Tech News

After the announcement of Typescript 2.9 RC  back in May, Microsoft’s TypeScript team came out with the release candidate of TypeScript 3.0 last week, unveiling features such as project references, extracting and spreading parameter lists with tuples, a new unknown type and API breaking changes among others. Let’s discuss the highlights of TypeScript 3.0 RC release. Project Reference functionality It allows TypeScript projects to depend on other TypeScript projects. Once these dependencies have been specified in the tsconfig.json file, you can easily split your code into smaller projects. It also provides TypeScript (and tools around it) a way to understand build ordering and output structure. Extracting and spreading parameter lists using tuples This functionality helps with reducing the overloading amount for functions of varied parameter lengths. Also, there is no need to write different overloads to support functions with different number of parameters. TypeScript 3.0 allows to better model scenarios like these by allowing rest parameters to be generic, and concluding those generics as tuple types. This, in turn, demands for richer tuple types to model scenarios such as optional parameters at the end of a parameter list, a final parameter which can be a rest parameter along with empty parameter lists. A new ‘unknown’ type Apart from these features, the new unknown type feature can accommodate APIs that uses variable of any value but requires type checking. Support for the JSX defaultProps There is also support for the JSX defaultProps used in React. These defaultProps allow the developers to define default values for props during creation of a component, such as a source for an Image component. TypeScript 3.0 RC also supports a new type alias called LibraryManagedAttributes in the JSX namespace. LibraryManagedAttributes is just a helper type that tells TypeScript what attributes a JSX tag accepts. Using this general type helps model React's specific behavior for things such as defaultProps and propTypes. Apart from these features, there are API breaking changes API Breaking Changes The internal method LanguageService#getSourceFile is removed, after being deprecated for two years. The function TypeChecker#getSymbolDisplayBuilder and its associated interfaces are removed. The deprecated functions escapeIdentifier and unescapeIdentifier are removed. TypeScript 3.0 release is scheduled for sometime later this month. For more information on the latest TypeScript 3.0 RC release, check out the official Microsoft Blog. How to work with classes in Typescript How to install and configure TypeScript  

Yesterday, the first alpha of Python 3.8.0 was announced in a Python blog post. The most important change in this version is the addition of Assignment Expressions. This is the first alpha, three more are yet to be released. Keep in mind that the features are raw and not meant for production use. Some changes in Python 3.8.0 alpha 1: Security changes When spawning child processes, the command line option -I to run Python in isolated mode is now copied by the multiprocessing and distutils modules as well OpenSSL is updated to OpenSSL 1.1.0i for Windows builds The thread safety of error handling is fixed in _ssl A small fix to prevent buffer overrun in os.symlink for Windows Changes in core and builtins PEP 572: This introduces a new way which assigns values to variables in an expression by using the NAME := expr notation Parenthesis are made optional for named expressions in a while statement. Python initialization is reorganized to get exceptions and sys.stderr early. A small memory leak is fixed in pymain_parse_cmdline_impl. For unbalanced parentheses in f-string, the syntax messages are better. End line and end column position information are added to the Python AST nodes During the Python initialization, the Python filesystem encoding is read faster Library changes Shared memory submodule is added to multiprocessing in order to avoid serialization between processes The KeyError exception when using enums and compile is now fixed help() on metaclasses is fixed The raise(signum) is now exposed as raise_signal Building enums by value are now faster These were a select few changes in Python 3.8.0 alpha 1. For a complete list of changes, you may go through the changelog. Introducing RustPython, a Python 3 interpreter written in Rust EuroPython Society announces the ‘Guido van Rossum Core Developer Grant’ program to honor Python core developers pandas will drop support for Python 2 this month with pandas 0.24

Activist groups including Human Rights Watch and Amnesty International have spoken out against Apple and Google, for hosting a Saudi Government app, called Absher, that permits the Saudi men to control and decide where the women can travel. As per the complaints of rights groups, Absher promotes discrimination against women and is enforcing ‘gender apartheid’ in Saudi Arabia. This is why they want Apple and Google to consider ‘rehosting’ the app, reports INSIDER. “We call on these companies to assess the risk of human rights abuses and mitigate the harm that these apps may have on women. This is another example of how the Saudi Arabian government has produced tools to limit women's freedoms”, said Dana Ahmed, Saudi Arabia researcher for Amnesty International. Absher app is based on Saudi “guardian” law, according to which, every woman has a legal "guardian" to whom she remains legally dependent for many aspects of life, irrespective of her age, education level or marital status. This male guardian could be her father, uncle, husband, brother, or son, who offers his consent to a variety of basic needs of a woman such as education, clothing, work, money, travel, marriage, etc.                                                                                                                  Absher app (Google Play store) Absher comes with a set of features aimed to restrict women’s travel to specific airports and routes, making sure that in case the woman decides to flee from the country without permission, she can get instantly caught. This is because it comes with an automatic SMS feature that is sent to a woman’s ‘guardian’ for times she crosses borders or makes airport check-ins without permission. 1,000 women try to flee away from Saudi Arabia each year, and text alerts make it very difficult for these women to flee with most of them getting caught by their family members.   The SMS alerts were made compulsory in 2012, however, it received a heavy backlash by the Saudis on social media. This later led to the Saudi Government suspending the SMS alerts in 2014, however, the rights groups believe that the system is still in function. According to Amnesty International, the automated SMS alerts are “another example of how the Saudi Arabian government has produced tools to limit women's freedoms”. Men can also specify the destinations that the women are allowed to travel along with time period for the travel on Absher. Although there are other basic and harmless features in Absher that allows you to pay parking fines, or renew a driver's license, it is mostly used to keep a tight leash on Saudi women.                                                    Absher features What’s even more distressing is the fact that Absher app has been downloaded more than 1 million times on Android devices. Rothna Begum, Middle East researcher for Human Rights Watch told INSIDER, that “Apple and Google have rules against apps that facilitate threats and harassment. Apps like this one can facilitate human rights abuses, including discrimination against women." Apple and Google haven’t responded to the news yet. Public reaction to this news is largely negative with the majority of the people condemning the app and its widespread use in Saudi Arabia: https://twitter.com/Shadow0pz/status/1095030573976961024 https://twitter.com/MustacheofDeath/status/1095186423471210496 https://twitter.com/JuliaFelly/status/1094928811509104642 https://twitter.com/SanctionSaudi/status/1095016257928265729 Read the full story on INSIDER. An AI startup now wants to monitor your kids’ activities to help them grow 'securly' Babysitters now must pass Perdictim’s AI assessment to be “perfect” to get the job Twitter blocks Predictim, an online babysitter-rating service, for violating its user privacy policies; Facebook may soon follow suit

