Tech News

Two U.S. Senators, namely  Mark R. Warner (D-VA) and Deb Fischer (R-NE), introduced a bill yesterday, to ban large online platforms ( with over 100 million monthly active users) such as Facebook and Twitter from tricking its consumers into handing over their personal data. The bill, named, the Deceptive Experiences To Online Users Reduction (DETOUR) Act, bipartisan legislation is aimed at prohibiting these platforms from using deceptive user interfaces, called, “dark patterns”. https://twitter.com/MarkWarner/status/1115660831969153025 The term “dark patterns” refers to online interfaces on websites and apps that are specially designed to manipulate users into taking actions they wouldn’t otherwise take under normal circumstances. The design tactics for these patterns are inspired by extensive behavioral psychology research and misleads the users on social media platforms into agreeing to settings and providing data that are advantageous to the company. Forcing the users this way to give up their personal data (contacts, messages, web activity, location), these social media companies gain an unfair advantage over their competitors, which significantly benefits the company. According to Senator Fischer, a member of the Senate Commerce Committee, these dark patterns weaken the privacy policies that involve consent. “Misleading prompts to just click the ‘OK’ button can often transfer your contacts, messages, browsing activity, photos, or location information without you even realizing it. Our bipartisan legislation seeks to curb the use of these dishonest interfaces and increase trust online”.   https://twitter.com/MarkWarner/status/1115660838692642818 https://twitter.com/MarkWarner/status/1115660840575877120 Other examples of dark patterns include a sudden interruption amidst a task repeating until the user agrees to consent and the use of privacy settings that push users to ‘agree’ as the default option. Also, users looking out for more privacy-related options are required to follow a long process that involves clicking through multiple screens. Moreover, sometimes users are not even provided with the alternative option.   As per the DETOUR act: A professional standards body, registered with the Federal Trade Commission (FTC), needs to be created to focus on best practices surrounding user design for large online operators. This association would act as a self-regulatory body and provide updated guidance to the social media platforms.    Segmenting consumers for behavioral experiments is prohibited unless carried out with a consumer’s informed consent. This includes routine disclosures by large online operators (at least once every 90 days) on any behavioral experiments to the public. Also, as per the bill, large online operators would have an internal Independent Review Board to offer oversight on these practices and safeguard consumer welfare. User design intended for compulsive usage among children under the age of 13 years old is prohibited. FTC needs to come out with rules within one year of its enactment and perform tasks necessary surrounding informed consent, Independent Review Boards, and Professional Standards Bodies. Senator Warner has been raising concerns regarding the implications of dark patterns used by social media companies for several years. For instance, in 2014, Sen. Warner asked the FTC to probe into Facebook’s use of dark patterns in an experiment that involved nearly 700,000 users. The experiment focused on the emotional impact of manipulating information on Facebook’s News Feeds. “We support Senators Warner and Fischer in protecting people from exploitive and deceptive practices online. Their legislation helps to achieve that goal and we look forward to working with them”, said Fred Humphries, Corporate VP of U.S. Government Affairs at Microsoft in a press release sent to us. Apart from the DETOUR act,  Sen. Warner is planning to introduce further legislation that will be designed to further improve transparency, privacy, and accountability on social media. Public reaction to the news has been largely positive, with people supporting the senators and new bill: https://twitter.com/tristanharris/status/1115735945393782785 https://twitter.com/joenatoli/status/1115823934132445186 For more information, check out the official DETOUR act bill. US Senators introduce a bill to avoid misuse of facial recognition technology U.S. Senator introduces a bill that levies jail time and hefty fines for companies violating data breaches A brief list of drafts bills in US legislation for protecting consumer data privacy  

