Daily Tech Digest by Kannan Subbiah

December 16, 2014

Finding critical business data -- fast
"We used to call it ‘complex event processing,’" he adds. But that approach required proprietary software and expensive servers, which limited usage. In contrast, one of today’s technologies, Hadoop, "is linearly scalable, and you can throw lots of hardware at it and use memory very effectively," he says. Roll into that the lower cost of flash memory, adds Baer, and "now we can process data very fast, and do more sophisticated processing than when you were bound by I/O."

The 5 Elements of A Killer Mobile App
By 2015, more than 780 million people will be mobile users only. This means they won’t own a laptop or desk computer. These 780 million users will be your customers, partners, business stakeholders, suppliers, and other business associates. As organizations begin to align their mobile first strategy with this shift in users, it’s important to focus on what these mobile apps must do.

APIs should not be copyrightable
The story of SMB and Samba is a good example of how non-copyrightable APIs spurred competition. When Windows became a dominent desktop operating system, its SMB protocol dominated simple networks. If non-windows computers wanted to communicate effectively with the dominant windows platform, they needed to talk to SMB. Microsoft didn't provide any documentation to help competitors do this, since an inability to communicate with SMB was a barrier to their competitors. However, Andrew Tridgell was able to deduce the specification for SMB and build an implementation for Unix, called Samba. By using Samba non-windows computers could collaborate on a network, thus encouraging the competition from Mac and Linux based systems.

This Linux grinch could put a hole in your security stocking
The fundamental flaw resides in the Linux authorization system, which can inadvertently allow privilege escalation, granting a user "root," or full administrative access. With full root access, an attacker would be able to completely control a system, including the ability to install programs, read data and use the machine as a launching point for compromising other systems. To date, Alert Logic has not seen any exploits that harness this vulnerability, nor did the research team find any existing mention of this hole in the vulnerability database maintained by the Community Emergency Response Team (CERT), according to Stephen Coty, Alert Logic's director of threat research.

Frameworks and Leadership on Cyber-Risks
Just identifying and defining the risks is a daunting enough task. Stuart Levi, a partner with law firm Skadden, Arps, Slate, Meagher & Flom who focuses on cyber-security, warns that any company with even a single computer connected to the internet is vulnerable. “Every public company—regardless of their industry, what they do, what data and information they have —needs to be focused on this issue,” he says. ... Aaron Weller, a managing director in data protection and privacy with PwC, said at Compliance Week West that companies need to think beyond compliance to make their data and their systems secure. “Compliance is not security,” he said

How CIOs Can Prepare for Healthcare ‘Data Tsunami’
"Identify who owns the data and build consensus on data definitions," Dunbrack says in an email. "Understanding what the data means is key to making data governance and interoperability work, and is essential for analytics, big data initiatives and quality reporting initiatives, among other things." To be sure, ironing out data governance policies within a healthcare organization is anything but a black-and-white process. Complicating matters significantly are the diverse and growing sources of medical data, each raising distinctive ownership and compliance questions.

Defining a Major IT Transformation Now Happening in Telecoms
"One of the things I'm looking at as operators go through this journey is that this is a cycle that will take between 10 and 15 years," Kelly told eWEEK during a break at the conference. "Most operators have a high capital expenditure structure--they have a lot of high sum costs in the infrastructure--and they're not going to abandon that. What they are trying to do is take advantage of opportunities in the digital services economy to compete against the over-the-top providers, mostly because their core businesses are under attack."

2015 will be the year Linux takes over the enterprise
This rise of Linux in the world of big data will have serious trickle down over the rest of the business world. We already know how fond enterprise businesses are of Linux and big data. What we don't know is how this relationship will alter the course of Linux with regards to the rest of the business world. My prediction is that the success of Linux with big data will skyrocket the popularity of Linux throughout the business landscape. More contracts for SuSE and Red Hat will equate to more deployments of Linux servers that handle more tasks within the business world. This will especially apply to the cloud, where OpenStack should easily become an overwhelming leader.

The First Agile and Lean Open Source Method for Continuous Improvement
There are no silver bullets, we only move forward by learning, experimenting and sharing our discoveries with each other. That is the spirit of Open Kanban to keep those communications lines open, to help people innovate, and collaborate across the aisles of Lean and Agile, a method where innovation and people who think different are welcome. As wonderful as it is to have a few people who think different and collaborate from different sides of Agile and Lean today, this is not enough, especially when they get attacked simply becauase they are seen as the rebels, the non-conformants, the ones who dare to challenge the establishment in their respective camps of Agile or Lean.

QA & Testing Budgets Are Rising for Financial Services Firms
The survey found that as many as 52 percent of organizations are investing more in transformational projects rather than maintaining legacy systems (48 percent). This includes developing new mobile, cloud, and big-data applications and systems. With more development, comes more risk. One application failure can quickly turn into a business process disaster, consumer backlash, and reputational damage -- reiterating the importance of QA and testing today.

Quote for the day:

"My definition of agile is that you accept input from reality, and you respond to it." -- Kent Beck

December 15, 2014

From Police to Partner: The Changing Role of IT
As an IT professional, it’s your job to equip employees with the tools they need to get their jobs done while policing to make sure all solutions meet security or compliance requirements for the business. Managing employees is especially important with the emergence of BYOIT and as new web-based services gain traction in consumer and business markets — you don’t want them to circumvent your policies when they use their favorite tools, after all. But how do you get employees on board when you can’t lock them down anymore? You must adopt a new role that strikes a balance between employee needs and preferences and security. You have to become a “partner.”

Three IT Roles at Threat from Self-Service Business Intelligence
Something has to change when decisions are reliant on a team of many because it’s simply not sustainable. It’s too costly when non-technical employees (95% of an organization’s staff) have no way of creating views or information dashboards that integrate all of their relevant data in a unified business intelligence platform. So, going back to my question about how many decision-makers are required to produce a dashboard, the answer really comes down to every organization and its comfort level in empowering employees with the right tools to integrate, cleanse and enrich data themselves.

Cloud Compliance Remains a Challenge
A technical interpretation of the data protection law would solve the problem. Analogously, a meaningful technical solution does not have to stand in the way of unfashionable, non-IT oriented law. That sounds compelling. A revision of the data protection law would thus not be necessary at all. Caution is called for once again: As opposed to the copyright law, data protection law is not a commercial law. Data protection is a personal right. Hence, the interests of the citizens in data protection principally ranks behind a technical and thus economy-friendly interpretation of the law. As a result, the issue of control and data sovereignty on the cloud therefore remains unresolved to date.

A Terabyte on a Postage Stamp: RRAM Heads into Commercialization
Because of its greater density, RRAM will be able to use silicon wafers that are half the size used by current NAND flash fabricators. In a single chip, it has nearly 10 times the capacity of NAND flash and uses 20 times less power to store a bit of data. It also sports 100 times lower latency than NAND flash, meaning performance is massively improved, according to Crossbar. And because RRAM is fully compatible with the standard manufacturing processes already used in NAND fabrication, no changes will be needed in manufacturing facilities. But before it could send its technology to the factory, Crossbar had to overcome a major technological hurdle -- error-causing electron leaks between memory cells.

