You are here

Technology

DataStax launches Astra Block to support Web3 applications

Info World - 5 hours 39 min ago

DataStax on Wednesday said that it was launching a new cloud-based service, dubbed Astra Block, to support building Web3 applications.

Web3 is a decentralized version of the internet where content is registered on blockchains, tokenized, or managed and accessed on peer-to-peer distributed networks.

Astra Block, which is based on the Ethereum blockchain that can be used to program smart contracts, will be made available as part of the company’s Astra DB NoSQL database-as-a-service (DBaaS), which is built on Apache Cassandra.  

To read this article in full, please click here

Categories: Technology

Starburst adds low code and Warp Speed capabilities to Enterprise and Galaxy offerings

Info World - 8 hours 40 min ago

Analytics software provider Starburst introduced several new updates to its Enterprise and Galaxy offerings at its annual Datanova conference to support analytics and AI workloads for enterprises.

Starburst Enterprise is the company’s data management and analytics platform that offers an enterprise version of Trino, an open source, distributed SQL query engine for big data that allows users to query data from multiple data sources within a single query.

To read this article in full, please click here

Categories: Technology

Improve Your MSP in Less Time

Technibble - 11 hours 40 min ago

It's challenging to find the time to read, so I want to share a secret weapon that has supercharged my business education.

Source: Improve Your MSP in Less Time - Technibble.com

Categories: Technology

Microsoft pledges support in .NET language updates

Info World - 11 hours 40 min ago

Microsoft’s latest strategy for its .NET languages—C#, F#, and Visual Basic—emphasizes attributes including performance and interoperability, with the company remaining in charge of governance.

The company posted the latest overviews of plans for the three languages on February 6. Big changes will not be found in the updated strategy, but Microsoft said it was committed to full support for all three languages and to open source, backward compatibility, and aggressive language evolution for C# and F#.

To read this article in full, please click here

Categories: Technology

How to get your computer science degree online

Info World - 12 hours 40 min ago

In hard times many people seek training or accreditation. The idea is that what they may lack in experience, they will make up for with the right set of credentials or certifications.

Definitely do not quit your job for this. Experience nearly always trumps credentials. However, if you are considering a career change to tech and you lack experience or you were laid off early in your career, you may be tempted to put a BSCS after your name. And in fact you can do a bachelor’s in computer science online.

Here are some options you might consider, and some pros and cons to be aware of.

Do you really need a degree?

Are you sure? When I started my career as a software developer in the 1990s, I was the only self-taught programmer I had met. However, these days they are more common. While a degree can help, consider whether you can wait two or five years, spend $20k to $40k (in the US) plus living expenses, or pursue the degree while holding another job. There are other paths, such as studying what you need and racking up some volunteer experience.

To read this article in full, please click here

Categories: Technology

Mapping the wider fediverse

Info World - 12 hours 40 min ago

I began this journey convinced that Steampipe could help the fediverse evolve, but not sure exactly how. My first thought was to use Steampipe’s API-wrangling superpower to study patterns of communication (and conflict) across the fediverse. But as one of many Twitter escapees last November, I soon realized that the network I was joining reflected a culture that had been humming along nicely for six years and didn’t particularly want to be the object of sociological study.

As I argued in Autonomy, packet size, friction, fanout, and velocity, Mastodon bakes in certain kinds of friction for reasons. You’ve likely heard about a default unfriendliness to search, which is both a technical setting and a cultural choice that privileges the experience of current flow over the mining of past flow. Even more fundamentally, the ID of a toot not only differs from server to server but also obfuscates the toot’s date, another technical/cultural choice that means you can’t randomly access history by date. None of these frictions is insurmountable. They will be overcome for purposes good and bad. I hope and expect that communities will be able to choose their desired amounts and kinds of friction while still interoperating with others. But for my project it seemed that trying to survey the wider fediverse wasn’t the right place to start.

To read this article in full, please click here

Categories: Technology

SN 909: How ESXi Fell - EU Internet Surveillance, QNAP returns, .DEV is always HTTPS

Security Now - Tue, 02/07/2023 - 19:53
  • Picture of the Week.
  • The European Union's Internet Surveillance Proposal.
  • 30,000 patient records online?
  • .DEV is always HTTPS!
  • Google changes Chrome's release strategy.
  • Russia shoots the messenger.
  • A fool and his Crypto...
  • QNAP is back.
  • CVSS severity discrepancy.
  • Closing the Loop.
  • How ESXi Fell.

