Think employers must protect workers’ personal info? Think again

There’s good news for security pros worried that their organizations may be liable if their employees’ personal information gets hacked: a panel of judges in Pennsylvania says workers can’t collect damages from their employer if things like Social Security numbers, bank account information, birth dates, addresses and salaries are compromised in a data breach.Even though the stolen data was used to file phony tax returns in order to get the refunds, the workers at University of Pittsburgh Medical Center (UPMC) had no reasonable expectation that the data would be safe, the Superior Court of Pennsylvania ruled recently.The case, known as in Dittman v. UPMC, pertains solely to employee records, not customer records, and not patient records, which are protected by HIPAA.To read this article in full or to leave a comment, please click here

The Essence Of Multi-Threaded Applications

In the prior two articles in this series, we have gone through the theory behind programming multi-threaded applications, with the management of shared memory being accessed by multiple threads, and of even creating those threads in the first place. Now, we need to put one such multi-threaded application together and see how it works. You will find that the pieces fall together remarkably easily.

If we wanted to build a parallel application using multiple threads, we would likely first think of one where we split up a loop amongst the threads. We will be looking at such later in a

The Essence Of Multi-Threaded Applications was written by Timothy Prickett Morgan at The Next Platform.

SDxE: Engineer Focused

As an engineer, you’ve probably asked yourself a thousand times—what does all this software defined stuff mean for me? Answers are out there, of course; it seems like everyone is writing about it. Some of the answers out there are even useful, of course, but some of them are not. Most folks writing about the software defined craze are either unrealistic, or they’re focused on the large scale network you probably aren’t working on. Which leaves the question lingering: how does software defined apply to me?

SDxE—Software Defined Enterprise—is a new show designed to answer those questions for the engineer. I’ll be there; the full schedule isn’t in place, but I am currently pulling together a panel about the end of the (appliance) router. I plan to have folks from Cumulus, 6Wind, and at least one independent expert (Jeff Tantsura), sitting down to chat with me about disaggregation and the future of the router market. Specifically, are the tools in place that will allow you, the average engineer, running the “average” “enterprise” network, to take advantage of disaggregation?

Shawn Zandi will be there discussing the LinkedIn data center, and Pete Lumbis will be there talking about network automation. Continue reading

AI should enhance, not replace, humans, say CEOs of IBM and Microsoft

Artificial intelligence should enhance human workers, not replace them, at least according to the CEOs of IBM and Microsoft.Ginny Rometty and Satya Nadella made clear their view of the role of AI in a panel discussion at the World Economic Forum in Davos, Switzerland, on Tuesday, just a few hours after Rometty circulated IBM's three guiding principles for the development of cognitive technologies to company staff.Less dramatic and snappily expressed than Isaac Asimov's three laws of robotics, IBM's three principles are nevertheless intended to limit the harm the introduction of AI technologies causes.The first thing to understand is the purpose of these technologies. For IBM, Rometty said, "it will not be man or machine: Our purpose is to augment and be in service of what humans do."To read this article in full or to leave a comment, please click here

Report: Samsung probe blames Galaxy Note7 fires on faulty batteries

After months of recalls, scares, and device-killing software updates, Samsung is finally ready to reveal the results of its investigation into the exploding Galaxy Note7s. According to a report from Reuters, the electronics giant will detail its findings on Jan. 23, and to the surprise of no one, it has concluded that the battery is the culprit.To read this article in full or to leave a comment, please click here

Public Spectrum for Public Access

An extraordinary moment has arrived in the evolution of the internet. For all the transformation that has occurred over the 20+ years since the arrival of the World Wide Web and for the billions of people whose economic, civic and social circumstances have been improved, most people remain without internet connections.

Residing in every country, these unconnected billions still wait for affordable meaningful access to this essential service. Without access to the internet, people cannot even begin to participate in the global digital economy.

Don Means

Sensitive access tokens and keys found in hundreds of Android apps

Many developers still embed sensitive access tokens and API keys into their mobile applications, putting data and other assets stored on various third-party services at risk.A new study performed by cybersecurity firm Fallible on 16,000 Android applications revealed that about 2,500 had some type of secret credential hard-coded into them. The apps were scanned with an online tool released by the company in November.Hard-coding access keys for third-party services into apps can be justified when the access they provide is limited in scope. However, in some cases, developers include keys that unlock access to sensitive data or systems that can be abused.To read this article in full or to leave a comment, please click here

Sensitive access tokens and keys found in hundreds of Android apps

Many developers still embed sensitive access tokens and API keys into their mobile applications, putting data and other assets stored on various third-party services at risk.A new study performed by cybersecurity firm Fallible on 16,000 Android applications revealed that about 2,500 had some type of secret credential hard-coded into them. The apps were scanned with an online tool released by the company in November.Hard-coding access keys for third-party services into apps can be justified when the access they provide is limited in scope. However, in some cases, developers include keys that unlock access to sensitive data or systems that can be abused.To read this article in full or to leave a comment, please click here

Microsoft’s first tethered Windows 10 VR headsets to ship in March

Microsoft will ship its first PC-attached mixed reality headsets for Windows 10 PCs to developers starting in March at the Game Developers Conference.The first Windows 10 VR headsets from Microsoft will be units for developers to write and test applications based on the Windows Holographic platform.The headsets will work with Windows 10 Creators Update, said Vlad Kolesnikov, senior program manager at Microsoft, during a webcast on Friday.GDC is being held from Feb. 27 to March 3 in San Francisco.To read this article in full or to leave a comment, please click here

Sponsored Post: Contentful, Stream, Loupe, New York Times, Scalyr, VividCortex, MemSQL, InMemory.Net, Zohocorp

Who's Hiring?