Government IT In 2014: GAO's Critique
The General Accountability Office has always been a reliable resource for seeing what IT dilemmas the federal government is grappling with. Through its reports and testimony, the GAO seeks to help the feds keep IT projects on schedule, maintain high levels of security, meet statutory requirements, and make the most of their investments. The GAO produced 31 reports and testimony on IT in 2014. While some reports focused on mundane IT matters, others addressed emerging technologies or uncovered government-wide IT deficiencies that merit inclusion in this roundup.

10 cybersecurity predictions for 2015
Year end is a time for reflection. Based on my history in this space, plus the fact that my day job of running CSC's Global Cybersecurity Consulting business lets me talk to and help hundreds of executives around the world, I wanted to offer my perspective on how 2014 turned out and my thoughts on what to watch for in 2015. ... 2014 had both high- and low-profile attacks against industrial control and SCADA systems, and it continues to be a head-to-head battle where the atom meets the bit.

Does the world need 5G? Driverless cars, IoT, future devices will demand it
5G probably won't diverge from the age-old pattern, but it does come with one added hassle: we just don't have enough spectrum to go around any longer, according to wireless analysts. Roaming in particular could be problematic. "Spectrum is and will remain a major challenge for the success and early rollout of 5G. We don't have enough spectrum in general and 5G is a lot about optimising the use of spectrum. But clearly, allocating more spectrum to 4G and later 5G would help and this is a global challenge... An additional challenge will be to find a globally harmonised band for 5G roaming since all suitable spectrum is already in use in one or another part of the world," said Thibaut Kleiner, head of the European Commission's CONNECT Directorate-General.

Top 10 Big Data Predictions For 2015
Big data has seen a massive growth in interest in recent times, as more and more companies are investing in various facets of this technology. While this year, businesses’ understanding and willingness to explore big data opportunities have matured from the previous years, the coming year is expected to be even more critical, believe analysts. IT market research agency IDC has shared top 10 predictions for Big Data and analytics segment. These predictions will help IT leaders and CIOs to come up with better strategies in 2015, states the research firm.

6 IT Workforce Predictions for 2015
2015 promises to be a banner year for IT workers as the unemployment rate continues to plummet, salaries increase and organizations double down on retention and engagement strategies. CIO.com asked experts to predict the biggest trends, technology and strategies that will make an impact on hiring and recruiting in 2015. Every new year brings a unique set of challenges and opportunities for IT workers as existing technologies evolve and new technologies emerge. The first half of 2015 looks promising based on these six predictions from career experts.

Secret CIO: Stop Making Stupid Software Decisions
Most LOB experts focus on the here and now. That's what lines of business are all about. But we make major software investments for the future, for requirements we don't necessarily have yet, for the business we want to create. It's difficult for most LOB managers to step into a software assessment project and shift their perspective. They're not being replaced during the evaluation, so they're distracted by present-day work. The three major players in this type of software project have three different objectives. The company wants to power current and future business capabilities -- to increase customer value and create competitive advantage.

Quote for the day:

"The most important quality in a leader is that of being acknowledged as such." -- Andre Mauroisv

December 14, 2014

Google and Avaya to bring Chromebooks and WebRTC to call centers
Avaya hopes the offering will attract new clients and prompt customers of its call center software to upgrade their systems, especially those looking to move away from traditional Windows desktop PCs loaded with local software or to replace thin, virtualized clients, and thus simplify their infrastructure. Meanwhile, Google expects the partnership to help spur demand for Chromebook devices. Although Google doesn’t make Chromebooks, the company generates revenue licensing and IT administration software for the devices. The Avaya-Google bundle includes the Avaya Agent for Chrome software, and the Google Chrome management console.

5 Ways to Pull Useful Analytics Out of Big Data
It is generally made up of both structured and unstructured data. Structured data is data that’s already in a format designed for analysis, like data in a spreadsheet or database, while unstructured data is freeform, and includes things like infographics, presentations, blog posts, and social media posts. Astounding quantities of data are generated every day. In just one minute, there are 2 million Google searches, 685,000 Facebook updates, and 48 hours of video uploaded to YouTube. How can organizations draw useful analytics from this massive, heterogeneous pool of data? Here are 5 ways.

Debunking Disruptive Innovation – Why Disruptive Innovation is Not a Strategy
Most people familiar with the research on innovation also know about “paradigms.” Paradigms are mental models that contain unquestioned assumptions about how things work. The world is flat. The sun revolves around the earth. People get AIDS because God is punishing them for being gay. These assumptions are accepted as truths, until they’re turned upside down and replaced with an alternative paradigm. Paradigms have, and will always exist. Just like “quality” and “reengineering” were the business world’s lenses in the 1980’s and 1990’s, disruptive innovation is one of today’s biggest paradigms.

Iranian Hackers wiped out machines at Sands Corp Casino
“Typing from a Sony (SNE)VAIO computer, they compiled a small piece of code, only about 150 lines long, in the Visual Basic programming language. The program proved potent. Not only does it wipe the data stored on computers and servers, but it also automatically reboots them, a clever trick that exposes data that’s untouchable while a machine is still running. Even worse, the script writes over the erased hard drives with a random pattern of ones and zeros, making data so difficult to recover that it is more cost-effective to buy new machines and toss the hacked ones in the trash.” continues the post.

69 new external resources and articles about data science, big data
Starred articles were potential candidates for our picture of the week published in our weekly digest. Enjoy our new selection of articles and resources (R, data science, Python, machine learning etc.) Comments are from Vincent Granville.

NSA revelations forced Google to lock down data
After reporters showed Google engineers a diagram of the intelligence agency’s methods to tap links between Google data centers, the engineers responded with a “fusillade of words that we could not print in our family newspaper,” Washington Post reporter Craig Timberg said. Google responded to the revelations by former NSA contractor Edward Snowden by spending a lot of money to lock down its systems, including 2,048-bit encryption on its traffic, Schmidt said. “We massively encrypted our internal systems,” he said. “It’s generally viewed that this level of encryption is unbreakable in our lifetime by any sets of human beings in any way. We’ll see if that’s really true.”

Open Data Grey Areas
“The trustworthiness of open data,” Boswarva explained, “depends on the particulars of the individual dataset and publisher. Some open data is robust, and some is rubbish. That doesn’t mean there’s anything wrong with open data as a concept. The same broad statement can be made about data that is available only on commercial terms. But there is a risk attached to open data that does not usually attach to commercial data.” Data quality, third-party rights, and personal data were three grey areas Boswarva discussed. Although his post focused on a specific open dataset published by an agency of the government of the United Kingdom (UK), his points are generally applicable to all open data.

eBook: Android Security (and Not) Internals
Android is a software stack for a wide range of mobile devices and a corresponding open-source project led by Google. Android consists of four layers: Linux Kernel, Native Userspace, Application Framework and Applications. Sometimes Native Userspace and Application Framework layers are combined into the one called Android Middleware. Figure 1.1 represents the layers of the Android software stack. Roughly saying, in this figure the green blocks correspond to the components developed in C/C++, while the blue cohere with the ones implemented in Java. Google distributes the most part of the Android code under Apache version 2.0 licence.

The ERP monolith begins to unravel, sort of
Again, blame it on the cloud. The days of huge, complex on-premises IT infrastructures interwoven through the business are numbered. Many essential services and application functions can be accessed as needed and in piecemeal style via cloud, versus making huge up-front investments in software, equipment, and consulting assistance. "Raised with a new set of social, mobile, sensory, and wearable technology, [IT managers] will demand SAP's experience and functionality to reflect the new order." That order, of course, would be using HR, finance, and operational services from the cloud.