Apple has asked Facebook to take down its app, Onavo Protect from App Store as it violates Apple’s new rules on data collection. Onavo is an Israeli analytics company, which was founded in 2010 and then acquired by Facebook in 2013. Apple revised their data collection policies in May this year to prevent app developers from engaging in certain app data collection activities in the future. One of their spokesperson told CNBC: "We work hard to protect user privacy and data security throughout the Apple ecosystem. With the latest update to our guidelines, we made it explicitly clear that apps should not collect information about which other apps are installed on a user's device for the purposes of analytics or advertising/marketing and must make it clear what user data will be collected and how it will be used." What Onavo Protect does? Onavo Protect is a VPN and data manager, which provides security and data encryption.  It comes with functionalities like: Limiting apps from using data in the background Setting data alerts when apps use too much data A report on how much data is consumed by each app on your phone A VPN network that helps in keeping your personal info protected, Onavo in their app description have mentioned that they may collect your mobile data traffic to analyze your use of websites, apps, and data. They have further mentioned that, being a part of Facebook, they also use this info to gain insights in order to improve Facebook products and services. A Facebook spokesperson said,  "We've always been clear when people download Onavo about the information that is collected and how it is used. As a developer on Apple's platform we follow the rules they've put in place." Though, it is mentioned in the app’s description that the information will be used by Facebook, you have to scroll all the way to the bottom to see that disclosure; something not every new user may do. This story was first reported on the Wall Street Journal. Earlier, they had also reported that the app has helped Facebook by monitoring usage of competing apps like Snapchat. After this Facebook added the Stories feature in their Instagram app, which is similar to that of Snapchat. The VPN app is now removed from App Store but is currently available on Google Play Store for the Android device users. 16 year old hacked into Apple’s servers, accessed ‘extremely secure’ customer accounts for over a year undetected Apple joins the Thread Group, signaling its Smart Home ambitions with HomeKit, Siri and other IoT products ‘Think different’ makes Apple the world’s most valuable company, crossing $1 Trillion market cap

Our top priority at Packt has always been to meet the evolving needs of developers in the most practical way possible, while at the same time protecting the hard work of our authors. DRM-free content continues to be instrumental in making that happen, providing the flexibility and freedom that is essential for an efficient and enhanced learning experience. That’s why we’ve been DRM-free from the beginning – we’ll never put limits on the innovation of our users. Packt MD Dave Maclean Packt’s products have always been completely free of DRM. Right from our first book in 2004, when you buy and download a Packt eBook or video it’s yours to use as you like. We guarantee products bought from our site will be completely, totally, 100% free of any DRM. What is DRM? DRM is called Digital Rights Management by its defenders, and Digital Restrictions Management by its opponents. It is the imposing of technological restrictions on your digital media. In eBooks, it might mean restricting the number of times you can copy a pdf or the devices that you can read your content on. As the 'Defective by Design' campaign says, 'DRM creates a damaged good; it prevents you from doing what would be possible without it. This concentrates control over production and distribution of media, giving DRM peddlers the power to carry out massive digital book burnings and conduct large scale surveillance over people's media viewing habits.' Why are Packt products DRM free? We believe that developers should be free and flexible to access content they’ve paid for when they want, and how they want. Buy it once, and own it to read across multiple devices and multiple formats. That’s why we’re fundamentally opposed to DRM on Packt products. We know our customers want flexibility when they learn. They want to import an .epub to read in iBooks on the subway, access a high quality .pdf on their desktops, and have a .mobi for their Kindle to browse on the weekend. Day Against DRM Packt is a regular supporter of the Day Against DRM, a gathering of the global and internet community to show the world and media the need for a future free of DRM. This year is no exception. We’re showing our support with a discount sale. On July 9th, get 50% off every eBook and 80% off every Packt video. Every eBook and video you pick up will be yours to read and watch as you like - put it on any device, copy it as many times as you like. It's yours to own, forever.

Yesterday, at the ongoing IEEE’s International Solid-State Circuits Conference (ISSCC), Yann LeCun, Facebook AI Research director, presented a paper that touched upon the latest trends and the future of deep learning hardware. ISSCC is a five days event happening in San Francisco, where researchers present the current advances in solid-state circuits and systems-on-a-chip. LeCun in his presentation highlighted several AI trends company should consider in the coming years. Here are some of the highlights from his presentation: Machines should be given some “common sense” With the advancements in deep learning the computer understanding of images, audio, and texts has improved. This has allowed developers to build new applications such as information search and filtering, autonomous driving, real-time language translation, and virtual assistants. These advancements, however, are heavily dependent on supervised learning, which requires human-annotated data or reinforcement learning. LeCun believes that in the next decades, researchers should put their efforts into making machines learn just like humans, by mere observations and occasional actions or in short, by self-supervised manner. To do that, researchers need to find a way to put some level of “common sense” in machines. For this, we need deep learning architectures that are much larger than the one we have currently. LeCun, in his paper Deep Learning Hardware: Past, Present, and Future, wrote, “If self-supervised learning eventually allows machines to learn vast amounts of background knowledge about how the world works through observation, one may hypothesize that some form of machine common sense could emerge.” Empowering machines with human-like capabilities will allow them to make complex decisions. These machines could help in very critical issues like detecting hate speech and inappropriate content on Facebook, enabling virtual assistants to infer context like humans, and more. Ahead of the presentation, LeCun, in an interview with Business Insider said, "There are cases that are very obvious, and AI can be used to filter those out or at least flag for moderators to decide. But there are a large number of cases where something is hate speech but there's no easy way to detect this unless you have a broader context ... For that, the current AI tech is just not there yet." Machine learning chips that can fit everyday devices LeCun is hopeful that in future we will see computer chips that can fit in everyday devices such as vacuum cleaners and lawnmowers. With the machine learning chip incorporated, any device will be able to make smart decisions. For instance, a lawnmower will be able to recognize the difference between weeds and garden roses. Currently, we do have mobile devices with AI built in them to do things like recognizing a user’s face to unlock the device. In the coming years, more work will be put in to make mobile computing chips more sophisticated. LeCun also spoke about the need for hardware specifically designed for deep learning. The current hardware restricts developers to use batches of data in the learning and optimization phase of machine learning models. This will change in the coming years. “If you run a single image, you’re not going to be able to exploit all the computation that’s available to you in a GPU. You’re going to waste resources, basically, so batching forces you to think about certain ways of training neural nets,” he said. A new programming language for deep learning, which is more efficient than Python LeCun believes that deep learning now needs a new programming language which is much more efficient than Python. In an interview with VentureBeat, Yann LeCun said, “There are several projects at Google, Facebook, and other places to kind of design such a compiled language that can be efficient for deep learning, but it’s not clear at all that the community will follow, because people just want to use Python.” He believes that the imaginations of AI researchers and computer scientists tend to be tied to hardware and software tools available. “The kind of hardware that’s available has a big influence on the kind of research that people do, and so the direction of AI in the next decade or so is going to be greatly influenced by what hardware becomes available. It’s very humbling for computer scientists because we like to think in the abstract that we’re not bound by the limitation of our hardware, but in fact, we are.” To know about the other trends LeCun shared, check out the Facebook AI blog. Using deep learning methods to detect malware in Android Applications Researchers introduce a deep learning method that converts mono audio recordings into 3D sounds using video scenes Stanford researchers introduce DeepSolar, a deep learning framework that mapped every solar panel in the US

