January 11, 2014

Watch out for these 10 common pitfalls of experienced Java developers & architects
There is a ton of information on how to get a wide perspective on a large enterprise project: scaling your architecture, message busses, database interconnections, UML diagrams and other high-level stuff is well documented. But what about those of us who are just experienced, professional Java developers? This area is lacking coverage, and programming advice for the senior developer, team leader or the junior architect is hard to find.


Intel Has Its Eyes Fixed on Networking
You know Intel’s long history of supplying the main chips that run personal computers and servers. And you probably know that it supplies some chips for mobile phones and tablets, though not quite as many. But did you know that Intel is also getting into the business of supplying chips for networking gear? The way the chip giant sees it, there’s a $16 billion business of supplying processors for gear that moves data, whether it’s in a corporate data center or on a telco carrier’s network — or anywhere in between. And it reckons that it already has about a five percent share of that business.


How to Cultivate Senior Management Skills
Edward T. Reilly, chief executive officer of American Management Association International, assembled a book for new and experienced leaders titled AMA Business Boot Camp. Let me share with you some of the helpful advice to be found in the book. Here are some “Action Items” assembled to help managers cultivate senior management skills, like:


No Brain Drain in Bulgaria as IT Experts Stay Put
Kiril Karaatanasov is typical of the experienced developers and their success. He owns a house and a flat, and is about to buy his third property, something unthinkable among his foreign contacts. “A friend of mine in Silicon Valley can hardly afford to pay the rent for a house smaller than my flat,” Karaatanasov says. “Silicon Valley is better than most of the older EU countries and most of my German friends and French friends move there for money.”


The 7 best habits of effective security pros
The role of the security professional has evolved beyond that of mere technical savvy, and now includes consultant, educator, investigator, and defender of the data. To understand the traits and habits that matter the most, we reached out to a number of security professionals by phone, email, and social media, who are successful in their respective areas in the field. If there's one thing that screamed out from the interviews it was this: security knowledge alone is only the beginning of the skills and habits one needs to succeed.


Big Data Strategy: s+b’s Strategy of the Year
Big data strategy is the latest example of how a particular something-strategy can suddenly win rapt attention on the runways of corporate fashion. Businesses are drowning in an explosion of data unleashed by the convergence of low-cost, high-volume computing; ubiquitous wireless telecommunication; and the Internet’s continued penetration into more and more aspects of our daily lives.


IBM’s Watson to Help Rich DBS Clients With ‘Jeopardy’ Smarts
The Singapore-based bank plans to begin using the tool, which can answer questions in conversational language and learn from responses, to aid financial planners in guiding its wealth-management unit’s affluent customers, IBM said today. Watson will analyze large volumes of financial data to help DBS, Southeast Asia’s largest lender, offer more customized service. The agreement gives IBM a proving ground as it tries to show clients the value of its Watson technology.


Just Say No to Tech Purchases That Won’t Yield ROI
Paying for that new computer, software, mobile device, or peripheral is only the first expense you’ll incur with most technologies. Smartphones have voice and data plans. Laser printers tend to eat up expensive ink and toner. And pretty much everything you buy for your employees needs tech support. That support could be as simple as having your resident geek run a virus scan or as complicated as bringing in a technician to troubleshoot your network.


The Sustainability Agenda in Kanban
Kanban is the humane, start with what you do now approach to change. That humane side is captured in a system of nine values. These explain the motivations of the method and they provide a helpful starting point for exploring how it actually works. Each value identifies a goal of one or more of Kanban’s principles or practices and suggests some of the benefits to be derived from following them. Conversely, they suggest that the pursuit of those goals and benefits may be well served by the adoption of their respective method elements.


Beyond Piracy: Software Publishers Battle Greater Threats to Their Intellectual Property
In today’s market, it’s essential for software publishers to solidify their competitive advantage by securing their innovative and unique products against reverse-engineering, which can lead to duplication by competitors looking to fast-track their development efforts and time to market with a competitive alternative. With competitive espionage becoming more and more common, valuable software IP containing code, algorithms, application data files and trade secrets is at risk of prying eyes, reverse engineering, theft, and copycatting by competitors.


Quote for the day:

 "Be careful the environment you choose for it will shape you;be careful the friends you choose for you will become like them" -- W. Clement
Posted by at No comments:
Labels: , , , , , , , , , , ,

January 10, 2014

Security analysis of mobile banking apps reveals significant weaknesses
While banking apps generally use SSL encryption for sensitive communications, Sanchez found that 90 percent of the tested apps also initiated several non-encrypted connections during their operation. This allows attackers who can intercept that traffic -- for example on an insecure wireless network -- to inject arbitrary JavaScript or HTML code into it, for example to display fake login prompts to the app's user or to launch other social engineering attacks. In addition, even when using encryption, 40 percent of the tested apps did not validate the authenticity of digital certificates they received from the server, making them vulnerable to man-in-the-middle attacks using fake certificates.


