Tech News

Salesforce has welcomed spring with their new Salesforce Spring 2018 release. With this release, Salesforce users, admins, and developers can try out some fresh features and tools to enhance, tweak, and guide the processes that govern our Salesforce instances. This release brings in exciting enhancements to the Lightning Platform and advanced developments in artificial intelligence. Without further ado, let’s have a quick look at some of the noteworthy features that are really going to change the way you work with Salesforce. Create personalized navigation in Lightning Experience This new Lightning Experience feature in Salesforce allows one to reorder items, rename, or remove the added items. The navigation bar now contains more than just object-level items. One can add granular items, like a dashboard, list, or record, and so on. Build Interactive Salesforce Surveys Creating beautiful, easy-to-use forms for collecting feedback and data from users or customers is now easy. All survey data is stored in your org which is nothing but an entity that contains users, data, and automation corresponding to an individual organization. This unified data storage is helpful especially in creating reports, dashboards and sharing insights within your organization. Customize your Org to match your brand using themes The ability to customise the look and feel of Salesforce has never really been available. With Spring ’18, create up to 300 custom themes or clone the built-in themes provided by Salesforce with just a few clicks. Easy calculation of Opportunity Scoring using Einstein One can prioritize their way to more business with Einstein Opportunity Scoring. Einstein Opportunity Scoring generates opportunity scores based on the record details, history and related activities of the opportunity and related account. Information about the opportunity owner, such as yearly win rates, is also used to calculate the score. Stay on Top of Duplicate Records by Using Duplicate Jobs Duplicates are a pain for most organisations. With the relatively recent release of duplicate and matching rules in Salesforce, creating duplicate jobs with standard or custom matching rules to scan Salesforce business or person accounts, contacts or leads for duplicates has become easy. Job results can be shared with others and information about the duplicate jobs are logged. These logs helps you in tracking your progress in reducing the number of duplicate records in Salesforce org. Easy storage of Data Privacy Preferences Data privacy records, based on the Individual object, lets one store certain data privacy preferences for their customers. These records can help honor and respect customers’ wishes when they request only specific forms of contact from one’s company. Some laws and regulations, such as the General Data Protection Regulation (GDPR), can require you to honor your customers’ wishes. See More Relevant Objects First in Top Results Top Results list the most relevant results for most frequently used objects. The improved ordering of objects means less scrolling and clicking around to reach the object one wants. To know more about these and other releases in detail, visit the Salesforce Blog. Read More Implementing Automation Process with Salesforce CRM Build a custom Admin Home page in Salesforce CRM Lightning Experience Getting Started with Salesforce Lightning Experience

Be it a tweet about taking the company private or smoking weed on a radio show, Elon Musk has been in news for all the wrong reasons recently and he is in news again but this time for what he is best admired as a modern day visionary. As per reports the Tesla and SpaceX founder is working on a 'superhuman' product that will connect your brain to a computer. We all know Musk along with eight others founded a company called Neuralink two years ago. The company has been developing implantable brain–computer interfaces, better known as BCIs. While in the short-term the company’s aim is to use the technology to treat brain diseases, Musk’s eventual goal is human enhancement, which he believes will make us more intelligent and powerful than even AI.  According to hints he gave a week ago, Neuralink may soon be close to announcing a product unlike anything we have seen: A brain computer interface. Appearing on the Joe Rogan Experience podcast last week, Musk stated that he’ll soon be announcing a new product – Neuralink – which will connect your brain to a computer, thus making you superhuman. When asked about Neuralink, Musk said "I think we’ll have something interesting to announce in a few months that’s better than anyone thinks is possible. Best case scenario, we effectively merge with AI. It will enable anyone who wants to have superhuman cognition. Anyone who wants. How much smarter are you with a phone or computer or without? You’re vastly smarter, actually. You can answer any question pretty much instantly. You can remember flawlessly. Your phone can remember videos [and] pictures perfectly. Your phone is already an extension of you. You’re already a cyborg. Most people don’t realise you’re already a cyborg. It’s just that the data rate, it’s slow, very slow. It’s like a tiny straw of information flow between your biological self and your digital self. We need to make that tiny straw like a giant river, a huge, high-bandwidth interface." If we visualize what Musk said, it feels like a scene straight from a Hollywood movie. However, many of the creations, from a decade ago, that were thought to belong solely in the world of science-fiction, have become a  reality now. Musk argues that through our over-dependence on smartphones, we have already taken the first step towards our cyborg future. Neuralink is an attempt to just accelerate the process by leaps and bounds. That's not all, Elon Musk was also quoted saying on CNBC. "If your biological self dies, you can upload into a new unit. Literally, with our Neuralink technology". Read the full news on CNBC. About Author Sandesh Deshpande is currently working as a System Administrator for Packt Publishing. He is highly interested in Artificial Intelligence and Machine Learning. Tesla is building its own AI hardware for self-driving cars Elon Musk’s tiny submarine is a lesson in how not to solve problems in tech. DeepMind, Elon Musk, and others pledge not to build lethal AI

