Daily Tech Digest by Kannan Subbiah

May 14, 2016

Q&A with Shawn Callahan on Putting Stories to Work

The first thing you need to do to develop your storytelling skills is to find some stories, preferably about things that have happened to you. Then you must work out the lesson or insight that is contained in a story, share the story, and see what happens. Here are two tips that will help enormously. First, never use the word ‘story’ when you share your story. Don’t start by saying, ‘Hey guys, I want to share a story with you …’ Instead, start with the insight that is contained in the story. For example, your story might be about persistence, about just how important it is to stick with something. So you might start by saying, ‘You know what, a lot of success comes from persistence. A few years ago …’ And away you go. People will listen intently because they want to know the insight that’s based on your experience.

The UK builds a 'fintech bridge' to Singapore

The co-operation agreement enables the UK regulator to refer fintech firms to its counterpart, and vice versa, making it easier for fintechs to scale between countries. Both countries want to be global fintech hubs amidst growing competition from the US and China. A booming fintech industry is desirable for two reasons: it helps the national economy, and it promotes competition and growth in the financial services industry. But while both Singapore and the UK boast advantages for fintechs, they are relatively small markets — the UK has under 70 million people, while Singapore has around 6 million. The partnership will create opportunities for fintechs to scale beyond the countries' borders, making it easier for startups that choose to launch in these countries to attract investment.

Culture and Technology Can Drive the Future of Openstack

“OpenStack in the future is whatever we expand it to,” said Red Hat Chief Technologist, Chris Wright during his keynote at the OpenStack Summit in Austin. After watching several keynotes, including those from Gartner and AT&T, I attended other sessions during the course of the day culminating in a session by Lauren E Nelson, Senior Analyst at Forrester Research. Wright’s statement made me wonder about what lies in store for OpenStack and where the OpenStack Community—the “we” that Wright referred to—would take it in the future. Several sessions in the Analyst track called out the factors that explain the increased adoption of OpenStack as well as the technological challenges encountered.

15 Google Doc Features You Didn't Know Existed

While the capability to edit and make changes in a document is great, there are times when you only want to suggest changes -- without actually making any. That's where "Suggesting" mode in Google Docs comes in handy. It works a lot like Comments in Microsoft Word. First, switch from "Editing" mode to "Suggesting" mode by clicking the pencil icon at the top right of an open document, and then choosing "Suggesting." ... Want to comment on a document and get a specific person's attention? You can do that by tagging them in your comment. All you have to do is add an @ or a + sign, and then begin typing their name or email address. Google Docs will give you a couple options based on your Gmail contacts, and once you've submitted the comment, it'll notify that person you mentioned by sending them an email.

Blockchain technology will revolutionize the world, enthusiasts say

Blockchain could disrupt transactions the way the internet did for communication. Any information that can be encrypted and stored in digital form can be transmitted — everything from real estate deals to medical records to transferring concert tickets. Blockchain is a “distributed ledger” invented by the mysterious person or group known as Santoshi Nakamoto that is accessible by everyone, but controlled by no one. It’s searchable and public making it more traceable than cash but encrypted and anonymous to maintain privacy. Picture it as a communal record-keeping system — the kind small communities kept in the 16th century to keep track of births, marriages, property transfers, anything of importance—but on a massive global scale. Blockchain is seen as the next great disintermediation.

10 Ways Virtual Reality is Disrupting Industries

Most of all virtual reality are helping teachers bridge the gap between what’s taught in the classrooms and what’s out there in the real world. Putting it into practice recently, British Museum partnered with Samsung and hosted a Virtual Reality Weekend. Families got a chance to view the museum antics using Samsung Gear VR. In fact, children above 13 were given a VR tour of the Bronze Age where they could experience a 3D depiction of life as it was back then. While this is just the beginning, Google seems to be planning for a Magic School Bus experience with its Expeditions Pioneer Program. Expeditions is a virtual reality platform which allows teachers to take kids on virtual field trips to places where buses can’t go. The program currently has more than 100 VR panoramas including those of Coral Reefs and US Financial Centers.

Going Through the Scrum Motions as Opposed to Being an Agile Jedi

Doing Scrum and not being Agile is more challenging to discern. It occurs in organizations adopting Scrum as their preferred Agile approach. The astute observer will notice team behavioral patterns that suggest mechanical adoption rather than assimilation. The psychological pattern is that of introjection – similar to chewing on a mouthful of dry biscuits not being able to swallow. Similar to other managerial process, it is easy to adopt the Scrum ceremonies rather than their intent. We have seen it occur previously with Six Sigma, Total Quality Control, and other managerial processes. Achieving the intent requires a cultural change; cultural change requires organizational change; organizational change requires buy in from key stakeholders which in turn requires people championing the new process across the organization.

Road to Efficiency, Part 1

The responsibility for resiliency and access may move to the cloud solution provider, but if data is deleted (inadvertently or intentionally) or corrupted on a logical level (and we know applications never corrupt data, don’t we?), it doesn’t matter on which infrastructure it runs. Furthermore, most businesses typically require more than just the most recent point in time copy of data. Finally, remember that these requirements apply equally to IaaS, PaaS, and SaaS solutions. ... In the end, we need to enhance the value of the data itself. One way is by providing insight into all data, regardless of whether it resides on-premises or in the cloud, on primary storage or as part of data protection solution. Once we can gather and identify all data, the key is unlocking its value. Global search, hold and discovery are just some of the initial use-cases.

Security in a hybrid world: You can’t protect what you can’t see

There are two parts to enforcing the new normal; bringing your entire estate into compliance, and enforcing the use of this new baseline. Once you have determine a need for change: patching, configuration files, applications, you name it, you need to act quickly and across your entire environment. Automation is faster, less error prone, and helps you reliably perform required actions across your entire estate. No matter how good you and your team are, and no matter how good your tools are, someone will always try to run older unpatched code. And someone will, if you don’t have the automated policies in place to confirm and approve code execution based on software versions, configuration file settings, registry settings, etc. One easy way to limit your exposure is to scan snapshots and live VMs for policy compliance.

Snowden interview: Why the media isn’t doing its job

A lot of people laud me as the sole actor, like I’m this amazing figure who did this. I personally see myself as having a quite minor role. I was the mechanism of revelation for a very narrow topic of governments. It’s not really about surveillance, it’s about what the public understands—how much control the public has over the programs and policies of its governments. If we don’t know what our government really does, if we don’t know the powers that authorities are claiming for themselves, or arrogating to themselves, in secret, we can’t really be said to be holding the leash of government at all. One of the things that’s really missed is the fact that as valuable and important as the reporting that came out of the primary archive of material has been, there’s an extraordinarily large, and also very valuable amount of disclosure that was actually forced from the government, because they were so back-footed by the aggressive nature of the reporting.