Just two days ago, Cloudflare, a U.S. based company that provides content delivery network services, DDoS (Denial of Service) mitigation, Internet security, etc, took a strong step towards transparency by releasing its transparency report for the second half of 2018. The company has been publishing biannual Transparency Reports since 2013. A post by Cloudflare reads, “We believe an essential part of earning the trust of our customers is being transparent about our features and services, what we do – and do not do – with our users’ data, and generally how we conduct ourselves in our engagement with third parties such as law enforcement authorities.” The company believes in allowing companies to silently warn customers when the government secretly tries to acquire customer data. The “warrant canaries” is named after the canary bird. Back then, coal miners used to take canaries to the mines. And if the canary bird died, they would get a signal (of bad happening). It has been referred to as a key transparency tool that can be used by privacy-focused companies for keeping their customers aware of the whereabouts with regards to data. Cloudflare’s current canaries Cloudflare has set forth certain ‘warrant canaries’ statements of things that they claim have never done as a company. According to Cloudflare, the company has never leaked their SSL keys or customers’ SSL keys to anyone. The company claims to never have installed any law enforcement software or equipment anywhere on their network. The report by the company also states that they have never terminated a customer or taken down content due to political pressure. The company further states that it has never provided customers’ content to any law enforcement organization. Cloudflare’s updated warrant canaries The company has never modified customer content at the request of law enforcement or another third party. Cloudflare has never modified the destination of DNS responses at the request of the third party or law enforcement. It has never compromised, weakened, or subverted any of its encryption at the request of law enforcement or another third party. Cloudflare has expanded its first canary and has confirmed that the company has never turned over our encryption or authentication keys or our customers’ encryption or authentication keys to anyone. Cloudflare said that if it were ever asked to do any of the above, the company would “exhaust all legal remedies” to protect customer data, and remove the statements from its site. Big companies like Apple also have worked in this direction. Apple had included a statement in its most recent transparency reports stating that the company has to date “not received any orders for bulk data.” Reddit had also removed its warrant canary in 2015, which indicated that it had received a national security order it wasn’t permitted to disclose. Currently, Cloudflare has just responded to seven subpoenas of the 19 requests, affecting 12 accounts and 309 domains. It has also responded to 44 court orders of the 55 requests, affecting 134 accounts and 19,265 domains. To know more about this news, check out Cloudflare’s official post. workers.dev will soon allow users to deploy their Cloudflare Workers to a subdomain of their choice Cloudflare’s 1.1.1.1 DNS service is now available as a mobile app for iOS and Android Cloudflare’s Workers enable containerless cloud computing powered by V8 Isolates and WebAssembly  

Devart has released a standard version of dbForge Studio for PostgreSQL with new enhancements. The dbForge Studio for PostgreSQL is a GUI tool for managing and developing databases and objects in PostgreSQL. Developers can use it for creating and executing queries and adjusting the code to their requirements. Now, the dbForge Studio for PostgreSQL is available in two editions. The free Express edition has basic functionality and the standard edition has advanced features. The Standard edition can be evaluated at no cost for 30 days. When this trial period expires, users can purchase a license to continue using the software or it will be limited to a free Express edition. The Standard edition includes the following exclusive features: Data import and export: Developers can now fill PostgreSQL databases with external source data and migrating data between systems. Master-Detail browser: Provides simultaneous data view in related tables. It is also convenient for quick data analysis and locating specific records and logical errors in the database. Data reports: PostgreSQL Report Builder with support for chart plotting converts your data into a good-looking report. Pivot table: Visual Pivot Table Designer, advanced filtering, visual data presented in a graph makes data easier to read, understand, and analyze. SQL snippets: Code snippets help to boost SQL code typing. Query Execution history: The Execution History window provides an easy and convenient way to view, search, edit executed queries. Execute Large script: Large scripts can be executed with help of handy Execute Script Wizard without opening them in the SQL editor and loading the whole script in memory. SQL document: Context prompt in the FROM list of the SELECT queries Full code completion support for the SELECT statement Connectivity: SSH connection Connectivity support for PostgreSQL 11.x, 10.x, 8.3, 8.3, 8.1, and elephantsql.com Other improvements: Digital signature for the installation file FIPS compliance Visit the devart blog for more information about dbForge Studio for PostgreSQL. PipelineDB 1.0.0, the high performance time-series aggregation for PostgreSQL, released! Citus Data to donate 1% of its equity to non-profit PostgreSQL organizations PostgreSQL 11 is here with improved partitioning performance, query parallelism, and JIT compilation

One of the most significant design considerations in ETL process development is the volume of data to be processed. Most ETL processes have time constraints that require them to complete their load operations within a given window, and the time required to process data will often dictate the design of the load. One of the more common mistakes I’ve seen... The post ETL Antipattern: Load Processes that Don’t Scale appeared first on Tim Mitchell. The post ETL Antipattern: Load Processes that Don’t Scale appeared first on SQLServerCentral.