Show Notes: https://www.grc.com/sn/SN-909-Notes.pdf
 

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Categories: Podcasts, Technology

How to merge data in R using R merge, dplyr, or data.table

Info World - Tue, 02/07/2023 - 15:52

R has a number of quick, elegant ways to join data frames by a common column. I’d like to show you three of them:

  • base R’s merge() function
  • dplyr’s join family of functions
  • data.table’s bracket syntax
Get and import the data

For this example I’ll use one of my favorite demo data sets—flight delay times from the U.S. Bureau of Transportation Statistics. If you want to follow along, head to http://bit.ly/USFlightDelays and download data for the time frame of your choice with the columns Flight Date, Reporting_Airline, Origin, Destination, and DepartureDelayMinutes. Also get the lookup table for Reporting_Airline.

To read this article in full, please click here

Categories: Technology

KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach

Krebs on Security - Tue, 02/07/2023 - 15:16

KrebsOnSecurity will likely have a decent amount of screen time in an upcoming Hulu documentary series about the 2015 megabreach at marital infidelity site Ashley Madison. While I can’t predict what the producers will do with the video interviews we shot, it’s fair to say the series will explore compelling new clues as to who may have been responsible for the attack.

The new docuseries produced by ABC News Studios and Wall to Wall Media is tentatively titled, “The Ashley Madison Affair,” and is slated for release on Hulu in late Spring 2023. Wall to Wall Media is part of the Warner Bros. International Television Production group.

“Featuring exclusive footage and untold firsthand interviews from those involved, the series will explore infidelity, morality, cyber-shaming and blackmail and tell the story of ordinary people with big secrets and a mystery that remains unsolved to this day,” reads a Jan. 12, 2023 scoop from The Wrap.

There are several other studios pursuing documentaries on the Ashley Madison breach, and it’s not hard to see why. On July 19, 2015, a hacker group calling itself The Impact Team leaked Ashley Madison internal company data, and announced it would leak all user data in a month unless Ashley Madison voluntarily shut down before then.

A month later, The Impact Team published more than 60 gigabytes of data, including user names, home addresses, search history, and credit card transaction records. The leak led to the public shaming and extortion of many Ashley Madison users, and to at least two suicides. It’s impossible to say how many users lost their jobs or marriages as a result of the breach.

I’m aware that there are multiple studios working on Ashley Madison documentaries because I broke the story of the breach in 2015, and all of those production houses approached me with essentially the same pitch: It would be a shame if your voice wasn’t included in our project.

What stood out about the inquiry from Wall to Wall was that their researchers had already gathered piles of clues about the breach that I’d never seen before.

I’d assumed that participating in their documentary would involve sitting for a few interviews about known historical facts related to the breach. But when Wall to Wall shared what they’d found, I was hooked, and spent several weeks investigating those leads further.

The result was a collaborative research effort revealing key aspects of the breach that have somehow escaped public notice over the years.

I won’t go into detail on what we discovered until the Hulu series is ready for release. Also, I am not privy to what they will produce with the interviews I gave. I can’t say that what we found untangles everything about the breach that was previously unknown, but it sure explains a lot.

Categories: Technology, Virus Info

Snowflake to acquire LeapYear to boost data clean room abilities

Info World - Tue, 02/07/2023 - 13:09

Cloud-based data warehouse company Snowflake on Tuesday announced its intent to acquire secure data-sharing software provider LeapYear Technologies in an effort to boost its data clean room capabilities.

What is a data clean room?

Data clean rooms are software frameworks that allow different organizations to collaborate on data analysis by allowing multiple parties to analyze data sets without disclosing the raw data to one another.

To read this article in full, please click here

Categories: Technology

Data is a stumbling block for most multicloud deployments

Info World - Tue, 02/07/2023 - 04:00

Data issues are not new: data integration, data security, data management, and defining single sources of truth. However, what is new is combining these issues with multicloud deployments. Many of these problems can be avoided with a bit of upfront planning and using common data architecture best practices that have been understood for years.

The core problem, as I see it, is enterprises attempting to lift and shift data to multicloud deployments without good forethought around the common problems that are likely to arise:

Forming data silos. The use of multiple cloud services can result in isolated data silos, making it difficult to integrate and manage data across multiple platforms. This should come as no surprise to anyone, but in many respects, multicloud has made data silos more numerous.