Android Studio 3.3 has been released, earlier this week with official support for Navigation Editor, Project Marble, improved incremental Java compilation when using annotation processors, C++ code lint inspections etc. Other features include an updated new project wizard and usability fixes for each of the performance profilers. Overall, this release addresses over 200 users reported bugs. This release includes support for navigation editor, a visual editor for constructing XML resources using the Jetpack Navigation Component. Developers can build predictable interactions between the screens and content areas of an app with the Navigation Editor and the Navigation Component. The Network profiler in Android Studio 3.3 now formats common text types found in network payloads by default, including HTML, XML and JSON.   New Project Wizard for Android Studio has been updated to support the range of device types, programming languages, and new frameworks in a streamlined manner. Android Studio 3.3 includes Intellij 2018.2.2 and also bundles Kotlin 1.3.11. It also supports Clang-Tidy for C++ static code analysis. Android Studio 3.3 decreases build time by improving support for incremental Java compilation when using annotation processors. This release comes with a new feature to help clean up unused settings & cache directories. For better user feedback, it includes in-product sentiment buttons for quick feedback. The plugin uses Gradle's new task creation API to avoid initializing and configuring tasks that are not required to complete the current build. Android Studio 3.3 supports Android app bundle to build and deploy Google Play Instant experiences from a single Android Studio project. Android Emulator 28.0 now supports the ability to launch multiple instances of the same Android Virtual Device (AVD). The default Memory Profiler capture mode on Android 8.0 Oreo (API level 26) and higher devices are changed to sample for allocations periodically. You may check out the Android Studio release notes, Android Gradle plugin release notes, and the Android Emulator release notes for more details. Android Studio 3.2 releases with Android App Bundle, Energy Profiler, and more! Android Studio 3.2 Beta 5 out, with updated Protobuf Gradle plugin What is Android Studio and how does it differ from other IDEs?

Yesterday, Amazon announced that it will be increasing the minimum wage for all of its US employees - full-time, part-time, temporary (including those hired by agencies), and seasonal employees. They raised the wages of employees in the UK as well from £8 to £9.50 an hour. The $15 minimum wage will affect more a total of more than 250,000 Amazon employees and 100,000 seasonal temporary employees who will be hired across US this holiday season. This new policy is effective from November 1. Amazon’s move to increase wages comes after recent pressure from campaigns criticizing Amazon’s pay policies. US Senator Bernie Sanders publicly accused Amazon of underpaying its workers and introduced a bill called Stop BEZOS act last month. The bill also known as ‘Stop Bad Employers by Zeroing Out Subsidies’ was aimed to force Amazon and other large companies to increase the living wages paid to workers. Currently, an Amazon Warehouse Worker earns $13 on average an hour. The new wages will add $2 an hour, which may not look like much but will add about $4,000 to yearly wages of employees who were making $13 till now. Amazon currently offers restricted stock units (RSU) which cannot be used by employees. So, keeping in mind employee preferences, the RSU stock grant program in Amazon will be replaced by a direct stock purchase plan for hourly employees and customer service employees. Amazon said that they will also work towards getting Congressional support for increasing the federal minimum wage. The current rate, $7.25, was set nearly a decade ago and is low. Amazon is phasing out the incentive pay component and $15 will be an effective minimum wage which won’t require any additional targets to be met. The wage policy will affect Amazon’s hourly operations and customer service employees who also see an increase, including those already getting paid $15. This does not affect the current benefits Amazon offers its employees which include: A comprehensive healthcare plan including medical, dental, and vision cover Almost 20 weeks of paid parental leaves Matching 401k of employees Paying 95% of associates’ tuition in advance for courses in high-demand fields, irrespective of whether those jobs are at Amazon or not Training hourly associates in critical job skills like resume writing, effective communication, and basic computer operating knowledge Jeff Bezos, Amazon CEO stated: “We listened to our critics, thought hard about what we wanted to do, and decided we want to lead. We’re excited about this change and encourage our competitors and other large employers to join us.” To know more visit the Amazon website. IBM faces age discrimination lawsuit after laying off thousands of older workers, Bloomberg reports Microsoft demands its suppliers, contractors to offer employees paid family leave, or risk doing business with them It’s Day 1 for Amazon Devices: Amazon expands its Echo device lineup, previews Alexa Presentation Language and more

