Data scientists are in line for the biggest pay hikes among data/data administration pros
Starting salaries for big data pros will continue to rise in 2017 as companies jockey to hire skilled data professionals.
Recruiting and staffing specialist Robert Half Technology studied more than 75 tech positions for its annual guide to U.S. tech salaries, including 13 jobs in the data/data administration field.
In the big picture, starting salaries for newly hired IT workers are forecast to climb 3.8% next year. (See also: 14 hot network jobs/skills for 2017)
In the data world, the highest paying title is big data engineer; these specialists can expect starting salaries ranging from $135,000 to $196,000. The biggest raise is projected for data scientists, who can expect a 6.4% boost in 2017.
Here are 13 data-related roles poised to gain pay bumps next year. Note: Only base salaries are calculated. Totals don’t include bonuses, equity awards or other compensation elements.
Big data engineer 2017 salary range: $135,000 - $196,000 Raise: 5.8%
Data architect 2017 salary range: $131,250 - $184,000 Raise: 4.1%
EDI specialist 2017 salary range: $77,500 - $118,750 Raise: 2.2%
Robert Half Technology also singled out four skills that can boost a data pro’s salary potential. Job candidates with Microsoft SQL Server database skills can expect to see an 8% bump in salary, and those with Hadoop skills can earn an additional 7%. Oracle database skills will deliver a 6% salary increase, and ETL skills also will boost salaries by 6%.
The full report is available for download here.
This story, "Big data salaries set to rise in 2017" was originally published by Network World.
Nikola will even use solar-power generated hydrogen fuel to run its manufacturing plant
After announcing earlier this year that it is building a 2,000 horsepower, hybrid semi-trailer truck, the Nikola Motor Co. revealed today that it will instead power the truck with a hydrogen fuel cell power system.
The custom-built, hydrogen-electric, 800-volt fuel cell 18-wheeler, a class 8 rig that will be able to haul 80,000 lbs., will be more powerful than any other production diesel truck on the road, the company said.
Nikola Motor Co.
The Nikola Motor Co. had been offering 100,000 gallons of free natural gas for the first 5,000 reservations for the Nikola One. The company has already received 7,000 reservations.
Nikola Motor founder and CEO Trevor Milton also announced that the electric class 8 semi-truck, dubbed "Nikola One" will be unveiled Dec. 2 in Salt Lake City. The truck will retail for $375,000, which is nearly double the price for a standard diesel semi-trailer. The company said it will offer a leasing plan that will run from $4,000 to $5,000 per month, depending on the configuration and options a customer chooses.
The semi-trailer was originally to sport a 320 kilowatt hour (kWh) lithium-ion battery pack, along with a 150-gallon fuel-agnostic turbine, which could be configured to run on various kinds of fuel, including diesel or petroleum. The standard model was to have a natural gas tank. The company had not responded to a request for further information about fuel options at the time of this article's posting.
In May, Nikola began taking $1,500 refundable reservations for the Nikola One, offering 100,000 gallons of free natural gas to the first 5,000 trucks reserved. The natural gas was to be retrieved through a network of compressed natural gas (CNG) stations throughout the U.S.
By June, the company said it had more than 7,000 paid reservations that would translate into $2.3 billion in truck sales when it ships.
Nikola Motor Co.
The interior of the Nikola One semitrailer.
As a hydrogen fuel cell-powered tractor-trailer, it will still be an electric vehicle. The hydrogen fuel cells generate electricity, which power the vehicle's electric motor. While the Nikola One will have up to 2,000HP, most of the time it will likely only need 400HP to 500HP to haul its loads.
"The reason for the horsepower increase is that with electric motors, you only use what you need, unlike a diesel engine, so most of the time, you will only need 400 to 500 horsepower out of the 2,000 HP," a spokesperson for Nikola Motor Co. said in an email reply to Computerworld. "You don't waste any energy that you don't use with electric motors. But when going up a hill ... with the extra horsepower, the electric allows you to climb to full speed limit."
Nikola Motors also claims the truck will achieve nearly 20MPG of hydrogen fuel with zero emissions under full load, surpassing all the government mandates set forth for the next 10 years, including the Environmental Protection Agency's recently announced Phase 2 GHG standards. The new standards, which begin in the model year 2021 and culminate in standards for model year 2027, would require fuel consumption of tractor trailers to drop as much as 24%.
The Salt Lake City startup also plans to produce hydrogen fuel via its own zero emission solar farms. The solar farms are expected to produce more than 100 megawatts of power each and will use electrolysis to create hydrogen from water.
"Even our manufacturing facilities will be run off zero emission hydrogen energy," Milton said in a statement. "The desire to be 100% emission free in the U.S. and Canada is a critical piece of our long-term engineering and environmental efforts, not just in vehicle energy consumption, but also in how energy is produced."
Nikola plans to have a nationwide network of more than 50 hydrogen stations for customers to begin fueling by 2020. This will make Nikola Motor Company the first company in the world to be 100% emission-free from energy production to transportation to consumption, according to Milton.
"Say goodbye to the days of dirty diesels and after treatment in the heavy duty class 8 market," Milton said.
This story, "Nikola Motor shifts from all-electric, 2,000HP 18-wheeler to hydrogen fuel cells" was originally published by Computerworld.
Zuckerberg says satellite will go up later this week, bring Internet connectivity to parts of sub-Saharan Africa
Facebook will launch a satellite later this week that executives hope will bring Internet connectivity to parts of sub-Saharan Africa.
Facebook co-founder and CEO Mark Zuckerberg mentioned the launch during a town hall discussion in Lagos, Nigeria with developers and members of the Facebook community.
While talking about building an infrastructure that would enable people anywhere in the world to access a signal, Zuckerberg said Facebook is launching a satellite to beam down connectivity.
"If you want to connect everyone in the world, then making sure that everyone has access to the Internet is a really important thing," Zuckerberg told the group in Nigeria. "It turns out that across the world, more than half of people don't have access to the Internet. Here in Nigeria that's true too."
In a visit to Africa largely focused on spurring entrepreneurship and developers, the Facebook CEO said he's been inspired by what the people he has met this week are trying to build, like the LifeBank app that is focused on mobilizing, inventorying and delivering blood donations.
"Whether what you care about is connecting people with their friends and family or helping people start business, the Internet is one of the most fundamental parts of infrastructure that needs to exist," he said.
SpaceX, one of the companies that launches cargo ships to the International Space Station, is set to launch the satellite for Facebook at 3 a.m. ET Saturday from Cape Canaveral Air Force Station in Florida.
Facebook is using space on the Amos 6 communications satellite, owned by Israeli-based Spacecom. The satellite is launching on the SpaceX Falcon 9 rocket.
The effort would fit with the company's expansive efforts to bring Internet connectivity to more of the world. Facebook executives frequently note that about 4 billion people around the globe - or 60% -- lack access to an Internet connection.
And for several years now, Facebook, along with rivals like Google, has been developing technologies to spread connectivity to rural and poor areas around the world.
Just this summer, Facebook announced that it had completed its first full test of a high-altitude, solar-powered, unmanned aircraft that beams Internet connectivity down to Earth using laser technology.
For the past three years, Facebook has been working with an organization it helped to create, initially called Internet.org and then renamed Free Basics.
This story, "Facebook to launch Internet connectivity satellite" was originally published by Computerworld.
Months earlier, the Transmission BitTorrent client was found distributing Mac-based ransomware.
A popular BitTorrent client called Transmission has again been found distributing Mac-based malware, months after it was used to spread a strand of ransomware.
Researchers at security firm ESET have been following a malware called OSX/Keydnap, which can steal passwords, and noticed that it was spreading through Transmission’s official site.
Somehow, a version of the BitTorrent client containing the malware had been recently made available on the site, ESET said in a blog post on Tuesday.
Transmission has already removed the download, according to ESET. But users who downloaded the client between this past Sunday and Monday should check for signs that their Mac has been comprised.
In addition to stealing credentials, the Keydnap malware functions as a backdoor program that can allow the hacker to execute remote commands on the Mac, including file downloads.
