Tech News

IBM has added yet another to achievement to its kitty by receiving a patent application grant for "Managing a Database Management System using a Blockchain Database." This patent was solely for the purpose of developing a database tampering detection system [DT-DS]. It’s no secret that IBM deals with huge amounts of data which are highly confidential and sensitive in nature due to the various services it provides its consumers. It is for this reason that the patent was filed on 22nd  December, 2017 (As per the records of U.S. Patent and Trademark Office (USPTO) ). What the Patent states The proposed system would detect data tampering of any kind stored in a central database. A partial copy of the same data is stored on the blockchain database. The patent states that, "Aspects of the disclosure include a method, system, and computer program product for managing a database management system (DBMS)," The patent further adds that, "A central database to include a set of central data may be structured with respect to the DBMS. A blockchain database which is linked with the central database may be constructed with respect to the DBMS. A set of blockchain data may be established in the blockchain database corresponding to the set of central data of the central database." The DBMS should receive an access request to enable the system to be accessed by the sender.  Once the DBMS receives the access request, both the central database and the blockchain database would be maintained simultaneously. This initiative on IBM’s part to leverage the blockchain technology depicts its growing interest in blockchains’ potentialities. The grassroots began with its contribution to  Fabric, a permission blockchain framework aimed at integration projects. IBM already offers IBM D2. This supports database management, operational database, data warehouse, data lake, and fast data. A step to append blockchain in existing systems would definitely assist IBM to resolve issues related to data inconsistencies and security loopholes. The internet is abuzz with the wonders of the blockchain technology and IBM seems to completely concur with the same. IBM has always trusted the blockchain to bring about a new generation of transactional applications that strengthen the trust, accountability, and transparency. We couldn’t agree more! Want to know more about the patent? Head over to cnn.com for a more in-depth coverage. Four IBM facial recognition patents in 2018, we found intriguing Four interesting Amazon patents in 2018 that use machine learning, AR, and robotics IBM’s DeepLocker: The Artificial Intelligence powered sneaky new breed of Malware

The July 2018 release of Visual Studio code 1.26 version is now available. This version includes new features for navigation, how to apply a quick fix to any problem, managing extensions and much more. What’s new in the Visual Studio code 1.26? Breadcrumbs The Visual studio editor now has a navigation bar above its contents called Breadcrumbs. It displays the current location and allows quick navigation between symbols and files. Breadcrumb navigation allows one to jump to symbols and files in their workspace. Quick Fixes from Problems panel Now one can apply Quick code fixes from the Problems panel while reviewing warning and errors. When a problem entry is hovered or selected, the respective Quick Fixes are shown via a light bulb indicator. Quick Fixes can be applied either by clicking on the light bulb or by opening the context menu for the problem entry. User setup on Windows The user setup package for Windows, announced in the previous release, is now available. This setup does not require Administrator privileges while installation. It also provides a smoother background update experience. Current users of the system-wide Windows setup will be prompted to switch to the user setup. New users will be directed towards using it by default via Visual Studio code Download page. Terminal column selection Column selection is now supported within the Integrated Terminal via Alt+click. Add all missing imports with a single quick fix The Add missing import Quick Fix can now be applied to all missing imports in a JavaScript/TypeScript file. This Quick Fix requires only a single action to add all missing imports in a JavaScript/TypeScript file. JSX tag completion Now one can work with JSX tags in JavaScript/TypeScript similar to that in HTML. The JSX tags are now closed automatically when you type ‘>’ in a JavaScript or TypeScript file. Auto closing of tags can be disabled by setting "javascript.autoClosingTags": false and "typescript.autoClosingTags": false. Better JS/TS error reporting The TypeScript team has done a lot of work to make JavaScript and TypeScript error messages smarter and clearer. Some error messages now include links to relevant locations in the source code. Improved extension search This release has added an IntelliSense autocompletion to the extension searchfield making it easier. This will help in refining extension searches to filter results based on things like category and install state; or sort results by name, rating, or install count. Extension Pack management Extension Pack management has been improved in this release. An Extension Pack is installed, uninstalled, enabled or disabled always as a single pack. One can now uninstall or disable an extension belonging to an Extension Pack without requiring to uninstall or disable the entire Extension Pack. One can easily manage Extension Packs as a single unit or by individual extension. There is also a new Extension Pack tab which displays which extensions are bundled in the Extension Pack. Preview: Settings editor This version includes a preview of GUI for editing settings. To try it out, one can go to Preferences: Open Settings (Preview) command. It contains rich settings description display, "Table of Contents" tracks scrolling, and much more. Read more about these features in detail on the Visual Studio Code July 2018 version 1.26 release notes. Microsoft releases the Python Language Server in Visual Studio Debugging Xamarin Application on Visual Studio [Tutorial] Visual Studio 2019: New features you should expect to see

