December 24, 2015

Privacy Protects Bothersome People

For many people, privacy is a fundamental right - they see no reason why a government should be meddling in my affairs without a more specific reason than a blanket search for possible terrorism. But even if you don't share a desire to preserve some privacy from government agents, you should still be concerned about citizens' privacy. This is because it isn't about me, or my friend. The value of privacy to us isn't primarily about our privacy but about those who play a more active role in the operation of a democratic system of government. Such activity often involves bothering people who have power, and those with power are likely to use their power to suppress the bothersome. But without all that bothering, democracy withers.


Information security -- don't let the apparent complexity intimidate you

Think of your security perimeter like you would the fence around your yard, the idea being to keep the bad guys out. Almost since the inception of modern information security, the firewall has been the fence of the security perimeter. The perimeter and the firewall have been a topic of much debate in the last couple of years, with many industry experts claiming that the perimeter no longer matters. With smartphones, VPN connections, etc, opening holes in what used to have a single point of entry, some feel it is a wasted effort. In my opinion, and after much experience in the trenches of business information security, you need a good firewall, period. You need a strong product, and it needs to be configured properly (and not just taken out of the box and plugged in). True, a firewall is not perfect, and not as good protection as it was at one time, but it remains your first line of defense.


How fake users are impacting business … and your wallet

Schorr of Bomgar says that stopping fake users from getting into a company's system isn't necessarily that difficult. It's just a matter of priorities.  "I don't think hackers are that good," he says. They're looking to jump over the lowest hurdle, and making them take one more step to creating an account can push them towards another company that who bother to set up the hurdle on the track.  "They bump up against something and they pull back," he says. "They keep going until they find something or someone or somewhere they can get in." That could be through your low-security barriers, or through a third-party vendor who's in your space and doesn't pay as much attention to security as you do. Securing your fences and theirs, he says, is crucial.


How The Robot Revolution is Going to Change How We See, Feel and Talk

The swallowable robot is only one scenario that researchers in Bristol in the west of England are working to make a reality, as part of research that seeks to use bots to enhance, rather than replace, people. ... "There are lots of areas where robots could help humans do things," said Pipe. "That's really one of the big new areas. So as opposed to replacing humans, helping humans will be a large area for growth." Pipe talks about "human-robot teams" working together. "We're not saying the robot suddenly becomes a simulacrum of a human being—it's still a robot doing the dumb things and being instructed by a human being—but it may be able to do more useful and skillful things than robots have been used to do so far."


Use AutoScaling to Dampen DDoS Effects

The easiest approach to take when trying to prevent a service interruption is to absorb the attack. There are other more complicated and costly approaches such as deploying advanced and/or application firewalls, and in some cases that’s the approach needed. However, there’s a relatively lower-cost and effective solution to absorb DDoS attacks: AutoScaling. Most of the time, a publicly-available site’s traffic will be directed by an ELB. The underlying compute instances that make up the ELB are managed by AWS directly, and are built to scale horizontally and vertically without intervention or advance planning. Meaning, as traffic to your site increases, so scales the ELB. ELBs also only direct TCP traffic. This means that attack types that use protocols other than TCP will not reach your underlying applications.


Hiring, Budget Concerns Top Of Mind For IT Leaders In 2016

The 2016 Annual IT Forecast from IT staffing firm TEKsystems released earlier this month shows a mixed bag of good news and bad news for IT leaders, including CIOs, vice presidents, directors, and hiring managers. The good news: They feel fairly confident that they can meet business needs, and they're looking to add talent to their organizations. The bad news: They're losing more control of tech spending, and they're worried about meeting the challenges of new projects. TEKsystems, which has released its forecast for the past four years, surveys IT leaders on major topics affecting their departments and their role as leaders. This year, the company polled more than 500 IT leaders in the US and Canada in multiple industries at companies ranging in size from less than $50 million to more than $10 billion in annual revenue.