ESET published details on the malware in July, but the security firm wasn’t sure how it was being spread. “It could be through attachments in spam messages, downloads from untrusted websites, or something else,” the company said at the time.
Although Transmission didn’t immediately respond for comment, the developer is investigating the issue, according to ESET. However, earlier this year, the BitTorrent client was also found spreading a Mac-based ransomware called KeRanger.
ESET noted the similarities between the two attacks.
“In both cases, a malicious block of code is added to the main function of the Transmission application,” ESET said. “The code responsible for dropping and running the malicious payload is astonishingly the same.”
Like KeRanger, the Keydnap malware was also spread through a Transmission client that was signed with a legitimate Apple developer’s certificate. This can help it bypass Apple’s malware detecting feature Gatekeeper.
While it isn't clear why Transmission was distributing the malware, its possible the site may have been hacked, and then uploaded with a tainted version of the BitTorrent client.
ESET has already notified Apple about the compromised developer certificate. The security firm’s products will also detect and remove the Keydnap malware.
Sonos is giving its speaker experience a boost with app improvements, deeper Spotify integration, and Alexa's assistance.
Sonos speakers are already top of the line in their price class when it comes to sound, but the company has bigger ambitions—it wants to connect your entire home. So its next big play isn’t a new speaker, it’s a fresh way to interact with the speakers you already own. The company is integrating Amazon’s Alexa digital voice assistant to give you new power over your tunes.
Sonos says it’s is hyper-focused on making a killer software experience with help from its partners, pointing to the Apple Music integration that launched earlier this year as an example. That project benefited both Sonos and Apple as well as both companies’ users. At a New York city press event on Tuesday, Sonos announced a slate of improvements to the software experience that will make its speakers even easier to use.
Hey, Alexa
The first is voice control. Amazon opened up Alexa to third-party hardware manufacturers last summer, so their devices can gain voice control without the years of back-end development that would be required otherwise. Starting next year in a public beta, Sonos speaker owners who also have Amazon Alexa-enabled devices—the Echo, Tap, or Dot—will be able to control their speakers using the “Hey, Alexa” voice command. You’ll be able to play, pause, and skip songs, and also choose which Sonos speaker in your home to jam to. Sonos will start a private beta of that feature later this year.
The second is a deeper partnership with Spotify that will enable subscribers to that service to control the music playing on their Sonos speakers directly from the Spotify app, as opposed to controlling Spotify from the Sonos app as must be done today. You’ll be able to easily transition from streaming tunes in your headphones to playing them out loud in your living room without having to switch apps and without even using Wi-Fi. Sonos’s vice president of software, Antoine Leblond, said that more than 50 percent of Sonos owners stream Spotify content, so expanding the six-year partnership between the streaming music service and the hardware company makes perfect sense. The new feature goes into beta this October.
Sonos just celebrated its 14th birthday with 10 products in its line-up.
“That Sonos speaker you bought years ago continues to get better and better with software innovation,” Sonos’ chief commercial officer, Patrick Spence, said at Tuesday’s press event.
“We see two new trends that have allowed us to start to move into a new era,” Spence said. “The first trend is the explosive growth in paid streaming. We believe by 2020, more than one billion people will be paying for streaming music. The second trend we see is the rise of the connected home. By the year 2020, we expect there will be 25 billion connected-home device sales. We see these two trends affecting the evolution of where the home is going. Sonos is going to be the sound platform for the connected home.”
Those major Sonos improvements are a little ways off, but on Sept. 7, Sonos says it will roll out an app update with a roster of smaller but still necessary tweaks, including easier song queuing. We’ve been using the beta version and can say it will be a major improvement to an already strong app.
The Chromebook Pixel 2's reign is over, and it's not clear what will replace it.
Swirling rumors about a Google Pixel refresh just received a possible shot in the arm.
Google recently listed the $1,300 Chromebook Pixel 2 as out of stock on the Google Store, and other retailers appear to be discontinuing the laptop as well. The end of the $1,300 Chromebook Pixel 2 comes four months after Google discontinued the $1,000 version in April.
Google told Venture Beat, which first noticed the end of the Chromebook Pixel 2, that the expensive Chrome OS laptop was discontinued. “We’re committed to the Pixel program but we don’t have plans to restock the Pixel 2,” a Google spokesperson told the site.
Whether that means a Chromebook Pixel 3 is on its way will now be the subject of speculation—including right here, right now. In June, OMG Chrome came across a job listing that (very loosely) suggested the company was working on a new Pixel. The listing advertised for a Quality Engineer for the Chromebook Pixel team who would be “part of shaping Google’s next game-changer.”
That next “game-changer” could mean a new Chromebook Pixel, or it could mean another Pixel Android tablet created by the same team. In fact, if you want to really go off the rails the next Pixel could be a Chromebook tablet—Play Store support, anyone?—for all we know.
Complicating matters, Google doesn't have a regular schedule for releasing Pixels—at least with two versions released so far. The Pixel 2 came out in April 2015, succeeding the original Pixel, which was released in March 2013. If that suggests a pattern then we shouldn’t count on seeing a Pixel 3 until the spring of 2017.
It's a quick way to find an airline membership number, a recent contact, or other refinements like attachments.
Google’s Inbox app is getting a few new drops of machine learning. A new search experience is appearing for many users that categorizes some of the items you may want to find, such as frequent contacts, your accounts with various companies, and other categories that may better offer up what you’re looking for.
The most useful function is with the airline companies that appeared in my Inbox, as I could tap them and see my membership number right away. Other options would pull up recent emails, which could be helpful for tracking down a previous bill.
There’s been no announcement from Google, and not all users are seeing the new interface, so this could be an A/B test.
There’s no update required, so just fire up Inbox and touch the search icon at the top right of the screen and see what shows up. If this is your first foray with Inbox, check out some of our tips and tricks to get the most out of Google’s smart Gmail app.
Why this matters: Inbox is the future of Gmail. Google sees it as a place to serve as a hub for not just messages, but reminders, web links, and important details about your online accounts. It’s a concept worth embracing, as long as you’re alright with one company storing a lot of information about you.
For comprehensive coverage of the Android ecosystem, visit Greenbot.com.
Dell will complete its multibillion-dollar acquisition of EMC next week
Dell will complete its acquisition of EMC on Sept. 7, ending nearly a year of approvals and decades of history for the two companies that will combine to become Dell Technologies.
The mammoth deal was announced last October with an estimated value of US$67 billion. The companies recently crossed their last regulatory hurdle when China’s Ministry of Commerce signed off on the deal.
Buying EMC and its federation of related companies will make Dell a stronger player in key areas that include software-defined data center, converged infrastructure, hybrid cloud, and security, Dell Technologies Chairman and CEO Michael Dell said in a press release.
It will be the only company selling everything from edge devices to core data centers and cloud infrastructure, he said earlier this year. Dell Technologies’ major competitors will include Hewlett Packard Enterprise, IBM, and Cisco Systems.
The new enterprise company will be called Dell EMC, while the consumer PC business will continue to be called Dell. VMware, which is majority-owned by EMC, will continue to also be publicly traded. Dell is privately held.
Michael Dell founded the company that would bear his name in 1984 when he was a college student assembling PCs. EMC began in 1979 and grew into the world’s largest independent enterprise storage vendor, along the way acquiring VMware, security vendor RSA, and cloud infrastructure player Pivotal.
EMC Chairman and CEO Joe Tucci, who has run the company since 2001 and is one of the longest-serving chief executives in technology, is expected to retire after the close of the deal.
Customers are up in arms, and the FCC must finally draw the lines with open internet regulations
New "unlimited data" plans from T-Mobile and Sprint seem at first blush to be a win-win for customers, but not only could subscribers ultimately wind up paying more for less, the plans clearly violate net neutrality principles. The FCC, meanwhile, has taken a glacial pace in reviewing these and similar offerings from mobile carriers.
CEO John Legere promised that the T-Mobile One plan unveiled last week will "turn the wireless industry on its head." It also seems to turn back the clock on the open internet.
The plan does away with tiered data caps and offers customers unlimited data. Great! Except by "unlimited" the company actually means 26GB, after which data speeds are throttled, and video streams are downgraded to 480p by default.