Quote for the day:

"If everyone has to think outside the box, maybe it is the box that needs fixing." -- Malcolm Gladwell

May 13, 2016

The Blockchain is the new Google

The blockchain cannot be described just as a revolution. It is a tsunami-like phenomenon, slowly advancing and gradually enveloping everything along its way by the force of its progression. Plainly, it is the second significant overlay on top of the Internet, just as the Web was that first layer back in 1990. That new layer is mostly about trust, so we could call it the trust layer. Blockchains are enormous catalysts for change that affect governance, ways of life, traditional corporate models, society and global institutions. Blockchain infiltration will be met with resistance, because it is an extreme change. Blockchains defy old ideas that have been locked in our minds for decades, if not centuries. Blockchains will challenge governance and centrally controlled ways of enforcing transactions.

AWS Discovery Service Aims To Ease Legacy Migration Pain

AWS executives have come to view the mixed legacy environment as one of the barriers to cloud adoption. Even when the IT staff wants to move to the cloud, it is expensive and time-consuming to unravel the legacy application code in order to figure out how many pieces are involved and which data sources are necessary to migrate. AWS Application Discovery Service can not only map application dependencies, it can also draw up a performance profile that indicates what resources they will need. With AWS Application Discovery Service, a customer has to install a lightweight agent on an application host, where it maps the running apps and the identity of the operating system on which they depend. The service currently will work with Ubuntu 14, Red Hat 6-7, CentOS 6-7, and Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2.

Don’t make poets become programmers

The future workforce is going to require more than the ability to code -- we also need people who are able to craft the next round of transformational products and services. For example, Uber’s success stems from effective use of technologies aimed at a product that is the poster child for disruption. It connected underutilized resources (drivers and cars) with users who were impatient with a locked down and highly regulated market. The Uber stack is essential, but the innovation that drives it is less the code base and more the product. When we hear people suggesting things like, “Uber for dry cleaners,” we understand that they’re suggesting a direct and flexible relationship between customer and server; they are not talking about code.

Petya ransomware is now double the trouble

In previous versions, if Petya failed to obtain administrator privileges, it stopped the infection routine. However, in such a case, the latest variant installs another ransomware program, dubbed Mischa, that begins to encrypt users' files directly, an operation that doesn't require special privileges. "There is nothing a ransomware developer hates more than leaving money on the table and this is exactly what was happening with Petya," said Lawrence Abrams, the founder of the tech support forum BleepingComputer.com, in a blog post. "Unlike Petya, the Mischa Ransomware is your standard garden variety ransomware that encrypts your files and then demands a ransom payment to get the decryption key."

Milagro: A distributed cryptosystem for the cloud

“Apache Milagro (incubating) is an opportunity to fix what ails the internet and leverage the power of the open source community to fundamentally evolve the security underpinnings of the web for how it’s used today,” says Brian Spector, CEO of cryptography and cybersecurity firm MIRACL. “The code and distributed trust model we are committing to Apache Milagro (incubating) is built for blockchain applications, cloud computing services, mobile and containerized developer applications by eliminating the need for any central trust authority.” Milagro’s M-Pin protocol, and its existing open-source MIRACL implementation on which Milagro is built, is already in use by Experian, NTT, Ingram Micro, and Gov.UK and rolled out to perform at Internet scale for zero password multi-factor authentication and certificate-less HTTPS / secure channel.

IT transformation is difficult, if not impossible, without cloud

In order for CIOs to build trust for transformation, they need to get the basics under foot. This statement is non-negotiable. Fundamental functions like email, phone systems, file sharing need to work without incident. These solutions are becoming more complex, but not business differentiating for any given organization. Yet many IT organizations continue to insist on running these functions internally. Sadly, many of the reasons given for this approach no longer hold true. At the same time, mature cloud-based alternatives exist that provide greater stability, function and agility. Not only does running commodity functions create a distraction for the organization from business-differentiating functions, it also creates an incredible amount of risk to basic business functionality. Unfortunately, failures to get the basics right will continue to plague the CIO and rest of the IT organization by extension.

Next-generation endpoint security market bifurcation

It seems to me that the next-generation endpoint security market represents a disconnect between supply and demand. For example, ESG found that about 75 percent to 80 percent of enterprises were purchasing new tools for advanced threat prevention, while the remaining 20 percent to 25 percent of the market opted for advanced endpoint detection and response tools (EDR). This raises an obvious question: Is this purchasing behavior a function of an immature market that will consolidate over time? If so, it would be safe to assume that future innovation will lead to next-generation endpoint security product suites that span across advanced prevention, endpoint security controls, and advanced detection and response. This aggregation is already happening, as several established vendors and startups alike offer one-stop-shop endpoint security products.

Clarifying the uses of artificial intelligence in the enterprise

From a business perspective, companies wouldn’t simply “buy” an AI solution. Rather, they would likely leverage one or more of the subfields of AI and buy software packages like R, Python, SAS, and MATLAB for statistical analysis. But new technology is pushing beyond traditional statistics, and machines are acting more intelligently than ever — they’re not just doing the analysis, machines are now finding patterns in data and figuring out how systems “work”… often without any human intervention. Let me stop here for a quick, yet important, PSA — neither artificial intelligence nor machines will replace all of our jobs. This is perhaps the biggest misconception about AI. Everything under the AI umbrella — including machine intelligence and machine learning — is data-driven, but requires human expertise to apply answers and discoveries to solve problems.

Origami Robot May Operate From Inside The Body

Once in the stomach, the robot doesn't have to work its way out of the capsule it was swallowed in. The capsule itself is designed to dissolve, automatically freeing the robot. The robot, rectangular in shape, is designed with accordion-like folds with a magnet on one of the folds that responds to magnetic fields outside the body. Using that magnet, doctors could manipulate the motion of the robot, moving it to where it needs to go. So what is this robot made of? It's built of the same dried pig intestine that is used in sausage casings, according to MIT. "We spent a lot of time at Asian markets and the Chinatown market looking for materials," said Shuguang Li, a postdoc student at MIT working on the project, in a statement.

Why the growth of SaaS means end users lose control

There is a lot to be said for design. Good design goes unnoticed, bad design is criticized, and great design receives awards—most often from other designers. Compromise is inevitable, it is not possible to be everything to everyone. In the past, this used to be mitigated by usability testing and focus groups, before the final product was completed and published. This was in a time when people bought software in a physical store. Those days are over—and so too, apparently, are the days of design being "complete." Seemingly everything exists in a state of permanent beta, leaving end users subject to the whims of experimenting developers.