Last week, Red Hat launched OperatorHub.io in collaboration with Microsoft, Google Cloud, and Amazon Web Services, as a “public registry” for finding services backed by the Kubernetes Operator. According to the RedHat blog, the Operator pattern automates infrastructure and application management tasks using Kubernetes as the automation engine. Developers have shown a growing interest in Operators owing to features like accessing automation advantages of public cloud, enable the portability of the services across Kubernetes environments, and much more. RedHat also comments that the number of Operators available has increased but it is challenging for developers and Kubernetes administrators to find available Operators that meet their quality standards. To solve this challenge, they have come up with OperatorHub.io. Features of OperatorHub.io OperatorHub.io is a common registry to “publish and find available Operators”. This is a curation of Operator-backed services for a base level of documentation. It also includes active communities or vendor-backing to show maintenance commitments, basic testing, and packaging for optimized life-cycle management on Kubernetes. The platform will enable the creation of more Operators as well as an improvement to existing Operators. This is a centralized repository that helps users and the community to organize around Operators. Operators can be successfully listed on OperatorHub.io only when then show cluster lifecycle features and packaging that can be maintained through the Operator Framework’s Operator Lifecycle Management, along with acceptable documentation for intended users. Operators that are currently listed in OperatorHub.io include Amazon Web Services Operator, Couchbase Autonomous Operator, CrunchyData’s PostgreSQL, MongoDB Enterprise Operator and many more. This news has been accepted by the Kubernetes community with much enthusiasm. https://twitter.com/mariusbogoevici/status/1101185896777281536 https://twitter.com/christopherhein/status/1101184265943834624 This is not the first time that RedHat has tried to build on the momentum for the Kubernetes Operators. According to TheNewStack, last year, the company acquired CoreOS last year and went on to release Operator Framework, an open source toolkit that “provides an SDK, lifecycle management, metering, and monitoring capabilities to support Operators”. RedHat shares what to expect from next week’s first-ever DNSSEC root key rollover Red Hat announces CodeReady Workspaces, the first Kubernetes-Native IDE for easy collaboration among developers RedHat shares what to expect from next week’s first-ever DNSSEC root key rollover  

Google will soon roll out a new feature on Google Maps that will let users, message business profiles in nearby locations. This will help them with the opportunity to ask questions while looking for things to do and places to go or shop. Last year Google enabled users in selected countries to message businesses from the Business Profiles on Google. On Wednesday, Aditya Tendulkar, Product Manager at Google Maps, wrote in a blog post, “You’ll see your messages with the businesses you connect with via ‘Business Profiles’ in the side menu, within the Google Maps app on both, Android as well as iOS devices.” https://lh6.googleusercontent.com/xo1gT3uII6iLenY3z8kh7_iv-FD3cnfTBmAYFm2mXksJQvpheSEti51Tonhf7I8xXJtAUwfuldDD7BoaDpMHdFUnLfmaF78thSzrqsp0bl45nILcCh-YGKy-JA32dKckq09wHJvV In order to accept messages from users, the local businesses will have to install the My Business App and enable messages. If one tries to reach out to a shop for some questions which the website isn’t answering, then one can simply message. It’s always easy to drop a message while traveling. Users just need to look for the “message” button on Business Profiles on Search and Maps to message. Also, users in countries worldwide would be able to chat with businesses for the very first time. The other advantage of My Business App is that it is a free tool. It will also help small business owners reach more people online and connect with their customers through Google. This will, in turn, help them in escalating the growth of their ventures. It could possibly work like the Facebook page where it is easy to message businesses. Integrating My Business app within Maps is better as there is no need for a separate messaging app. https://twitter.com/verge/status/1055489488858869761 Google’s messaging platforms haven’t really worked well in past. Hangouts and Allo are not much used by people. Also, the RCS Chat hasn’t launched in the US across all major carriers. It would be interesting to see the fate of My Business App. Read more about this new on Google’s official blog. Google’s Pixel camera app introduces Night Sight to help click clear pictures with HDR+ Google makes major inroads into healthcare tech by absorbing DeepMind Health Monday’s Google outage was a BGP route leak: traffic redirected through Nigeria, China, and Russia