Sprint subsequently unveiled its Unlimited Freedom data plan, which goes even further by reducing bandwidth for video, gaming, and music.
T-Mobile's Binge On program, introduced last year, also reduced video quality from 1,080p to 480p; in return, streaming from participating services like Netflix and Hulu didn't count against customers' data caps. This zero-rating scheme was questioned by net neutrality advocates at the time and has been the subject of an ongoing -- and inconclusive -- review by the FCC. (Countries like India, Japan, and The Netherlands have already banned zero rating as anticompetitive.)
However, T-Mobile customers who wanted better video definition could opt out of Binge On whenever desired, whereas T-Mobile One downgrades all video streaming by default.
But fear not: T-Mobile customers who want to view video in high definition can still have that experience -- by paying $25 more per month per line. In other words, T-Mobile One subscribers pay a $25 fee for the privilege of turning off Binge On.
"From what we've read thus far it seems like T-Mobile's new plan to charge its customers extra to not throttle video runs directly afoul of the principle of net neutrality," Electronic Frontier Foundation senior staff technologist Jeremy Gillula told Daily Dot.
T-Mobile's new plan will also cost more if you want to tether your phone to another device. T-Mobile One limits tethering to 2G (128Kbps) speeds by default; tethering speeds that are actually usable will cost customers an additional $15 per month for up to 5GB.
So much for "unlimited." At least Sprint's new plan includes a tethering allowance of 5GB.
"Limiting the speed of tethered traffic and throttling video are both practices that violate the FCC's rule against throttling and the principle of net neutrality," Electronic Frontier Foundation Staff Attorney Kit Walsh said in a statement to WirelessWeek.
While the "no throttling" rule allows for "reasonable network management," Walsh told WirelessWeek the fact that T-Mobile is charging customers to avoid throttling "demonstrates that the limitations are being put in place not out of technical need, but for business reasons."
Net neutrality advocates have repeatedly warned that allowing carriers to fiddle with service quality sets a horrible precedent. After all, what's to stop them from charging more for unthrottled access to other types of data? TechDirt warns:
Folks with even the faintest tea leaf reading ability should be able to envision one possible future where all broadband access is fragmented and fractured ... [with] users paying more or less for varying qualities of different content and services. This was the sort of thing net neutrality rules were designed to help us avoid.... Groups like the EFF (quite correctly) worry T-Mobile is happily chipping away at the very foundation of an open internet ... to thunderous public applause.
Perhaps not so thunderous anymore. While T-Mobile has had impressive success with previous Un-carrier initiatives, T-Mobile One may be a tougher sell -- especially to existing customers. Less-than-thrilled subscribers have taken to Reddit to vent their displeasure with the "evil" and "disgraceful" new plan. "This sucks, plain and simple. There's no positive here. This just sucks," SilverIdaten commented.
Meanwhile, in the Twitterverse, Droid Life tweeted, "T-Mobile introduced a pretty bad ‘unlimited' plan today." And DreamHost's vice president for cloud and development Jonathan LaCour said: "Up until the introduction of #TMobileONE, I've been a huge advocate for @TMobile to friends and family. No longer. Awful, hostile shift."
This was probably not the reaction Legere had in mind when he gushed that "we're going to completely rethink the customer experience."
Perhaps now that the bloom is coming off Un-carrier innovation, the FCC will have more of an incentive to push back on schemes that "tap dance over, under and around" net neutrality rules.
Legacy ciphers such as triple-DES and Blowfish are vulnerable to Sweet32 attacks, which let attackers decrypt HTTPS sessions even without the encryption key
There is now a practical, relatively fast attack on 64-bit block ciphers that lets attackers recover authentication cookies and other credentials from HTTPS-protected sessions, a pair of French researchers said. Legacy ciphers Triple-DES and Blowfish need to go the way of the broken RC4 cipher: Deprecated and disabled everywhere.
Working with the Sweet32 attack, researchers were able to take authentication cookies from HTTPS-protected traffic using triple-DES (3DES) and Blowfish and recover login credentials to be able to access victim accounts, said Karthikeyan Bhargavan and Gaëtan Leurent of INRIA in France. The attack highlights why it is necessary for sites to stop using legacy ciphers and upgrade to modern, more secure ciphers.
"We show that a network attacker who can monitor a long-lived Triple-DES HTTPS connection between a web browser and a website can recover secure HTTP cookies by capturing around 785GB of traffic. In our proof-of-concept demo, this attack currently takes less than two days, using malicious JavaScript to generate traffic," said Bhargavan and Leurent. They are expected to present the full paper in October at the 23rd ACM Conference on Computer and Communications Security.
Sweet32 is a collision attack against triple-DES (3DES) and Blowfish in cipher block chaining (CBC) mode. In CBC mode, input collisions lead to XOR of two message blocks. When lots of message blocks are encrypted with the same key in this mode, collisions become more likely, which leads to getting the contents of two different message blocks as output. Attackers can target a victim's authentication cookie by luring them to a malicious site and injecting JavaScript into the victim's browser. JavaScript repeatedly sends HTTP queries to a site the victim is logged into, and each request will include the authentication cookie.
The researchers found that if the attackers send at least 232 queries and capture all the requests, they will eventually see a collision and be able to recover the contents of the cookie.
"An important requirement for the attack is to send a large number of requests in the same TLS connection. Therefore, we need to find client and servers that not only negotiate the use of Triple-DES, but also exchange a large number of HTTP request in the same TLS connection (without rekeying). This is possible using a persistent HTTP connection, as defined in HTTP/1.1 (Keep-Alive). On the client side, all browsers that we tested (Firefox, Chrome, Opera) will reuse a TLS connection as long as the server keeps it open," the researchers said.
Blowfish and 3DES are still supported in TLS, IPsec, SSH, and other protocols and well-known sites such as Nasdaq.com and Walmart.com still support these legacy ciphers. The majority of OpenVPN connections and between 1 and 2 percent of the internet's traffic may be susceptible to Sweet32, the researchers estimated. The implementation used in OpenSSL is also affected, although the OpenSSL maintainers claimed the attack did not expose a critical weakness.
OpenVPN 2.3.12 comes with a warning about Blowfish weaknesses and secure configuration advice for dealing with Sweet32. OpenSSL 1.0.2 and 1.0.1 will move 3DES from the HIGH keyword to MEDIUM keyword and support it by default, the newer OpenSSL 1.1.0 will no longer compile the cipher as part of the default build. Administrators wanting to use the legacy cipher in OpenSSL 1.1.0 will need to use the enable-weak-ssl-ciphers configuration option, and even then, the cipher is allowed only in the MEDIUM keyword. Major browsers makers are making changes that would prioritize more secure ciphers over 3DES.
The techniques and principles used to craft the attack are well-understood in cryptographic circles. The researchers reduced the complexity and time needed to execute the attack.
"While the principles behind this attack are well known, there's always a difference between attacks in principle and attacks in practice. What this paper shows is that we really need to start paying attention to the practice," wrote Matthew Green, cryptography expert and professor at Johns Hopkins University.
Simply because the attack is possible doesn't mean it is particularly easy to carry out. For Sweet32, the attacker needs to be able to monitor traffic passing between the user and a vulnerable website, as well as control JavaScript on a web page loaded by the user's browser. It would take about 38 hours to collect hundreds of gigabytes of data necessary to decrypt the authentication cookie. This attack outlook is very much a laboratory scenario, but it's a good reminder that eventually these attacks will become easier to carry out.
Enterprises and developers should treat 3DES and Blowfish in the same way they treat RC4: stop using it. The complexity of Sweet32 is comparable to recently developed attacks against RC4, the researchers said. Researchers developing more ways to attack RC4 sped up its deprecation. Major web browsers no longer support RC4, and major websites such as Gmail have entirely deprecated the cipher.
Developers should stop using legacy 64-bit block-ciphers altogether. In the case of Sweet32, that means disabling the Triple DES symmetric key cipher in TLS and retiring Blowfish in OpenVPN. Ciphers with larger block sizes, such as AES, are immune from Sweet32. Server administrators can also disable shorter ciphers entirely. This would affect a small number of users who are still relying on older hardware and software.