The Siggraph 2018 Conference brought in the biggest announcements from Nvidia unveiling a new turing architecture and three new pro-oriented workstation graphics cards in its Quadro family. This is the greatest leap for Nvidia since the introduction of the CUDA GPU in 2006. The Turing architecture features new RT Cores to accelerate ray tracing and new Tensor Cores for AI inferencing to enable real-time ray tracing. The two engines along with more powerful compute for simulation and enhanced rasterization will usher in a new generation of hybrid rendering to address the $250 billion visual effects industry. Hybrid rendering enables cinematic-quality interactive experience, amazing new effects powered by neural networks and fluid interactivity on highly complex models. The company also unveiled its initial Turing-based products - the NVIDIA® Quadro® RTX™ 8000, Quadro RTX 6000 and Quadro RTX 5000 GPUs. They are expected to revolutionize the work of approximately 50 million designers and artists across multiple industries. At the Annual Siggraph conference, Jensen Huang, founder and CEO, Nvidia mentions, “Turing is NVIDIA’s most important innovation in computer graphics in more than a decade. Hybrid rendering will change the industry, opening up amazing possibilities that enhance our lives with more beautiful designs, richer entertainment and more interactive experiences. The arrival of real-time ray tracing is the Holy Grail of our industry.” Here’s the list of Turing architecture features in detail. Real-Time Ray Tracing Accelerated by RT Cores The Turing architecture is armed with dedicated ray-tracing processors called RT Cores. It will accelerate the computation similar to light and sound travel in 3D environments at up to 10 GigaRays a second. Turing will accelerate real-time ray tracing operations by up to 25x than that of the previous Pascal generation. GPU nodes can be used for final-frame rendering for film effects at more than 30x the speed of CPU nodes. AI Accelerated by powerful Tensor Cores The Turing architecture also features Tensor Cores, processors that accelerate deep learning training and inferencing, providing up to 500 trillion tensor operations a second. It will power AI-enhanced features for creating applications with new capabilities including DLAA (deep learning anti-aliasing). DLAA is a breakthrough in high-quality motion image generation for denoising, resolution scaling and video re-timing. These features are part of the NVIDIA NGX™ software development kit, a new deep learning-powered technology stack. It will enable developers to easily integrate accelerated, enhanced graphics, photo imaging and video processing into applications with pre-trained networks Faster Simulation and Rasterization with New Turing Streaming Multiprocessor A new streaming multiprocessor architecture is featured in the new Turing-based GPUs to add an integer execution unit, that will execute in parallel with the floating point datapath. A new unified cache architecture with double bandwidth of the previous generation is added too. As it is combined with new graphics technologies like variable rate shading, the Turing SM achieves unprecedented levels of performance per core. With up to 4,608 CUDA cores, Turing supports up to 16 trillion floating point operations in parallel with 16 trillion integer operations per second. Developers will be able to take advantage of NVIDIA’s CUDA 10, FleX and PhysX SDKs to create complex simulations, such as particles or fluid dynamics for scientific visualization, virtual environment and special effects. The new Turing architecture has already received support from companies like Adobe, Pixar, Siemens, Black Magic, Weta Digital, Epic Games and Autodesk. The new Quadro RTX is priced at $2,300 for a 16GB version and $6,300 for 24GB version. Double the memory to 48GB and Nvidia expects you to pay about $10,000 for the high-end card. For more information you may visit the Nvidia official blog page. IoT project: Design a Multi-Robot Cooperation model with Swarm Intelligence [Tutorial] Amazon Echo vs Google Home: Next-gen IoT war 5 DIY IoT projects you can build under $50

