Browser image via FreeImages
Which programs are being targeted most by exploit kits? Check out the latest report in this week’s roundup.
1. Flash, Java and IE top list of most popular exploit kit targets – Michael Heller (SearchSecurity)
Exploit kits make the job of an attacker much easier but can be defended against easily by understanding the vulnerabilities and software they most often target.
2. Aruba launches a new mobile first platform for enterprises – Eamon McCarthy Earls (SearchNetworking)
Aruba is drawing together six network product offerings to create a new mobile first platform underpinned by APIs.
3. Evernote’s move to Google downplays cloud lock-in concerns – Trevor Jones (SearchCloudComputing)
Cloud lock-in continues to fall down the list of concerns for companies willing to accept the tradeoff to tap into a platform’s higher-level services.
4. HPE sells Vertica analytics, thanks to the growth of open source software – Jack Vaughan (SearchDataManagement)
HPE is paring down its software holdings, including analytical software in the Vertica line. A sale to Micro Focus is due to close next year.
5. Veritas Vision: Beyond backup to cloud, data management – Sonia Lelii (SearchDataBackup)
Newly independent vendor Veritas plans to evolve from selling more than data protection to targeting the data management market, while using the cloud.
Deal image via FreeImages
Last week, all the big news surrounded the closing of the Dell-EMC deal. Check out all the different stories in this week’s roundup.
1. Dell EMC now ‘open for business’ – Dave Raffo (SearchStorage)
Dell’s $60 billion-plus acquisition creates a new storage behemoth, called Dell EMC, but it will take a while to address all lingering concerns about the new company.
2. Bulky vs. slim: Dell-EMC and HPE paths raise innovation questions – Robert Gates (SearchDataCenter)
Users mull a vastly different IT buying landscape, after Dell Technologies completed the largest technology deal in history, while HPE sells off another part of its business.
3. RSA: No major changes expected following Dell-EMC merger – Michael Heller (SearchSecurity)
Following the Dell-EMC merger, RSA executives expect no significant changes to the business, although there will be some product overlap to deal with.
4. The new Dell talks up cloud, convergence, but networking plans vague – Chuck Moozakis (SearchNetworking)
The new Dell Technologies is bullish on hybrid cloud, convergence and cloud-native applications for enterprises, but Dell networking plans weren’t in the spotlight.
5. Google to tweak Chrome browser security in 2017, flag HTTP as insecure – Peter Loshin (SearchSecurity)
Google’s campaign to encrypt the web continues, as Chrome browser security will flag any sites using HTTP for passwords or payment info as insecure, starting in 2017.
Password image via FreeImages
What can you learn from the Dropbox data breach? Check out all the important lessons in this week’s roundup.
1. Lessons from the Dropbox breach – Warwick Ashford (ComputerWeekly)
Dropbox is the latest major company to confirm a data breach, albeit four years old, but – as with all recent data breaches by cloud-based services – it highlights some key security lessons.
2. Dropbox hack and the password security conundrum – Brian Holak (SearchCIO)
The Dropbox hack is the latest reminder that the end is near for traditional authentication methods. Also in Searchlight: VMware comes at cloud from a new direction.
3. VCloud Air becomes a role player in VMware’s cloud strategy – Trevor Jones (SearchCloudComputing)
VCloud Air never got much traction in the public cloud market and now it’s being relegated to a bit player in the latest tweak to VMware’s cloud strategy.
4. FBI wants ‘adult’ conversation about ‘going dark’ encryption debate – Michael Heller (SearchSecurity)
FBI Director James Comey wants to have an ‘adult’ conversation on the encryption debate, but many think that means ignoring experts and embracing the ‘going dark’ argument.
5. HPE adapts Vertica analytical database to world with Hadoop, Spark – Jack Vaughan (SearchDataManagement)
Vertica 8.0 expands the analytical database’s support for Kafka, Spark and Hadoop. That’s an important step, as the Hewlett Packard Enterprise technology tries to compete in a field of diverse data tools.
Wish image via FreeImages
What’s on your wish list for VMworld 2016? Check out what several experts want in this week’s roundup.
