Daily Tech Digest - December 29, 2016

4 Information Security Threats That Will Dominate 2017

"The pace and scale of information security threats continues to accelerate, endangering the integrity and reputation of trusted organizations," Durbin says. "In 2017, we will see increased sophistication in the threat landscape with threats being tailored to their target's weak spots or threats mutating to take account of defenses that have been put in place. Cyberspace is the land of opportunity for hacktivists, terrorists and criminals motivated to wreak havoc, commit fraud, steal information or take down corporations and governments. The solution is to prepare for the unknown with an informed threat outlook. Better preparation will provide organizations of all sizes with the flexibility to withstand unexpected, high-impact security events."


People Re-engineering

Some experts don’t like talking about “Crisis Theory” when talking about the “challenges” that the software industry is increasingly facing in today’s harsh business environment. If we look further into the yield of the industry for the last 5 years as expressed by the Standish Group CHAOS Report 2015, we should at least pause. I’ve seen debates from some expert watchers about the methodology used in gathering data and deriving results to produce this report. However, I still don’t think that there is much disagreement on the significance of the report to a wide sector of watchers and practitioners as a source of data on performance in the industry. I personally find that piece of work very representative of what I see on the ground during my daily practice.


Big Data, Crystal Balls and Looking Glasses: Reviewing 2016, predicting 2017

Despite media darling success stories, for most organizations this is probably a bit too much to wrap their heads around at this point. This is understandable, as the pace of change outperforms their ability to digest and keep up with it. As for developers, on either side of the fence (vendor or application developers), both the challenges they are faced with and the stakes are higher. Of course, none of this is all that new. IDC has called this the 3rd platform, but names aside, we've seen it all before: many riding the wave and few actually getting it, the .com boom and bust, initial resistance giving way to unquestioning convert, more or less successful unification of disparate frameworks in application server environments for enterprises, skill shortage and rock star developers, the long tail for people and organizations alike.


Threat Actors Bring Ransomware To Industrial Sector With New Version of KillDisk

The new version of KillDisk encrypts the local hard drives of the machines it infects as well as any network-mapped folders shared across the organization, using RSA 1028 and AES algorithms, CyberX’s vice president of marketing Phil Neray said in a blog this week. The security firm’s reverse engineering of the malware sample showed it containing a pop-up message demanding a ransom payment of 222 Bitcoins or roughly $206,000 in return for the decryption key. Ransomware attacks on companies in the industrial sector could cause significantly bigger problems than similar attacks on companies in other sectors. For example, an attack that succeeded in locking up the operational data upon which physical processes rely could do serious and potentially even catastrophic damage to people and property.


2017 will be big year for AI thanks to tech giants

The technology will be the "backbone of many of the most innovative apps and services of tomorrow," but it remains a mystery for many people who will eventually see AI influence their daily lives, according to LeCun. "Increasingly, human intellectual activities will be performed in conjunction with intelligent machines," he wrote. "Our intelligence is what makes us human, and AI is an extension of that quality." LeCun also predicted that health care services and transportation will be among the first industries that AI transforms. "The most meaningful thing Facebook can do in AI in 2017 is to make their chatbots useful, as so far they are weak and lack slick utility," Moorhead says. "Consumers are using them a few times, see they don't do much well and stop using them."


5 unexpected sources of bias in artificial intelligence

While some systems learn by looking at a set of examples in bulk, other sorts of systems learn through interaction. Bias arises based on the biases of the users driving the interaction. A clear example of this bias is Microsoft’s Tay, a Twitter-based chatbot designed to learn from its interactions with users. Unfortunately, Tay was influenced by a user community that taught Tay to be racist and misogynistic. In essence, the community repeatedly tweeted offensive statements at Tay and the system used those statements as grist for later responses. Tay lived a mere 24 hours, shut down by Microsoft after it had become a fairly aggressive racist. While the racist rants of Tay were limited to the Twitter-sphere, it’s indicative of potential real-world implications.


The Rise of the Internet of Things (IoT)

Unless you have been living under the proverbial rock, you probably heard about a number of Internet of Things (IoT) attacks this fall, beginning with KrebsOnSecurity, then OVH, then the DDoS attack on Dyn DNS. All of this started with a bot called Mirai, and involved IoT devices. Why is this important? By 2020, it is estimated that the number of connected devices is expected to grow exponentially to 50 billion. A survey by HP indicates that about 70% of these devices have vulnerabilities, making them the perfect targets for botnets like Mirai. Below is a collection of 10 blogs written by industry experts on this topic, that will help you fully understand the implications of this botnet and what it means for the future of connected devices.