Day 2 of the Kotlin Conference 2018 just ended yesterday and announcements were made regarding the programming language. There is one more day of the conference which will be streamed live at the Kotlin website. We will look at some of the announcements made in the conference so far. Kotlin 1.3 is now RC Kotlin 1.3 RC is here and brings a lot of new features. Some of them are the following. Contracts The Kotlin compiler now does extensive static analysis to show warnings and reduce boilerplate. ‘Contracts’ in Kotlin 1.3 allow functions to explicitly describe its own behavior in a way which is understood by the compiler. Coroutines Kotlin Coroutines are no longer experimental and will be supported like other features starting from Kotlin version 1.3. Coroutines delegate most of the functionality to libraries and helps in providing a fluid experience that is scalable when needed. Multiplatform projects The multiplatform projects model has been reworked to improve expressiveness and flexibility. It is in line with the language’s goal to function on all platforms. Currently Kotlin supports JVM, Android, JavaScript, iOS, Linux, Windows, Mac and embedded systems like STM32. This is beneficial for reusing code. Kotlin/Native is now in beta Kotlin/Native is designed to enable compilation in platforms where virtual machines do not work. An example would be embedded devices or iOS. Kotlin/Native is a solution to situations when developers need to produce a self-contained program where an additional runtime or virtual machine is not required. After several years of development, Kotlin/Native is now beta. The Kotlin foundation The Kotlin Foundation is a nonprofit nonstock corporation created in 2018. It has backing from JetBrains and Google. The Kotlin Foundation aims to protect, promote and advance the development of Kotlin. New revamped playground The online environment for trying and learning Kotlin has a new look, functionality, and a new section called Learn Kotline by Example. All this is available directly in your web browser via the Kotlin Playground website. The first day can be watched on YouTube. You can watch the Kotlin Conference live at their website. Kotlin 1.3 RC1 is here with compiler and IDE improvements How to implement immutability functions in Kotlin [Tutorial] Forget C and Java. Learn Kotlin: the next universal programming language

Looks like Brave has also jumped on the bandwagon of writing or rewriting its components in the Rust programming language. Yesterday, its team announced that they have reimplemented its ad-blocker in Rust that was previously written in C++. As a result, the ad-blocker is now 69x faster as compared to the current engine. The team chose Rust as it is a memory-safe and performant language. The new ad-blocker implementation can be compiled to native code and run within the native browser core. It can also be packaged in a standalone Node.js module. This reimplemented version is available on Brave’s  Dev channel and Nightly channel. How does this new ad-blocking algorithm work? The previous ad-blocking algorithm relied on the observation that most of the requests were passed through without blocking. It used the Bloom filter data structure that tracks fragments of requests that may match and rules out those that do not. The new implementation is based on uBlock Origin and Ghostery’s ad-blocking approach, which is tokenization specific to add-block rule matching against URLs and rule evaluation optimized to the different kinds of rules. What makes this new algorithm faster is that it quickly eliminates any rules that are not likely to match a request from search. “To organize filters in a way that speeds up their matching, we observe that any alphanumeric (letters and numbers) substring that is part of a filter needs to be contained in any matching URL as well,” the team explained. All these substrings are hashed to a single number that results in a number of tokens. The tokens make matching much easier and faster when a URL is tokenized in the same way. The team further wrote, “Even though by nature of hashing algorithms multiple different strings could hash to the same number (a hash collision), we use them to limit rule evaluation to only those that could possibly match.” If a rule has a specific hostname, it is tokenized too. If a rule contains a single domain option, the entire domain is hashed as another token. Performance gains made by the reimplementation For the performance evaluation, the team has used the dataset published with the Ghostery ad-blocker performance study that includes 242,945 requests across 500 popular websites. The new ad-blocker was tested against this dataset with different ad-block rule lists including the biggest one: EasyList and EasyPrivacy combined.  The team performed all the benchmarks on the adblock-rust 0.1.21 library. They used a 2018 MacBook Pro laptop with 2.6 GHz Intel Core i7 CPU and 32GB RAM. Following are performance gains this new ad-blocker showed: The new algorithm with its optimized set of rules is 69x faster on average as compared to the current engine. When tested with the popular filter list combination of EasyList and EasyPrivacy, it gave a “class-leading performance of spending only 5.7μs on average per request.” It already supports most of the filter rule syntax that has evolved beyond the original specification. This will enable the team to handle web compatibility issues better and faster. The browser does some of the work that can be helpful to the ad-blocker. This further reduces the overheads resulting in an ad-blocker with the best in class performance. Head over to Brave’s official website to know more in detail. Edge, Chrome, Brave share updates on upcoming releases, recent milestones, and more at State of Browsers event Brave introduces Brave Ads that share 70% revenue with users for viewing ads Chromium-based Brave browser shows 22% faster page load time than its Muon-based counterpart  