DevOps – the need for speed

Automation is crucial for many DevOps practices and helps you move faster without sacrificing stability or security. You can eliminate manual and siloed processes and move to an automated and collaborative way of working as well as setting yourself up for future innovation and growth. If engineering teams can make vital changes to applications more quickly and cost-effectively, business will become more receptive to the market needs. For example, if a product team needs to roll out a new feature, the necessary infrastructure will be deployed on demand, and will always conform to the security and configuration specifications required.


The Top Three Online Security Menaces You Should Worry About in 2016

People will continue to be ill-prepared because the caution and vigilance—verging on paranoia—that are required to be safe online are not in most folks' nature. "We are conditioned to be social, to collaborate," says Geoff Webb, a VP at security firm Micro Focus, which specializes in preventing security breaches. "These are all good things . . . but they are absolutely, ruthlessly, and vigorously exploited by attackers." Governments and marketers can exploit too, he warns. We asked Olson, Webb, and Ondřej Vlček, COO of antivirus maker Avast, what new or growing dangers the public should watch out for in 2016. Three rose to the top: attacks on smartphones, ransomware that holds data or devices hostage, and leaks from new connected gadgets like TVs and home automation systems.


IT outsourcing year in review: Grading our 2015 predictions

“The renegotiations have been driven in part by re-solutioning to bring in new technologies, retrofitting to add digital technologies, restructuring to adopt outcome or output based pricing, reconciling the contract to changing realities, and re-sourcing components of the services to specialized providers.” This behavior, however, was more stop-gap than strategy, says Bill Huber, managing director with outsourcing consultancy Alsbridge. “The market has shifted dramatically, and re-competes have demonstrated the potential to unlock significantly greater value at this juncture than can usually be achieved by a straight renegotiation, whether or not the renegotiation includes re-scoping.”


Smartphones are completing the broadband revolution

Most revealing of all, among "hard to reach" consumers -- those who have never had a home broadband connection -- only a quarter cite price as their biggest barrier. According to the Pew findings, just 25 percent of nonadopters are interested in someday subscribing to broadband service, while 70 percent say they're not interested, at any price. The real holdup to broader home adoption, in other words, has little to do with its cost. What then? Earlier Pew studies, including one in 2013, found instead that two-thirds of nonadopters cited relevance or usability as their main reason not to use the Internet at all. It's not clear how dominant those obstacles remain. Unfortunately, the 2015 survey did not use the same methodology as earlier Pew studies, which asked non-Internet users to list their reasons in an open-ended question.


Quote for the day:


"Be a leader to be remembered, make people feel good about themselves and increase their belief in their own abilities" -- @GordonTredgold

Posted by at No comments:
Labels: , , , , , , , ,

December 23, 2015

2015: A Cloud Security Wake Up Call

Some interesting areas to watch include security information and event management (SIEM), which integrates security information management (SIM) and security event management (SEM). to provide real-time analysis of security alerts generated by network hardware and applications. Some SIEM leaders working on integrating SIEM with cloud security include Hytrust, IBM, Intel Security, and Splunk. An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. IDS come in a variety of “flavors” and approach the goal of detecting suspicious traffic in different ways. IDS leaders include Cisco (Sourcefire), IBM, Intel Security, and HP.


Innovation and the visionary CIO

Companies eyeing technology trends see massive opportunities and potential threats, with technology-led innovation as a competitive weapon that has two, very sharp, edges. This level of innovation doesn't arise from tactical decisions taken at the business unit level. It requires the kind of core assessment of technology, opportunity, and impact that only a centrally positioned role, such as the CIO, can deliver. While IT has long been responsible for "keeping the lights on," the best CIOs also look for ways to accelerate business growth, providing guidance and guard rails for the CEO and board. ... Keeping IT strategy headed in the right direction while avoiding investments in too many technological dead-ends requires a single vision of what is necessary and possible. Only the CIO can provide that vision.


Getting mobile device management right: Four key steps

One of the benefits of an MDM program is the ability to understand how employees are using their mobile devices. Routing the flow of information back to the IT department and help desk from the start can improve performance down the line. For example, an understanding of which devices and models are popular enables your help desk to train more accurately, resulting in better assistance with future troubleshooting issues. Another useful strategy is to share application inventory information with your support departments to ensure that corporate apps deploy properly. Sharing information with human resources about which users are active on which platforms helps their department appropriately update credential provisions when employees enter and leave the system.


