumers during failure; It persist messages on disk and thus can be used for batched consumption such as ETL, in addition to real time applications. In this article, I will highlight the architecture points, features and characteristics of Apache Kafka that will help us to understand how Kafka is better than traditional message server.

Heartbleed attack research shows risk to enterprise wireless networks
Not enough testing has been done on Cupid to know exactly what details could be exposed in the memory of vulnerable systems, Grangeia noted, but he speculated that the private key used for the TLS connection and the credentials used to authenticate the connection are likely to be compromised in such an attack. Grangeia did confirm that the default installations of wpa_supplicant, hostapd and freeradius are all exploitable via Cupid on systems running Ubuntu with a vulnerable version of OpenSSL. Android users running versions 4.1.0 and 4.1.1 with a vulnerable OpenSSL implementation may also be susceptible to Cupid, said Grangeia, because all versions of Android use wpa_supplicant to connect to wireless networks.

Facebook encrypts data links to hinder government intrusion
Getting encryption across Facebook was important, but not an easy task, Stefancik said. "We like encryption because it is mathematically strong, we understand its properties, it's easier to control, but that said, it is really hard to deploy. It's not like we wake up one morning and flip a switch. It has performance implications, there's still compatibility issues between devices," he said. But the benefits were good, and Facebook as a site was encrypted 100 percent on by default for all interactions with users as of last year, he said. Facebook has four teams responsible for security: technical security, security infrastructure, site integrity, and safety, but Stefancik said that everyone in Facebook was taught to keep security front and centre in mind.

Scalability from datacenter to IoT: Q&A with Intel
Actually our approach to IoT has been pretty interesting. When Brian Krzanich our CEO introduced the concept of IoT, we took two approaches - one is to go to the industry first which is our usual way, the other way was to introduce the concept to the open community. We are supporting the maker community with products like Galileo and Edison directly through the community. We have taken a completely different approach. This has opened up these products to innovations from different areas, from schools, from small system integrators, and from individuals.

Quote for the day:

"The real leader has no need to lead - he is content to point the way." -- Henry Miller

June 03, 2014

High availability strategy key to saving costs, says Sungard AS
Enterprises have to determine what apps are critical to their business. For airline companies, applications that deal with taking customer bookings and tracking pilot hours are most critical and need to be highly available, he said. But for retailers, it may be their website; and for financial service providers, it could be their trading desk apps, he said. “Businesses need to understand what apps are critical for them. It is not always the most obvious ones," he said. “They should also think about seasonal peaks. For instance, payroll apps run only once a month but, for that time-frame, availability of those apps are critical.”

Making the Clinical Data Warehouse Relevant Again
It's the "minimal transformation" part that reduces the overhead and complexity typically associated with data warehousing, Barlow says. Instead of reconciling every data element that's mapped to the model, Health Catalyst's approach sticks to the core elements. In turn, this lightens the data governance load that's typically necessary for an enterprise master patient index. "Having been exposed to a lot of data warehousing solutions, the successful ones need to be adaptive and agile," Barlow says. "The data models that are common in healthcare are incredibly dynamic and complex, so a platform needs to be able to adjust to that."

Samsung Pushes its Triple Level Cell SSD into Data Centers
Samsung plans to drive down SSD costs the way Intel and AMD drove down processor costs: by creating mass-produced consumer versions first, driving up production yields and driving down prices, then developing datacenter adaptations at competitive price points. That acceleration strategy is what put Intel one, then two, steps ahead of AMD in 2009, and Samsung is hoping for the same effect. While competitor Toshiba still sells its PX series SSDs with 24 nm multi-level cell NAND, Samsung is already mass-producing consumer SSDs based on its 19 nm TLC process. (Samsung marketing calls this its “10-nm class” process generation, though that’s probably jumping the gun a bit.)

The Big Data Dump: How Info-Hoarding Hinders Startups, Spy Agencies
"How much data is enough data?" de Vries said. "It's a lot less than what a lot of people think it is." In fact, some companies and analysts are pushing an idea that could be the next phase in the evolution of big data: small data. By that, they mean information that's not only more manageable, but accessible, immediate and can be acted upon today, not months down the road after a lengthy analysis. It's what Internet companies are accustomed to doing -- making many small, quick decisions based on real-time data.

Data Analytics as a Service: unleashing the power of Cloud and Big Data
In order to validate the base concepts of a DAaaS platform, Atos’ Scientific Community conducted research, based on a concrete scenario for the Oil and Gas industries, that exercises some of the most important points that need to be solved in a DAaaS. This White Paper from Atos’ Scientific Community describes how the Data Analytics as a Service model that we propose in this paper can be applied to multiple use cases and industries. Beyond that, DAaaS puts analytics as a first-level element component in a new vision of Enterprise Computing, that makes extensive usage of the advantages of Cloud technologies.