Last week, the IPython community announced its latest release, IPython 7.2, which is available on PyPI and will be soon available on Conda. This version includes some improvements, minor bug fixes, and also new configuration options. Users can update to IPython 7.2 by using the following command: pip install ipython --upgrade Improvements in IPython 7.2 Ability to show subcases while using pinfo and other utilities In this update, IPython will now list the first 10 subclasses whenever a ‘? / ??’ is used on a class. OSMagics.cd_force_quiet configuration option Users can now set the OSMagics.cd_force_quiet option to force the %cd magic to behave as if -q was passed. Here is the command: In [1]: cd / / In [2]: %config OSMagics.cd_force_quiet = True In [3]: cd /tmp In [4]: Current vi mode can now be configured To control this feature, users need to set the TerminalInteractiveShell.prompt_includes_vi_mode to a boolean value (default: True). Other improvements and bug fixes Fixed a bug preventing PySide2 GUI integration from working Users can now run CI on Mac OS The IPython ‘Demo’ mode has been fixed Fixed the %run magic with path in name This update has an added CWD to sys.path after stdlib The signatures (especially long ones) now have a better rendering Users can re-enable jedi by default if it’s installed This update has a new minimal exception reporting mode, which is mostly useful for educational purpose There are still some outstanding bugs that will be fixed in the next release, which the community plans to release before the end of the year. To know more about this release in detail, head over to IPython’s documentation. IPython 7.0 releases with AsyncIO Integration and new Async libraries Make Your Presentation with IPython How to connect your Vim editor to IPython

Traffic from both humans and bots are at record highs. Since March 2020, reCAPTCHA has seen a 40% increase in usage - businesses and services that previously saw most of their users in person have shifted to online-first or online-only. This increased demand for online services and transactions can expose businesses to various forms of online fraud and abuse, and without dedicated teams familiar with these attacks and how to stop them, we’ve seen hundreds of thousands of new websites come to reCAPTCHA for visibility and protection. During COVID-19, reCAPTCHA is playing a critical role helping global public sector agencies to distribute masks and other supplies, provide up-to-date information to constituents, and secure user accounts from distributed attacks. The majority of these agencies are using the score-based detection that comes from reCAPTCHA v3 or reCAPTCHA Enterprise instead of showing the visual or audio challenges found in reCAPTCHA v2. This reduces friction for users and also gives teams flexibility on how to take action on bot requests and fraudulent activity. reCAPTCHA Enterprise can also help protect your business. Whether you’re moving operations online for the first time or have your own team of security engineers, reCAPTCHA can help you detect new web attacks, understand the threats, and take action to keep your users safe. Many enterprises lack visibility in parts of their site, and adding reCAPTCHA helps to expose costly attacks before they happen. The console shows the risk associated with each action to help your business stay ahead. Unlike many other abuse and fraud fighting platforms, reCAPTCHA doesn’t rely on invasive fingerprinting. These techniques can often penalize privacy-conscious users who try to keep themselves safe with tools such as private networks, and are in conflict with browsers’ pushes for privacy-by-default. Instead, we’ve shifted our focus to in-session behavioral risk analysis, detecting fraudulent behavior rather than caring about who or what is behind the network connection. We’ve found this to be extremely effective in detecting attacks in a world where adversaries have control of millions of IP addresses and compromised devices, and regularly pay real humans to manually bypass detections. Since we released reCAPTCHA Enterprise last year, we’ve been able to work closer with existing and new customers, collaborating on abuse problems and determining best practices in specific use cases, such as account takeovers, carding, and scraping. The more granular score distribution that comes with reCAPTCHA Enterprise gives customers more fine-tuned control over when and how to take action. reCAPTCHA Enterprise learns how to score requests specific to the use case, but the score is also best used in a context-specific way. Our most successful customers use features to delay feedback to adversaries, such as limiting capabilities of suspicious accounts, requiring additional verification for sensitive purchases, and manually moderating content likely generated by a bot.  We also recently released a report by ESG where they evaluated the effectiveness of reCAPTCHA Enterprise as deployed in a real-world hyperscale website to protect against automated credential stuffing and account takeover attacks. ESG noted: “Approximately two months after reCAPTCHA Enterprise deployment, login attempts dropped by approximately 90% while the registered user base grew organically.” We’re continually developing new types of signals to detect abuse at scale. Across the four million sites with reCAPTCHA protections enabled, we defend everything from accounts, to e-commerce transactions, to food distribution after disasters, to voting for your favorite celebrity. Now more than ever, we’re proud to be protecting our customers and their users. To see reCAPTCHA Enterprise in action, check out our latest video. To get started with reCAPTCHA Enterprise, contact our sales team. Related Article Protect your organization from account takeovers with reCAPTCHA Enterprise How reCAPTCHA Enterprise helps protect your websites from fraudulent activity like account takeovers and hijacking Read Article