To read this article in full, please click here

Categories: Technology

C++ still shining in language popularity index

Info World - Tue, 02/07/2023 - 04:00

C++, already established as a rising star in the Tiobe programming language popularity index, continues to make great strides so far in 2023.

The language scored an increase of 5.93% this month over the same time last year, far ahead of all other languages, software quality services vendor Tiobe said. In January, C++ won the Tiobe Programming Language of the Year designation for 2022, awarded to the language experiencing the most growth in Tiobe’s index. C++ is favored for developing applications requiring capabilities of the C language but for large software systems, Tiobe said. The founder of C++, Bjarne Stroustrup, recently cited uses ranging from aerospace to artificial intelligence/machine learning to biomedicine.

To read this article in full, please click here

Categories: Technology

The role of the database in edge computing

Info World - Tue, 02/07/2023 - 04:00

The concept of edge computing is simple. It’s about bringing compute and storage capabilities to the edge, to be in close proximity to devices, applications, and users that generate and consume the data. Mirroring the rapid growth of 5G infrastructure, the demand for edge computing will continue to accelerate in the present era of hyperconnectivity.

Everywhere you look, the demand for low-latency experiences continues to rise, propelled by technologies including IoT, AI/ML, and AR/VR/MR. While reducing latency, bandwidth costs, and network resiliency are key drivers, another understated but equally important reason is adherence to data privacy and governance policies, which prohibit the transfer of sensitive data to central cloud servers for processing.

To read this article in full, please click here

Categories: Technology

IT career roadmap: Mobile app developer

Info World - Tue, 02/07/2023 - 04:00

Mobile devices play a large and growing role in nearly every aspect of our daily lives, so it’s not surprising there would be a growing need for mobile app developers.

Mobile app developers create applications for smartphones, tablets, and other mobile devices. This might include creating mobile versions of web or computer-based applications. It might also involve developing applications specifically as mobile-exclusive software.

The responsibilities of a mobile app developer vary based on the role, according to the career site Indeed.com. Common duties include meeting with senior employees or client representatives to discuss the desired features of an application under development; creating a project plan and budget for the coding, testing, and release of an application; writing and debugging code; developing and releasing patches; and updating existing mobile apps with new features and upgrades.

To read this article in full, please click here

Categories: Technology

Where the tech jobs are

Info World - Mon, 02/06/2023 - 04:00

Recently, tech has felt like career Chernobyl, with well over 200,000 people laid off over the past year. Amazon, Alphabet, Microsoft, Meta, etc. Every big tech company, and many smaller ones, seems determined to shed 5% to 10% of their employees because “growth rates [are] slow[ing] as enterprises of all sizes evaluate … ways to optimize their cloud spending in response to the tough macroeconomic conditions.” Thus spake Amazon CFO Brian Olsavsky on the company’s recent earnings call, and it’s a familiar refrain among tech executives these days.

To read this article in full, please click here

Categories: Technology

Oracle per-employee Java licensing could benefit rivals

Info World - Mon, 02/06/2023 - 04:00

Oracle’s controversial new Java pricing plan, based on the customer’s total number of employees, rather than the number of employees using the software, presents opportunities for Java rivals Eclipse Foundation and Azul, the companies said.

Eclipse immediately seized on the opportunity to pitch its alternative. “Stumbled across Oracle's latest Java price list,” tweeted Eclipse Executive Director Mike Milinkovich on January 27. “Wow, I had no idea that Java was so expensive! Fortunately, you can download the fully compatible, community supported, quality-certified, Temurin OpenJDK distribution for free!” 

To read this article in full, please click here

Categories: Technology

Why observability in dataops?

Info World - Mon, 02/06/2023 - 04:00

It’s 8 a.m., and a business leader is looking at a financial performance dashboard, questioning if the results are accurate. A few hours later, a customer logs in to your company’s portal and wonders why their orders aren’t showing the latest pricing information. In the afternoon, the head of digital marketing is frustrated because data feeds from their SaaS tools never made it into their customer data platform. The data scientists are also upset because they can’t retrain their machine learning models without the latest data sets loaded.

To read this article in full, please click here

Categories: Technology

The tech leader's guide to 2023

Info World - Mon, 02/06/2023 - 04:00

Recently, I had the opportunity to ask over a dozen leading technologists for their hopes, predictions, and guidance for the year 2023. This article distills the far-ranging conversation and wealth of insight that came back to me. The year ahead looks to be lean in financial investment, but long on innovation.

Doing more with less

Not surprisingly, economic conditions figure large for many in tech. The theme of doing more with less is prevalent, along with pushing for technology solutions to take up the slack.

