Tech News

Amidst the allegations surrounding Facebook on fake news, Facebook is now reportedly working on a scale to rate user trustworthiness. According to a report by Washington Post, the company is giving its users a trustworthiness score ranging from 0 to 1 depending on the reliability of their false news flagging. This is another of Facebook’s attempt to revamp its image after it got unfriended by Wall Street, complained on by HUD, and accused of discriminatory advertising. Previously, Facebook has made several patents to battle fake news and improve news feed, including patenting their news feed filter tool, most recently. How does the fake news scoring system work? If a user flags something as false news but fact checkers verify it as true, it could hurt their score and reduce future Facebook flagging. If users consistently report false news that’s indeed proven to be false, their score improves and Facebook will trust their future flagging more. The user-reported fakes are arranged on the basis of user trustworthiness to help make the best use of fact-checker time. The score is used to help the fact-checking team determine which posts to look at first. The idea behind this scoring is to eliminate people who have the habit of making false claims about news articles. This will also help thwart certain users who band together to flag a piece of content from a news publisher they disagree with.  Facebook says, "We developed a process to protect against people indiscriminately flagging news as fake and attempting to game the system. The reason we do this is to make sure that our fight against misinformation is as effective as possible.” Facebook’s News Feed product manager Tessa Lyons confirmed the scoring system exists and that it was developed sometime over the past year, Lyons said, “There’s currently no way to see your own or someone else’s trustworthiness score. And other signals are also used to compute the score.” Facebook is keeping shut about how the score is generated to prevent bad actors from unethically boosting their trustworthiness score. While it is good to distinguish genuine flagging from the rest to allow news moderators to focus on fact-checking better, what is still missing is an effective mechanism to minimize the reach of fake news in the early hours of post. This makes us wonder if Facebook or some other social media sites could be considering rating users based on their propensity for sharing/propagating fake news via shares and likes. The entire interview is available on Washington Post. Four 2018 Facebook patents to battle fake news and improve news feed. Facebook patents its news feed filter tool to provide more relevant news to its users. Facebook plans to use Bloomsbury AI to fight fake news.

A new research shared by Digital Content Next, reveals idle Android devices send 10 times more data than iOS devices. In a paper titled "Google Data Collection," by Douglas C. Schmidt, a computer science professor at Vanderbilt University. Schmidt in the research catalogues how much data Google is collecting about consumers and their most personal habits across all of its products and how that data is being tied together. More from Schmidt’s research findings: An idle Android phone with Chrome web browser active in the background communicated location information to Google 340 times during a 24-hour period. An equivalent experiment found that on an iOS device with Safari open but not Chrome, Google could not collect any appreciable data unless a user was interacting with the device. Additionally an idle Android phone with running Chrome sends back to Google nearly fifty times as many data requests per hour as an idle iPhone running Safari. Overall, an idle Android device was found to communicate with Google nearly 10 times more often than an Apple device communicates with Apple servers. Data transmission frequencies on an android device can potentially tie together data through passive means with the help of user’s personal information. For example, anonymous advertising identifiers collect activity data from apps and third-party web page visits of a user. Similarly Google can associate the cookie to a user's Google account when a user accesses a Google app in the same browser that a third-party web page was accessed. Source: Digital Content Next The research also showed Google to track location data even after the consumer turned off their settings. Google had clarified about its location policies but yet it continues to track location data through app features. The location data is used for ad targeting purposes, Google’s primary business model. While Apple uses differential privacy to gather anonymous usage insights from devices like iPhones, iPads, and Macs. Apple says the data it collects off-device is used to improve services like Siri suggestions, and to help identify problematic websites that use excessive power or too much memory in Safari. When users sets up their iOS device, it will explicitly asks users if they wish to provide usage information on an opt-in basis. If a user declines, no data is collected by the device unless they choose to opt in at a later time. Apple CEO, Tim Cook and Apple executives’ belief that customers are not the company's product seems to be clearly in action here. The company also has a dedicated privacy website that explains its approach to privacy and government data requests. Do you want to know what the future holds for privacy? It’s got Artificial Intelligence on both sides. Twitter’s trying to shed its skin to combat fake news and data scandals, says Jack Dorsey Mozilla’s new Firefox DNS security updates spark privacy hue and cry