On August 10, Gordon Lyon, the creator of Nmap announced the release of Nmap 7.80 during the recently concluded DefCon 2019 in Las Vegas. This is a major release of Nmap as it contains 80+ enhancements and is the first stable release in over a year. The major highlight of this release is the newly built Npcap Windows packet capturing library. Ncap uses modern APIs and accords better performance, features and is more secure. What’s new in Nmap 7.80? Npcap Windows packet capture driver: Npcap is based on the discontinued WinPcap library, but with improved speed, portability, and efficiency. It uses the ‘Libpcap‘ library which enables Windows applications to use a portable packet capturing API and supported on Linux and Mac OS X. Npcap can optionally be restricted to only allow administrators to sniff packets, thus providing increased security. New 11 NSE scripts added: NSE scripts has been added from 8 authors, thus taking the total number of NSE scripts to 598. The new 11 scripts are focussed on HID devices, Jenkins servers, HTTP servers, Logical Units (LU) of TN3270E servers and more. pcap_live_open has been replaced with pcap_create: pcap_create solves the packet loss problems on Linux and also performance improvements on other platforms. rand.lua library: The new ‘rand.lua’ library uses the best sources of random available on the system to generate random strings. oops.lua library: This new library helps in easily reporting errors, including plenty of debugging details. TLS support added: TLS support has been added to rdp-enum-encryption, which enables the regulation of protocol version against servers that require TLS. New service probe and match lines: New service probe and match lines have been added for adb and the Android Debug Bridge, to enable remote code execution. Two new common error strings: Two new common error strings has been added to improve MySQL detection by the script http-sql-injection. New script-arg http.host: It allows users to force a particular value for the Host header in all HTTP requests. Users love the new improvements in Nmap 7.80. https://twitter.com/ExtremePaperC/status/1160388567098515456 https://twitter.com/Jiab77/status/1160555015041363968 https://twitter.com/h4knet/status/1161367177708093442 For the full list of changes in Nmap 7.80, head over to the Nmap announcement. Amazon adds UDP load balancing support for Network Load Balancer Brute forcing HTTP applications and web applications using Nmap [Tutorial] Discovering network hosts with ‘TCP SYN’ and ‘TCP ACK’ ping scans in Nmap[Tutorial]

Google has launched Android 9, the next in line Android Operating system. Named Android Pie, after Android’s convention of naming their OS on sweet treats, Android 9 comes with machine learning based interactive UI, security and privacy features, updates to connectivity and location, and more. With the filling of Machine Learning With Machine learning as its core, Android 9 helps a phone learn, by picking up on user preferences and adjusting automatically. Source: Android Developers Blog Google has partnered with DeepMind for Adaptive Battery that uses machine learning to prioritize system resources for the apps the user frequents the most. Android 9 Pie uses Slices, which are basically UI templates to display interactive content from an app from within other sources such as Google Search app or Google Assistant. It helps users perform tasks faster by engaging users outside of the fullscreen app experience. App Actions takes advantage of machine learning to bring an app to the user at just the right time. It is based on the app's semantic intents and the user's context. Another feature, the Smart Linkify lets users take advantage of the TextClassifier models through the Linkify API, providing options for quick follow-on user actions. Android 9 adds an updated version of the Neural networks API, to extend Android's support for accelerated on-device machine learning. Neural Networks 1.1 adds support for nine new ops. You can take advantage of the APIs through TensorFlow Lite. Baked in UI features Android 9 uses simpler and more approachable UI to help users find, use, and manage their apps. Source: Android Developers Blog There is a brand new system navigation for easily discoverable apps and to make Android's multitasking more approachable. Android 9 also has a display cutout support to take full advantage of the latest edge-to-edge screens. For immersive content, users can use the display cutout APIs to check the position and shape of the cutout and request full-screen layout around it. Messaging apps can take advantage of the new MessagingStyle APIs to show conversations, attach photos and stickers, and suggest smart replies. Android 9 will soon get the support of ML Kit to generate smart reply suggestions. Android 9 uses a Magnifier widget to improve the user experience of selecting text. The Magnifier widget can also provide a zoomed-in version of any view or surface. With the sprinkling of Security and privacy Major updates of Android 9 have been based on preserving the privacy and security of users’ data. Source: Android Developers Blog Android 9 uses the BiometricPrompt API to show the standard system dialog instead of building their own dialog. In addition to Fingerprint (including in-display sensors), the API supports Face and Iris authentication. The Android Protected Confirmation uses the Trusted Execution Environment (TEE) to guarantee that a given prompt string is shown and confirmed by the user. Only after successful user confirmation will the TEE then sign the prompt string, which the app can verify. StrongBox is added as a new KeyStore type, providing API support for devices that provide key storage in tamper-resistant hardware with isolated CPU, RAM, and secure flash. Android 9 adds built-in support for DNS over TLS, automatically upgrading DNS queries to TLS if a network's DNS server supports it. Android 9 restricts access to mic, camera, and all SensorManager sensors from apps that are idle. These are just a select few updates for the Android 9 operating system. The full list of features is available on the Android Developer Blog. Starting today, Android 9 Pie is rolling out to all Pixel users worldwide, and then to many other devices in the coming months. Android P Beta 4 is here, stable Android P expected in the coming weeks! Google updates biometric authentication for Android P, introduces BiometricPrompt API Android P new features: artificial intelligence, digital wellbeing, and simplicity