Quote for the day:

"To be successful, you have to have your heart in your business, and your business in your heart." --Thomas Watson

May 12, 2016

Popular messaging apps present real enterprise threat

Messaging apps including Line and WhatsApp are commonly used in enterprise, but that doesn't mean all consumer apps are well-suited for business use, according to Raul Castanon-Martinez, a senior analyst at 451 Research. "Consumer apps will have an advantage given that users might already be familiar with the [user interface] but otherwise will be in the same position as other enterprise messaging apps," he says. "I don't believe consumer apps transitioning into the enterprise have a significant advantage over enterprise apps like Slack or HipChat." Corporate workers can use a tool such as Slack to interact with colleagues and business applications just as easily as they can transition from using Facebook Messenger for talking to friends to using it for work, Castanon says.

Ways to craft a better enterprise IT security roadmap

The first step is to identify and classify your resources. Most people have done half of that, not all of that. In other words, they may do a pretty good job classifying and identifying physical resources, things like laptops and [hardware] servers, but they tend not to have a good system for classifying resources, for example, virtualized resources like workloads, and also things like licenses and intangible assets. One of the things you really want to do is [ask], "What is it that we need to protect?" That can be anything from intellectual property (i.e., blueprints of the next-generation airplane that you're designing) to licensing information, to information about your customers that's above and beyond PCI information. Information itself becomes an asset that you want to protect.

Why a Marriage Between the Cloud and Internet of Things Is Inevitable

In moving to agile, cloud-based infrastructure, companies must master a few basic steps – data capture, integration and analytics, and a modern day dev-ops approach. This last step is critical because it helps to make sure that resources and tools are available to engineers in an agile way so they may rapidly deploy small- and large-scale applications to the market. They are likely to take advantage of new, open-source platforms such as Hadoop, incorporate concepts such as data lakes, and engineer architectures that are oriented to micro-services. This will effectively enable software engineers and data scientists to quickly standup applications that can quickly be adapted to feedback in an agile way via rapid iterations.

Busting the 7 myths of cyber security

For most organisations, the basic implementation of the five controls identified by CESG as Cyber Essentials basics would prevent the vast majority of all straightforward attacks. They will not deal with the very sophisticated or prolonged, targeted attacks but most organisations (particularly smaller ones) are not facing these types of threats. These five controls implemented effectively, then regularly monitored and updated, are the ones everyone should be doing, and Cyber Essentials should be a basic starting point for all security. Businesses have to accept that simply trying to keep the bad guys out is no longer good enough – although still very important. They need to work towards a much more proactive defence whereby unauthorised activity within a network is quickly identified and appropriate actions taken to deal with it.

Will blockchain drive the fourth Industrial Revolution?

Tomorrow’s machines will produce the informational equivalent of several Libraries of Congress every day. Imagine reading every book in the Library of Congress, only to be told you must summarize what you learned in 10 pages and instantly communicate your findings to thousands of others. The task isn’t just monumental — it’s ludicrous. I remember at Yahoo!, we couldn’t physically rack machines fast enough to keep up with the data coming off our website, and that was back in 2004, pulling data from hundreds of millions of users, let alone hundreds of billions of machines. The true wonder of the fourth industrial revolution won’t be the data produced; it will be intelligent machines’ capacity to analyze those data and communicate their findings within a network of similarly intelligent machines. Then, each connected machine will act, altering its processes to be more efficient and communicating those changes back to its network.

Yahoo Mail and Google App Engine banned over malware concerns

The ban on Yahoo Mail access suggests that some House of Representatives workers accessed Yahoo mailboxes from their work computers. This raises the questions: are House workers using Yahoo Mail for official business, and, if they're not, are they allowed to check their private email accounts on work devices? If they use the same devices for both personal and work activities, one would hope that there are access controls in place to separate the work and personal data. Otherwise, if they are allowed to take those devices outside of the House's network, they could just as easily become infected there, where the ban is not in effect. "The recent attacks have focused on using .js files attached as zip files to e-mail that appear to come from known senders," the House's Technology Service Desk said. "The primary focus appears to be through Yahoo Mail at this time."

Korea Exchange Talks Top-Down Approach to Blockchain Innovation

"KRX is aiming at providing services in the private market positioning in between K-OTC and K-OTCBB," Lee said, referring to South Korea’s platform for unlisted stocks and the computer system that provides price quotes for these assets. Lee explained that the Korea Financial Investment Association, a regional self-regulatory organization, now operates both K-OTC and its bulletin board service (K-OTCBB), but that bids and offers are executed on the systems differently. "In K-OTC Market, orders are executed automatically by trading systems, but K-OTCBB only provides bulletin board service, where bids and offers are manually executed," he explained. KRX has indicated it believes this will ease the ability of market participants to find partners while cutting costs. The decision comes after the exchange similarly moved into clearing OTC derivatives trades in 2014.

6 Ways Data is Taking Over Retail

Retailers now swim in more data than they know what to do with. And they’re working overtime to digest that data — collected from e-commerce transactions and via merchandising, CRM and POS systems — to glean useful insights. Many are turning to predictive analytics in an effort to use cutting-edge data science to forecast trends and personalize messaging. Data even plays a role in brick-and-mortar stores, where new metrics allow retailers to study in-store behavior at a level of detail never before possible, says Andy Wong, a partner at digital retail consultancy Kurt Salmon Digital. “As we build up more behavioral data on both customers and associates in-store, we’ll continue to find new ways to dynamically optimize the in-store experience and new levers for engagement and conversion,” he says.

Traditional security is dead -- why cognitive-based security will matter

Maximizing enterprise data security requires a series of actions, increasingly difficult but increasingly necessary. Detection is the process that has been around the longest and which most organizations concentrate on by deploying anti-virus and similar on-client apps. But it’s really just a first step and should not be an end by itself. Investigating the internal workings of the threat is next, leading to an understanding of the workings of the threat necessary to cope with the danger. This offers an improvement in overall security, but it’s not enough to stop here. It’s important that we continuously learn about the intricacies of the threat and any changes it may undergo in the real world, as well as the goals of its implementer. This is not easy but security companies are concentrating on this task.

IBM Watson Brings AI Wonders to Cybersecurity

Watson is also designed to ingest research papers, blog posts, news stories, media reports, alerts, textbooks, social media posts, and more to build up knowledge about all the latest cyber threats. Students at the partnering schools will help input and annotate this so-called unstructured data (meaning data that’s not easily machine readable) to train the system. IBM believes there is a business opportunity in helping computer security pros make sense of the universe of literature and data surrounding cybersecurity. The company is banking on Watson being able to reduce the rate of false positives that turn up in corporate security operations centers, and being able to help address a shortage of talent in the industry.

Quote for the day:

"To be able to lead others, a man must be willing to go forward alone." — -- Harry Truman

May 11, 2016

Can the 'internet of moving things' end traffic jams?