What To Do If Your Data Is Taken Hostage

Hopefully the information security team has already planned out a procedure to follow in the event of a ransomware attack. They should begin by notifying the authorities and applicable regulatory bodies. The plan identifies the organization’s recovery time objective (RTO), and recovery point objective (RPO) for data breaches. In the event that a backup exists, then cyber-forensic evidence of the incident should be preserved and documented for/by law enforcement. In the event that there are no redundancy systems or if the secondary systems are compromised, then the information security team can find and implement a vendor solution or decryption tool. In many cases, files may be partially corrupted or incompletely decrypted. Even if a vendor solution is a simple executable, the victim may not be able to assure that their system is not still compromised by inactive ransomware, backdoors, or other malware.


Navigating the Ins and Outs of a Microservice Architecture

Today, enterprises are moving toward a clean SOA and embracing the concept of an MSA within a SOA. Possibly the biggest draws are the componentization and single function offered by these microservices that make it possible to deploy the component rapidly as well as scale it as needed. It isn't a novel concept though. For instance, in 2011, a service platform in the healthcare space started a new strategy where whenever it wrote a new service, it would spin up a new application server to support the service deployment. So, it's a practice that came from the DevOps side that created an environment with less dependencies between services and ensured a minimum impact to the rest of the systems in the event of some sort of maintenance.


How To Minimize Insider Threats In Cyber Security

Dealing with inadvertent and malicious insiders is similarly hard, as it poses similar challenges. It requires a unique set of tools and practices to be implemented, and can only be done when company fully realizes and acknowledges the danger of insider threats in cyber security and how to combat them. All of this is due to the fact that insiders have legitimate access to sensitive data, with which they work on a daily basis. Therefore, it is very hard to distinguish any malicious actions on their part from the usual everyday routine. Whether your system administrator does regular backup or copies data to an external storage in order to steal it and sell it – there is almost no way for you to know. Moreover, it is also almost impossible to distinguish between deliberate malicious actions and inadvertent mistakes.



Quote for the day:


"Tact is the ability to describe others as they see themselves." -- Abraham Lincoln


Daily Tech Digest - December 28, 2016

Simplify your platform with IT systems management tools

What an IT manager should be looking for is a statistically valid prediction of what workloads will be like at a point in time rather than a simple straight-line analysis of what has happened in the past. One example is FreeStor from FalconStor; it applies advanced statistical methods to gauge how storage workloads are trending and enables managers to pre-empt problems. Again, don't forget the software. Workloads need to be packaged, provisioned and managed. That management needs to include workload portability across different areas of your IT platform. ... Then there are the IT systems management tools that try to do as much as possible. For people stung by the vast framework systems of yesteryear, you may be glad to know that today's big systems tend to be more granular and open, enabling quality systems to be plugged in wherever necessary.


Maintaining Data Security with Cloud Computing Options

Data encryption was also a key aspect of the cloud computing guidance. CSPs should know that it is still considered a HIPAA business associate if it only stores encrypted ePHI and does not have a decryption key. An organization is still a BA under HIPAA regulations even if it cannot actually view the ePHI it is maintaining for a covered entity or fellow BA. Data encryption can help reduce the risk of unauthorized access, but it is not enough by itself to maintain ePHI security, according to HHS. “Encryption does not maintain the integrity and availability of the ePHI, such as ensuring that the information is not corrupted by malware, or ensuring through contingency planning that the data remains available to authorized persons even during emergency or disaster situations.”


Ensuring Bitcoin Fungibility in 2017 (And Beyond)

The only way to know that your bitcoins are clean is to go to a centralized service and ask for a background check. Suddenly the value of your coins is being decided by a centralized party. Every platform accepting bitcoin could implement different policies for deciding which coins are clean or dirty. And exchanges in different legal jurisdictions (US, China, India, etc) are likely to have different policies. The bitcoins worth the most money would then be the bitcoins accepted everywhere. This means it's not enough to just ask one exchange for a background check, you have to ask every major platform whether or not they think you have clean coins. And a platform doesn't think that you have clean coins, their decision reduces the value of your holdings regardless of whether you actually use that platform – your coins cannot be traded with any of the platform's users.