Yesterday, the Rust and Web Assembly community made two announcements. Firstly, it released the ‘wasm-bindgen’ 0.2.16 version and second, it published the first release of ‘wasm-bindgen-futures’. wasm-bindgen facilitates high-level communication between JavaScript and Rust compiled to WebAssembly. It allows one to speak in terms of Rust structs, JavaScript classes, strings, etc.,instead of only the integers and floats supported by WebAssembly’s raw calling convention. The wasm-bindgen is designed to support the upcoming “Host Bindings” proposal, which will eliminate the need for any kind of JavaScript shim functions between WebAssembly functions and native DOM functions. What’s new in wasm-bindgen 0.2.16 Added features Added the wasm_bindgen::JsCast trait, as described in RFC #2. Added support for receiving Option<&T> parameters from JavaScript in exported Rust functions and methods and for receiving Option<u32> and other option-wrapped scalars. Added reference documentation to the guide for every #[wasm_bindgen] attribute and how it affects the generated bindings. Changes in this version 0.2.16 Restructured the guide's documentation on passing JS closures to Rust, and Rust closures to JS. Also improved  the guide's documentation on using serde to serialize complex data to JsValue and deserialize JsValues back into complex data. Static methods are now always bound to their JS class, as is required for Promise's static methods. The newly released wasm-bindgen-futures The wasm-bindgen-futures is a crate that bridges the gap between a Rust Future and a JavaScript Promise. It provides two conversions: From a JavaScript Promise into a Rust Future. From a Rust Future into a JavaScript Promise. The two main interfaces in this crate are: JsFuture The JsFuture is constructed with a Promise and can then be used as a Future<Item = JsValue, Error = JsValue>. This Rust future will resolve or reject with the value coming out of the Promise Future_to_promise Future_to_promise interface converts a Rust Future<Item = JsValue, Error = JsValue> into a JavaScript Promise. The future's result will translate to either a rejected or resolved Promise in JavaScript. These two items provide enough of a bridge to interoperate the two systems and make sure that Rust/JavaScript can work together with asynchronous and I/O work. To know more about wasm-bindgen version 0.2.16 and wasm-bindgen-futures visit its GitHub page. Warp: Rust’s new web framework for implementing WAI (Web Application Interface) Rust 1.28 is here with global allocators, nonZero types and more Say hello to Sequoia: a new Rust based OpenPGP library to secure your apps

Packt has teamed up with Humble Bundle once again to bring readers an incredible range of content - while also supporting some incredible causes. This month Packt has put together a selection of its best big data eBooks, videos and courses for Humble Bundle fans. Featuring DRM-free content worth $1479 in total, you can pick it all up for a minimum of $15. With Humble Bundle and Packt supporting Mental Health Foundation and Charity: Water, it's a good opportunity to not only pick up stellar selection of content to learn and master the software behind modern big data, but also to help organizations doing really important work. You can find the offer on Humble Bundle here. The offer ends August 27 2018. Which big data eBooks and videos feature in this month's Humble Bundle? You can rest assured that Packt has provided Humble Bundle with some of its most popular big data eBooks and videos. Covering everything from big data architecture to analytics and data science, you could make a big investment in your skill set, for the price of lunch. Here's what you get... Pay at least $1 and you'll get... Mastering Apache Spark 2.x, Second Edition Splunk Essentials, Second Edition MongoDB Cookbook, Second Edition Getting Started with Hadoop 2.x [Video] Learning ElasticSearch 5.0 [Video] Three months of Mapt Pro for $30 Or pay $8 and get all of the above as well as... Modern Big Data Processing with Hadoop Apache Hive Essentials, Second Edition Learning Elastic Stack 6.0 Learning Hadoop 2 Apache Spark with Scala [Video] Working with Big Data in Python [Video] Statistics for Data Science Python Data Analysis, Second Edition Learning R for Data Visualization [Video] Or pay $15 and get everything above as well as... Big Data Analytics with Hadoop 3 Mastering MongoDB 3.x Artificial Intelligence for Big Data Big Data Architect's Handbook Hadoop Real-World Solutions Cookbook, Second Edition Build scalable applications with Apache Kafka [Video] Learning Apache Cassandra [Video] Data Science Algorithms in a Week Python Data Science Essentials, Second Edition Mastering Tableau 10

Vitalik Buterin, co-founder of blockchain platform Ethereum, posted a paper on a new kind of consensus algorithm last week. This algorithm requires only 1% of the nodes to be honest for the network to be secure. This results in 99% fault tolerance, increasing the security greatly. How can Ethereum achieve 99% fault tolerance? The new consensus algorithm introduces a new kind of validator nodes—“independent observer nodes”. These observer nodes observe the chain in real-time to filter any inconsistencies in the network. This original idea was published in 1982 by Turing award winning computer scientist, Leslie Lamport. The new algorithm to be implemented in Ethereum is Vitalik’s attempt to reformulate Leslie’s algorithm in a simplified form. The new algorithm adds one’s own signature as a bump on the timeout of a message. This ability guarantees that an honest node saw the message on time. This can ensure that every other node sees the message on time as well. The definition of on time increments more than the network latency with every added signature. On implementation, the algorithm will render 51% attacks useless. What are the benefits? Ethereum developer, Conrad Barski states that there are several benefits of introducing this new protocol: “Usually, all blockchain consensus[algorithms] care about is what the validators (i.e. miners) of a chain do. Vitalik is proposing that if an independent observer of the network traffic (i.e. just the blockchain client a user is running, not a miner/validator) watches what’s happening in real time and pays attention to when messages appear, they can detect ‘foul play’ by miners performing a 51% attack and this can provide additional safety guarantees that can protect against such an attack. This is somewhat similar to how merchants are already checking for 51% attacks themselves, only Vitalik’s version is more large-scale and complex.” As of now, the Ethereum blockchain works on proof-of-work (PoW). This new protocol is expected to be set in action when Ethereum is shifted to proof-of-stake (PoS). The exact timeline for the PoS switch is not known, it might happen next year. In PoS, the more the number of coins/tokens a user has, the greater is his/her mining capacity. PoS will reduce the Ethereum reward by 80%; 0.6 ETH from the existing 3 ETH per block. With the implementation of this consensus network, Ethereum might become the most secure blockchain network in the public domain. You can read Vitalik’s paper for a detailed explanation of the implementation. Microsoft Azure’s new governance DApp: An enterprise blockchain without mining How to set up an Ethereum development environment [Tutorial] Everything you need to know about Ethereum