Could the Internet of Things spark a data security epidemic?

What separates smart systems from "dumb" systems? IoT-enabled devices collect huge amounts of personal information, which can be retained and used to extrapolate users’ behavioral patterns and preferences. By doing so, businesses can then use these insights to automate and improve the overall user experience. This information is extremely valuable for businesses and consumers alike. However, it’s important to think about what happens to that data after you are done using the devices. In addition to acquisition and implementation, be sure to consider end-of-use or end-of-life scenarios too. In these cases, there needs to be a core feature and functionality in smart refrigerators, smart thermostats, smart TVs and all other connected products that fully wipes all data clean and can then show verifiable proof that no residual data could ever be recovered.


EU finally agrees draft of Europe-wide data privacy law

According to a recent European Parliament press release, however, the end may at last be in sight. The European Council and European Parliament have now reached a “strong compromise” on a draft of the GDPR. “It is now up to [EU] member states to give the green light to the agreement.” MEP Jan Philipp Albrecht, the European Parliament’s chief negotiator for the GDPR, said that “negotiations hopefully have cleared the way for a final agreement”. “In future,” he added, “firms breaching EU data protection rules could be fined as much as 4% of annual turnover – for global internet companies in particular, this could amount to billions. In addition, companies will also have to appoint a data protection officer if they process sensitive data on a large scale or collect information on many consumers”.


Poor security decisions expose payment terminals to mass fraud

Payment terminals require a secret key to authenticate with payment processors over the Poseidon protocol. However, like with ZVT, payment terminal manufacturers implemented the same authentication key across all of their terminals, SRLabs found. This error can be abused to steal money from merchant accounts. While most transactions add money to such accounts in exchange for goods or services, there are a few that can cost merchants money, for example transaction refunds or top-up vouchers like those used to recharge prepaid SIM cards. In the worst case scenario, attackers could hijack terminals and use them to issue refunds to bank accounts under their control from thousands of merchants by simply iterating through terminal IDs, which are usually assigned incrementally.


Amazon's 'Virtual CPU'? You Figure It Out

Amazon uses what it calls "EC2 Compute Units" or ECUs, as a measure of virtual CPU power. It defines one ECU as the equivalent of a 2007 Intel Xeon or AMD Opteron CPU running at 1 GHz to 1.2 GHz. That's a historical standard, since it dates back to the CPUs with which Amazon Web Services built its first infrastructure as a service in 2006 and 2007. (The Amazon ECU is also referred to as a 2006 Xeon running at 1.7 GHz. Amazon treats the two as equivalent.)  The value of Amazon's ECU approach is that it sets a value for what constitutes a CPU for a basic workload in the service. ECU's were not the simplest approach to describing a virtual CPU, but they at least had a definition attached to them. Operations managers and those responsible for calculating server pricing could use that measure for comparison shopping.


Cybersecurity in the digital age for the smart grid

Cybersecurity strategists must keep pace with – indeed, anticipate - the feverish pace of digital technology development. Each layer of the IP stack on which these technologies function offers hackers potential attack vectors into the emerging Smart Grid. Chip-laden computer boards integrated into a grid component – a transformer, a recloser, a circuit breaker – a represents a potential pathway into which hackers can gain entry to gather sensitive information or disrupt grid operations. Compliance with NERC and FERC regulations should be considered only a starting point toward true system security. In the ever-evolving digital age, regulations always lag behind rapid technology advancement and intensifying intruder strategies. Every power plant and interconnect now needs a brain trust which includes a lawyer, an insurance expert and a cybersecurity team.