JetBrains released ReSharper Ultimate 2018.2 with fixes for improved performance, and C# 7.3 support, integrated spellcheck. It also features JSLint, ESLint, and TSLint support along with navigation improvements. Performance improvements Around 30 performance fixes are made in different areas of ReSharper. They range from speeding up EditorConfig support to decreasing solution loading times. Visit the page dedicated to performance improvements for more details. C# 7.3 support ReSharper now fully supports C# 7.3 including all features from the latest. New inspections and appropriate quick-fixes are included to make compatible with C# 7.3. The features include Tuple equality, pattern-based fixed statement, indexing movable fixed buffers and others. JSLint, ESLint, and TSLint support These three static analysis tools have been integrated into JavaScript/TypeScript code analysis. This will provide additional inspections and appropriate quick-fixes. These linters help ensure readability in JavaScript and TypeScript code. Integrated spell checking with ReSpeller There is spell-checking functionality out of the box, enabled for most of the supported languages. By default, this spell checker comes with a built-in dictionary for English (US) but more languages can be downloaded. Blazor support added Blazor is experimental as of now, but initial support is added in ReSharper. For example, code completion includes all possible directives such as page (routing), inject (service injection), and function (component members). Navigation improvements A long-awaited feature is introduced for Search & Navigation options: ignored files can be specified by using a mask in under Search & Navigation in Environment. Files can be excluded from all search and navigation features based on a file extension or by folder. Some ReSharper features now take local functions into account, they include: File Structure, Containing Declaration, Next/Previous Members, and others. Formatter engine updated Comments that override formatter settings can now be generated automatically. Improvements are made to the formatting rules presentation which come from a StyleCop config file. Refactorings UI update Many ReSharper refactorings are moved to the new presentation framework. This will yield many benefits in the near future thanks to a unified control behavior for ReSharper and Rider. Visible UI changes are code completion under Change Signature and a better presentation for Extract Method. Other features Fix-in-scope quick-fixes now have more granular fixing scopes. The code style for Built-in Type has been improved. There’s a new option to execute BeforeBuild and AfterBuild targets for skipped projects in ReSharper Build.  A new inspection was also added to highlight misplaced text in XAML. For more details visit the JetBrains page. Visual Studio code July 2018 release, version 1.26 is out! Microsoft releases the Python Language Server in Visual Studio Visual Studio 2019: New features you should expect to see

Apache Struts 2 has been found with a bug in the core infrastructure of the software. The issue was found by the cybersecurity firm Semmle on April 10 and code patches were released on June 25. The Apache Software foundation is facing security vulnerability as the bug affects all the versions of Apache Struts 2. Researchers from Semmle, uncovered that the security flaw is caused by the insufficient validation of untrusted user data in the core Struts framework. As the bug, CVE-2018-11776, has been discovered in the Struts core, the team says there are multiple attack vectors, threat actors could use to exploit the vulnerability. If the alwaysSelectFullNamespace flag is set to true in the Struts configuration, which is automatically the case when the Struts Convention plugin is in use. Or if a user's Struts configuration file contains a tag that does not specify the optional namespace attribute or specifies a wildcard namespace, it is likely the build is vulnerable to attack. "This vulnerability affects commonly-used endpoints of Struts, which are likely to be exposed, opening up an attack vector to malicious hackers. On top of that, the weakness is related to the Struts OGNL language, which hackers are very familiar with, and are known to have been exploited in the past." says Man Yue Mo from the Semmle Security Research Team. The vulnerability will affect all versions of Apache Struts 2. Firms which use the popular open-source framework are urged to update their builds immediately. Users of Struts 2.3 are advised to upgrade to 2.3.35; users of Struts 2.5 need to upgrade to 2.5.17. As the latest releases only contain fixes for the vulnerability, Apache does not expect users to experience any backward compatibility issues. Semmle team mentioned, "Previous disclosures of similarly critical vulnerabilities have resulted in exploits being published within a day, putting critical infrastructure and customer data at risk. All applications that use Struts are potentially vulnerable, even when no additional plugins have been enabled." Git-bug: A new distributed bug tracker embedded in git How to Debug an application using Qt Creator Debugging Xamarin Application on Visual Studio [Tutorial]

