28 October, 2014

6 ways to protect your data in cyberspace

English: A candidate icon for Portal:Computer ...
English: A candidate icon for Portal:Computer security (Photo credit: Wikipedia)
This one is a classic, not that it is old and ancient, but it stands the test of time... Perhaps it may be even more important and more relevant in the many years to come, who knows?


This would be remembered as the Year of the Hack, if next year didn’t promise even more cyber security breaches. Ordinary users shouldn’t wait for businesses and governments to respond to the growing threat.

This year’s spectacular revelations include the theft of 145 million personal records from eBay, and the acknowledgment by JP-Morgan Chase that 76 million households and seven million small businesses may have been affected by a data breach.

On Monday, hackers claimed to have obtained millions of passwords from Dropbox. These reports followed news of tens of millions of compromised credit card numbers at Target, Home Depot, Walmart, PF Chang and Nieman Marcus.

Other as yet undisclosed thefts could be linked to two longstanding vulnerabilities in open- source software known as Heartbleed and Shellshock, discovered in recent months. In addition, we have seen the release of celebrities’ naked pictures stolen from Apple’s iCloud and images of ordinary youngsters lifted from Snapchat.

There was also the theft of classified data by at least two groups of Russian hackers, one using malware called Snake and the other dubbed SandWorm by the cyber security company that discovered it. Perhaps the best way to get a general picture of global information (in)security is an interactive map produced by Russian cyber security company Kaspersky Lab.

According to Pricewaterhouse-Coopers, which surveyed 9,700 executives in 154 countries in April and May, there were 42.8 million reported incidents this year, up 48 per cent from last year’s survey. The number of companies reporting losses of more than US$20 million (S$26 million) doubled compared with last year. At the same, investment in information security is down 4 percent from the year before.

In this game, innocent bystanders may be most likely to get hurt. Here are six rules for protecting yourself.

>> Keep nothing on any of your devices, or in the cloud, that you wouldn’t want the world to see.

These include Dropbox and iCloud, even if the former says no user credentials have been compromised and the latter has added two-factor authentication requiring access to a user’s phone.

All computer systems are vulnerable because humans write code. A vulnerability could lurk for years, as Heartbleed and Shellshock did.

It is much safer to keep your data under a loose floorboard than on a major company’s cloud service: Only someone who is intensely interested in you will search your apartment, but Internet services are subjected to generic, wholesale attacks.

>> Don’t send any sensitive information over the Internet.

Kids thought Snapchat was a safe way to sext because pictures and videos disappear after being viewed.

It turns out that an outside developer found a way to store the content and someone else broke into the storage.

Besides, government are watching, and even if you don’t believe Edward Snowden’s story of National Security Agency staff passing around naked photos obtained through blanket surveillance, it could happen.

>> Block e-mail messages from people you don’t know.

They are much more likely to be spam and phishing attempts than legitimate correspondence. Those who really need to reach you can contact you via social networks.

Never open any e-mail attachments unless you’ve discussed them with the sender. SandWorm used a previously unknown Windows vulnerability to get into Ukrainian and North Atlantic Treaty Organisation member networks, but they needed a user to open a “weaponised” PowerPoint file.

That unnecessary click can get you fired and your organization robbed blind.

>> The credit card you use online should have a spending limit that reflects the amount that you would be comfortable losing to thieves and, perhaps, never recovering.
Virtual cards that are never used again are best for big purchases. The credit card you use offline should have a chip and require a PIN code to pay merchant.

If you don’t have a chip card, don’t use plastic to pay small merchants – few invest in data security.

>> Vault applications that store your many passwords are just as vulnerable as any other services, regardless of the claims they make about encryption and not storing your data.
True, none of the widely available vaults has been cracked, but every new breach is always a surprise. It might make more sense to minimise the number of services allowed to store your credit card numbers, only picking ones with two-factor authentication and committing the passwords to memory.

>> Don’t buy anything that could be maliciously reprogrammed with physical consequences.

That applies to most Internet of Things devices and, increasingly, to cars.

I don’t always follow these rules, but every time I break them, I know I’m taking a risk. The pre-Internet world was safer, if not as convenient. We have put way too much trust in the magic of technology.


