April 04, 2016

5 Security Bad Habits (And Easy Ways to Breal Them)

Procrastination. Fidgeting. Biting your nails. These are all bad habits, but none so bad that they could bring a company to its knees. When it comes to security, however, some bad habits could be devastating, leaving your company vulnerable to hacks, data loss or theft or some similar type of security breach. The good news is that there are some simple steps IT can take to educate users on security best practices and make them part of the solution instead of the problem. Jonathan Crowe, senior content manager at endpoint security solutions company Barkly offers five simple ways to improve your security posture and help employees become a bit more security-savvy.


How Early-Stage Startups Can Enlist The Right Amount of Security As They Grow

Many resource-strapped startups gauge their commitment level to security by assessing the financial expense to the company. Instead, Graham recommends defining security spend by a company’s possible exposure risk. “For all companies, there’s a limit to how much money can be lost. So if you’re spending more than that amount, you’re absolutely screwing up,” says Graham. “There’s also a limit to how much money you’re likely to lose based on what it is you do with customer data and what you do to monetize it. You’re also messing up if you spend more than that amount.” Graham admits that these assertions are counter to many marketing messages. Most startups are exposing customers to more risk than they’re selling. “There’s a lot of social capital used in marketing these days. Statements such as: ‘You can absolutely trust us to take care of your data.’


The inevitability of data visualization criticism

On a recent episode of What's the Point, Giorgia Lupi expressed this perfectly when she said, "Beauty is a very important entry point for readers to get interested about the visualization and be willing to explore more. Beauty cannot replace functionality but beauty and functionality together achieve more. Beauty is an asset." This doesn't mean you should never produce a line chart, but would the WSJarticle have been so successful had they done it Randy's way? Randy acknowledges this in his article. We both agree you need to craft accurate charts and focus on the story. A rich dataset can tell many stories. In this case, even when you have chosen the story you want to choose ("vaccinations end disease"), it can be told in many different ways (line chart or highlight table).


How an AI program helps doctors identify cancer and other medical abnormalities

Behold.ai's system works by looking at images and giving doctors suggestions, based on learning from similar medical scans. "Computers have become increasingly adept at figuring out objects and images," said Raut. "There's the Amazon Fire phone, which can scan a picture and if it's a product on Amazon, it will find it for you." And Facebook, he said, can see a photo and tell who that person is. "There's a lot of advances in facial recognition that we wanted to adapt to medicine," he said, "because it's about determining where the nodules, aneurysms, and things like that are." Through partnerships with hospitals, Behold.ai is using data sets from real patients to ensure that the reinforcement learning system has quality data


Outshone by Smaller Screens, PCs Aim to Be Seen as Cool Again

Yet as people increasingly gravitate to smartphones and tablets for their computing needs, shifting into what has been called the “post-PC era,” the investment into design and new innovations by PC makers may come to naught. Last year, 289 million PCs were sold worldwide, an 8 percent drop from 2014, according to Gartner, a research firm. The sales decline was just the latest in several years when the PC market faced an onslaught of smartphones and tablets as cooler alternatives. The falloff is expected to level off this year, with PC sales even expected to begin growing slowly in 2017. But that still leaves the question of whether PCs can seem cool again. Even people who depend on the PC industry now lack passion for these onetime miracle products.


Microsoft Embraces Linux - Way Too Late

The Linux-on-Windows announcement is more interesting, but requires some clarification. This is not Linux running in a VM -- there's no Linux kernel present, nor a hypervisor emulating hardware. This isn’t Cygwin, which is a Unix environment compiled specifically to run on the Windows platform. It’s not a container, either. The Ubuntu environment running on Windows 10 contains binaries identical to the binaries running on an Ubuntu platform -- an ELF executable. What Microsoft has done is build a system call translation layer. When a Linux binary makes a syscall, Microsoft’s Windows Subsystem for Linux translates it into a Windows syscall and delivers what the binary expects. It’s akin to WINE, which does something similar for Windows binaries running on Linux. Also like WINE, it’s not magic -- many binaries won’t "just work." This is only the beginning of a long process for Microsoft.


C#/Web API Code Generation Patterns for the RAML User

C# 2.0 was designed with code generation in mind. Seeing how common it was to use code generators even in Visual Studio itself, it was given the ability to create partial classes. A partial class contains some, but not necessarily all, of the code that makes up the whole class. This allows you to separate the class over multiple files, some of which are code-generated while others are hand-written. This separation prevents the code generator from wiping out code the developer has manually written. Unfortunately, this wasn’t enough. Partial classes allow you to add new methods, but not change the behavior of existing ones. For that we had to wait until 2008 and the introduction of partial methods in C# 3. Superficially, a partial method looks like an abstract method, but this is the wrong analogy.


MedStar hack shows risks that come with electronic health records

Health care executives and regulators say their increasing reliance on computer networks and electronic patient data have brought new challenges. Sharon Boston, a spokeswoman for LifeBridge Health, said the corporation takes information security seriously and works to adapt to new threats as they arise. LifeBridge operates Sinai, Northwest and Carroll hospitals in the Baltimore region. "The use of the electronic medical record across the health care industry is broader and deeper than it has ever been, and will continue to grow," Boston said. "With the evolving nature of these electronic threats, LifeBridge Health continually monitors the safety and potential vulnerability of our information systems and takes appropriate action."


Ever been in these social engineering situations?

Once I picked the lock to the unalarmed external emergency door, I realized that the client took the extra step of implementing biometric access control. There wasn't a single person going in or out while I observed. I needed a different way in to the server room. I noticed a security guard station with several monitors and a key box behind the desk. I saw a guard and a maintenance employee were taking a coffee break. "Sorry guys, I'll just be a moment. I need to get the serial numbers off of these devices. We are doing inventory." I gave him the face of, "you know, the grind," shrugged and began writing down anything I saw. "Not a problem," the guard responded after glancing at my fake badge I made using basic photo editing skills. “You can take them if you want. They don't work half of the time anyway," the guard chuckled.


Microsoft's machine learning vision includes security, too

"We want to build intelligence that augments human abilities and experiences. Ultimately it is not going to be about man versus machine. It is going to be about man with machines," Nadella said at Build. And what's better than having machines help users protect their data and communications? Nadella acknowledged social implications to security and privacy, promising Microsoft will take a “principled approach” as it adds intelligence to applications. Technology needs to be “more inclusive and respectful,” as well as balance security and privacy considerations, such as adopting encryption. Consider the Skype bot. The Build demo showed the bot picking up key terms related to travel during a Skype call and suggesting hotel reservations. The same bot will have to recognize sensitive information and make sure to protect it.