Expect Data Breaches, Awareness to Increase in 2016

There is a lot of mystery wrapped up in security, given the sophisticated attacks launched by nation states and cyber criminals; however, many times the solution is simple and involves fundamental security principles like good passwords and encryption for sensitive data. Arguably every year should be the year of encryption, but we have seen enough avoidable damage from a lack of encryption (see TalkTalk shares tank 11% on fears that customer compensation bill could wipe out profits and “I am surprised….no encryption has been used”) this year that those responsible will start to insist upon encryption being a fundamental part of the overall storage/security strategy. The end of US/EU Safe Harbor will also help push encryption as part of a data privacy mechanism.


Updated Mobile Malware Targets Android

"Mobile devices are the new front for cybercrime - the earlier a bank acts, the sooner criminals find other targets," says Al Pascual, director of fraud and security at Javelin Strategy & Research. "To manage this growing threat, bankers should apply a holistic approach, including account-holder education on mobile security best practices, biometric authentication in the mobile app, and strong back-end account security, such as behavior metrics, device fingerprinting and transaction analysis." But banks' efforts are being subverted in part by many Android device manufacturers failing to keep their customers' devices updated with the latest operating system updates and security patches. According to research conducted by G Data in October, for example, few Android devices today are secure.


Quote for the day:



"Opportunity always involves some risk. You can?t steal second base & keep your foot on first!" -- Joseph Heller

Posted by at No comments:
Labels: , , , , , , , , , , ,

December 22, 2015

Agile is not Enough: Revolution Over Transformation

Todd Charron has been a speaker at numerous conferences, is the lead mentor for Lean Startup Machine Toronto and is the founder of Follow Your Fear Day. Todd combines his background in Improv with over 15 years of experience in the software industry as a Developer, Manager, Agile Coach, and Lean Startup Mentor to help organizations and teams be bolder and more creative. ... Todd Charron argues that for success it is necessary to go beyond a change of processes and tools, to change how people in an organization see themselves and their role in it.


The road to hybrid cloud architecture is paved with mistakes

One error organizations used to make when implementing hybrid cloud architecture, said David Linthicum, a consultant at Cloud Technology Partners Inc. and author of numerous books on IT, started with OpenStack. IT organizations use the open source cloud software platform to build a private cloud, which offers advantages similar to public cloud but uses in-house architecture. It's a perfectly reasonable endeavor, except many organizations didn't fully understand what they're getting into. "It was too much of an engineering challenge for them to take on, and they ended up going over budget or just abandoning it quickly," Linthicum said. The problem for many was that they believed the hype on private cloud as a bulletproof and easy-to-implement alternative to public cloud, Linthicum said, citing 2013 as the banner year for vendor bunk.


Year-end career checkup, Part 1: If you listen, they will call

We've all seen plenty of comedy -- or tragedy -- result when two people who don't speak the same language attempt to converse. Even when they do, misinterpretations and misperceptions abound, and our workplaces prove it. Job interviews and talks with recruiters are even more susceptible to these roadblocks, since they occur between people who probably don't know each other and don't have similar pasts (professional or personal), and when one party (you) is in the especially tense situation of seeking new employment. A review of best practices in recruiting and interviewing reveals that listening, defined as a means to this end, has finally earned a spot in the curriculum on how to ace this critical skill. Start by being careful. Instruction on listening typically centers on the ability to reflect feeling or paraphrase feedback.


The web is 25. What will it be like when it's 50?

Thanks to broadband, web browsers, and the cloud, we now do everything over the Internet. With Chromebooks, Google has shown us that we don't need local programs at all. It's not just Google, a company born of the Web. Microsoft, which made its billions from the standalone PC, is now moving its fortunes to cloud-based applications such as Office 365. Today, our friends and office mates are scattered around the globe, but they're only a keystroke away on social networks, VoIP, or videoconferencing. Unless you're working at Yahoo, you can pretty much work anywhere in the world. Thanks to the rise of smartphones and tablets, we're no longer even tied to desktops or laptops. So long as you have power and Wi-Fi, there's nowhere you can't work or play. And, it all goes back to the Web.