Taken from My Paper, Thursday, October 16, 2014

25 October, 2014

Java SE 7 Programming Essentials - my 2nd Java book

English: The cover illustration for the Java P...
English: The cover illustration for the Java Programming book on Wikibooks (Photo credit: Wikipedia)

About a week ago, I finished reading my 2nd book on Java programming - Java SE 7 Programming Essentials, authored by Michael Ernest. It was basically written for a beginner, but one who is aiming for an Oracle certification, the OCA Java SE 7 (Oracle Certified Associate, Java SE 7).

I have been doing software development since 1996, using PROMIS and VMS, and the very first Windows, and DOS, etc., and I have used .NET in all of my latest applications, but I would admit that I still picked up a lot of fundamental knowledge from this book.

I've come across much of the same topics in another book, C# in Depth, but in Java SE 7 Programming Essentials, they were presented for beginners. Thus, the detailed explanation, which is easy to grasp.

I had to admit that the modifiers was one of the things that became clearer to me, and I am now more aware as to why a class or method is declared public, and not private, or if no modifier is used, what the default behavior is, etc. Very basic, right?

Inheritance and composition is another thing that I was refreshed on, and the use of the 'this' keyword, especially when using inheritance, where properties are also passed down.

Constructors were also discussed, and I learned how you can create your own constructor.

Then there is also the topic on interface, and when it becomes a limitation. Followed by enumeration.

But the one thing I like very much, which I have been looking for so long, is how he presented the acquisition of a business, which needed the merging, or enhancing of the acquired company's business system. Very simple, but that is what I have been looking for - creating your own, and integrating into an existing simple that is built differently - without breaking each other.

Indeed, doing software development is one easy task, but creating a code that is optimized and compact, easy to maintain, and is in all aspect of the highest standards - that is one tough goal, a hard target. But then again, how can you score if you don't have a goal?

Aim high, and hit the mark!

That's what I'm doing now. Patience, and I will hit the mark.

Till then...

Using the Web to Study the Minds of Dogs

English: Matheson Reading Room at Emory Univer...
English: Matheson Reading Room at Emory University in Atlanta, GA (Photo credit: Wikipedia)
Emory university
Emory university (Photo credit: Wikipedia)
By Carl Zimmer

In 1995, Brian Hare began to wonder what his dog Oreo was thinking.

At that time, he was studying animal psychology with Michael Tomasello at Emory University in Atlanta.

Humans, it was known at that time, are exquisitely sensitive to signals from other humans. We use that information to solve problems that we might struggle to figure out on our own.

Dr. Tomasello discovered that chimpanzees, our closest living relatives, typically fail to notice much of this social information. Pointing to the location of a hidden banana will usually not help a chimp find the banana, for example.

But Mr. Hare had his doubts. “I think my dog can do that,” he declared.

To persuade his mentor, he videotaped Oreo chasing after tennis balls. And indeed, when he pointed left or right, off the dog would run, in the indicated direction, to find a ball.

He then followed up with a full-blown experiment, using food hidden under cups in his garage; Oreo consistently picked out the right cup after Mr. Hare pointed to it, and other dogs (including some that had never seen Mr. Hare) did well, too. Dogs could indeed pass the pointing test, while wolves, their wild relatives, could not.

Dr. Hare, now an associate professor at Duke University in Durham, North Carolina, has continued to probe the canine mind, but his research has been constrained by the number of dogs he can study.

Now he hopes to expand his research geometrically – with the help of dog owners around the world. He is the chief scientific officer or a new company called Dognition, which produces a Web site where people can test their dog’s cognition, learn about their pets and, Dr. Hare hopes, supply him and his colleagues with scientific data on tens of thousands of dogs.

“Because it’s big data, we can ask questions that nobody could have a chance to look at,” he said.

From his previous research, Dr. Hare has argued that dogs evolved their extraordinary social intelligence once their ancestors began lingering around early human settlements. As he and his wife, Vanessa Woods, explain in their book, “The Genius of Dogs,” natural selection favored the dogs that did a better job of figuring out the intentions of humans.