Istio, an open-source platform that connects, manages and secures microservices announced its version 1.0. Istio provides service mesh for microservices from Google, IBM, Lyft, Red Hat, and other collaborators from the open-source community. What’s Istio? Popularly known as a service mesh, Istio collects logs, traces, and telemetry and then adds security and policy without embedding client libraries. Istio also acts as a platform which provides APIs that allows integration with systems for logging, telemetry, and policy. Istio also helps in measuring the actual traffic between services including requests per second, error rates, and latency. It also generates a dependency graph to know how services affect one another. Istio offers a helping hand to one’s DevOps team by providing them with tools to run distributed apps smoothly. Here’s a list of what Istio does for your team: Performs Canary rollouts for allowing the DevOps team to smoke-test any new build and ensure a good build performance. Offers fault-injection, retry logic and circuit breaking so that DevOps teams can perform more testing and change network behavior at runtime to keep applications up and running. Istio adds security. It can be used to layer mTLS on every call, adding encryption-in-flight with an ability to authorize every single call on one’s cluster and mesh. What’s new in Istio 1.0? Multi-cluster support for Kubernetes Multiple Kubernetes clusters can now be added to a single mesh, enabling cross-cluster communication and consistent policy enforcement. The multi-cluster support is now in beta. Networking APIs now in beta Networking APIs that enable fine-grained control over the flow of traffic through a mesh are now in Beta. Explicitly modeling ingress and egress concerns using Gateways allows operators to control the network topology and meet access security requirements at the edge. Mutual TLS can be easily rolled out incrementally without updating all clients Mutual TLS can now be rolled out incrementally without requiring all clients of a service to be updated. This is a critical feature that unblocks adoption in-place by existing production deployments. Istio’s mixer configuration has a support to develop out-of-process adapters Mixer now has support for developing out-of-process adapters. This will become the default way to extend Mixer over the coming releases and makes building adapters much simpler. Updated authorization policies Authorization policies which control access to services are now entirely evaluated locally in Envoy increasing their performance and reliability. Recommended Install method Helm chart installation is now the recommended install method offering rich customization options to adopt Istio on your terms. Istio 1.0 also includes performance improvement parameters such as continuous regression testing, large-scale environment simulation, and targeted fixes. Read more in detail about Istio 1.0 in its official release notes. 6 Ways to blow up your Microservices! How to build Dockers with microservices How to build and deploy Microservices using Payara Micro  

Yesterday, Bob Davis, Senior Product Manager at Red Hat announced that Clang/LLVM, Go, and Rust will now enter “Full Support Phase”. The support lifecycle is changed after the General Availability (GA) of Clang/LLVM 6.0, Go 1.10, and Rust 1.29. Previously, these languages and tools were in “Technology Preview” status. They were provided for users to test their functionality and provide feedback. This was during the development process and there was no full supported under the Red Hat Subscription Level Agreements. They were not guaranteed to be functionally complete and were not intended for live production use. GA means that these products have now officially entered a phase to receive full support. Their website states that: “During the Full Support Phase, qualified Critical and Important Security errata advisories (RHSAs) and Urgent and Selected High Priority Bug Fix errata advisories (RHBAs) may be released as they become available. Other errata advisories may be delivered as appropriate.” On availability, support for new hardware and some enhanced software functionality may also be provided at the sole discretion of Red Hat. These are generally in minor releases. The minor releases will focus only on resolving defects/bugs. New installation images of the minor releases will be provided during this full support phase. As these packages are evolving fast, the support lifecycle will also have short intervals. This means that there will be quarterly updates to Rust, and updates every 6 months to LLVM and Golang. The support for them will be different than the usual long-term support LTS approach. For LLVM, Rust, and Go only the most recent build will be maintained. If an older version has a bug, the most recent build will be updated to fix it. If a bug is present in the current build, it will be addressed in the next scheduled build. That will be the next schedules minor release. For more details, visit the Red Hat Blog. The LLVM project is ditching SVN for GitHub. The migration to Github has begun. Golang just celebrated its ninth anniversary Rust 1.30 releases with procedural macros and improvements to the module system