A team led by Xiaogang Qiang from the Quantum Engineering Technology Labs at the University of Bristol in the UK, have designed a fully programmable silicon chip to control two-qubits of information simultaneously within a single integrated chip, taking us closer to the quantum computing era. Read Also: Quantum Computing is poised to take a quantum leap with industries and governments on its side The researchers invented a silicon chip which guides single particles of light (or photons) in optical tracks called waveguides to produce quantum-bits of information called “qubits”. This small device can be used to perform a wide range of quantum information experiments. It can also be used to demonstrate how completely functional quantum computers can be engineered from large-scale fabrication processes. “We programmed the device to implement 98 different two-qubit unitary operations (with an average quantum process fidelity of 93.2 ± 4.5%), a two-qubit quantum approximate optimization algorithm, and efficient simulation of Szegedy directed quantum walks -- fosters further use of the linear-combination architecture with silicon photonics for future photonic quantum processors” write the researchers on the paper titled “Large-scale silicon quantum photonics implementing arbitrary two-qubit processing”. The new design has solved one of the major problems faced during quantum computer development.  With the current technology, it is possible to effectively carry out the operations requiring just a single qubit (a unit of information that is in a superposition of simultaneous “0” and “1”). But, by adding a second qubit, it enables quantum entanglement, which exacerbates the problem. Qiang and colleagues have found a solution to this problem as their new quantum processor is capable of controlling two qubits. As mentioned in the paper “by using large-scale silicon photonic circuits to implement-- a linear combination of quantum operators scheme --we realize a fully programmable two-qubit quantum processor, enabling universal two-qubit quantum information processing in optics”. The paper also mentions that the quantum processor has been fabricated with mature CMOS-compatible processing and consists of more than 200 photonic components. “It’s a very primitive processor because it only works on two qubits, which means there is still a long way before we can do useful computations with this technology,” says Lead author, Dr. Xiaogang Qiang. Read News What is Quantum Entanglement? Google AI releases Cirq and Open Fermion-Cirq to boost Quantum computation “The future is quantum” — Are you excited to write your first quantum computing code using Microsoft’s Q#?

At the Google I/O Event held in May 2018, Google advised all developers to update to the latest Android APIs by August 1, 2018. Google has instructed that all the new Android apps on Google Play should target API Level 26 (Android Oreo) in order to be published. The main reason for this strict decision is Google’s focus on security updates. Google plans to introduce Project Treble in Android 7, making it easier for mobile phone manufacturers to release Android OS updates to the devices. Google is working hard on backward compatibility and support APIs; however it is very important to target latest APIs to fully utilize the new features and backward compatibility support. Google’s roadmap for the new Android updates All Google wants the users to do is update all new and existing Android apps immediately. Here’s Google’s plan for users to ensure which apps to update and when. Things to do in August 2018 All the new apps are required to target API level 26 (Android Oreo 8.0) or higher. This means all the new apps that are not yet uploaded on Google Play (including the alpha and beta apps as well.) In November 2018 The updates to the existing apps--available on Google--are required to target API level 26 (Android Oreo 8.0) or higher. Please note here that existing apps which are not providing any updates are unaffected and will continue to work in a normal manner. Only the updates to those apps are required to target the latest APIs. 2019 Onwards Google mentions that each year the targetSdkVersion requirement will advance to the new level. And all the new apps and existing apps will need to target the corresponding API level or higher within one year of time. Developers can freely use a minSdkVersion of their choice. This means, there is no change to one’s ability to build apps for older Android versions. Google encourages developers to provide backward compatibility as far as reasonably possible. The updating process It is a very easy procedure per Google. There are some APIs which have been updated or removed in the latest API level. If any app is using those, then one will have to update the code accordingly. Following are some changes specified from recent platform versions: Implicit intents for bindService() no longer supported (Android 5.0) Runtime permissions (Android 6.0) User-added CAs not trusted by default for secure connections (Android 7.0) Apps can’t access user accounts without explicit user approval (Android 8.0) Know more about this update process by watching a Google IO 2018 session on ‘Migrate your existing app to target Android Oreo and above’ given below https://www.youtube.com/watch?v=YyDnYaFtRS0&feature=youtu.be Unity partners with Google, launches Ml-Agents ToolKit 0.4, Project MARS and more Working with shaders in C++ to create 3D games GitHub for Unity 1.0 is here with Git LFS and file locking support  