Data visualization best practices help users envision business success
"The context of why visualization is so powerful is because as people we're really wired to process images much better than the way we've been working, which is just [with] columns and rows of numbers," said Feinberg, president and founder of DecisionViz, a consultancy in Westfield, N.J., that helps companies develop and implement data visualization strategies and processes. He said visualization tools also open the doors to analytical data to more business users in organizations, which can help improve decision making and instill a more data-driven culture internally.


Simple and fast CSV library in C#
This library allows to save a collection of objects to a CSV file. It also allows loading from CSV files with linq expressions. It is: Simple to add to your application (Single C# file); Simple to use (loading and saving can be done with a single line of code); Fast (the demo creates a million client records in 2 seconds on my laptop); and Small memory footprint (tested with over 10,0000,000 records).


Net Medical Xpress Releases HIPAA-compliant WebRTC-enabled Telemedicine Solution
RTC (real-time communications) Conference Switch is HIPAA-compliant, which means that medical providers can discuss and transmit patient information without fear of compromising HIPAA and HITECH regulations. "Our RTC Switch, which is RSA asymmetrical, includes precise audit controls, public/private key encryption and Net Medical's Safety Pilot permission software," explained CEO Dick Govatski. Safety Pilot is a security protocol that routes calls and shared files through a complex route of encryption, authorizations, permissions and auditing. Doctors and patients can communicate via telemedicine without concerns about malware or unauthorized data access.


Ways To Deal With Botnet
Botnets use multiple attack vectors; no single technology can provide protection against them. For instance, the goal of a DDoS attack is to cripple a server. The goal of a phishing attack is to lure users to a spoofed Website and get them to reveal personal data. The goal of malware can range from collecting personal data on an infected PC to showing ads on it or sending spam from it. A defense-in-depth approach is essential to detect and mitigate the effects of botnets.


Network Monitoring Best Practices: Setting a Network Performance Baseline
In the simplest terms, a network performance baseline is a set of metrics used in network performance monitoring to define the normal working conditions of an enterprise network infrastructure. Engineers use network performance baselines for comparison to catch changes in traffic that could indicate a problem. Setting a network baseline also provides early indicators that application and network demands are pushing near the available capacity, giving the networking team the opportunity to plan for upgrades.


Curb Appeal: The Tipping Point for Redesign
When you’re working with limited resources and a small team though, you have to look for inspiration across different functions. You might be surprised to find that inspiration and innovation don’t just come from specific job titles. For us, the initial idea and design for our new homepage came from one of our software engineers during a monthly hack day. An unlikely source, yes – but it turned out to be not just a radical shift from our current site — but a shift we all believed might actually work for our members.


Intel's 64-bit Android 4.4 OS for x86 smartphones ready for OEMs
64-bit Android could reach tablets first. Intel said 64-bit Android tablets powered by its Atom processor code-named Bay Trail will become available in the first half of this year. The tablets are expected to sell for as low as $150. The code completion paves the way for device makers to load 64-bit Android and their own user interfaces on devices. A full 64-bit Android is not yet available on smartphones or tablets. Intel also hopes developers will start writing 64-bit applications for Android smartphones running on Atom chips, the spokeswoman said.


Hot data storage technologies for 2014
Some of our predictions are about storage technologies that have only recently emerged from R&D labs, but they bear so much promise that we think they will weigh in immediately. That's the nature of the storage market today: Technologies that used to take years to evolve and gain a following are topping the charts in short order these days. Case in point: solid-state storage's meteoric rise. In fact, the ever-developing flash storage is featured in this year's predictions, with two solid-state techs -- Non-Volatile Memory Express (NVMe) and 3D flash -- about to spring into prominence.


Coverity Testing Platform Expands Java Web App Coverage, Revamps C# Analysis Engine
Coverity Development Testing Platform 7.0 broadens Java Web application security coverage, adds new security audit views and reports, and revamps its C# analysis engine in what the company describes as a a major rewrite. The platform combines code analysis, change-aware unit test analysis, and policy management across the three most widely used enterprise programming languages: Java, C/C++, and C#.