Why It's Time To Say Goodbye To IT

Of course, something needs to take its place. But instead of the customer-hostile, Mordac-the-Preventer-of-IT-Services, consider the "us means all of us, not just IT" model of digital services. Digital services will necessarily be a huge change. We'll need our organization's best technologists. We'll need great communicators, awesome project managers, fantastic marketing pros, skilled negotiators, and the cream of our data scientists. Sure, we'll need security and infrastructure folks, but a lot fewer of them (read: the collaborative, friendly ones), because we'll standardize and be using lots of pay-as-you-go cloud services for maximum flexibility. We can't have control freaks. No sociopaths are allowed who think that technology is only for technologists.


World Quality Report 2015-2016

The speed of digital transformation and short life-cycles of device and services is increasing the importance and pressure on quality assurance testing. Additional conclusions highlights that a seamless customer experience is a key driver for QA testing, the shorter lifecycles demand greater agility and new roles are being created to meet testing demand. ... Key recommendations from this year’s report: Refocus QA and Testing on customer experience and business assurance; Transform the traditional Test Center of Excellence (TCOE) using agile and DevOps practices; Make continuous and automated security testing a key strategy; Prioritize testing with predictive analytics and continuous feedback; and Expand testing teams’ skills beyond manual and test automation.


The hidden pitfalls of Internet of Things development

One of the first problems confronting any IoT developer is the industry's distinct lack of standards. In a report, McKinsey & Co. notes that "Interoperability between IoT systems is critical," but goes on to lament the mishmash of conflicting "standards" that plague IoT's market potential. As I've suggested, though vendors dominate the more than 400 competing standards, the battle for developer hearts is more likely going to be won by de facto open source standards. Even so, the problems with IoT development don't end there. More unfortunate still, IoT development can appear deceptively simple, as Cohen stresses:


International data centers face Safe Harbor loss

Safe Harbor's failure will have a minimal effect at the high level. The groups responsible for dealing with organizations that do not follow data security and management procedures are the same ones that can't reach agreement on a new Safe Harbor. Organizations compliant to the requirements of the old Safe Harbor are unlikely to be taken to court, as the countries that drew up the EU Directive 95/46/EC on the protection of personal data agreed that Safe Harbor was compatible with the directive. If an international data protection trial does arise, pointing out that your organization is compliant with current laws in place should be a clincher.


On Big Data Analytics. Interview with Shilpa Lawande

Before we talk about technical challenges, I would like to point out the difference between two classes of analytic workloads that often get grouped under “streaming” or “real-time analytics”. The first and perhaps more challenging workload deals with analytics at large scale on stored data but where new data may be coming in very fast, in micro-batches. In this workload, challenges are twofold – the first challenge is about reducing the latency between ingest and analysis, in other words, ensuring that data can be made available for analysis soon after it arrives, and the second challenge is about offering rich, fast analytics on the entire data set, not just the latest batch.


Can Collaborative Security Work?

“The biggest and most universal problem [with information sharing] is that trust tends to happen between individuals, and not between organizations,” says Wendy Nather, R-CISC research director. “When we talk to people, we find that they already have information sharing going on – it’s just with individuals that they trust. Getting them to shift that trust to an organizational relationship and keeping that going when the original person moves on (which happens a lot in security) is the biggest challenge.” R-CISC already has about 50 corporate members, and some of them come from outside the retail industry, Nather says. Oil and gas companies have joined the retail group, for instance, because most gas stations also operate convenience stores.


Quote for the day:


"A culture of discipline is not a principle of business; it is a principle of greatness." -- Jim Collins

Posted by at No comments:
Labels: , , , , , , , , , , , ,

December 21, 2015

Why we need a national IoT strategy

While the Center for Data Innovation report anticipates that the private sector will be the primary driver of innovation and development in the IoT over time, it notes that there is hesitation among many firms to dive headlong into the field owing to concerns over the risks of not being able to recoup investment in the nascent technology. In that regard, the center is suggesting that the government could position itself as an early adopter, deploying IoT devices and applications in its own facilities and in the sectors where it plays a dominant role, such as defense, transportation and energy. Castro also sees a role for the government to play in expanding deployment of the infrastructure that supports IoT -- and ensuring universal access to it -- to prevent a new type of digital divide from taking hold.