Last week, in a study published on JAMA Network Open, researchers revealed that machine learning algorithms trained with physical activity data collected from health tracking devices can be used to re-identify actual people. This study indicates that the current practices for anonymizing health information are not sufficient enough. Personal health and fitness data collected and stored by fitness wearable devices can be potentially sold to third parties, like employers, insurance providers, and other companies, without the users’ knowledge or consent. Also, health app makers might be able to link users name to their medical record and then sell this information to third-parties. Location information from activity trackers could be used to reveal sensitive military sites. Therefore, there is a need for a deidentification algorithm that aggregates the physical activity data of multiple individuals to ensure privacy for single individuals. For this study, the researchers analyzed the National Health and Nutrition Examination Survey (NHANES) 2003-2004 and 2005-2006 datasets. These datasets included recordings from physical activity monitors, during both a training run and an actual study mode, for 4,720 adults and 2,427 children. How does the reidentification procedure work? The machine learning model was constructed by building a separate multiclass classifier for each combination of demographic attributes. They used two different machine learning algorithms for multiclass classification, namely, linear support vector machine and random forests. The models were then tested by feeding in the demographic and physical activity data, but not the record numbers, from the testing data into the models to make predictions of record numbers. The accuracy of the models was calculated by counting how many predicted record numbers matched the actual record numbers in the testing data. The following block diagram depicts the steps of this procedure: Source: JAMA Network Open Results of this study The random forest algorithm was able to reidentify the demographic and physical activity data of 4478 adults (94.9%) and 2120 children (87.4%) in NHANES 2003-2004 and 4470 adults (93.8%) and 2172 children (85.5%) in NHANES 2005-2006. The linear SVM algorithm was able to reidentify the demographic and physical activity data of 4043 adults (85.6%) and 1695 children (69.8%) in NHANES 2003-2004 and 4041 adults (84.8%) and 1705 children (67.2%) in NHANES 2005-2006. How privacy risks can be reduced? Per the research paper, the privacy risks posed on individuals by sharing physical data can be reduced by sharing data not only in time but also across individuals of largely different demographics. This is particularly important for governmental organizations such as NHANES that publicly release large national health datasets. Also, currently we do not have strict regulations for organizations that collect and share these sensitive health data. Policymakers should develop regulations to minimize the sharing of activity by device manufacturers. You can go through the research paper for more details: Feasibility of Reidentifying Individuals in Large National Physical Activity Data Sets From Which Protected Health Information Has Been Removed With Use of Machine Learning. Researchers unveil a new algorithm that allows analyzing high-dimensional data sets more effectively, at NeurIPS conference Researchers develop new brain-computer interface that lets paralyzed patients use tablets Facebook AI researchers investigate how AI agents can develop their own conceptual shared language

On Tuesday, Netlify, a San Francisco based company announced that it has raised $30 million in a series B round of funding for a new platform named as ‘Application Delivery Network’ designed specifically to assist web developers in building newer applications. The funding was led by Kleiner Perkins’ Mamoon Hamid with Andreessen Horowitz and the founders of Slack, Yelp, GitHub and Figma participating. Founded in 2015, Netlify provides all-in-one workflow to build, deploy, and manage modern web projects. This new platform for the web, will enable all content and applications to be created directly on a global network, thus, bypassing the need to ever setup or manage servers. Vision behind the global ‘Application Delivery Network’ Netlify has assisted a lot of organizations to dump web servers with no requirement of infrastructure. It also replaced a need for CDN and thus a lot of servers. In order to implement the new architecture, Netlify provides developers with a git-centric workflow that supports APIs and microservices. Netlify’s Application Delivery Network removes the last dependency on origin infrastructure, allowing companies to host the entire application globally using APIs and microservices. Mathias Biilmann, Netlify Founder and CEO, said that more amount of devices brings additional complications. He further adds, “Customers have come to us with AWS environments that have dozens or even hundreds of them for a single application. Our goal is to remove the requirement for those servers completely. We’re not trying to make managing infrastructure easy. We want to make it totally unnecessary.” Investor’s take Talking about the investment in Netlify, Mamoon Hamid, Managing Member and General Partner at the venture capital firm Kleiner Perkins, said, “In a sense, they are completely rethinking how the modern web works. But the response to what they are doing has been overwhelming. Most of the top projects in this developer space have already migrated their sites: React, Vue, Gatsby, Docker, and Kubernetes are all Netlify powered. The early traction really shows they hit a nerve with the developer community.” To top it up as an icing on the cake, Chris Coyier, CSS expert and co-founder of Codepen says, “This is where the web is going. Netlify is just bringing it to us all a lot faster. With all the innovation in the space, this is an exciting time to be a developer.” What users say about Netlify In a discussion thread on Hacker News, users absolutely love how Netlify provides a helping hand to all the web developers in their day-to-day web application based tasks. Some of the features mentioned by users include: Netlify provides users with forms, lambdas and very easy testing by just pushing to another git branch It provides the ability to publish using a simple `git push` and does all the rest of the work including assets minification and bundling. Netlify connects to GitHub and rebuilds your site automatically when a change is made in the master branch. Users just have to connect their GitHub account with their UI. To know more about this news in detail, read Netlify’s official announcement. How to build a real-time data pipeline for web developers – Part 1 [Tutorial] How to build a real-time data pipeline for web developers – Part 2 [Tutorial] Google wants web developers to embrace AMP. Great news for users, more work for developers