Beware the next circle of hell: Unpatchable systems
"An attacker with ICS knowledge would use the features rather than an unpatched [vulnerability] to compromise the system," Peterson says. Of course, not all IT systems are the same. Security experts agree there are scenarios in which a lower level of security is acceptable.Perry Pederson, a principal at The Langner Group, says those customers who have taken steps to harden and isolate systems should be more confident that they are protected. However, it is harder than ever for companies to know for sure that air-gapped systems aren't accessible from the Internet or an adjacent network.

Met Office swaps Oracle for PostgreSQL
Tomkins said: "We have a large number and heavy investment in Oracle skilled staff but we are looking at a programme of upskilling development and operational staff in PostgreSQL." Initially, 2ndQuadrant gave all staff initial training to prepare them for deploying the two pilot Postage migration projects into production. "Our intention is to build skills and increase our PostgreSQL deployments. But we haven’t yet reached the same level of skills as we have in Oracle, so we need to build our skills and confidence in PostgreSQL," he said.

10 steps to building a project timeline in Excel
An informed team is a productive team. Everyone on your team should be familiar with a project's schedule -- when each task is scheduled to start and end. A project timeline, shares the project's overall schedule and progress while communicating each task's relationship to the others. In this article, I'll show you an old but true method that uses a scatter chart to implement a project timeline in Excel. ... Excel 2013's chart interface is significantly different from earlier versions, so this article includes instructions for finding options in 2013 and 2010. I'll also include Excel 2003 instructions for finding options via the older versions menu.

Tibco Acquires Jaspersoft to Energize Analytics Portfolio
The acquisition makes sense in that more capabilities are needed to address the expanding scope of business intelligence and analytics. In practice, it will be interesting to see how the open source community and culture of Jaspersoft meshes with the culture of Tibco’s Spotfire division. For now, Jaspersoft will continue as a separate division so business likely will continue as usual until management decides specific areas of integration. With respect to development efforts, it will be critical to blend the discovery capabilities of Tibco Spotfire with Jaspersoft’s reporting which will be a formidable challenge. Another key to success will be how Tibco integrates both with the capabilities from Extended Results, a mobile business intelligence provider Tibco bought in 2013.

Ansible’s View on IT Automation
Foremost, it’s important to understand that Ansible is a general-purpose IT automation system, but does not wish to be considered exclusively a configuration management system. This is because, for many of our users, the more interesting part of the equation is in how business applications are deployed on top of the OS configuration - or how upgrade processes and ad-hoc server maintenance processes are orchestrated. While Ansible does contain a robust series of modules for Configuration Management tasks, Ansible is also concerned with cloud provisioning, software deployment, and automation of orchestration procedures like zero downtime rolling upgrades.

Quote for the day:

"Hire late when it already hurts, not early in anticipation of needing people later" -- Jason Fried

June 02, 2014

In baffling move, TrueCrypt open-source crypto project shuts down
The website provided detailed steps for TrueCrypt users to migrate to BitLocker, a commercial encryption tool. BitLocker is also Microsoft's encryption tool that ships with Windows. "This page exists only to help migrate existing data encrypted by TrueCrypt," the website stated. "The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images." The message urged users to migrate data encrypted by TrueCrypt to encrypted disks or virtual disk images supported by their operating system platform.

How to Create High-Performing Project Management Teams
What makes a "victim"? A victim mindset, Winquist says, is one where cost-cutting, micromanagement, excessive control of information and reporting and a "command and control" philosophy is enacted. "Victims are constantly cutting costs, locking down processes, not sharing information or collaborating, micromanaging, and they have a harder time dealing with complexity and change," Winquist says. Because of this mindset, Winquist adds, many organizations become so focused on controlling the production and delivery process that they miss the mark of what the customer really wanted, too.

SaaS Security Needs Heightened by Adobe Breach
The Adobe breach should be a cautionary tale to the SaaS community to step up security, according to Ethan Oberman, the CEO of SpiderOak, an online backup, syncing, and file sharing service. "In the SaaS model, the moment data is generated on a third-party server, the privacy of that data is compromised. That was the known tradeoff -- less data security for heightened usability," Oberman told me. SpiderOak positions itself as offering a more secure service with what it calls "full end-to-end encryption all the time, every time," he said. The company calls its security approach "Zero-Knowledge" security, because even SpiderOak doesn't know what's in its customers' data.

