Tech News

The Red Hat Certified Engineer (RHCE) certification program has certified skilled IT professionals for around 20 years now. This program has also one of the leading certification programs for Linux skills. As new technologies are coming up and industries are equally evolving, the focus has now shifted to hybrid cloud implementations. With this new development, shift automation has become an important skill to learn for Linux system administrators. So, the team behind RHCE thought that there is a need for evolving the RHCE program for Red Hat Certified Professionals. What changes are expected? In the updated RHCE program, the team is shifting the focus to automation of Linux system administration tasks with the help of Red Hat Ansible Automation and will also be changing the requirements for achieving an RHCE credential. With the upcoming release of Red Hat Enterprise Linux 8, the team at RHCE will be offering a new course and a new certification exam. Red Hat System Administration III: Linux Automation (RH294) The team at RHCE has designed this course for Linux system administrators and developers who are into automating provisioning, configuration, application deployment, and orchestration. The ones’ taking up this course will learn how to install and configure Ansible on a management workstation and will get a clear idea about preparing managed hosts for automation. Red Hat Certified Engineer exam (EX294) The RHCE exam will focus on the automation of Linux system administration tasks that uses Red Hat Ansible Automation and shell scripting. The ones who pass this new exam will become RHCEs. What will remain the same? Ken Goetz, vice president of Training and Certification at Red Hat writes in a blog post, “One thing that we want to assure you is that this is not a complete redesign of the program.” The candidates can still get an RHCE by having first passed the Red Hat Certified System Administrator exam (EX200) and then later passing an RHCE exam while still being an RHCSA. The Red Hat Enterprise Linux 7 based RHCE exam (EX300) will remain available for a year post the new exam gets released. How does it impact candidates? Current RHCE The RHCE certification is valid for three years from the date the candidate has become an RHCE. The period of the RHCE can be extended by earning additional certifications that can be applied towards becoming Red Hat Certified Architect in infrastructure. Candidates can renew the RHCE before it becomes non-current by passing the new RHCE exam (EX294). Aspiring RHCE An RHCSA who is progressing towards becoming an RHCE can continue preparing for the Red Hat Enterprise Linux 7 version of the course and take the current RHCE exam (EX300) till June 2020. Or else they can prepare for the new exam (EX294), based on the upcoming release of Red Hat Enterprise Linux 8. Red Hat Certified Specialist in Ansible Automation The ones who are currently Red Hat Certified Specialist in Ansible Automation can continue to demonstrate their Ansible automation skills and knowledge by earning RHCE via the new process. Ken Goetz, vice president of Training and Certification at Red Hat writes in the post, “We are aligning the RHCE program, and the learning services associated with that program, to assist individuals and organizations in keeping up with these changes in the industry.”   To know more about this news, check out Red Hat’s blog post. Red Hat Satellite to drop MongoDB and will support only PostgreSQL backend Red Hat announces CodeReady Workspaces, the first Kubernetes-Native IDE for easy collaboration among developers Red Hat drops MongoDB over concerns related to its Server Side Public License (SSPL)  

This week, the team at Google Cloud announced the Beta version of Traffic Director, a networking management tool for service mesh, at the Google Cloud Next. Traffic Director Beta will help network managers understand what’s happening in their service mesh. Service mesh is a network of microservices that creates the applications and the interactions between them. Features of Traffic Director Beta Fully managed with SLA Traffic Director’s production-grade features have 99.99% SLA. Users don’t have to worry about deploying and managing the control plane. Traffic management With the help of Traffic Director, users can easily deploy everything from simple load balancing to advanced features like request routing and percentage-based traffic splitting. Build resilient services Users can keep their service up and running by deploying it across multiple regions as VMs or containers. Traffic Director can be used for delivering global load balancing with automatic cross-region overflow and failover. With Traffic Director users can deploy their service instances in multiple regions while requiring only a single service IP. Scaling Traffic Director handles the growth in deployments and it manages to scale for larger services and installations. Traffic management for open service proxies This management tool provides a GCP (Google Cloud Platform)-managed traffic management control plane for xDSv2-compliant open