Yesterday, Google announced the stable release of Android Studio 3.2 with a variety of new features and improvements. This version comes with 20+ features including Android App Bundle, Energy Profiler, and Android Emulator Snapshots. What’s new in Android Studio 3.2 Android App Bundle With Android App Bundle, the new app publishing format, you can deliver smaller APKs to your users and reduce the download size of your app. Once Google Play has your app bundle, it uses an app serving model named Dynamic Delivery. This serving model processes your app bundle to generate and serve optimized APKs for each user's device configuration. This eliminates your efforts of building, signing, and managing multiple APKs to support different devices, and users get smaller, more optimized downloads. Android Studio 3.2 provides you a CLI, using which you can easily build your code as an app bundle. Energy Profiler Battery life is one of the key concerns of users, so it is important to check the energy consumption done by your app. Energy Profiler helps you find where your app is using more energy than necessary. With the Energy Profiler, you can visualize the estimated energy usage of system components, plus inspect background events that may lead to battery drainage. To use it, ensure you are connected to an Android device or emulator running Android 8.0 Oreo (API 26) or higher. Slices support Slices are UI templates that can be used to display rich, dynamic, and interactive content from your app in the Google Search suggestions and Google Assistant. Built-in templates are available, to help you extend your app with the new Slice Provider APIs. You can also do lint checks to ensure that you're following best practices when constructing the Slices. To start constructing your Slices, right-click on your project folder, and navigate to New | Other | Slice Provider. Sample data You can now add sample data to a TextView, an ImageView, or a RecyclerView from within the Layout Editor. This will make it easier for you to visualize the look and feel of a layout while designing your app. ‘What's New’ assistant This newly added assistant panel automatically informs developers about the latest changes in the IDE. You can also open the panel by navigating to Help | What's New in Android Studio. AndroidX Refactoring Support You can now add the Android extension (AndroidX) libraries in a new project by adding the following line in your gradle.properties file: android.useAndroidX=true To help you migrate your project to the new namespace and dependencies, Android Studio 3.2 provides you a new built-in refactoring action. Also, the Android Studio build system will automatically convert any Maven dependencies that have not migrated to the AndroidX namespace. With Android Studio 3.2 and higher, you can quickly migrate an existing project to use AndroidX by selecting Refactor > Migrate to AndroidX from the menu bar. IntelliJ Platform and Kotlin update Android Studio 3.2 comes with IntelliJ 2018.1.6 platform release and  Kotlin 1.2.61. Many improvements to dataflow analysis, debugging, new inspections, have been added to this release of IntelliJ. Kotlin 1.2.61 provides support for the Kotlin-friendly Android 9 Pie SDK. Emulator Snapshots With the latest Android Emulator, you can create a snapshot of the current state of your emulator and boot up and switch into any snapshot in under 2 seconds. In Android Studio 3.2, Android Snapshots are even faster to save and load due to underlying speed enhancements. Using Android snapshots you can pre-configure an Android Virtual Device (AVD) with the presets, apps, data, and settings that you want in-place, and repeatedly go back to the same snapshot. Microsoft Hyper-V and AMD processor support Google has finally addressed this long-standing user request from the Android developer community. Now you can run the Android Emulator on Windows 10 computers that have Hyper-V enabled while Intel HAXM remains the default hypervisor. Support for AMD processor is added to provide developers hardware-accelerated performance. Screen Record in Android Emulator With the new screen recording feature in the Android Emulator, you can now perform screen and audio recording on any Android API and save this recording to a WebM or animated GIF file. You can enable this feature via the Android Emulator Extended Controls panel, command line, or from Android Studio. These were few of the features that they have added, and there are more to explore. You can find the full list at Android Developer Blog. Entry level phones to taste the Go edition of the Android 9.0 Pie version Did you know your idle Android device sends data to Google 10 times more often than an iOS device does to Apple? 6 common challenges faced by Android App developers