"Transport providers from Singapore to Sao Paulo can now analyse journeys trip by trip and understand why a bus was late, spot where there is unused capacity or see opportunities for new routes." Mr Shivakumar, a former Google engineer, says his firm has been able to help delivery companies in San Francisco optimise their routes in real time, testing different scenarios based on current traffic flows and weather conditions. This type of analysis has led some companies to experiment with mobile delivery hubs, rather than having all goods stored in one warehouse and making all the journeys from there. Taxi firms now know where the most demand is at each point during the day, even the areas where customers tip the most. "Experience might tell you one thing, but the data might tell you something else," says Mr Shivakumar.

The questions to ask before implementing any big data strategy

Whether you run a small business with just a few employees, or are in charge of a multinational corporation, you can benefit from an effective big data strategy. Thanks to analytics, data mining, and the constant stream of data flowing through everyday devices and products, there is more market data available today than at any other time in history. ... Why? Even the most powerful computers aren’t going to sift aimlessly through multiple trillion gigabytes of information in an appropriate timeframe for gathering information on your market and your target audience. You need a focused, data-driven strategy that will not just aim to collect information but to use that information in the most effective ways possible to help your business overcome obstacles and improve your bottom line.

What blockchain isn't?

The beauty of ‘pure’ blockchain is in circumventing trust barriers between the parties involved. There is no membership validation onto the network, no gatekeepers or overseers - true democratisation! However, if trust is of the essence in a given network and it is imperative that contributors know each other (e.g. market infrastructure for interbank payments), then it becomes a distributed database. ... Blockchain is not easy to define as opinions on its core components vary dramatically. It will take a number of years, perhaps, decades, before blockchain establishes itself on a large scale in finance, with masses of technological obstacles along the way. Never-the-less, the momentum is growing for blockchain; use-cases are being identified and proof-of-concepts are becoming more solid. The good news is that these developments don’t just focus on blockchain for its own sake, but can be used as real solutions to real financial problems.

Inside-Out versus Outside-In

Outside-In technologies enable the people in the front office to find and share the resource they need to improve their performance within these new business models. “The Future of Work” is a term used to describe the manner in which these new technologies are deployed in new optimal ways. Much of the confusion about the increasing use of social tools, Bring Your Own Device (BYOD) programs, and trend to bypass the IT department to use external cloud solutions, arises from the disconnect between the Outside-In work practices of the front office and the Inside-Out practices of IT’s traditional back office deployments. Understanding this and refocusing on the new working practices of the front office is a necessary break through in reacting to the inevitable changes already under way in most enterprises.

How Bimodal IT Can Kill Your Company

"It's not just all of the agile-based technology methods that companies have to deal with, but you see the leaders building a more modern end-to-end process and toolkit," he said. "They're using design thinking and minimum requirements to see what truly adds value to the customer. Without that you're just using agile to do the wrong thing more quickly." Companies clinging to bimodal IT are holding on to a practice that can't be successful in the long run, according to McCarthy. The only question for CIOs is whether they will make the move away from bimodal on their own terms, or under duress. "The economics, the deliverables -- all these things are tectonic plates in IT that are shifting," said McCarthy. "Will the CIOs make the change, or will a new shift in senior management force the change?"

State of Blockchain Q1 2016: Blockchain Funding Overtakes Bitcoin

While the conventional wisdom among Silicon Valley venture capitalists and others is that businesses that can successfully become platforms represent the ideal investment, the purpose of distinguishing between blockchain platforms and software providers is not to cast judgment on the merits of the various blockchain business models. Indeed, it is likely that significant success can be achieved in any of the four platform/software quadrants. Instead, the distinction drawn in Slide 10 allows us to observe where blockchain initiatives are concentrating. The two most crowded areas of the blockchain matrix appear to be the public platform and private software quadrants. For example, there are literally hundreds of public blockchains, represented by altcoins.

Q&A on Express.js with Evan Hahn

Unless you're writing a single purpose web app, you're going to need to route requests to different handlers. Evan goes over how to set up routing and sub-applications in a way that makes it more obvious how the pieces fit together. For those building web sites, Evan shows how to the view middleware works with two popular options, Pug and EJS. In the final section, entitled "Express in Context", Evan walks us through hooking up Express to other back-end systems to build a more complete (and more useful) service. He uses the Passport middleware to provide user authentication and MongoDb to build out a database back-end. He shows how to use the Mocha testing framework in concert with the Chai assertion library to craft a suite of automated test. He even provides a brief introduction to LESS, how to use Browserify and Grunt, and how to deploy to end result to Heroku.

Docker launches Security Scanning to test containers for known vulnerabilities

The secure platform includes specifications such as using all Linux isolation capabilities, and making it secure from default. Secure access deals with the "who" of containers, regarding security best practices around authentication, authorization, access control, and auditing. This is where the Docker 1.8 update came into play in late 2015, introducing features such as Docker Content Trust which allows a user to verify the publisher of a specific container image. And, it is the tier that this latest announcement falls into as well. To determine potential vulnerabilities, Docker Security Scanning provides a deep analysis of the containers in question. "It actually does a binary by binary analysis of a container just to look at everything that it can find inside of each of the layers of the container," McCauley said.

Three reasons you should care about technology asset management

This is not a new issue. The problem began with the deployment of the PC in the business world. In those days, we were installing them as quickly as possible, without any provision for tracking or centralized management. The growing complexity of office networks, and the related deployment of large numbers of network devices to locked closets, has made matters worse. We got away with poor asset management until the organized hacking world discovered that it could use this inability to its advantage. Thus, even small businesses today have numerous vulnerable computing devices and software packages, and most have no means of tracking either the hardware or software, or assessing the related risks. We pay the price via network penetrations and data breaches.

Make Your Bed Feel Just Right With Smartphone Powered Climate Control

With traditional sheets, most of the air being pumped under the covers hits your feet instead, flowing upward only when lying on your side. For most users, this is fine. After all, you’ll be comfortable from head to toe as long as the feet are kept warm and dry. The unit is fairly loud when running, which will certainly be an issue for light sleepers. In Turbo Heat mode (used to quickly warm the bed before sleep), the fan on a single unit increases the noise floor by 10 decibels, or less than half that amount in typical use. The manufacturer stresses BedJet should not be used as a substitute for air conditioning during summer months, since cooling requires a room temperature below 79 degrees. ... While the included wireless remote control is functional, the new Bluetooth-connected BedJet smartphone app (available for iOS and Android) offers a better experience.

Quote for the day:

"You cannot change your destination overnight, but you can change your direction overnight." -- Jim Rohn

May 10, 2016

Actimo uses mobile APIs to bring the world together

"Our challenge is to make sure that the requests of customers [are combined] into one feature that all of our customers can use," said Gunge, adding that one of the advantages of providing software as a service is that they are able to create "an intelligent pooling of needs." Gunge also said that they are continuing to develop partnerships with WhatsApp and other mobile communication apps to broaden their customer reach. "Software is becoming a competitive advantage, and in order to operate together, you have to have APIs," said Gunge. "We are the mobile communication service that enables people to reach their mobile workforce, and that's our small part of the puzzle."