Quote for the day:


"For all companies, there's a limit to how much money can be lost. So if you're spending more than that amount, you're absolutely screwing up." -- Michael Graham

Posted by at No comments:
Labels: , , , , , , , , ,

April 03, 2016

How to approach machine learning as a non-technical person

The last and trickiest aspect of assessing ML technology is understanding how improvements on the ML task will impact which business metrics and by how much. Sometimes there’s a very direct relationship. For instance, for ad placement in search results, the ML metric is typically predicting the probability of ad click-through (possibly weighted by expected CPC). The rate and revenue-generated ad click-through is either a core business metric or closely related to one. In this setting, it makes a lot of sense to invest heavily in ML, because gains will likely improve business metrics. In other settings, the relationship is less clear. For instance, at Netflix, improving movie recommendation quality by 0.5 percent, while difficult, does not necessarily mean that month-over-month subscriber retention will necessary budge


The Evolution of Data Storytelling

Beyond being a marketing buzzword, Data Storytelling careerists know what it takes to tell a concise, actionable, data-driven narrative. Classic data mining and knowledge discovery trainingalways starts with identifying the business problem first, identifying clear goals or hypothesis to test, and then iterating through a data modeling process to select the right algorithms to produce recommendations (and then lather, rinse, repeat). As new statistical techniques were introduced and big data challenges emerged, these processes evolved but stayed generally the same. Organizations have since been trying to capture and scale this practice more recently, as evidenced by newly trending roles in the uppermost echelons like Chief Data Analytics Officer. These roles are charged with rolling out a data science team within their organizations, albeit an easier said than done practice.


Deep learning will be huge — and here’s who will dominate it

What’s perhaps most interesting here is that these startups are targeting almost every industry out there. The first layer is general-purpose AI platforms that get fed large amount of data and automatically discover interesting patterns such as Valley-based Ayasdi, Germany-based Blue Yonder, or Israel-based SparkBeyond. Then there are companies that sell AI-based products to enterprises. These include AI-based personalization and marketing tools such as Radius and Dynamic Yield, sales and retention prediction tools such as 6sense and Gainsight, and AI-based customer support company Wise.io. But AI startups don’t stop at the enterprise. They are disrupting many traditional industries such as ground transportation, agriculture, industrial, and healthcare.


When Self-Driving Cars Decide Who Lives and Who Dies

Imagine the following scenario: A family with parents and children is using the self-driving vehicle service within a smart city. All surrounding vehicles are also centrally controlled to better account for minimum risk of traffic accidents. A child runs after a ball across the street in front of the vehicle, transporting the family. This is an external factor to the traffic system and was not planned. The central traffic system now has to follow its primary routines and avoid harm to passengers and surrounding humans as good as possible. A crash is imminent even though a breaking process was started. The vehicle can now only “choose” the best possible option based on data it computes.


Agile and Wrong: The Problems with Emergent Design in Pictures

With emergent design, a development organization starts delivering functionality and lets the design emerge. Development will take a piece of functionality A and implement it using best practices and proper test coverage and then move on to delivering functionality B. Once B is built, or while it is being built, the organization will look at what A and B have in common and refactor out the commonality, allowing the design to emerge. This process continues as the organization continually delivers functionality. At the end of an agile release cycle, development is left with the smallest set of the design needed, as opposed to the design that could have been anticipated in advance.


IoT and the development of a circular economy

Identified as a significant business opportunity, circular economy models have gained increasing momentum over the last five years. Combine the principles of a regenerative and restorative economy, where the utilization and useful life of assets is extended, with IoT technologies, which provide information about the condition, location and availability of those assets, and there may be an even greater opportunity to scale new models more effectively, while providing new direction to the digital revolution. To pose an example, the average European car currently spends 95 percent of the time parked. Large automotive manufacturers, including the likes of GM and Ford, have identified economic advantages to be gained by leasing vehicles through car-sharing models, rather than restricting themselves to a one-time sales model.


The Robots Are Coming: Funding and Spending Doubling

International Data Corporation (IDC) has identified robotics as one of six Innovation Accelerators that will drive digital transformation by opening new revenue streams and changing the way work is performed. In the new Worldwide Commercial Robotics Spending Guide, IDC forecasts global spending on robotics and related services to grow at a compound annual growth rate (CAGR) of 17% from more than $71 billion in 2015 to $135.4 billion in 2019. The new spending guide measures purchases of robotic systems, system hardware, software, robotics-related services, and after-market robotics hardware on a regional level across thirteen key industries and fifty-two use cases. … Not surprisingly, worldwide robotics spending is dominated by the discrete and process manufacturing industries, which represented 33.2% and 30.2% of total spending in 2015, respectively.


Is the blockchain good for security?

"There may be no software that has been better proven, from a security standpoint, than Bitcoin," Bagley said. "Building a stock trading platform atop such well proven software should leave all parties feeling very confident, from a security point of view." In addition, he said, settlement times are reduced from three days to 10 minutes, settlement costs are cut by 80 percent, and counterparty risk is eliminated because the cash and assets are accounted for ahead of time and instantly swapped. Finally, the blockchain is completely transparent, he said, and cannot be changed. "Put transparency and immutability together and you have a dream scenario for regulators, auditors and compliance officers," he said.


Big Data Self-Delusion

“The Human Face of Big Data” demonstrates that giving more people access to the Internet does not automatically include them in “the discussion.” China has more people connected to the Internet than any other country, but there is no one from China among the two dozen “experts” identified by name in the film—all are based in the U.S. No one from Russia, India, Japan, Brazil—countries where one may find talking heads or, even better, data scientists, that may represent a different point of view about the role of technology, the Internet, and big data. It would have enriched this documentary tremendously if we heard their take on the pros and cons of big data, how they define it, what it means to them, and what specific types of data collection and analysis will make a difference in their countries.


Living in the digital economy and loving it

"At the centre of this transformation will be our individual digital identity that we alone curate to allow chosen organisations to interact with us. "Yes, we will give up some privacy but the pay-off will be more convenience. At first, we hesitated to use paywave but now everyone uses it because it saves time and effort. "Having a digital identity will give us freedom from information as well as more control of who we share our information with and what they do with it." Professor Kowalkiewicz said proactive organisations would become trusted partners and an invisible part of our lives. "For example, you are turning 16, the proactive organisation sends you a learners application. Driving instructors and defensive driving course providers will have contacted you. "Banks will analyse your credit card spend and alert you to suspicious charges, or to a possible data breach in an organisation you deal with, then automatically cancel your compromised card and send you a new one."


Quote for the day:


"You are never too old to set another goal or to dream a new dream." -- C.S. Lewis

Posted by at No comments:
Labels: , , , , , , , , ,

April 02, 2016

Five Technologies That Will Disrupt Healthcare By 2020

AI is consistently improving the approach and access to reliable and accurate medical image analysis with help from digital image processing, pattern recognition and machine-learning AI platforms. ... Innovative, automated patient guidance and engagement solutions, such as AI-enabled medication adherence to observe patient devotion by using advanced facial recognition and motion-sensing software, have started to automate one of the major healthcare processes of directly observed therapy (DOT). New entrants with similar solutions are expected to rapidly capture this sub-segment of the market.


Which country is most prepared for tech disruption?

While less than half of those surveyed felt their education was boring or old fashioned, young people were twice as likely to say so. Confidence in entering the workplace was again a feeling shared mostly among those in middle-income economies. ... The need for so-called "soft skills" was, in the minds of many, the most crucial aspect of the modern workplace. Skills such as communications, relationship-building and problem-solving were prioritized between 86% (Australia) and 79% (Brazil), compared with academic achievement, which scored only between 50% (South Africa) and 36% (Germany). Employers expectations, as perceived by those surveyed, were also focused on soft skills. While technical skills were important, time management, people management and active learning were all considered to be either more important or of equal importance.


Are healthcare CIOs being cut out of the analytics loop?