Marcus Hutchins, who authors the popular blog MalwareTech, and a British security researcher has pleaded guilty today to writing malware in the years prior to his prodigious career as a malware researcher. Marcus posted a statement on his website and on his Twitter feed too, "I regret these actions and accept full responsibility for my mistakes. Having grown up, I've since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks." https://twitter.com/MalwareTechBlog/status/1119322882578866176 Marcus was virtually unknown to most in the security community until May 2017 when the UK media revealed him as the “accidental hero” who inadvertently halted the global spread of WannaCry, a ransomware contagion that had taken the world by storm just days before. In August 2017, Hutchins was arrested by FBI agents in Las Vegas on suspicion of authoring and/or selling “Kronos,” a strain of malware designed to steal online banking credentials. Hutchins has been barred from leaving the United States since he was arrested. The plea agreement of Marcus is here. “Attachment A” on page 15 outlines the case against Hutchins and an alleged co-conspirator. It further reads that in between July 2012 and Sept. 2015, Hutchins helped create and sell Kronos and a related piece of malware called UPAS Kit. Many of Hutchins’ supporters and readers had trouble believing the charges against him, and in response KrebsOnSecurity published a detailed investigation into activities tied to his various online personas over the years. As per the report, the clues suggested Hutchins began developing and selling malware in his mid-teens — only to later develop a change of heart and earnestly endeavor to leave that part of his life squarely in the rearview mirror. Nevertheless, there were a number of indications that Hutchins’ alleged malware activity continued into his adulthood. Upto 10 years in prison According to court documents obtained by ZDNet, Hutchins pleaded guilty to two counts, and the government agreed to drop the other eight. He pleaded guilty to entering a conspiracy to create and distribute malware, and in aiding and abetting its distribution. For each count, Hutchins will face up to five years in prison, $250,000 in fines, and one year of supervised release. According to ZDNet, Marcus was charged for working with a co-conspirator identified as "Vinny," "VinnyK," and "Aurora123"-- to advertise and sell the two malware strains online. This started somewhere in between July 2012 and September 2015, even before Hutchins was recognized as a talented security researcher. Further ZDNet explains that creating malware is a form of protected speech in the United States, but selling and disseminating is another matter. Orin Kerr, the law professor of University of Southern California gives a detailed explanation in the 2017 dissection of the government’s charges on the Washington Post website. The charges on Marcus are likely to be tempered by federal sentencing guidelines, and may take into account the already served detention time. It still remains unclear when he will be sentenced. After the arrest, Hutchins was released on bail and has been living in Los Angeles awaiting trial. He started sharing his malware analysis skills with the information security (infosec) community when he was prohibited from working for his employer. Hutchins is considered as one of the most talented security researchers and this news comes a huge loss for the infosec community. https://twitter.com/JRoosen/status/1119342458809331713 Update on 26th July from ZDNet ZDNet on Friday reported that the US legal case against Marcus Hutchins who helped stop WannaCry ransomware outbreak comes to an end. He is sentenced in the US to time served and one year of supervised release. The UK-born malware analyst avoids prison time in a case that the judge described as having "too many positives on other side of ledger" -- referring to Hutchins' role in the WannaCry ransomware outbreak and his work as a malware analyst. Read the full story on ZDNet blog post. Understanding the cost of a cybersecurity attack: The losses organizations face A security researcher reveals his discovery on 800+ Million leaked Emails available online RSA Conference 2019 Highlights: Top 5 cybersecurity products announced

Microsoft kicked off its highly anticipated Microsoft Connect(); 2017 annual conference on the 14th of November. This three-day annual developer conference is targeted at improving the overall developer experience for building future-oriented apps. In the words of Mitra Azizirad, Corporate VP of Microsoft’s Cloud+Enterprise : “Whether you are creating cloud native-applications, targeting the edge of devices and Internet of Things, infusing your apps with AI, or just getting started, Connect(); 2017 will equip you with the tools and skills you need to build the apps of the future” Key highlights from the Microsoft Connect(); 2017 This year the conference is all about Microsoft forming new partnerships, creating better platforms, enhancing developer productivity, and developing AI enabled tools. A large number of announcements were made pertaining to these areas. New platforms and partnerships Microsoft announced new platforms and partnerships catering to their customers as well as the open source community. Microsoft Azure + DataBricks + Apache Spark = Azure Databricks Microsoft has partnered with Databricks to bring the unique benefits of Apache Spark analytics platform with Databricks in the enterprise cloud.  Termed as Azure Databricks, this analytics platform is optimized for Azure to help data scientists, data engineers, and business decision-makers with streamlined workflows and an interactive workspace. Microsoft joins MariaDB Foundation Microsoft has collaborated with MariaDB community to work closely with the MariaDB foundation. In addition to this, they have also launched a preview of Azure Database for MariaDB service. Developers using Azure Database for MariaDB can now build intelligent apps; Azure Database for PostgreSQL and MySQL already exist. Azure Cosmos DB with Apache® Cassandra API Microsoft has also launched native support for Apache Cassandra API in Azure Cosmos DB. This comes as an integration of Azure Cosmos’s multimodal database service with Cassandra SDKs and tools, without any app code changes. This means developers can now use Cassandra-as-a-service powered by Azure Cosmos DB. GitHub Partnership on GVFS Microsoft has also partnered with Github to manage their large-scale source code repositories. This is made possible through their Git Virtual File System (GVFS) project. Microsoft has built GVFS as an open-source extension to the Git version control system, making it easy to manage over 25 million user repositories. Productivity enhancement As with every year, a key focus area has been to enhance developer productivity, at an individual as well as at a team level. For this the following announcements were made: Azure DevOps Projects Microsoft announced their Azure DevOps project. This will allow developers to build an Azure application on any Azure service using a wide variety of tech stacks. It can also configure a full DevOps pipeline fueled by Visual Studio Team Services. Visual Studio App Center Microsoft has also announced the general availability of its Visual Studio App Center. This app development lifecycle solution helps developers automate, test, manage, distribute, and monitor the lifecycle of their iOS, Android, Windows and macOS apps in the cloud. Visual Studio Live Share Microsoft also unveiled a real-time collaboration tool for developer productivity enhancement. Termed as Visual Studio Live Share, it allows developers using Visual Studio or Visual Studio Code to collaboratively edit and debug their code in real time. It also allows sharing their projects with other developers. Visual Studio Connected Environment for Azure Container Service (AKS) Developers can now use a new connected environment on Microsoft. This would be offered by Azure Container Services(AKS). It would allow developers to easily edit and debug cloud-native applications working on Kubernetes. New Artificial Intelligence tools Artificial Intelligence is revolutionizing how humans interact with technology. With this in mind, Microsoft has announced new AI tools to bring machine learning and intelligence to its developer audience. Azure IoT Edge Microsoft has made available the preview of Azure IoT Edge, a service for building AI applications for the Edge.  Support for AI Toolkit for Azure IoT Edge, Azure Machine Learning, Azure Stream Analytics and Azure Functions is also provided.  Developers can easily build AI applications using Azure Machine Learning and then deploy and manage them on the Azure IoT Edge. Visual Studio Tools for AI Visual Studio Tools for AI is an extension of their Visual Studio IDE. It will allow developers to create, debug, and edit AI applications and scale them to the cloud. It also supports popular deep learning frameworks including Cognitive Toolkit (CNTK), TensorFlow, and Caffe. Key takeaways from the Microsoft Connect(); 2017 This is what we understand from the Microsoft Connect(); 2017 announcements: Microsoft sees partnerships as the key to success, and have partnered with prominent organizations and popular open source communities to help develop better products for their consumers and improve the overall developer experience by providing them easy to use tools and services. The AI wave is a next big hit for Microsoft, as the top players in the tech world (read Google, IBM, Amazon) have already adopted AI as the weapon of choice. Microsoft is catching up real fast, with the launch of their Visual Studio platform specific to AI application. This is a good move to stand head-to-head among the leaders. Edge computing is the next cutting-edge for Microsoft, as portrayed by their Azure IoT edge service. Bringing the developer community closer, by focusing on providing developers easier ways to collaborate and share their projects. The launch of their real-time collaboration tool, Visual Studio Live Share, and a new Connected environment are the next steps towards this goal. Further announcements are expected in the upcoming days. You can visit our website for further updates on upcoming announcements and detailed analysis. For live coverage, you can tune into Connect(); 2017 for more interesting stuff from Microsoft.