Moving to the cloud? Three things to think about before you make the jump

Matt Peers, CIO at Linklaters, says the bringing together of systems and services is still a concern for IT leaders considering a move to the cloud. "I think there's a temptation to draw on the services of many different providers but that can create a huge integration challenge," he says. Peers says effective CIOs will create a balance, drawing on enough cloud providers to take advantage of the competitive tension, while at the same time avoiding the risk of having too many partners to manage. "You don't want to be forever chopping and changing between services," he says. This need for cloud control could lead to a new trend, where expert providers help mop-up the management concerns associated to on-demand provision. Moves in this direction are being made.


More people expected to adopt EMV technology in 2017, but how secure is it?

One big problem remains: While the majority of merchants have implemented EMV technology, the report found, most cards do not offer the more secure PIN card option. Chip technology is also called EMV, which stands for Europay, MasterCard and Visa, the companies that developed it in the 1990s. It has been the standard across much of the rest of the developed world for a decade, particularly in Europe and Asia. Storing data on a chip in theory makes the credit card more secure because it isn’t easy to produce counterfeits — a key problem with cards that store data on a magnetic stripe. This reduces point-of-sale fraud, which involves buying something with a fake credit card at a physical retail counter, but it doesn’t reduce fraud when purchases are made online.


Enabling Strategic HR

These are disruptive times for the Human Resources (HR) organization. HR finds itself at an inflection point due to various external factors, one of them being the current gap that usually exists between the digital experience outside of the workplace and how the HR customer (the employee, manager, contractor, retiree, etc.) interacts with their HR organization. Driven by their usually positive digital experience outside of the office, the HR customer is beginning to ask the question: “Why can’t my interactions with HR be at least as good?” We see an opportunity in the marketplace to explore how an experience-focused, information-driven approach to delivering HR services can achieve a great digital consumer experience, what we call the “digital workplace”. There are five key attributes of what could be considered a “great” digital consumer experience


Cybersecurity: Threat Intelligence and an integrated approach to security

The Chinese mentality has been that, “I need to manage everything as a whole”. It turns out we have over 700 managed service customers, managing over 1200 networks. So we have to pull the stuff together for our customers. And because of this, the assisting methodology we’re bringing forward to our devices is we have to have these things start playing together, either through communication for better dynamic security response, or in terms of better central alerting and management. The problem with most other companies is they’re fixing on their products but very few pure cybersecurity companies actually have their products speak to each other, that siloed mode, I can’t get this device to talk to that device, even though they’re from the same company.


What CIOs Want CEOs to Know About Data Security

The most important step toward data security begins at a fundamental level. One that ensures health data is transmitted to and from vendors, providers, health systems and patients in a safe and secure manner. Consider a hospital sending a patient’s lab results to a physician, or a vendor communicating with a patient or provider about information from a personal fitness device or app. These platforms are ripe for data breaches and, therefore, penalties, lawsuits and even high profile media exposure. Another major question that CEOs and CIOs must address is which data transmission solution is best for their specific organization. Currently a number of vendors, consultants, software programs, etc. are available that promise to help organizations address their data security issues. The best option for each organization will be based on a number of factors, including size, budget, IT staff, expertise and overall goals.


CIOs will thwart cybersecurity threats with behavioral analytics in 2017

It’s no secret that boards are loosening the purse strings for cybersecurity but CIOs will continue to struggle to balance their cyber investments against managing risks to their businesses. Put another way: The choice between what to buy, implement and tune first -- the shiny new behavioral analytics platform or the latest and greatest business email compromise stopper -- poses prioritization challenges many CIOs aren't accustomed to in this age of cyber warfare. Worrall says that even if their boards allocate more funds for cybersecurity, CIOs need to beware of budget abuse. Those who take the “sky is falling” approach become chicken little, he says. One advantage Worrall has working for a networking technology company is that his tech savvy board grasps the intricacies of cyber defense.