Companies need to trust gov't on cybersecurity, DOJ says
In addition to more trust, more engagement from private companies is needed, added Joe Demarest, assistant director of the Cyber Division at the FBI. But calls by DOJ officials for legislation to require mobile phone operating systems to include back doors in newly announced encryption tools may be a major stumbling block to additional cooperation. In recent months, FBI Director James Comey[cq] called on Congress to rewrite the 20-year-old Communications Assistance for Law Enforcement Act to allow for law enforcement agencies to access encrypted data on smartphones.

Quote for the day:

"The first step to leadership is servanthood." -- John C. Maxwell

December 13, 2014

Interview: Lucie Glenday, chief digital officer, Surrey County Council
“It’s a hard thing,” she says, calling herself a troublemaker. “That’s what the role is – somebody to come in and ask questions no one else has asked.” But CIO Paul Brocklehurst has taken it all in his stride. Already the council is advanced when it comes to digital thinking and has managed to deliver £250m worth of savings over the past four years. “But we’ve got more to go, and when you’ve got that constant battering of someone saying ‘I think you can do that better’, that’s really tricky,” says Glenday. “Especially when, to all intents and purposes, it’s a new face, someone who’s come down from cabinet officer and doesn’t seem to act in the same way everyone else does.”

The Cost of Data Loss on a Smaller Scale
If these numbers don’t scare you enough, they pull out another familiar figure: the dollar sign. These companies like to estimate the cost of data loss for a company. In 2012, Seagate estimated that $40 million is lost annually on data loss events. According to an Aberdeen research study, the average company loses $163,674 in unused labor and lost revenue for each hour of downtime due to data loss. But most of the time, these daunting percentages and huge numbers seem like empty threats. Data loss can’t possibly be that common, right? And even if it were, it certainly couldn’t cost that much, right?

Seven areas to focus on when complying with PCI DSS v3.0
Merchants and service providers are required to comply with the Payment Card Industry Data Security Standard (PCI DSS), which represents a set of guidelines for securing card data. If a business is found to be noncompliant, it can suffer considerable repercussions. Despite this, the Verizon 2014 PCI Compliance Report revealed that in 2013 only 11.1% of organisations fully complied with the requirements of the PCI DSS, and only one in five organisations came close to complying and passed 95%+ of controls.

Building a Data Governance Team with a Eye on Information Security
Potter noted that information is essential to supporting good patient care, as well as operational effectiveness, reducing costs; but data in itself also produces a level of risk for the organizations. Historically, she said, there has been a perception that data should be available any time, anywhere. There needs to be recognition that provider organizations must maintain control of data, which is essential to the care of the patient, she said. She noted that provider organizations today have access to vast amounts of data, from personal identifiable information, personal health information, corporate information, intellectual property and research.

For Long-Term Data Archive Solutions, Tape Storage Still on Top
For long-term data archive solutions, why does Google prefer to use tape storage drives and devices to archive and back up every email it stores? Because Google, recognizes that tape is less expensive, has greater longevity and reliability and is more portable and compatible with a variety of data formats than hard disk drives (HDDs). The need for long-term data archive solutions that will endure well into the future is only increasing. Recent advances in the Linear Tape File System (LTFS) and tape libraries from IBM, Oracle, Quantum, Spectra Logic and others are making data access times much faster. In addition, Linear Tape-Open (LTO) standardization, now on its sixth iteration (LTO-6), guarantees data access across devices well into the future.

Hyper-V Replica for Disaster Recovery
Appropriately called Hyper-V Replica, Microsoft introduced it with Windows Server 2012 R2 and upgraded it in the subsequent release. While it provides replication designed to ensure business continuity, Hyper-V Replica is not a substitute for failover clustering. If your organization has the budget to build a clustered Hyper-V deployment, you should definitely do so. Although there are similarities between replication and failover clustering, failover clustering is the preferred method for protecting your virtual machines (VMs).

Managed Failovers To Overtake Traditional Disaster Recovery Testing By 2018
“It has been a target for criticism that while it’s technically an open-source technology, it’s really controlled by the company behind it. Rival products are being launched to ‘rein in’ the problem, producing a slew of open projects that developers can tailor to meet their specific needs. We can expect to see more of this in the next couple of years.” Cloud object storage is another “one to watch” in 2015, says Dymacz: “We have been saying this for years, but object storage is something that’s hugely underused at the moment. Data is continuing to grow faster than most organisations know what to do with, and the costs associated with storing that data are growing year on year.

US technology companies facing growing UK pressure over internet spying
No such criticism of American institutions, much less companies, has ever been made before by a senior British government official. According to John Hemming, the Liberal Democrat MP for Birmingham and a cryptographer, "this statement from GCHQ is without precedent". "The US has an unfortunate track record of ignoring other countries' laws, in the area of high tech especially. It is good that they have been given a clear message from the UK that this must stop happening in the UK. I welcome GCHQ's openness and clarity on this matter. This is a very welcome development," he said.

Mac McMillan’s Clarifying Moment on Data Security
“The events of this past year ,” McMillan, CEO founder of the consulting firm CynergisTek Inc., told his audience, “have begun to show what’s going on, that the folks who want to do harm to us in healthcare have absolutely found us, and they’re not going away.” McMillan cited and briefly summarized 12 different, very serious, data breaches in 2014 that in a variety of ways are illustrative of all the threats facing patient care organizations in the U.S. What’s more, as he pointed out, the external threats—from hostile foreign governments, foreign-based criminal syndicates, and other entities—are beginning to emerge as potentially devastating for the U.S. healthcare system.

Forecasting to Improve Your Data Center Portfolio
Building and managing data center infrastructure represent large amounts of investments; it can easily reach up to hundreds of millions of dollars. Knowing whether or not you need additional capacity or whether your company can wait a few months to make this additional investment, can translate into a significant financial improvement to your data center portfolio. In retail, there are two forecasting models that allow you to manage your inventory levels between Original Equipment Manufacturers (OEM), distribution centers, retail stores and end customer: sell in and sell through models.

Quote for the day:

"To handle yourself, use your head; to handle others, use your heart." -- Eleanor Roosevelt

December 12, 2014

Why 2015 will be big for NoSQL databases: Couchbase CEO
"At the moment it's a relatively small number of applications and they're doing it more on an application-by-application basis," Wiederhold said. By the second half of next year that approach will alter to "a strategic, 'We're going to deploy this stuff in a very broad way'". ... "Phase one started in 2008-ish, when you first started to see commercial NoSQL products being available. Phase one is all about grassroots developer adoption. Developers would go home one weekend, and they'll have heard about NoSQL, they download the free software, install it, start to use it, like it, and bring it into their companies," Wiederhold said.

Renewable Energy and the Colocation Provider
Do colocation providers have the same responsibility when it comes to renewable data center energy, and should they be held to the same standards as an Apple or Google? Yes and no. The Googles and Facebooks of the world have the sway to effect real change on the grid, recently lobbying Duke Energy to commit $500 million to renewables. A colocation provider’s options are less flexible, due to efficiency, limited space, and limited flexibility in site selection. But its sway could affect the grid in the future. Currently for many, buying Renewable Energy Credits is the only way to go, though this practice isn’t quite pervasive outside of the mega providers like Interxion and Equinix.