There is no need to wait till the attackers are easy and cheap to execute to get rid of weak and vulnerable cryptographic ciphers. Just as there is a concerted effort to ditch RC4, other 64-bit ciphers also need to go.
Meizu's upcoming phone pictured, tipped to carry a $270 price tag
As we already know, Meizu is holding a smartphone launch event on September 5. While there's no official information on the device that will be unveiled, invites for the event suggest that the phone is aimed at business users.
Now, we got the first pictures of the device along with reports that it will cost RMB 1,799 (around $270).
The source of the pricing information is Meizu's voice assistant - when asked "What product will Meizu release on September 5," the voice assistant says 1,799.
Needless to say, it's just an assumption that the figure 1,799 is the price of the phone in RMB, so take this rumor with some suspicion.
Rumors say a phone dubbed Meizu Max will be announced on September 5. Although nothing much is known about the device, the name suggests that it would be a competitor to Xiaomi's Mi Max, which, for comparison, was priced in the RMB 1,500 - RMB 2,000 range at launch.
Lenovo Yoga Tab 3 Plus leaks, details improvements for flexible tablet
Lenovo's Yoga tablets are great for home use - built-in kickstand, big battery, powerful speakers and other perks. There's a new one coming, the Lenovo Yoga Tab 3 Plus 10, and the leak points to a massive upgrade over the regular Tab 3.
The 10" screen will have 2,560 x 1,600px (16:10) resolution (up from 1,280 x 800px) and it's a quality IPS panel. It's powered by a Snapdragon 650 (up from a 210!) with 3GB of RAM and 32GB storage (expandable), running Android 6.0.
Lenovo Yoga Tab 3 Plus 10 (leaked images)
There's no built-in projector in this generation, but you do get JBL speakers with Dolby Atmos, a big 9,300mAh battery for up to 18 hours of use and, of course, the 3 position kickstand. The swivel camera has been replaced by a traditional 13MP snapper.
Lenovo Yoga Tab 3 Plus 10 (leaked images)
With all these enhancements, the Lenovo Yoga Tab 3 Plus 10 is expected to cost about €100 more than a 32GB non-Plus model - €350 for the Wi-Fi model and €400 for the LTE one.
The BlackBerry DTEK50, which has been officially available for purchase in Canada for nearly a couple of weeks now, can now also be purchased through most of the major carriers in the country.
Bell, Telus, Wind, SaskTel, Rogers, and Videotron are all now selling the Android-powered phone. The no-contract pricing seems to be pretty consistent across the carriers (with almost all of them offering the device for CAD 450), except for Videotron, which is selling the phone for CAD 430.
Looks like the Motorola Moto E3 Power with 3,500mAh battery - which recently went on sale in Hong Kong - may soon land in India as well. The company's India subsidiary has been teasing a big battery phone on Twitter this week.
Adding weight to this is the fact that the Moto E3 Power has also been spotted on India's import and export tracking website Zauba. The listing reveals that thousands of units of the device have been imported into the country.
The Motorola Moto E3 Power is powered by a MediaTek MT6735P chipset and sports a 5-inch 720p IPS touchscreen. It comes with 2GB RAM and 16GB storage, and packs in a large 3,500mAh battery. In terms of camera, it features an 8MP rear unit and a 5MP front shooter. The phone offers support for 4G LTE and dual-SIM, and runs Android 6.0.1 Marshmallow.
New Xiaomi Mi Note 2 leak confirms SD821 SoC, curved display, and dual-camera setup
A new set of leaked images alleged to be of the Xiaomi Mi Note 2 have leaked online, confirming some of the key design aspects as well as specs that have already been rumored earlier.
The following images confirm that the device sports a curved display, with rumors saying that there will be two editions: one with 1080p resolution and other with QHD.
Another leaked image (shown below), which looks like an official one, reveals dual rear-camera setup, and specs like 5.5-inch OLED screen, all-metal body, 6GB/128GB memory configuration, and Snapdragon 821 chipset.
Sadly, there was no word on how much the device will cost and when it will be made official.
No new Mate series phone at September 1 event, Huawei executive says
We already know that Huawei is holding an event on September 1 where the company will announce new smartphones. While we were expecting a successor to last year's Mate 8, a company executive has now revealed that no new Mate series smartphone will be unveiled at the event.
The executive confirmed that the Chinese company will instead make official a phone from an entirely new mid-range series, although he didn't provide anymore details about the device or the new series.
If you recall, recently, there have been rumors that Huawei could possibly launch a smartphone geared towards women at IFA next month. An image leak (shown below) of the device - dubbed Nova - revealed a very large volume rocker.
As for Mate series, he said that the company will unveil new phones in around a couple of months.
Huawei Honor 8 is now available for purchase in US
The Honor 8, which was officially announced by Huawei for the US market last week, is now available for purchase in the country. The unlocked variant of the device is now listed on the HiHonor US online store.
As for price, the phone carries a tag of $399.99. Those who register on the website will also get a $50 coupon. While the device comes in white, gold, black, blue, and pink color options, only the white model is currently up for grabs.
In case you missed, the phone has also made it to other regions worldwide, including Europe, the Middle East, and Russia.
AT&T Samsung Galaxy S5 Active gets Marshmallow update
If you are still rocking a Galaxy S5 Active and are going to do so for a while at least, you have a reason to rejoice. AT&T has finally released the Android Marshmallow 6.0.1 update for the phone.
Shortly following the update for the standard AT&T S5, the update for the S5 Active is identical and comes in a solid year after Google announced it and just in time to be only one version behind the latest version of Android.
The list of updates include everything included in Android Marshmallow, along with Wi-Fi calling, video calling, and Android security updates.
Start strengthening your wrists if you plan to carry it around often.
Dell recently refreshed its Inspiron notebook line with a new batch of 2-in-1s that come in a variety of configurations and sizes. Within the line’s flagship 7000 series, the 17-inch models are held up as “high-performance,” compared to their 13- and 15-inch kin. Here we review the Inspiron 17 7778, which is one rung down from the top of the heap and retails for $1,149. The only difference between this config and the top dog is that our unit has both a 128GB SanDisk SATA SSD for the OS and a 1TB 5,400rpm hard drive for data, whereas the more premium model comes with a lone 512GB SSD for an extra $200.
The build
The 17-inch model is notable since it’s a new addition to the 7000 series and, despite its large footprint, still offers 2-in-1 functionality, in theory at least. It has a 360 degree hinge so you can flip the screen all the way back to use as a tablet, a mode that requires considerable arm strength. Luckily you have the option of setting the device down in “tent mode,” which is actually quite usable at this large size.
Aside from its convertability, the 17-inch model has moderately high specs and is also reasonably thin for a desktop-replacement notebook. It’s a bit chunky at six pounds, but that’s a pound less than the curvaceous HP Envy 17. Its curved aluminum chassis makes it feel thinner than its .8-inch profile. To put its size in context, the super-thin Dell XPS 15 is .66-inch thick, so the Inspiron is just a tad more substantial.
The whole reason for a notebook this big is to have an ample display, and Dell has endowed this Inspiron with a beautiful 1920x1080 screen that includes touch functionality. Initially we figured a display this size would be 4K, but alas it’s just Full HD. Still, it looks sharp and there are certainly no scaling issues. Since the notebook is outfitted with a modest Nvidia GTX 940MX mobile processor, the panel is a suitable match.
Keyboard, trackpad, audio, and ports
The full-sized keyboard is backlit with white light that looks subtle and effective. It makes working in low light easy. Furthermore, the keyboard itself deserves praise. The keys don’t have a ton of travel, but their feel, which is sort of soft and squishy, belies the shallowness of the notebook’s surface. The trackpad, for its part, is one of the best we’ve used. Its matte surface feels good and is very accurate.
We were even more impressed by this Inspiron’s sound system, which is simply phenomenal. We couldn’t believe how loud it was and the amount of bass it produced, which could be felt a foot away. Dell hit it out of the park with the speakers for sure; it’s a surprising delight in a notebook that makes no claim to multimedia prowess.