Google Cloud announced the availability of their latest Second Generation runtime, PHP 7.2 on the App Engine standard environment, on Monday. This version is available in beta for users to build and deploy reliable applications with improved flexibility. PHP 7.2 is open and idiomatic as compared to other second Generation runtimes on App Engine standard such as Python 3.7 and Node.js 8. This means one can run popular frameworks such as Symfony, Laravel, and even WordPress on PHP 7.2. With PHP 7.2 on the App Engine standard environment, users can easily build and deploy an application, which can run reliably under heavy load and large amounts of data. The applications will run within its own secure, reliable environment. Thus, making it independent of the hardware, operating system, or the physical location of the server. Benefits of Google App Engine standard environment for PHP 7.2 Faster auto-scaling: Being on the Google App Engine standard environment allows running instances in seconds. This allows the app to handle sudden bursts in demand. Faster deployment times of about less than a minute for PHP apps; One can also scale apps down to zero instances if required. This makes it perfect for apps to operate at any scale. No restrictions in running code: As PHP 7.2 is a Second Generation runtime, one can run any code without restrictions. Existing PHP apps and open source libraries will run unmodified. Support for new languages: This is because PHP 7.2 need not custom-modify language runtimes to work with App Engine. Thus, support for new languages can be launched quickly. Supports Google Cloud client libraries: One can integrate Google Cloud services into their apps and run it on App Engine, Compute Engine, or any other platform. To know more about this news in detail and to get started with PHP 7.2 for App Engine visit Google Cloud blog. Common PHP Scenarios Oracle releases GraphPipe: An open source tool that standardizes machine learning model deployment Perform CRUD operations on MongoDB with PHP

With the growing cybersecurity threats, Microsoft took over six internet domains acting on a court order, and introduced AccountGuard for emails. Microsoft AccountGuard is a move extending their Defending Democracy Program which will be applicable to both organizational and personal email accounts. Microsoft’s Digital Crimes Unit (DCU) executed a court order to take over six internet domains created by a group known as Strontium, or alternatively Fancy Bear or APT28. The group is widely associated with the Russian government. The six internet domains, my-iri.org, hudsonorg-my-sharepoint.com, senate.group, adfs-senate.services, adfs-senate.email, office365-onedrive.com impersonated the real websites. Of late, there have been instances of foreign entities launching cyber strikes to disrupt elections. What is Microsoft AccountGuard? Microsoft AccountGuard will provide “state-of-the-art cybersecurity protection” without any additional cost. This applies to individuals, campaigns and related political institutions. Brad Smith, President at Microsoft stated: “To be clear, we currently have no evidence these domains were used in any successful attacks before the DCU transferred control of them, nor do we have evidence to indicate the identity of the ultimate targets of any planned attack involving these domains.” The technology is free of charge to candidates, campaigns and related political institutions using Office 365. Microsoft AccountGuard will provide these features: Cross-account threat detection and notification: Microsoft’s Threat Intelligence Center will enable them to detect and notify of attacks in a unified way on both organizational and personal emails. When threats are verified, Microsoft will provide personal and expedited recommendations to affected political campaigns and their staff to secure the concerned systems. The unified notification system will provide a comprehensive view of attacks against the campaign/organization. Security guidance and ongoing education: Microsoft will provide guidance to make officials’, political campaigns and eligible organizations to further secure their network and email systems. This includes multi-factor authentication, installing latest security update to control access of data. AccountGuard will also show updated briefings and training to address evolving cyber-attack trends. Early adopter opportunities: There will be preview releases of the new security features which are used in large corporate and government accounts. If you are eligible for Microsoft AccountGuard you can request an invitation to enroll. A quick look at Microsoft’s Defending Democracy Program The Defending Democracy Program is a global effort as Microsoft tries to scale its efforts and reach other democratic countries to protect their processes in the coming years. Microsoft has identified 2018 as a critical year for governments and tech companies to work together towards making elections more secure. The Defending Democracy Program consist of some steps that include: Protecting campaigns from hacks by better account monitoring and increasing response measures to attacks. Supporting proposals like the Honest Ads Act to increase online political advertising transparency. In addition, adopting self-regulatory measures across Microsoft platforms. Exploring technological solutions to protect and preserve the electoral processes. And also interact with federal, state, and local officials to identify and fix cyber threats. Defending against disinformation, propaganda and fake news by partnering with institutions and think tanks who are dedicated to counter such activities. Microsoft will focus on the U.S. midterm elections of November 2018. They are piloting new cross-industry protections; this will also be done in the 2020 U.S. presidential elections. Tom Burt, Corporate Vice President, Customer Security & Trust stated: “Expect to hear more from us on what we’re doing, both on our own and in partnership with governments and our industry colleagues, to put our cybersecurity expertise to work for the defense of democracy.” Visit the Microsoft Blog for more details on AccountGuard and the defending democracy program. Google introduces Cloud HSM beta hardware security module for crypto key security Top 5 cybersecurity trends you should be aware of in 2018 Microsoft Edge introduces Web Authentication for passwordless web security