Yesterday, the Rust team announced the release of Rust 1.32 in a blog post. The new version of the Rust programming language brings improvements to the quality of life, switches to the default allocator, and makes more functions const. Addition of the dbg macro in Rust 1.32 If you are a “print debugger”, you must have wanted to print out some value while working on code. Using something like println!("{:?}", x); isn’t fast enough. It is also a bit too much just to simply show the value of x. Also, there is no context here, if there are several println! statements, it is hard to distinguish between them. Rust now has a new package called dbg specifically for this purpose: fn main() {    let x = 5;       dbg!(x); } On running the above code, you will get: [src/main.rs:4] x = 5 In the output, you will see the file, line number, name, and value. While println! prints to the standard output, the dbg! function prints to the stderr. dbg! even works in more complex circumstances like factorial, iterations, etc. jemalloc is removed in Rust 1.32 In Rust’s initial years, it had a large Erlang type runtime. The developers then chose jemalloc instead of the system allocator for better performance. Over time, most of this runtime was removed except jemalloc. jemalloc was kept for users who would still need it. While it has great performance in most cases, it was not always the case. It adds 300kb to every Rust binary and has other issues. The core developers also thought it was strange that a systems language does not default to the system allocator. Hence Rust 1.28 had shipped with a global allocator. The work for using a system allocator is now finished and it can be used for all Rust programs now. jemalloc can still be used if you want to, via a crate in the Cargo.toml. Module improvements The last two Rust releases had some performance improvements to the module system. Rust 1.32 comes with something called “uniform paths” which allows import path statements to be resolved the same way as non-import paths. This was previously invalid. Efforts to revise the system module is now complete and the following code will now work. enum Color { Red, Green, Blue } use Color::*; Macro improvements A new literal string matcher is added. It matches against literals of any type. This includes string literals, numeric literals, and char literals. In Rust 2018 edition, macro_rules can also use ? to match 0 or 1 repetitions of the pattern. Library changes Other than the dbg! library, 19 functions were made cont. Now, all integral numeric primitives give conversion functions to and from byte-arrays that have specified endianness. There are six functions named as: to_<endian>_bytes and from_<endian>_bytes, in which <endian> is one of the following: ne - native endianness le - little endian be - big endian Cargo now has cargo_c as an alias for cargo_check and now usernames in registry URLs are allowed. These were the highlights of the changes in Rust 1.32, for a complete list of changes and fixes, visit the release notes. How has Rust and WebAssembly evolved in 2018 Rust Survey 2018 key findings: 80% developers prefer Linux, WebAssembly growth doubles, and more Red Hat announces full support for Clang/LLVM, Go, and Rust

Google with the aims of re-entering the Chinese market, is in talks with the top companies in China like Tencent Holdings Ltd. (the company which owns the popular social media site, WeChat) and Inspur Group. Its aim is to expand their cloud services in the second-largest economy. According to some people who are familiar with the ongoing discussion, the talks began in early 2018 and Google was able to narrow down to three firms in late March. But because of the US - China trade war there is an uncertainty, whether this will materialize or not. Why is Google interested in cloud partnerships with Chinese tech giants? In many countries, Google rents computing power and storage over the internet and sells the G Suite, which includes Gmail, Docs, Drive, Calendar, and more tools for business. These run on their data centers. It wants to collaborate with the domestic data center and server providers in China to run internet-based services as China requires the digital information to be stored in the country. This is the reason why they need to partner with the local players. A tie-up with large Chinese tech firms, like Tencent and Inspur will also give Google powerful allies as it attempts a second innings in China after its earlier exit from the country in 2010. A cloud partnership with China will help them compete with their rivals like Amazon and Microsoft. With Tencent by their side, it will be able to go up against the local competitors including Alibaba Group Holding Ltd. How Google has been making inroads to China in the recent past In December, Google launched its AI China Center, the first such center in Asia, at the Google Developer Days event in Shanghai. In January Google agreed to a patent licensing deal with Tencent Holdings Ltd. This agreement came with an understanding that the two companies would team up on developing future technologies. Google could host services on Tencent’s data centers and the company could also promote its services to their customers. Reportedly, to expand its boundaries to China, Google has agreed upon launching a search engine which will comply with the Chinese cybersecurity regulations. A project code-named Dragonfly has been underway since spring of 2017, and accelerated after the meeting between its CEO Sundar Pichai and top Chinese government official in December 2017. It has  launched a WeChat mini program and reportedly developing an news app for China. It’s building a cloud data center region in Hong Kong this year. Joining the recently launched Mumbai, Sydney, and Singapore regions, as well as Taiwan and Tokyo, this will be the sixth GCP region in Asia Pacific. With no official announcements, we can only wait and see what happens in the future. But from the above examples, we can definitely conclude that Google is trying to expand its boundaries to China, and that too in full speed. To know more about this recent Google’s partnership with China in detail, you can refer to the full coverage on the Bloomberg’s report. Google to launch a censored search engine in China, codenamed Dragonfly Google Cloud Launches Blockchain Toolkit to help developers build apps easily