Connectivity takes a “one of everything” approach: one USB 2.0 port, one USB 3.0 port that lets you charge or use connected devices when the laptop is sleeping, and one USB C port. There’s also an HDMI 1.4a port and an SD card reader. Yes, it checks all the boxes, but just one USB 3.0 port is skimpy.
Nicely, almost all of the internal parts can be swapped out should you choose to upgrade. The M.2 SSD, hard drive, memory, and wireless card are all easily accessible once you remove the back panel via 12 small screws. The panel pops off with little fuss and swapping out the parts is straightforward.
Performance
For everyday work, this Inspiron handles itself just fine. At the heart of everything is an Intel Core i7-6500U, a Skylake CPU with two cores and Hyper-Threading that runs at 2.5GHz stock and can boost to 3.1GHz. It’s paired with 16GB of DDR4 memory, and graphics power is provided by a discrete Nvidia GTX 940MX module that has a tiny 64-bit memory bus and 384 shader cores. It’s a low-end part that’s only useful for light gaming, but it still offers a lot more muscle than integrated graphics.
Let’s dig into the numbers.
CPU Performance
To test CPU performance, we run Cinebench R15, which puts the hurt on a chip by rendering a 3D scene. It’s pure computational athletics, and the more cores you can throw at the test, the better. Since the Inspiron 17 is only rocking four logical cores, it’s hamstrung by having just half the cores of pricier competitors, like the Dell XPS 15. The trade-off is that it costs about half as much. We also doubt anyone would buy this notebook to perform 3D rendering. Nevertheless, this test is useful for telling us if a notebook’s CPU is performing as expected.
PCWorld
The Inspiron hit a score of 283, which is in line with our expectations for a quad-core (a la Hyper-Threading). It’s almost the exact same score we saw from the HP Spectre 13.3, which uses the same processor. Compared to notebooks with eight logical cores, however, the Inspiron’s score is roughly half their capability, demonstrating how this test scales with the number of logical cores available.
Handbrake Performance
To test the Inspiron’s video editing capabilities we had it chew its way through a 30GB video file, converting it to the Android-friendly MP4 format. This takes quite a while and taxes the CPU 100 percent.
PCWorld
The Inspiron took 107 minutes to complete the task, which is about 50 minutes longer than a system with eight logical cores, once again, but surprisingly faster than the HP Spectre with the same CPU. It also spanks Core m systems and even a Core i5 notebook like the Toshiba Portege Z30-C.
Office Work
We test a machine’s capabilities in the cubicle world by running PCMark’s “Work” benchmark, a collection of tasks you’d do as a desk jockey. It includes video conferencing, spreadsheets, getting coffee, etc. Any modern machine will be able to tear through this test like an accountant through a stack of TPS reports.
PCWorld
Once again the i7-equipped Inspiron performed well, barely eclipsing the HP Spectre and knocking on the door of far more expensive notebooks that also have faster SSDs, such as the Asus Zenbook Pro. It also beat the Samsung Notebook 9, which sports a Core i5-6200U.
Gaming Performance
As we said earlier, the GeForce GTX 940MX is a low-end GPU, albeit a lot better than integrated graphics. If you’re looking for a gaming notebook, you’ll want to look elsewhere.
PCWorld
To give you an idea of where the Inspiron stands, its score on 3DMark’s Sky Diver test was about half what we saw from the GTX 960M-equipped Dell XPS 15, but double what you can expect from a system with integrated graphics, like the HP Spectre 13.3. Overall, that’s not too shabby.
Battery Life
One of the benefits of huge laptops is that they usually hold huge batteries, but with the current trend of thinner-and-lighter, battery size often takes a backseat. With a laptop this size, which isn’t likely to be used for regular or extended travel, that might not be such a big deal.
PCWorld
Dell says this particular configuration of its Inspiron 17 is good for up to 7 hours, 25 minutes, which is a decent runtime for a notebook of any size. Unfortunately, in our 4K video rundown test we only achieved roughly 4.8 hours, or 293 minutes. That’s still respectable for a notebook that might be moved from room to room, and it will certainly get you through a movie or two on a long flight—of course, whether this notebook would even fit on a tray table is a different story.
Conclusion
Overall the Inspiron 7000 package is quite effective, though it’s questionable whether a 2-in-1 format makes sense on a device this size. Still, it’s nice to have that as an option. Because the 17-inch form factor has become a lot less popular these days, we were unable to compare the Inspiron 17 to same-size competitors. But we have to say, it felt great to be back in front of a massive display, and though the panel Dell uses is only 1080p, it is crisp and looks superb.
Despite Dell’s claim that this notebook is “high-performance,” we’d say it’s more at the “upper mid-level” tier. For daily desktop tasks it’s certainly fast enough. With its SSD and Skylake CPU, we never experienced any slowdowns, and the keyboard and trackpad are excellent. Factor in the booming audio and excellent speakers and you have yourself a damn fine daily driver. The only downside is that lone USB 3.0 port, a trade-off for having one USB C port apparently. But on a laptop this large, it seems like two USB 3.0 ports and a USB C port could cohabitate comfortably. Finally, the battery life isn’t great, but if there’s any laptop that’s unlikely to be far from a power outlet for long periods, it’s this one—and almost five hours is still decent.
Though the design seems kind of cheap and plastic-y, the Inspiron 7000 in the 17-inch form factor is a great notebook overall. It’s powerful, has great features, is easy to live with, and is relatively affordable. And since it’s the only 17-inch 2-in-1 on the market, you’ll be the talk of the water cooler as well.
This story, "Dell Inspiron 17 7778 review: This massive 17-inch 2-in-1 is a worthwhile desktop replacement" was originally published by PCWorld.
Entrepreneurs will receive “parole,” not a visa, to live in the U.S.
There have been efforts in Congress to approve what's called a "startup visa," which would be given to entrepreneurs who commit to certain levels of investment and job growth. But as with other immigration bills, it's gotten nowhere.
In the absence of congressional action, President Barack Obama's administration Friday said it will create a startup visa-like program, and said it can do so without congressional approval.
Entrepreneurs who can deliver a startup plan backed by significant investment can be "paroled" -- an immigration term -- to live and work in the United States, said White House officials.
The U.S. believes as many as 3,000 people may take advantage of this program, called the International Entrepreneur Rule.
"While there is no substitute for legislation, the administration is taking administrative action, where possible and consistent with current law, to fix our broken immigration system," said Tom Kalil, deputy director for technology and innovation at the White House Office of Science and Technology Policy, in a press briefing today describing the proposal.
The Department of Homeland Security has authority to extend immigration parole -- a way to remain in the U.S. without a work visa or permanent residency -- on a case-by-case basis for either humanitarian reasons or for "significant public benefit."
The White House argues that foreign entrepreneurs offer significant public benefit, if they meet certain investment and job creation goals.
This parole status will be available for up to five years and can be revoked at any time by the DHS secretary. After that period, officials said the person would be able to move from parole status to permanent residency or to some other type of visa.
To get parole status, the entrepreneur will have to demonstrate "significant investment of capital" -- at least $345,000 from "certain qualified" U.S. investors with a track record of successful investments, or $100,000 from certain federal, state or local government entities.
The startup will also have to demonstrate compelling evidence of the startup entity's substantial potential for rapid growth and job creation.
The administration doesn't have a lot of time to act. Over the next few months it will publish the rules, open them up for a 45-day public comment period, and finalize the rule by the end of year, a timetable that brings it within weeks of Obama's last day in office.
This story, "Frustrated by Congress, Obama creates startup visa-like program" was originally published by Computerworld.
Its system for streaming state information from devices will soon get easier to deploy
It's been a good year for IT administrators who want more information, more often, about what's happening on their networks.
In April, startups Veriflow and Nyansa introduced new ways to determine whether a network is doing what it should. In June, Cisco Systems unveiled its Tetration Analytics appliance to collect and analyze information about all parts of a data center in real time.
Virtualization, mobility and cloud computing are raising the stakes for network monitoring. While infrastructure grows more complex, users' performance demands are getting more strict.
Network equipment maker Arista says periodically polling switches and other devices about their current state isn't enough to answer all the questions administrators have to answer now. The company's developed a way to constantly stream state information into a repository where it can automatically be interpreted. Right now, enterprises have to set up that repository themselves, but Arista is about to build "state streaming" into its CloudVision software. It's coming later this year.