service proxies like Envoy. Compatible with VMs and containers Users can deploy their Traffic Director-managed VM service and container instances with the help of managed instance groups and network endpoint groups. Supports request routing policies This tool supports routing features like traffic splitting and enables use cases like canarying, URL rewrites/redirects, fault injection, traffic mirroring, and advanced routing capabilities that are based on header values such as cookies. To know more about this news, check out Google Cloud's official page. Google’s Cloud Healthcare API is now available in beta Ian Goodfellow quits Google and joins Apple as a director of machine learning Google Cloud Next’19 day 1: open-source partnerships, hybrid-cloud platform, Cloud Run, and more

Last month, the team at Eclipse announced that Eclipse now supports Java 12. What are the latest changes in support with Java 12 Updated project compliance and JRE Eclipse comes with project compliance and JRE updated to 12 that changes the current project to be compatible with Java 12. Preview features Users can enable preview features in Java 12 by selecting Preferences > Java > Compiler > Enable preview features option. Users can further configure the problem severity of these preview features. Set enable preview features The issue with the Enable preview features option in preferences has been resolved. Configure problem severity of preview features Configure problem severity is now provided to update the problem severity of preview features in Java 12. Default case has been added Add 'default' option is now available to add a default case to the enhanced switch statement in Java 12. Missing case statements An option to add missing case statements has been provided for the enhanced switch statement in Java 12. Java Editor In the Java > Editor > Code Mining preference, users can now enable the Show parameter names option which will show the parameter name in method or constructor calls. Java views and dialogs An option to control the comment generation while creating module-info.java or package-info.java is now available. To know more about this news, check out the post by Eclipse. Eclipse 4.10.0 released with major improvements to colors, fonts preference page and more Eclipse IDE’s Photon release will support Rust What can Blockchain developers learn from Eclipse Attacks in a Bitcoin network – Koshik Raj

Last year in December, Mozilla announced its collaboration with Qualcomm to create an ARM64-native build of Firefox targeting Snapdragon-powered Windows 10 ‘Always On, Always Connected’ PCs. Yesterday, it shared that this Firefox build is now available in their Beta release channel. This release builds on top of Firefox Quantum, which is designed to efficiently work on multiple core processors. With this release, Mozilla aims to take this multi-paradigm one step further by making Firefox Quantum efficient for octa-core CPUs available from Qualcomm. To give users “a fast, personal, and convenient experience”, it takes advantage of Rust’s safe concurrency property to divide browsing tasks across the cores Qualcomm processors are being widely used in smartphones. At the Snapdragon Tech Summit 2018, the company shared that they are now moving into the PC space. They introduced the Always on, Always Connected PC category that aims to provide users smartphone-like features on a PC. These features include continuous connectivity and lightning-fast LTE speeds, multi-day battery life, location awareness, among others. Along with this, Qualcomm also announced that they are working with developers to bring a wide range of software applications that will be natively supported in these PCs and one of them was Firefox. Chuck Harmston, Mozilla's senior product manager for the Firefox Arm project, said, "One of the most compelling features of Windows laptops using Qualcomm's Snapdragon chipset is the battery life it enables, measured in days, rather than hours. We've been working hard to take advantage of that, offloading discrete tasks to small chips to use less power ... This was a big project that spanned the Firefox organization, touching almost every part of the browser." Developers are encouraged to try this latest Firefox beta release on their Snapdragon Windows 10 devices and submit bug and crash reports to Mozilla. To know more, check out the official announcement by Mozilla. Mozilla developers have built BugBug which uses machine learning to triage Firefox bugs Mozilla adds protection against fingerprinting and Cryptomining scripts in Firefox Nightly and Beta Mozilla is exploring ways to reduce notification permission prompt spam in Firefox  

