Daily Tech Digest - February 03, 2021

Usability Testing: the Ultimate Guide [Free Checklist]

Generally speaking, usability testing comes in two types: moderated and unmoderated. Moderated sessions are guided by a researcher or a designer, while the unmoderated ones rely on users’ own unassisted efforts. Moderated tests are an excellent choice if you want to observe users interact with prototypes in real-time. This approach is more goal-oriented — it lets you confirm or disconfirm existing hypotheses with more confidence. On the other hand, unmoderated usability tests are convenient when working with a substantial pool of subjects. A large number of participants allows you to identify a broader spectrum of issues and points of view. However, it’s important to underline that testing isn’t that black and white. It’s best to look at this practice as a spectrum between moderated and unmoderated testing. Sometimes, during unmoderated sessions, we like to nudge our subjects into the right direction through mild moderation when necessary. Testing our prototypes can provide us with a wide array of insights. Fundamentally, it helps us spot flaws in our designs and identify potential solutions to the issues we’ve uncovered. We learn about the parts of our product that confuse or frustrate our users. By disregarding this step, we’re opening up to the possibility of releasing a product that causes too much friction.


Linux malware backdoors supercomputers

ESET researchers have reverse engineered this small, yet complex malware that is portable to many operating systems including Linux, BSD, Solaris, and possibly AIX and Windows. “We have named this malware Kobalos for its tiny code size and many tricks; in Greek mythology, a kobalos is a small, mischievous creature,” explains Marc-Etienne Léveillé, who investigated the malware. “It has to be said that this level of sophistication is only rarely seen in Linux malware.” Kobalos is a backdoor containing broad commands that don’t reveal the intent of the attackers. It grants remote access to the file system, provides the ability to spawn terminal sessions, and allows proxying connections to other Kobalos-infected servers, Léveillé notes. Any server compromised by Kobalos can be turned into a Command & Control (C&C) server by the operators sending a single command. As the C&C server IP addresses and ports are hardcoded into the executable, the operators can then generate new Kobalos samples that use this new C&C server. In addition, in most systems compromised by Kobalos, the client for secure communication (SSH) is compromised to steal credentials.


Disrupting the patent ecosystem with blockchain and AI

Applying the power of AI and blockchain to IP assets enables a paradigm shift in how IP is understood and managed. Companies that understand and adopt this new paradigm will be rewarded. Last year, we announced the inclusion of IPwe — the world’s first AI and blockchain-powered patent platform, among our selection of the next wave of enterprise blockchain business networks. The Paris-based start-up has since deployed a suite of leading-edge IP solutions, removing barriers by addressing fundamental issues within today’s patent ecosystem. IPwe is partnering with IBM to accelerate its mission to address the inefficiencies in the patent marketplace. IBM Cloud and IBM Blockchain teams are working closely with IPwe on a multi-year project to assist IPwe in its mission to deliver world class solutions to its enterprise, SME, university, law firms, research institutions and government customers, with a heavy emphasis on meeting the needs of financial, technology and risk management executives. In addition to giving patent owners tools that provide greater visibility, effective management, and ease of conducting transactions with patents, the IPwe Platform reduces costs for innovators, and creates commercial opportunities for those that wish to partner or engage in financial transactions.


Low-Code Platforms and the Rise of the Community Developer: Lots of Solutions, or Lots of Problems?

Most community developers will progress through three stages as they become more capable of using the low-code platform. Many community developers won’t progress beyond the first or second stage but some will go onto the third stage and build full-featured applications used throughout your business. Stage 1—UI Generation: Initially they will create applications with nice user interfaces with data that is keyed into the application. For example, they may make a meeting notes application that allows users to jointly add meeting notes as a meeting progresses. This is the UI Generation stage. Stage 2—Integration: As users gain experience, they’ll move to the second stage where they start pulling in data from external systems and data sources. For example, they’ll enhance their meeting notes application to pull calendar information from Outlook and email attendees after each meeting with a copy of the notes. This is the Integration stage. Stage 3—Transformation: And, finally, they’ll start creating applications that perform increasingly sophisticated transformations. For example, they may run the meeting notes through a machine learning model to tag and store the meeting content so that it can be searched by topic. This is the Transformation stage.

XOps: Real or Hype?

Like DevOps, the various types of Ops aim to accelerate processes and improve the quality of what they're delivering: software (DevOps); data (DataOps); AI models (MLOps); and analytics insights (AIOps). Some consider the different Ops types important since the expertise required for each type differs. Others believe it's just hype, specifically relabeling what already exists and/or there's a risk that the fragmentation created by all the different groups may create extra bureaucracy that frustrates faster value delivery. Agile software development practices have been bubbling up to the business for some time. Since the dawn of the millennium, business leaders have been told their companies need to be more agile just to stay competitive. Meanwhile, many agile software development teams have adopted DevOps and increasingly they've gone a step further by embracing continuous integration/continuous delivery (CI/CD) which automates additional tasks to enable an end-to-end pipeline which provides visibility throughout and smoother process flows than the traditional waterfall handoffs. Like DevOps, DataOps, MLOps, and AIOps are cross-functional endeavors focused on continuous improvement, efficiency and process improvement.


Sigma Rules to Live Your Best SOC Life

In the Security Operations space, we have been using SIEM's for many years with varying degrees of deployments, customization, and effectiveness. For the most part, they have been a helpful tool for Security Operations. But they can be better. Like any tool, they need to be sharpened and used correctly. After a while, even a sharpened tool can become dull from too much use: and with a SIEM that takes the form of too many events creating the dreaded ALERT FATIGUE!!! This is real for security operations and must be addressed; because the more alerts, the more an engineer must work on, and the more they will miss. Insert Sigma Rules for SIEMS (pun intended); a way for Security Operations to implement standardization into the daily tasks of building SIEM queries, managing logs, and threat hunting correlations. What is a Sigma rule, you may ask? A Sigma rule is a generic and open, YAML-based signature format that enables a security operations team to describe relevant log events in a flexible and standardized format. So, what does that mean for security operations? Standardization and Collaboration are now more possible than ever before with the adoption of Sigma Rules throughout the Security Operations community. 