Intelligence community must get its own house in order
The intelligence community has shattered the trust the public has in both technology companies and government itself, and at the same time seriously damaged the ability of firms to sell their products to foreign customers. Because of this distrust, technology companies are justifiably reluctant to work closely with the government, even when doing so would be in everyone’s interest. For example, intelligence agencies like the National Security Agency (NSA) have some of the world’s foremost cryptographers and security experts on their payrolls and should be offering technical assistance to tech companies, but doing so in today’s environment would likely drive away customers.

A brief history of Linux malware
Although not as common as malware targeting Windows or even OS X, security threats to Linux have become both more numerous and more severe in recent years. There are a couple of reasons for that – the mobile explosion has meant that Android (which is Linux-based) is among the most attractive targets for malicious hackers, and the use of Linux as a server OS for and in the data center has also grown – but Linux malware has been around in some form since well before the turn of the century. Have a look.

Gartner Reveals Every Customer MDM Product is Average or Worse
Gartner released the latest Magic Quadrant for Master Data Management of Customer Data Solutions and it is surprising to discover that only one product on the list was well received by customers. Gartner had three clear leaders – IBM MDM Advanced Edition, Informatica and Oracle (Siebel UCM). There were two other products just squeezing into the leaders quadrant – IBM MDM Standard Edition (formerly Initiate) and Tibco. What is surprising is that even though each vendor was able to choose reference customer sites for their products they still received average and below average scores for the software indicating a general difficulty in the marketplace in implementing MDM.

Cisco sees a data analytics fortune at the edge of the network
That’s one piece of Cisco Connected Analytics for the Internet of Everything, a set of new and existing capabilities that the company is introducing as a portfolio on Thursday. CEO John Chambers and services chief Edzard Overbeek are set to do the unveiling at an event at Cisco headquarters, a measure of the importance Cisco places on its Internet of Everything (IoE) vision, which it pegs as a US$19 trillion economy-wide opportunity over the next 10 years. Analytics is a $7.3 trillion chunk of that, the company says.

BlueData EPIC - making Big Data implementations easy
The company has developed a cloud-based platform, BlueData EPIC, designed to simplify the installation and use of common Big Data tools. Setting up a cluster of systems to execute Big Data tools is only a small number of clicks away. Simple enough that even an industry analyst could use it. The company has made it extremely simple to setup and use a cluster of virtual systems to conduct Big Data analysis and then scale it up or down as the company's requirements change. EPIC appears to support many of the most popular Big Data tools. Here's how the company describes what it currently supports:

Can an Industry Data Model Support Physical Instantiation?
The most foundational aspect of the integrated data warehouse design is the availability of a well-architected data model. As has long been the case, a logical data model (LDM) contains data elements organized to support a specific business or industry. The physical data model (PDM) components are the framework for the implementation of these structures, providing the details necessary to generate the DDL for the warehouse. The physical model resides alongside the logical model, expanded to include the components necessary to generate physical database structures like tables, views and indexes, designed to ensure optimum performance.

Desk Phone Extinction? Not so Fast
On Tuesday, Kansas-based AccessDirect Inc. said the results of a survey it conducted show that desk phones face “extinction" as younger employees, who prefer mobile alternatives, take over the workplace. That’s a bold statement, and it’s not the first time it has been made; ever since mobility and the softphone hit the market, people have forecast the demise of the desk phone. Ask yourself, though – how often do black-and-white predictions come to fruition in business technology? Almost always is there room for everything. Regardless, AccessDirect believes the end of desk phone days is nigh.

Introduction to Agile Methods by Sondra Ashmore & Kristin Runyan
Becoming Agile is a journey rather than a destination. Applying new practices is part of the journey. I believe there are some indicators that show that you are moving in the direction of agility. Key indicators that come to mind are regular communication, transparency, and more active engagement from stakeholders and customers. The part of the journey that I see teams struggle with the most is that they feel they encounter failures more often (albeit smaller ones) because they are getting more feedback sooner in the process. A team that is being agile embraces these early opportunities to make a change in the spirit of creating the best possible product for their customers.

Quote for the day:

"The role of leadership is to transform the complex situation into small pieces and prioritize them." -- Carlos Ghosn

December 11, 2014

What Managed Service Providers Should Expect in 2015
Just about every managed service provider (MSP) will say that the industry is anything but predictable. New tools and platforms complicate more traditional integrations and infrastructures, client expectations keep increasing, and the competition is always trying out new things. That can be especially nerve-wracking, considering that a third of MSPs have seven or more direct competitors. But as MSPs look toward 2015, the horizon is bright. Recent research from Kaseya shows that 90 percent of MSPs say that they expect to increase or maintain managed service pricing for next year. So demand isn’t slowing down by any means and businesses are clearly seeing some growth.

Oracle Continues to Beat the Cloud Drum
Along with the hard work of getting its software onto the cloud, Oracle officials also are working to help customers make the move to the cloud—through such efforts as its Customer 2 Cloud program—and to convince them that Oracle is the company to make the move with. The vendor is doing this from a position of strength: most enterprises run Oracle databases or some enterprise applications, and many are looking to migrate some workloads to the cloud to take advantage of the speed and costs benefits. Oracle also touts the benefits of running the Oracle solutions atop its engineered hardware systems—such as Exalogic and Exadata—in cloud environments.

Mesosphere Turns Data Center into One Huge Computer
Mesosphere does a lot of complex things but makes them look really easy. For example, Chronos is a distributed and fault-tolerant job scheduler that supports complex job topologies. The tool is normally used by sophisticated engineers, but Mesosphere makes it dead simple to install it on a Mesosphere cluster and use it across data centers. VMware recently integrated Mesosphere with VMware vSphere to help run applications and services at scale. “Mesosphere will have a positive impact on the data center,”Kit Colbert, VMware’s vice president and CTO for cloud-native apps, said via email. “As applications become more distributed, their scale and complexity will increase.”

Real-Time Network Analytics for Intelligent Infrastructure
Life changes dramatically after a disaster when there’s no fresh water or electricity available. Refrigerators don’t stay cold, and the food inside spoils. Gas stations can’t pump gas, grocery stores can’t sell groceries, and credit cards are worthless. And yet an observer who went inside someone’s damaged home to start the cleanup found family members talking on their telephone. The home was as dark as night in the middle of the day, there was an inch of water on the floor, and aside from the phone conversation, it was as quiet as deep space. In spite of all the damage and loss, phone service had somehow managed to continue uninterrupted throughout the raging storm and its tragic aftermath.

The Wrong Reason To Hire More Developers
The solution is fairly simple. Companies absolutely need a core competency in maintaining, supporting, and making at least minor updates to the software they use internally and provide externally to their customers. They also need strong product expertise, and, specifically, strong technical product expertise, so that they can make sure that their software is excellent. But they don't need a core competency in developing "greenfield" software. It is much more difficult and risky to build software from scratch versus maintaining well-written code. My advice? First, try to find existing software that comes close to serving your needs, perhaps from the growing library of open source software, and customize it. Failing that, outsource greenfield development to experts.