5 years ago, Docker was the talk of the town because it made it possible to get a number of apps running on the same old servers and it also made packaging and shipping programs easy. But the same cannot be said about Docker now as the company is facing public disapproval on their decision to allow Docker for Mac and Windows only to be downloaded if one is logged into the Docker store. Their quest for  "improving the users experience" clearly is facing major roadblocks. Two years ago, every bug report and reasonable feature request was "hard" or "something you don't want" and would result in endless back and forth for the users. On 02 June 2016, new repository keys were pushed to the docker public repository. As a direct consequence, any run of “apt-get update” (or equivalent) on a system configured with the broken repo will fail with an error “Error https://apt.dockerproject.org/ Hash Sum mismatch.” The issue affected  ALL systems worldwide that were configured with the docker repository. All Debian and ubuntu versions, independent of OS and docker versions, faced the meltdown. It became impossible to run a system update or upgrade on an existing system. This 7 hours interplanetary outage because of Docker had little tech news coverage. All that was done was a few messages on a GitHub issue. You would have expected Docker to be a little bit more careful after the above controversy, but lo and behold! Here , comes yet another badly managed change implementation.. The current matter in question On June 20th 2018, github and reddit were abuzz with comments from confused Docker users on how they couldn’t download Docker for Mac or Windows without logging into the docker store. The following URLs were spotted with the problem: Install Docker for Mac and Install Docker for Windows To this, a docker spokesperson responded saying that the change was incorporated to improve the Docker for Mac and Windows experience for users moving forward. This led to string of accusations from dedicated docker users. Some of their complains included-  Source: github.com            Source: github.com    Source: github.com The issue is still ongoing and with no further statements released from the Docker team, users are left in the dark. Inspite of all the hullabaloo, why choose Docker? A report by Dzone indicates that Docker adoption by companies was up 30% in the last year. Its annual revenue is expected to increase by 4x, growing from $749 million in 2016 to more than $3.4 billion by 2021, representing a compound annual growth rate (CAGR) of 35 percent. So what is this company doing differently? It’s no secret that Docker containers are easy to deploy in a cloud. It can be incorporated into most DevOps applications, including Puppet, Chef, Vagrant, and Ansible, which are some of the major languages in configuration management. Specifically, for CI/CD Docker makes it achievable to set up local development environments that are exactly like a live server. It can run multiple development environments from the same host with unique software, operating systems, and configurations. It helps to test projects on new or different servers. Allows multiple users to work on the same project with the exact same settings, regardless of the local host environment. It ensures that applications that are running on containers are completely segregated and isolated from each other. Which means you get complete control over traffic flow and management. So, what’s the verdict? Most users accused Docker’s move as manipulative since they are literally asking people to login with their information to target them with ad campaigns and spam emails to make money. However, there were also some in support of this move. Source: github.com One reddit user said that while there is no direct solution to this issue, You can use https://github.com/moby/moby/releases as a workaround, or a proper package manager if you're on Linux. Hopefully, Docker takes this as a cue before releasing any more updates that could spark public outcry. It would be interesting to see how many companies still stick around and use Docker irrespective of the rollercoaster ride that the users are put through. You can find further  opinions on this matter at reddit.com. Docker isn’t going anywhere Zeit releases Serverless Docker in beta What’s new in Docker Enterprise Edition 2.0?  