The aim is to change something that's required a lot of in-house tinkering into a turnkey solution, said Jeff Raymond, Arista's vice president of Extensible Operating System products and services. CloudVision currently handles things like orchestration, provisioning and change management. It will now gain telemetry capability as well.
Arista wants to help customers advance beyond a network monitoring approach that dates back to the 1990s. The time-honored SNMP (Simple Network Management Protocol) generates current data about each device every few minutes, and MIBs (management information bases) organize various types of information about those devices. But some important knowledge can fall between the cracks, Raymond said.
For example, during a peak activity event like a server starting up, one port on a switch might get overloaded and drop some packets. But if the incident only lasted a few milliseconds, SNMP polling data averaged over a period of time might show the port's performance was fine, overlooking the packet loss. With streaming state information, everything that happens is visible for real-time and historical analysis.
Also, if an administrator needed a certain bit of information to troubleshoot a problem but the MIB wasn't written to capture that data, then the administrator would just have to make an educated guess, Raymond said.
Arista's state-streaming technology, called NetDB, will become available as part of CloudVision beginning in the fourth quarter. Customers with a subscription to CloudVision will be able to get the new capabilities free of charge. No special hardware is required.
Arista is working with partners, including Hewlett Packard Enterprise, VMware, SAP, and VeriFlow, to allow their polling-based monitoring platforms to take advantage of the streaming updates. That way, customers who use those platforms will be able to hold on to their investments. Network management applications that enterprises develop on their own can also use that stream of state information.
The company is also working with OpenConfig, an effort to define vendor-agnostic data models for streaming state information. As more network equipment makers use these data models, Arista will be able to collect information from their devices in its repository, Raymond said.
The vast majority of contributions come from paid developers
The Linux kernel is improving faster than ever, gaining 7.8 patches per hour and 4,600 lines of new code every day.
That's according to a new report published Monday by the Linux Foundation and focusing on the state of kernel development. Entitled "Linux kernel development -- how fast it is going, who is doing it, what they are doing, and who is sponsoring it," the report is the seventh the nonprofit has published on the topic in roughly as many years.
This year's paper covers work completed through Linux kernel 4.7, with an emphasis on releases 3.19 to 4.7. The last report was released March 2015 and focused on versions 3.11 to 3.18.
Among the findings this year is that more than 13,500 developers from more than 1,300 companies have contributed to the Linux kernel since the adoption of Git made detailed tracking possible back in 2005. Just since the last report, nearly 5,000 developers from 400 companies have contributed to the kernel, and almost half of them were doing so for the first time.
Things are clearly getting faster, too. This year's rate of 7.8 changes accepted into the kernel per hour on average is up from 7.71 in the last report. A new kernel comes out every nine to 10 weeks.
Intel, Red Hat, Linaro, Samsung, SUSE, IBM, Renesas, Google, AMD, Texas Instruments, and ARM were among the top organizational sponsors of Linux kernel development in this analysis. The Outreachy program -- which provides open source internships to underrepresented groups -- ranked at No. 13.
On the whole, however, the volume of contributions from unpaid developers fell from 11.8 percent in 2014 to just 7.7 percent in this report.
The Linux kernel was launched 25 years ago this Thursday. It now includes 22 million lines of code.
"The Linux kernel continues to be one of the most visible and prolific examples of open source software development," said Stephen Hendrick, a principal analyst at Enterprise Strategy Group.
The growing proportion of work being done by paid developers "demonstrates the strategic importance of Linux to the IT vendor community that largely drives its development," Hendrick said.
The fact that the Linux kernel is now celebrating its 25th anniversary, meanwhile, is a testament to the project's ability to embrace change, he added.
"This change has made it easier for developers to participate and provides a more streamlined and efficient method to leverage contributions," Hendrick said. "Overall, there are lessons to be learned here on how to consistently keep important technologies relevant."
ARM's new supercomputer chip design with vector extensions will be in Japan's Post-K computer, which will be deployed in 2020
ARM conquered the mobile market starting with Apple's iPhone, and now wants to be in the world's fastest computers.
A new ARM chip design being announced on Monday is targeted at supercomputers, a lucrative market in which the company has no presence. ARM's new chip design, which has mobile origins, has extensions and tweaks to boost computing power.
The announcement comes a few weeks after Japanese company Softbank said it would buy ARM for a mammoth $32 billion. With the cash, ARM is expected to sharpen its focus on servers and the internet of things.
ARM's new chip design will help the company on two fronts. ARM is sending a warning to Intel, IBM, and other chip makers that it too can develop fast supercomputing chips. The company will also join a race among countries and chip makers to build the world's fastest computers.
The chip design is being detailed at the Hot Chips conference in Cupertino, Calif., on Monday.
Countries like the U.S., Japan, and China want to be the first to reach the exascale computing threshold, in which a supercomputer delivers 1 exaflop of performance (a million trillion calculations per second). Intel, IBM, and Nvidia have also been pushing the limits of chip performance to reach that goal.
Following Softbank's agreement to buy ARM, it should come as no surprise that the first supercomputer based on the new chip design will be installed in Japan. The Post-K supercomputer will be developed by Fujitsu, which dropped a bombshell in June when it dropped its trusty Sparc architecture in favor of ARM for high-performance computers. Fujitsu aided ARM in the development of the new chip.
Post-K will be 50 to 100 times speedier than its predecessor, the K Computer, which is currently the fifth fastest computer in the world. The K Computer delivers 10.5 petaflops of peak performance with the Fujitsu-designed SPARC64 VIIIfx processor.
The new ARM processor design will be based on the 64-bit ARM-v8A architecture and have vector processing extensions called Scalable Vector Extension. Vector processors drove early supercomputers, which then shifted over to less expensive IBM RISC chips in the early 1990s, and on to general-purpose x86 processors, which are in most high-performance servers today.
In 2013, researchers said less expensive smartphone chips, like the ones from ARM, would ultimately replace x86 processors in supercomputers. But history has turned, and the growing reliance on vector processing is seeing a resurgence with ARM's new chip design and Intel's Xeon Phi supercomputing chip.
The power-efficient chip design from ARM could crank up performance while reducing power consumption. Supercomputing speed is growing at a phenomenal rate, but the power consumption isn't coming down as quickly.
ARM's chip design will also be part of an influx of alternative chip architectures outside x86 and IBM's Power entering supercomputing. The world's fastest supercomputer called the Sunway TaihuLight has a homegrown ShenWei processor developed by China. It offers peak performance of 125.4 petaflops.
ARM has struggled in servers for half a decade now, and the new chip design could give it a better chance of competing against Intel, which dominates data centers. Large server clusters are being built for machine learning, which could use the low-precision calculations provided by a large congregation of ARM chips with vector extensions.
ARM servers are already available, but aren't being widely adopted. Dell and Lenovo are testing ARM servers, and said they would ship products when demand grows, which hasn't happened yet.
ARM server chip makers are also struggling and hanging on with the hope the market will take off someday. AMD, which once placed its server future on ARM chips, has reverted back to x86 chips as it re-enters servers. Qualcomm is testing its ARM server chip with cloud developers, and won't release a chip until the market is viable. AppliedMicro scored a big win with Hewlett Packard Enterprise, which is using the ARM server chips in storage systems. Other ARM server chip makers include Broadcom and Cavium.
From APIs to dispensary robots, new innovations are popping up like weeds
The cannabis industry is growing up, and it would be tough to imagine more convincing proof than Microsoft's recent announcement that it's getting involved.
Though the software giant will stay very much in the background -- its role will focus primarily on providing Azure cloud services for a compliance-focused software push -- the move is still widely viewed as a telling sign.
"Having them come out and say, 'we're willing to have our name in the same sentence as the word cannabis,' adds to the legitimacy of our industry," said Kyle Sherman, cofounder and CEO of software maker Flowhub.
Stigma is a longstanding problem for those trying to run a legitimate business in the cannabis industry, thanks largely to the fact that marijuana remains illegal in the U.S. federal government's eyes. Twenty-five states have already passed laws that allow for some degree of medical or legal use, but that can be cold comfort for entrepreneurs unable to get a bank account because of lingering concern.