Why Cybersecurity Leapt From the Basement to the Board Room

Notably, under the proposed regulations, board or senior compliance officers would need to certify that their organization’s security controls are meeting requirements. This could potentially expose such individuals up to criminal liability if the claim is found fraudulent. ... While overall cybersecurity spending is on the rise, certain organizations aren’t putting a cap on how far. This year, Bank of America has implemented a “whatever it takes” approach to thwarting attacks, giving unlimited budget to its cybersecurity business unit. While there will surely be scrutiny to the effectiveness and ROI of how such (non) budgets are spent, it’s obvious that the C-suite has gotten the message. Lax security practices don’t just mean embarrassing headlines and lost customer confidence.



Quote for the day:


"All progress is precarious, and the solution of one problem brings us face to face with another problem." -- MLK


Daily Tech Digest - December 27, 2016

Industries Thrive On Cognitive Cloud

Referred to as “Cognitive on cloud”, this model delivers cognitive services running in the cloud that are consumable via representational state transfer (REST) APIs. These services are available as part of platform-as-a-service (PaaS) offerings such as Bluemix and can be easily bound to an application while coding. Using this approach, cognitive analytics such as voice (tone analyzer, speech-to-text) and video (face detection, visual recognition) capabilities enables quick analysis of petabytes of unstructured data. Developing cognitive applications to run on mobile devices has provided new insights which help organizations create totally new revenue streams. When selecting a cloud service provider however cognitive on cloud ROI requires more than just a total cost of ownership comparison. In addition to this basic analysis, an organization must consider which cloud is cognitive enabled at the Platform-as-a-Service (PaaS) layer.


Could IT change control have prevented an IT deployment failure?

Build all configuration cleanup into IT change plans. Take the necessary time to flesh out a plan to address all related configurations for a specific maintenance task. IT teams typically should remove switch port configurations for decommissioned NICs, update firewall policies and groups when changing a server IP address, and remove domain name system records that are no longer in use. Managing the issue on a daily basis is the optimal approach to prevent IT configuration build up over time. Combat risk of larger change scope through a robust IT change control process. Teams dealing with live production systems fear the service impact of any change. A formal IT change control policy will lessen these unknowns. Thoroughly plan changes, formulate test and backout plans, have peer reviews, follow a set approval process, and schedule and communicate maintenance windows for all changes to critical systems.


After a big 2016, next year may be A.I. tipping point

"We are on the cusp of a change as big as when e-commerce hit," said Chris McCann, president and CEO of 1-800-Flowers.com, in an interview this fall. "It's giving us the opportunity to have such deep relationships with our customers that it'll be like the company hasn't existed before." This past May, Google showed how focused it is on A.I. during its annual Google I/O developers conference, unveiling A.I.-powered products like Google Assistant, its Google Home device, the Allo chat app and the Duo video chat app. And this past October, IBM president and CEO Ginni Rometty said during a keynote at the company's World of Watson conference that in the next five years, every major decision -- personal or business -- will be made with the help of IBM's Watson A.I. system. A statement like that takes a lot of confidence in advances coming in the technology.


How blockchain can create the world’s biggest supercomputer

One of the fields where centralized and cloud-based computing falls short is the Internet of Things, Sønstebø says. “As IoT grows the need for distributed computing becomes an absolute necessity,” he says. Latency in round trips, network congestion, signal collisions and geographical distances are some of challenges faced when processing data produced at edge devices in the cloud. “Devices need to be able to trade computational resources with each other in real time so that the computational load can be distributed,” he says. Some of the emerging lines of software will not be supported by centralized architectures at all, iEx.ec’s Fedak says, such as decentralized applications (DApps), which among others will power fog computing, distributed AI and parallel stream processing. “This class of application is extremely challenging because they’re both data and compute-intensive, and they don’t cope well with centralized infrastructure,” Fedak says.


The Full Spectrum: How a Visual Analytics Platform Empowers the Business

BI and analytics software can help uncover this story, but there are now hundreds of companies offering technologies designed to dig into data. This proliferation of tools is both a blessing and a curse. While competition breeds excellence, there are a few standards or best practices embraced across the board. As a result, the onus is on individual businesses to embrace and uphold policies that will enable the effective use of data in a responsible, governable way. One increasingly attractive solution for doing data right is to leverage a visual analytics platform. Unlike standalone data visualization tools (which can provide useful but sometimes misleading views of the enterprise), a visual analytics platform weaves together all the elements of a full technology stack.