While everyone is busy playing songs and giving voice commands to Amazon Alexa, the amazing voice assistant developed by Amazon is utilized by the US space agency, NASA, to organize their data-centric tasks efficiently. Chief Technology and Innovation Officer at NASA,Tom Soderstrom, said “If you have Alexa-controlled Amazon Echo smart speaker at home, tell her to enable the 'NASA Mars' app. Once done, ask Alexa anything about the Red Planet and she will come back with all the right answers. This enables serverless computing where we don't need to build for scale but for real-life work cases and get the desired results in a much cheaper way. Remember that voice as a platform is poised to give 10 times faster results. It is kind of a virtual helpdesk. Alexa doesn't need to know where the data is stored or what the passwords are to access that data. She scans and quickly provides us what we need. The only challenge now is to figure out how to communicate better with digital assistants and chatbots to make voice a more powerful medium," emphasized Soderstrom. Serverless computing gives developers the flexibility of deploying and running applications and services without thinking about scale or server management. AWS is the market leader in providing fully-managed infrastructure services, helping organizations to focus more on product development. Alexa, for example, can help JPL (federally-funded research and development centre, managed for NASA) employees scan through 400,000 sub-contracts and get the requested copy of the contract from the data-set right on the desktop in a jiffy. JPL has also integrated conference rooms with Alexa and IoT sensors which helps them solve queries quickly. One of the JPL executives also stressed on the fact that AI is not going to take away the human jobs by saying “ AI will transform industries ranging from healthcare to retail and e-commerce and auto and transportation. Sectors that won't embrace AI will be left behind, Humans are 80 percent effective and machines are also 80 percent effective. When you bring them together, they're nearly 95 percent effective” Hence, voice controlled AI- powered digital assistants are here to stay empowering Digital Transformation. How to Add an intent to your Amazon Echo skills Microsoft commits $5 billion to IoT projects Building Voice technology on IoT projects

Last week, the team at Telegram, the messaging app, introduced new features for group admins and users. These features include Slow Mode switch, custom titles, features for videos, and much more. What’s new in Telegram? Admins get more authority to manage the group  Slow Mode switch The Slow Mode feature will allow the group admin to control how often a member could send a message in the group. Once the admin enables Slow Mode in a group, the users will be able to send one message per the interval they choose. Also, a timer will be shown to the users which would tell them how long they need to wait before sending their next message. This feature is introduced to make group conversations more orderly and also to raise the value of each individual message. The official post suggests admins to “Keep it (Slow Mode feature) on permanently, or toggle as necessary to throttle rush hour traffic.” Image Source: Telegram Custom titles Group owners will now be able to set custom titles for admins like ‘Meme Queen’, ‘Spam Hammer’ or ‘El Duderino’. These custom titles will be shown with the default admin labels. For adding a custom title, users need to edit admin's rights in Group Settings. Image Source: Telegram Silent messages Telegram has now planned to bring more peace of mind to its users by introducing a feature that allows its users to message friends without any sound. Users just have to hold the send button to have any message or media delivered. New feature for videos Videos shared on Telegram now show thumbnail previews as users scroll through the videos to help them find the moment they were looking for. If users add a timestamp like 0:45 to a video caption, it will be automatically highlighted as a link. Also, if a user taps on a timestamp the video will play from the right spot.  Comments widget The team has come up with a new tool called Comments.App for users to comment on channel posts. With the help of the comments widget, users can log in with just two taps and comment with text and photos, as well as like, dislike and further reply to comments from others. Few users are excited about this news and appreciate Telegram over Whatsapp because it provides by default end to end encryption. A user commented on HackerNews, “I really like Telegram. Only end-to-end encryption by default and in group chats would make it perfect.” To know more about this news, check out the official post by Telegram. Telegram faces massive DDoS attack; suspects link to the ongoing Hong Kong protests Hacker destroys Iranian cyber-espionage data; leaks source code of APT34’s hacking tools on Telegram Trick or a treat: Telegram announces its new ‘delete feature’ that deletes messages on both the ends