Earlier this week, the Bank of England’s chief economist, Andy Haldane, gave a warning that the UK needs a skills revolution as up to 15 million jobs in Britain are at stake. This is apparently due to a “third machine age” where Artificial Intelligence is making a huge number of jobs that were previously the preserve of humans outdated. Haldane says that this potential "Fourth Industrial Revolution" could cause disruptions on a "much greater scale" than the damage experienced during the first three Industrial Revolutions. This is because the first three industrial revolutions were mainly about machines replacing humans doing manual tasks.  But, the fourth Industrial revolution will be different. As Haldane told the BBC Radio 4’s Today programme, “the 20th-century machines have substituted not just for manual human tasks, but cognitive ones too -- human skills machines could reproduce, at lower cost, has both widened and deepened”. With robots becoming more intelligent, there will be deeper degrees of hollowing-out of jobs in this revolution than in the past. The Bank of England has classified jobs into three categories –jobs with a high (greater than 66%), medium (33-66%) and low (less than 33%) chances of automation. Administrative, clerical and production jobs are at the highest risk of getting replaced by Robots. Whereas, jobs focussing on human interaction, face-to-face conversation, and negotiation are less likely to suffer. Probability of automation by occupation This “hollowing out” poses risk not only for low-paid jobs but will also affect the mid-level jobs. Meanwhile, the UK’s Artificial Intelligence Council Chair, Tabitha Goldstaub, mentioned that the “challenge will be ensuring that people are prepared for the cultural and economic shifts” with focus on creating "the new jobs of the future" in order to avoid mass replacement by robots. Haldane echoed Goldstaub’s sentiments and told the BBC that “we will need even greater numbers of new jobs to be created in the future if we are not to suffer this longer-term feature called technological unemployment”. Every cloud has a silver lining Although the automation of these tasks can lead to mass unemployment, Goldstaub is positive. She says “there are great opportunities ahead as well as significant challenges”. Challenge being bracing the UK workforce for the coming change. Whereas, the silver lining, according to Goldstaub is that “there is a hopeful view -- that a lot of these jobs (existing) are boring, mundane, unsafe, drudgery - there could be -- liberation from -- these jobs and a move towards a brighter world.” OpenAI builds reinforcement learning based system giving robots human like dexterity OpenAI Five bots beat a team of former pros at Dota 2 What if robots get you a job! Enter Helena, the first artificial intelligence recruiter  

Nvidia and the MIT Computer Science & Artificial Intelligence Laboratory (CSAIL) have open-sourced their video-to-video synthesis model. A generative adversarial learning framework is used as a method to generate high-resolution, photorealistic and temporally coherent results with various input format, including segmentation masks, sketches and poses. There has been less research into video to video synthesis compared to image to image translation. Video to video synthesis aims to solve the problem of low visual quality and incoherency of video results in existing image synthesis approach. The research group proposed a novel video-to-video synthesis approach capable of synthesizing 2K resolution videos of street scenes up to 30 seconds long. An extensive experimental validation was performed on various datasets by the authors and the model showed better results than existing approaches in quantitative and qualitative perspectives. When this method was extended to multimodal video synthesis with identical input data, it produced new visual properties with high resolution and coherency. Researchers suggested the model may be improved in the future by adding additional 3D cues such as depth maps to better synthesize turning cars. We can use object tracking to ensure an object maintains its colour and appearance throughout the video; and training with coarser semantic labels to solve issues in semantic manipulation. The Video-to-Video Synthesis paper is on arxiv, the team’s model and data can be found on the Github page. NVIDIA shows off GeForce RTX, real-time raytracing GPUs, as the holy grail of computer graphics to gamers Nvidia unveils a new Turing architecture: “The world’s first ray tracing GPU” Baidu announces ClariNet, a neural network for text-to-speech synthesis