Guillermo Rauch, CEO and founder of Vercel (see interview), says “With rising macroeconomic pressures, businesses will have to fight harder for every dollar while doing more with less. How will online businesses solve these challenges in a short time frame while keeping costs in mind? By equipping their developers with the right tools and turning to front-end performance optimization and personalization to deliver new creative experiences for their customers.”

To read this article in full, please click here

Categories: Technology

TWiT 913: Impractical Shorts - Netflix password sharing, big tech earnings, Twitter API, Jony Ive

This week in tech - Sun, 02/05/2023 - 19:01

Netflix password sharing, big tech earnings, Twitter API, Jony Ive

  • Cain's Jawbone by Edward Powys Mathers.
  • Safer Internet Day USA.
  • Netflix Reveals How Password Sharing Crackdown Will Be Enforced.
  • Alphabet Q4 Earnings Miss Estimates, YouTube Ad Revenue Down 8%.
  • Facebook's VR Division Lost $13.72 Billion In 2022.
  • Apple Sales Shrink as Pandemic Rally Ends for iPhone Maker, Other Tech Giants.
  • Apple Decides to Drop Role of Industrial Design Chief in Post-Jony Ive Era.
  • Jony Ive, designer of the iPhone and iPod, just designed a 'clown nose' for a British charity.
  • Tesla increases Model Y, cuts Model 3 prices in the U.S.
  • Twitter Is Killing Off The Fun Bots.
  • Elon Musk Found Not Liable in Trial Over Tweets Proposing to Take Tesla Private.
  • Amazon (AMZN) earnings Q4 2022.
  • Pig-butchering scam apps sneak into Apple's App Store and Google Play.
  • ChatGPT is about to get even better and Microsoft's Bing could win big.
  • Google testing ChatGPT-like chatbot 'Apprentice Bard' with employees.
  • CNET pushed reporters to be more favorable to advertisers, staffers say.
  • Paradigm shifts of yesteryear, today and tomorrow.
  •  Hogwarts Legacy releases this week for PS5 and Xbox Series X and S - but April for PS4 and XBO and June for Switch.
  • Phoebe Waller-Bridge Prepping 'Tomb Raider' TV Series for Amazon.

Host: Leo Laporte

Guests: Wil Harris, Denise Howell, and Larry Magid

Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

Sponsors:

Categories: Podcasts, Technology

Finland’s Most-Wanted Hacker Nabbed in France

Krebs on Security - Sun, 02/05/2023 - 09:14

Julius “Zeekill” Kivimäki, a 25-year-old Finnish man charged with extorting a local online psychotherapy practice and leaking therapy notes for more than 22,000 patients online, was arrested this week in France. A notorious hacker convicted of perpetrating tens of thousands of cybercrimes, Kivimäki had been in hiding since October 2022, when he failed to show up in court and Finland issued an international warrant for his arrest.

In late October 2022, Kivimäki was charged (and “arrested in absentia,” according to the Finns) with attempting to extort money from the Vastaamo Psychotherapy Center. In that breach, which occurred in October 2020, a hacker using the handle “Ransom Man” threatened to publish patient psychotherapy notes if Vastaamo did not pay a six-figure ransom demand.

Vastaamo refused, so Ransom Man shifted to extorting individual patients — sending them targeted emails threatening to publish their therapy notes unless paid a 500-euro ransom.

When Ransom Man found little success extorting patients directly, they uploaded to the dark web a large compressed file containing all of the stolen Vastaamo patient records.

But as documented by KrebsOnSecurity in November 2022, security experts soon discovered Ransom Man had mistakenly included an entire copy of their home folder, where investigators found many clues pointing to Kivimäki’s involvement. From that story:

“Among those who grabbed a copy of the database was Antti Kurittu, a team lead at Nixu Corporation and a former criminal investigator. In 2013, Kurittu worked on an investigation involving Kivimäki’s use of the Zbot botnet, among other activities Kivimäki engaged in as a member of the hacker group Hack the Planet (HTP).”

“It was a huge opsec [operational security] fail, because they had a lot of stuff in there — including the user’s private SSH folder, and a lot of known hosts that we could take a very good look at,” Kurittu told KrebsOnSecurity, declining to discuss specifics of the evidence investigators seized. “There were also other projects and databases.”