How AI Is Radically Changing Cancer Prediction & Diagnosis

Risk modelling includes assessing risks at different time points, which can determine the preventive measures that need to be taken at different stages. This can provide insight into the risk of developing cancer at a time point compared to the other, which is not useful. Hence, scientists trained Mirai to have an ‘additive hazard layer’. This layer can predict a patient’s risk at a time point, let’s say four years, as an extension of the risk at a previous time point, say three years, instead of comparing two different time points. This can help the model learn to make self-consistent risk assessments even with variable amounts of follow-ups as inputs. Secondly, the model includes non-image risk factors like age and hormonal variables but does not necessarily require them at the test time, since a trained network can extract this information from mammograms. Hence, this model can be adopted globally. Lastly, standard training models do not work even with minor variations, such as a change in the mammography machine used. Mirai used an ‘adversarial’ scheme, to de-bias such models to learn from mammogram representations agnostic to the source clinical environment.


How To Port Your Web App To Microsoft Teams

While there are many different paths to building and deploying Teams apps, one of the easiest is to integrate your existing web apps with Teams through what is called “tabs.” Tabs are basically embedded web apps created using HTML, TypeScript (or JavaScript), client-side frameworks such as React, or any server-side framework such as .NET. Tabs allow you to surface content in your app by essentially embedding a web page in Teams using <iframes>. The application was specifically designed with this capability in mind, so you can integrate existing web apps to create custom experiences for yourself, your team, and your app users. One useful feature about integrating your web apps with Teams is that you can pretty much use the developer tools you’re likely already familiar with: Git, Node.js, npm, and Visual Studio Code. To expand your apps with additional capabilities, you can use specialized tools such as the Teams Yeoman generator command line tool or Teams Toolkit Visual Studio Code extension and the Microsoft Teams JavaScript client SDK. They allow you to retrieve additional information and enhance the content you display in your Teams tab.


How AI Can Read Your Brain Waves

The music study is only one of many recent efforts to understand what people are thinking using computers. The research could lead to technology that one day would help people with disabilities manipulate objects using their minds. For example, Elon Musk’s Neuralink project aims to produce a neural implant that allows you to carry a computer wherever you go. Tiny threads are inserted into areas of the brain that control movement. Each thread contains many electrodes and is connected to an implanted computer. "The initial goal of our technology will be to help people with paralysis to regain independence through the control of computers and mobile devices," according to the project’s website. "Our devices are designed to give people the ability to communicate more easily via text or speech synthesis, to follow their curiosity on the web, or to express their creativity through photography, art, or writing apps." Brain-machine interfaces might even one day help make video games more realistic. Gabe Newell, the co-founder and president of video game giant Valve, said recently that his company is trying to connect human brains to computers. The company is working to develop open-source brain-computer interface software, he said. 


Q&A: Dataiku VP discusses AI deployment in financial services

AI is also a real revolution within risk assessment, notably through the enhanced use of alternative data. This is true both for traditional risks and emerging risks such as climate change, helping all financial players — banks and insurers alike — to reconsider how they price risks. Those who have developed a strong expertise in leveraging alternative data and agile modeling have been able to truly benefit from their investment during the ongoing health crisis, which has deeply challenged traditional models. Lastly, the positive impact of AI on customers should not be underestimated. Financial services are confronted with an aggressive competitive landscape as well as demand from customers for improved personalisation, driving improved customer orientation in these organisations. The capacity to build 360° customer views and optimise customer journeys, notably on claims management, are two examples of areas where AI has significantly supported deep transformation within banks and insurance companies, with yet much more to be delivered.



Quote for the day:

"Leadership is a potent combination of strategy and character. But if you must be without one, be without the strategy." -- Norman Schwarzkopf

Daily Tech Digest - February 02, 2021

The Chaos Mindset: Teaching Your Code to Cope

Like Agile, chaos engineering is more than a set of activities and workflows—it’s also a state of mind. Your people and your culture must be ready and able to adopt chaos principles, as well as chaos processes. For the DevOps leader, adopting a new mindset might sound a little, well, vague. But this shift is based on concrete actions, not just philosophical musings. Consider an example from the world of cloud infrastructure: a mission-critical application that is hosted within a cloud service could be at risk for failure if, say, that cloud service is centralized in a single location, or within a limited number of microservices within the cloud infrastructure. But if the app is hosted in a distributed way, you can create greater opportunity for application-level availability and resilience, and you can test for that resilience within the existing production environment. This kind of distributed architecture isn’t brand-new for most enterprises, and, therefore, the process of developing applications in way that tests for availability in a variety of infrastructure scenarios also shouldn’t be a foreign concept. As a DevOps leader, you can build a culture of resilience-centric thinking by empowering your teams with the tools they need to adopt chaos-style testing, and then showing them how to build that thinking into every sprint and every standup.


Intel Outside: How The Chip Giant Lost Its Edge

For Intel, the year 2020 was a roller coaster ride. The company saw more lows than highs. If Apple delivered the much dreaded news to the company, its rivals— NVIDIA and AMD chipped in with more bad news with mega acquisitions and advancements in technology. Intel’s woes didn’t end there. Last year, rockstar chip architect Jim Keller, who was hired to put Intel on top again, resigned after a brief stint at the company; this is Keller’s shortest tenure compared to his time at Apple and Tesla. Then there was Chief Engineer Venkata Murthy Renduchintala, who promised in 2019, that the Intel’s next gen 7nm chips were on track to start production in 2021. That didn’t happen. Intel parted ways with Renduchintala as part of a technical team shake up. Constant engineering hiccups and internal debates of whether Intel needs to outsource manufacturing further delayed the arrival of next gen CPUs. The top brass of the company moving in and out also signals Intel’s leadership vulnerabilities. Current chief Bob Swan who will be replaced soon, was also only appointed a couple of years ago. Swan was tasked with restructuring the company to adjust to the disrupting technologies like AI and cloud.