1. IT’s VMworld 2016 wish list: Bring VDI costs down – Ramin Edmond (SearchVirtualDesktop)
IT experts share their wish lists for VMworld 2016. For SMBs, it’s high time VMware brings cheaper VDI to the table.
2. Questions swirl around Shadow Brokers’ cyberweapons dump – Peter Loshin (SearchSecurity)
More unanswered questions remain about the Shadow Brokers’ release of NSA/Equation Group cyberweapons cache, as vendors move to mitigate and researchers search for vulnerabilities.
3. Microsoft to tap Genee online intelligence for Office 365 – Antone Gonsalves (SearchUnifiedCommunications)
Microsoft plans to use startup Genee’s online intelligence to automate calendaring tasks in Office 365. Microsoft acquired Genee this week.
4. State of cloud infographic: Cloud Computing stats for CIOs, IT execs – SearchCIO staff (SearchCIO)
Surveys show that many enterprises plan to increase or maintain cloud spending in 2016.
5. Rackspace acquisition positions company for more managed services – Trevor Jones (SearchCloudComputing)
The Rackspace acquisition by Apollo Global Management will make the company privately held and infuse it with cash to double down on its strategy around managed services.
Cloud image via FreeImages
Who’s winning the cloud wars? Find out who takes the top spot in this week’s roundup.
1. Latest Gartner ranking: Who’s winning the cloud wars – Jason Sparapani (SearchCIO)
AWS, Azure and Google score big in the latest Gartner ranking. But don’t just go by good grades when choosing an IaaS cloud platform.
2. New XenApp express service puts spotlight on cloud app delivery – Ramin Edmond (SearchVirtualDesktop)
Businesses are moving away from full virtual desktops to delivering individual apps from the cloud. The latest indication of this trend is the new XenApp express service from Citrix and Microsoft.
3. Fallout from Equation Group cyberweapons leak continues to mount – Peter Loshin (SearchSecurity)
Mystery continues to surround the Shadow Brokers’ release of Equation Group vulnerability exploits and hacking tools, as vendors scramble to patch zero days.
4. Security was talk of the summer, may be big at Oracle OpenWorld 2016 – Jessica Sirkin (SearchOracle)
OAUG President Patricia Dues has attended every Oracle OpenWorld. She shares her thoughts on OpenWorld 2016, and why security and the cloud are the places to look.
5. Data-driven marketing is trend for next 12 months, says Vala Afshar – Lauren Horwitz (SearchSalesforce)
Bringing intelligence to marketing systems is the theme for the next year, says Vala Afshar of Salesforce.
Airline image via FreeImages
What’s the lesson learned from Delta’s recent data center outage? Find out in this week’s roundup.
1. Delta outage raises backup data center, power questions – Robert Gates (SearchDataCenter)
Another outage at an airline data center offers yet another lesson about the need to fail over to a backup data center and bounce back quickly after a power problem.
2. White House aims to secure open source government programs – Michael Heller (SearchSecurity)
The White House unveils a new open source government policy and new research estimates the government’s zero-day exploit stockpile to be smaller than expected.
3. New Huawei Enterprise chief handicapped by politics, not products – Antone Gonsalves (SearchNetworking)
David He, newly appointed president at Huawei Enterprise U.S., is ready to turn over 100% of sales to partners. He is optimistic despite cloud of Chinese cyber spying.
4. Delta outage is a wake-up call for IT execs, CEOs – Brian Holak (SearchCIO)
The Delta outage isn’t the first DR-related debacle to strike a well-known organization and it won’t be the last. Also: Data theft on the rise; Intel the latest to buy AI startup.
5. NVMe over Fabrics gathers steam for flash and post-flash devices – Carol Sliwa (SearchSolidStateStorage)
Industry players are demonstrating the new NVM Express over Fabrics network interconnect technology, but it’s hard to say when it will gain widespread adoption.
By James Kobielus (@jameskobielus)
Economic prosperity is the dream of every society. In the 21st century, we’re seeing wealth come to developing nations everywhere. It’s bringing long life expectancies, educational opportunities, and middle-class comforts to people who’ve never known any of this before.