The Impact of the Blockchain Goes Beyond Financial Services

Blockchain technology can also take networked business models to a new level by supporting a whole host of breakthrough applications: native payment systems that run without banks, credit card companies, and other intermediaries will cut cost and time from transactions. Reputation systems built on social and economic capital and controlled by individuals, rather than by intermediaries like rating agencies and credit rating services, will change the dynamic between consumers and companies. Trustless transactions, where two or more people need not know nor trust each other to do business, will be feasible. There are staggering implications beyond financial services. While we’re only starting to see the possibilities of the blockchain, we expect these areas to be the first to experience a profound impact

Are Tech Giants Making Money on the Cloud?

Most major tech companies showed impressive growth in the segments that include the cloud business. Oracle and SAP, for example, posted the fastest growth as they fought to update their business models, though they are relative newcomers to the cloud trade, which still accounts for a small part of their business. The problem with these numbers, though, is that they're impossible to compare in a meaningful way. It's pretty clear that Netflix's revenue comes from video-streaming subscriptions and Salesforce.com's from fees for the use of its cloud-based customer-relationship management software. In their earnings statements, Oracle and SAP also show pretty clearly where their cloud-based business ends and old-style sales begin. Other companies, however, aren't as transparent. Amazon breaks out revenue for Amazon Web Services, the business offering cloud capacity to companies.

How Mobile Device Management Is a CIO’s Best Friend

It’s easy for employees to hear “mobile device management” and jump to the conclusion that their privacy is being forfeited. And many company heads feared that’s exactly what they were doing—hence halting MDM for fear of lawsuits or other such actions. There’s a lot of uncertainty as to exactly what companies can and can’t do when it comes to mobile device management. But what is known is that companies have fiduciary and legal responsibilities to protect their customers, employees, and data. This duty gives them a right to manage and monitor the devices on which content is moved, ensuring the security of everyone involved. If we take this right away, big security problems can occur for enterprises small and large. So how do we manage mobile devices without making our employees feel like we are Big Brothering them?

When Things Become People

Things as autonomous purchasers represent a new customer opportunity. For example, a connected vending machine already accepts payments for purchases, but could one day soon have the ability to make its own payments for restocking or repair. This would require banks to determine appropriate payment, line of credit and cash management services for the vending machine. Banks would also need to market these services to the vending machine, validate its identity, and execute a smart contract. Finally, they would need to onboard and manage the vending machine as a small business customer. Things as autonomous purchasers could improve productivity, increase operational efficiency and enhance security of physical assets and people. However, as things are treated more like people, with the ability to self-sustain, new issues of trust, ethics and legal status will impact customer service, digital commerce, marketing and sales processes.

Site reliability engineering kicks rote tasks out of IT ops

IT operators tend to do many repetitive daily tasks and the work can be fairly reactive. Site reliability engineering is about how to automate away those more mundane parts of ops jobs, which included monitoring the network and the operations work on systems and security. "We try our best to simply not do operations," Underwood said. "When we end up doing operations, we regard that as a set of necessary steps to get to a point where we don't have to do that operational work anymore." That's the goal of Underwood, Petoff and the more than 70 contributors involved with creating the book. And it isn't just for the Web giants. "We think that this kind of approach applies to a whole bunch of software that's in production and a whole bunch [of] similar circumstances for lots of other organizations," Underwood said.

The $1500 DELL XPS 15 VS. The $1500 MacBook Pro 13

The CPU side is interesting: The Dell XPS 15 is still faster by a good clip, but we’re seeing far less scaling going from the XPS 15 to the MacBook Pro 13. So for folks using Blender, pursuing more cores may not yield the performance you expect. Going to the GPU, though, you can see a huge performance benefit, as the GeForce GTX 960m in the Dell eats the lunches of both the Intel quad-core and and dual-core chips. When I tried to run it on the Macbook Pro 13’s Iris Pro 6100 graphics, it bombed out. Perhaps tinkering with it could have helped, but looking over the Blender results at Blenchmark.com, I’m not seeing any submitted results from an Intel IGP. That tells me this one test may be beyond the capability of Intel’s graphics.

As The Internet of Things Grows, Don't Underestimate Its Scale

Matt Larson of Network World recently remarked that there were six key problems, which can be summarized as communication and security issues. While we may worry that a hacker could take control of a SmartThings hub and turn up a thermostat, at a larger scale the HVAC system of a data center could be used to destroy entire companies. On that same level, Noteboom remarks that the IoT industry also has a big data problem that could have the same issue. He equates machines to users on Twitter, except that while the average active Twitter user sends two 200 byte messages a day, a fully-realized world of IoT would be 50 billion active machine "users." These machines, unlike humans, can talk constantly, all day long, and may be saying the same thing repeatedly (a thermostat could say "It is 62 degrees in this room," for example).

Apache Impala in CDH 5.7: 4x Faster for BI Workloads on Apache Hadoop

Impala has proven to be a high-performance analytics query engine since the beginning. Even as an initial production release in 2013, it demonstrated performance 2x faster than a traditional DBMS, and each subsequent release has continued to demonstrate the wide performance gap between Impala’s analytic-database architecture and SQL-on-Apache Hadoop alternatives. ... In previous releases, when queries started execution, Impala would start individual fragments one “level” of the plan tree at a time to ensure that receivers of data were always ready when the senders started. This approach led to a long start-up delay, particularly for complex queries with many fragments. In Impala 2.5, instead of starting fragments in wave after wave, the query start-up logic allows fragments to be started in any order, thereby increasing parallelism and reducing query start-up latencies.

Automation Will Never Eliminate Human Jobs

What about stalled income growth? Atkinson's argument is that it has nothing to do with productivity increases, either. Incomes stopped growing because of increased inequality within occupations, not because technology wiped out jobs in middle-wage professions. "To take an example from pro basketball, income inequality did not grow because technology eliminated middle-skilled players, it grew because of political economy factors, such as the introduction of free agency, " Atkinson writes. The people at the top of the income distribution aren't all bankers or tech gurus. Seven percent of the top 1 percent of earners are lawyers, another 7 percent doctors, 3 percent work in insurance and real estate. According to a recent article by Jonathan Rothwell, a Brookings Institution fellow, "there are five times as many top 1 percent workers in dental services as in software services."