Coding Principles Every Engineer Should Know
Throughout my engineering career, I’ve had the opportunity work alongside and learn from many incredibly talented people, solve some serious technical challenges, and scale several successful companies. Recently, I was talking with the engineering team at Box about what I’ve learned along this journey, and what came out of that conversation were my personal engineering principals. These aren’t rules or engineering guidelines. They’re simply the principles that I pay attention to when I write and operate code.

U.S. companies seek cyber experts for top jobs, board seats
"The trend that we are seeing is that organizations are elevating the position of the CISO to be a peer of the CIO and having equal voice associated with resource priorities and risk decisions," said Barry Hensley, executive director at Dell SecureWorks' Counter Threat Unit. With many companies looking for security executives with military or defense backgrounds, people with the right expertise can command increasingly higher salaries. Large corporations have recently hired CISOs for between $500,000 and $700,000 a year, according to Matt Comyns, global co-head of the cybersecurity practice at search firm Russell Reynolds Associates.

Employee Engagement Everywhere: The Wheel of Engagement at Work
Engagement offers a relatively new thread that weaves together a wide variety of elements in organizations and work. The word began to appear in reference to work in the late 1990s and is gathering increasing attention and prominence as we determine how to move forward with so many different facets of work. It moves well beyond employee satisfaction, motivation or compliance into authentic partnership and co-creation, to enhance relationships and improve results. It supplants the old systems of "command, control and tell", with "invite, co-create and ask".

Google Drive leads in features, lags in ease-of-use
Google has the best file printing of any of the three suites. Print from any of the Google apps by clicking File->Print. The app kicks in Google's Cloud Print, which can print in many ways. If you have your printer set up for Google Cloud Print -- very easy in most cases -- the printing experience closely parallels the way you would print from any desktop app. If there aren't any Google Cloud Print printers around and you can't get to one remotely, you can opt to print from your local computer or to generate a PDF that gets stored in Google Drive.

Happiness is… a handhold on Hadoop
“Very low cost commodity hardware can be used to power Hadoop clusters since redundancy and fault resistance is built into the software instead of using expensive enterprise hardware or software alternatives with proprietary solutions. This makes adding more capacity (and therefore scale) easier to achieve and Hadoop is an affordable and very granular way to scale out instead of up. While there can be cost in converting existing applications to Hadoop, for new applications it should be a standard option in the software selection decision tree.”

75% of mobile security breaches will result from misuse, misconfiguration
Jailbreaking and rooting can also allow malware to be downloaded to the device, enabling malicious exploits that include extraction of enterprise data. These mobile devices also become prone to brute force attacks on passcodes. According to Dionisio Zumerle, principal research analyst at Gartner, a classic example of misconfiguration is improper use of personal cloud services through apps residing on smartphones and tablets. “When used to convey enterprise data, these apps lead to data leaks that the organization remains unaware of for the majority of devices," he said.

Are Chief Digital Officers the Result of CMO/CIO Refusal to Change?
So who is this relatively new beast? Gartner VP David Willis says, “The Chief Digital Officer plays in the place where the enterprise meets the customer, where the revenue is generated, and the mission accomplished.” In other words, where the rubber meets the road. They aren’t just another “C” heading up a unit. They’re the CEO’s personal SWAT team, able to call the shots necessary across all units to affect what has become job one…customer experience. And what are the CMO’s and CIO’s doing while this is going on? Playing corporate games.

Quote for the day:

"To command is to serve, nothing more and nothing less." -- Andre Malraux

June 01, 2014

The Culture of Cloud in an Information Security World
No matter what your current culture, cultures can change over time, and I believe there is a logical transition that can occur to safely migrate to a culture of cloud acceptance. Just as CEOs can strive to change corporate culture within their organization to meet specific goals, CISOs and CIOs can evolve IT culture to help meet business goals as well. However, this should not be a forced migration because security issues as well as operational issues can occur. Both IT and Information Security capabilities need time to evolve and mature. As cloud culture evolves and matures within an organization, start with smaller initiatives and grow from there.

Understand the "Heartbleed" bug
In this white paper, Bipin Chandra examines the OpenSSL code in detail and explains how the bounds-checking error in the OpenSSL code created the "Heartbleed" memory leak. After reading Chandra's explanation, you'll understand the seriousness of the "Heartbleed" bug, and you will understand how to prevent similar bugs in your applications. Chandra also documents publicly known information about which devices, operating systems, and servers are susceptible to the bug, the availability of fixes, and tools to assess websites for the vulnerability.