Walmart, the world’s largest retailer following the latest tech trend is going all in on robots. It plans to deploy thousands of robots for lower level jobs in its 5000 of 11, 348 stores in US. In a statement released on its blog on Tuesday, the retail giant said that it was unleashing a number of technological innovations, including autonomous floor cleaners, shelf-scanners, conveyor belts, and "pickup towers" on stores across the United States. Elizabeth Walker from Walmart Corporate Affairs says, “Every hero needs a sidekick, and some of the best have been automated. Smart assistants have huge potential to make busy stores run more smoothly, so Walmart has been pioneering new technologies to minimize the time an associate spends on the more mundane and repetitive tasks like cleaning floors or checking inventory on a shelf. This gives associates more of an opportunity to do what they’re uniquely qualified for: serve customers face-to-face on the sales floor.” Further Walmart announced that it would be adding 1,500 new floor cleaners, 300 more shelf-scanners, 1,200 conveyor belts, and 900 new pickup towers. It has been tested in dozens of markets and hundreds of stores to prove the effectiveness of the robots. Also, the idea of replacing people with machines for certain job roles will reduce costs for Walmart. Perhaps if you are not hiring people, they can't quit, demand a living wage, take sick days off etc resulting in better margins and efficiencies. According to Walmart CEO Doug McMillon, “Automating certain tasks gives associates more time to do work they find fulfilling and to interact with customers. Continuing this logic, the retailer points to robots as a source of greater efficiency, increased sales and reduced employee turnover.” "Our associates immediately understood the opportunity for the new technology to free them up from focusing on tasks that are repeatable, predictable and manual," John Crecelius, senior vice president of central operations for Walmart US, said in an interview with BBC Insider. "It allows them time to focus more on selling merchandise and serving customers, which they tell us have always been the most exciting parts of working in retail." With the war for talent raging on in the world of retail and the demand for minimum wage hikes a frequent occurrence, Walmart's expanding robot army is a signal that the company is committed to keeping labor costs down. Does that mean at the cost of cutting jobs or employee restructuring? Walmart has not specified what number of jobs it will cut as a result of this move. But when automation takes place and at the largest retailer in the US is Walmart, significant job losses can be expected to hit. https://twitter.com/NoelSharkey/status/1116241378600730626 Early last year, Bloomberg reported that Walmart is removing around 3500 store co-managers, a salaried role that acts as a lieutenant underneath each store manager. The U.S. in particular has an inordinately high proportion of employees performing routine functions that could be easily automated. As such, retail automation is bound to hit them the hardest. With costs on the rise, and Amazon as a constant looming threat that has resulted in the closing of thousands of mom-and-pop stores across the US, it was inevitable that Walmart would turn to automation as a way to stay competitive in the market. As the largest retail employer in the US, transitions to an automated retailing model, it will leave a good proposition of the 7,04,000 strong US retail workforce either unemployed, underemployed or unready to transition into other jobs. How much Walmart assists its redundant workforce to transition to another livelihood will be litmus test to its widely held image of a caring employer in contrast to Amazon’s ruthless image. How Rolls Royce is applying AI and robotics for smart engine maintenance AI powered Robotics : Autonomous machines in the making Four interesting Amazon patents in 2018 that use machine learning, AR, and robotics

Facebook announced updates to it’s “remove, reduce, and inform” strategy to better control “problematic” content and fake news across Facebook, Instagram, and Messenger. No new tools or updates have been announced for Whatsapp. By problematic content, they mean reducing the spread of content that is inappropriate but does not violate their community guidelines. Similarly, for Instagram, the company is reducing the spread of posts that are inappropriate but do not go against Instagram’s Community Guidelines. These posts will not be recommended on the Explore and hashtag pages but can still appear in your feed if you follow the account that posts it. For instance, the company adds, “ a sexually suggestive post will still appear in Feed but may not appear for the broader community in Explore or hashtag pages.” They disclosed this news to a small group of journalists in an event organized at Menlo Park, on Wednesday. “This strategy”, Facebook said, “applies not only during critical times like elections but year-round.” Last week, WhatsApp included a 'Checkpoint Tipline' feature in India to verify messages during the election. "Launched by PROTO, an India-based media skilling startup, this tip line will help create a database of rumors to study misinformation during elections for Checkpoint," Facebook said in a statement. However, the tool turned out to be more for researching purposes rather than debunking fake news as reported in an investigation led by BuzzFeed News. Per Buzzfeed, FAQs uploaded