Quote for the day:

 "How committed are you? There is a remarkable difference between a commitment of 99% and 100%." -- Vic Conant
Posted by at No comments:
Labels: , , , , , , , , , , ,

January 09, 2014

Dealing with the data deluge, and putting the 'information' back into CIO
Dealing with data overload is an appropriate challenge for the CIO. As Gavin Megnauth, Group CIO at Impellam, pointed out: "We are called Chief Information Officers — but taking that title literally, it's worth asking ourselves whether we are spending the appropriate amount of time managing unstructured company information in particular." Megnauth said that while big data is this year's hot topic, with much focus around business intelligence, data warehousing and analytics, an overlooked area is ensuring that unstructured data can be used for business advantage.


Yahoo email encryption standard needs work
Some of Yahoo's HTTPS email servers use RC4 as the preferred cipher with most clients. "RC4 is considered weak, which is why we advise that people either don't use it, or if they feel they must, use it as a last resort," Ristic said. Other servers, like login.yahoo.com, primarily use the AES cipher, but do not have mitigations for known attacks like BEAST and CRIME, the latter targeting a feature called TLS compression that login.yahoo.com still has enabled.


Optimizing the Use of Technology for Business
In 2013 many organizations made progress in balancing technology decisions across business and IT as the lines of business continued to take leading roles in investment and prioritization. Major investments were made in business applications using software as a service, business analytics and mobile computing applications. In some other areas of innovation, particularly big data and social collaboration, deployments are just beginning to happen and a significant amount of projects are in experimental and proof of concept than enterprise use.


Set up a PC as a kiosk using Windows 8.1's Assigned Access
Windows 8.1's new Assigned Access feature allows you to configure a local user account to essentially function in kiosk mode, and it doesn't even require you to edit the registry or dedicate a PC to the task. Once you configure an Assigned Access account, a user signed on to that account only has access to the one Modern app that you specify -- the user cannot run any other application or make any changes to the operating system. Other users can sign on to the computer and have full access to Windows 8.1.


Tracking Sensors Invade the Workplace
As Big Data becomes a fixture of office life, companies are turning to tracking devices to gather real-time information on how teams of employees work and interact. Sensors, worn on lanyards or placed on office furniture, record how often staffers get up from their desks, consult other teams and hold meetings. Businesses say the data offer otherwise hard-to-glean insights about how workers do their jobs, and are using the information to make changes large and small, ranging from the timing of coffee breaks to how work groups are composed, to spur collaboration and productivity.


Why Smart Leaders Are Loosening the Reins
Happily, some smart business leaders have begun to figure out that what worked in the industrial age has no place in the ideas economy. Over the course of writing The Talent Mandate, I surveyed more than 100 senior executives about their talent practices. Only 11 percent of them believe that traditional command-and-control structures are still the best way to derive value from employees. What I have learned from these leaders and the scores of others I interviewed is that when it comes to managing talent in today’s vastly changed environment, it makes sense to loosen the reins.


The art of conversation: Using contextual data to deliver on your intent
Some companies believe real-time decisions are only nice-to-have. These companies may script conversations in advance. If so, all their conversations are like the one above. It may occasionally work, but only when they talk to customers that don't tell them anything new. How likely is that with customers continuously adding to high velocity big data? Every interaction in every channel, every tweet and post, every change in physical location can all become relevant to the current conversation.


Network security spending to surge in 2014
Spending on network security, which represented 21 percent of the total security spending pie in 2013, is expected to increase in 2014 as enterprises increasingly look to thwart breaches and attacks. According to a Forrester Research survey of more than 2,000 security pros, 46 percent of companies expect to increase network security spending in 2014. Forrester noted that companies are deploying a Zero Trust security model that requires the verification and security of all resources, limits on access and constant monitoring and logging of traffic.


Exclusive Guide: Energy Essentials for the Modern Data Center
You’re not alone. Traditional infrastructures weren’t designed to power today’s new workloads and, as a result, IT managers have been forced to take a closer look at their data center designs. To help support your efforts, the editors at SearchDataCenter.com have compiled a comprehensive guide that outlines current energy concerns, latest techniques for improving power and cooling and tips to understanding – and reducing – consumption in the data center.


Preparing for Your First MongoDB Deployment: Backup and Security
The intention of a Defense In Depth approach is to layer your environment to ensure there are no exploitable single points of failure that could allow an intruder or untrusted party to access the data stored in a MongoDB database. The most effective way to reduce the risk of exploitation is to run MongoDB in a trusted environment, to limit access, to follow a system of least privileges, to follow a secure development lifecycle, and to follow deployment best practices.