The Cloud Native Computing Foundation (CNCF) accepted OpenMetrics, an open source specification for metrics exposition, into the CNCF Sandbox, a home for early stage and evolving cloud native projects. Google cloud engineers and other vendors had been working on this persistently from the past several months and finally it got accepted by CNCF. Engineers are further working on ways to support OpenMetrics in the OpenSensus, a set of uniform tracing and stats libraries that work with multi-vendor services. OpenMetrics will bring together the maturity and adoption of Prometheus, and Google’s background in working with stats at extreme scale. It will also bring in the experience and needs of a variety of projects, vendors, and end-users who are aiming to move away from the hierarchical way of monitoring to enable users to transmit metrics at scale. The open source initiative, focused on creating a neutral metrics exposition format will provide a sound data model for current and future needs of users. It will embed into a standard that is an evolution of the widely-adopted Prometheus exposition format. While there are numerous monitoring solutions available today, many do not focus on metrics and are based on old technologies with proprietary, hard-to-implement and hierarchical data models. “The key benefit of OpenMetrics is that it opens up the de facto model for cloud native metric monitoring to numerous industry leading implementations and new adopters. Prometheus has changed the way the world does monitoring and OpenMetrics aims to take this organically grown ecosystem and transform it into a basis for a deliberate, industry-wide consensus, thus bridging the gap to other monitoring solutions like InfluxData, Sysdig, Weave Cortex, and OpenCensus. It goes without saying that Prometheus will be at the forefront of implementing OpenMetrics in its server and all client libraries. CNCF has been instrumental in bringing together cloud native communities. We look forward to working with this community to further cloud native monitoring and continue building our community of users and upstream contributors.” says Richard Hartmann, Technical Architect at SpaceNet, Prometheus team member, and founder of OpenMetrics. OpenMetrics contributors include AppOptics, Cortex, Datadog, Google, InfluxData, OpenCensus, Prometheus, Sysdig and Uber, among others. “Google has a history of innovation in the metric monitoring space, from its early success with Borgmon, which has been continued in Monarch and Stackdriver. OpenMetrics embodies our understanding of what users need for simple, reliable and scalable monitoring, and shows our commitment to offering standards-based solutions. In addition to our contributions to the spec, we’ll be enabling OpenMetrics support in OpenCensus” says Sumeer Bhola, Lead Engineer on Monarch and Stackdriver at Google. For more information about OpenMetrics, please visit openmetrics.io. To quickly enable trace and metrics collection from your application, please visit opencensus.io. 5 reasons why your business should adopt cloud computing Alibaba Cloud partners with SAP to provide a versatile, one-stop cloud computing environment Modern Cloud Native architectures: Microservices, Containers, and Serverless – Part 1

DeepMind Health division has achieved a major milestone by developing an artificial intelligence system that can detect over 50 sight-threatening eye diseases with the accuracy of an expert doctor. This system can quickly interpret eye scans and correctly recommend how patients should be referred for treatment. It is the result of a collaboration with Moorfields Eye Hospital; the partnership was announced in 2016 to jointly address some of the current eye conditions. How Artificial Intelligence beats current OCT scanners Currently, eyecare doctors use optical coherence tomography (OCT) scans to help diagnose eye conditions. OCT scans are often hard to read and require time to be interpreted by experts. The time required can cause long delays between scan and treatment, which can be troublesome if someone needs urgent care. Deepmind’s AI system can automatically detect the features of eye diseases within seconds. It can also prioritize patients by recommending whether they should be referred for treatment urgently. System architecture The system uses an easily interpretable representation sandwiched between two different neural networks. The first neural network, known as the segmentation network, analyses the OCT scan and provides a map of the different types of eye tissue and the features of the disease it observes. The second network, known as the classification network, analyses the map to present eyecare professionals with diagnoses and a referral recommendation. The system expresses the referral recommendation as a percentage, allowing clinicians to assess the system’s confidence. AI-powered dataset DeepMind has also developed one of the best AI-ready databases for eye research in the world. The original dataset held by Moorfields was suitable for clinical use, but not for machine learning research. The improved database is a non-commercial public asset owned by Moorfield. It is currently being used by hospital researchers for nine separate studies into a wide range of conditions. DeepMind’s initial research is yet to turn into a usable product and then undergo rigorous clinical trials and regulatory approval before being used in practice. Once validated for general use, the system would be used for free across all 30 of Moorfields’ UK hospitals and community clinics, for an initial period of five years. You can read more about the announcement on the DeepMind Health blog. You can also read the paper on Nature Medicine. Reinforcement learning optimizes brain cancer treatment to improve patient quality of life. AI beats Chinese doctors in a tumor diagnosis competition. 23andMe shares 5mn client genetic data with GSK for drug target discovery

