January 18, 2021
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
Go back to the office? Some employees would rather quit
It's been difficult to get a good read on what the prevailing attitude is towards working from home since traditional workplaces shut in the early months of 2020. While the consensus largely appears to be that employees relish the flexibility and (subjective) comfort that working from home provides, this is at odds with the mental health spectre that has loomed over the COVID-19 crisis, with countless reports and statistics highlighting the toll that working in insolation has on wellbeing. This is captured in LiveCareer's survey. Despite 81% of employees saying they enjoyed working remotely, and 61% expressing a desire to continue working in a remote capacity after the pandemic is over, only 45% of those polled said that telecommuting had not taken a toll on their mental wellbeing. Clearly, the ideal situation is about balance: employees want the option to work remotely, while also having a shared workspace that they can use when needed. One major factor employers need to address to make the return to office life more appealing is safety. With many companies still trying to figure out how they can reconfigure or otherwise re-think their real estate investments to suit a new hybrid workforce, ensuring workplaces are safe should top the agenda.
AVIF Image Format: The Next-Gen Compression Codec
AVIF, or AV Image Format, is an open-source and royalty-free image format based on the AV1 codec, and ,similar to AV1, AVIF provides a very high compression rate. The fact that it's royalty-free makes it stand out from the competition. Leveraging the power of AV1 has proven beneficial for AVIF, in both processing time and its ability to handle hardware issues. Before we further discuss the advantages of AVIF, be advised that AVIF saves pictures in AVIF image format, which is relatively new and still not widely adopted. On top of this, it's using a reasonably new algorithm. So there may be a possibility that it’s not best for all use cases right now. ... The idea behind designing AV1 was to transmit video over the internet. With a better compression rate for video, AVI reduced the number of overall bits. This allows the AV1 codec to provide multiple coding techniques that gives developers some freedom when writing their code. If you wonder why we brought this concept of video compression technique into an image compression post, its because videos and image codecs share similarities in the nature of their data. The AV1 codec has proved very advantageous for the internet by saving bandwidth, which MPEG could not do, although JPEG XR was still in the race but not as effective as AV1.
Love in the time of algorithms: would you let your artificial intelligence choose your partner?
Another problematic consequence may be rising numbers of socially reclusive people who substitute technology for real human interaction. In Japan, this phenomenon (called “hikikomori”) is quite prevalent. At the same time, Japan has also experienced a severe decline in birth rates for decades. The National Institute of Population and Social Security Research predicts the population will fall from 127 million to about 88 million by 2065. Concerned by the declining birth rate, the Japanese government last month announced it would pour two billion yen (about A$25,000,000) into an AI-based matchmaking system. The debate on digital and robotic “love” is highly polarised, much like most major debates in the history of technology. Usually, consensus is reached somewhere in the middle. But in this debate, it seems the technology is advancing faster than we are approaching a consensus. Generally, the most constructive relationship a person can have with technology is one in which the person is in control, and the technology helps enhance their experiences. For technology to be in control is dehumanising.
How Teams Can Overcome the Security Challenges of Agile Web App Development
Managing company secrets in an agile environment means CISOs need to rethink the scalability of their current security solutions. With rapidly changing codebases, it’s essential that enterprises use security tools that support agile development and also extend to other platforms that devops teams might use. Akeyless is a versatile security tool that fragments encryption keys and provides a high degree of data security. It supports agile release environments and can be scaled to different platforms as needed. One of the reasons I like implementing this solution when consulting for app companies is how easily I can integrate it with all the major development platforms through plugins, ensuring that in-house departments and subcontractors alike can securely manage access to sandbox servers and databases, without interrupting their workflows. Beyond governance concerns, in my experience, compliance and audit teams generally stand to gain a great deal by learning about how automation can help them achieve their goals, along with how their protocols can improve with automation. On the other hand, complete automation might not be possible in every area.
Multiple backdoors and vulnerabilities discovered in FiberHome routers
FTTH ONT stands for Fiber-to-the-Home Optical Network Terminal. These are special devices fitted at the end of optical fiber cables. Their role is to convert optical signals sent via fiber optics cables into classic Ethernet or wireless (WiFi) connections. FTTH ONT routers are usually installed in apartment buildings or inside the homes or businesses that opt for gigabit-type subscriptions. In a report published last week, security researcher Pierre Kim said he identified a large collection of security issues with FiberHome HG6245D and FiberHome RP2602, two FTTH ONT router models developed by Chinese company FiberHome Networks. The report describes both positive and negative issues with the two router models and their firmware. ... Furthermore, the Telnet management feature, which is often abused by botnets, is also disabled by default. However, Kim says that FiberHome engineers have apparently failed to activate these same protections for the routers' IPv6 interface. Kim notes that the device firewall is only active on the IPv4 interface and not on IPv6, allowing threat actors direct access to all of the router's internal services, as long as they know the IPv6 address to access the device.
How do I select a fraud detection solution for my business?
From strictly rules based to fully black box. The former gives you complete control but can be cumbersome and relies on a knowledgeable in house fraud team. The other end is perfect for extreme transaction volumes but offers little explanability. Fortunately, there is a middle ground with whitebox, supervised machine learning- you get the best of both worlds- granular rule based with machine learning making connections between disparate and complex data points. Fraud detection technologies should fit your business, not the other way around. Fraudsters evolve and find ingenious workarounds to most point solutions. Modern fraud detection is a “net” approach where the latest cutting edge tools are used in combination to make it very, very hard for a fraudster to fool them all. Results are very hard to predict. Try and select fraud technologies that allow you to test and show proof of value with no commitment, free trial periods. Modern, effective fraud tech should follow the best SAAS products where you see actual pricing, monthly contracts and free trials. Product value and risk should rest solely on the fraud detection partner.
Read more here ...