Implementing Hypermedia
By introducing hypermedia here, we don't include all three versions of the profile image. We tell our clients that there are three possible images available, and we tell the client where it can find each image. Our client is now able to make a choice about what it wants to do, based on what it's trying to accomplish in the moment. It also does not have to download all three versions if it only wants one. We've made our payload smaller, we've increased client flexibility, and we've increased discoverability. What I'm getting at here is that you may already be deploying a teeny bit of hypermedia, you just never thought about it before.

FBI calls Sony hack 'organized' but declines to name source or finger North Korea
"I won't touch on the attribution piece because we're still working very hard on that," said Joseph Demarest, assistant director of the FBI's cyber division. Demarest's comment was in reply to questions from Sen. Charles Schumer (D-NY) during a hearing of the Senate Banking Committee. "I think most of us were shocked at the sophistication of the breach of Sony," Schumer said. "Fingers are pointing to North Korea. It's sort of surprising that a country like North Korea, which is sophisticated in a few areas but not very sophisticated in most, would have such an amazing ability to turn a large company into a knot."

Jawbone sets up its enterprise health play with Groups
The idea here is that companies can coach their employees to be more fit---and lower health care costs. Naturally, there are likely to be a few wrinkles to ponder. Jawbone already tackled the privacy issue. UP for Groups data is aggregated and anonymous and no admin can see individual data. In addition, a group needs at least five participants to show data. Bands will be discounted for groups. You see where this is headed. Jawbone rivals will launch similar programs. Wearables will be used to track employee well-being---for discounts on health care. And the big dog to watch will be Apple with its Apple Watch. It's not much of a stretch to see an IBM-Apple partnership revolving around the Apple Watch in the future.

Think Tank Warns U.S. Surveillance Efforts Undermine IT Industry
Moran sees competing efforts by a variety of governments to protect their own companies and to allow access to U.S. data wherever it may be. These efforts could be far different, often in conflict, and would give U.S. companies no clear guidance on how to operate internationally. He warns that these trends are likely to result in the "balkanization" of IT services as foreign IT companies and governments try to use U.S. surveillance and legal policies as a lever to win competitive advantages. While comments by a variety of government sources enumerated by Moran show that the federal government has repeatedly tried to minimize the risk and subsequent damage to U.S. companies,

How AppZen disrupts expense reports with natural language processing
"As soon as he or she is back from, say, a conference, they will see a very simple notification on the phone saying that 'hey, an expense report is ready.' When they click on that, they actually see all the airlines, the car rentals, any meetings that they have had, taxis, all that stuff." Naturally, not everything can automatically be imported without assistance, so the app also has a built-in assistant that uses natural language processing and AI to determine if it needs more information about any particular expense. For example, if you note that an expense is for lunch, the app will ask you if it is with a client. If you answer "yes," the app will then ask what company the customer is from. It will then check ERP systems to see if the company is a known customer or prospect.

Quote for the day:

"Men who are in earnest are not afraid of consequences." -- Marcus Garvey

December 10, 2014

Open-source PaaS Cloud Foundry Foundation opens its doors
Indeed Cloud Foundry is already being used in a variety of commercial deployments including Pivotal Cloud Foundry, IBM Bluemix, HP Helion, and Canopy Cloud Fabric among others. As a community project, its founders believe that its acceptance and advancement will start speeding up even more. What programmers will find most interesting is that The Cloud Foundry Foundation is implementing a new approach to open-source development called Dojo. With Dojo, developers will be trained on Cloud Foundry and given a "fast track" for commit rights. In most open-source projects, earning commit rights usually takes at least a year in a major project.

6 Pieces of Software Development Advice You Should Ignore
Building quality software is tough. And at times, misguided insights make it much tougher. When creating quality code and building great software, it is important to carefully plan your project and communicate well during each step of development. Though good advice is not scarce, bad advice runs rampant amongst those lacking expertise. With this in mind, I reached out to some fellow developers and innovators in the tech space to hear about their software development experience and asked them to share the worst advice they've ever received. Below are some of my favorite insights from those conversations, and my own "worst" advice

Healthcare Security In 2015: 9 Hotspots
Attackers also are becoming more sophisticated, experts warn. Cybercriminals are seeking more information than ever about their victims to sell, Websense researchers cautioned. "These fuller, richer, personal identity dossiers of individual users, consisting of multiple credit cards, regional and geographic data, personal information and behavior, will be increasingly traded in the same manner that stolen credit cards are today." Because this information often resides within health systems' databases or networks, hospitals are natural targets and require extraordinary defenses. With so much cyberdanger to battle, it seems obvious the healthcare industry will face additional crises in 2015. None of the underlying security issues are new, but all are crucial to address.

The 6 Things Everyone Needs to Know About the Big Data Economy
Big data is moving on. We’re moving past the stage where it’s something only trailblazers and early adopters are on board with, towards a time when if you aren’t analyzing data to help you make better business decisions, you’re in danger of being left behind. A survey this year found that 73% of businesses questioned either already had data analytics strategies in place, or are planning to implement them in the next two years. It is becoming apparent that just about any organization of any shape or size can find a data strategy to suit them. So here are 6 key facts about the big data economy you can’t afford not to know;

Korean E-commerce Leader Coupang Raises $300M Led By BlackRock
“Our view is that this is still the very early stages of e-commerce. We all know what is going on with Amazon and Alibaba, but the mass of commerce is still occurring offline. We have an opportunity because of [South Korea’s] density and mobile infrastructure to do things that e-commerce companies will do in other countries eventually,” says Kim, who founded Coupang in 2011. "We are addressing two fundamental friction points: with offline commerce, you can get a lot of information by holding a product in your hand, which we can’t provide digitally, but we are getting closer and closer to providing almost as rich an experience as an offline store. ...” he adds.

FIDO Alliance releases 1.0 specifications for passwordless authentication
Andras Cser, vice president and principal analyst at Cambridge, Mass.-based Forrester Research Inc., believes the specifications will help drive significant interest in FIDO, especially in light of the number of high-profile corporate data breaches tied to stolen credentials. "I think FIDO 1.0 is the first step in the direction of creating a uniform and application-independent authentication and strong authentication ecosystem," Cser said. "It provides a great abstraction layer to hide all the complexities of two factor authentication. For those data breaches where authentication was the weakest link, FIDO will definitely play a role in prevention."

Where your tech focus should be in 2015
2014 is almost over, and what a year it has been for tech. But time waits for no one and soon it will be 2015, and if you want to hit the ground running then you'll need to know where your focus should be. Here are the 10 areas that the IEEE Computer Society believe are going to be big in 2015. Some will bring profits through savings and opening up new markets, while others will bring challenges that need to be faced.

Digital governments meet in London to commit to best practices
“Ensuring that our people and businesses have world-class digital skills so they can compete in the economy of the future is a key part of our long-term economic plan to back business, create jobs and secure a brighter future for Britain,” Digital economy minister Ed Vaizey said. “We have already put coding into the school curriculum, and our roll-out of superfast broadband, backed by over £1bn government investment in our digital infrastructure, has now passed more than 1.5 million homes and businesses and is reaching 40,000 more each week.”

Intel's IoT vision encompasses more than chips
"It really is an end to end play," said Doug Fisher, vice president and general manager of the Intel Software and Services Group. A key part of Intel's strategy for IoT is its gateway reference designs, which can collect data from sensors and other IoT devices at the edge of a network and process and translate that data. The gateways can even turn machines that have never been networked into connected devices, translating older proprietary protocols into usable streams of data on IP (Internet Protocol) networks.