“The best organizations are taking more of a dyad approach,” Weaver observes. “The operator and the technologist are both at the table, having that conversation, so you’ve got the right technology support to support the operator. A lot of times, the operator may be running the analytic shop. But one of the things we’ve found is that while the CIO may not be running the analytics shop, the CIO is a critical partner. Because to do the analytics, you have to both collect the data and then pull it out of the operational data warehouse and put it into an analytic capability to be able to analyze it.”  What happens in organizations where the analysts report to the operators and the CIO doesn’t have input? “Those places that have gone to the operator model find that begins to break if they don’t keep a consistent relationship with the technology folks,” he responds.


How Technology is Transforming Women-Owned Businesses in Africa

Technology is transforming the lives of women business owners in Africa as they are playing a significant role in the creation of jobs in their communities. Also, technology incubators dedicated to supporting entrepreneurs continue to populate the continent, and with increased access to the internet, entrepreneurs in emerging economies will continue to utilize various technological tools and resources to start, expand, and grow their businesses. Nigeria, in particular, leads the way in the number of women entrepreneurs that have developed. But, what else can be done to ensure that women are not just users of technological tools but also creators of them? How can we work to engage and increase accessibility in rural areas of the continent?


Is HyperContainer the Answer for Cloud Native Applications?

In a HyperContainer, the application process is still able to access what it needs: kernel and data. The difference is that the container does not run on the host kernel. Instead, every container gets its own, independent, guest kernel. By doing this, the application running inside is perfectly isolated from both other containers and the host. Performance wise, with the assistance of the super tiny guest kernel, a HyperContainer is able to finish booting in milliseconds (100-150ms), which is dramatically faster than a VM. Some may argue that this speed still lags behind a Linux container, but consider that an application usually takes longer to get started anyway meaning that, in practice, there is simply no difference.


The IT skills gap is a reality, but doesn’t have to be

Despite the popular conversation around big data in the business world, in 2014, the report notes that there was a decrease in the pay for these skills. According to the report, this can be attributed to the unrealistic expectations of business leaders, who reported being unsatisfied with the ROI on analytics and analytics professionals. Foote says that business leaders needed to temper their expectations around what big data and analytics could do for the business over time. And the attitude might have already started to shift, considering that as of 2015, the data shows that the market value of 74 noncertified and certified big data skills increased by six percent over the span of 12 months. One of the barrier around effective big data strategies at companies is about getting "decision makers to be more comfortable with data-driven decision making," according to the report.


Build this Raspberry Pi guardian robot and stave off intrusions!

Younger siblings -- gross! They sneak into your room and grime up your stuff. Sometimes you might also feel that way about your spouse. Babe, get your greasy mitts off my sunglasses. What you need is a sentinel, a guardian, a robot defender. This latest project comes to ZDNet via Dexter Industries, which makes cool components for DIY robotics builds. I have no affiliation to Dexter, but I dig what they do and I'm happy they've brought us a new build. Build and program this little GoPiGo to protect your wardrobe, your closet, or your whole room. Hide GoPiGo behind a closed door and when the door is opened it will attack, scaring intruders and snapping a picture as proof that your inner sanctum has been violated.


Why You Shouldn’t Enable “FIPS-compliant” Encryption on Windows

This setting does two things to Windows itself. It forces Windows and Windows services to use only FIPS-validated cryptography. For example, the Schannel service built into Windows won’t work with older SSL 2.0 and 3.0 protocols, and will require at least TLS 1.0 instead. Microsoft’s .NET framework will also block access to algorithms that aren’t FIPS-validated. The .NET framework offers several different algorithms for most cryptography algorithms, and not all of them have even been submitted for validation. As an example, Microsoft notes that there are three different versions of the SHA256 hashing algorithm in the .NET framework. The fastest one hasn’t been submitted for validation, but should be just as secure. So enabling FIPS mode will either break .NET applications that use the more efficient algorithm or force them to use the less efficient algorithm and be slower.


Is Artificial Intelligence Really Dangerous?

Ever since the beginning of time, we humans have had a desire for technological advancements and innovation. Through our vivid imaginations, we have been able to develop technologies that previously seemed impossible were just a part of our science fiction fantasies. Virtual reality, space tourism, self-driving cars and the much talked about artificial intelligence. Some of the most talented innovators have blurred the lines between fantasy and fiction for us. Artificial intelligence is now a very real prospect that companies are focusing on. Now, for those of you who are still new to this concept, Artificial intelligence is a field of science which focuses on how hardware and software components of a machine can exhibit intelligent behaviour. Instead of being fed information from the user himself, they learn over the course of time and become more intelligent.


How the New JSON Support Will Work in SQL Server 2016

"Someone might say -- this will not be fast enough, but we will see," Popovic said. "Built-in JSON parser is the fastest way to process JSON in database layer. You might use CLR type or CLR parsers as external assemblies, but this will not be better than the native code that parses JSON." Popovic said the JSON functionality will be rolled out over time in the SQL Server 2016 previews. SQL Server 2016 CTP2 is planned to include the ability to format and export data as JSON string, while SQL server 2016 CTP3 is expected to incorporate the ability to load JSON text in tables, extract values from JSON text, index properties in JSON text stored in columns, and more, he said. The SQL Server team will be publishing more details about the huge new release of SQL Server 2016 as the days count down to the first public preview, expected this summer.


Quote for the day:


“What high-performing companies should...create: A great place for great people to do great work.” -- Marilyn Carlson

Posted by at No comments:
Labels: , , , , , , , , , ,

March 31, 2016

Full Stack Testing: Balancing Unit and End-to-End Tests

At their core, tests make sure your application is doing what you intend it to do. They are an automated script to execute your code and check that it did what you expected. The better they are, the more you can rely on them to gate your deployments. Where your tests are weak, you either need a QA team or you ship buggy software (both mean your users get value at a much slower pace than is ideal). Where your tests are strong, you can ship confidently and quickly, without approvals or slow, manual processes like QA. You must also balance the future maintainability of the tests you write. Your application will change and thus so will your tests. Ideally, your tests only have to change proportionally to the change you are making in your software. If you are making a change in an error message, you don’t want to have to rewrite a lot of your test suite. 


From Role-Based Access Control to Access Governance

Because the organization is fluid (e.g. reorganizations, mergers, etc.), the composition of the attributes (the payroll system) is in a constant state of change. The network landscape is also subject to change. And this means that the model that was set up has to be reviewed regularly. Validating the RBAC model is also known as re-certification. Re-certification checks whether the authorizations a person receives on the basis of his attributes are still appropriate within the organization. Alongside validating the RBAC model that has been set up, part of access governance is also to test the reality. This is called attestation. In attestation the organization itself is asked whether the assignment of certain authorizations to employees is in fact correct.


Coursera Announces First MOOC-Based Master’s Degree in Data Science

Data science has quickly become one of the most sought-after and highest-paid professionsin the United States, yet few highly ranked master’s programs exist today that are developed specifically for training data scientists, and none offer the scale of an open online course platform. The MCS-DS degree taps a whole new demographic of potential data scientists who are unable to take a traditional education path by reimagining graduate-level education as a “stackable” degree. Unlike other master’s degrees, students can test the waters of the MCS-DS degree with a shorter Specialization certificate program in data mining or cloud computing, earning a meaningful credential that can then fully transfer to the MCS-DS if they later decide that they want the full degree.


