Digital Humans: Fad or Future?
A digital human is a computer-generated entity that looks, behaves, and
interacts like a real human. “To create a digital human, advanced technologies
such as artificial intelligence, machine learning, and natural language
processing are used to replicate the complexities of human thought and
behavior,” says Matthew Ramirez, a technology entrepreneur and
investor. Going beyond concierge services, digital humans could eventually
play important roles in areas as diverse as education, healthcare, and
entertainment. ... Although digital humans promise multiple benefits, they also
present a potential threat. They could be misused in various ways to mislead,
defraud, or even physically harm people, Ramirez warns. “It’s crucial to be
cautious and consider the negative consequences when creating digital humans,
just like with any new technology,” he says. Improvements to generative AI
programs are making digital humans more realistic, which increases the
possibility that consumers may have difficulty distinguishing when they’re
talking to a real human versus a digital human, Bechtel says.
Feds Urge Healthcare Providers, Vendors to Use Strong MFA
CISA recommends that entities implement phishing-resistant multifactor
authentication, which can help detect and prevent disclosures of authentication
data to a website or application masquerading as a legitimate system, the HHS
bulletin says. For instance, phishing-resistant multifactor authentication could
require a password or user biometric data, combined with an authenticator such
as a personal identity verification card or other cryptographic hardware or
software-based token authenticator, such as FIDO with WebAuthn authenticator,
according to the bulletin. "The layered defense of a properly implemented
multifactor authentication solution is stronger than single-factor
authentication such as relying on a password alone," HHS OCR wrote. Walsh
suggested that healthcare sector entities consider integrating password vaults
with MFA. Also, "passwordless authentication is probably in the future but we
haven’t seen it implemented in healthcare," he said. But the bottom line, he
added, is that "any MFA is probably better than no MFA."
Generative AI is coming for your job. Here are 4 reasons to get excited
Yes, the fast-emerging technology could replace some workplace activities, but
it's up to us to make sure its exploitation is focused on removing repetitive
tasks, such as scanning spreadsheets for data-entry errors. "I think we should
be excited because it has potential to allow us to do more of the high-value
things in our work, and less of the stuff that doesn't need valuable thought
processes," she says. Furby says it's important to recognize that the
introduction of generative AI should not be seen as an endpoint, but as a
pathway to increased productivity. ... AI's ability to pick up large chunks of
the work associated with everyday activities could free up internal staff to
focus on more innovative and interesting projects. "I think that's always a
challenge in terms of how you become more efficient in the things that you can
do, and how you can approach more topics and scale at speed. And I think that's
where the excitement is – generative AI could help us." For all his enthusiasm
for emerging technology, Langthorne doesn't want to dismiss the concerns of
people who are worried about the rise of generative systems, such as ChatGPT.
UK regulator refers cloud infrastructure market for investigation
The news comes three months after Ofcom raised “significant concerns” about
Amazon Web Services (AWS) and Microsoft, alleging that they were harming
competition in cloud infrastructure services and abusing their market positions
with practices that make interoperability difficult. Ofcom defines cloud
infrastructure services as those which are built on physical servers and virtual
machines hosted in data centers and consisting of infrastructure as a service
(IaaS) products, such as storage, computing and networking, and platform as a
service (PaaS), which includes the software tools needed to build and run
applications. When the initial investigation was launched, Ofcom said that AWS
and Microsoft Azure had a combined UK market share of between 60% and 70%, while
the next nearest competitor, Alphabet-owned Google, has a 5% to 10% share.
Consequently, between 2018 and 2021, the percentage of cloud providers that were
not AWS, Microsoft, or Google fell from 30% to 19%, causing Ofcom to note that
such levels of market dominance could potentially make it harder for smaller
cloud providers to compete with the market leaders, further consolidating the
big providers' revenue and market share.
6 business execs you’ll meet in hell — and how to deal with them
Some executives have exactly zero aptitude when it comes to the technology that
enables them to run their businesses. And you probably shouldn’t expect them to,
says Bob Stevens (not his real name), former CISO for a large retail operation.
After all, they’re not being paid to think about technology; they’re being paid
to sell products. “The CEO at that retail company was not a technologist,” says
Stevens. “He found it totally uninteresting. So when the IT and security teams
would present, his attention would quickly wane and he would start answering
texts and reading email. He’d say, ‘Unfortunately, technology means nothing to
me. I get that it is important to the company and that we have to have it. So I
will manage the business value against the cost. Just don’t try to make me
understand it.’” It can be demoralizing, Stevens adds. Worse, because senior
leadership doesn’t fully understand the issues in play or the threats to the
business, they may not prioritize investments appropriately.