Attacks exploiting operating systems and applications have been on an exponential rise in recent time. One such popular class of vulnerability is the Spectre, which exploits the speculative execution mechanism employed in modern processor chips and has recently targeted Intel, AMD, and ARM. The assumed dead exploit which resurfaced as a new variant of Spectre, SpectreRSB, was successful in exploiting the return stack buffer (RSB), a common predictor structure in modern CPUs used to predict return addresses. Spectre, which was first detected in January this year, has remained resilient. The Spectre variant 1, which Dartmouth claimed to resolve using its ELFbac policy techniques. The next one is the Spectre variant 2, which Google fixed using its Retpoline. Next to follow are the new data-stealing exploits, Spectre 1.1 and 1.2, detected just two weeks ago by Vladimir Kiriansky and Carl Waldspurger. And the most recent one in the headlines is the SpectreRSB. This spectre-class exploit, SpectreRSB, was revealed by security experts from the University of California, Riverside (UCR). They mentioned the details of this new exploit attack method in a research paper published by Arxiv, titled ‘Spectre Returns! Speculation Attacks using the Return Stack Buffer’ What is SpectreRSB? The SpectreRSB exploit relies on speculative execution, a feature found in several modern CPUs for optimizing computing performance. Due to the disparity between the potential speed of modern CPUs and memory, speculative execution occurs to keep efficiency at peak levels. However, to do so, the CPU is employed with running batch instructions. Once the instructions start, the CPU does not really check whether the memory accesses from the cache are accessing via a privileged memory. This exactly is the time for exploits to attack the system. As per the UCR researchers, SpectreRSB takes a slight detour from other similar attacks such as Meltdown. Rather than exploit the branch predictor units of CPUs or CPU cache components, SpectreRSB exploits the Return Stack Buffer (RSB). Researcher Nael Abu-Ghazaleh wrote, “To launch the attack, the attacker should poison the RSB (a different and arguably easier process than poisoning the branch predictor) and then cause a return instruction without a preceding call instruction in the victim (which is arguably more difficult than finding an indirect branch).” The paper says SpectreRSB also enables an attack against the Intel SGX (Software Guard Extensions) compartment. Here a malicious OS pollutes the RSB to cause a mis-speculation exposing data outside an SGX compartment. This attack bypasses all software and microcode patches on the SGX machine. How to Defend against SpectreRSB? Researchers stated that they reported SpectreRSB to companies that use RSBs to predict return addresses, which include Intel, AMD and ARM. Out of the three, AMD and ARM did not respond to a request for comment from Threatpost. However, in a reply to one of the statements in the Threatpost, an Intel spokesperson stated via an email, “SpectreRSB is related to branch target injection (CVE-2017-5715), and we expect that the exploits described in this paper are mitigated in the same manner.” He further stated that, “We have already published guidance for developers in the whitepaper, Speculative Execution Side Channel Mitigations. We are thankful for the ongoing work of the research community as we collectively work to help protect customers.” Following this, the UCR researchers stated that this newly found SpectreRSB cannot be prevented, using prior known defenses such as Google’s Retpoline fix, Intel’s microcode patches and so on. However, the researchers did mention the existence of a defense to mitigate against the SpectreRSB known as RSB stuffing. RSB stuffing currently exists on Intel’s Core i7 processors, starting from its Skylake lineup. With RSB stuffing, also known as  RSB refilling, every time there is a switch into the kernel, the RSB is intentionally filled with the address of a benign delay gadget to avoid the possibility of mis-speculation. Abu-Ghazaleh told Threatpost, “For some of the more dangerous attacks, the attack starts from the user code, but it's trying to get the OS to return to the poisoned address. Refilling overwrites the entries in the RSB whenever we switch to the kernel (for example, at the same points where the KPTI patch remaps the kernel addresses).  So, the user cannot get the kernel to return to its poisoned addresses in the RSB.” Read more about the SpectreRSB in its research paper. Social engineering attacks – things to watch out for while online Top 5 cybersecurity trends you should be aware of in 2018 Top 5 cybersecurity myths debunked  