Researchers at the University of California, Irvine presented Sugar (Secure GPU Acceleration), a new OS solution to enhance the security of GPU acceleration for web apps. Their research paper titled, Sugar: Secure GPU Acceleration in Web Browsers, is a collective effort of Zhihao Yao et al. Recently, GPU based graphics acceleration in web apps has become increasingly popular. WebGL is the key component which provides OpenGL--such as graphics for web apps and is currently used in 53% of the top-100 websites. However, several attack vendors have been demonstrated through WebGL making it vulnerable to security attacks. One such example is the Rowhammer attack which took place in May, this year. Although web browsers have patched the vulnerabilities and have added new runtime security checks, the systems are still vulnerable to zero-day vulnerability exploits, especially given the large size of the Trusted Computing Base of the graphics plane. Sugar OS uses a dedicated virtual graphics plane for a web app by leveraging modern GPU virtualization solutions. It enhances the system security since a virtual graphics plane is fully isolated from the rest of the system. Despite GPU virtualization overhead, Sugar achieves high performance. Unlike current systems, Sugar uses two underlying physical GPUs, when available, to co-render the User Interface (UI), One GPU, to provide virtual graphics planes for web apps The other one to provide the primary graphics plane for the rest of the system. Thus, this design not only provides strong security guarantees but also provides enhanced performance isolation. The two GPU designs in Sugar OS for secured web apps The researchers presented two different designs of Sugar in their paper; a single-GPU and a dual-GPU. In both these designs, web apps use the virtual graphics planes created by the virtualizable GPU. The main difference between the two is the primary graphics plane. Single-GPU Design target: They designed a Single-GPU Sugar for machines with a single virtualizable GPU. The main targets of this design are commodity desktops and laptops using Intel processors that incorporate a virtualizable integrated GPU (all Intel Core processors starting from the 4th generation, i.e., Haswell [99]). Primary Graphics plane, in this design, uses the same underlying virtualizable GPU but has exclusive access to the display connected to it. Dual-GPU Design target: The dual-GPU Sugar is designed for machines with two physical GPUs, one of which is virtualizable. The main targets for this design are high-end desktops and laptops that incorporate a second GPU in addition to the virtualizable integrated Intel GPU. Primary graphics plane, here, uses the other GPU, which is connected to the display. However, Dual-GPU Sugar provides better security than single-GPU Sugar, especially against Denial-of-Service attacks. Moreover, dual-GPU Sugar achieves better graphics performance isolation. The researchers demonstrated that Sugar reduces the Trusted Computing Base (TCB) exposed to web apps and thus eliminates various vulnerabilities already reported in the WebGL framework. They also showed that Sugar’s performance is high, providing similar user-visible performance with existing less secure systems. Read more about Sugar OS in detail in its research paper Introducing MapD Cloud, the first Analytics Platform with GPU Acceleration on Cloud A new WPA/WPA2 security attack in town: Wi-fi routers watch out! 5 examples of Artificial Intelligence in Web apps  

Google has rolled out a beta of its Cloud hardware security module aimed at hardware cryptographic key security. Cloud HSM allows better security for customers without them having to worry about operational overhead. Cloud HSM is a cloud-hosted hardware security module that allows customers to store encryption keys. Federal Information Processing Standard Publication (FIPS) 140-2 level 3 security is used in the Cloud HSM. FIPS is a U.S. government security standard for cryptographic modules under non-military use. This standard is certified to be used in financial and health-care institutions. It is a specialized hardware component designed to encrypt small data blocks contrary to larger blocks that are managed with Key Management Service (KMS). It is available now and is fully managed by Google, meaning all the patching, scaling, cluster management and upgrades will be done automatically with no downtime. The customer has full control of the Cloud HSM service via the Cloud KMS APIs. Il-Sung Lee, Product Manager at Google, stated: “And because the Cloud HSM service is tightly integrated with Cloud KMS, you can now protect your data in customer-managed encryption key-enabled services, such as BigQuery, Google Compute Engine, Google Cloud Storage and DataProc, with a hardware-protected key.” In addition to Cloud HSM, Google has also released betas for asymmetric key support for both Cloud KMS and Cloud HSM. Now users can create a variety of asymmetric keys for decryption or signing operations. This means that users can now store their keys used for PKI or code signing in a Google Cloud managed keystore. “Specifically, RSA 2048, RSA 3072, RSA 4096, EC P256, and EC P384 keys will be available for signing operations, while RSA 2048, RSA 3072, and RSA 4096 keys will also have the ability to decrypt blocks of data.” For more information visit the Google Cloud blog and for HSM pricing visit the Cloud HSM page. Google Cloud Next: Fei-Fei Li reveals new AI tools for developers Machine learning APIs for Google Cloud Platform Top 5 cloud security threats to look out for in 2018

