November 24, 2023

November 24, 2023

How American Express Created an Open Source Program Office

American Express has established an open source program office that gamifies the safe development of open source code that can be poured back into the community. “Without the program existing, a lot of people at the company wouldn’t know about giving back to open source, they wouldn’t see the power in it,” said Amanda Chesin, software engineer at American Express, during a presentation at OSFF. The AmEx OSPO started as an informal group of developers trying to establish a symbiotic relationship with the open source community, said Tim Klever, vice president of the development experience at AmEx, at the conference. The first step was to convince the skeptical upper management of the value of open source. Security issues were the single largest concern among 56% of executives surveyed by FINOS. That was followed by quality of components, compliance with external regulations, and licensing of intellectual properties. ... “That’s really when we kind of became official because we had someone to worry about this stuff and work on it the whole time, even though we only got [her] for a summer,” Klever said.


Navigating the uncharted waters of the Digital Protection Act 2023: Overcoming unsolicited challenges in the digital realm

Of particular note is the provision for grievance redressal, affording individuals a legal avenue to hold data fiduciaries accountable. However, in contrast to the penalties imposed on data fiduciaries for non-compliance, the Data Protection Board's authority to levy fines on data principals (for violations of duties not to file frivolous complaints or impersonate others) is limited to a modest sum of up to ? 10,000. This duality poses a significant concern, as it introduces the possibility of groundless complaints. A successful complaint can yield a substantial ? 200 crore award, while an unsuccessful one carries a comparatively nominal penalty of ? 10,000. This dynamic could lead to an influx of speculative claims and an environment of undue frustration. There may be merit in revisiting the penalty structure, aligning it with the sum initially sought by the complainant to ensure the integrity of the complaint forum. One notable absence in the Act is the 'right to be forgotten', a provision in comparable digital data protection legislations like the GDPR.?


Could edge computing unlock AI’s vast potential?

Beyond the increased performance that AI applications demand, a key benefit of the edge model is reliability and resilience. Consumers have taken to AI, with 73% worldwide saying they trust content produced by generative AI, and 43% keen for organizations to implement generative AI throughout customer interactions. Businesses that can’t keep their AI-powered services running will suffer from declining customer satisfaction and even a drop in market share. When a traditional data center suffers a power outage – perhaps due to a grid failure or natural disaster – apps reliant on these centralized data centers simply cannot function. Edge computing avoids this single point of failure: with compute more distributed, smart networks can instead use the processing power nearest to them to keep functioning. There are also benefits when it comes to data governance. If sensitive data is processed at the edge of the network, it doesn’t need to be processed in a public cloud or centralized data center, meaning fewer opportunities to steal data at rest or in transit. ... Finally, there are cost savings to think about. Cloud service providers often charge businesses to transfer data from their cloud storage.


Cloud security and devops have work to do

First, they are not given the budget to plug up these vulnerabilities. In some instances, this is true. Cloud and development security are often underfunded. However, in most cases, the funding is good or great relative to their peers, and the problems still exist. Second, they can’t find the talent they need. For the most part, this is also legit. I figure that there are 10 security and development security positions that are chasing a single qualified candidate. As I talked about in my last post, we need to solve this. Despite the forces pushing against you, there are some recommended courses of action. CISOs should be able to capture metrics demonstrating risks and communicate them to executives and the board. Those are hard conversations but necessary if you’re looking to take on these issues as an executive team and reduce the impact on you and the development teams when stuff hits the fan. In many instances, the C-levels and the boards consider this a ploy to get more budget—that needs to be dealt with as well. Actions that can remove some of this risk include continuous security training for software development teams.?


Windows-as-an-app is coming

Windows App, which is still in beta, will let you connect to Azure Virtual Desktop, Windows 365, Microsoft Dev Box, Remote Desktop Services, and remote PCs from, well, pretty much any computing device. Specifically, you can use it from Macs, iPhones, iPads, other Windows machines, and — pay attention! — web browsers. That last part means you'll be able to run Windows from Linux-powered PCs, Chromebooks, and Android phones and tablets. So, if you've been stuck running Windows because your boss insists that you can't get your job done from a Chromebook, Linux PC, or Mac, your day has come. You can still run the machine you want and use Windows for only those times you require Windows-specific software. Mind you, you've been able to do that for some time. As I pointed out recently, all the Windows software vendors don't want you to run standalone Windows applications; they prefer web-based Software-as-a-Service (SaaS) applications. They can make a lot more money from you by insisting you pay a monthly subscription rather than a one-time payment. Sure, Microsoft made its first billions from Windows and the PC desktop, but that hasn't been its business plan for years now.


Q-Learning: Advancing Towards AGI and Artificial Superintelligence (ASI) through Reinforcement Learning

At its essence, Q-learning is akin to introducing a reward system to a computer, aiding it in deciphering the most effective strategies for playing a game. This process involves defining various actions that a computer can take in a given situation or state, such as moving left, right, up, or down in a video game. These actions and states are meticulously logged in what is commonly referred to as a Q-table. The Q-table serves as the computer’s playground for learning, where it keeps tabs on the quality (Q-value) of each action in every state. Initially, it’s comparable to a blank canvas – the computer embarks on this journey without prior knowledge of which actions will lead to optimal results. The adventure commences with exploration. The computer takes a plunge into trying out different actions randomly, navigating the game environment, and recording the outcomes in the Q-table. Think of it as the computer playfully experimenting and gradually figuring out the lay of the land. Learning from Rewards forms the core of Q-learning. Each time the computer takes an action, it earns a reward.?

Read more here ...

要查看或添加评论,请登录

Kannan Subbiah的更多文章

  • March 19, 2025

    March 19, 2025

    How AI is Becoming More Human-Like With Emotional Intelligence The concept of humanizing AI is designing systems that…

  • March 17, 2025

    March 17, 2025

    Inching towards AGI: How reasoning and deep research are expanding AI from statistical prediction to structured…

  • March 16, 2025

    March 16, 2025

    What Do You Get When You Hire a Ransomware Negotiator? Despite calls from law enforcement agencies and some lawmakers…

  • March 15, 2025

    March 15, 2025

    Guardians of AIoT: Protecting Smart Devices from Data Poisoning Machine learning algorithms rely on datasets to…

    1 条评论
  • March 14, 2025

    March 14, 2025

    The Maturing State of Infrastructure as Code in 2025 The progression from cloud-specific frameworks to declarative…

  • March 13, 2025

    March 13, 2025

    Becoming an AI-First Organization: What CIOs Must Get Right "The three pillars of an AI-first organization are data…

  • March 12, 2025

    March 12, 2025

    Rethinking Firewall and Proxy Management for Enterprise Agility Firewall and proxy management follows a simple rule:…

  • March 11, 2025

    March 11, 2025

    This new AI benchmark measures how much models lie Scheming, deception, and alignment faking, when an AI model…

  • March 10, 2025

    March 10, 2025

    The Reality of Platform Engineering vs. Common Misconceptions In theory, the definition of platform engineering is…

  • March 09, 2025

    March 09, 2025

    Software Development Teams Struggle as Security Debt Reaches Critical Levels Software development teams face mounting…

社区洞察

其他会员也浏览了