On 31st July 2018, Eric Holmes, a security researcher gained access to Homebrew's GitHub repo easily (He documents his experience in an in-depth Medium post). Homebrew is a free and open-source software package management system with well-known packages like node, git, and many more. It simplifies the installation of software on macOS. The Homebrew repository contains its recently elevated scopes. Eric gained access to git push on Homebrew/brew and Homebrew/homebrew-core. He was able to invade and make his first commit into Homebrew’s GitHub repo within 30 minutes. Attack = Higher chances of obtaining user credentials After getting an easy access to Homebrew’s GitHub repositories, Eric’s prime motive was to uncover user credentials of some of the members of Homebrew GitHub org. For this, he made use of an OSSINT tool by Michael Henriksen called gitrob, which easily automates the credential search. However, he could not find anything interesting. Next, he explored Homebrew’s previously disclosed issues on https://hackerone.com/Homebrew, which led him to the observation that Homebrew runs a Jenkins instance that’s (intentionally) publicly exposed at https://jenkins.brew.sh. With further invasion into the repo, Eric encountered that the builds in the “Homebrew Bottles” project were making authenticated pushes to the BrewTestBot/homebrew-core repo. This further led him to an exposed GitHub API token. The token opened commit access to these core Homebrew repos: Homebrew/brew Homebrew/homebrew-core Homebrew/formulae.brew.sh Eric stated in his post that, “If I were a malicious actor, I could have made a small, likely unnoticed change to the openssl formulae, placing a backdoor on any machine that installed it.” Via such a backdoor, intruders could have gained access to private company networks that use Homebrew. This could further lead to data breach on a large scale. Eric reported this issue to Homebrew developer, Mike McQuaid. Following which, he publicly disclosed the issue on the blog at https://brew.sh/2018/08/05/security-incident-disclosure/. Within a few hours the credentials had been revoked, replaced and sanitised within Jenkins so they would not be revealed in future. Homebrew/brew and Homebrew/homebrew-core were updated so non-administrators on those repositories cannot push directly to master. The Homebrew team worked with GitHub to audit and ensure that the given access token wasn’t used maliciously, and didn’t make any unexpected commits to the core Homebrew repos. As an ethical hacker, Eric reported the vulnerabilities he found to the Homebrew team and did no harm to the repo itself. But, not all projects may have such happy endings. How can one safeguard their systems from supply chain attacks? The precautions which Eric Holmes took were credible. He informed the Homebrew developer. However, not every hacker has good intentions and it is one’s responsibility to make sure to keep a check on all the supply chains associated to an organization. Keeping a check on all the libraries One should not allow random libraries into the supply chain. This is because it is difficult to partition libraries with organization’s custom code, thus both run with the same privilege risking the company’s security. One should make sure to levy certain policies around the code the company wishes to allow. Only projects with high popularity, active committers, and evidence of process should be allowed. Establishing guidelines Each company should create guidelines for secure use of the libraries selected. For this, a prior definition of what the libraries are expected to be used for should be made. The developers should also be detailed in safely installing, configuring, and using each library within their code. Identification of dangerous methods and how to use them safely should also be taken care of. A thorough vigilance within the inventory Every organization should keep a check within their inventories to know what open source libraries they are using. They should also ensure to set up a notification system which keeps them abreast of which new vulnerabilities the applications and servers are affected. Protection during runtime Organizations should also make use of runtime application security protection (RASP) to prevent both known and unknown library vulnerabilities from being exploited. If in case they notice new vulnerabilities, the RASP infrastructure enables one to respond in minutes. The software supply chain is the important part to create and deploy applications quickly. Hence, one should take complete care to avoid any misuse via this channel. Read the detailed story of Homebrew’s attack escape on its blog post and Eric’s firsthand account of how he went about planning the attack and the motivation behind it on his medium post. DCLeaks and Guccifer 2.0: Hackers used social engineering to manipulate the 2016 U.S. elections Twitter allegedly deleted 70 million fake accounts in an attempt to curb fake news YouTube has a $25 million plan to counter fake news and misinformation