10 Ways Virtual Reality is Disrupting Industries

The concept of remodeling isn’t just limited to education or world history. It is creating ripples in the medical world as well. For quite some time now, Virtual Reality is being used to treat Posttraumatic Stress Disorder (PTSD) in war veterans. Using VR therapists recreate situations which the patient fears while they are still in a safe environment. Commonly known as exposure therapy, this helps soldiers in dealing with the stress endured on the during real-world war situations. USC’s Institute for Creative Technologies has been remodeling sites of Iraq and Afghanistan in virtual reality to help warriors combat PTSD. Another healing application of VR in medical is helping amputees deal with phantom pain by recreating their limbs.


Why Hospitals Are the Perfect Targets for Ransomware

The payoff for hackers can be huge. The FBI estimated in 2014 that the extortionists behind the CryptoLocker strain of ransomware swindled some $27 million in just six months out of people whose data they took hostage. And ransomware attackers have upped the ante in recent months with attacks that encrypt not just files on an individual computer but on core servers, to prevent an entire organization from accessing shared files and databases. ... “You don’t have to lock an entire network,” Sjouwerman says. “You just need to find where are the critical files in a network—what servers are serving up the millions of files that most workers use…. And you only need to lock maybe two or three file servers to essentially block the whole network.”


IBM Data Chief on Strategy: Training Engineers for Cognitive Systems

Data is playing an ever-growing role in the business world, with machine learning software and artificial intelligence systems like IBM’s Watson leading the way. IBM’s Bhandari says that IBM is focused on training more data scientists and engineers in analytics systems, such as open-source computing framework Apache Spark, because it believes the amount of human talent has not kept pace with advances in analytics. Simply put, there are not enough people who can take action on insight that is provided by today’s data-analytics software, like the video footage of the Magic-Heat games did for the in-game stats, he says. IBM’s corporate strategy in the current market is on cognitive systems, such as Watson, Bhandari says.


Senator Wyden Lays Out New 'Compact For Privacy & Security In The Digital Age'

Here’s the problem. A few decades ago, courts began ruling that if you provide information to a third party, like your bank or your phone company, you are no longer keeping it private, and it is no longer protected under the Fourth Amendment to the Constitution.  There is a huge, glaring problem with that logic. When you share your information with a single private company, that is not the same thing as making it public. Your phone company may have records of who you call, and your bank may have records of how you spend your money, but your contract with them will have rules for when and how they are allowed to share that information. They are not allowed to just disclose it freely.  This is true in the digital world as well. When I post a handsome new profile picture on Facebook, or send out a tweet to tell people that I’m holding a town hall in Oregon,


Enterprise Mobility is Going Beyond “Mobile First” Approach. Are You Ready?

The future is likely to become even more connected, thanks to internet of things and M2M (machine-to-machine) communications. This means, businesses now need to go beyond ‘mobile first’ planning. By this we mean you need to develop a strategy that puts your business at the forefront of mobility. You need to go beyond just creating mobile applications and services when it comes to deploying mobile technologies. While these efforts were tactical enough to address the need for people to remain connected 24*7 across various devices, they won’t suffice to make your business ready for the mobile journey of the future. Today, we see more and more businesses are investing resources to create a mobile strategy that can successfully transform the enterprise, changing the way they run their business.


5 Dev Tools For Better Code Security

Information security is of paramount importance these days, and there is no better place to start securing systems and data than in the software development process itself. Lapses in coding can leave systems vulnerable to attackers. But examining thousands and thousands of lines of code for a wide array of potential weaknesses is no easy task. Thankfully, a variety of tools are emerging to help ensure the security of your code. With the help of capabilities such as static analysis, these tools not only flag possible issues but enforce security a priority in the development process. Following are five tools aimed at analyzing your code for security flaws, ranging from open source to commercial offerings, available as on-premises solutions or services in the cloud.


Why CISOs Need to Build Better Business Cases For Data Security

The overall budget for security-related costs is often within decentralized healthcare organizations and resides with a number of different clinical, business and technology areas. Typically, the easy business case to make for security investments comes from improving the organization’s overall security posture. However, CISOs will have to redesign this undemanding path toward an approach for making business cases in terms executives can appreciate and directly connect to the organization’s top strategy goals and objectives. Making more effective business cases can help to gain investment dollars and increased control for a budget not always under a CISO’s direct management.

Quote for the day:


"There are many elements to a campaign. Leadership is number one. Everything else is number two." -- Bertolt Brecht

Posted by at No comments:
Labels: , , , , , , , , , ,

March 30, 2016

Cyber criminals use Microsoft PowerShell in ransomware attacks

Traditional ransomware variants typically install malicious files on the system which, in some instances, can be easier to detect. Although the code is simple, PowerWare is a novel approach to ransomware, the researchers said, reflecting a growing trend of malware authors thinking outside the box in delivering ransomware. Carbon Black researchers found that PowerWare is delivered through a macro-enabled Microsoft Word document that launches two instances of PowerShell. One instance downloads the ransomware script and the other takes the script as input to run the malicious code to encrypt files on the target system and demand payment for releasing them.


Train your IT team for endurance

Work is the ultimate endurance event. While a triathlete might compete in a 5- to 12-hour event, the average career is measured in decades. Consider your IT organization for a moment. If it's like the majority, it's been conditioned around sprinting. A firefight or development sprint results in a fury of activity, the organizational equivalent of an athlete spiking her heartbeat to the max and tenaciously hanging there until it's physically impossible to sustain that level of effort. Like the athlete, after the sprint the team usually hits a wall and performance crashes down— employees even become physically affected by the workload. Contrast this to the team that has trained and measured around the productivity they can produce at sustainable activity levels. There's a quiet energy and diligence, and this team can make a strategic sprint or two when the time comes, without depleting themselves and falling apart.


Q&A: Database infrastructure must match modern apps

As a standard SQL solution, the way you build an application is not significantly different from how you build a system against other relational database management systems. The difference is that it scales. If you're running Oracle on a single machine, and you reach the capacity of a SQL machine, you switch to Oracle RAC, and that gets you some more performance. But when that gets exhausted, you're done. With NuoDB, you can take an intuitive database application design, and rather than changing the application to handle more scalability, you just plug in more computers.


Is outsourcing IT worth the compliance risk?

“Regulators have taken a deeper interest in outsourcing services that have an impact on either the regulatory posture of the organization or on cyber security and cyber-crime,” explains Bala Pandalangat, president and CEO of Centre for Outsourcing Research & Education (CORE), an organization that provides outsourcing advice and training based in Toronto. CORE’s membership includes Deloitte, IBM, Xerox, large banks, universities and law firms such as Torys LLP. “We see several common mistakes when it comes to outsourcing arrangements,” says Pandalangat. “The number one mistake is viewing risk management is an after-thought. Many deals emphasize the financial benefit of outsourcing at the expense of risk management. If risk management is not built into the contract, costly adjustments may be required to address that concern.”


NASA Software Audit Reveals Budgetary Black Hole

The audit warns that delays with such software designed for the Space Launch System (SLS) rocket could affect the ability to react to unexpected issues during launch operations, and could impact the launch schedule for the unmanned Orion system, which is due to lift off in 2018. The first exploration mission would allow the space agency to use the lunar vicinity as a proving ground to test technologies farther from Earth, and demonstrate it can get to a stable orbit in the area of space near the moon in order to support sending humans to deep space. The root of the budgetary issues appears to result from NASA's June 2006 decision to integrate multiple products or parts of products rather than develop software in-house or buy an off-the-shelf product.