North Korea-Sponsored Hackers Attack with Bad-Code Visual Studio Projects

Microsoft reported a battle with North Korean-sponsored hackers who attacked security researchers with a most innovative technique: compromised Visual Studio projects. The attack was attributed to a group called ZINC, said to be associated with the Democratic People's Republic of Korea (DPRK). A Jan. 28 post titled "ZINC attacks against security researchers" described the organization as a DPRK-affiliated and state-sponsored group. That determination was based on "observed tradecraft, infrastructure, malware patterns, and account affiliations." "This ongoing campaign was reported by Google’s Threat Analysis Group (TAG) earlier this week, capturing the browser-facing impact of this attack," Microsoft said. "By sharing additional details of the attack, we hope to raise awareness in the cybersecurity community about additional techniques used in this campaign and serve as a reminder to security professionals that they are high-value targets for attackers." While such battles between hackers and enterprises and security organizations are obviously common and ongoing, one unusual aspect of this encounter was the choice of payloads for the bad code.


AI Ethics Really Come Down To Security

Innovating trustworthy AI/ML depends on the design, development and distribution of AI systems that learn from and work collaboratively with humans in a comprehensive and meaningful fashion. It's critical for security and privacy to be considered at the start of any new technology's architecture. They cannot be properly included as an afterthought; the absolute highest required level of security and protection of data must be incorporated in both hardware and software, which will ensure that it is already configured into all steps of the development and supply chain — beginning with design all the way through to the technology's business and utilization model. The Charter of Trust initiative for IoT cybersecurity (of which we're a partner) has also provided excellent guidelines for a risk-based methodology and verification that should be incorporated as core requirements throughout that supply chain. After we identify the core principles that will govern AI development, we must then determine how to ensure these ethical AI systems are not compromised. Machine learning can monitor data and pinpoint anomalies, but it unfortunately also can be used by hackers to increase the impact of their actual cyberattacks.


Use social design to help your distributed team self-organize

For those on the front lines, a restructuring can feel more like something done to them than with them. Managers might overlook the experience and insights of those expected to innovate, collaborate, and satisfy customers within the new structure. And there is often an explicit or implicit power dynamic that distorts functional considerations as executives jostle for control of prominence and resources. An alternative to the top-down approach is to let function drive form, supporting those most directly connected to creating value for customers. Think of it as bottom-up or outside-in. One discipline useful in such efforts is social design, a subspecialty of design that aspires to solve complex human issues by supporting, facilitating, and empowering cultures and communities. Its practitioners design systems, not simply beautiful things. I spoke with one of the pioneers in this area, Cheryl Heller, author of The Intergalactic Design Guide: Harnessing the Creative Potential of Social Design. Her current work at Arizona State University centers on integrating design thinking and practice into functions that don't typically utilize design principles. “People’s work is often their only source of stability right now,” she told me. “You have to be careful, because people are brittle.” 


How-to improve Wi-Fi roaming

The initial tendency may be to install more APs in hopes of finding an easy fix, but doing so without careful analysis can make the situation even worse. Proper roaming requires more than just good signal strength throughout coverage areas; it takes a careful balance between the coverage of each AP on both 2.4 and 5GHz bands to make roaming work right. ... Getting the coverage overlap just right between all the APs in your network is one of the most important things you can do to help improve the roaming. At the same time, it is one of the toughest. You have to check the coverage throughout the coverage areas and analyze the overlapping. If issues are found you need to figure out how to address them, perform the fix, and then double-check that it’s actually fixed. Keep in mind you want about a 15% to 20% coverage overlap between AP cells, using -67dBm as the signal boundary for each cell. You want to look at both bands, too, keeping in mind 2.4GHz naturally provides longer range than 5GHz. Less overlap can result in spots with bad signals. If you have too much overlap between AP cells in either band, it can cause co-channel interference and “sticky” clients that don’t roam, which can result in APs that become overloaded with clients.


UK's leading AI startup and scaleup founders highlight the main pain points of running an AI business

Looking specifically at financial institutions, Hodgson says that they must ensure that their data foundations are fit for purpose. “Data is the raw material of our industry, and without it, the benefits and potential of AI are stunted and capped before the system even gets switched on. Many financial institutions already sit atop mountains of their own data in addition to buying more from vendors — yet they do not have the time, the resources or the staff expertise to sift through it,” Hodgson explains. Dr Richard Ahlfeld, founder and CEO at Monolith AI — a startup that builds new machine learning software to help engineers to improve the product development process, echoes this view. He says: “Any pain points tend to boil down to the data: getting the data, ensuring data security, making sure that you can trust the data. “There’s no standardisation of what makes data ‘valuable’ across the industry either, and not all engineers follow the same protocols and practices. For example, deciding what data to keep can be tricky as it’s hard to anticipate what might or might not be useful to have in the future. Even saving data from failed ventures (a practice which is often overlooked) can have its value, as it acts as a reference for future experiments.”


Ransomware payments are going down as more victims decide not to pay up

While it's positive that a higher percentage of these victims are choosing not to pay cyber criminals, there's still a large number of organisations that do give in – allowing ransomware to continue to be successful, even if those behind attacks have been making slightly less money. However, it might be enough for some ransomware operators to consider if the effort is worth it. "When fewer companies pay, regardless of the reason, it causes a long-term impact, that compounded over time can make a material difference in the volume of attacks," said a blog post by Coveware. The rise in organisations choosing not to give into extortion tactics around ransomware has also led the gangs to change their tactics, as shown by the increase in ransomware attacks where criminals threaten to leak stolen data if the victim doesn't pay. According to Coveware, these accounted for 70% of ransomware attacks in the final three months of 2020 – up from 50% during the previous three months. However, while almost three-quarters of organisations threatened with data being published between July and September paid ransoms, that dropped to 60% for organisations who fell victim between October and December.


Measuring Crop Health Using Deep Learning – Notes From Tiger Analytics

Agrochemical companies are already experimenting with advanced data science techniques to overcome these challenges: they employ drones to capture high-resolution aerial images of the farms and apply computer vision techniques and other complex algorithms to process the images. However, challenges persist; leaf characteristics such as orientation, alignment, length, shape and twists are difficult to discern when viewed from above, particularly in crops that grow tall and narrow, such as maise. Further complexities are introduced by variability in ambient light conditions, soil terrain, cloud refraction, occlusion and other environmental factors. Finally, all these factors vary over time, which means that to get a clear picture of plant health and treatment performance, regular measurement is required. As deep learning and computer vision fields mature, scientists are beginning to use these technologies for such LAI measurements, and more. Tiger Analytics has collaborated with leading agrochemical companies to develop such solutions. In this article, we outline the possible approaches and challenges. The primary challenge in developing a deep learning solution is the near nonexistence of training data.