Announced last week is a major new feature for Power BI: you can now use DirectQuery to connect to Azure Analysis Services or Power BI Datasets and combine it with other DirectQuery datasets and/or imported datasets. This is a HUGE improvement that has the Power BI community buzzing! Think of it as the next generation of composite models. Note this requires the December version of Power BI Desktop, and you must go to Options -> Preview features and select “DirectQuery for Power BI datasets and Analysis Services”. You begin with a Power BI dataset that has been published to the Power BI service. In Power BI Desktop you connect to the dataset, where you can build a new model over the original one.  You can extend the original model by adding tables, columns, and measures, and you can also connect to other datasets and combine them into a single semantic model.  While doing this you do not lose any elements from the original model – measures and relationships continue to work. You do not have to worry about anything but the additional data you want to integrate. When the original model is refreshed, your local model also sees any updated information. You work as if you have a local copy of the model and full rights to modify and expand it, even though you are not duplicating any data already stored on the server. This feature is ideal for report authors who want to combine the data from their enterprise semantic model with other data they may own like an Excel spreadsheet, or who want to personalize or enrich the metadata from their enterprise semantic model. This seals the marriage between self-service and corporate BI. The main technology that makes this work is DirectQuery storage mode. DirectQuery will allow composite models to work with live connected sources and other data sources like Excel or SQL Server. Using DirectQuery for Power BI datasets and Azure Analysis Services requires that your report has a local model.  You can start from a live connection to an existing dataset and upgrade to a local model, or start with a DirectQuery connection or imported data, which will automatically create a local model in your report. Live connection is basically a connection to the remote model (the model is not inside of Power BI Desktop).  Converting the remote model to DirectQuery gives you a local model in Power BI Desktop.  So if you want to make changes to your live connection, you will first convert to a DirectQuery connection. If you don’t need to make changes to the remote model and just combine it with other models, you can keep the remote model as a live connection. Keep in mind that when you publish a report with a local model to the service, a dataset for that local model will be published a well.  This is the same behavior as when you publish a report with imported data to the service. When connecting to a remote model, the data for that model is kept in the cloud, and you can join it with another local model with it’s data to create new columns, new measures and new tables without ever moving the data from the remote model to your local PC. It’s an easy way to extend that remote model, which could be managed by IT and refreshed all the time. You are just responsible for managing and refreshing your local model and data. This is how you are combining the efforts of enterprise IT and end-users. With this new feature I can see many companies creating enterprise semantic models in Azure Analysis Services or in a premium instance of Power BI. These semantic models can have the entire business logic of your company using the huge amount of data from your data warehouse. Then users can use DirectQuery against those models and extend those models locally with their own calculations, without having to download any data from the semantic models to Power BI Desktop. This is definitely a game changer. This new feature allows you to do dataset chaining. Chaining allows you to publish a report and a dataset that is based on other Power BI datasets, which was previously not possible. Together, datasets and the datasets and models they are based on form a chain. For example, imagine your colleague publishes a Power BI dataset called Sales and Budget that is based on an Azure Analysis Services model called Sales, and combines it with an Excel sheet called Budget. If you create and publish a new report and dataset called Sales and Budget Europe that is based on the Sales and Budget Power BI dataset published by your colleague, making some further modifications or extensions, you are effectively adding a report and dataset to a chain of length three (the max supported), which started with the Sales Azure Analysis Services model and ends with your Sales and Budget Europe Power BI dataset: This opens a whole new world of possibilities. Before this feature was available, to modify a dataset you would have to get a copy of the pbix file with the dataset and make your own pbix copy, which would also include the data. Also, you were not able to chain models together or to combine datasets (i.e. making models of models). This is quite an improvement! Share your feedback on this new feature at this Power BI Community forum post. More info: New composite models in Power BI: A milestone in Business Intelligence Power BI Direct Query Composite Models = Amazing Composite Models Gen 2 and DirectQuery over Power BI Datasets Power BI Composite Models using Analysis Services -Direct Query Mode Composite models over Power BI datasets and Azure Analysis Services “Composite” arrived – CAUTION! Prologika Newsletter Winter 2020 The post DirectQuery for Power BI datasets and Azure Analysis Services (preview) first appeared on James Serra's Blog. The post DirectQuery for Power BI datasets and Azure Analysis Services (preview) appeared first on SQLServerCentral.