on Pronto website suggests it’s just meant for research purposes. Increasing overall product integrity Facebook has rolled out a Community Standards site where people can track the updates Facebook makes each month. All policy changes will be visible to the public with specifics on some on why they made a certain change. Facebook Groups admins will be held more accountable for Community Standards violations. Facebook will be looking at admin and moderator content violations in a group while deciding whether or not to take it down. They will be checking approved member posts as a stronger signal that the group violates facebook standards. This feature is also released globally. A new Group Quality feature will provide an overview of content removed and flagged for most violations. It will also have a section for false news found in the group. This initiative is going to start globally in the coming weeks. They are also expanding their third-party collaborations for news flagging and fact-checking by including The Associated Press as part of the third-party fact-checking program. AP will be debunking false and misleading video misinformation and Spanish-language content appearing on Facebook in the US. Surprisingly, fact-checking by AP has not been added as a feature globally. India is Facebook’s largest market and is also conducting its national elections over this month and the next. Current fact checking agencies in India include AFP India, Boom, Fact Crescendo, Factly, India Today Fact Check, Newsmobile Fact Checker, and Vishvas.News. Facebook has made admin and moderator policies as well as the Group Quality feature made available globally, but not the AP inclusion. Read also: Ahead of Indian elections, Facebook removes hundreds of assets spreading fake news and hate speech, but are they too late? If a Facebook group is found to repeatedly share misinformation that has been rated false by independent fact-checkers, Facebook will reduce that group’s overall News Feed distribution. Interestingly, they have not suspended these groups as they are only removing/suspending content that “violates their policies”, even if it’s deemed inappropriate. A new “Click-Gap” signal into News Feed ranking will be incorporated to see less low-quality content in their News Feed. Per Facebook, “This new signal, Click-Gap, relies on the web graph, a conceptual “map” of the internet in which domains with a lot of inbound and outbound links are at the center of the graph and domains with fewer inbound and outbound links are at the edges. Click-Gap looks for domains with a disproportionate number of outbound Facebook clicks compared to their place in the web graph. This can be a sign that the domain is succeeding on News Feed in a way that doesn’t reflect the authority they’ve built outside it and is producing low-quality content.” Specifically for Facebook and messenger apps The Context Button feature is now added to images to provide people more background information about the publishers and articles they see in News Feed. Facebook is testing this feature for images that have been reviewed by third-party fact-checkers. Trust Indicators are also added to the Context Button to provide a publication’s fact-checking practices, ethics statements, corrections, ownership and funding, and editorial team. They are created by a consortium of news organizations known as the Trust Project. This feature started in March 2019, on English and Spanish content. Facebook will also be adding more information to the Page Quality tab starting with info on Page’s status with respect to clickbait. Facebook will also allow people to remove their posts and comments from a group after they leave the group. For Messenger The Verified Badge is now officially a part of Messenger as a visible indicator of a verified account. There is also the inclusion of Messaging Settings and an Updated Block feature for greater control. Messenger also has a Forward Indicator and Context Button to help prevent the spread of misinformation. The Forward Indicator lets someone know if a message they received was forwarded by the sender, while the Context Button provides more background on shared articles. [dropcap]W[/dropcap]hat’s distressing is that there is a significant gap between policy update and the actual implementation of Facebook’s practices. Facebook continues to host Laura Loomer's inciting content on Instagram even after being flagged saying it does not violate their standards. Laura Loomer is an anti-Muslim conservative activist who published alarming posts that could potentially incite violence against Muslim congresswoman Ilhan Omar. https://twitter.com/letsgomathias/status/1116461347259256832 https://twitter.com/justinhendrix/status/1116501676456910849 Facebook discussions with the EU resulted in changes of its terms and services for users. Ahead of Indian elections, Facebook removes hundreds of assets spreading fake news and hate speech, but are they too late? Ahead of EU 2019 elections, Facebook expands its Ad Library to provide advertising transparency in all active ads.