The strange mixture of panic and excitement around artificial intelligence only appears to grow as the world uncovers new and more novel ways of using it. These waves of innovation then only feed into continuing cycles of stories that have a habit of perpetuating misleading ideas about both the threats and opportunities it presents. It shouldn't be surprising, then, that there's a serious misunderstanding of what artificial intelligence really is and how it works - as Rowel Atienza told us last month, "we're still very far from robots taking over society." However, artist Holly Herndon (who, incidentally, is a researcher at Stanford) is getting listeners to think differently about artificial intelligence. On her latest album PROTO, which was released today, she's using it to augment and complement her music. Holly Herndon's AI agent, Spawn The special guest that makes PROTO remarkable is Spawn, an AI agent created by Herndon, her husband, and a software engineer. What makes Spawn particularly significant is that Herndon doesn't use it to replace or recreate something but instead as something that exists alongside human activity and creativity. How does Spawn work? Spawn was 'trained' on the music that Herndon and her band were writing for the album. In essence, then, this makes it quite different from the way in which AI is typically used, in that it was developed around a new dataset, not an existing one. When we use existing data sets - and especially when we use them uncritically, without any awareness of how they reproduce or hide certain biases - the AI develops around those very biases. However, when learning from the new 'data', which bears all the marks of Herndon's creative decision making, Spawn almost becomes a 'creative' AI agent. If you listen to the album, it's not always that easy to spot which parts are created by the artificial intelligence and which are made by human musicians. This combination of creative 'sources' means Herndon's album forces us to ask questions about how we use AI and how it interacts with our lives. It quite deliberately engages with the conversation around ethics in AI that has been taking place across the tech industry over the last year or so. https://open.spotify.com/album/3PkYFFSJTPxOhnSYBtyZsk?si=OgFCY5p4Tu2u2rK-3mFYjA "The advent of sampling raised many questions about the ethical use of material created by others," Herndon wrote in a statement published on Twitter at the end of 2018, "but the era of machine legible culture accelerates and abstracts that conversation." https://twitter.com/hollyherndon/status/1069978436851113985 What does Holly Herndon's album tell us about artificial intelligence? PROTO raises a number of really important questions about artificial intelligence. First and foremost, it suggests that artificial intelligence isn't a replacement for human intelligence. Spawn isn't used to take the jobs from any musicians, but rather extends what's sonically possible. It adds to their capabilities, giving it a new dimension. Furthermore, just as Herndon refuses to see artificial intelligence as something which can replicate human labor - or creativity - it also points out some of the very problems with this kind of understanding: the idea that AI can 'replicate' human intelligence at all. Instead, the album's merging of the human and the artificial is a way of exploring the weaknesses of artificial intelligence. This is a way of making AI more transparent. It opens up something that so seems seamless, and highlights the ways it doesn't quite work. It almost refracts rather than mimics the sound the human musicians make. As Herndon said in an interview with Jezebel publication The Muse, "the technology is impressive and it’s cool but it’s really early still. We really wanted to be honest about that and show its mistakes and show how kind of rough the technology is still because... it's more honest and more interesting, to allow it to have its own aesthetic." https://www.youtube.com/watch?v=r4sROgbaeOs Read next: Why an algorithm will never win a Pulitzer The human side of AI technology But the album does more than just present AI as a flawed tool that can complement human ingenuity. It also asks us about ownership and creativity. It uses the technology as a way of tackling human questions like "what does it mean to create something?" and "who's even allowed to create things?" This is important when we consider the fact that not only does someone control and own a given algorithm - as in literally owning the intellectual property - but also that someone owns and controls the swathes of data that are, at a really fundamental level, crucial to artificial intelligence being possible at all. "The history of music and our shared, human, intellectual project that leads up to today, is a shared resource that we all tap into and we all learn from," Herndon also said in the interview with Jezebel. "So if an individual can just scrape that and then claim so much of that as their own because they hold the keys to this AI, and then they can recreate it, of course it’s going to give people anxiety because there’s an ethical issue with that." Read next: Sex robots, artificial intelligence, and ethics: How desire shapes and is shaped by algorithms Instrumental and aesthetic artificial intelligence One of the main reasons artificial intelligence has become a buzzword is because it's a tool for industry. It has a commercial value; it can improve efficiency by allowing us to do more with less. The value of an album like PROTO - even if it's not the sort of thing you'd usually listen to - is that it removes artificial intelligence from a context in which it is instrumentalized, and puts it into one that's purely aesthetic. To make that clearer, it changes something we'd typically think about in a functional manner - is it working? is it doing what it's supposed to do? - to something in which it's very function is open to question. If Herndon's album is able to do that in even the smallest way, then that can only be a good thing, right? And even if it doesn't - at least it sounds good...