Contemporising Data Protection Legislation

Provisioning blanket exemption to government agencies from the application of the data protection law and processing obligations (Section 35, PDP Bill) poses a challenge to reforming and upgrading the data access and surveillance regime. The importance of procedural safeguards, the right to effective recourse, and necessary and proportionate access principles has been reiterated by numerous Supreme Court judgments like PUCL v. Union of India and K.S. Puttaswamy v. Union of India. Such an exemption might inadvertently curtail the government’s stated vision of becoming the data processing and analytics hub of the world, and dent digital economy goals. According to the updated draft of the Standard Contractual Clauses (SCCs) by the European Commission on personal data transfers outside the European region, data exporters must take into account the laws and overall regime that enable public authorities to access personal data through binding requests in the destination country, and gauge if they meet “necessary and proportionate” requirements expected from a “democratic society”. If governments and businesses find the exemption under Section 35 of the PDP Bill excessive, digital trade and investments, and the ability to forge agreements, might be impacted.



Quote for the day:

"Trust is one of the greatest gifts that can be given and we should take creat care not to abuse it." --Gordon Tredgold

Daily Tech Digest - February 01, 2021

Welcome to the client-serverless revolution

As this trend intensifies, a new paradigm of connected internet applications has come to the forefront. This approach is known as client-serverless computing. It delivers consistently dynamic, interactive application experiences from any smartphone or edge device, no matter where a user happens to be, or where the resources they’re accessing are being served from. The widespread adoption of rich-client devices and the global availability of distributed cloud services has fueled the client-serverless computing trend even more, but it also demands more from developers. No longer can developers assume that their program code will primarily access databases, app servers, and web servers that are located within a single data center or cloud region. Instead, developers must build server-side business logic and markup, as well as the client-side JavaScript that will render the user interface on myriad client devices. They must code applications that are optimized for high-quality, browser-side interactivity over industry standard interfaces such as REST (for remote APIs) or JSON (for data formats). Client-serverless has roots in the old-guard, three-tier application architectures that sprung up around PCs and local area networks that connected a client-side GUI to a back-end SQL database.


Strengthening Zero-Trust Architecture

First, it's helpful to consider zero trust in terms of the need for controlled access management that does not negatively affect the business. Specifically, organizations must establish a zero-trust environment that limits access to individuals with the proper authority but doesn't interfere with daily operations. One way to accomplish this is through a data-trust lens. Rather than granting blanket access to validated users, organizations should hide specific files and data from those who don't have the authorization to access them, strengthening data protection beyond user-level permissions without impacting authorized users. By hiding objects like files, folders, or mapped network and cloud shares, attackers cannot find or access the data they seek. This function can serve as a powerful defense against data theft and ransomware attacks. Application trust likewise takes security beyond user privileges. Merely focusing on whether a query is authorized isn't enough — it's also vital to consider the application invoking that query. Doing so can prevent unauthorized access from applications such as Windows command line or PowerShell, which regular users wouldn't typically use to access data. Application trust can also help identify and deflect attackers attempting to probe open ports and services to compromise.


How can tech leaders take people with them on their digital transformation journey?

Leaders need to make it personal for their employees, make it clear that by introducing this new digital tool their life will become easier and their productivity more efficient. Leaders can look to do this by winning hearts and minds through demonstrations and simple, clear communication. If, for example, a business is introducing a new collaborative tool they need to make it clear how that will benefit employees. Will it reduce email traffic? Make instant communication more effective? Or free up more time in their day to focus on other priorities? Demonstrating these benefits will help to put people in the right mind-set from the start. It’s also important to ask for instant feedback on transformational change programmes. Ensuring people are involved from the start will promote engagement throughout the process and help leaders to understand how their employees feel about the change and impacts within their teams. Identify champions AND advocates Digital change champions are nothing new but are critical to support the roll out of digital transformation at the frontline of a business. These people can answer frequently asked questions, provide an additional avenue of communication to leaders and encourage employees to make best use of the new tools being made available to them.


AI No Silver Bullet for Cloud Security, but Here’s How It Can Help

One of the most promising – and certainly most developed – uses of AI in cybersecurity is to use AI systems to trawl through historical data in order to identify attack patterns. Some AI algorithms are very effective at this task, and can inform otherwise oblivious cybersecurity teams that they have, in fact, been hacked many times. The primary value of this kind of system is seen when it comes to managing employee access to systems and files. AI systems are extremely good at tracking what individual users are doing and at comparing this with what they do typically. This allows administrators (or automated security systems, explored below) to easily identify unusual activity and block users’ access to files or systems before any real damage is done. This kind of functionality is now widespread in many industries. Some cloud providers even ship it with their basic cloud storage systems. In many cases, in fact, an organization is not even aware that an AI is collecting data on the way they use their cloud service in order to scan this for unusual activity. This type of tool, however, also represents the limit of what AI can do, in terms of cloud security, at the moment. Most organizations lack the tools to use AI systems in a more complex way than this.


How do I select a PAM solution for my business?

Before choosing a PAM solution for their business, the first question a CISO should ask themselves is what it is that they aim to protect? Adopting PAM is as much about mindset and approach as it is about technology. Thousands of PAM programme engagements with the world’s largest organizations have cemented our view that the best way to protect the business is first to identify critical data and assets, then assess the paths that an attacker might take to compromise them. This sounds obvious but it is not yet the common practise that it should be. Privileges identities, credentials, secrets and accounts are found throughout IT infrastructure, whether this be on-premises, multi-cloud or a mix thereof. The ones that allow access to your critical data and assets are what the initial focus should be on. Once these are determined, there are a number of essential features that apply: Ease of implementation, ease of use, and ease of integration. The latter is essential. Look for integrations with your existing vendor stack; Cloud readiness is key. You are likely going to be moving applications into the cloud. Their privileged access needs to be secured; Session management and recording; Credential management for humans, applications, servers and machines; Audit and reporting features; and Privileged threat alerting.