PagerDuty, a cloud computing firm, had its shares jump 59% in its opening day of trading at the New York Stock Exchange, yesterday after the firm priced its first software IPO of 2019 above an elevated range. https://twitter.com/jenntejada/status/1116108997189406723 https://twitter.com/superlilia/status/1116337381559267329 PagerDuty had initially targeted a price of $19 to $21 for its IPO shares. However, PagerDuty’s shares traded $38.25 a piece, giving the company a market capitalization of around $2.8 billion.   Its stock was priced at $24 a piece, late Tuesday this week with a market cap of nearly $1.8 billion. PagerDuty had plans of selling 8.5 million shares in the IPO, but the stockholders offered about 570,000 shares. PagerDuty operates an On-Call Management platform. The company helps improve the engagement between software developers and operators as it enables them to take action in real time. It is used by developers, IT, security, and customer support domains across different companies.   The company was incorporated in 2010 and has its headquarters in San Francisco, California and its competitors include Atlassian Corp, OpsGenie, and Splunk. PagerDuty’s first financing round took place in September last year, where it was valued at $1.3 billion in a private funding round led by T. Rowe Price and Wellington Management. PagerDuty is used by over 11000 companies, extending across 350,000 employees, including Box and Slack. Its revenue hiked 48% last year, reaching $117.8 million. However, the company’s overall loss had reached $40.7 million from $38.1 million last year. Jennifer Tejada, CEO, PagerDuty, told TechCrunch about the IPO that “it is a gratifying day, especially for the co-founders who were pulling the idea together for PagerDuty...before they even launched it, and for employees who’ve been with the company for nearly as long and...turned down safer and higher-paying jobs along the way”. Tejada owns a 5.7% stake in the company and says that PagerDuty is going to serve a $25 billion market made up of about 22 million software developers.   Public reaction to the news is positive, with people congratulating PagerDuty for the win: https://twitter.com/ethankurz/status/1116340622091272194 https://twitter.com/sacca/status/1116129693617442816 https://twitter.com/alexrkonrad/status/1116351697339723779 https://twitter.com/stewart/status/1116252660905021440 Amazon stocks surge past $2000, expect Amazon to join Apple in the $1 trillion market cap Apple stocks soar just shy of $1 Trillion market cap as revenue hits $53.3 Billion in Q3 earnings 2018 Why Wall Street unfriended Facebook: Stocks fell $120 billion in market value after Q2 2018 earnings call

Yesterday, the Rust team announced the release of Rust 1.34. This release introduces alternative cargo registries, includes support for ‘?’ operator in documentation tests, stabilized TryFrom and TryInto, and more. Support for alternative cargo registries Rust provides a public crate registry called crates.io where developers can publish crates with the cargo publish command. However, as this crate registry is not for people maintaining proprietary code, they are forced to use git or path dependencies. This release brings support for alternate cargo registries, which coexists with crates.io. So, users will now be able to write software that depends on crates from both crates.io and their custom registry. Support for the ‘?’ operator in documentation tests It was proposed in RFC 1937 to add support for the ‘?’ operator in the main() function, #[test] functions, and doctests allowing them to return Option or Result with error values.  This ensured a non-zero exit code in the case of the main() function and a test failure in the case of the tests. Support for the main() and #[test] functions were already implemented in previous versions. However, in the case of documentation tests, support for ‘?’ was limited to doctests that have an explicit main() function. In this release, the team has implemented full support for ‘?’ operator in doctests. Stabilized TryFrom and TryInto The TryFrom and TryInto traits that were proposed in an RFC back in 2016 are finally stabilized in this release to allow fallible type conversions. A ‘Infallible’ type is added for conversions that cannot fail such as u8 to u32. In future versions, the team plans to convert Infallible to an alias for the (!) never type. Library stabilizations This release comes with an expanded set of stable atomic integer types with signed and unsigned variants from 8 to 64 bits available. In the previous versions, non-zero unsigned integer types, for example, NonZeroU8 were stabilized. With this release, signed versions are also stabilized. The ‘iter::from_fn’ and ‘iter::successors’ functions are also stabilized. To know more about the updates in Rust 1.34, check out its official announcement. Chris Dickinson on how to implement Git in Rust The npm engineering team shares why Rust was the best choice for addressing CPU-bound bottlenecks Rust 1.33.0 released with improvements to Const fn, pinning, and more!  