Apple’s New Challenge: Learning How the U.S. Cracked Its iPhone

The challenges start with the lack of information about the method that the law enforcement authorities, with the aid of a third party, used to break into the iPhone of Syed Rizwan Farook, an attacker in the San Bernardino rampage last year. Federal officials have refused to identify the person, or organization, who helped crack the device, and have declined to specify the procedure used to open the iPhone. ... Making matters trickier, Apple’s security operation has been in flux. The operation was reorganized late last year. A manager who had been responsible for handling most of the government’s data extraction requests left the team to work in a different part of the company, according to four current and former Apple employees, who spoke on the condition of anonymity because they were not authorized to speak publicly about the changes.


Prep your smartphone for emergency situations

Another obvious recommendation, but one that can save you a lot of grief: keep your device in tip-top shape. Remove all unnecessary apps which might drain the battery. Keep a couple of spare batteries (if your device allows you the option of swapping these out). Make sure the hardware performs well; replace damaged screens, buttons and other elements which may be malfunctioning. And by all means keep it as fully charged as possible. I use car chargers, desk chargers and of course a bedside charger so at least two-thirds of the time during a normal day (and sometimes 100% depending on my schedule) I have access to power.


The triumphant, magnificent, and unexpected return of PC gaming

What makes the PC even more compelling right now is that the VR revolution has finally started. Just this week, the Oculus Rift debuted for PC with a host of new games that you can’t play on any of the consoles. (I will have a full report on that device soon.) That system requires at least an Intel Core i5 processor, 8GB of RAM, and at least a NVIDIA GTX 970 or AMD 290 GPU. The consoles just don’t have enough horsepower to make VR look realistic or compelling, despite what you may have heard. My theory is that PC gamers are smart enough to know this. They’ve seen the writing on the wall, and it says Virtual Reality


IT Security Threat to Intensify in Next Two Years

The report, Threat Horizons 2018, says the ability of organizations to protect IT is progressively being weakened. Businesses and society, for that matter, are becoming more reliant on complex new technologies to function, which intensifies the threat landscape, the report contends. "We are having to be a little bit more, perhaps, critical of the way in which we look at our use of technology, and that's what you're beginning to see with some of the predictions we're coming out with now," Steve Durbin, managing director of the Information Security Forum, says in an interview with Information Security Media Group. "Let's bear in mind: These predictions are really trying to put some extra weaponry into the armory for the security professionals so we can anticipate some of the challenges that we're going to be seeing."


Quote for the day:


"Strategy is a commodity, execution is an art." -- Peter Drucker

Posted by at No comments:
Labels: , , , , , , , , , , , ,

March 29, 2016

How mobile browser is making a comeback and challenging apps

India has 1 billion mobile phone users. Almost 90 per cent users have a phone that costs below Rs 8,000. These have low memory and slow processors. But most apps are heavy—more than 5 MB and often exceeding 8 MB. Some of the furniture apps are 30 MB in size. Computing resources to download and run apps is limited on low end phones. Top end phones that can accommodate these apps cost a bomb. Browsers have no such problems. They offer content and functionalities across categories. ... "The cost of developing a browser site is one-third of an app. Besides, chance of an app malfunctioning or crashing is higher than that of a mobile site."


Invokedynamic - Java’s Secret Weapon

The features main goal was to create a bytecode to handle a new type of method dispatch - that essentially allows application-level code to determine which method a call will execute, and to do so only when the call is about to execute. This allows language and framework writers to support much more dynamic programming styles than the Java platform previously provided. The intent is that user code determines dispatch at runtime using the method handles API whilst not suffering the performance penalties and security problems associated with reflection. In fact, the stated aim of invokedynamic is to be as fast as regular method dispatch (invokevirtual) once the feature has matured sufficiently.


How to Review and Test Backup Procedures to Ensure Data Restoration

It’s important to test often enough as well as to test in a quality sort of fashion. But how often is often enough? What is and is not quality testing? “The factors that should affect how often you test backup and restore capabilities fall under Governance, Risk, and Compliance (GRC) and include regulatory constraints, data retention periods / data criticality, risk assessment, policy, audit preparation, and strategic planning,” says Adam Gordon, CSO, New Horizons Computer Learning Centers Of South Florida. Testing frequency realities are another matter as some companies only find out whether backups work when they need them, and the success or failure of the backups and the restore operation in the middle of a crisis is the only test of their adequacy. This is certainly not often enough.


Banks and fintech firms can and must collaborate

"We recognise API as an unstoppable force," Mr Mohanty, a former Citibank banker, said. “There's no other way to do innovation. If (banks) don't do it, I don't know how they will survive.” He added that countries such as the United Kingdom and Japan have mapped out policies in relation to API, and the MAS is keen to “partner with industry players to make it work” in Singapore. However, Mr Mohanty noted that there’s a gap in terms of how much regulation can drive change, and businesses will ultimately have to take the lead. Ong Whee Teck, partner of Technology Consulting at PricewaterhouseCoopers, agreed: "The days are here to collaborate, otherwise fintech is here to eat your lunch. Change will require a grassroots-style uprising."


For IT, climate change means preparing for disaster

Interest in disaster recovery planning increased after the 9/11 terrorist attacks, but "many pulled back because of the cost of maintaining two centers," and paying for idle equipment, said Phil Goodwin, a research director at IDC. Cloud-based services are changing that. The fastest growing segment of disaster recovery is "disaster recovery as a service," said Goodwin. There may be 150 or more firms providing disaster recovery as a service (DRaaS). Taco, Inc., an HVAC manufacturing company in Rhode Island, maintains servers in a back-up facility run by a disaster services provider. But by the end of this year, the company hopes to complete a move to a disaster recovery as a service provider.


Benefits and Risks of Knowledge Process Outsourcing

If you are a business owner, you already know that there is no endeavour without risk. Risk is omnipresent. It needs to be identified, assessed and mitigated with a proper plan always. The risks of KPO entail key talent retention. Internal information could get lost if KPO staff is working remotely. The service providing individual might not match the company culture or there are communication difficulties. KPO is usually very time-consuming and there is often no immediate result. Depending on the nature of your business there might be more or less risks involved in working with a KPO company, but these risks are very transparent, they can be accounted for and there can be an operational design, which allows for an efficient cooperation for the benefit of all involved parties and individuals.


Linux at 25: Why It Flourished While Others Fizzled

It’s all the more remarkable, then, that Linux, which celebrates its 25th birthday later this year, has so profoundly challenged the norms of software development. It showed programmers everywhere that a different world was possible—a world where they could share code openly, collaborate informally, and make a decent living, even if they gave away the chief product of their labor for free. The advantages of working this way have since become obvious to even the most hard-headed of business leaders, with most large software-development companies now sharing at least some of the fruits of their programmers’ efforts openly. How did Linux end up producing such radical change? And why did other free-software activists’ attempts to build bigger and seemingly better systems than Linux fail to achieve as much momentum?