Why haven't robots yet changed the world?
"I think we have accomplished less than we might, less than we had imagined," Matt Mason, director of the Robotics Institute at Carnegie Mellon University, told Computerworld. However, Mason added, "Robots do surgery. Robots have driven down the price of consumer goods. The reason that you have a computer in your pocket is because of robotics in manufacturing. If you go through a semiconductor fab, you 'll find dozens or hundreds of robots working." To appreciate those accomplishments, Mason said we need to change our image of future robots. "Domestic service is always something that we're thinking about, but that's very challenging," he added.

Hey, IT, want to innovate? Become a network
f course, everybody wants to be the hub of that network, and it takes more than exposing a bunch of APIs to successfully execute a classic tech-industry “platform” strategy. Creating product networks is subtler, and not everyone can be the top carnivore in an ecosystem’s food chain. Compare “app constellations.” That’s a Fred Wilson coinage describing both mobile app promotion and how tech companies like Facebook and Foursquare are atomizing monolithic services into single-function apps. Back in pre-mobile days of yore, we called them “portals,” but who doesn’t love a new buzzphrase? An app constellation is an example of a visible network. In media, Disney is a visible network while Viacom is invisible.

Quantifying Privacy: A Week of Location Data May Be an “Unreasonable Search”
The main technology for making these inferences is machine learning, a branch of artificial intelligence. In the paper, the authors write that their goal was “to identify the threshold at which enough is enough — the point at which long-term government surveillance becomes objectively unreasonable.” In the interview, Mr. Bellovin observed, “We put it at a week, based on our research.” One reason the technology works so well, Mr. Bellovin said, is that people help, by following patterns of movement that are quite predictable. When combined with other data, the result is something close to a movement fingerprint — that is, surprisingly distinctive and identifying.

Data Science @ Activision
Hemann described what his department does by providing a couple of vignettes. “Vignette 1: Algorithm Detection of Assholes.” Some players found a shortcut to raising their rank in Call of Duty known as “boosting.” Two players enter a game on opposite teams and take turns killing each other. This quickly improves their rank. At first, most of the “boosting” detection had to be done manually with Activision players surveying random games. However, the team now uses algorithms and data patterns to determine how quickly the player jumped in rank, the number of times they killed the same player, the number of games with the same player, the player positions on the map, etc.

From Data Ownership to Data Usage: How Consumers Will Monetize Their Personal Data
We will move from data ownership, where organisations that have developed applications assume to own the data, to a situation where these organisations are allowed to use the data of the customers. And potentially they will have to pay for that data usage to gain additional insights. This is already happening at small scale: Google’s Screenwise Trends panel gives up to $ 8 cash to anyone willing to share their browsing behaviour with Google and its partners. Another example is Raptr, an application with almost 26 million users that provides users with real rewards such as free games, hardware or discounts in return for their video gaming habits.

Decision Science as a Service and Data Science curriculum
For the data scientist, I encourage courses in statistics, machine learning, applied math (including linear algebra), databases and data structures, data and information visualization, scientific modeling and simulation, programming (Python, R, or Matlab, at a minimum), and even some Physics (to learn and sharpen problem-solving skills). For the big data analytics profession, focus more on the algorithms (data mining, statistics, and machine learning), programming skills, and computing technologies (such as Hadoop). For the business or marketing analytics profession, include some of the above things while also learning the key concepts of business, marketing, finance, organizational management, social and behavioral science, leadership, entrepreneurship.

Is the Internet of Things strategic to the enterprise?
Unfortunately, all of this thinking leaves out a few important concepts. Most importantly, is the idea of network effect. The more connected something is, especially if by being connected it provides additional value to those on the network, the more valuable it becomes. The value grows expontentially according to connectedness. That's the basic truism of Internet business, and the reason why growth is always the primary and first order of business for Internet startups. You can do anything, create any business model, find new and better ways to monetize, if only you are deeply connected. If you aren't, the most innovative digital business models just have no meaning.

Taking Back Agile
A lot of people found that the agile methods really humanized the work, and opened the door to more lean and more continual development techniques. In the heyday of agile, people pushed the limit on how simple, how safe, how lean, and how human a software team could become. It's fair that people would be suspicious: Are we trying to take ownership of the brand? Are we trying to set up an alternate, competing certification program? Are we trying to cast doubt on our competitors? It might be good for folks to know that "Let's take back agile" has an "us" that includes everyone. We don't need a brand. We don't need yet another certification scheme, and it doesn't matter what we call it.

Quote for the day:

"Become the kind of leader that people would follow voluntarily; even if you had no title or position." -- Brian Tracy