The launch of Fortnite Android Beta was announced on Epic Games website on August 9, stating that players with Samsung Galaxy devices are the first to be invited. It will open for other devices over the next few days. The game is directly available on their official website for Android users bypassing the Google Play Store. Players will get access to Fortnite Battle Royale in waves. You need to sign-up at Fortnite.com/Android and the download instructions will be shared with you via email. Why did Fortnite bypass Google Play Store? One reason could be that they have already made a audience base and do not need any other app distribution store to make them more popular. Though there are ways to bypass the Apple’s App Store, it is a bit tricky. You can use methods like sideloading to download an app which is not available in the App Store. Unlike Apple, Android is much more flexible and users can easily download the application from other websites. This loophole could be used to save the 30% of the revenue Fortnite will need to share with Google. How does Fornite’s decision impact users and Google? This move could result in more than just missing out the 30% shares in revenue for Google, if other big game developers also decide to distribute their games independently. For customers the risks lies in terms of security. We can adjust an Android device’s settings to download apps and games from anywhere on the web. This makes the devices more prone to security risks, malware infections, and other malicious attacks. Secondly, those users who are not aware that Fortnite in not available on Play Store could be fooled into downloading apps masquerading as Fortnite. To know more about Fortnite bypassing Google Play store, refer to the TechCrunch’s report. Google buys GraphicsFuzz, bringing fuzzy logic and metamorphic testing to Android graphics drivers Google’s second innings in China: Exploring cloud partnerships with Tencent and others Google open sources Filament – a physically based rendering engine for Android, Windows, Linux and macOS

After the release of ML.NET 0.1 at //Build 2018, back in May, the Microsoft team announced ML.NET 0.4 last week. The latest release includes features such as Word Embedding Transform, SymSGD Learner, and improvements to F# API and samples for ML.NET. ML.NET is a cross-platform, open source machine learning framework for .NET developers. Let’s have a quick look at the major features in ML.NET 0.4. Word Embeddings Transform for Text Scenarios Word embeddings is a method which allows mapping words to numeric vectors for capturing the meaning of the words. This is used for visualization or model training. With ML.NET 0.4, the word embedding transform is added to ML.NET allowing you to use pre-trained or existing word embedding models in pipelines. There are several different pretrained models such as GloVe, fastText, and SSWE which are available. Adding this transform method along with the existing transforms help improve the model’s metrics. SymSGD Learner for Binary Classification SymSGD is now available in ML.NET 0.4 for binary classification. SymSGD is a parallel SGD algorithm which retains the sequential semantics of SGD. It offers a much better performance based on multithreading. It is fast, scales well on multiple cores, and achieves the same accuracy as sequential SGD. SymSGD can be applied to any linear learner where update rule is linear like a binary classification or a linear regression. This is how you can add a SymSGD Binary Classifier learner to the pipeline: pipeline.Add(new SymSgdBinaryClassifier() { NumberOfThreads = 1}); Even though there is no multithreading enabled in SymSGD at the moment, it can be helpful in cases where you want to try many different learners and limit each of them to a single thread. Improvements to F# API and samples for ML.NET ML.NET did not provide support for F# records. With ML.NET 0.4 release, you can use property-based row classes in F#. To get more coverage, check out the official Microsoft blog. Microsoft Open Sources ML.NET, a cross-platform machine learning framework Create machine learning pipelines using unsupervised AutoML [Tutorial Top AutoML libraries for building your ML pipelines  

A surfeit of speed reading apps were released a few years back for computers and smartphones. Now, the BBC has teamed up with a start-up called Spritz to experiment with speed reading on smart watches. Spritz was founded in 2011 and displays one word at a time on your screen. The average human reading speed is 200 wpm (words per minute). With the plethora of information being in circulation nowadays, it is a task to read and keep up. To top this, people read most of their news on smartphones which is already smaller than what our evolution is accustomed to; newspapers and books. What’s the fuss with speed reading? Speed reading displays one single word at a time on the screen. One of the letters on the screen is highlighted and believed to be the focus point of that word. The word present on screen changes with variable speeds. As a result, the time taken to move your eyes across words is eliminated which increases the reading speed. The BBC is looking to get this idea in action with smart watches. Imagine reading a whole news article much faster than your average speed without even taking out your smartphone. The BBC Blog states: “Sherlock Holmes and Spock from Star Trek might be fictional characters, but the idea of having a superhuman ability to process information quickly is an exciting one.” BBC’s take on speed reading Cyrus Saihan, Head of Digital Partnerships, BBC states in the Blog: “We are reading more and more on mobile phones, but the screen sizes and text sizes of mobiles are smaller than what we have traditionally been used to with books and magazines. Technologies such as this therefore have the potential to make it much easier for us to read on mobile phones. This way of reading could also possibly be useful on devices such as smart watches, which have even smaller screen sizes.” The demonstration videos from the Blog display the method being used on BBC articles at 300, 400, and 800 wpm. It takes some time to get used to but once you do, you can read at much faster speeds. It gets relatively easy after reading a couple articles in this method. This is still in the internal testing phase and BBC isn’t planning on rolling it out anytime soon.  It sure is an interesting idea that can potentially save us time on reading every day. For more information and examples, head on to the BBC website. Read next Using your smart watch to control networked LEDs The Risk of Wearables – How Secure is Your Smartwatch