Autonomic platforms

Over time, IT departments became saddled with manual processes, cumbersome one-size-fits-all software development lifecycle (SDLC) methodologies. Or they developed “over-the-wall engineering” mind-sets in which individuals fulfill their own obligations with little understanding or concern about the needs of downstream teams. This operational baggage has fueled tension between IT’s development group, which pushes for speed and experimentation with new features and tools, and its operations organization, which prizes stability, performance, and predictable maintenance. To combat organizational inefficiency as well as any discord that has arisen among various parts of the IT value chain, many organizations are implementing DevOps a new way of organizing and focusing various teams.


Petya Ransomware Overwrites MBRs, Locking Users Out of Their Computers

It's hard enough for non-technical users to deal with ransomware infections: understanding public-key cryptography, connecting to the Tor anonymity network and paying with Bitcoin cryptocurrency. A new malicious program now makes it even more difficult by completely locking victims out of their computers. The new Petya ransomware overwrites the master boot record (MBR) of the affected PCs, leaving their operating systems in an unbootable state, researchers from antivirus firm Trend Micro said in a blog post. The MBR is the code stored in the first sectors of a hard disk drive. It contains information about the disk's partitions and launches the operating system's boot loader. Without a proper MBR, the computer doesn't know which partitions contain an OS and how to start it.


High Load Trading Transaction Processing with Reveno CQRS/Event Sourcing Framework

Reveno is a new JVM based lock-free transaction processing framework based on CQRS and event-sourcing patterns. Although it’s a simple and powerful tool it does not compromise on performance. All transactions are persisted to read-only journals, and the latest state of the domain model can be restored by simply replaying these events in sequence. All runtime operations are performed in-memory so throughput can reach an order of millions of transactions per second, and mean latency in the order of microseconds. But with all of this power Reveno is still a general purpose framework, as it covers a variety of use cases with rich sets of engine configurations. For example, you can vary the durability configuration, from very relaxed


Quote for the day:


"A single day is enough to make us a little larger or, another time, a little smaller." -- Paul Klee

Posted by at No comments:
Labels: , , , , , , , , ,

March 28, 2016

8 Reasons To Consider Insights-As-A-Service

Insights-as-a-Service providers are quick to mention their ability to improve business outcomes because that's the entire point of insights. For example,Capgemini provides Data-as-a-Service, Analytics-as-a-Service, and Insights-as-a-Service options. Data-as-a-Service provides raw data upon which analytical applications are built, Analytics-as-a-Service provides outputs of analyses, and Insights-as-a-Service is linked to tangible outcomes such as revenue increase or cost savings. "I consider them a progression in terms of sophistication and value, and fundamentally what the '-as-a-Service' unit of measure is," said Goutham Beliappa, a leader in the Business Information Management Data Integration and Reporting Practice for Capgemini North America, in an interview.


How Advanced Analytics Is Changing B2B Buyer Expectations

As information continues to fuel and be fueled by new online channels, we most often hear about the impact this has on the B2C sales world. But as anyone in the B2B space will tell you, this evolution is far reaching and certainly relevant. Similar to B2C buyers, B2B buyers feel empowered by their access to data. As a result of the rise of e-commerce in B2B and the general availability of data on the Internet, B2B pricing and product information is significantly easier to find and compare than before. This is enabling buyers to be armed with more information going into a price negotiation than was previously possible. This also means that buyers now expect companies to have relevant and convenient product and pricing information on their websites.


Data lake governance: A big data do or die

Data lakes or data hubs -- storage repositories and processing systems that can ingest data without compromising the data structure -- have become synonymous with modern data architecture and big data management. The upside to the data lake is that it doesn't require a rigid schema or manipulation of the data to ingest it, making it easy for businesses to collect data of all shapes and sizes. The harder part for CIOs and senior IT leaders is maintaining order once the data arrives. Without an upfront schema imposed on the data, data lake governance, including metadata management, play vital roles in keeping the data lake pristine, according to experts.


Trump's Incomprehensible 'Cyber' Policy: 'Make Cyber Great Again'

First off, we’re so obsolete in cyber. We’re the ones that sort of were very much involved with the creation, but we’re so obsolete, we just seem to be toyed with by so many different countries, already. And we don’t know who’s doing what. We don’t know who’s got the power, who’s got that capability, some people say it’s China, some people say it’s Russia. But certainly cyber has to be a, you know, certainly cyber has to be in our thought process, very strongly in our thought process. Inconceivable that, inconceivable the power of cyber. But as you say, you can take out, you can take out, you can make countries nonfunctioning with a strong use of cyber. I don’t think we’re there. I don’t think we’re as advanced as other countries are, and I think you probably would agree with that. I don’t think we’re advanced, I think we’re going backwards in so many different ways.


Aetna CISO talks about threat intelligence and enterprise risk management

Third party governance programs must evolve to offer more continuous methods for risk assessment and management vs. one and done annual on-site assessments. More and more services are offered through cloud providers that host sensitive information and determining online vulnerabilities on a 24 x 7 basis will become more of the norm for any enterprise interested in managing third-party risk. The other fundamental change in third-party risk is a migration from compliance driven assessments (compliance to a standard) to a risk-driven assessment where risks are identified and managed. Adherence to a standard or framework based on standard practices is better than nothing but not sufficient to manage risk effectively given the evolution of cloud computing.


Is digital experience management the new social business?

Probably the key question to ask at this point is do these two overarching digital frameworks play well side-by-side or do they need to be integrated for companies to get the fullest benefits of both? Digital/customer experience is a relatively new phenomenon in terms of realized products and services to support it, so until recently it's been hard to say. But with the maturity of both approaches, I'm now beginning to see digital engagement practitioners have to routinely deal with both frameworks. The result? They find in general that CEM platforms tend to underserve social business needs, while social business frameworks and products often neglect many key aspects of digital experience. This lack of integration leads to more work, lower impact, and a fragmented approach to digital, which is what we were trying to resolve in the first place.


9 Cost-Effective and Critical Security Tips for Startups

When big names fall victim to data breaches, its big news, making smaller companies believe they aren’t likely to be a target. However, according to Greg Sullivan, CEO of Global Velocity, smaller companies should be on the offensive. “The issue is that SMBs wrongly assume that their size or small influence does not merit attention from hackers or do not educate themselves about potential exploits in their infrastructure,” he says. “While SMBs are not as big as companies like Target and Home Depot, they are the majority of victims at the hands of cyber thieves seeking easy targets. The Verizon 2013 Data Breach Investigations Report found that 62 percent of breaches impacted smaller organizations, likely a conservative figure since not all small organizations are reporting breaches.”


IPSec Policies

IPSec encrypts data information contained in IP datagrams through encapsulation to provide data integrity, data confidentiality, data origin authentication, and replay protection. The two main IPSec components that are installed when you install IPSec are the IPSec Policy Agent and the IPSec driver. The IPSec Policy Agent is a service running on a Windows Server 2003 computer that accesses IPSec policy information. The IPSec Policy Agent accesses the IPSec policy information in the local Windows registry or in Active Directory. The IPSec Policy Agent then passes this information to the IPSec driver. The IPSec driver performs a number of operations to enable secure network communications such as initiating IKE communication, creating IPSec packets, encrypts data, and calculates hashes.