In January, San Francisco legislation proposed a ban on using facial recognition technology by the government. The ban is imposed on government agencies, including the city police and county sheriff’s department, but excludes the technology that unlocks the iPhone or cameras installed by businesses or individuals. Again this month, San Francisco Supervisor Aaron Peskin introduced the Stop Secret Surveillance Ordinance. And yesterday it has been reported that the Board of Supervisors voted in favor of the ban to use facial recognition by city agencies. https://twitter.com/UberFacts/status/1128454197324800000 https://twitter.com/SarahNEmerson/status/1128424297003868160 Northern California’s Matt Cagle and Brian Hofer, chair of Oakland’s Privacy Advisory Commission, came in support of this ordinance and wrote in an op-ed last week, “If unleashed, face surveillance would suppress civic engagement, compound discriminatory policing, and fundamentally change how we exist in public spaces.” https://twitter.com/Matt_Cagle/status/1128418575159418880 The proposal faced opposition from few, a local group named Stop Crime SF argued a ban might not be that fruitful when talking about property crime and might also impact in collecting and presenting evidence of crime. Though the vice president of Stop Crime SF, Joel Engardio, seems to be satisfied with the amended bill. In a statement to Wired, he says, “We agree with the concerns that people have about facial ID technology. The technology is bad and needs a lot of improvement.” This move definitely would impact the use of technology all over the world and might motivate other cities to adopt the same. Last month, the Oakland Privacy Advisory Commission released 2 key documents, an initiative to protect Oaklanders’ privacy namely, Proposed ban on facial recognition and City of Oakland Privacy Principles. Techies and developers of the facial recognition systems have been showing their concern in this regard and think that introducing strict rules and surveillance would be better than putting up a ban. Benji Hutchinson, vice president of federal operations for NEC, a major supplier of facial-recognition technology, says, “I think there’s a little bit too much fear and loathing in the land around facial-recognition technology.” In a statement to Wired, Daniel Castro, vice president of the Information Technology and Innovation Forum believes in calling for safeguards on the use of the technology rather than prohibitions. He also calls ban a “step backward for privacy,” as it will leave more people reviewing surveillance video. Though in the board meeting, Peskin said, “I want to be clear — this is not an anti-technology policy.”  He further clarified that the ordinance is also an accountability measure which would ensure safe and responsible use for surveillance tech. Update from ACLU on 21st May San Francisco's ban on using facial recognition technology by the government is now official. Yesterday, Matt Cagle tweeted that San Francisco has approved the ban by a vote of 10 to 1. https://twitter.com/Matt_Cagle/status/1130947088605298688 Amazon finally agrees to let shareholders vote on selling facial recognition software Oakland Privacy Advisory Commission lay out privacy principles for Oaklanders and propose ban on facial recognition China is using facial recognition tech to profile 11 million Uighurs Muslim minority: NYT report  

At Dockercon Europe 2018 held in Barcelona, Microsoft in collaboration with the Docker community announced Cloud Native Application Bundle (CNAB), which is an open-source, cloud-agnostic specification for packaging and running distributed applications. Cloud Native Application Bundle (CNAB) Cloud Native Application Bundle(CNAB) is the combined effort of Microsoft and the Docker community to provide a single all-in-one packaging format, which unifies management of multi-service, distributed applications across different toolchains. Docker is the first to implement CNAB for containerized applications. It plans to expand CNAB across the Docker platform to support new application development, deployment, and lifecycle management. CNAB allows users to define resources that can be deployed to any combination of runtime environments and tooling including Docker Engine, Kubernetes, Helm, automation tools and cloud services. Patrick Chanezon, technical staff at Docker Inc. writes, “Initially CNAB support will be released as part of our docker-app experimental tool for building, packaging and managing cloud-native applications. Docker lets you package CNAB bundles as Docker images, so you can distribute and share through Docker registry tools including Docker Hub and Docker Trusted Registry.” Docker also plans to enable organizations to deploy and manage CNAB-based applications in Docker Enterprise soon. Scott Johnston, Chief product officer at Docker, said, “this is not a Docker proprietary thing, this is not a Microsoft proprietary thing, it can take Compose files as inputs, it can take Helm charts as inputs, it can take Kubernetes YAML as inputs, it can take serverless artifacts as inputs.” According to Microsoft, they partnered with Docker to solve issues with ISV (Independent Software Vendor) and enterprises including: To be able to describe their application as a single artifact, even when it is composed of a variety of cloud technologies Wanting to provision their applications without having to master dozens of tools They needed to manage lifecycle (particularly installation, upgrade, and deletion) of their applications Added features that CNAB brings include: Manage discrete resources as a single logical unit that comprises an app. Use and define operational verbs for lifecycle management of an app Sign and digitally verify a bundle, even when the underlying technology doesn’t natively support it. Attest and digitally verify that the bundle has achieved that state to control how the bundle can be used. Enable the export of the bundle and all dependencies to reliably reproduce in another environment, including offline environments (IoT edge, air-gapped environments). Store bundles in repositories for remote installation. According to a user review on Hacker News thread, “The goal with CNAB is to be able to version your application with all of its components and then ship that as one logical unit making it reproducible. The package format is flexible enough to let you use the tooling that you're already using”. Another user said, “CNAB makes reproducibility possible by providing unified lifecycle management, packaging, and distribution. Of course, if bundle authors don't take care to work around problems with imperative logic, that's a risk.” To know more about Cloud Native Application Bundle(CNAB) in detail, visit Microsoft blog. Microsoft and Mastercard partner to build a universally-recognized digital identity Creating a Continuous Integration commit pipeline using Docker [Tutorial] Docker faces public outcry as Docker for Mac and Windows can be downloaded only via Docker Store login