Last week, Google launched Android 9 pie, the latest machine learning based Android operating system after Android Oreo. One of the features in Android 9 pie, named, smart linkify, a new version of the existing Android Linkify API adds clickable links on identifying entities such as dates, flights, addresses, etc, in content or text input via TextClassifier API. Smart linkify Smart linkify API is trained in TensorFlow which uses a small feedforward neural network.  This enables it to figure out whether or not a series of numbers or words is a phone number or address, just like Android Oreo’s Smart Text Selection feature. But, what’s different with this new feature is that instead of just making it easier to highlight and copy the associated text manually, it adds a relevant actionable link allowing users to immediately take action with a just a click. How does smart linkify work? Smart linkify follows three basic steps: Locating entities in an input text Processing the input text Training the network Let’s have a quick look at each of the above-mentioned steps. Finding entities in an input text The underlying process for detecting entities within texts is not an easy task. It poses many problems as people follow different ways to write addresses and phone numbers. There can also be confusion regarding the type of entity. For instance, “Confirmation number: 857-555-3556” can look like a phone number even though it’s not. So, to fix this problem, an inference algorithm with two small feedforward neural networks was designed by the Android team. The two feedforward neural networks look for context surrounding words and perform all kinds of entity chunking beyond just addresses and phone numbers. The first input text is split into words and then all the possible combination of entries, named “candidates”  are analyzed. After analyzing the candidates, a score is assigned on a scale of validity. Any overlapping candidates are removed, favoring the ones with the higher score. After this, the second neural network takes over and assigns a type of entity, as either a phone number, address or in some cases, a non-entity. Smart Linkify finding entities in a string of text Processing the input text After the entities have been located in the text, it’s time to process it. The neural networks determine whether the given entity candidate in the input text is valid or not. After knowing the context surrounding the entity, the network classifies it. With the help of machine learning, the input text is split into several parts and each is fed to the network separately. Smart linkify processing the input text Google uses character n-grams and a binary capitalization feature to “represent the individual words as real vectors suitable as an input of the neural network”. Character n-grams represent the word as a set of all character subsequences of a certain length. Google used lengths 1 to 5. The binary feature indicates whether the word starts with a capital letter. This is important as the capitalization in postal addresses is quite distinct, thereby, helping the networks to differentiate. Training the network Google has a training algorithm in place for datasets. It involves collecting lists of addresses, phone numbers and named entities (such as product, place, business names, etc). These are then used to synthesize the data for training neural networks. “We take the entities as they are and generate random textual contexts around them (from the list of random words on Web). Additionally, we add phrases like “Confirmation number:” or “ID:” to the negative training data for phone numbers, to teach the network to suppress phone number matches in these contexts”, says the Google team. There are a couple of other techniques that Google used for training the network such as: Quantizing the embedding matrix to 8-bit integers Sharing embedding matrices between the selection and classification networks. Varying the size of the context before/after the entities Creating artificial negative examples out of the positive ones for classification network. Currently, Smart Linkify offers support for 16 languages and plans to support more languages in the future. Google still relies on traditional techniques using standard regular expressions for flight numbers, date, times, IBAN, etc, but it plans to include ML models for these in the future. For more coverage on smart linkify, be sure to check out the official Google AI blog. All new Android apps on Google Play must target API Level 26 (Android Oreo) or higher Android P Beta 4 is here, stable Android P expected in the coming weeks! Is Google planning to replace Android with Project Fuchsia?  