Quote for the day:

"Always and never are two words you should always remember never to use." -- Wendell Johnson

May 09, 2016

India wants everyone who shares location data to get a license

While the bill states that the security vetting agency will concern itself only with information pertaining to sensitive areas like military bases, it’s clear that this is an over-reaching and poorly thought out plan to police mapping apps. It’s also likely to do little to stop terrorist attacks. Since the rules in the bill only apply within India and to Indians outside the country, it won’t restrict foreign military forces and terrorists beyond India’s borders from sourcing map data from elsewhere. Although Kiren Rijiju, Union Minister of State for Home Affairs of India promised that, “We won’t create hurdles for business and technological development,” it’s hard to imagine the bill doing anything but create logjams for apps and digital projects that require map data in the country and force developers and individuals to wade through red tape, if it comes into effect.

Mobile backend as a service: Features and deployment options

Organizations that aren't comfortable adopting public cloud services or have a large and growing portfolio of mobile apps can opt to deploy many of these MBaaS products as a private cloud on internally managed systems. We don't think security concerns are a valid excuse for shying away from cloud services, but a traditional on-premises software deployment may be more cost-effective for organizations with a large app development pipeline and that are also looking for a fully integrated suite encompassing app design, development, testing, project management and runtime back end. We would still be cautious about this route, since the mobile backend as a service market is extremely dynamic, with new features constantly being added and niche vendors -- like FeedHenry -- being acquired and incorporated into larger cloud portfolios.

3 women who radically changed the course of technology

When we think of innovators of the technology space we largely think of blokes like Mark Zuckerberg, Bill Gates, Steve Jobs, Elon Musk – the zeitgeist is largely male. But that hasn’t always been the case. As a matter of fact, for the first decade or so programming was a ‘pink-collar’ industry. The vast majority of early coders were women. What’s more, it’s an industry created by women. Two centuries ago (when computers were made of flywheels and cogs), Ada Lovelace was the matriarch behind programmable computers. The world’s first developer, who lay down the foundations for the future we’re currently living in, was a woman. Almost a hundred years after she published her seminal documents on programmable computers, Alan Turing used them as inspiration for the modern, electric machines we still use today.

Riverbed SD-WAN design goes beyond optimization

The SteelConnect gateway features a built-in next-generation firewall and unified threat protection. And in future versions available later this year, SteelConnect will support a variety of routing protocols, including Open Shortest Path First and the Border Gateway Protocol. Later this year, Riverbed will add its network visibility and application performance apps to SteelConnect Manager, and it will also add support for third-party applications, giving users access to a diverse array of services. The new switches and APs, meantime, will give Riverbed some additional ammunition as it courts customers ready to upgrade their branch sites with hardware that consolidates functions now spread across myriad devices, IDC's Casemore said.

Protecting the rainforests with IoT and recycled phones

Topher White and David Grenell, the founders of Rainforest Connection, developed a solution that uses the sound of loggers’ tools, such as chainsaws and trucks to haul away the logs, against them. They install sensors in rainforests that each monitor the sounds in a square-mile area. Villagers and local authorities are alerted when the sound of chainsaws or trucks is detected. Designing a rugged solution that's also affordable and easy to install is hard. It has to work in extreme humidity, operate in heavy rainfall and be self-powered. Applying some good old-fashioned ingenuity, White and Grenell decided to repurpose some of the more than 150 million phones discarded every year in the U.S. as the sensors for this project. Rainforest Connection adapts old phones, making them waterproof and powered by solar panels.

The Rise of Knowledge Workers Is Accelerating Despite the Threat of Automation

There is no doubt that machines are getting smarter, faster, more powerful and more dexterous—and potentially capable of doing more and more of the tasks that humans do. It’s easy to find warnings of the imminent risk of a jobless future. Most dramatically, a group of researchers at the University of Oxford warned three years ago that technology was on the cusp of destroying nearly 47% of U.S. jobs in coming years. It’s only been three years since that prediction, but so far new knowledge jobs are easily eclipsing the jobs that are disappearing. Even as machines get smarter, many jobs have critical components that are social, emotional, creative or relational. These are overwhelmingly likely to be classified as non-routine types of jobs. The prospect of robots or automation replacing all of them remains remote. In other words, there’s good reason to think knowledge work will continue to grow.

Ramsomware Should Haunt You All The Time

Businesses also need to find out where the attackers went within the network to discover where they might have buried malware for use at a later time, he says. Often the ransomware attack is used as a distraction so network security pros don’t notice other types of attacks. One of the best protections against ransomware attacks is effective backup, but it’s not foolproof. For example, if it is inserted in machines and lies dormant the ransomware itself can be backed up, so machines restored with the backup will still be infected. That’s why forensics are important to determine when and where the malware was placed. And it’s important to reimage machines, not just restore data. “You have to ask did your backups backup everything? Do so recently enough? Do they have integrity?” he says.

What's Really Happening Inside the Dell, EMC Merger

How will this relationship, the largest-ever union of two IT companies, have to work to be successful? Huge companies with multiple thousands of employees tend to be good at doing what they've always done, but are less successful at recognizing changes in the markets and then turning quickly to satisfy those new developments. This is what small, agile startups are particularly good at doing. New-gen IT buyers in their 20s and 30s, at least those contacted by eWEEK, are shrugging off this deal. They're never going to buy what this new company produces on a wide scale, unless the new Dell Technologies can convince them otherwise—and that will be a tall order. This is a large company that's going to sell to other large companies, and, if it can do that on a global basis, maybe that will be enough to be successful. But the midrange is where the growth in IT will be for the next two decades.

4 Benefits of Switching your Contact Center Agent Software to WebRTC

Contact centers are rapidly changing, moving towards becoming omnichannel machines where customers can skip across channels while the context of their interactions is maintained. This is not always the case. I had my own share of broken interactions across channels - getting it right isn’t easy. Most enterprises cannot invest in a full blown transformation of their contact center. That costs too much and comes with great risks (as any IT project does). A different approach is to take baby steps towards a full solution - one in each certain areas of the contact center are modernized and replaced. One such area which is popular for modernization with small and medium contact centers is the agent VoIP client. In a contact center, each agent is designated a phone. This is how they receive calls.

Securing SSDs with AES Disk Encryption

Encrypted SSDs not only operate at full speed without impacting system performance, but offer a number of advantages over software-based disk encryption. Security-wise, just like any other disk-encryption solution, encrypted SSDs perform transparent, complete encryption of all files including hidden and temporary files that may store sensitive information. However, the cryptographic hardware and encryption key is isolated from the host system, making the encryption process robust against attacks or viruses on the host system. Authentication with encrypted SSDs happens pre-boot. All user space data, including the operating system, is completely inaccessible until the user is authenticated. Sanitizing encrypted SSDs is fast and secure. On the other hand, sanitizing a conventional hard drive or SSD requires overwrite procedures that can take hours or days, or physical destruction that could still leave data on the drive.