The Role of a Data Scientist in 2016

Whilst the role of a data scientist crosses over with more conventional data analysis positions, there are some stark differences. A data analyst or architect can extract information from large sets of data. Yet they are bound by the SQL queries and analytics packages used to slice these datasets. Through an advanced knowledge of machine learning and programming/engineering, data scientists can manipulate data at their own will uncovering deeper insight. They are not bound by these programmes. Whilst your typical data analyst looks to the past and what’s happened, a data scientist must go beyond this and look to the future. Through application of advanced statistics and complex data modelling they must uncover patterns and make future predictions.


Insight: The disruptive side of disruptive innovation

Nothing can stop innovation and as long as this technology brings value then it is here to stay. Traditional ojek may eventually have to become app-based or at least adapt to using their cellphones to get customers rather than wait passively at their posts for passengers. Long-time drivers of established meter taxi companies are not that easy to adapt, with their livelihoods having been tied to a regulated system for so long. The democratized application of Uber is actually unfair competition for them, so it is easy to understand their — and especially the companies’ owners’ — resistance to this innovation. In the end, it would be a new government regulation that decides the fate of Uber and that of public transportation as a whole.


Quote for the day:


"Man is a reasoning rather than a reasonable animal" -- Alexander Hamilton

Posted by at No comments:
Labels: , , , , , , , , ,

March 27, 2016

Australian Government Seeks End to Double Taxation of Bitcoin

The government wants to ease rules for investors and startups in the FinTech space, the latter of whom would be afforded flexibility within a "regulatory sandbox" approach. An advisory group dedicated to FinTech issues has also been formed, chaired by Westpac Bank director Craig Dunn. “Removing the ‘double taxation’ treatment for GST on digital currencies and applying adequate anti‑money laundering and counter‑terrorism financing rules may facilitate further developments or use in the future,” the government said. The country’s anti-money laundering regulator, the Australian Transaction Reports and Analysis Centre, voiced its support for blockchain technology in a statement included in the policy release, stating that it believes the tech could "significantly reduce the costs of compliance and regulation imposed on reporting entities".


Fintech Lessons From a Troubled Bridge Over New York’s Waters

Fintech is becoming too hyped in certain areas. Even though venture funding cooled in Q4, 2015, deal activity remains high, as do valuations, especially on the consumer side of fintech. Accelerators, incubators and now start-up factories have cropped-up to participate in the global fintech boom. Many of these initiatives are crucial, since they compensate for the lack of financial services innovation in the years leading up to the financial crisis. Unfortunately, half-baked business models, me-too companies and fintech “tourist” investors looking for a quick trade seem to be on the rise as well. Some large incumbents are riding the fintech wave without a plan. Just as politicians, commissioners and contractors jumped on the Manhattan Bridge project over a century ago, it now seems that every major incumbent is getting fintechier. Although some large banks, payments companies, insurers and asset managers are making solid progress, others seem to be grasping.


Uflex becomes first company in India to deploy Bluetooth Low Energy Beacon

The Low Energy Bluetooth beacon is a battery powered mini appliance transmitting and receiving two- way information. The BLE Beacon has a shelf life of 3 years on a single cell. The beacon transmits its presence and with its inbuilt sensors captures other parameters like temperature, pressure etc. Since it facilitates two way information gathering, the embedded LED can also light up when it gets a request. "The strength of the Beacon varies with distance and this helps us triangulate the coordinates and track the movement as well as the current location across the warehouse and production lines," he states. The BLE Beacon can add on sensors to get more data captured such as collision impact detection , automate batch creation in ERP using the object to feed data as it approaches the processing plant or exits a plant .


DevOps and IT Projects in the Real World

The sponsor spent a lot of money and will never see a return on the investment ever. The developers are upset because nobody is going to use their solution. The project manager is depressed because it didn’t really matter how well the project was managed. The user base is absolutely irritated, don’t know what to use the new solution for and after a week they stop trying. ... If you can leverage DevOps culture and practices you don’t buy into a success guarantee. Everyone still needs to do their work diligently and it’s not less work if you apply DevOps. However with these practices in mind, you shift the threshold of “what”, “how”, and “ok” significantly to establish a better collaboration baseline between the separated realms of development teams and operational staff.


The Dawn of the IoT Architect

There are two modes of operation for an IoT Architect. The first mode is to help the organization solve various business problems by building discrete IoT solutions. This requires a certain skill set including: collaborating with business leaders to determine their top business problems, architecting an IoT solution that will solve the problem, building a business case to justify the ROI, building an IoT solution prototype and selecting vendors, and finally, deploying the solution — at scale — across the enterprise. The second mode is much more broad. The IoT architect must take responsibility for setting and communicating the overall IoT vision, message, — and most importantly — architecture. Why? Well, it’s likely that organizations will have multiple IoT projects. Without an IoT architect — who can build, communicate and drive a cohesive, centralized IoT architecture


Big Data, IoT and Blockchain: Ready to Follow the Yellow Brick Road?

How disruptive technologies can be used to advance business and provide a competitive edge. Take Big Data and the Internet of Things (IoT). Both rank highly on the list of disruptive technologies. As with most technologies, there are areas of great synergy that ultimately provide a yellow brick road to real business value. ... Perhaps the most interesting thing about blockchain is that there's no central authority or single source of the database. Which means it exists on every system that's associated with it. Yes, every system has its own complete copy of the blockchain. As new blocks are added, they're also received by every system - for the ultimate distributed database. If you lose your copy, no problem. By rejoining the blockchain network you get a fresh new copy of the entire blockchain.


Japan looks to kickstart 'fintech' revolution

Japan's financial industry regulator hopes relaxed rules on investing in financial ventures, and a new system for regulating virtual currency exchanges will pass through parliament by May - a first step in kickstarting the fintech revolution in the world's third-biggest economy. "The law changes aren't a goal, but a first step," Norio Sato, a senior official at the Financial Services Authority (FSA), told Reuters. "Fintech will have a big impact on financial services." The changes, which will allow banks to buy stakes of up to 100 percent in non-finance-related firms, will free up Japan's three megabanks to enter into tie-ups with fintech ventures developing services including robotic investment advisory and blockchain, the decentralized ledger technology behind the bitcoin digital currency.


Viewpoints and Integrated Enterprise Architecture

Enterprise Architecture may depict the whole of the enterprise or a part of it at any given point in time. Architecture for enterprises consists of multifaceted data driven maps. From the different perspectives of the many parts involved in any enterprise, from planning, design and management to executive and stakeholder’s levels, there are always many concerns that need to be addressed, and hence the need for many different types of blueprints. The viewpoint is a blueprint of how the stakeholders view the whole system or enterprise. ... Enterprise Evolver (“Evolver”) supports multiple viewpoints templates to jumpstart the architecture creation. Provided below are descriptions of each viewpoint template supported in Enterprise Evolver . By describing and mapping these viewpoints in the Evolver, you will be able to create an integrated enterprise architecture to support any transformation initiative.


Barry University CIO: Managing The Mobile Security Load

Londono doesn't want to do anything unnecessary to stifle the creativity and innovation of the faculty. "On the faculty side, we mostly let them do what they want to. There's a recognition that any progress comes from a place where you're not so structured," he said. "If you leave people with a little bit of freedom, they tend to be very creative." On the other hand, students can be very heavy consumers of the campus bandwidth. "In terms of bandwidth, the shift isn't so much from faculty -- they're careful about moving instruction to streaming -- but the younger generation of kids moving to streaming content," Londono said. And the reality of the new classroom means that the university can't use basic tools to deal with the bandwidth issue.