Ransomworm: The Next Level Of Cybersecurity

To make matters worse, Nachreiner expects cybercriminals will mix ransomware with a network worm. Years ago, network worms like CodeRed, SQL Slammer, and more recently, Conficker were pretty common. Hackers exploited network vulnerabilities and tricks to make malware automatically spread itself over networks. “Now, imagine ransomware attached to a network worm. After infecting one victim, it would tirelessly copy itself to every computer on your local network it could reach,” he says. “Whether or not you want to imagine such a scenario, I guarantee that cyber criminals are already thinking about it.” Nir Polak, Co-Founder & CEO of Exabeam, a provider of user and entity behavior analytics, agrees that ransomware will move from a one-time issue to a network infiltration problem like Nachreiner describes. “Ransomware is already big business for hackers, but ransomworms guarantee repeat business.


When the Data Thief is a Company

Companies are particularly vulnerable to this type of attack when they often offer their data for free or at low cost to the public, but professionals a fee to access and use it on their own site or in other materials. What’s to be done? Companies that offer such online data stores for a subscription need to be ever vigilant about unusual traffic patterns that suggest a machine – not a human – is behind the wheel. The differences in use patterns between a crawler and an individual human researcher are easy to spot – if you’re looking for them. Behind the scenes, companies also need to pick any low hanging fruit: making sure that free or temporary accounts can’t be abused to siphon off reams of data and watching for patterns of abuse among registered and paying members. Application security flaws such as weak authentication and SQL injection should, of course, be patched.


Using big data for security only provides insight, not protection

Big data cheerleaders will say you can use this hindsight to fix the problems that let the hacker into your system in the first place. After all, since you know what went wrong, you can patch your system so that it doesn’t happen again, right? While that may be true – you may be able to prevent that specific problem from happening again – cybersecurity simply doesn’t work that way. The threat landscape is dynamic, with new technologies, and thus, new vulnerabilities, emerging every day. Additionally, hackers are like any other criminal: They are savvy, adaptable, and know how to play on human nature. They’re always going to find your weaknesses – and your biggest weakness is your own people, your trusted employees. Most hackers don’t break into systems through the back door. They get their hands on legitimate login credentials and, essentially, walk right in the front door.


Cloud data recovery is critical, but won't always come easy

Public cloud vendors focus more on the front end of the data issues, such as system availability and uptime, and less on recovery. They figure that making their systems available 99.999% of the time should enable users to work with needed information. However, glitches, such as a read/write error, arise, causing corporations to need to recover data. And typically, public cloud vendors offer rudimentary recovery functions. In addition, these vendors draw lines between their own and their customers' backup responsibilities, something not seen with on-premises backup systems. For instance, Microsoft Azure tries to restore customer data lost due to Azure outages, but won't attempt to restore data if users delete files or if files become infected by a virus. In response, more sophisticated ways to backup cloud applications are emerging. Vendors like Commvault Systems and Veeam Software have well-developed, on-premises systems that they are extending to the cloud.


How Zalando Delivers APIs with Radical Agility

As you know, REST is more an architectural style and does not really specify API design details. We need to have some standards in the API design practices to establish a consistent API look and feel. Ideally, all the APIs should look like they were created by the same person. That’s a very ambitious target, but our guidelines help. We recently open-sourced them and have already received external contributions. The API guidelines standardize easier things like naming conventions and resource definitions, but also includes more complex things like non breaking changes and how we want to do versioning. ... In the end, the more critical aspect is that all the different services that are part of the platform fit in an overall architecture where you have really clear, separated functions that can easily be orchestrated to build the business functionality that we have in mind.



Quote for the day:


"I believe that the only courage anybody ever needs is the courage to follow your own dreams." -- Oprah Winfrey


Daily Tech Digest - December 26, 2016

Corporate Boards Aren't Prepared For Cyberattacks

Despite the scale and potential harm from such attacks, there's wide recognition that corporate leaders, especially boards of directors, aren't taking the necessary actions to defend their companies against such attacks. It's not just a problem of finding the right cyber-defense tools and services, but also one of management awareness and security acumen at the highest level, namely corporate boards. "Our country and its businesses and government agencies of all sizes are under attack from a variety of aggressive adversaries and we are generally unprepared to manage and fend off these threats," said Gartner analyst Avivah Litan, a longtime cybersecurity consultant to many organizations.