Reported Data Breaches Rise 5% in Australia

The Office of the Australian Information Commissioner received 539 notifications between July and December, up from 512 in the first half of the year, according to its new report. Healthcare providers reported 133 breaches, followed by finance at 80; education, 40; legal, accounting and management services at 33; and the federal government at 33. This marked the first time the Australian government entered the top five list of sectors reporting the most breaches, displacing the insurance industry. The federal government’s breach tally does not include intelligence agencies or state and local government agencies, public hospitals and public schools. Under Australia’s notifiable data breaches law, organizations covered by the Privacy Act 1988 are required to report within 30 days breaches that are likely to result in “serious harm.” Fines for noncompliance can range up to 2.1 million Australian dollars ($1.6 million). The breach notification law went into effect in 2018 (see: Australia Enacts Mandatory Breach Notification Law). Although breach notifications increased by 5%, the OAIC characterized that as a “modest” increase given the rising cybersecurity risks introduced by the rapid shift in early 2020 to working from home due to the COVID-19 pandemic.


‘Weird new things are happening in software,’ says Stanford AI professor Chris Re

To handle the subtleties of which he spoke, Software 2.0, Re suggested, is laying out a path to turn AI into an engineering discipline, as he put it, one where there is a new systems approach, different from how software systems were built before, and an attention to new "failure modes" of AI, different from how software traditionally fails. It is a discipline, ultimately, he said, where engineers spend their time on more valuable things than tweaking hyper-parameters. Re's practical example was a system he built while he was at Apple, called Overton. Overton allows one to specify forms of data records and the tasks to be performed on them, such as search, at a high level, in a declarative fashion. Overton, as Re described it, is kind of an end-to-end workflow for deep learning. It preps data, it picks a model of neural net, tweaks its parameters, and deploys the program. Engineers spend their time "monitoring the quality and improving supervision," said Re, the emphasis being on "human understanding" rather than data structures. Overton, and another system, Ludwig, developed by Uber machine learning scientist Piero Molino, are examples of what can be called zero-code deep learning. "The key is what's not required here," Re said.


Hunting and anti-hunting groups locked in tit-for-tat row over data gathering

The data collection practices of the Hunting Office (HO), a central organisation delegated to run the administrative, advisory and supervisory functions of the UK’s hunting associations, and the Countryside Alliance (CA), a campaign organisation with over 100,000 members that promotes rural issues, have been questioned by activists running a website called Hunting Leaks. The website owners said that a monthly round-up of anti-hunting activity – which appears to have been shared via email with hunts across the UK – was passed on to Hunting Leaks by an undisclosed animal rights group. The leaked document, a report on saboteur activity between 14 November and 12 December 2020, lists the names of anti-hunting groups, the names of 30 activists (some of which are referred to multiple times) and information about their vehicles, including registration numbers. It also includes information on the number of anti-hunting activists in attendance, details about their movements and activity on a given hunt day, as well as guidance for how hunt members should approach collecting information and video footage. 


6 ways to bring your spiraling cloud costs under control

The best way to avoid overspending on cloud resources is to know what you need ahead of time. “Scalable cloud services, in theory, have made overprovisioning unnecessary, but old behaviors used in traditional data centers lead to [cloud] resources that are often underutilized or completely idle, which result in unnecessary spend,” wrote Gartner analysts in a December 2020 research note. This may not be music to the ears of anyone who has already made sizable commitments in the scramble to react to the challenges of the pandemic, but it does highlight the importance of right-sizing your cloud environment where possible. “Start with knowing what you spend—not just the invoice you get—but what are you spending on, where are you spending the most, and where are you seeing growth,” said Eugene Khvostov, vice president of product engineering at cost-management software specialist Apptio. For larger organizations, a proven approach is to establish a dedicated cloud center of excellence, tasked with monitoring and governing cloud usage and establishing best practices. For smaller organizations, this responsibility falls on senior members of the IT team, who will be tasked with establishing budgetary guardrails, often linked to longer-term ROI requirements.


Looking beyond Robotic Process Automation

There are a whole host of reasons why a process might not be suitable for automation, but you should consider things such as the time it will take to automate and how many steps in the process require human intervention. Generally speaking, the more logical and easier to define the process is, the faster and easier it is to automate. With a holistic view of processes in your organisation, you will be able to pinpoint which processes can and should be automated, as well as those where people are the key drivers. This will not only be crucial in achieving greater efficiencies, but in demonstrating the benefits to employees and an understanding of where they fit into this new way of working. Consider where upskilling or knowledge sharing might be needed to ensure employees are equipped to support automation. It’s all well and good having technology in in place, but it won’t run effectively without the right people and buy-in alongside it. The relationship between people and technology is going to become even more important as the capabilities of RPA and other machine-based learning advance over the next few years. Just because you can’t fully automate a process, doesn’t mean greater efficiencies can’t be achieved. For 



Quote for the day:

"Ninety percent of leadership is the ability to communicate something people want." -- Dianne Feinstein

Daily Tech Digest - January 31, 2021

How retailers can manage data loss threats during remote work

While an e-commerce store often relies on many software tools to help make day-to-day operations a little easier, it's likely that the number of apps being used has gone up with the increase in remote work. However, separate software tools don't always play nice together, and the level of access and control they have over your data might surprise you. Some even have the ability to delete your data without warning. At least once a year, e-commerce merchants should audit all the applications connected to their online store. Terms and conditions can change so it's best you understand any changes in the last 365 days. List all the pros and cons of each integration and decide if any tradeoffs are worth it. SaaS doesn't save everything.  Software-as-a-service (SaaS) tools will always ensure the nuts and bolts of the platform work. However, protecting all the data stored inside a SaaS or cloud solution like BigCommerce or Shopify rests on the shoulders of users. If you don't fully back up all the content and information in your store, there's absolutely no guarantee it will be there the next time you log in. This model isn't limited to just e-commerce platforms. Accounting software like QuickBooks, productivity tools like Trello and even code repositories like GitHub all follow the same model.