Last week, Open AI’s new algorithm that is trained to play the complex strategy game, Dota 2, beat the world champion e-sports team OG at an event in San Francisco, winning the first two matches of the ‘best-of-three’ series. The competition included a human team of five professional Dota 2 players and AI team of five OpenAI bots. https://twitter.com/gdb/status/1117166996917870592 https://twitter.com/gdb/status/1117276770082775040 Dota 2 is a complex multiplayer strategy game, where two teams of five players each, compete to destroy a large structure that is defended by the opposing team known as the "Ancient", while also defending their own. The game consists of over 100 unique characters, deep skill trees, etc. The five Open AI bots had been trained using deep reinforcement learning techniques and had played 45000 years worth of Dota 2 gameplay in a span of 10 months. OpenAI constantly kept improving by playing itself in a virtual environment. During Dota 2, each team had to pick out of 17 heroes. In the first match, OpenAI used different aggressive tactics and human players managed to survive for more than 40 minutes. One such tactic used by the OpenAI bots involved spending the earned in-game currency to revive heroes upon death, during the start of the match. In the case of the second match, OpenAI’s performance got even better and gained an early edge against OG. Overall, it took less than 20 minutes for the AI to win against humans. The last round was won by the humans. This was the last planned public demonstration of OpenAI's bot, however, Open AI’s research team is now working on new software that allows humans to collaborate alongside the OpenAI Five software in real time. This will allow the team to learn from its unique strategies and patterns. OpenAI is also planning to release a platform, called Arena, that would allow the public to play against OpenAI Five. The platform will be open for three days from April 18th at 9 PM Eastern time. However, this collaboration may not be made available to the public. Apart from that Sam Altman, Co-founder, and CEO, OpenAI, is focussing on a different area of research, which involves making the AI adapt to work in less perfect simulators. Also, OpenAI is working on using reinforcement learning to provide robotic hands more human-like movement, reports the Verge. “What OpenAI is trying to do is build general artificial intelligence and to share those benefits with the world and make sure it’s safe. We’re not here to beat video games, as fun as that is. We’re here to uncover secrets along the path the AGI”, said Altman. Public reaction to the news is largely positive with people congratulating OpenAI for the win: https://twitter.com/LGDgaming/status/1117417389275086848 https://twitter.com/jackgrove2/status/1117211879485603842 https://twitter.com/felipempleite_/status/1117167661396430848 https://twitter.com/zittrain/status/1117205960152502272 OpenAI LP, a new “capped-profit” company to accelerate AGI research and attract top AI talent OpenAI introduces Neural MMO, a multiagent game environment for reinforcement learning agents OpenA’s new versatile AI model, GPT-2 can efficiently write convincing fake news from just a few words

In the era of cloud deployment and DevOps, cloud adoption has seen a steady rise since 2017. Forbes report state that global public cloud market will rise up to $178B in 2018, as compared to $146B in 2017, and it will continue to grow at a staggering rate of 22% compound annual growth rate (CAGR). Though all major cloud service providers offer a wide range of efficient services related to Security, it still remains a looming concern when it comes to cloud adoption. Service providers definitely try to address the major concerns with respect to security, but it is always advisable to have a tab on all the major cloud security threats that can haunt you. Following are the top 5 trending cloud security threats for 2018: Data breaches and losses As the name suggests, breach of any confidential data pertaining to personal information, health or financial information is termed as a data breach. US reported the highest number of security breaches (1579) in 2017, with the business sector accounting for 55% of it. Data breaches can be a primary objective of any malicious attack, or a result of poor security best practices. Data loss can be a result of any cyber-attack, natural disaster, or just an accidental deletion. The best way to avoid a data loss is to keep strong back-ups at different geographical locations. Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks This is one of the most popular forms of attack and very simple to execute for any cyber hacker. DoS is also trending in the Dark Web ecosystem, so it becomes even simpler for the attackers as a Dark Web service and can be availed easily by trading few cryptocurrencies. Some security countermeasures like implementing intrusion prevention system, or setting clear expectations with the ISP for clean bandwidth can help you to prevent DoS attacks to a limited extent. Also, DDoS as-a-Service, which has been popular since decades, remains trending even in 2018. GitHub experienced the biggest-ever DDoS attack with an intensity as big as 1.35Tbps via 126.9 million packets per second. Insecurity in APIs Application Programming Interface (APIs) is a set of software user interfaces that is provided by cloud service providers, so that user can interact with the cloud environment. Exploiting an API vulnerability attack is the best way to gain access to all the confidential information, hence it needs to be secure thoroughly. A critical vulnerability discovered in a popular browser extension i.e grammarly is a perfect example of threat posed by insecure APIs.  API testing methodology is considered an effective way to secure cloud APIs before they go live. We can also perform API change reporting on a regular basis to ensure API security. Lack of secure Identity and Access management Attackers masquerading as developers, users, and operators can read, modify or miss-use the data on cloud. Hence lack of secure credentials, or access management can lead to a breach of information through unauthorized access to data and potentially leading to a big loss to the organization. A critical flaw was discovered CYBERARK Enterprise Password Vault application which allowed the attacker to gain unauthorized access to the system and data. Malware attacks 2017 was the year for malware attacks with popular malwares like Ransomware, Petya, Meltdown and Spectre disrupting the entire security mechanism of many organizations. This has affected everything, right from smartphones to servers and continues to be a looming threat for cloud as well. There are minor patch works that can be implemented to prevent these attacks, but they seem to degrade the performance of cloud servers to a great extent. Having a close eye on these security vulnerabilities will help you secure your cloud solutions and ecosystems. With machine learning based cyber attacks and hacking becoming bolder and more common, it is not enough to stay current in your knowledge of these threats and cyber security solutions available in the market. To learn how to secure your cloud environments, you can get your hands on a few of our books;  Mastering AWS Security, Cloud Security Automation, and Enterprise Cloud Security and Governance. Check out other latest news: Vevo’s YouTube account Hacked: Popular videos deleted Cryptojacking is a growing cybersecurity threat, report warns