Understanding Quality and Reliability

Generally, having fewer errors and a higher MTTD is associated with better overall quality. While having the highest quality possible may not always be a primary concern for stakeholders, the reliability of the project must meet some minimum standards before it can be shipped to the customer. For example, experience has shown that, at delivery, most projects are about 95 percent defect free after running for about a day without crashing. Another good rule of thumb is that the software typically will be of minimum acceptable reliability when testers are finding fewer than 20 errors per month. This applies to both large and small applications. In other words, the product will run about an eight-hour workday. Of course this rule of thumb is mostly applicable for commercial IT applications. Industrial and military embedded applications require a higher degree of reliability.


Quote for the day:


"We don’t have time for blame and shame. We need dignity, understanding and solutions." -- @smaxbrown

Posted by at No comments:
Labels: , , , , , , , , , , ,

March 26, 2016

App economy research shows how poorer countries are losing again

The transition to the era of the smartphone and mobile internet has allowed two companies — Apple and Google — to establish market dominance with their own proprietary ecosystems, including their respective app stores. As the new distribution model for software and digital content, the app stores have centralised the vast majority of mobile revenue streams within Apple’s and Google’s platforms.  This change from the open web to privately managed walled gardens is amplifying global power imbalances, resulting in lower rates of participation and value capture by producers from marginalised geographies and socio economic backgrounds. The result: polarised opportunity between high- and low-income countries, with lower-income countries only earning an estimated 1% of global app economy revenues.

The Working Programmer - How To Be MEAN: Robust Validation with MongooseJS

Mongoose uses some interesting terminology for what’s essentially a two-step process to defining a JavaScript object model on top of the MongoDB database API. First, we define a “schema,” which looks like a traditional class from a more traditional class-based language (C#, C++, Java or Visual Basic). This schema will have fields, define types for these fields and optionally include some validation rules around the fields for when assigning values to the fields. You can also add some methods, instance or static, which I’ll get to later. Then, once the schema object is defined, you “compile” it into a Model, which is what will be used to construct instances of these objects.

Here's how the FBI plans to crack terrorist's iPhone

"They're not going to talk to the jailbreak crowd," Zdziarski said, referring to hackers who look for iOS vulnerabilities that can be exploited to let users add unsanctioned apps to an iPhone. He said that he and other reputable researchers had been turned away by the FBI when they volunteered to help. If they met a blank wall, jailbreak artists would have gotten nowhere, he reasoned. Other avenues, such as "de-capping," a term used to describe a tear-down of the iPhone's processor using acid and lasers, were also out, Zdziarski said, because they risked destroying the very thing the FBI claimed it needed, the data on Farook's phone.

The promise of big data: bringing technology and the economy together

The payoff comes from insights gleaned from collecting large amounts of various kinds of data and analysing them to uncover hidden patterns, correlations and other insights. Machine learning software can drill down into the data to discover and analyse factors determining the profit and loss for a product, supplier, and their customers. We can also see into the future, making better predictions and decisions. The result is that “quantitative change becomes qualitative”, as described by Steve Lohr in his best selling book Data-Is m”. Big data brings technology and the economy together. The benefits of a data-driven economy are obvious enough that we should all embrace the concept. For both technology companies and business firms, the market is just around the corner.

Roboadvisors stand at the vanguard of human-machine collaboration

Vanguard's financial simulation software, essentially a predictive analytics tool that runs 10,000 simulations in under than a second, forecasts future returns and generates a set of outcomes over many time horizons. The client monitors the performance of their assets as well as progress toward their goals; the human advisor reviews and rebalances their portfolio to keep them aligned with those goals. While some software robots learn by inference, their improvisational capabilities remain limited. That's where the humans come in. Marcante says the advisor also helps clients avoid making trading errors during emotional times and volatile markets, often "talking them off the ledge when the markets are down and they're supposed to be holding long-term."

Tracking the Data Science Talent Gap

How big is the data science skills gap? There are several ways to attack that problem, and a number of smart people at renowned organizations have attempted to put numbers to the problem. Back in 2012, the research firm Gartner said there would be a shortage of 100,000 data scientists in the United States by 2020. A year earlier, McKinsey put the national gap in data scents and others with deep analytical expertise at 140,000 to 190,000 people by 2017, resulting in demand that’s 60 percent greater than supply. In 2014, the consulting firm Accenture found that more than 90 percent of its clients planned to hire people with data science expertise, but more than 40 percent cited a lack of talent as the number one problem.

How developers can take advantage of machine learning on Google Cloud Platform

TensorFlow is on the academic or research side of machine learning at Google. Machine learning APIs are on the opposite side of that spectrum and require much less understanding of machine learning to implement within an application. Cloud Machine Learning, announced Wednesday, is in the middle and can extend to either side. Ferraioli said developers can use Cloud Machine learning "When you have a customized problem that you want to solve." Cloud Machine Learning is a fully managed service, and developers can train it using a custom TensorFlow graph. It offers batch and online prediction at scale and an integrated Datalab experience, but regression and classification are its two primary tasks.

Experts say Internet of Things is edging into maturity

A smart home will have between 100 and 200 connected devices. How are you going to power them all? You can’t give each a battery. You’ll need energy harvesting for this. The markets are evolving so chipsets can use energy harvesting, but that’s not available to Bluetooth yet. ... Top-down creation of a smart city may be a bit too ambitious. But building a smart home, and extending the conversations of the intelligence washing machine and solar panels with the utilities, so they interact with the grid and the sewage systems with maximum efficiency, could be a way of building a smart city by increments, from the bottom up. ... The APIs that the manufacturers will have to offer in order to create interoperability will open the gate to all that information. 

The anatomy of an Android security flaw

One is that if fast and reliable ongoing updates are important to you -- and, let's be honest, they probably should be -- you should pick a phone that's known to provide that feature. Google's Nexus devices are the safest bet, as they receive software directly from Google without any third-party interference or delays. Whether we're talking about security or broader system-level improvements, that's an extremely valuable assurance to have. Second, as we've been discussing, remember that updates on Android really aren't the same as updates on other platforms. Google knows about the challenges created by its open source setup, and that's why it's taken steps to create all the other methods of reaching users directly -- both via the security-oriented paths we've been discussing and via the company's ongoing deconstruction of Android.

The Four Concerns That Must Be Addressed Before the IoT Can Really Take Off

It won’t just be fridges; we’ll see home energy systems, security devices, entertainment products, games, interactive wearables -- the list goes on and on. The question is, is it really going to happen? And shouldn’t we be seeing greater market penetration than we already do? While the IoT is a hot topic right now, we don’t have the sort of everyday uptake internet experts have predicted. In the grand scheme of things, there really aren’t very many connected watches, thermostats, or accessories. ... This article will look at the things the IoT needs to be on the forefront of the consumer experience, including the value to the consumer, the necessity of a centralized IoT platform, a set of international communication protocols, user education and greater security.

Quote for the day:

 "Bad companies are destroyed by crisis, good companies survive them, great companies are improved by them." -- A Grove
Posted by at No comments:
Labels: , , , , , , , , ,
Subscribe to: Posts (Atom)