Quote for the day:

 "Don't be encumbered by history. Go off and do something wonderful" -- Robert Noyce
Posted by at No comments:
Labels: , , , , , , , , , , ,

January 08, 2014

Machine learning, embedded analytics and big data march ahead in 2014
Will we look back on 2014 as the year that marked a new era in business? According to faculty at the International Institute for Analytics (IIA), advances in big data, along with machine learning and embedded analytics, will drive new products, reinvent old business processes, and quite possibly mean a lot more work for lawyers. The Portland, Ore.-based advisory and research analytics organization released nine official predictions for the new year...


New French surveillance law: From fear to controversy
Even though France's actions haven't been talked about anywhere near as much as the NSA scandal has, the French government says it has begun working on new ways to legitimize these widespread powers of surveillance. A new law just passed by the French Senate defines the conditions under which intelligence agencies may survey citizen’s data - including telephone conversations, email correspondence, web browsing activity, and personal location data.


Preparing for PCI-DSS Version 3.0
Among the new requirements of version 3.0 are steps to mitigate payment card risks posed by third parties, such as cloud providers and payment processors. The new version also stresses that businesses and organizations that accept and/or process cards are responsible for ensuring the third parties they rely on for outsourced solutions and services use appropriate security measures, says Leach, the council's chief technology officer. "Many of the breaches have involved the integrity of the third parties," Leach says. "Organizations need to help those types of entities understand their PCI responsibilities."


Seagate Crams 500 GB of Storage into Prototype Tablet
Of course there's plenty of reasons we don't already have hard drives in tablets. The compromise that immediately leaps to mind when you add a spinning hard drive is, of course, battery life. Seagate's solution in this prototype was to hybridize the storage with the addition of 8GB of flash memory. The vast majority of the time, the tablet is just running on flash, and the magnetic drive is powered off. If you want to play a movie, though, the drive will spin up, swap the movie onto the flash memory through a fast 6 gb/s SATA interface, and then spin down again.


Lenovo expects to benefit from CYOD trend
"For the average small business, it's not a productivity loss or big concern to them if they have to reimage one of their 10 PCs every now and then, but for a company which has a 100,000 of them, they absolutely want commonality of the image and we have the internal labs to do that," explained Beck. He added Lenovo's portfolio expansion in recent years into tablets and convertibles has made its proposition even more compelling. At CES, the company further ramped up its product range to include Android desktops.


Information technology budgets are stable or growing
Data suggests 2014 will provide another year of stability and even growth for IT departments, with 32% of respondents indicating they're fully staffed and another 39% indicating they're looking to make new hires. The relative stability and uptick of budgets and headcounts, however, doesn't mean IT leaders have left their penny-pinching ways behind. All the CIOs and IT leaders interviewed for this article, including those whose budgets and staffs increased in 2013, stressed that they continue to look for ways to cut costs without sacrificing service or innovation.


The Keys to Leadership: Your Brain and My Grandmother
If you’re stressed or facing a critical decision, get out of your office! ... Even concentrating on a photograph of nature can help. There’s wisdom in taking time for a regular stroll at lunch. In Your Brain and Business, Pillay cites studies showing that physical movement can have a profound effect on how you think: Getting into a box-like structure and then stepping out of it actually improves your ability to get creative and think “outside the box,” so don’t expect your next big idea to come during the hours you spend in a conference room.


Personalization Is Back: How to Drive Influence by Crunching Numbers
What marketers usually call a response model doesn't simply predict who will buy, per se. Rather, more specifically, it predicts, "Will the customer buy if contacted?" It is predicting the result of one treatment (contact) without any consideration for or prediction about any alternative treatment, such as not contacting or contacting with a different marketing creative. ... Therefore, a response model suffers from a sometimes-crippling, common limitation: The predicted outcome itself doesn't matter so much as whether the marketing treatment should be credited for influencing that outcome.


CIOs Must Balance Cloud Security and Customer Service
"Customer expectations are higher now," said Shawn Kingsberry, CIO of the Recovery, Accountability and Transparency Board. "Everyone's so mobile, and at home they do so many things and have access to so much information, the expectations in the office are even higher when you look at the services that have to be delivered." ... "It's that balance that you have to get," Kingsberry said. "You want to deliver the service, but there are tradeoffs."


Standards in Predictive Analytics: PMML
PMML has particular value for organizations as they move away from a batch scoring mindset to a more real-time scoring approach. When scoring was done in batch it was generally done using the same technology as was used to build the model. With real-time scoring it has become essential to be able to move models from their development environment to a more real-time, interactive scoring environment and PMML has emerged as the primary way to do this.