Don't make these cyber resiliency mistakes

Manea begins by sharing the well-worn axiom that defenders must protect every possible opening where attackers only need one way in. If realistic, that truism alone should be enough to replace a prevention attitude with one based on resilience. Manea then suggests caution. "Make sure you understand your organizational constraints—be they technological, budgetary, or even political—and work to minimize risk with the resources that you're given. Think of it as a game of economic optimization." ... Put simply, a digital threat-risk assessment is required. Manea suggests that a team including representatives from the IT department, business units, and upper management work together to create a security-threat model of the organization—keeping in mind: What would an attacker want to achieve?; What is the easiest way for an attacker to achieve it?; and What are the risks, their severity, and their likelihood? An accurate threat model allows IT-department personnel to implement security measures where they are most needed and not waste resources. "Once you've identified your crown jewels and the path of least resistance, focus on adding obstacles to that path," he said.


Researchers have developed a deep-learning algorithm that can de-noise images

In conventional deep-learning-based image processing techniques, the number and network between layers decide how many pixels in the input image contribute to the value of a single pixel in the output image. This value is immutable after the deep-learning algorithm has been trained and is ready to de-noise new images. However, Ji says fixing the number for the input pixels, technically called the receptive field, limits the performance of the algorithm. “Imagine a piece of specimen having a repeating motif, like a honeycomb pattern. Most deep-learning algorithms only use local information to fill in the gaps in the image created by the noise,” Ji says. “But this is inefficient because the algorithm is, in essence, blind to the repeating pattern within the image since the receptive field is fixed. Instead, deep-learning algorithms need to have adaptive receptive fields that can capture the information in the overall image structure.” To overcome this hurdle, Ji and his students developed another deep-learning algorithm that can dynamically change the size of the receptive field. In other words, unlike earlier algorithms that can only aggregate information from a small number of pixels, their new algorithm, called global voxel transformer networks (GVTNets), can pool information from a larger area of the image if required.


Manufacturers Take the Initiative in Home IoT Security

Although ensuring basic connectivity between endpoint devices and the many virtual assistants they connect to would seem to be a basic necessity, many consumers have encountered issues getting their devices to work together effectively. While interoperability and security standards exist, there are none in place that provide consumers the assurance their smart home device will seamlessly and securely connect. To respond to consumer concerns, “Project Connected Home over IP” was launched in December 2019. Initiated by Amazon, Apple, Google and the Zigbee Alliance, this working group focuses on developing and promoting a standard for interoperability that emphasizes security. The project aims to enable communication across mobile apps, smart home devices and cloud services, defining a specific set of IP-based networking technologies for device certification. The goal is not only to improve compatibility but to ensure that all data is collected and managed safely. Dozens of smart home manufacturers, chip manufacturers and security experts are participating in the project. Since security is one of the key pillars of the group’s objectives, DigiCert was invited to provide security recommendations to help ensure devices are properly authenticated and communication is handled confidentially.


Has 5G made telecommunications sustainable again?

The state of the personal communications market as we enter 2021 bears undeniable similarity to that of the PC market (personal computer, if you've forgotten) in the 1980s. When the era of graphical computing began in earnest, the major players at that time (e.g., Microsoft, Apple, IBM, Commodore) tried to leverage the clout they had built up to that point among consumers, to help them make the transition away from 8-bit command lines and into graphical environments. Some of those key players tried to leverage more than just their market positions; they sought to apply technological advantages as well — in one very notable instance, even if it meant contriving that advantage artificially. Consumers are always smarter than marketing professionals presume they are. Two years ago, one carrier in particular (which shall remain nameless, in deference to folks who complain I tend to jump on AT&T's case) pulled the proverbial wool in a direction that was supposed to cover consumers' eyes. The "5G+" campaign divebombed, and as a result, there's no way any carrier can cosmetically alter the appearance of existing smartphones, to give their users the feeling of standing on the threshold of a new and forthcoming sea change.


Learn SAML: The Language You Don't Know You're Already Speaking

SAML streamlines the authentication process for signing into SAML-supported websites and applications, and it's the most popular underlying protocol for Web-based SSO. An organization has one login page and can configure any Web app, or service provider (SP), supporting SAML so its users only have to authenticate once to log into all its Web apps (more on this process later). The protocol has recently made headlines due to the "Golden SAML" attack vector, which was leveraged in the SolarWinds security incident. This technique enables the attacker to gain access to any service or asset that uses the SAML authentication standard. Its use in the wild underscores the importance of following best practices for privileged access management. A need for a standard like SAML emerged in the late 1990s with the proliferation of merchant websites, says Thomas Hardjono, CTO of Connection Science and Engineering at the Massachusetts Institute of Technology and chair of OASIS Security Services, where the SAML protocol was developed. Each merchant wanted to own the authentication of each customer, which led to the issue of people maintaining usernames and passwords for dozens of accounts.


Biometrics ethics group addresses public-private use of facial recognition

“To maintain public confidence, the BFEG recommends that oversight mechanisms should be put in place,” it said. “The BFEG suggests that an independent ethics group should be tasked to oversee individual deployments of biometric recognition technologies by the police and the use of biometric recognition technologies in public-private collaborations (P-PCs). “This independent ethics group would require that any proposed deployments and P-PCs are reviewed when they are established and monitored at regular intervals during their operation.” Other recommendations included that police should only be able to share data with “trustworthy private organisations”, specific members of which should also be thoroughly vetted; that data should only be shared with, or accessible to, the absolute minimum number of people; and that arrangements should be made for the safe and secure sharing and storage of biometric data. The BFEG’s note also made clear that any public-private collaborations must be able to demonstrate that they are necessary, and that the data sharing between the organisations is proportionate.


Security Threats to Machine Learning Systems

The collection of good and relevant data is a very important task. For the development of a real-world application, data is collected from various sources. This is where an attacker can insert fraudulent and inaccurate data, thus compromising the machine learning system. So, even before a model has been created, by inserting a very large chuck of fraudulent data the whole system can be compromised by the attacker, this is a stealthy channel attack. This is the reason why the data collectors should be very diligent while collecting the data for machine learning systems. ... Data poisoning directly affects two important aspects of data, data confidentiality, and data trustworthiness. Many a time the data used for training a system might contain confidential and sensitive information. By poisoning attack, the confidentiality of the data is lost. It is often believed that maintaining the confidentially of data is a challenging area of study by itself, the additional aspect of machine learning makes the task of securing the confidentiality of the data becomes that much more important. Another important aspect affected by data poisoning is data trustworthiness.