Greatest cyber threats to aircraft come from the ground
From a CISO's perspective, what matters is not that a specific security
vulnerability was found in a particular model of aircraft, but rather the
general idea that modern aircraft with interconnected IT networks could
potentially allow intrusions into high security avionics equipment from low
security passenger internet access systems. This being the case, the time has
come for all onboard aircraft systems -- including avionics -- to be regarded as
being vulnerable to cyberattacks. As such, the security procedures for
protecting them should be as thorough and in-depth "as any other
internet-connected device," Kiley says. "The disclosure I did in 2019 was the
first major one that involved the industry, the airlines, and the US government
cooperating to ensure that the disclosure was done responsibly and following
security industry best practices. This should be a model for how to alert the
industry of an issue responsibly." Unfortunately, "Many manufacturers in the
aviation industry do not understand how to work with security researchers and
instead attempt to stifle research by threatening action instead of working
together to solve identified issues," observes Kiley.
Monolith or Microservices, or Both: Building Modern Distributed Applications in Go with Service Weaver
Google’s new open source project Service Weaver provides the idea of decoupling
the code from how code is deployed. Service Weaver is a programming framework
for writing and deploying cloud applications in the Go programming language,
where deployment decision can be delegated to an automated runtime. Service
Weaver lets you deploy your application as monolith and microservices. Thus,
it’s a best of both world of monolith and microservices. With Service Weaver,
you write your application as modular monolith, where you modularise your
application using components. Components in Service Weaver, modelled as Go
interfaces, for which you provide a concrete implementation for your business
logic without coupling with networking or serialisation code. A component is a
kind of an Actor that represents a computational entity. These modular
components, which built around core business logic, can call methods of other
components like a local method call regardless of whether these components are
running as a modular binary or microservices without using HTTP or RPC.
Private 5G/LTE growing more slowly than expected
The use cases for private cellular networks are numerous and varied, according
to IDC, encompassing everything from wide-area applications like grid networks
for utility systems and transport networks to local networks for manufacturing
facilities or warehouses. Yet three factors have continued to slow the growth of
private cellular, which IDC defines as 5G/LTE networks that don’t share traffic
between users, as a public network would. The first is slower-than-expected
availability of the latest 5G chipsets, specifically those for releases 17 and
18 from 3GPP — the cellular technology standards body — which are designed to
improve ultra-reliable, low-latency communications. That creates a drag on
particularly advanced new implementations, particularly in the industrial
sector, that can be created with private networks, the report said. In the
short-term, that means that LTE will account for the bulk of spending on private
cellular networks, according to the report, not to be superseded by 5G spending
until 2027. Difficulties with integrating private cellular into existing network
infrastructure is also slowing growth, IDC noted.
Red Hat kicked off a tempest in a teapot
We never seem to learn from history. I was part of the United Linux effort in
the early 2000s while working at Novell. Scared by Red Hat’s early popularity, a
group of would-be contenders to the Red Hat throne, including SUSE, Turbolinux,
Conectiva, and Caldera (which became SCO Group), banded together to try to
define a common, competitive distribution. It failed. Completely. As I’ve
written, “It turns out the market didn’t want a common Linux distribution
created by committee. They wanted the industry standard, which happened to be
Red Hat.” Fast forward to 2023, and no one is clamoring for a resurrected United
Linux, but CentOS had become a way for people to use RHEL without paying for it.
It was, in some ways, a United Linux that actually worked, as it gave the
companies behind Rocky and Alma Linux a way to compete without contributing. Now
that’s gone, and there’s much hand-wringing over how hard it will be to continue
delivering Red Hat’s product for free. Rocky Linux assures us it will be
possible, in a poorly named post about this “Brave New World.”
Who Should Pay for Payment Scams - Banks, Telcos, Big Tech?
"The banking sector is the only sector reimbursing at the moment, and our belief
is that the burden should be spread. I think tech companies should be putting
their hands in their pockets, particularly as they profit from it," said David
Postings, chief executive of UK Finance. In a letter last week to Prime Minister
Rishi Sunak, a group of major U.K. banks said technology companies must
contribute to the cost of the online fraud "pandemic" that is undermining
international investor confidence in the U.K. economy, according to a report on
Sky News. It makes sense for social media companies and others to be held
accountable for scams. Users of Facebook, Instagram, Twitter and other platforms
have fallen prey to romance scams, cryptocurrency investment scams and more. But
before the government starts looking for ways to ask big tech to contribute,
let's not forget about the victims. It might be difficult to prove which
platform is liable and for how much. Social media conversations are often fluid
and move from one platform to another. Tracing back the conversation and then
establishing the responsibility across banks and tech companies could take
time.
Quote for the day:
"Leadership is a two-way street, loyalty
up and loyalty down." -- Grace Murray Hopper