Minecraft Server Java Edition has added a new (spigot) plugin which changes climate mechanics in the game. This plugin adds the concept of greenhouse gases (CO2) in the game world's atmosphere. According to a recent report, only 45 percent of Americans think that global warming will pose a serious threat in their lifetime, and just 43 percent say they worry about climate change. These figures are alarming because serious damages due to Global Warming are imminent. As such, games and other forms of entertainment services are a good approach to change these ideologies and make people aware of how serious the threat of Global warming is. Minecraft’s approach could not only spread awareness but also has the potential to develop personal accountability and healthy personal habits. What does the Minecraft plugin do? The Furnaces within the game emit CO2 when players smelt items. Every furnace burn causes a Contribution to emissions with an associated numerical value. The trees are designed to instantly absorb CO2 when they grow from a sapling. Every tree growth causes a Reduction from emissions with an associated numerical value. As CO2 levels rise, the global temperature of the game environment will also rise because of the Greenhouse Effect. The global temperature is a function of the net global carbon score. As the global temperature rises, the frequency and severity of negative climate damages increases. Players need to design a default model that doesn't quickly destroy worlds. Players are best off when they cooperate and agree to reduce their emissions. What are its features? Scoreboard and Economy Integration Carbon Scorecard, where each player can see their latest carbon footprint trends via command line. Custom Models, with configurable thresholds, probabilities, and distributions. Load data on startup, queue DB changes to be done asynchronously and at intervals, and empty queue on shutdown. How was the response? The new Minecraft plugin received mixed reviews. Some considered it a great idea for teaching in schools. “Global warming is such an abstract problem and if you can tie it to individual's behaviors inside a (small) simulated world, it can be a very powerful teaching tool.” Others were not as happy. People feel that Minecraft lacks the basic principle of conservation of matter and energy, which is where you start with ecology. As a hacker news user pointed out, “I wish there was a game which would get the physical foundations right so that the ecology could be put on as a topping. What I imagine is something like a Civilization, where each map cell would be like 1 km2 and you could define what industries would be in that cell (perhaps even design the content of each cell). Each cell would contain a little piece of civilization and/or nature. These cells would then exchange different materials with each other, according to conservation laws.” While there will always be room for improvement, we think Minecraft is setting the tone for what could become a movement within the gaming community to bring critical abstract ideas to players in a non-threatening and thought-provoking way. The gaming industry has always lead technological innovations that then further cascade to other industries. We are excited to see this new real-world dimension becoming a focus area for Minecraft. You can read more about the Minecraft Plugin on its Github repo. Building a portable Minecraft server for LAN parties in the park Minecraft: The Programmer’s Sandbox Minecraft Modding Experiences and Starter Advice

Earlier this month, the launch of Javalin 2.0 RC3 was announced. The team has now removed the “RC” tag and made Javalin 2.0.0 stable. Javalin is a web framework for Kotlin and Java, which is simple, lightweight, interoperable, and flexible. With ~5000 additions and ~5500 deletions reflecting in the gitlog, major changes have been introduced in this version. Most of the changes include the removal of abstraction layers and the completely rewritten implementation of WebSocket and test-suite. To summarize, here are few of the major changes: Additions ETag support and a method for auto-generating ETags Support for WebJars, client-side web libraries packaged into JAR (Java Archive) files. Javalin now has a pac4j implementation. It is an security library for Javalin web applications which supports authentication and authorization. RequestLogger interface ({ ctx, executionTime -> ...}) An option to return 405 instead of 404, listing available methods for the path A set of default responses, so you can throw BadRequestResponse() A CrudHandler to remove some boilerplate from creating standard CRUD APIs Improvements Improved support for Single Page Applications Improved exception handling for async requests You can now easily plug in your own mappers/rendering engines, as JSON and Template functionalities has been modularized. The ctx.render() function now contains all the Template functionality. Default value changes All requests run through an AccessManager now with the default implementation, NOOP URL matching is now case-insensitive by default. You can call app.enableCaseSensitiveUrls() if you want to disable it. Request-caching is now limited to 4kb Server now has a LowResourceMonitor attached To know more on the Javalin 2.0.0 updates head over to their official website. If you are planning to migrate from 1.x to 2.x, you can refer to the migration guide. Javalin 2.0 RC3 released with major updates! Kotlin 1.3 M1 arrives with coroutines, new experimental features like unsigned integer types Kotlin/Native 0.8 recently released with safer concurrent programming