Yet there's no doubt of the profit potential. Legal cannabis sales brought in $5.4 billion in 2015, and $6.7 billion are expected this year, according to a February report. By 2020, the forecast is $21.8 billion.
Startups are now jumping in to help make that happen, and technology is playing a central role.
Historically, technology has been used minimally in the production and sale of cannabis, largely because of legal concerns.
"It has been not just minimal but actively avoided," said Mike Bologna, founder and CEO of Green Lion Partners, a business strategy firm focused on the regulated cannabis industry.
Bologna predicts that technology's growth in the industry will eventually outpace the growth of the industry itself, and over the past year he's started to see signs that things are picking up.
Today, there are not only a raft of agricultural and security technologies used on the growing end, but also tools ranging from dispensary robots to APIs to help sell cannabis in a way that's convenient, transparent, and compliant with regulations.
Flowhub, for instance, offers a seed-to-sale tracking platform for growers and retailers, with a particular focus on compliance. Founded in 2015, the Denver-based startup offers a mobile device for scanning RFID plant tags, a point-of-sale (POS) system for dispensaries, and a cloud-based software-as-a-service (SaaS) platform that's accessible via web or iOS. It currently serves customers in Colorado, Alaska, and Oregon.
Essentially, the goal is to track every plant, product and person associated with the production and sale of marijuana and maintain legal compliance.
Flowhub's POS system reports to states' compliance tracking systems automatically using application programming interfaces (APIs), replacing what used to be a laborious manual process. The company has also opened up its platform's APIs to other entrepreneurs, giving them a way to write apps that use Flowhub data, such as for loyalty programs.
"Our goal as a company is to legalize cannabis responsibly in North America and eventually the globe through technology," Sherman said. "Regulators need to see that it's better to keep cannabis off the black market by making it traceable. We want to show the world this can be done responsibly."
La Conte's Clone Bar and Dispensary in Denver saves countless hours by using Flowhub to maintain compliance with Colorado regulations.
"Before Flowhub we had to manually upload data to the state every night," said Zach Howell, supply chain manager for the store. "That meant taking screenshots of spreadsheets and cutting and pasting. It was a lot of work."
Today, all sales data for the day can be uploaded automatically into the state's database in a single step. The system also gives La Conte's a live, real-time view of its inventory.
Upon entering the dispensary, customers have their ID scanned both for their date of birth and for their state of residency. That process checks them into La Conte's system, so that when they're ready to make a purchase, there's no uncertainty about what they can buy.
In Colorado, out-of-state residents are not allowed to buy more than an ounce of marijuana, for instance. It used to be up to employees to quickly figure out what combination of products -- flowers, edibles, and so on -- adds up to that much. Now Flowhub's system does it automatically.
"If we know your ID is from out of state, it locks the transaction if you go over an ounce," Howell said. "They've basically put the regulations into a system that forces users to play by the rules."
Howell, meanwhile, can tap into Flowhub's system and handle any problems remotely. "If I'm on a plane and a manager calls to say we're out of something but have it in back stock, I can move it into their inventory for them to sell."
Flowhub
Flowhub's cofounders: CEO Kyle Sherman and CFO Chase Wiseman.
The technology is enabling many of the same processes and capabilities that have long been standard in other parts of the retail world but adapted with an industry-specific twist. As the cannabis industry grows and matures, that trend promises to continue.
"When I first started in this industry, it was a bunch of people who knew how to grow weed but had no business sense whatsoever," Howell said. "Today the big companies out there are starting to get accountants and HR departments. The companies that are surviving are saying, 'we need a CEO, we need a business model, we need a plan. We need technologies to streamline our processes and make sure we're compliant.'"
Those are important steps because eventually, cannabis will become a commodity, said Green Lion's Bologna. When that happens, success will favor those tapping efficiency-boosting best practices and tools already commonplace in the rest of the business world.
"A lot of people like to put us in our own bucket, but we are starting to use all the standard tools," Bologna said.
That's definitely the case at GreenRush, an e-commerce platform for medical marijuana delivery. GreenRush partners with local U.S. dispensaries and delivery services and helps them acquire customers through its online platform.
"We're like the GrubHub of the medical marijuana industry," said Paul Warshaw, GreenRush's founder and CEO.
Customers who land on the site can browse dispensaries and products; with a verified medical marijuana card, they can order products for delivery by a dispensary near them. California-based shoppers who don't have a medical marijuana card can even consult with a doctor via GreenRush's telemedicine platform and get approved for one on the spot.
Though much of GreenRush's technology was built in-house, the company has tapped a number of common tools to propel its business. A partnership with Salesforce, for instance, helps with sales management and customer support.
"We're a sales organization," Warshaw explained. "Everything starts with outreach to the dispensaries."
The company has also integrated with DocuSign for its membership agreements, MailChimp for e-mail marketing, and Slack for communication with dispensary partners.
"It's great that people are building technologies specifically for cannabis, but there are awesome platforms already out there that can help make your business so much more efficient and transparent," Warshaw said.
As the industry matures, that kind of fine-tuning may become an imperative.
PotBotics
PotBotics bills its PotBot as 'the world's first virtual budtender.'
Owing in part to the high prices set during the industry's black-market days, more than 80 percent of the businesses that get started in the legal cannabis industry break even within a year, said Leslie Bocskor, founder and president of Electrum Partners, an advisory firm focused on the industry.
Such rapid profitability is "unheard of," Bocskor said.
It also poses what may be one of the industry's biggest challenges in the days ahead.
"High margins can cover up a lot of mistakes," Bocskor said. "Businesses can't get comfortable -- they need to start using best practices regardless of their profitability, and technology is a big part of that."
Banking remains another obstacle for many in the industry, as financial services firms remain skittish about serving cannabis-based businesses.
"The average cannabis business can't bank like a normal one would," GreenRush's Warshaw said. "Not everybody wants to work with you."
There can even be issues for cannabis companies trying to advertise on sites like Google or Facebook, or to make apps available online. "Things you wouldn't think of are challenges that we have to overcome," Warshaw said.
Looking ahead, the effort and funds now being poured into the cannabis industry could create jobs and tax revenue and fuel innovation for years to come.
"It's no longer some guy in a warehouse where they roast coffee to cover up the smell," Electrum's Bocskor said. "All this money is driving innovation that will affect agriculture around the globe."
Said Howell, "We're not just growing weed to sell weed anymore -- it's a business."
Admins need to ensure that their DNSSEC domains are properly set up -- which can be easier said than done
Administrators who have configured their domains to use DNSSEC: Good job! But congratulations may be premature if the domain hasn't been correctly set up. Attackers can abuse improperly configured DNSSEC (Domain Name System Security Extensions) domains to launch denial-of-service attacks.
The DNS acts as a phone book for the Internet, translating IP addresses into human-readable addresses. However, the wide-open nature of DNS leaves it susceptible to DNS hijacking and DNS cache poisoning attacks to redirect users to a different address than where they intended to go.
DNSSEC is a series of digital signatures intended to protect DNS entries from being modified. Done properly, DNSSEC provides authentication and verification. Done improperly, attackers can loop the domain into a botnet to launch DDoS amplification and reflection attacks, according to the latest research from Neustar, a network security company providing anti-DDoS services.
"DNSSEC emerged as a tool to combat DNS hijacking, but unfortunately, hackers have realized that the complexity of these signatures makes them ideal for overwhelming networks in a DDoS attack," said Neustar's Joe Loveless. "If DNSSEC is not properly secured, it can be exploited, weaponized, and ultimately used to create massive DDoS attacks
In a study of more than 1,300 DNSSEC-protected domains, 80 percent could be used in such an attack, Neustar found.
The attacks rely on the fact that the size of the ANY response from a DNSSEC-signed domain is significantly larger than the ANY response from a non-DNSSEC domain because of the accompanying digital signature and key exchange information. The ANY request is larger than a normal server request because it asks the server to provide all information about a domain, including the mail server MX records and IP addresses.