A practical guide to effectively ushering DevOps into any organization

Many times, we observe that within the IT organization, development, testing, and operations have different goals, objectives, and KPI’s. They never cross-functionally define business needs. They mostly define technology as organization-specific. As an example, a functional tester doesn’t know how developers are communicating with each other, or the security team for security-related issues. An operations engineer has KPI up-time, but he really doesn’t know the various application modules he's supporting.  Suddenly, by enforcing DevOps, we're telling all the organization to begin communicating, start intersecting, start having cross-communication. So this has become a key problem in the 21st century infrastructure, application, testing, or overall DevOps framework implementation. Communication and understanding have become key challenges for organizations.


Cloud Foundry Launches Cross-Vendor Cloud Service Certification

"We are betting big on Cloud Foundry to run our next-generation Nexen digital ecosystem. We need to be able to run our apps all over the world, and that means we need Certified Cloud Foundry to guarantee portability," Kumar said in Cloud Foundry's announcement Dec. 15. Cloud Foundry also has a reputation for providing good virtual machine and container tools geared to modern microservice applications. It automatically embraced VMware and open source hypervisors. Its Garden and Warden container technologies were designed to deal with different container formats and runtimes, moving it beyond the just-Docker approach prevalent in the early days of containers. Another user commenting in Cloud Foundry's announcement was Kaiser Permanente's CTO Mike Sutten.


Benefits of an “Agile” Mindset

The main difference in rapid project initiation lies in the level of detail explored. Because the agile approach is designed to be tolerant of change, the lean principles of “just enough” and “just in time” are applied to project planning. Agile projects draw the “just enough” line at a relatively high level, leaving significant ambiguity at this phase of the project. This ambiguity is most obvious in the lack of requirements detail and the rough preliminary project plan produced. A Guide to the Project Management Body of Knowledge (PMBOK® Guide) Fifth Edition, Project Management Institute, Inc., 2013, does not specify the level of detail needed for project initiation.


Essential data points for the tech year ahead

If an overarching conclusion can be drawn from the results of Computerworld's Forecast survey of 182 IT professionals, it's that 2016 is shaping up to be the year of IT as a change agent. IT is poised to move fully to the center of the business in 2016, as digital transformation becomes a top strategic priority. CIOs and their tech organizations are well positioned to drive that change, thanks to IT budget growth, head count increases and a pronounced shift toward strategic spending. Amid the breakneck pace of change in technology and business alike, where should you direct your focus in the new year? Read on for key highlights and data points on budgeting, hiring, business priorities and disruptive technologies that promise to define the IT landscape in 2016.


JUnit Lambda: The Prototype

The most important piece of JUnit’s API is the @Test annotation and nothing changes here: Only the methods annotated with it will be considered as tests. The tried and tested annotations to set up and tear down tests stay virtually unchanged but have new names: @Before and @After, which run before and after each test method, are now called @BeforeEach and @AfterEach; and @BeforeClass and @AfterClass, which run before the first and after the last test from a class, are now called @BeforeAll and @AfterAll. I like the new names. They are more intention revealing and thus easier to understand – especially for beginners. Then there is the new @Name, which can be used to give more human readable names to test classes and methods.


Four technologies impacting enterprise communication

Messaging through smartphone applications is an obvious means of communication considering we are always connected. We used to walk away from our phones, but now we still have them even if we are busy. Enterprise UC services offer instant messaging, but it is not usually effective for inter-company work teams. A new breed of business-focused messaging apps, such as Slack and HipChat, are gaining popularity, but they don't do a great job at real-time communications. Workstream communications and collaboration (WCC) is where asynchronous messaging-based solutions combine with UC. Services are already available from several vendors including Cisco, Interactive Intelligence and Unify, and many more are coming.