According to the French news site actu.fr, Kivimäki was arrested around 7 a.m. on Feb. 3, after authorities in Courbevoie responded to a domestic violence report. Kivimäki had been out earlier with a woman at a local nightclub, and later the two returned to her home but reportedly got into a heated argument.

Police responding to the scene were admitted by another woman — possibly a roommate — and found the man inside still sleeping off a long night. When they roused him and asked for identification, the 6′ 3″ blonde, green-eyed man presented an ID that stated he was of Romanian nationality.

The French police were doubtful. After consulting records on most-wanted criminals, they quickly identified the man as Kivimäki and took him into custody.

Kivimäki initially gained notoriety as a self-professed member of the Lizard Squad, a mainly low-skilled hacker group that specialized in DDoS attacks. But American and Finnish investigators say Kivimäki’s involvement in cybercrime dates back to at least 2008, when he was introduced to a founding member of what would soon become HTP.

Finnish police said Kivimäki also used the nicknames “Ryan”, “RyanC” and “Ryan Cleary” (Ryan Cleary was actually a member of a rival hacker group — LulzSec — who was sentenced to prison for hacking).

Kivimaki and other HTP members were involved in mass-compromising web servers using known vulnerabilities, and by 2012 Kivimäki’s alias Ryan Cleary was selling access to those servers in the form of a DDoS-for-hire service. Kivimäki was 15 years old at the time.

The DDoS-for-hire service allegedly operated by Kivimäki in 2012.

In 2013, investigators going through devices seized from Kivimäki found computer code that had been used to crack more than 60,000 web servers using a previously unknown vulnerability in Adobe’s ColdFusion software.

KrebsOnSecurity detailed the work of HTP in September 2013, after the group compromised servers inside data brokers LexisNexis, Kroll, and Dun & Bradstreet.

The group used the same ColdFusion flaws to break into the National White Collar Crime Center (NWC3), a non-profit that provides research and investigative support to the U.S. Federal Bureau of Investigation (FBI).

As KrebsOnSecurity reported at the time, this small ColdFusion botnet of data broker servers was being controlled by the same cybercriminals who’d assumed control over ssndob[.]ms, which operated one of the underground’s most reliable services for obtaining Social Security Number, dates of birth and credit file information on U.S. residents.

Multiple law enforcement sources told KrebsOnSecurity that Kivimäki was responsible for making an August 2014 bomb threat against former Sony Online Entertainment President John Smedley that grounded an American Airlines plane. That incident was widely reported to have started with a tweet from the Lizard Squad, but Smedley and others said it started with a call from Kivimäki.

Kivimäki also was involved in calling in multiple fake bomb threats and “swatting” incidents — reporting fake hostage situations at an address to prompt a heavily armed police response to that location.

Kivimäki’s apparent indifference to hiding his tracks drew the interest of Finnish and American cybercrime investigators, and soon Finnish prosecutors charged him with an array of cybercrime violations. At trial, prosecutors presented evidence showing he’d used stolen credit cards to buy luxury goods and shop vouchers, and participated in a money laundering scheme that he used to fund a trip to Mexico.

Kivimäki was ultimately convicted of orchestrating more than 50,000 cybercrimes. But largely because he was still a minor at the time (17) , he was given a 2-year suspended sentence and ordered to forfeit EUR 6,558.

As I wrote in 2015 following Kivimäki’s trial:

“The danger in such a decision is that it emboldens young malicious hackers by reinforcing the already popular notion that there are no consequences for cybercrimes committed by individuals under the age of 18.

Kivimäki is now crowing about the sentence; He’s changed the description on his Twitter profile to “Untouchable hacker god.” The Twitter account for the Lizard Squad tweeted the news of Kivimäki’s non-sentencing triumphantly: “All the people that said we would rot in prison don’t want to comprehend what we’ve been saying since the beginning, we have free passes.”

Something tells me Kivimäki won’t get off so easily this time, assuming he is successfully extradited back to Finland. A statement by the Finnish police says they are seeking Kivimäki’s extradition and that they expect the process to go smoothly.

Kivimäki could not be reached for comment. But he has been discussing his case on Reddit using his legal first name — Aleksanteri (he stopped using his middle name Julius when he moved abroad several years ago). In a post dated Jan. 31, 2022, Kivimäki responded to another Finnish-speaking Reddit user who said they were a fugitive from justice.

“Same thing,” Kivimäki replied. “Shall we start some kind of club? A support organization for wanted persons?”

Categories: Technology, Virus Info

Pages

Subscribe to Some Place in Ohio aggregator - Technology