Prosperity is also spreading advanced technologies far and wide. Though few societies are eager to return to pre-digital lifestyles, many people are uncomfortable with the rate of change, the mind-boggling complexities, and the unanticipated downsides of the technologically accelerated new world culture. This trend is stoking popular backlash against disruptive technologies such as big data analytics, cognitive computing, and artificial intelligence (AI).
Call these “first-world problems” if you will, but people everywhere have legitimate concerns about technology’s impacts on their cultures, communities, jobs, and private lives. It seems that more people are apt to portray technology as a prime scapegoat for all the bewildering forces reshaping their lives for better or worse. In other words, some people see technology as a “disruption” in the older, more pejorative sense of the term, rather than as a net boon for humanity in the more positive Silicon Valley spin.
If you’re in Silicon Valley, you should at least feel a bit nervous that some people regard your life’s work as the cause of their problems, rather than a path to a better, brighter future. Speaking of the Valley, one of its primary thought leaders, futurist Tim O’Reilly, recently sounded the alarm on this issue. In a recent interview, he stated the following: “What I’ve noticed is people increasingly blame technology, whether it’s gentrification in San Francisco, or the fear of rogue AI, or the working conditions of the on-demand economy. Tech is increasingly being painted as a villain.”
O’Reilly is a big booster of AI, but I couldn’t help noticing that this is the only disruptive technology he specifically singles out as the source of popular apprehension. If you regard the term “AI” as a catch-all that includes cognitive computing and big-data analytics, I agree with him that the industry needs to be sensitive to these concerns. In fact, I stated as much in this recent TechTarget column, with respect to the potential for AI-driven systems to invade privacy, be weaponized, addict emotionally vulnerable people, and otherwise contribute to undesirable societal consequences.
One of the things I found interesting in O’Reilly’s discussion was the notion that popular sentiment is constantly toggling between dystopian and utopian visions of AI’s disruptive potential. He attaches the pithy name of “WTF economy” to this bipolarity. “WTF is a great phrase,” he says, “because it can be an expression of wonder, or it can be an expression of dismay or disgust.”
To accentuate the positive pole of this vision, O’Reilly proposes what he calls the “Next:Economy” paradigm. This is a vaguely socialistic scenario in which AI-fueled technological innovations drive greater process automation throughout the economy while at the same time fostering greater human “augmentation.” This is the utopian vision of an online economy in which a never-ending flow of frictionless, on-demand, algorithmic transactions makes everybody richer, smarter, more productive, more creative, and fulfilled. In this vision, “companies…have more than profit at the heart of their model. They have a societal benefit.”
In an article earlier this year, O’Reilly hints vaguely at guidance for societal movers and shakers who seek to bring this data-driven utopia to fruition. However, he gives no indication as to how one might use AI or any other technological enabler to ensure that an organization’s business model can generate a never-ending stream of “societal benefit”–apart from the usual advantages that flow from a vibrant, innovative, and free marketplace (with or without AI).
I’m not philosophically opposed to O’Reilly vision. I agree with him on the potential for data-driven technologies to help national and regional economies to move in this direction. But if you’re a working technology professional, it can be hard to identify what, if anything, you should be doing differently to respond to these popular concerns regarding disruption (in the negative sense).
Near as I can tell, O’Reilly’s vision seems to be calling for such technological enablers as cloud-first business platforms, open data, agile collaboration systems, loosely coupled microservices, data-driven next best actions, self-service personalization, and experience optimization. However, many companies have already invested heavily in those and other technologies as the building blocks of their digital business models. Many of those same organizations have also taken privacy, security, governance, and risk compliance mandates to heart and enforce them on an enterprise-wide basis.
It seems to me that, taken to its logical extreme, O’Reilly’s vision calls for some sort of algorithmic resource that calculates societally optimal outcomes and drives orchestrated next-best-action scenarios to deliver those outcomes automatically and universally. And that, in turn, would presuppose some sort of societal regulatory regime for defining what those societally sanctioned outcomes might be.
But I doubt that O’Reilly would actually take it to that extreme. His vision is actually more “invisible hand” in its emphasis on ensuring that online marketplaces are structured to achieve these outcomes without need for state intervention or heavy-handed regulation.