Keeping a lid on SaaS & infrastructure costs

As companies continue to adopt cloud services and create even more complex, heterogeneous IT environments, their asset management tools must evolve and expand to optimise on-premises hardware and software assets, and cloud infrastructure services. Costs for cloud infrastructure services and software running in the cloud need to be managed whether they are SaaS applications or Bring Your Own License (BYOL), whereby companies host existing enterprise applications in a cloud environment. The cloud presents license compliance risk in BYOL instances, as well as risk of substantial over-spending on subscriptions for SaaS applications and cloud infrastructure services. In fact, costs can easily spiral out-of-control if not closely managed. However, organisations can keep a lid on these costs with the right Software Asset Management (SAM) processes and tools.


CEP Patterns for Stream Analytics

Real-time streaming data sources and Internet of things has brought Complex Event processing to the spotlight. The ability to collect data from devices using sensors, improvement in data carrier services and the growth of secure transfer to a centralized location has given a kick-start to analyze different data patterns from the various device at a combination. Let us start by defining what an event is. An event is said to occur when something happens which needs to be known for inferring or taking some action. An event processing is a way to track the information of the events by processing data streams and determining a circumstantial conclusion from them. This is associated with events from a single source. Ex: When the temperature of the room is more than 45 c, is what I consider an event for me to lower the temperature of my Air Conditioner.


CIOs: How to be a business leader in three steps

Technology and data are changing how work gets done. The embrace of digital technologies by companies and their customers has created a climate ripe for CIOs to stretch their business leadership muscles -- or risk seeing their roles atrophy. Part of making the leap to "business co-creator," as Deloitte terms it, requires CIOs to educate the business on the technologies and IT governance standards that are the foundation of digital transformation. Here is Kark's three-step strategy for CIOs on how to be a business leader. His advice is bolstered by two survey participants -- Vittorio Cretella, CIO at food giant Mars Inc., and Johnson Lai, CIO at NuVasive Inc., a maker of medical devices -- who function as business leaders at their companies.


16 Tech Jobs That Have A Gender Pay Gap

Computer programmer showed the highest gender pay gap, at a massive 28.3%. In job duties, computer programmers differ from software engineers (whose gap is 6%) in that engineers are more involved in designing software, while programmers receive instructions from engineers and have a more executional role. Game artists, who create visual art for video games, were second on the list, with a 15.8% gap. And information security specialists, who help prevent and repair cybersecurity breaches, ranked third. If you’re familiar with wage-gap statistics, you might be wondering why Glassdoor’s numbers are lower than the widely cited 20% pay gap, reported by the Institute for Women’s Policy Research, a Washington, D.C. think tank. Both IWPR's and Glassdoor's numbers are valid—they’re different because they’re set in separate contexts. This explanation gets a little technical, but bear with me.


Your new PC needs these 15 free, excellent programs

More than a mere blank slate, a new PC is a fresh opportunity—a collection of components that, with the right software installed, could accomplish anything from balancing your household budget to helping to cure cancer. Yes, stocking your PC is an intensely personal task. Even still, some programs are so helpful, so handy, so useful across the board that we heartily recommend them to everybody. These are the programs you want to install on a new PC first. (Longtime readers may notice that the list has slimmed down significantly this year. There’s a good reason for that: The bevy of hassle-killing extras in Windows 10 has allowed us to finally retire perennial favorites like CutePDF and WizMouse.)


The top 10 mobile risks of 2016

Mobile devices had a booming 2016, with usage of iOS and Android handhelds growing steadily throughout the year. By contrast, desktop operating systems other than Windows 10 and OS X generally showed a decline in growth. In fact, last month Marketing Land reported that global mobile internet usage was higher than that of desktop systems as of October, and predicted that nearly 80% of internet usage will be mobile by 2018. As with any element of technology, more widespread usage leads to greater and more widespread threats, and mobility is no exception. Here's a rundown of ten mobile risks we experienced in 2016, as well as some solutions to prevent or protect your devices from them (where applicable).


Weird science! 10 strangest tech stories of 2016

Science and technology news usually takes a backseat in mainstream media coverage. Contemporary attention spans being what they are, technical topics are often deemed too obscure, or their implications too complex, for the average reader. That's a shame, if for no other reason than this: Pay attention and you can find deliciously weird stuff in the sci-tech section, with occasional forays into the truly bonkers. Here we take a look at 1o of the stranger stories of 2016, selecting for items that generally flew under the radar and/or those with odd implications for the future. Click on through for updates on weaponized display technology, erotic robotics, and a biotech initiative that literally defies death.