  • Contentful is looking for a JavaScript BackEnd Engineer to join our team in their mission of getting new users - professional developers - started on our platform within the shortest time possible. We are a fun and diverse family of over 100 people from 35 nations with offices in Berlin and San Francisco, backed by top VCs (Benchmark, Trinity, Balderton, Point Nine), growing at an amazing pace. We are working on a content management developer platform that enables web and mobile developers to manage, integrate, and deliver digital content to any kind of device or service that can connect to an API. See job description.

  • The New York Times is looking for a Software Engineer for its Delivery/Site Reliability Engineering team. You will also be a part of a team responsible for building the tools that ensure that the various systems at The New York Times continue to operate in a reliable and efficient manner. Some of the tech we use: Go, Ruby, Bash, AWS, GCP, Terraform, Packer, Docker, Kubernetes, Vault, Consul, Jenkins, Drone. Please send resumes to: [email protected]
    •

Fun and Informative Events

  • Your event here!

Cool Products and Services

Terrorists are winning the digital arms race, experts say

Terrorist groups are embracing a huge number of digital tools to recruit members and plan attacks, putting them a step ahead of governments trying to combat them, a group of counterterrorism experts said.Twitter removed about 250,000 accounts connected with ISIS in one year, but the terrorist group uses 90 other social media platforms, Rob Wainwright, the director of Europol said Tuesday. Terrorist groups have begun to live stream their attacks, and they are using the internet to launch "innovative crowdfunding" campaigns, he said at the World Economic Forum in Davos-Klosters, Switzerland."The technology is advanced," Wainwright added. "They know what to do, and they know how to use it."To read this article in full or to leave a comment, please click here

Terrorists are winning the digital arms race, experts say

Terrorist groups are embracing a huge number of digital tools to recruit members and plan attacks, putting them a step ahead of governments trying to combat them, a group of counterterrorism experts said.Twitter removed about 250,000 accounts connected with ISIS in one year, but the terrorist group uses 90 other social media platforms, Rob Wainwright, the director of Europol said Tuesday. Terrorist groups have begun to live stream their attacks, and they are using the internet to launch "innovative crowdfunding" campaigns, he said at the World Economic Forum in Davos-Klosters, Switzerland."The technology is advanced," Wainwright added. "They know what to do, and they know how to use it."To read this article in full or to leave a comment, please click here

Endpoint Security in 2017

Just a few years ago, there were about 6 to 10 well regarded AV vendors that dominated the market.  Fast forward to 2017 and my colleague Doug Cahill and I are currently tracking around 50 endpoint security vendors. Why has this market changed so much in such a short timeframe?  New types of targeted threats regularly circumvented signature-based AV software over the past few years.  This weakness led to system compromises, data breaches, and panicky CISOs in search of AV alternatives.  This in turn persuaded the fat cats on Sand Hill Rd. to throw VC dollars at anything that hinted at endpoint security innovation.Okay, I get the need for more than signature-based AV but there simply isn’t room in the market for 50 endpoint security vendors.  Thus, it’s safe to assume a lot of M&A activity and outright business failures this year. To read this article in full or to leave a comment, please click here

Adapting InfiniBand for High Performance Cloud Computing

When it comes to low-latency interconnects for high performance computing, InfiniBand immediately springs to mind. On the most recent Top 500 list, over 37% of systems used some form of InfiniBand – the highest representation of any interconnect family. Since 2009, InfiniBand has occupied between 30 and 51 percent of every Top 500 list.

But when you look to the clouds, InfiniBand is hard to find. Of the three major public cloud offerings (Amazon Web Services, Google Cloud, and Microsoft Azure), only Azure currently has an InfiniBand offering. Some smaller players do as well (Profit Bricks, for example), but it’s

Adapting InfiniBand for High Performance Cloud Computing was written by Nicole Hemsoth at The Next Platform.

Wouldn’t it be nice if everyone knew a little queuing theory?

After many days of rain one lane of this two lane road collapsed into the canyon. It's been out for a month and it will be many more months before it will be fixed. Thanks to Google maps way too many drivers take this once sleepy local road. 

How do you think drivers go through this chokepoint? 

 

 

One hundred experience points to you if you answered one at a time.

One at a time! Through a half-duplex pipe following a first in first out discipline takes forever!

Yes, there is a stop sign. And people default to this mode because it appeals to our innate sense of fairness. What could be fairer than alternating one at a time?

The problem is it's stupid.

While waiting, stewing, growing angrier, I often think if people just knew a little queueing theory we could all be on our way a lot faster.

We can't make the pipe full duplex, so that's out. Let's assume there's no priority involved, vehicles are roughly the same size and take roughly the same time to transit the network. Then what do you do?

Why can't people figure out its faster to drive through Continue reading

Worth Reading: Python 3.6 released

The coding community got a nice bonus gift under our collective Christmas tree on December 23, 2016, when the Python Software Foundation released the latest version of the language, Python 3.6. While the rest of us were busy snagging cocktail snacks at the office holiday party, Continuum Analytics maker of Anaconda, the leading open source data science platform for the Python programming language — was busy issuing their own matching release. —New Stack

The post Worth Reading: Python 3.6 released appeared first on 'net work.

1 2,401 2,402 2,403 2,404 2,405 3,857