Quote for the day:

"I don't believe in taking foolish chances. But nothing can be accomplished without taking any chances at all." -- Charles Lindbergh
Posted by at No comments:
Labels: , , , , , , , , , , , , , ,

January 07, 2014

Will we embrace biometrics to replace passwords? FIDO authentication at CES 2014
“Up until now, everyone thought the smartphone was the key to the cloud, but everyone was wrong. The smartphone is a lock and a very smart lock with lots of sensors,” FIDO member Sebastien Taveau told the Washington Post. “Your human body will be your own key, and you will get an extremely customized experience on your device and feel more comfortable doing more on your device than ever before.” While we are terrible when it comes to passwords, many companies are equally terrible when it comes to protecting those passwords.


Continuous integration testing: Challenges and solutions
When the stories from different teams are assembled, there is often a lack of clarity around who is responsible for testing how well they integrate. Processes around integration testing can be a point of confusion for Agile teams. Continuous integration (CI), which is the process of running regression tests with each build, can help, but will not solve all your integration test needs. Agile expert Janet Gregory discusses the challenges with integration testing and explains the practice of continuous integration.


Cybersecurity is for the C-suite, 'not just the IT crowd'
First, the people that sit in the C-suite, the people sitting on the Supreme Court, the people who are generals -- they likely didn't use computers when they were in college. So there's a learning curve. Secondly, these issues have emerged quite rapidly and it's been difficult for businesses and organizations to stay ahead. Just a couple of years ago there was no malware designed to go after mobile devices. Very few people were thinking about how to defend mobile networks because there were very few people using them and very few threats to them. Now there are many, many threats.


The problem with wearables
With all the recent activity with wearables, you'd think consumers are waiting to snap them up and hit the streets wearing one device or another. Some no doubt will do just that, but history tells us that might not happen. Remember the lowly Bluetooth headset that used to be in ears all over the place? These gizmos were early examples of wearable tech that did what they were designed to do, and in many cases did it well. That's why it was common to see them all over the place, inserted in consumers' ears to let them interact with their phone which could remain in the bag or pocket.


10 Companies and Technologies to Watch in 2014
Every year we highlight 10 companies and technologies to watch for the coming year. Our selection is driven primarily by the technologies being distinctive, innovative and relevant to major trends in the industry that we follow. Here is our list, arranged in alphabetic order to avoid suggesting that we have ranked the chosen companies and technologies:


Still More R and Python
Developing thought by some practitioners, though, suggests that Python will soon supplant R and assume the mantel of lingua franca for data science computing. The reasoning is as follows: “While R has traditionally been the programming language of choice for data scientists, it is quickly ceding ground to Python…. there are several reasons for the shift, perhaps the biggest one is that Python is general purpose and comparatively easy to learn whereas R remains a somewhat complex programming environment to master….Python still lacks some of R's richness for data analytics, but it is closing the gap fast.”


Intel's smallest computer to power wearable devices
Edison is Intel's smallest computer and is intended for use in small, flexible electronics that can be worn around the body. The computer has Intel's extremely low-power Quark processor, and Bluetooth and Wi-Fi wireless connectivity to communicate with other devices. Intel wants to put Edison in wearable products beyond the regular realm of smartwatches, smart glasses and health monitors expected to swamp the International CES trade show being held this week in Las Vegas.


Pragmatic Techniques for Maintaining a Legacy Application
The first step for maintaining a legacy application is to understand it. It is impractical for us to understand every detail of the application, but we need to understand the big picture: ... Analyzing code statically is either inadequate or inaccurate. We developed several tools to spy on the application at runtime to answer these questions. We took care to implement these tools as add-ons: they are not entangled with the application code, so they are not extra code that we have to maintain.


IT Spending in Software and Services in India to Grow
Bahl says, “We expect the Indian economy to start recovering from the tough situation it faced in 2013. It will start picking up (albeit at a slower rate) in 2014 thanks to good monsoons, an uptick in exports due to the weakening of the rupee, and huge infrastructure projects in public transportation, housing, agriculture, and farming that we expect to take off once a new central government is in place. As a result, we’ve marginally increased our 2014 forecast from 7.4 per cent to 8 per cent in local currency.


Cybercrooks Developing Dangerous New File-encrypting Ransomware, Researchers Warn
The new malware is called PowerLocker and its development was most likely inspired by the success of the CryptoLocker ransomware Trojan program that infected more than 250,000 computers since September. Like CryptoLocker, PowerLocker allegedly uses strong encryption that cannot be cracked to recover the files without paying, but it's also more sophisticated and potentially more dangerous because its developers reportedly intend to sell it to other cybercriminals.


Quote for the day:

 "Leaders are visionaries with a poorly developed sense of fear and no concept of the odds against them." -- Robert Jarvik
Posted by at No comments:
Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)