Google's mission is famously 'Don't be evil', but with its latest venture - a pre-censored search engine that complies with Chinese regulations - it looks like it could be compromising on those values. And one former senior executive, Lokman Tsui, has spoken out, calling it a "stupid, stupid move." News of the search engine, named Project Dragonfly, was first reported at the start of August. Some information about the project was leaked, leading considerable anger from Google employees. One employee told The Intercept "our internal meme site and Google Plus are full of talk, and people are a.n.g.r.y." However, Tsui's intervention is notable because of his position as 'Head of Freedom of Expression' for Asia and the Pacific between 2011 and 2014. Tsui contrasts the new project with Google shutting down its previous Chinese search engine over concerns over significant cyber attacks from within the country. Speaking to the Intercept, he said "Google made a grand statement in 2010. The message was that ‘We care about human rights and we care about free expression, we are the champions of this, we have responsibility, we don’t want to self-censor any more." For Tsui, returning to China with a new search product has a real symbolic impact in terms of Google legitimizing and accepting the Chinese government's record of online censorship. What's also important, according to Tsui, is that the situation in China has deteriorated since 2010. The move would, he says, "be a moral victory for Beijing... I can’t see a way to operate Google search in China without violating widely held international human rights standards." Tsui claims Google will lose employees over China issue Tsui believes that Google could lose employees over the move. In compromising its core principles - of which "don't be evil" is just one - it could lose "the hearts and minds of people working for it." However, it's not just Google employees - past and present - who are concerned about Google's project. A number of U.S. senators have raised concerns, along with human rights organizations, including Amnesty International, Human Rights Watch and Reporters Without Borders. Google's move could, these groups argue, lead to bigger issues than just censorship. This is because Google's servers would be located on the Chinese mainland, making them potentially accessible to the Chinese government, which could use data from servers to closely monitor activities of anyone who voices criticism. Read next Google’s new facial recognition patent uses your social network to identify you! Google’s second innings in China: Exploring cloud partnerships with Tencent and others Google Cloud Next: Fei-Fei Li reveals new AI tools for developers

In the new found age of Artificial Intelligence, where everything and everyone uses Machine Learning concepts to make life easier, the dark side of the same is can be left unexplored. Cybersecurity is gaining a lot of attention these days.The most influential organizations have experienced a downfall because of undetected malware that have managed to evade even the most secure cyber defense mechanisms. The job just got easier for cyber criminals that exploit AI to empower them and launch attacks. Imagine combining AI with cyber attacks! At last week’s Black Hat USA 2018 conference, IBM researchers presented their newly developed malware “DeepLocker” that is backed up by AI. Weaponized AI seems here to stay. Read Also: Black Hat USA 2018 conference Highlights for cybersecurity professionals All you need to know about DeepLocker Simply put, DeepLocker is a new generation malware which can stealth under the radar and go undetected till its target is reached. It uses an Artificial Intelligence model to identify its target using indicators like facial recognition, geolocation and voice recognition. All of which is easily available on the web these days! What’s interesting is that the malware can hide its malicious payload in carrier applications- like a video conferencing software, and go undetected by most antivirus and malware scanners until it reaches specific victims. Imagine sitting on your computer performing daily tasks. Considering that your profile pictures are available on the internet, your video camera can be manipulated to find a match to your online picture. Once the target (your face) is identified, the malicious payload can be unleashed thanks to your face which serves as a key to unlock the virus. This simple  “trigger condition” to unlock the attack is almost impossible to reverse engineer. The malicious payload will only be unlocked if the intended target is reached. It achieves this by using a deep neural network (DNN) AI model. The simple logic of  “if this, then that” trigger condition used by DeepLocker is transformed into a deep convolutional network of the AI model.   DeepLocker – AI-Powered Concealment   Source: SecurityIntelligence   The DeepLocker makes it really difficult for malware analysts to answer the 3 main questions- What target is the malware after-  Is it after people’s faces or some other visual clues? What specific instance of the target class is the valid trigger condition? And what is the ultimate goal of the attack payload? Now that’s some commendable work done by the IBM researchers. IBM has always strived to make a mark in the field of innovation. DeepLocker comes as no surprise as IBM has the highest number of facial recognition patents granted in 2018. BlackHat USA 2018 sneak preview The main aim of the IBM Researchers- Marc Ph. Stoecklin, Jiyong Jang and Dhilung Kirat-  briefing the crowd in the BlackHat USA 2018 conference was, To raise awareness that AI-powered threats like DeepLocker can be expected very soon To demonstrate how attackers have the capability to build stealthy malware that can circumvent defenses commonly deployed today and To provide insights into how to reduce risks and deploy adequate countermeasures. To demonstrate the efficiency of DeepLocker’s capabilities, they designed and demonstrated a proof of concept. The WannaCry virus was camouflaged in a benign video conferencing application so that it remains undetected by antivirus engines and malware sandboxes. As a triggering condition, an individual was selected, and the AI was trained to launch the malware when certain conditions- including the facial recognition of the target- were met. The experiment was, undoubtedly, a success. The DeepLocker is just an experiment by IBM to show how open-source AI tools can be combined with straightforward evasion techniques to build a targeted, evasive and highly effective malware. As the world of cybersecurity is constantly evolving, security professionals will now have to up their game to combat hybrid malware attacks. Found this article Interesting? Read the Security Intelligence blog to discover more. 7 Black Hat USA 2018 conference cybersecurity training highlights 12 common malware types you should know Social engineering attacks – things to watch out for while online