Microsoft claims it has identified and stopped a number of Russian cyberattacks just last week. In a post published on Monday (August 20), Brad Smith wrote that "Microsoft’s Digital Crimes Unit (DCU) successfully executed a court order to disrupt and transfer control of six internet domains created by a group widely associated with the Russian government and known as Strontium." Not only are the attacks notable because of Strontium's links with the Russian government, but also because of the institutions these 'fake' domains were targeting. One of the domaisn is believed to mimic International Republican Institute, while another is supposedly an imitation of conservative think tank the Hudson Institute. CNN notes that "both think tanks have been critical of Russia." Smith also writes that "other domains appear to reference the U.S. Senate but are not specific to particular offices." Spearphishing explained The attackers are alleged to have used a technique known in cybersecurity as spearphishing. This is where an email or a website is disguised a a reliable and trustworthy source to scam users into handing over information. In this instance, cyberattackers could have been imitating Republican think tanks in order to get staff to hand over information. This isn't the first spearphishing attack that Microsoft claims it has intercepted. Brad Smith writes that 84 fake websites believed to be linked to Strontium have been transferred to Microsoft in the last 2 years. Microsoft has notified the Hudson Institute and the International Republican Institute about the attacks. "Microsoft will continue to work closely with them and other targeted organizations on countering cybersecurity threats to their systems. We’ve also been monitoring and addressing domain activity with Senate IT staff the past several months, following prior attacks we detected on the staffs of two current senators." Next steps: Microsoft is expanding its Defending Democracy Program Microsoft has also announced it will be expanding its Defending Democracy Program with a new initiative called Microsoft AccountGuard. This will "provide state-of-the-art cybersecurity protection at no extra cost to all candidates and campaign offices at the federal, state and local level, as well as think tanks and political organizations we now believe are under attack" (free if you're using Office 365). Read next Do you want to know what the future holds for privacy? It’s got Artificial Intelligence on both sides. A Twitter video shows how voting machines used in 18 states can be hacked in 2 mins Google, Microsoft, Twitter, and Facebook team up for Data Transfer Project

Can you guess what is common between, Bill Gates, Steve Jobs, Michael Dell, Larry Ellison? Yes they are very successful trendsetters in tech, some being co-founders and founders of top tech companies. But what else? They are also college dropouts. The point here I want to highlight is that real skills are more important than acquired college degrees. If you do not have a college degree, but have the skill set a company wants, you are in! In today’s economy it is important to have hands-on experience instead of being only book smart. Last week, the job searching website, Glassdoor compiled a list of Top companies that do not require a 4 year college degree as long as you have the skills required. The list includes some of the top tech companies as well such as Google, Apple, and IBM. Google has clearly mentioned on their web page: Source: Google If no degrees, then what? Now, you must be thinking that if these companies are not looking at your GPAs then how are they going to shortlist n number of applications coming their way. Remember the names I called out in the beginning? They have something more in common. They believed in self-learning, were passionate and innovative, and had clear goals. Sam Ladah, IBM’s head of talent organization, calls these type of jobs, “new-collar jobs.” He told the Marketplace in an interview that IBM consider the applicants based on their skills. This includes applicants who didn’t get a four-year degree but have proven their technical knowledge in other ways. Some have technical certifications, and others have enrolled in other skills programs. They have also been finding talents from coding bootcamps. A very good example of finding talent beyond traditional educational boundaries is Tanmay Bakshi, one of the youngest software programmers in the world. At the age of 11, he came across a documentary on the IBM Watson and how it played Jeopardy. He was immediately hooked to IBM Watson and AI and found inspiration to build his own first Watson app called “Ask Tanmay”. Later he was able to find a bug in the Document Conversion service by IBM and posted that on his Twitter. IBMers who were working on this service took a note of this and contacted Tanmay. Two of those initial contacts eventually became his mentors and assisted him in collaborating with IBM. Even if you have a degree in any other background but are keen on learning software development and bagging a job in top-tech companies, you can start anytime. Margaret Hamilton, the Director of the Software Engineer Division of the MIT Instrumentation Laboratory in 1960 and later the CEO of Hamilton Technologies, Inc, was actually a Mathematics graduate. Angela Taylor, who was working as an HR person in Google, with her hardwork and can-do attitude became a Google engineer. She fell in love with programming when she volunteered to fix a spreadsheet and learned Visual Basic for it. These were a few examples of the people who were able to challenge the current education system and became successful. Here is a great Medium post which could give you some amazing tips to further your career, if you are a coder but not an engineer. 1k+ Google employees frustrated with continued betrayal, protest against Censored Search engine project for China 16 year old hacked into Apple’s servers, accessed ‘extremely secure’ customer accounts for over a year undetected Facebook, Apple, Spotify pull Alex Jones content