Software Is Eating The Food World

Snack vending machines are everywhere. Here's how they work. A vending machine company makes a deal with a company that wants to provide snacks to employees. The vending company sends a person around every week or every few weeks to re-stock the machine with items bought at wholesale, collects the money (which is split with the business owner) and makes sure the machine is working properly. Any food placed into an old-school vending machine must be durable. It has to survive for weeks at unpredictable temperatures, and also survive the drop when selected. That's why vending machine food tends to be non-fresh, unhealthy junk food. With most vending machines, there are two or three items that are most popular and other items that might be selected as a second or third choice only after the favorite item runs out. The vending company has no idea.


Technical developments in Cryptography: 2016 in Review

The biggest practical development in crypto for 2016 is Transport Layer Security version 1.3. TLS is the most important and widely used cryptographic protocol and is the backbone of secure Internet communication; you're using it right now to read this blog! After years of work by hundreds of researchers and engineers, the new TLS design is now considered final from a cryptography standpoint. The protocol is now supported and available in Firefox, Chrome, and Opera. While it might seem like a minor version upgrade, TLS 1.3 is a major redesign from TLS 1.2 (which was finished over 8 years ago now). In fact, one of the most contentious issues was if the name should be something else to indicate how much of an improvement TLS 1.3 really is.



Quote for the day:


"You'll never be a bigger person by trying to make someone else feel smaller." -- @LeadToday


Daily Tech Digest - December 25, 2016

Data Scientists Spend Most of Their Time Cleaning Data

Data scientists spend 60% of their time on cleaning and organizing data. Collecting data sets comes second at 19% of their time, meaning data scientists spend around 80% of their time on preparing and managing data for analysis. 76% of data scientists view data preparation as the least enjoyable part of their work 57% of data scientists regard cleaning and organizing data as the least enjoyable part of their work and 19% say this about collecting data sets. These findings are yet another confirmation of a very widely known and lamented fact of the data scientist’s work experience. In 2009, data scientist Mike Driscoll popularized the term “data munging,” describing the “painful process of cleaning, parsing, and proofing one’s data” as one of the three sexy skills of data geeks. In 2013, Josh Wills (then director of Data Science at Cloudera, now Director of Data Engineering at Slack) told Technology Review “I’m a data janitor.


Are bots set to be your next banker?

The global race for banks to be digital first is on, but it is early days still. Leading banks are in the process of learning how to take a mobile-first approach and re-imagine their customer experiences, from opening up a current account to buying a home or taking out a small business loan. While many have begun migrating their customers from the branch or call centre to their digital channels, it’s critical to take a country-specific view and carefully consider the cultural differences and preferences before deciding on the pace of change. The UAE could serve as an ideal test market, research from Google on the matter recently ranked the country as no. 1 in global smartphone penetration, with 73.8 per cent of consumers carrying smartphones. The UAE’s strong retail sector based upon it’s a growing middle class, surging consumer confidence in technology and increasing domestic consumption means there is major potential for digitisation.


Susanne Tarkowski on How Smart Contracts Can Add Value to Your Business

Smart contracts are applications ‘living on’ the Blockchain, and therefore can’t be censored. Simple, immutable and autonomous applications, basically. As Primavera de Filippi eloquently phrased it during her talk at OuiShare Paris 2016 “Smart Contracts are neither smart nor contracts...”. But ironically, smart contracts are however ideally suited to be… well… contracts! In essence, your contract, whether it’s a marriage contract or a freelance gig contract, becomes a self-executing application. The contract goes from being a static agreement to a living application. That’s tremendously exciting. What really turned me onto it was reading the “Lex Cryptographia” blog post by Justin Ranvier back in 2013, that’s when I realized the Blockchain, and smart contract technology more specifically, could be used to replace the government in its core function: security and dispute resolution.


What’s the Difference Between Consumer and Industrial IoT?

In theory, an IoT system should be expandable, allowing dynamic changes to its operation and include devices not provided by a single vendor. Consumer, commercial, and industrial IoT share attributes and are typically built on the same hardware and software platforms. That’s why IoT discussions tend to get murky, especially when delving into the details. For instance, smartphone and tablet apps tend to provide one way of querying and controlling devices. Windows and iOS PCs, on the other hand, generally run the heavier user interfaces, often providing management tools that would be cumbersome on the smaller, portable devices. The IoT devices and software basically differ in areas such as ruggedness and expected lifetimes, as well as who has access to data and how that data is made available to various parties.