Fuzzing (fuzz testing) tutorial: What it is and how can it improve application security?

We know when a programmer is developing code, they have different computations depending upon what the user gives them. So here the program is the maze and then we have, let's just pretend, a little robot up here and input to the program is going to be directions for our robot through the maze. So for example, we can give the robot the directions, I'm going to write it up here, down, left, down, right. And he's going to take two rights, just meaning he's going to go to the right twice. And then he's going to go down a bunch of times. So you can think about giving our little robot this input and robot is going to take that as directions and he's going to take this path through the program. He's going to go down, left, down first right, second right, then a bunch of downs. And when you look at this, we had a little bug here. They can verify that this is actually okay. There's no actual bug here. And this is what's happening when a developer writes a unit test. So what they're doing is they're coming up with an input and they're making sure that it gets the right output. Now, a problem is, if you think about this maze, we've only checked one path through this maze and there's other potential lurking bugs out there.


The three steps for smart cities to unlock their full IoT potential

In theory, if a city applied uniform standards across all of its IoT-connected devices, it could achieve full interoperability. Nevertheless, we believe that cities and regulators should focus on defining common communication standards to support technical interoperability. The reason: Although different versions exist, communications standards are generally mature and widely used by IoT players. In contrast, the standards that apply to messaging and data formats—and are needed for syntactic interoperability—are less mature, and semantic standards remain in the early stages of development and are highly fragmented. Some messaging and data format standards are starting to gain broad acceptance, and it shouldn’t be long before policymakers can prudently adopt the leading ones. With that scenario in mind, planners should ignore semantic standards until clear favorites emerge. Building a platform that works across use cases can improve interoperability. The platform effectively acts as an orchestrator, translating interactions between devices so that they can share data and work. In a city context, a cross-vertical platform offers significant benefits over standardization.



Quote for the day:

"Education makes a people difficult to drive, but easy to lead; impossible to enslave, but easy to govern." -- Lorn Brougham

Daily Tech Digest - January 30, 2021

Internet of Cars: A driver-side primer on IoT implementation

There are millions of internet-connected cars already on the road, albeit mostly with crude subscription services for music and weather apps. With further advances, connection will be much more encompassing, with the average connected car having up to 200 sensors installed, each recording a point of data, minute by minute. The numbers quickly become staggering, and in emergency situations, the need for data agility is apparent. Picture driving on a highway in medium traffic. If someone’s tire blows out half a mile ahead, this information could be quickly conveyed to surrounding cars, warning of the potential for emergency braking. Any DLT solution would have to include a very nimble verification process for all these new packets of information to be brought into and carried by the network. Additionally, because of the computational complexity involved, almost all DLTs today charge a fee for each new transaction brought into the network. In fact, the fee is an integral part of the structure of many of these computational models. This is obviously not going to be workable in a system like urban traffic that would be generating billions of “transactions” every day. The truth is that decentralized data networks were never designed to handle these kinds of massive use-case scenarios.


AI vendors may have to prove systems don't discriminate

Providing proof that AI models are non-discriminatory means AI vendors would have to become much more transparent about how AI models were trained and developed, according to Purcell. "In the bill, it talks about the necessity of understanding what the training data was that went into creating the model," he said. "That's a big deal because today, a lot of AI vendors can just build a model kind of in secret or in the shadows and then put it on the market. Unless the model is being used for a highly regulated use case like credit determination or something like that, very few people ask questions." That could be easier for the biggest AI vendors, including Google and Microsoft, which have invested heavily in explainable AI for years. Purcell said that investment in transparency serves as a differentiator for them now. In general, bias in an AI system largely results from the data the system is trained on. The model itself "does not come with built-in discrimination, it comes as a blank canvas of sorts that learns from and with you," said Alan Pelz-Sharpe, founder and principal analyst at Deep Analysis. Yet, many vendors sell pre-trained models as a way to save their clients the time and know-how it normally takes to train a model. That's ordinarily uncontroversial if the model is used to, say, detect the difference between an invoice and a purchase order, Pelz-Sharpe continued.


Microsoft releases Application Guard for Office to M365 customers

Application Guard for Office isolates certain files opened in the suite's three primary applications: Word, Excel and PowerPoint. Documents obtained from untrusted Internet or intranet domains, files pulled from potentially unsafe areas, and attachments received through the Outlook email client, are opened in a virtualized environment, or sandbox, where malicious code can't wreak havoc. Unlike the much older Protected View, another Office defensive feature — it opens potentially dangerous documents as read-only — files opened in Application Guard can be manipulated. They can be printed, edited and saved. When saved, they remain in the isolation container and when reopened later, again are quarantined in the sandbox. Outdated file types — which can be set by administrators in the File Block feature within Word, Excel and PowerPoint — are also shunted into Application Guard's virtual machine. Application Guard for Office will be available to customers licensing Microsoft 365 E5 or Microsoft 365 E5 Security, and for now, only to those on either the Current Channel or Monthly Enterprise Channel. (Those are the Microsoft 365 update channels that deliver the most frequent refreshes.)


Digital nomads and "bleisure" define the new high-tech take on work trips

Many organizations have adopted remote work policies amid a modern plague. While some companies have brought telecommuters back to the traditional office, others have many long-term commitments to remote work. Ernest Lee, managing director development and investments, Americas, with citizenM hotels, similarly alluded to remote work-enabled "nomadic behavior" among professionals. The company recently announced a global passport; a subscription service allowing remote workers with a penchant for frequent traveling the ability to stay in any of the citizenM's 21 hotels around the globe. "We certainly think that this new sort of lifestyle will attract a certain type of person that wants to also blend in their personal interests and passions [with] not having to be tied down so much to a fixed location," Lee said. The company also offers a corporate subscription providing organizations with access to hotel rooms and meeting room spaces at a fixed price. Lee explained that this package is designed for remote teams who are no longer sharing "the same co-located space." To enhance the traditional business travel experience, hotels are incorporating a wide range of technologies, in-app features, Internet of Things (IoT) capabilities, and more.