The cat is out of the bag. There is no secret in why Apple kept denying its interest in building self-driving cars – it wanted to keep it a secret. Just like the way it held a behind the scenes discussions with Tesla founder Elon Musk three years back. For all the hype around, Apple does have a permit from Californian authorities to test self-driving cars. And Tim Cook has been on record calling self-driving cars "the mother of all AI projects.” Whatever may have happened with the Project Titan, Apple seems to have shifted gears on the autonomous vehicles proposal, focusing more on the software side of the equation. Now the company is working on using a light-based technology to make it easier for self-driving cars to identify pedestrians and cyclists. In a new research paper published in academic repository Arxiv, Apple computer scientists Yin Zhou and Oncel Tuzel have discussed a new object detection method for self-driving systems based on LiDAR (Light Detection and Ranging) – a method to gauge distance by illuminating a target with a pulsed laser light, and measuring how long it takes to return. The research paper describes a method for using machine learning to translate the raw point cloud data gathered by LiDAR arrays into results that include detection of 3D objects, including bicycles and pedestrians, with no additional sensor data required. This new way to use LiDAR is what the Apple researchers call VoxelNet: an end-to-end trainable deep architecture for point cloud based 3D detection. A voxel is a point on a 3D grid. Accurate detection of objects in 3D point clouds has been a central problem in many applications. And most existing methods in LiDAR-based 3D detection rely on hand-crafted feature representations, for example, a bird’s eye view projection. But with VoxelNet, this manual feature bottleneck is removed. So how does VoxelNet detect small obstacles using the LiDAR sensing method? The researcher duo elaborated that Voxelnet “divides a point cloud into equally spaced 3D voxels and transforms a group of points within each voxel into a unified feature representation through the newly introduced voxel feature encoding (VFE) layer.” In this way, the point cloud is encoded as a descriptive volumetric representation, which is then connected to a RPN (region proposal network) to generate detections. But LiDAR comes with its own limitations. While it is great at figuring out the exact position of objects in 3D space, it does have a notoriously low resolution. Which is why firms have been using different methods to overcome LiDAR’s shortcomings – some even using regular cameras for object identification. Tesla does not even use LiDAR at all. In order to figure out exactly what the object is, vehicles must therefore also rely on other sensors and cameras. And that adds costs and processing bottlenecks. Apple’s research is still in early stages, and the company is contemplating putting its own software suite at the end of the LIDAR sensor itself (which it claims greatly increases its effectiveness). The ‘complete picture’ will hopefully be out in days to come. While the scientific part of the paper is interesting, the fact that Apple has come out with its first external publication on driverless vehicle projects has finally put things out of the closet. Arxiv is often used by researchers to get preliminary feedback before publishing in a final form, and Apple’s paper proves it can no longer go solo on the challenging research subject of AI and self-driving. The tech pioneer doesn’t want to take chances anymore after the earlier fiasco. After all, Apple is self-admittedly working on its “next big thing.” That could potentially disrupt the automobile industry like never before!

On Monday, 11th February, Wisconsin-based email provider, VFEmail, was attacked by an intruder who trashed all of the company’s primary and backup data in the United States. Initial signs of this attack were noticed on Monday, February 11, when users started shooting tweets on the company’s Twitter account stating that they were no longer receiving messages. According to Krebs on Security, “VFEmail tweeted that it had caught a hacker in the act of formatting one of the company’s mail servers in the Netherlands.” Another tweet followed this stating, “nl101 is up, but no incoming email. I fear all US-based data may be lost.” Following this, VFEmail’s founder, Rick Romero, tweeted yesterday, “Yes, @VFEmail is effectively gone. It will likely not return. I never thought anyone would care about my labor of love so much that they'd want to completely and thoroughly destroy it.” https://twitter.com/Havokmon/status/1095297448082317312 Another tweet on the VFEMail account said that the attacker formatted all disks on every server. VFEmail has lost every VM and all files hosted on the available servers. “NL was 100% hosted with a vastly smaller dataset. NL backups by the provider were intact, and service should be up there.” https://twitter.com/VFEmail/status/1095038701665746945 Romero has posted certain updates on the company’s website, one of which includes, “We have suffered catastrophic destruction at the hands of a hacker, last seen as aktv@94.155.49.9”. He also wrote, “ At this time I am unsure of the status of existing mail for US users. If you have your own email client, DO NOT TRY TO MAKE IT WORK. If you reconnect your client to your new mailbox, all your local mail will be lost.” John Senchak, a longtime VFEmail user from Florida, told Krebs on Security, that the attack completely deleted his entire inbox at the company--some 60,000 emails sent and received over more than a decade were lost. He also said, “It looked like the IP was a Bulgarian hosting company. So I’m assuming it was just a virtual machine they were using to launch the attack from. There definitely was something that somebody didn’t want found. Or, I really pissed someone off. That’s always possible.” The company has assured the users that they are working to recover the data as soon as possible. To know more about this news and stay updated, read VFEMail’s complete Twitter thread. Security researchers discloses vulnerabilities in TLS libraries and the downgrade attack on TLS 1.3 Remote Code Execution Flaw in APT Linux Package Manager allows man-in-the-middle attack Apple’s CEO, Tim Cook calls for new federal privacy law while attacking the ‘shadow economy’ in an interview with TIME