Using C# and Wix# to Build Windows Installer Packages
The objective of Wix# is not to replace XML syntax with a different syntax. The alternative syntax would only address one of many practical limitations of the MSI+WiX combination. With Wix# I wanted to bring the deployment development back to the main stream programming. I wanted to move it closer to the developers. I wanted the very same developers who creates software to be able to create very quickly and comfortably deployment solutions as well. DSL would mean that developers need to learn yet another syntax and also to suffer from absence of the code assistance tools (e.g. Intellisense).

Quote for the day:

“Great works are performed not by strength, but by perseverance.” -- Samuel Johnson

December 09, 2014

Top 5 Tips for This Year's Tech Santa
Perhaps, between this month’s tinselly advertisements, you’ve heard that this is the Season of Giving. While many people consider the name nothing more than an invitation to pass poinsettia’s between friends, some understand that it also means giving of your time and talents. For example, as a Macworldreader there’s every chance that you have technical knowledge to spare—some of which would be deeply appreciated by those family and friends you visit over the holidays. Might I suggest, in the spirit of sharing, that you lend a hand in the following five ways?

HP Will Release a “Revolutionary” New Operating System in 2015
A working prototype of The Machine should be ready by 2016, says Bresniker. However, he wants researchers and programmers to get familiar with how it will work well before then. His team aims to complete an operating system designed for The Machine, called Linux++, in June 2015. Software that emulates the hardware design of The Machine and other tools will be released so that programmers can test their code against the new operating system. Linux++ is intended to ultimately be replaced by an operating system designed from scratch for The Machine, which HP calls Carbon. Programmers’ experiments with Linux++ will help people understand the project and aid HP’s progress, says Bresniker.

Knicker elastic and hybrid cloud, do we need to talk about it?
On a roundtable for MeetTheBoss TV this month, several of the attendees suggested the term hybrid cloud was practically obsolete. They told us that the only cloud technology they consider effective for their organisations is hybrid and there’s no point talking about three separate clouds. Alan Nance VP Technology Transformation Phillips IT said: “I think the whole conversation about hybrid and non-hybrid is not very useful because the things that you are building are always going to be combinations. I think the word hybrid is sort of made up almost by people who were not born in the cloud. For me hybrid is almost not a discussion point … it’s like oxygen, I don’t need to debate it, I know I need it.”

New data center OS allows single-source command for Linux servers
Mesosphere DCOS's core innovation is the ability to deploy and manage application workloads across multiple machines without requiring more than a few terse command-line statements. Hadoop or a Ruby on Rails app can be deployed automatically across nodes and scaled up or down to meet demand and ensure that nodes don't go underutilized. Unlike the CoreOS model, DCOS doesn't consist of a Linux distribution built along custom lines to run containers. Rather, DCOS manages existing Linux installations, which might be more immediately appealing to architects of existing data centers.

Cyberattacks Are Just Going To Get Worse From Here
"Long-term players will become stealthier information gatherers, while newcomers will look for ways to steal money and disrupt their adversaries." McAfee said small nations and terror groups will become even more active and will "attack by launching crippling distributed denial of service attacks or using malware that wipes the master boot record to destroy their enemies' networks." At the same time, cybercriminals will use better methods to remain hidden on a victim's network, to carry out long-term theft of data without being detected, the researchers said. "In this way, criminals are beginning to look and act more like sophisticated nation-state cyberespionage actors, who watch and wait to gather intelligence," the report said.

NSA spy program targets mobile networks
The operations closely monitored the GSM Association, maintained a list of 1,201 email targets, or "selectors" used to intercept internal company communications, and gathered information about network security flaws. The NSA documents show that as of May 2012 the agency had collected technical information on about 70 percent of the estimated 985 mobile phone networks worldwide. Other than mentions of operators in Libya, China, and Iran, names of the targeted companies are not disclosed in the documents supplied by Snowden, an ex-NSA contractor now living in Russia.

Continuous Delivery for Databases: Microservices, Team Structures, and Conway's Law
In some respects, the microservices style looks somewhat like SOA and there is arguably an amount of 'Emperor's New Clothes' about the term 'microservices'. However, where microservices departs radically from SOA is in theownership model for the services: with microservices, only a single team (or perhaps even a single developer) will develop and change the code for a given service. The team is encouraged to take a deep ownership of the services they develop, with this ownership extending to deployment and operation of the services. The choice of technologies to use for building and operating the services is often left up to the team (within certain agreed common cross-team parameters, such as log aggregation, monitoring, and error diagnosis).

Flexible working could save the UK economy billions
A huge chunk of those savings, £7.1bn, would come as a result of reduced commuting costs and the half a billion hours that would be regained, instead of being spent travelling. The research also found that there was a strong appetite for flexible working with 96% of those that have the option to so so taking it up and 83% reporting that they would take advantage of their allowances if they were made available. "Over recent years many organisations have become firm advocates of the benefits of flexible working and this study verifies the impact such a culture can bring to the wider UK economy," said Jacqueline de Rojas, area vice president, Northern Europe at Citrix.

Addressing the most critical cloud security threats
Most enterprises are already using some kind of cloud-based service, so it's important to understand that despite the advantages, there are also cloud security threats that need to be addressed when moving there. The basic principle an enterprise needs to remember is that it cannot rely on the cloud service provider (CSP) to take care of every problem. Instead, companies have to communicate with the CSP and solve the issues together. ... When moving to the cloud, enterprises need to address the threats of cloud computing to enhance the security of the entire environment.

Banks are opening up IT to third parties, as hackathon demonstrates
Banks are so hamstrung by the need to maintain legacy systems that the time and money required to create innovative IT products and services to meet customer demand is limited. NAB ran the event on 6-7 December 2014 in partnership with Amazon and Intel. Known as NAB iDAY, the event brought together team members, contractors and partners to compete to build products that benefit customers by using the bank's application programming interface (API).

Quote for the day:

"Whenever you find yourself on the side of the majority, it is time to pause and reflect." -- Mark Twain

December 08, 2014

Google is funding “an artificial intelligence for data science”
The first problem is that current Machine Learning (ML) methods still require considerable human expertise in devising appropriate features and models. The second problem is that the output of current methods, while accurate, is often hard to understand, which makes it hard to trust. The “automatic statistician” project from Cambridge aims to address both problems, by using Bayesian model selection strategies to automatically choose good models / features, and to interpret the resulting fit in easy-to-understand ways, in terms of human readable, automatically generated reports.

Researchers quantify the 'S' in HTTPS
The paper, The Cost of the "S" in HTTPS (PDF), was presented at ACM CoNEXT in Sydney, and suggests that while the use of HTTPS is increasing due to mounting security concerns, it could result in more latency online, greater battery drain for some connected devices, and the loss of in-network value-added services. The paper asserts that HTTPS "does not come for free", with the researchers saying that HTTPS "may introduce overhead in terms of infrastructure costs, communication latency, data usage, and energy consumption". The encryption offered by an HTTPS address may protect information from "man-in-the-middle" attacks, but that same functionality can hamper the application of "middlebox" network appliances, such as firewalls.