5 Strategic Planning Pitfalls and their Antidotes

People often enter a planning process with the expressed concern that “this will not be actionable and we will fail to actually implement it back at work.” As a result, an inordinate amount of time goes into attempting to plan for how to implement the plan back at work. Predictably, back at work, the day-to-day whirlwind of business as usual takes those well made plans and has their way with them, leaving people feeling frustrated at the time spent preparing for execution. ... Planning at its best results in new context, prioritization, and vision that allows day-to-day work to be executed in sync with the directional push, not separate and distinct from it. Over-communicate the plans and priorities you craft in strategic planning sessions so that everyone, at every level, understands how what they do today connects to where you are going tomorrow.


“DevOps: A Software Architect's Perspective”

Activities that have system-wide impact should occur within the constraints of the enterprise. There are two types of monitoring and metrics that are relevant to a team. One is the monitoring and metrics of their particular code (service, subsystem, whatever). The team needs to have leeway to do the right thing in this case. The other type of monitoring and metrics are those with business relevance - transactions per second, latency, reliability, orders per second, etc. Monitoring needs to present both the business relevant metrics and have the ability to drill down to determine which code segments are contributing what to those metrics. Developers when they deploy a new version should first ensure that the business metrics are not affected (or are affected in predicted ways) and then that their particular new deployment is behaving well.


Welcome To The ‘Always-On’ IT Department

To be effective, and considerate, the IT department should have no more than four to six layers for the user to navigate through. Fewer than four and the user’s problem really can’t be identified with enough certainty. More than six, and the user is probably going to get very perturbed.  “The first thing is programming [the on-call scheduling system] as explicitly as possible,” Jones says. “We know people don’t want to sit through 10 different choices, but the more choices you have, the more likely you are to get somebody to the right place. Still, there’s a limit to the number of buttons on a phone – and usually we don’t want 10 choices – you can’t use a zero because that will call an operator, theoretically. This is the dilemma, because to be explicit and to be quick and to the point, and also be easy to program are often totally at odds with each other.”


Quote for the day:


"When you believe you have lost your power and control, nothing will ever seem easy or simple." -- Shannon Alder

Posted by at No comments:
Labels: , , , , , , , , , ,

December 20, 2015

Mobile App Developers are Suffering

First, a user must discover the potential new app. This is by far the most challenging problem that developers face. There are two portals for discovery today: 1. paid promotion, which is dominated by Facebook, and 2. the app stores themselves. The biggest issue is that these two forms of promotion only work for the apps that have already been discovered. Paid promotion is completely unsustainable for most apps given that the cost for an active install increased to $4.14 in the last few months. I can count on my hands the number of business models in the app ecosystem which can support that cost of customer acquisition. This means that app ads are only usable by the very small percentage of the ecosystem that is monetizing well. For the majority, it is a prohibitive channel.


Driving Digital Transformation Using Enterprise Architecture

The speciality here is, change in pattern for “Transformation” when the prefix “Digital” gets associated. It is no longer IT for Business. It is technology-enabled business, literally! The basics of market place of how one get their 4Ps together to generate values is changing and thus newer Business Model. That is where the critical differentiation comes in. This drives in a couple of thoughts: A) Business Gurus need to understand information and technology B) Technical Gurus need to understand business. It is no longer a question of business and IT alignment, it is a question of merger and how the mix looks like! Everyone understands this and understands that change is unavoidable. However, they are also apprehensive of repeating “past failures to transform”.


Google reveals the most popular searches in 2015

Google has released its list of the most searched terms of 2015. Over 3.5 billion searches are made on Google everyday - around 1.2 trillion per year - and the company combs through these to compile a list of the most popular. The list is a good way to measure what happened during the year and includes a mix of news events, films, celebrities, and apps. Here are the top 10 most popular searches on Google in the past year.


In Who Do We Trust? How Privilege Plays Out in Security and Privacy Online

To make matters worse, there are often conflicting reports on how consumers should protect themselves from identity theft, surveillance and other online threats. Without trusted beacons out there, it is often up to individuals to figure out how to protect themselves — or recover — from invasions when they do occur. Threatening the situation even further is the acceleration of cybersecurity misinformation and government manipulation in the wake of the November 13th Paris attacks. As information about the Daesh (aka ISIS)-affiliated perpetrators began to emerge, so did reports on how they planned their attacks.