Earlier this year, Gab, the “free speech” social network and a popular forum for far-right viewpoint holders and other fringe groups, launched a browser extension named Dissenter that creates an alternative comment section for any website. The plug-in is now removed from the extension stores of both Mozilla and Google, as the extension violates their acceptable use policy. This decision comes after Columbia Journalism Review reported about the extension to the tech giants. https://twitter.com/nausjcaa/status/1116409587446484994 The Dissenter plug-in, which goes by the tagline “the comment section of the internet”, allows users to discuss any topic in real-time without fearing that their posted comment will be removed by a moderator. The plug-in failed to pass the review process of Mozilla and is now disabled for Firefox users. But, the users who have already installed the plug-in can continue to use it. The Gab team took to Twitter complaining about Mozilla’s Acceptable Use Policy. https://twitter.com/getongab/status/1116036111296544768 When asked for more clarity on which policies Dissenter did not comply with, Mozilla said that they received abuse reports for this extension. It further added that the platform is being used for promoting violence, hate speech, and discrimination, but they failed to show any examples to add any credibility to their claims. https://twitter.com/getongab/status/1116088926559666181 The extension developers responded by saying that they do moderate any illegal conduct or posts happening on their platform as and when they are brought to their attention. “We do not display content containing words from a list of the most offensive racial epithets in the English language,” added the Gab developers. Soon after this, Google Chrome also removed the extension from Chrome Extension Store stating the same reason that the extension does not comply with their policies. After getting deplatformed, the Dissenter team has come to the conclusion that the best way forward is to create their own browser. They are thinking of forking Chromium or the privacy-focused web browser, Brave. “That’s it. We are going to fork Chromium and create a browser with Dissenter, ad blocking, and other privacy tools built in along with the guarantee of free speech that Silicon Valley does not provide.” https://twitter.com/getongab/status/1116308126461046784 Gab does not moderate views posted by its users until they are flagged for any violations and says it “treats its users as adults”. So, until people are complaining, the platform will not take any appropriate action against the threats and hate speech posted in the comments. Though it is known for its tolerance for fringe views and has drawn immense heat from the public, things took turn for the worse after the recent Christchurch shooting. A far-right extremist who shot dead 20+ Muslims and left 30 others injured in two Mosques in New Zealand, had shared his extremist manifesto on social media sites like Gab and 8chan. He had also live-streamed the shooting on Facebook, Youtube, and others. This is not the first time when Gab has been involved in a controversy. Back in October last year, PayPal banned Gab following the anti-Semitic mass shooting in Pittsburgh. It was reported that the shooter was an active poster on the Gab website and has hinted his intentions shortly before the attack. In the same month, hosting provider Joyent also suspended its services for Gab. The platform has also been warned by Stripe for the violations of their policies. Torba, the co-founder of Gab, said, “Payments companies like Paypal, Stripe, Square, Cash App, Coinbase, and Bitpay have all booted us off. Microsoft Azure, Joyent, GoDaddy, Apple, Google’s Android store, and other infrastructure providers, too, have denied us service, all because we refuse to censor user-generated content that is within the boundaries of the law.” Looking at this move by Mozilla, many users felt that this actually contradicts their goal of making the web free and open for all. https://twitter.com/VerGreeneyes/status/1116216415734960134 https://twitter.com/ChicalinaT/status/1116101257494761473 A Hacker News user added, “While Facebook, Reddit, Twitter and now Mozilla may think they're doing a good thing by blocking what they consider hateful speech, it's just helping these people double down on thinking they're in the right. We should not be afraid of ideas. Speech != violence. Violence is violence. With platforms banning more and more offensive content and increasing the label of what is bannable, we're seeing a huge split in our world. People who could once agree to disagree now don't even want to share the same space with one another. It's all call out culture and it's terrible.” Many people think that this step is nothing but a step towards mass-censorship. “I see it as an active endorsement of filter funneling comments sections online, given