Cisco is missing the transition to software-defined networks
It is perhaps unsurprising that more and more buyers are starting to inspect alternative suppliers. Gartner research director Andrew Lerner says tyre-kicking is an apt metaphor for software-defined networks in the mainstream. He says people are interested but, at a session in the US in June 2014, analysts found many were waiting for increased marketing around the concept from the legacy network owners, especially Cisco. The real movement will come when networking specialists controlling budgets start getting questions from elsewhere in their organisation on why their demands cannot be supported, says Gartner.

Free Windows? Not a chance
Turner's dismissal of Windows as a "loss leader," however, won't preclude specific moves, especially on the consumer side that could include free upgrades to Windows 10 from Windows 8.1, or as a longer shot, from Windows 7, as well. But he implied that Microsoft will continue to charge OEMs for Windows licenses in most cases, its effort to crush Chromebooks with a underwritten-by-search OS notwithstanding. More information on how Microsoft plans to reap revenue from Windows will be forthcoming soon. "The business model stuff will be out in probably the early part of 2015," Turner said.

Fedora 21: Worth the wait
Anaconda will do all the right things, but they might be undone or overridden by the UEFI firmware. In the worst case, if your system still insists on booting Windows after Fedora (or any other UEFI-compatible Linux distribution) is installed, you can use Boot-Select again to get a list of bootable objects, and you should be able to select the Linux installation there. All right, let's get to the really interesting stuff. I am going to show a simple screenshot of each of the versions that I have installed and a few comments about what it was like installing and running that version, or perhaps something interesting or unexpected that I came across while installing it.

Detecting the Insider Threat – how to find the needle in a haystack?
The problem of detecting the insider threat before it actually happens is as difficult and complex to solve as the prediction of human behavior itself. What is the next action of a person? Which action will be inside the scope of assigned work for that person? Which action will indicate the preparation for an attack by that person? Recent technological advances have shown significant improvements in predicting what was previously considered unpredictable – human behavior. Despite some initial setbacks, systems such as Google Now, Siri, or Cortana aim to predict users’ needs before they even know them.

European firms satisfied with IT infrastructure outsourcing but priorities are changing
“The infrastructure services supplier landscape includes many different types of supplier, including global, regional and local traditional service providers, Indian outsourcers and emerging suppliers. This is increasing competition and forcing suppliers to bring new offerings and delivery models to the market,” the Forrester report stated. “Faced with this customer demand for better, faster and more cost-effective infrastructure services, and increased competition from emerging and India-centric suppliers, Europe's leading providers are forced to bring new offerings and delivery models to the market,” said Forrester analyst Wolfgang Benkel.

Social customer service next up in call centers
The interest in social media has sparked action between both contact center and unified communications (UC) vendors. In October, for example, UC provider 8x8 announced plans to incorporate Conversocial's cloud-based social media engagement technology. The combined product would enable contact center managers to have greater insight and control over their social media strategies. Many other vendors, including Avaya, Cisco, and Genesys, already natively support social media through their multi-channel contact center platforms.

Less is more for Australian startups
Australia's startup ecosystem has come a long way over the past two decades, but there remains a big difference between the local market and the homeland of the ecosystem that it is working to emulate: Silicon Valley. The domestic startup sector is seeing more and more entrants vying to pony up money to help early stage businesses get off the ground, but when it comes to more substantial later-stage funding, the dollars tend to dry up. However, the economic foundations underlying California's technology sector -- and the United States' tech industry in general -- run far and deep, with numerous wells from which to draw rich seams of funding.

Best Defense Against a Cyber-Attack Is to Know Your Adversary
Chapman, who is director of cyber operations at EdgeWave Security, believes that if enterprises looked at security the way the military does and used military-grade practices, few network breaches would succeed. Chapman gets his military slant because he was in charge of part of the U.S. Navy's cyber-war operations. This is why he thinks the North Korea theory about the attack on Sony Pictures isn't accurate. He said that nothing about the attack makes sense if you try to blame that country. Instead, he thinks the attack was either someone making use of readily available attack scripts found on the Internet or it was an inside job.

Quote for the day:

"Confidence comes not from always being right but from not fearing to be wrong." -- Peter T. Mcintyre

December 07, 2014

Service Architecture – The Importance of Standardized Modeling – Part I
Having the Technical Contract and the Descriptive Contract as two separate standardized definitions allows a more effective design of the Service Registry [REF-2], allowing the alignment of the Service & Capability Profiles [REF-2] and underlying meta-data structures to each one of them, as per "Metadata Centralization" design pattern [REF-1]. It will also enhance the use of an Enterprise Repository of Service-related meta-data and documentation, on which the explicit categorization would ease its overall structure definition and governance. Each of these parts will be explained below.

Todd Montgomery on the Reality of IoT, Protocols, Nuklei
we have things like Raspberry Pis, where the amount of compute power that we have, the amount of storage and the amount of RAM is non-trivial, I mean it’s much more then even back in early 90’s that you had or even early 2000’s. So these really aren't as constrained as they used to be, so the game is different, but we still have these devices that are running on limited power supplies, so things like how the radio is used, how the CPU is used, how much RAM is used, these actually have much more of an effect on battery life than other things. And that’s something that you can't just throw away, a device is only good as long as it’s operating, if it can only operate for half an hour a day, that’s kind of annoying.

Developing Microservices for PaaS with Spring and Cloud Foundry
Microservices - small, loosely coupled applications that follow the Unix philosophy of ""doing one thing well"" - represent the application development side of enabling rapid, iterative development, horizontal scale, polyglot clients, and continuous delivery. They also enable us to scale application development and eliminate long term commitments to a single technology stack. While microservices are simple, they are certainly not easy. It's recently been said that "microservices are not a free lunch." Interestingly enough, if you look at the concerns typically expressed about microservices, you'll find that they are exactly the challenges that a PaaS is intended to address.

Managing Firewalls Shouldn't Push Risks to the Extreme
IT security and operations teams are not adrenaline junkies tempting fate. Without solid network performance, operations staff can’t deliver required application service levels to users and customers. And without a comprehensive security solution—which includes multiple security technologies working collaboratively—security teams have little chance of combating the Advanced Persistent Threats (APTs) that increasingly use Advanced Evasion Techniques (AETs). Given today’s budget limitations and resource constraints, some IT managers think they have no choice but to maintain performance at the expense of security by turning off key firewall security features such as Deep Packet Inspection and Application Control.

Faster than a speeding bullet: Geolocation data and account misuse
By tracking the geographic location for account logins, it is possible to discover anomalies by calculating the distance between two logins from the same account. If the speed required to travel that distance within the allotted time is unlikely or impossible, this can indicate account misuse. This use of geolocation data can augment other monitoring techniques to detect malicious behavior on a network. This paper explores how such calculations can be made, identifies parts of the process requiring special consideration, and highlights what can be revealed when using geolocation data to monitor account use.

Lies, Damn Lies And The Myth Of Following The Data
We are told to follow the data and the truth will be revealed, but data tells many tales and it depends on the data and how you interpret it. It makes me wonder if anything is definitive if you can present two similar sets of data and draw wildly different conclusions, depending on your emphasis. That’s because data is a tool in the hands of humans and we can interpret it as we choose. And to be clear, this isn’t because we choose to be deliberately deceptive either, although that’s probably true sometimes. It’s because being human, we can bring unintended biases to the data. It’s a huge conundrum in the age of big data. How do you find definitive answers when you can look at different data points on the same topic and come to different interpretations?