'Clone Firm' Fraudsters Stealing Millions From UK Investors

A clone firm is a fake entity created by fraudsters that uses the name, address and Firm Reference Number - a unique identifier assigned to every financial or investment firm in the U.K and issued by the Financial Conduct Authority - of a legitimate organization, according to the alert. In some cases, the scammers will clone or spoof the entire website of a legitimate firm. Once these fake and spoofed websites are created, the fraudsters then send sales and marketing materials to would-be investors that appear to originate from legitimate firms. The scammers also advertise on social media, according to the alert. The fraudsters use phishing emails and social engineering techniques to lure victims, and their use of the legitimate sales materials gives the scheme a sheen of authenticity. Once a connection is established, the fraudsters attempt to get victims to send money to the cloned firm, the NCA notes. "Fraudsters use literature and websites that mirror those of legitimate firms, as well as encouraging investors to check the Firm Reference Number on the FCA Register to sound as convincing as possible," says Mark Steward, executive director of enforcement and market oversight for the Financial Conduct Authority.


DDoS Attacks Reach Over 10 Million in 2020

Richard Hummel, threat intelligence lead at NETSCOUT, said, “It is no coincidence that this milestone number of global attacks comes at a time when businesses have relied so heavily on online services to survive. Threat actors have focused their efforts on targeting crucial online platforms and services such as healthcare, education, financial services and e-commerce that we all rely on in our daily lives. As the COVID-19 pandemic continues to present challenges to businesses and societies around the world, it is imperative that defenders and security professionals remain vigilant to protect the critical infrastructure that connects and enables the modern world.” DDoS attack count, bandwidth, and throughput all saw significant increases since the start of the global COVID-19 pandemic. For instance, attack frequency rose 20% year over year, but that includes the pre-pandemic months of January, February, and most of March. For the second half of 2020, which was entirely pandemic-ridden, attacks rose 22% year over year. As cybercriminals quickly exploited pandemic-driven opportunities, we saw another kind of ‘new normal.’ Monthly DDoS attacks regularly exceeded 800,000 starting in March, as the pandemic lockdown took effect. 


IoT at the edge: magic won’t happen automatically

Creating more value at the edge Dheeraj Remella, Chief Product Officer at VoltDB, notes the uncertainty around many edge and IoT business cases. He argues, “Telcos spend a lot of time talking about moving up the value chain beyond connectivity, and this is a great opportunity. Differentiation is based on sets of complementary features, contributed by an ecosystem, that create capabilities rather than individual features, which as stand-alones are not compelling. The owner of the platform that delivers that joint capability holds the keys to the digital kingdom.” As Remella points out, decisioning at low-millisecond speed is one thing on a private network within an industrial plant, but another ball game when the edge is hugely distributed, such as a wind farm over hundreds or thousands of acres, or for smart agriculture or an electricity grid. He says that often, to cut down processing times at the edge, companies take what he calls a “hyper-contextualised” approach – automating decisions based on data about a single entity or an isolated set of events. This limits its usefulness, just making existing processes digital (digitising), rather than using advances in technology to do things we’ve never been able to do before (digitalising), which means doing thing differently – changing processes.


Sorry, Data Lakes Are Not “Legacy”

From a technical perspective, compute, and storage is intended to be loosely coupled architecture. As a result, this is a benefit for warehouses. However, the benefit is not just for warehouses. Any modern data architecture, by design, depends on a loosely coupled separation of compute and storage to deliver an efficient, scalable, and flexible solution. The fact that data warehouse vendors are introducing separate compute and storage is not innovation compared to data lakes; it is achieving parity with data lakes. The evolution of separate compute and storage in warehouses brings them in line with the architecture employed by productive data lakes via on-demand SQL query services. In a post called When to Adopt a Data Lake — and When Not to, a dig at data lakes was that they could not scale compute easily or on-demand; Some solutions architects have proposed data lakes to “separate compute from storage” in a traditional data warehouse. But they’re missing the point: You want the ability to scale compute easily and on-demand. A data lake isn’t going to give you this; what you need is a data warehouse that can provision and suspend capacity whenever you need it.


AI, machine learning effective in cyber defence, but can also present challenges

"Antivirus technology, for example, operates a strict ‘yes or no’ policy as to whether a file is potentially malicious or not. It’s not subjective, through a strict level of parameters, something is either considered a threat, or not." he says. "The AI can quickly determine whether it’s going to crash the device, lock the machine, take down the network and as such, it is either removed or allowed. "It is important to note that VIPRE uses AI and ML as key components in their email and endpoint security services for example as part of their email security attachment sandboxing solution where an email attachment is opened and tested by AI in an isolated environment away from a customer’s network," Paterson adds. "So while AI might not be an ideal method for preventing accidental data leakage through email, it does have an important part to play in specific areas such as virus detection, sandboxing and threat analysis." Paterson says with so much reliance on email within business practices, accidental data leakage is an inevitable risk. "The implications of reputational impact, compliance breach and associated financial damage can be devastating. A cyber-aware culture with continuous training is essential, and so is the right technology," he says.


Does CI/CD impact telecom operations?

In the standard microservice code model that underpins cloud-native software, every time a common code software component is improved, it will change all network systems that use that standard code. This approach can bring lightning-fast agility and innovation but leaves today's legacy bi-annual software test and validate processes entirely unfit for purpose. The telecom CI/CD philosophy means that software is developed, delivered, tested, accepted, and brought into operation incrementally at a far higher cadence than previously in a traditional service provider environment. Further, it creates a significant software development volume that needs validation on an increasingly dynamic network. This approach implies that continuous software validation and continuous testing must accompany continuous software delivery and deployment. These requirements demand a new agile way of working between the network operator, its software suppliers, and vendors. Essentially, the merging of Dev and Ops as in the IT world is now a must for the telecom context where the 'Dev' from vendors needs to seamlessly merge and receive feedback from the 'Ops' on the operator side of the firewall. This evolution requires a transformation on both the vendor side as well as the operator side.



Quote for the day:

"Entrepreneurship is the last refuge of the trouble making individual." -- Natalie Barney