that despite the operators of Dissenter having tried to make efforts to comply with the terms of service Mozilla have imposed for being listed in their gallery, were given an unclear rationale as to how having "broken" these terms, and no clue as to what they were supposed to do to have avoided doing so,” adds a Reddit user. Mozilla has not revoked the add-on’s signature, so Dissenter can be distributed while guaranteeing that the add-on is safe and can be updated automatically. Manual installation of the extension from Dissenter.com/download is also possible. Mozilla developers have built BugBug which uses machine learning to triage Firefox bugs Mozilla adds protection against fingerprinting and Cryptomining scripts in Firefox Nightly and Beta Mozilla is exploring ways to reduce notification permission prompt spam in Firefox

Yesterday, FireEye said that they have uncovered the hacking group behind the Triton malware which was recently used to impact an unnamed “critical infrastructure” facility. This malware is designed to penetrate into the target’s networks and sabotage their industrial control systems and has often been used in power plants and oil refineries to control the operations of the facility. The Triton malware attack first occurred in August 2017, where it was used against a petrochemical plant owned by Tasnee in Suadi Arabia. Researchers believe that the operators of this attack must have been active since 2014. FireEye also believes Triton attack to be linked to a Russian government-owned technical research institute in Moscow. Triton, also known as Trisis, has been specifically engineered to target a specific type of industrial control system (ICS), namely Triconex safety instrumented systems (SIS) controllers developed by Schneider Electric. FireEye’s first analysis on Triton after the 2017 attack was, “malicious actors used Triton to manipulate industrial safety systems at a critical infrastructure facility and inadvertently caused a process shutdown.” FireEye has also released a report which explains the custom information technology tools and tactics the threat actor leveraged during the early stages of the targeted attack lifecycle. “The information in this report is derived from multiple TRITON-related incident responses carried out by FireEye Mandiant”, the researchers state in their blog. According to the FireEye report, the threat actor leveraged different custom and commodity intrusion tools including SecHack, NetExec, WebShell, and some more. “The actor's custom tools frequently mirrored the functionality of commodity tools and appear to be developed with a focus on anti-virus evasion. The group often leveraged custom tools when they appeared to be struggling with anti-virus detection or were at a critical phase in the intrusion (e.g., they switched to custom backdoors in IT and OT DMZ right before gaining access to the engineering workstation)”, the researchers mentioned in their report. The report further mentions, “After establishing an initial foothold on the corporate network, the TRITON actor focused most of their effort on gaining access to the OT network. Most of the attack tools they used were focused on network reconnaissance, lateral movement, and maintaining a presence in the target environment.” Actors have also used several other obfuscation methods including: Renaming their files to make them look like legitimate files; Planting webshells on the Outlook Exchange servers; Relying on encrypted SSH-based tunnels to transfer tools and for remote command execution; Routinely deleting dropped attack files, execution logs, and other files; Using multiple staging folders and directories that are very less used by legitimate users or processors. To know more about this report in detail, read FireEye’s complete report on the Triton attack. ASUS servers hijacked; pushed backdoor malware via software updates potentially affecting over a million users Researchers prove that Intel SGX and TSX can hide malware from antivirus software Mac users affected by ‘Shlayer Trojan’ dropped via a Steganography-based Ad Payload; Confiant and Malwarebytes report

Yesterday, US senators Ron Wyden, Cory Booker, and Yvette D. Clarke proposed a bill named “Algorithmic Accountability Act”. This bill calls for large companies to assess and fix their algorithms if they show any type of unfairness, inaccuracy, or bias. https://twitter.com/RepYvetteClarke/status/1116065054317740032 While automated decision systems are being used to make some of the most important decisions for us, in some use cases they fail to give the right result because of algorithmic bias. The machine learning algorithms behind these systems are often trained using data that has an underrepresentation of a particular race or sex, which leads to their racist, sexist and non-inclusive behavior. Sen. Ron Wyden said in an interview with The Associated Press, “Computers are increasingly