And that’s the proper orientation. As societies across the planet join the so-called “first world,” they will all evolve their economies toward this algorithmically driven model. As very different national cultures move in this common direction, we shouldn’t dismiss people’s fears surrounding the disruptions, dislocations, and disorientations that accompany this migration.
But we shouldn’t buy into the alarmist notion that somehow “technology” in the abstract is the source of these problems or that some societies will inevitably suffer in the process. As the world economy races more deeply into the economic fabric of the 21st century, each society must find its own way of ensuring that its people benefit from this trend to the maximum extent feasible.
Purchase image via FreeImages
What do you make of Verizon’s purchase of Yahoo? Find out how the company plans to make its mark in the digital content market in this week’s roundup.
1. Verizon purchase of Yahoo a risky bid for digital content – Brian Holak (SearchCIO)
With the Verizon purchase of Yahoo, the telecommunications company hopes to break into the cutthroat business of digital content, but challenges await. Also: Oracle invests in cloud; more Microsoft layoffs.
2. Oracle cloud ERP gains ground with planned $9.3 billion purchase of NetSuite – Jack Vaughan (SearchOracle)
The Oracle cloud ERP chase could gain speed, thanks to a $9.3B plan to buy cloud applications vendor NetSuite. The software giant’s timing may be good, as more users look to the cloud for ERP deployments.
3. Microsoft Stream marks major push in business video – Antone Gonsalves (SearchUnifiedCommunications)
Microsoft Stream, backed by the vendor’s marketing power, is expected to draw more enterprises into the business video market.
4. White House unveils federal cybersecurity plan and attack rating system – Michael Heller (SearchSecurity)
The White House’s new federal cybersecurity plan outlines the responsibilities of each agency in a cyberattack and creates a rating system to determine the severity of an attack.
5. Citrix GoTo joins LogMeIn as housecleaning continues – Ramin Edmond (SearchVirtualDesktop)
Citrix GoTo will merge with remote desktop vendor LogMeIn, so Citrix can devote more resources to its core application delivery, networking and mobility products.
Data image via FreeImages
Do you think the chief data officer role is overblown? Find out why the CDO role is in a current state of flux in this week’s roundup.
1. The chief data officer’s dilemma — CDO role in flux – Jack Vaughan (SearchDataManagement)
How to balance data safety with innovative big data expansion was at issue at an MIT symposium where the chief data officer role was considered.
2. Data privacy in the spotlight with Privacy Shield, Microsoft – Trevor Jones (SearchCloudComputing)
Data privacy continues to be a hot-button issue on both sides of the Atlantic, with the Privacy Shield agreement and a big win for Microsoft providing some clarity to this still murky issue.
3. DNS DDoS attack shuts down Liberty of Congress websites for three days – Michael Heller (SearchSecurity)
A DNS DDoS attack hit the Library of Congress, disrupting various Library services and websites for three days before IT staff was able to restore normal functionality.
4. New AT&T Network on Demand service provides Cisco virtual router, more – Antone Gonsalves (SearchNetworking)
The latest AT&T Network on Demand service provides virtualized versions of Cisco or Juniper routers, Fortinet firewalls or Riverbed WAN optimization technology.
5. The future of AI apps will be delivery as a service – Ed Burns (SearchBusinessAnalytics)
AI systems are generating huge hype right now, which makes it imperative for businesses to understand how the technology can be deployed most effectively.
Algorithm image via FreeImages
By James Kobielus (@jameskobielus)
Algorithms are a bit like insects. Most of the time, we’re content to let them buzz innocuously in our environment, pollinating our garden and generally going about their merry business.
Under most scenarios, algorithms are helpful little critters. Embedded in operational applications, they make decisions, take actions, and deliver results continuously, reliably, and invisibly. But on the odd occasion that an algorithm stings, encroaching on your privacy or perhaps targeting you with a barrage of objectionable solicitations, your first impulse may be to swat back in anger.