Introducing the Agnostic Composition Controller Pattern
Speaking of practical aspects of the presented separation, it is important to mention that it is actually based on the common threefold notion of basic SOA: client-requestor, service-worker, and service registry. Everything is simple in basic SOA. The client could be anything, capable to comprehend and comply with the service-worker contract, the worker doesn't have to be REST or SOAP WS, and the service registry (and its taxonomy) is not compulsory at all. Frustratingly, the large majority of SOA practitioners openly neglect service registry as "redundant and hardly useful." That might be true for simple service activities in basic SOA.

The Fatal Flaw of Finalizers and Phantoms
Objects with finalize() methods require more work for the garbage collector to track, and the execution requirements of the finalize method require that the garbage collector keep all memory associated with it around until execution has successfully completed. This means a collector is typically required to revisit the object, likely in a whole separate pass. Consequently finalizers on objects with large instance counts and short lifespans are likely to introduce major performance problems.

Security in 2015: The Internet Becomes the Corporate Network Perimeter
The entire concept of the corporate perimeter is changing. We used to think of the perimeter as simply being the actual physical or logical perimeter of the corporate network. A few years ago it became more common to think of the endpoint device as part of this perimeter. Today, smart CISO's recognize that the internet itself is truly the perimeter of their network. So the internet is where we must look for the solution to this rapidly evolving security problem. Businesses today are looking for a comprehensive layer of protection through the cloud itself - enabling users to be protected wherever, and however, they are connecting to web services and applications.

Showdown coming on Ethernet standard for faster Wi-Fi
Most likely you'll have a choice of 2.5Gbps (bits per second) and 5Gbps, and there's no debate there. Some vendors have already announced components and designs for such products, but there's no guarantee that systems built with parts from the two camps will work together. Enterprises want to be able to mix and match gear from any vendor they like, so the official IEEE group for Ethernet standards voted last month to form a task group to set a standard. Now, the two rival camps will have to work out which technologies go into the standard and which don't. This isn't the first time that competing teams of companies have pushed different approaches before a common specification is set, but that kind of rivalry sometimes leaves potential buyers waiting.

Quote for the day:

"Most execs think customers come first & employees second. This is a real concern." -- Nicholas S. Barnett

December 06, 2014

Low-hanging Cloud
After all, basing your foundational design decisions on the easiest use case is a recipe for failure. Chances are, that a bridge designed to get cyclists across needs to be completely redone when the more difficult twenty ton lorries have to be serviced. A bridge designed for heavy lorries, on the other hand, will probably carry the cyclists with ease. In enterprise architecture, this is true as well. Design and develop the easy stuff (such as the business process’s ‘happy flow’) first, and you will probably end up in serious trouble when the difficult work flows — such as all the exceptions (which as a rule are always there) — need to be supported as well.

Creating a Highly Available Windows 2012 R2 RD Gateway Environment
There are two ways RD Gateway can be load balanced, and we will walk through the configuration for both of these scenarios: Scenario 1: You have two load balanced RD Gateway servers, two on-premises MFA servers, and each RD Gateway uses its own local NPS (the typical configuration). and Scenario 2: You have two load balanced RD Gateway servers, two on-premises MFA servers, and both RD Gateway servers use a central NPS. (Companies might use a centralized NPS if they already have one in place in their network, and want to keep all things related to NPS in this centralized location.)

Eliminating Downtime: Six Key Considerations for Your Hosting Architecture
The good news is that eliminating downtime completely is possible. It starts with the physical infrastructure, but the software element is critical as well. By making the right hosting architecture choices up front, companies can ensure that their site will always be available with no interruptions to the end user experience. Even during scheduled maintenance the system will be up and running and available to customers. Eliminating downtime comes from properly architecting your system.

Making a Hash of Passwords
A decade ago, we were using the MD5 hashing algorithm. These days, MD5 is obsolete, so we use the SHA-2 algorithm instead, but the result is the same. When I wrote about this recently I called hashing a “tried-and-true technique” for developing authentication systems. I figured that by now, everyone would be doing it. That’s why I was surprised, even shocked, that today’s developers are asking how to encrypt passwords for storage. They are still trying to save the user’s password in their databases, so they can decrypt them and compare the actual password value entered by the user to the stored password, instead of comparing hash values.

Big data brings new power to open-source intelligence
Two overlapping developments in particular have greatly influenced the growth of open-source intelligence. First, the explosion of social media has given us instant access to a wealth of user-generated content. From Facebook to Twitter to Google+, we are now only ever a few keystrokes away from a potentially global audience. And as these tools increase global connectivity, people seem increasingly willing to project their thoughts, opinions and observations into cyberspace. The process of information generation has produced what has been described as “new digital commons of enormous size and wealth”.

Neural Network Rates Images for Happiness Levels
Sentiment analysis is revolutionizing the study of communication with a numerous companies now offering it as a service. The idea is to study the patterns of words in messages such as tweets and blogs to determine to what extent they are positive or negative. That allows companies, organizations, and political parties to automatically track opinions about their brands. But while this technology has been evolving, little research has focused on the sentiment in pictures. Today, that changes thanks to the work of Can Xu at the University of California, San Diego, and a group of researchers from Yahoo Labs in Sunnyvale. These folks have developed a way to automatically assess the sentiment associated with a picture and say that it outperforms other state-of-the-art techniques.

Review: Designing APIs for the Web
As a distributed systems developer and architect, I find the diversity of voices and ideas in the expanding world of APIs enriching, daunting, and, at times, disconcerting. Something I have noticed is that the definition of the elusive “good” web API is highly influenced by one’s exposure to a plethora of successful and failed concepts evolving over the past 40 years. With the relatively recent rise of the “API Economy” fueling unprecedented exploration of opportunities, I am always looking for better ways to articulate the principles of API design.

Culture Can Make or Break Strategy
The word “culture” alludes to a softer side of the human personality where you have all the emotions that come into the picture. In reality, it is one of the most important drivers of success in implementing change and ensuring sustainable success. In his book, “The Culture Cycle”, Harvard Business School Professor Emeritus James L. Heskett argues that the impact of organisational culture on profit can be measured and quantified. He states that enabling purposeful organisational cultures can improve corporate performance by between 20 and 30 percent compared to culturally unremarkable competitors.

KPMG says businesses do not take IT risks seriously enough
Jon Dowie, said: "Technology is no longer a function in a business which operates largely in insolation. It is at the heart of everything a company does and, when it goes wrong, it affects an organisation’s bottom line, its relationship with customers and its wider reputation." The study found 7.3% of reported events resulted from human error. KPMG said this shows that basic investments in training are being ignored – at the employers’ expense. Dowie said: "With ever greater complexity in IT systems – not to mention the challenge of implementing IT transformational change – companies are running to stand still in managing their IT risks.

Automated Testing Of Web Pages Using Selenium-Web Driver
The WebDriver was introduced in Selenium 2.0 version it provides a simpler programming interface with well-designed object-oriented API. It directly calls to browser using browser’s native support for automation and features they support depend on browser you are using. If your browser and tests will all run on same machine and your tests only use WebDriver API, then you do not need to run Selenium-Server.

Quote for the day:

"Talent hits a target no one else can hit; Genius hits a target no one else can see." -- Arthur Schopenhauer