Quote for the day:

"All our final decisions are made in a state of mind that is not going to last." -- Marcel Proust

May 08, 2016

3 Ways to Use Big Data in FinTech

This type of Application Programming Interface (API) is a way of communication with an online banking system, where a third-party can use the information about a customer stored in the banking system. A client should simply log in into the bank account and banking API does the rest of the work; it checks the balance of the account or extracts the summary of his transactions over a certain timeframe. Then this data is surpasses to a third party, a company that is interested in getting this type of data. The best thing about banking APIs is that all of the data is only passed through the user consent. If you have not heard about this technology, you should definitely take a closer look into it. In the modern dynamic era, data sharing data is essential for the progress.

With Tech Layoffs Projected to Be Deep, Professionals Should Get Ready to Switch Gears

So the question that looms over these layoffs is, what is going to happen to these highly skilled, intellectually capable professionals? A percentage of them will likely find employment in other technology companies. But the numbers are really high, and the industry is probably not going to be able to absorb the entire set. Instead of feeling depressed about the whole thing, I would like to look at the positive side of this phenomenon. These are tech savvy people, many have worked for years and developed experience and savings, and can, or at least a percentage of them can, start new ventures. They don't all have to build billion-dollar companies. But they can focus on a $5 million, $10 million, or $20 million idea and build a $1 million, $2 million, $5 million, or $10 million company over the next phase of their careers.

Taking Agile to Marketing: Process, Teams, and Success Stories

We are well aware of how software projects with an agile approach requires a cross-functional team to be able to ensure the best output in our deliveries. Similarly, when we adopt the agile paradigm into marketing, it requires us to bring together a team that is strong on all elements right from strategizing to creating, designing, developing and executing the strategy. Where on one hand, all the conventional organizational silos are still in place, working as they always did, on the other hand, to successfully take up Agile Marketing, it is vital that you have a special team in place dedicated entirely to it. A team that spans institutional silos, breaking down the old school hierarchy model is able to create a cross-functional working model that is committed to agile marketing, empowered for efficient decision making and swift responses.

Cisco patch stops attackers from taking over TelePresence systems

The vulnerability is present in the TelePresence Codec (TC) and Collaboration Endpoint (CE) software. The affected devices are: TelePresence EX Series, TelePresence Integrator C Series, TelePresence MX Series, TelePresence Profile Series, TelePresence SX Series, TelePresence SX Quick Set Series, TelePresence VX Clinical Assistant and TelePresence VX Tactical. Users who can't immediately install the software updates can disable the XML API to mitigate this flaw, but doing so will make it impossible to manage the systems through the Cisco TelePresence Management Suite. Otherwise, a high-severity denial-of-service vulnerability was patched in the Cisco FirePOWER System Software. By exploiting the flaw, attackers could cause an affected system to stop inspecting and processing packets.

The power of platform

Today’s businesses need to bring order to their fragmented operations in a holistic model. Running a digital business, requires a platform with a unified console and shared tools, libraries and services, which supports a loosely-coupled and dynamic operation, without compromising control, performance and scalability. The objective of this shift toward platforms is to allow organizations to concentrate on their business, not on underlying and ever-changing technology. ... Future State presents a universal interface, which abstracts all of the technical complexity of working with NFV and SDN-based services. It provides a declarative, or intent-based, model for rapidly designing and testing new network services, offering them as products in a catalog, and managing the lifecycle service orchestration of the services, including service assurance and disaster recovery.

How Salesforce Does Enterprise Architecture

Business-value led means that the ultimate goal of EA is to enable your business goals and objectives. Whether that is enabling a new business model, a flexible mobility strategy or an omni-channel strategy, EA's number one goal is actually not about technology but about business results. Pragmatic means that EA provides an executable roadmap that takes months, not years. No business has the luxury of waiting for a year or more for systems enablement. In many cases, business are already behind the curve in terms of having the systems they need to meet their business requirements. .... MVP or Minimum Viable Product approach means that EA should NOT be filling binders with amazing-looking artifacts. The creation of complex technical documents and diagrams is not a business value add.

Getting started with cloud solutions: What goes where?

Make sure you fully understand company-wide storage and access demands, and factor in how they will change or grow in the future. You should also describe every workflow in your business to identify the candidates for migration. PC Magazine recommends your best bet is to first migrate easily transportable, low risk, and high return workflows, such as email and backup/restore, and then apply any takeaways from this initial migration to the tougher jobs coming later. Don't assume that your current view of each department's operation is up to date. Meet and directly speak with team leaders, drilling down into details about how each team handles its workloads, the sensitivity of data they handle, and who's involved in their collaborative processes. Do assume that connectivity to the public cloud could break, on either your end or the provider's end.

Controversial digital currency in news on creator revelation, host of Indian start-ups

The latest development notwithstanding, there has been a lot of buzz around bitcoins lately, especially in the Indian context. In December last year—exactly two years after it issued a caution against the use of bitcoin—the Reserve Bank of India (RBI) came around to appreciate the strengths of bitcoin’s underlying ‘blockchain’ technology. Blockchain is a digital platform that records all bitcoin transactions ever made in a way that can’t be altered. Around two months before that, in October 2015, Ratan Tata, chairman emeritus of Tata Sons, joined a group of investors, including American Express, to invest in a US-based start-up, Abra. The US-based company works on bitcoin and similar technologies for interchange of currencies. Indian bitcoin start-ups, too, are not very far behind and are seeing considerable funding activity.

Microservice Threading Models and Their Tradeoffs

Paying attention to the threading model is an effective way to focus the architect on considering the trade-offs between efficiency and code complexity. As a service is decomposed into parallel operations with shared resources, the application will become more efficient and its responses will exhibit less latency (within limits, see Amdahl’s Law). Parallelizing operations and safely sharing resources introduces more complexity into the code. However, the more complex the code is, the harder it is for engineers to fully comprehend; which means developers are more likely to introduce new bugs with every change. One of the most important responsibilities of the architect is to find a good balance between efficiency and code complexity.

Introducing the Architecture of the Future: Mapping the Way to IT Success

The question is what does “software defined enterprise” (SDE) really mean for IT and how do we get there. By way of an answer, our Office of Architecture and Innovation team recently came up with a game plan—appropriately called EMC IT Architecture of the Future. ... While the priorities highlighted in the plan are not new, this is the first time IT has brought them together in a single vision defining how each fits to deliver SDE. The intent is to help clearly communicate IT’s role in making the notion of SDE a reality. The resulting blueprint—which we are promoting throughout our organization with posters, blogs and videos— diagrams the components of how IT will approach the architecture of the future. It is a holistic vision of a software defined enterprise that will deliver value to our customers.