Armed with a script and a botnet, attackers can trick nameservers into reflecting DNSSEC responses to the target IP address in a DDoS attack. A DNSSEC reflection attack could transform an 80-byte query into a 2,313-byte response, capable of knocking networks offline. The biggest response the researchers received from a DNSSEC-protected server was 17,377 bytes.
The number of DNS reflection and amplification DDoS attacks abusing DNSSEC-configured domains have been growing. Neustar said the overall number of attacks using multiple vectors, which probe defenses until they succeed, is on the rise, and more than half of these multivector attacks involve reflection attacks.
Internet security company Akamai observed a similar pattern, as it found 400 DNS reflection/amplification DDoS attacks abusing a single DNSSEC domain in the fourth quarter of 2015. The domain was used in DDoS attacks against customers in multiple verticals, suggesting the domain had been included into a DDoS-for-hire service.
"As with other DNS reflection attacks, malicious actors continue to use open DNS resolvers for their own purpose -- effectively using these resolvers as a shared botnet," Akamai wrote in its quarterly State of the Internet Security report back in February.
The problem isn't with DNSSEC or its functionality, but rather how it's administered and deployed. DNSSEC is the best way to combat DNS hijacking, but the complexity of the signatures increases the possibility of administrators making mistakes. DNS is already susceptible to amplification attacks because there aren't a lot of ways to weed out fake traffic sources.
"DNSSEC prevents the manipulation of DNS record responses where a malicious actor could potentially send users to its own site. This extra security offered by DNSSEC comes at a price as attackers can leverage the larger domain sizes for DNS amplification attacks," Akamai said in its report.
To prevent a DNSSEC attack, configure DNSSEC correctly on the domain so that it cannot be used to amplify DNS reflection attacks. That's easier said than done. DNSSEC adoption has been slow, but progress is being made. Administrators should check with their service providers to make sure their digital signatures are valid and test deployments regularly.
While blocking DNS traffic from certain domains is certainly an option, it's not one most organizations would be comfortable with as it could block legitimate users and queries. Neustar recommends DNS providers not respond to ANY requests at all. Other filtering systems to detect abuse -- such as looking for patterns of high activity from specific domains -- should also be in place.
Fixing DNSSEC won't end these types of attacks, as there are plenty of other protocols that can be used in amplification and reflection attacks, but it can cut down on the current batch. As long as there are systems generating traffic with spoofed IP addresses and networks allowing such traffic, reflection-amplification DDoS attacks will continue.
Efforts to dismantle botnets, and prevent systems from joining botnets in the first place, will put a dent in the number of DDoS attacks. In addition, administrators should make sure they have anti-DDoS mechanisms in place, such as preventing source IP spoofing in a network, closing an open resolver, and rate limiting.
Finally gets parity with the Windows edition on the bit front
Microsoft yesterday released 64-bit versions of its Office 2016 applications for the Mac, following a series of previews offered testers since April.
The five apps -- Excel, OneNote, Outlook, PowerPoint and Word -- will be updated to 64-bit for all customers, including those with an Office 2016 retail license, a consumer or commercial subscription to Office 365, and a volume license. Most users will be updated automatically as the suite launches an update app on its regular schedule.
Microsoft has been testing the 64-bit versions with Office Insider participants since April.
Apple has long urged developers to release 64-bit versions of applications -- the Mac's operating system has supported only 64-bit Intel processors since 2011's OS X Lion -- but Microsoft has been one of the most significant holdouts.
For users, the biggest benefit is the ability to work with much larger files -- thanks to the significantly bigger swaths of memory that a 64-bit operating system can access.
Unlike the Windows edition of Office 2016, which comes in both 32- and 64-bit flavors, the Mac-specific suite will be available only in 64-bit after September. Microsoft offered users a one-month grace period during which version 15.25 will be provided in both 32- and 64-bit.
"There may be situations in which the customer has to change code that's not 64-bit ready," Microsoft said in a support document, referring to possible conflicts with third-party Office add-ons. "If customers can't immediately move forward to 64-bit builds, we will make available a one-time 32-bit update for the 15.25 release in addition to the default 64-bit updates."
That 32-bit version of 15.25 must be downloaded manually from Microsoft's site.
The support document included instructions for reverting to 32-bit if Office 2016 had already been updated to 64-bit.
This story, "Microsoft upgrades Mac Office to 64-bit for all customers" was originally published by Computerworld.
But I thought it already connected to the PC with Bluetooth...
I hope you have the space (and the patience) for yet another dongle. Alongside plans to bring its PlayStation Now game streaming service to Windows, Sony also announced a $25 doohickey to connect your DualShock 4 controller to your PC…for some reason.
I say “for some reason” because in theory there is little reason you should need a USB dongle for the DualShock 4. It pairs to the PlayStation 4 with a simple Bluetooth connection, meaning it should pair with your PC the same way. Hell, Microsoft’s new Xbox One S controller added Bluetooth for that very same purpose. But in reality, official drivers for the DualShock 4 never materialized for PCs—though third-party software can coax Sony’s controllers into working well by convincing your PC that the DualShock is an Xbox 360 controller.
People complain that the DualShock 4’s Bluetooth connection can be shaky or temperamental with PCs, but that would seem to be a driver issue, not one requiring an entirely new piece of hardware.
But here we are. The $25 DualShock 4 USB Wireless Adapter is scheduled for a September release. To quote Sony, it “will let you connect a DualShock 4 to PC and Mac wirelessly, and will enable every feature of the controller you know and love: buttons, analog sticks, touch pad, light bar, motion sensors, vibration, and stereo headset jack—as long as the gaming application supports these features.”
That last sentence is most important, especially given Sony’s already subpar support for the DualShock 4 on PC. The dongle will be compatible with Sony's official PlayStation Now and PS4 Remote Play applications for the PC, but Sony didn't say whether or not it would allow you to use your DualShock 4 with any PC game that embraces gamepads.
Like it or not, the Xbox One controller inherited the PC community’s goodwill and has stayed the de facto option for most PC ports. This dongle might be too little, too late. Though I do love the DualShock 4’s feel…
This story, "Sony reveals DualShock 4 wireless adapter for PCs" was originally published by PCWorld.
Survey also shows majority of retailers haven’t invested in cybersecurity in the past year
Nearly a fifth of shoppers would avoid at a retailer that has been a victim of a cybersecurity hack, according to a survey.
The 2016 KPMG Consumer Loss Barometer report surveyed 448 consumers in the U.S. and found that 19% would abandon a retailer entirely over a hack. Another 33% said that fears their personal information would be exposed would keep them from shopping at the breached retailer for more than three months.
The study also looked at 100 cybersecurity executives and found that 55% said they haven't spent money on cybersecurity in the past yearand 42% said their company didn't have a leader in charge of information security.
Those responses confirmed worries that retailers are falling behind other industries like financial services and technology on cybersecurity issues.
"There is a lot at stake here for retailers," Mark Larson, KPMG business leader for consumer markets, said in a statement. "Retailers that don't make cybersecurity a strategic imperative are taking a big gamble."
Tony Buffomante, cybersecurity leader for KPMG, said many retailers are not doing enough to protect their businesses from cyberattacks or react to them when they do occur. Paying more attention to cybersecurity could help their businesses, he added.
The survey results, posted Tuesday online, found that retail and automotive industries were laggards in appointing leaders to assess cyberthreats and opportunities. The financial services and tech industries were leaders.
Cyberattacks were also called "rampant" in the survey, showing that retail executives reported the most malware and internal and botnet attacks of the four industries (financial services, tech, retail and automotive).
KPMG advised companies to think about cybersecurity less as an IT-managed risk and more as a strategy issue. "Branding, loyalty, sales, overall customer relationships and business agility all hang in the balance," KPMG said.
The survey findings and KPMG's conclusions echo other surveys and comments by analysts who have called on businesses generally to focus more squarely on cybersecurity protections.
This story, "19% of shoppers would abandon a retailer that’s been hacked" was originally published by Computerworld.
Nikola Motor Co. 
Nikola Motor Co. 
PCWorld 
PCWorld 
PCWorld 
PCWorld 
PCWorld 
Flowhub 
PotBotics 