‘Security Fatigue’ Can Cause Computer Users to Feel Hopeless and Act Recklessly

Security fatigue is defined in the study as a weariness or reluctance to deal with computer security. As one of the study’s research subjects said about computer security, “I don’t pay any attention to those things anymore…People get weary from being bombarded by ‘watch out for this or watch out for that.’” “The finding that the general public is suffering from security fatigue is important because it has implications in the workplace and in people’s everyday life,” cognitive psychologist and co-author Brian Stanton said. “It is critical because so many people bank online, and since health care and other valuable information is being moved to the internet.” “If people can’t use security, they are not going to, and then we and our nation won’t be secure,” Stanton said.


The role of the CIO in a digital age

The CIO is now expected to be an expert in user experience, security, customer centricity, journeys and behaviours. They are storytellers, evangelists and advocates of communicating the art of the possible, they are the voice of the customer and their role is far more commercial than reducing costs. Indeed, modern ‘IT’ functions also generate revenue as well as drive margin. They are ‘schizophrenic chameleons’…on the one hand grounded in strong engineering and process orientation skills and are champions of best practice and on the other they are risk takers, innovators, change agents and disrupters of traditional working models. In addition, they have been further challenged by the rise of the chief digital officer – who tend to be very customer focussed and have come about because of executive perception of legacy IT and a misunderstanding about what ‘being Digital’ really is…. in reality the best CIOs could equally be CDOs.


Transitioning into 'Machine Learnable' Data Management

The MDM to MLDM transition can have various business benefits. Some of them are: quicker procurement times due to closer & quicker material matches; increased market (regional/zonal/geo) penetration due to the much closer & faster accuracy of customer profiles, demographics and segmentation; automation of mundane stewardship activities which will lead to better business resource utilizations. The faster shelf replenishment of the higher revenue products for retailers, improving the e-commerce efficiency for e-tailers and maybe handling & procuring the right parts of a prototype from a vast set of suppliers to beat the competition on a launch. The benefits can be endless. All of this is made possible, as the system can now look at reducing the number of iterations that it takes to arrive at the right threshold based on business priorities and inputs.


We Don’t Need No Stinking IoT! Or Do We?

While countless headlines play up the potential security snafus of the Internet of Things, there is barely a mention of the its potential to improve the security of everything from schools to urban areas. Connected cameras or gunshot detection systems could instantly notify police that there is a sniper in, say, a school. The possibilities extend much further beyond connecting household gadgets and security. Many technology pundits believe we are on the cusp of a new industrial revolution, where devices can warn shop floor owners of potential problems before they occur while bolstering efficiency. In the near future, machines could even transact business with one another. But an average person is likely to only have a vague idea of the power of IoT technology.


How Location-Based Marketing Will Evolve in 2017

Location-based advertising and marketing technology has seen tremendous growth and improvement in 2016. Thanks to innovations in location intelligence, marketers can now leverage real-time data to better target consumers based on where they go, effectively measure how digital ads drive foot traffic into stores, and even connect the consumer journey from ad exposure to store visit to purchase data. Location intelligence is a massive industry. It allows consumer obsession with mobile devices to create significant amounts of data and insights that drive critical decision-making for a wide range of businesses. But since the space is still nascent, marketers should expect evolution in the year ahead. Here are five predictions for location intelligence in 2017:


How data science turns big data into ROI

Big data is the business buzz word of our era, bandied around at conferences and in the press as the universal panacea. However, data on its own is not the answer. As an unprocessed asset data is a cost centre, not a source of profit. Where the ROI lies is in what you do with the data and how you leverage it to drive business decisions, and the answer to that lies in data science.  Long the preserve of academics and rocket scientists, data science is now front and centre of business strategy and is one of the fastest growing areas of technology. Using advanced statistical techniques to extract value from data can be transformational for businesses, boosting existing revenue streams, creating entirely new sources of revenue and identifying areas of inefficiency and waste.



Quote for the day:


"You think you can win on talent alone? Gentlemen, you don't have enough talent to win on talent alone." -- Herb Brooks, Miracle