The First Person to Hack the iPhone Built a Self-Driving Car. In His Garage

There are two breakthroughs that make Hotz’s system possible. The first comes from the rise in computing power since the days of the Grand Challenge. He uses graphics chips that normally power video game consoles to process images pulled in by the car’s camera and speedy Intel chips to run his AI calculations. Where the Grand Challenge teams spent millions on their hardware and sensors, Hotz, using his winnings from hacking contests, spent a total of $50,000—the bulk of which ($30,000) was for the car itself. The second advance is deep learning, an AI technology that has taken off over the past few years. It allows researchers to assign a task to computers and then sit back as the machines in essence teach themselves how to accomplish and finally master the job. In the past


Tech support call scams becoming more aggressive

Another variation of the tech support scam is luring people to the bogus, malicious fake site. The US Federal Trade Commission (FTC) recently fined ($1.3 million) and shut down some scammers who had stolen over $17 million from their duped victims by luring them to their sites with pop-up alerts telling the victim that malware was on their PC. The ads provided a contact number and people would be told to call to get rid of the problem. From there they’d be directed to a malicious site and the unsuspecting victim would follow instructions, and then nasty malware, ransomware would be downloaded, and they would be charged thousands of dollars to have it removed. Every business, of every size, and every individual is a potential target. Make sure that everyone in the organization can recognize some of the key red flags of a tech support scammer.


Using MySQL with Entity Framework

Starting with version 6.7, Connector/Net will no longer include the MySQL for Visual Studio integration. That functionality is now available in a separate product called MySQL for Visual Studio available using the MySQL Installer for Windows ... They have created an *open system for others to plug-in ‘providers’ – postgres and sqlite have it – mysql is just laggin… but, good news for those interested, i too was looking for this and found that the MySql Connector/Net 6.0 will have it… You would need a mapping provider for MySQL. That is an extra thing the Entity Framework needs to make the magic happen. This blog talks about other mapping providers besides the one Microsoft is supplying. I haven’t found any mentionings of MySQL.


Peer Feedback Loops: How to Contribute to a Culture of Continuous Improvement

Feedback is an essential part of any lean or agile development. This holds for the technical level as well as for your work management system. This article advocates for complementing the well-known strategies of metrics and meetings with peer feedback. Why peer feedback? Simply speaking, because this kind of feedback encourages continuous improvement on a personal level too. ... the value-add of peer feedback depends heavily on how it is facilitated. That is why, the three articles of the series present a total of nine methods I've tried and tested in various environments. To make these methods as comprehensive as possible they are presented in the context of real-life case studies and complemented by some figures to illustrate what they can look like.


Web Socket Server in C#

A lot of the Web Socket examples out there are for old Web Socket versions and included complicated code (and external libraries) for fall back communication. All modern browsers that anyone cares about (including safari on an iphone) support at least version 13 of the Web Socket protocol so I'd rather not complicate things. This is a bare bones implementation of the web socket protocol in C# with no external libraries involved. You can connect using standard HTML5 JavaScript. This application serves up basic html pages as well as handling WebSocket connections. This may seem confusing but it allows you to send the client the html they need to make a web socket connection and also allows you to share the same port.


When And Why OpenStack Needs A Cloud Management Platform

Different companies stop at different stages of this maturity model, depending on the business needs and the maturity of their IT organization. As the environments in stage 1 and stage 2 grow in size and complexity, companies can reach an operational scale that requires more sophisticated management tools than the ones provided out of the box by server virtualization and IaaS cloud engines. ... OpenStack does a great job in providing the instrumentation for the aforementioned capabilities – think the metering APIs that OpenStack Telemetry (Ceilometer) offers or the orchestration templates that you can define with OpenStack Orchestration


Quote for the day:


"Before you are a leader, success is all about growing yourself. When you become a leader, success is all about growing others." -- Jack Welch

Posted by at No comments:
Labels: , , , , , , , , , , ,
Subscribe to: Posts (Atom)