But while this evolution gave dogs one cognitive gift, it didn’t make them more intelligent in general. “If you compare them to wolves as individuals, they look like idiots,” Dr. Hare said. “But if you then show them having a human solve the problem, they’re geniuses.

Dr. Hare says his main goal is to build a database that will shed light on longstanding questions about behavior, breeding and genetics – for example, whether the cognitive styles of various breeds can be linked to their genes.

Dr. Hare hopes that scientists can use Dognition to deliver their insights to dog trainers.

One hypothesis has already emerged from Dognition’s users, Dr. Hare said. A surprising link turned up between empathy in dogs and deception. The dogs that are most bonded to their owners turn out to be most likely to observe their owners in order to steal food.

from TODAY, Saturday, May 4, 2013

23 October, 2014

Apple stirs debate with frozen-egg staff perk

English: Apple's headquarters at Infinite Loop...
English: Apple's headquarters at Infinite Loop in Cupertino, California, USA. (Photo credit: Wikipedia)

Apple is following Facebook by offering company insurance coverage to women who wish to freeze their eggs.

Facebook started providing the benefit, which applies to employees and their spouses or domestic partners, in January. The Menlo Park, California-based social network firm offers full coverage, or as much as US$20,000 (S$26,000) for expenses related to the procedure, which could include surrogacy or court fees.

Apple, based in Cupertino, California, said it will start offering similar coverage next year. In a statement, Apple spokesman Kristin Huguet said the iPhone maker wants to “empower women at Apple to do the best work of their lives as they care for loved ones and raise their families.”

The decisions come amid a debate about the best ways to recruit and retain women in the technology industry, where they are underrepresented as a percentage of the total workforce. Apple and Facebook are among the first companies to offer the option to freeze eggs.

The developments, which were reported earlier this week by NBC, sparked a debate on social media about whether the benefit would pressure women to undergo an invasive procedure to delay childbirth in favour of their careers.

“Is an employer paying to freeze a woman’s eggs empowering or suggesting motherhood and a career are incompatible?” songwriter Miranda Dawn, wrote on Twitter yesterday.

Gawker’s Valleywag blog jumped in with a post entitled Facebook And Apple Offer Egg-Freezing Perk So Women Never Stop Working.

In response to the debate, Facebook spokesman Genevieve Grdina said the company also offers other benefits to make the transition to parenthood easier whenever an employee is ready, such as nursing rooms on campus and subsidized day care. When a baby is born or adopted, a mother or father gets four months of paid parental leave and US$4,000 in “baby cash.”


Taken from My Paper, Thursday, October 16, 2014

21 October, 2014

Agile Experience Design: my first take on agile concept

English: This poster provides a good visual of...
English: This poster provides a good visual of the standard Agile Software Development methodology. (Photo credit: Wikipedia)

It have been over two months now, I never realized that I was not able to post at least a short description of the book that I finished reading some time back in the 2nd week of August.

Anyway, I patiently completed the book, my first on the Agile series, and there was much concept to grasp as written there, and I was glad that while not many, some of the ideas presented therein, I already practice - or believe to be the ideal.

Functional and aesthetic.

Not just functional. Not just pretty. They must be both. Nobody would buy a device that is functional but not pleasing. And nobody stays with a pretty device that doesn't work quite well.

And while I can't remember now which book or which article I came across with in the past, one that I will always practice is this: to engage my users, to see how they use the software, how they engage the solutions and applications that I design, develop and implement.

We are not perfect, but by consistently looking for ways and means of tweaking and enhancing the features of a software, even without the user asking for it, we will be exhibiting continuous improvement.

But then again, I found that in Linkedin, not all software developers believe that Agile is the way to go. Yet there are those who deem that waterfall methodology is one that is already dormant, near extinction.

What's my take?

I go for agile. But the truth is, when you design a software, management will still prefer the written design, in its totality and completeness (whatever that includes and entails) - one that they can "visualize", and put their signature on - rather than a blank sheet with bits and pieces of (well-designed?) software piece parts.

Here's the book again: Agile experience design: a digital designer's guide to agile, lean, and continuous

I learned new things, but new things don't immediately take over the rein. So we're in the balance now.

Till then!