In the US Senate select committee hearing Facebook COO, Sheryl Sandberg has put forward Facebook’s testimony to the US Senate select committee on Wednesday, 5th September 2018. Twitter and Google also have their side of testimonies to be offered in the hearing. Facebook has had a tumultuous couple of years centered around the misuse of its platform and abuse of its users’ data and privacy by advertisers, political entities and foreign bad actors.  The Cambridge Analytica scandal is just one example. Another is where Russians used Facebook to meddle with the 2016 US Presidential elections. Sheryl Sandberg in her testimony started with an apologizing statement, “We were too slow to spot this and too slow to act. That’s on us. This interference was completely unacceptable. It violated the values of our company and of the country we love.” She had also highlighted the efforts taken by Facebook to keep its community safe and the user services secure, which include: Using artificial intelligence to help find bad content and locate bad actors. Shutting down fake accounts and reducing the spread of false news. Set up new ad transparency policies, ad content restrictions, and documentation requirements for political ad buyers. Better anticipation of risks and working closely with law enforcement and its industry peers to share information and make progress together. Removed hundreds of Pages and accounts involved in coordinated inauthentic behavior— meaning they misled others about who they were and what they were doing. Sandberg further touched upon these highlights in detail and presented ways in which Facebook is looking forward to combat the issues. She said, “At its best, Facebook plays a positive role in our democratic process—and we know we have a responsibility to protect that process on our service. We’re investing for the long term because security is never a finished job. Our adversaries are determined, creative, and well-funded. But we are even more determined—and we will continue to fight back.” Facebook assesses past Russian attempts to influence elections Sheryl said that, before the election day in November 2016, Facebook committee detected and mitigated several threats from actors--such as the APT28 activity-- that had ties to Russia. They also recorded new behaviour such as the creation of fake IDs which were linked to a Facebook page named DCLeaks, which was later removed by them. Read more: DCLeaks and Guccifer 2.0: How hackers used social engineering to manipulate the 2016 U.S. elections Post the 2016 elections, Facebook found that the Internet Research Agency (IRA), a Russian entity located in St. Petersburg, Russia, had used coordinated networks of fake Pages and accounts to interfere in the election. Sheryl stated, “Around 470 fake Pages and accounts associated with the IRA spent approximately $100,000 on about 3,500 Facebook and Instagram ads between June 2015 and August 2017. Our analysis showed that these accounts used these ads to promote roughly 120 Facebook Pages that they had set up, which had posted more than 80,000 pieces of content between January 2015 and August 2017. We shut down the accounts and Pages we identified at the time that were still active. The Instagram accounts we deleted had posted about 120,000 pieces of content.” In April of this year, Facebook took down more than 270 additional Pages and accounts controlled by the IRA and it continues to monitor its service for abuse and share information with law enforcement and others in the industry about these threats. Facebook combats Foreign election interference AND also advances on Election Integrity Facebook has more than doubled the number of people working on safety and security and now have over 20,000 people. They review reports in over 50 languages, 24 hours a day. Use of better machine learning technology and artificial intelligence have also enabled highly proactive identification of abuses. Sheryl mentioned that Facebook focusses on removing Fake Accounts. She added, “One of the main ways we identify and stop foreign actors is by proactively detecting and removing fake accounts, since they’re the source of much of the interference we see.” Some important measures Facebook is taking are: Use of both automated and manual review to detect and deactivate fake accounts. These systems analyze distinctive account characteristics and prioritize signals that are more difficult for bad actors to disguise. It has blocked millions of attempts to register fake accounts every day. It has globally disabled 1.27 billion fake accounts from October 2017 to March 2018. By using technologies like machine learning, artificial intelligence, and computer vision, Facebook is proactively detecting more bad actors and take action more quickly. Read More: Four 2018 Facebook patents to battle fake news and improve news feed Tackling False News: Facebook has partnered with third-party fact-checking organizations to limit the spread of articles they rate as false, and it further disrupts the economic incentives for traffickers of misinformation. It has also invested in news literacy programs and work to inform people by providing more context on the stories it sees. Increasing Ad Transparency. Facebook has taken strong steps to prevent abuse and increase transparency in advertising. They ensure all politics and issue ads on Facebook and Instagram in the U.S. are clearly labeled with a “Paid for by” disclosure at the top of the ad so people can see who is paying for them. This is especially important when the Page name doesn’t match the name of the company or person funding the ad. Enforcing Compliance with Federal Law. Facebook’s compliance team maintains a Political Activities and Lobbying Policy that is available to all employees. This Policy is covered in its Code of Conduct training for all employees and includes guidelines to ensure compliance with the Federal Election Campaign Act. Suspicious Activity Reporting. Facebook has designed certain processes to identify inauthentic and suspicious activity. It also maintains a sanctions compliance program to screen advertisers, partners, vendors, and others using its payment products. Its payments subsidiaries file Suspicious Activity Reports on developers of certain apps and take other steps as appropriate, including denying such apps access to the facebook platform. Facebook defending against targeted hacking Sheryl Sandberg also highlighted how Facebook is strengthening its defenses against a broader set of threats. Some of the defenses include: Building AI systems to detect and stop attempts to send malicious content. Providing customizable security and privacy features, including two-factor authentication options and marketing to encourage people to adopt them. Sending notifications to individuals if they have been targeted by sophisticated attackers, with custom recommendations depending on the threat model. Sending proactive notifications to people who have not yet been targeted, but may be at risk based on the behavior of particular malicious actors. Deploying AI systems to monitor login patterns and detect the signs of a successful account takeover campaign. Facebook working with government entities, industry, and civil society Sheryl mentioned in her testimony, “We have worked successfully with the DOJ, the FBI, and other law enforcement agencies to address a wide variety of threats to our platform, and we are actively engaged with DHS and the FBI’s new Foreign Influence Task Force focused on election integrity.” Facebook has also partnered with cybersecurity firms such as FireEye, which informed it about a network of Pages and accounts originating from Iran that engaged in coordinated inauthentic behavior. Based on which, Facebook started an investigation and identified and removed additional accounts and Pages from the network. The FB security team regularly conducts internal reviews to monitor for state-sponsored threats that are not publicly disclosed, for security reasons. They monitor and assess thousands of account details, such as location information and connections to others on Facebook. Sheryl also added, “As part of official investigations, government officials sometimes request data about people who use Facebook. We have an easily accessible online portal and processes in place to handle these government requests, and we disclose account records in accordance with our terms of service and applicable law. We also have law enforcement response teams available around the clock to respond to emergency requests.” Facebook also participated in discussions with governments around the world at key events such as the Munich Security Conference and CyCon, which is organized by the NATO Cooperative Cyber Defense Centre of Excellence. Sheryl Sandberg concluded her testimony by saying that, the Facebook community is learning from what happened and is improving. She said, “When we find bad actors, we will block them. When we find content that violates our policies, we will take it down. And when our attackers use new techniques, we’ll share them to improve our collective defense. We are even more determined than our adversaries, and we will continue to fight back.” Here’s the link to Sheryl Sandberg’s complete testimony to the US Senate Committee. Facebook’s AI algorithm finds 20 Myanmar Military Officials guilty of spreading hate and misinformation, leads to their ban A new conservative employee group within Facebook to protest Facebook’s “intolerant” liberal policies Facebook Watch is now available worldwide challenging video-streaming rivals, YouTube, Twitch, and more