Quote for the day:

"Leaders keep their eyes on the horizon, not just on the bottom line." -- Warren G. Bennis

May 07, 2016

Why Microsoft won't extend the Windows 10 free upgrade offer

If Microsoft hasn't paid a price for instituting the free upgrade, its ecosystem has: Analysts from all corners have attributed some of the continued contraction of PC sales to the free deal. In other words, Microsoft has reasons, one in particular, to end the offer: Doing so will placate its OEM (original equipment manufacturers) partners, the Lenovos, Dells and HPs of the computer industry, who will have a better chance of selling new hardware with the offer abandoned. ... It has, for instance, made a radical change to what hardware it will support in the future, saying in January that only Windows 10, or more specifically, "the latest Windows platform at that time," will support future systems. The policy is a strong signal to OEMs that Microsoft will push new hardware as it markets 10. It also establishes a precedent if, down the line, Microsoft decides to declare Windows 10 unfit for, and thus unsupported on, older hardware.

The Central Bank Heist and COBIT 5® for security

COBIT 5 for security addresses ignorance. It sets out everything you have to do to achieve the relevant security way beyond technical solutions. It provides both high-level and detailed approaches on assessing the business environment, ways to discover your firm’s risk appetite and tolerances, and what to look at to define the security you need. Only then does the guide move on to security implementation and monitoring. Looking at security in context brings out the reason for security investment and makes sense of the effort and expenditure required. ... Getting back to our central banks in Bangladesh and the Philippines, and SWIFT, what lessons are there that need to be applied? For Bangladesh: COBIT 5 cannot cure apathy but can go a long way in identifying the cultural issues the bank needs to overcome. The security guide’s approach exposes vulnerabilities and helps identify what can be done, however small, to begin addressing them.

Banks tie up with startups for novel payment solutions

By opening up their APIs, banks have reduced the time taken for fintech companies to process transactions. Yes Bank opened its API recently to Snapdeal and allowed the ecommerce company to route their 'Refunds' through them. Hence time required to refund is reduced to an hour from a week. "Previously we had to make an excel sheet containing all the data regarding the money that got transferred through us and had to upload it onto the bank's corporate interface, which then would get processed. This would require a lot of manual file sharing. Now with API integration, this process has become automated and fast," said Anish Williams, CEO of Transerve which is a business correspondent to RBL Bank. While opening up of the bank's interface makes processes very easy, it also exposes the bank's platform to malware which could harm the bank's database.

Australian Treasury department calls for public comments to help classify digital currency

The first solution is an “Input taxed treatment,” which removes the taxable event from the acquisition of digital currencies. A consumer that buys a few dollars worth of an unspecified digital currency won’t be taxed on the transaction, but when he or she goes to buy a cup of coffee with that digital money, the coffee store charges normal sales tax. A second solution is to remove all special designation and taxation from digital currencies, and to simply re-label them “money,” alongside items in the current definition of money, “including Australian or foreign currency, promissory notes, bills of exchange and money orders.” This option would give bitcoin more credibility than before, but instantly subject bitcoin to all of the existing regulations that come with money, including taxation on foreign exchange transactions, required to buy them.

Will Digitization Eliminate Jobs or Redefine Them?

The answer depends on how companies are digitized. If you look at technology simply as a way to reduce costs at the expense of your most important asset—people—job losses will mount. If, however, you approach digitization correctly by first reimagining work—understanding which new roles and skills will be needed in a digital world—the future of jobs is bright. ... The research shows how empowering people with “digital accelerators” that combine business process change and technology creates the three capabilities of digital business agility—hyperawareness, informed decision-making, and fast execution. Digitization is not just about deploying technology to cut costs. The real goal is to drive business growth through innovation. That means reimagining work and empowering people in a digital context and creating a more efficient and fulfilling work experience along the way.

Who will manage IoT in the enterprise?

Most IT departments throughout enterprises are about to relinquish control of the Internet of Things, a research firm says. IoT will not generally be managed by IT, reckons Bob O’Donnell. His company,TECHnalysis Research, recently completed an online study about which department will be running IoT within organizations. Surprisingly, operations, facilities and manufacturing was the principal selection, the researcher found (with 42 percent). It will be the “most common department to be responsible for IoT projects,” O’Donnell says. IT came in second, with 33 percent, and line of business and business strategy groups followed in third position at 24 percent. Line of business can mean a few different things in corporate-eze. They include computer applications used in an enterprise, general products offered or a general corporate division. In any case, it isn’t IT.

Digital strategies must be able to adapt to changes in cloud services

Venters said that enterprises can respond by understanding the direction and business models in which cloud vendors are heading and creating a business strategy in response. This can evolve with them and if necessary pivot in the opposite direction if the objectives of both do not align to the benefit of each other. “When we buy a service [from a vendor] we need to understand their business model and how it might adapt in the future, and then adapt our business model to align with it,” he explained. Such a strategy means that all IT procurement should be seen as acquiring sustainable services, not products, that operate in tandem with a company’s business strategy. Effectively, each purchase needs to work in the context of the business and the wider cloud ecosystem to which they connect.

Why We Should Not Jailbreak Our Devices

Jailbreaking in iOS is the process of gaining unauthorized access or elevated privileges on a system. It basically modifies the iOS kernel and allows file system read and write access to an application. Most of the jailbreaking tools apply some kernel patches to the iOS kernel and make some unauthorized changes to the kernel to remove the limitation and security features built by the manufacturer. And, this allows the users to install additional third party applications, extensions and patches from outside Apple's App Store. ... Attackers can easily insert malicious files into or extract sensitive file from a jailbroken device. In fact, this vulnerability is widely used by a number of commonly known malware programs. Attackers can use keyloggers or other malware programs to steal sensitive data from a jailbroken device.

Qualcomm Flaw Puts Millions of Android Device at Risk

Devices running Android KitKat (4.4) and later are affected less than older devices because they come with the Security Enhancements for Android (SEAndroid) mechanism enabled in enforcing mode by default. This makes stealing other apps' data through this flaw impossible. On these newer Android versions, "the 'netd' context that the '/system/bin/radish' executable runs as does not have the ability to interact with other 'radio' user application data, has limited filesystem write capabilities and is typically limited in terms of application interactions," Valletta said. However, a malicious application could still use the flaw to modify system properties, he said. "The impact here depends entirely on how the OEM is using the system property subsystem."

We're still living in the dark ages of cyber security

The big problem we face today is that most of the software that runs our massive IT ecosystem is vulnerable to cyberattacks. And there’s nowhere to hide: If you’re not a hermit, it is virtually impossible today not to be exposed to information technologies. Digital equipment, devices and gadgets are all around us. An average household in the modern world already has several networked devices, and there are predictions that soon it will own hundreds of them. And there’s probably not a single factory today - no matter what industry - that’s not using some sort of computerised industrial control systems. The big problem is that we’re using computers and various devices that were never designed to withstand an attack by a highly qualified threat actor. However, our infrastructure is becoming increasingly ‘cyber-physical’, while being run by the same vulnerable software.

Quote for the day:

“Great leaders don't need to act tough. Their confidence and humility serve to underscore...” -- Simon Sinek