That image came to mind as I pondered the new European Union (EU) regulation that was discussed by Cade Metz in this recent Wired article. Due to take effect in 2018, the General Data Protection Regulation prohibits any “automated individual decision-making” that “significantly affects” EU citizens. Specifically, it restricts any algorithmic approach that factors a wide range of personal data—including behavior, location, movements, health, interests, preferences, economic status, and so on—into automated decisions.
Considering how pervasive algorithmic processes are in everybody’s lives, this sort of regulation might encourage more people to retaliate against the occasional nuisance using legal channels. The EU’s regulation requires that impacted individuals have the option to review the specific sequence of steps, variables, and data behind a particular algorithmic decision.
Now that’s definitely a tall order to fill. The regulation’s “right to explanation” requires a degree of algorithmic transparency that could be extremely difficult to ensure under many real-world circumstances. Algorithms’ seeming anonymity–coupled with their daunting size, complexity, and obscurity–presents a thorny problem of accountability. Compounding the opacity is the fact that many algorithms—be they machine learning, convolutional neural networks, or whatever–are authored by an ever-changing, seemingly anonymous cavalcade of programmers over many years.
Throwing more decision scientists at the problem (even if there were enough of these unicorns to go around) wouldn’t necessarily lighten the burden of assessing algorithmic accountability. As the cited article states, “Explaining what goes on inside a neural network is a complicated task even for the experts. These systems operate by analyzing millions of pieces of data, and though they work quite well, it’s difficult to determine exactly why they work so well. You can’t easily trace their precise path to a final answer.”
Algorithmic accountability is not for the faint of heart, even among technical professionals who live and breathe this stuff. In many real-world distributed applications, algorithmic decision automation takes place across exceptionally complex environments. These may involve linked algorithmic processes executing on myriad runtime engines, streaming fabrics, database platforms, and middleware fabrics.
For example, this recent article outlines the challenges that Facebook faces in logging, aggregating, correlating, and analyzing all the decision-automation variables relevant to its troubleshooting, e-discovery, and other real-time operational requirements. In Facebook’s case, the limits of algorithmic accountability are clearly evident in the fact that, though it stores low-level messaging traffic in HDFS, this data can only be replayed for “up to a few days.”
Now imagine that decision-automation experts are summoned to replay the entire narrative surrounding a particular algorithmic decision in a court of law, even in environments less complex than Facebook’s. In such circumstances, a well-meaning enterprise may risk serious consequences if a judge rules against its specific approach to algorithmic decision automation. Even if the entire fine-grained algorithmic audit trail somehow materializes, you would need to be a master storyteller to net it out in simple enough terms to satisfy all parties to the proceeding. Most of the people you’re trying to explain this stuff to may not know a machine-learning algorithm from a hole in the ground.
More often than we’d like to believe, there will be no single human expert–or even (irony alert) algorithmic tool–that can frame a specific decision-automation narrative in simple, but not simplistic, English. Check out this post from last year, in which I discuss the challenges of automating the generation of complex decision-automation narratives.
Even if you could replay automated decisions from in every fine detail and with perfect narrative clarity, you may still be ill-equipped to assess whether the best algorithmic decision was made. Check out this recent article by Michael Kassner for an excellent discussion of the challenge of independent algorithmic verification.
Given the unfathomable number, speed, and complexity of most algorithmic decisions, very few will, in practice, be submitted for post-mortem third-party reassessment. Only some extraordinary future circumstance—such as a legal proceeding, contractual dispute, or showstopping technical glitch—will compel impacted parties to revisit those automated decisions.
And there may even be fundamental technical constraints that prevent investigators from determining whether a particular algorithm made the best decision. A particular deployed instance of an algorithm may have been unable to consider all relevant factors at decision time due to lack of sufficient short-term, working, and episodic memory. As Facebook’s Yann LeCun stated in this presentation, recurrent neural networks “cannot remember things for very long”—typically holding “thought vector” data structures in memory for no more than 20 seconds during runtime.
In other words, algorithms, just like you and me, may have limited attention spans and finite memories. Their bias is in-the-moment action. Asking them to retrace their exact decision sequence at some point in the indefinite future is a bit like asking you or me to explain why we used a particular object to swat a particular mosquito nine months ago.