involved in the most important decisions affecting Americans’ lives — whether or not someone can buy a home, get a job or even go to jail. But instead of eliminating bias, too often these algorithms depend on biased assumptions or data that can actually reinforce discrimination against women and people of color.” This bill comes at a time when we are witnessing several controversies surrounding AI systems. The list of such controversies just goes on and usually includes the big tech. For instance, Facebook facing a charge of housing discrimination by the Department of Housing and Urban Development and Amazon shutting down its automated recruitment tool after it was found favoring men in industries where they already dominate. Earlier, we have seen facial recognition systems misidentifying black women. Computerized money lending tools often charge higher interest rates to Latino and black borrowers. What is Algorithmic Accountability Act? This 15-page bill lists all the “impact assessments” companies are required to perform on their automated decision systems. These assessments will include evaluating the development process, system design, and training data for their accuracy, fairness, bias, discrimination, privacy, and security. Companies will be required to evaluate a broad range of algorithms, including the systems that attempt to predict and analyze customer’s behavior, involve large amounts of sensitive data, or systematically monitors a large, publicly accessible physical place. If the assessment report shows any risks of discrimination, privacy problem, or other issues, companies will need to address them within a timely manner. The act targets companies who make over $50 million per year and has access to personal information of at least 1 million customers or devices. It will also be applicable to “data brokers” who, as a major part of their business, collect, assemble, or maintain personal information of individuals. Once passed, the bill would let the Federal Trade Commission to create rules for companies to check for the concerns in their automated systems and correct them if any problems are found. It also gives FTC the authority to regularly monitor how these automated systems are performing. Many Twitter users welcomed this much-needed move to fight against tech bias: https://twitter.com/fhuszar/status/1116253141895450624 https://twitter.com/Kweku_OA/status/1116043963503267840 You can read the proposed bill here: Algorithmic Accountability Act. Facebook will ban white nationalism, and separatism content in addition to white supremacy content Facebook takes an initiative against discriminative ads on its platform The FTC issues orders to 7 broadband companies to analyze ISP privacy practices given they are also ad-support content platforms  

Earlier this week, Facebook updated its terms and services after discussions with the European Commission and consumer protection authorities. Facebook will now clearly explain how it leverages users' data to create “profiling activities and target advertising”, which in turn helps them make money. As per the new terms and services, Facebook will have to provide details on: services it sells to third parties based on the user's data. how consumers can close their accounts, and for what reasons can users account be disabled. nature of the research activities conducted by Facebook itself or with third party business partners. reducing the number of clauses in the contract that are applied on a user’s account even after the termination of the account. Facebook will also inform consumers of these cases. The new terms of services are aimed at providing full disclosure of Facebook's business model in an understandable and plain language to the users. This is great since a new Adtech Market research report by the Information Commissioner’s Office states that most 61% users disagree that they’d prefer to see adverts on websites that are relevant to them. While 59% feel that they have no control over which advertisements are shown to them. Hopefully, as more users are made aware of what goes behind social media advertising, we can expect to see a drop in these numbers. "Today Facebook finally shows commitment to more transparency and straight forward language in its terms of use... Now, users will clearly understand that their data is used by the social network to sell targeted ads..”, said Vera Jourová, Commissioner for Justice, Consumers and Gender Equality. As per the statement from the European Union, post-Cambridge Analytica Scandal, Facebook was requested to clearly inform its users on how it receives finances and the revenues that it makes leveraging user’s data. Facebook was also requested to align its terms of service as per the EU Consumer Law. Apart from that, Facebook has also changed: its policy on the limitation of liability and acknowledges its responsibility in case of negligence ( eg; data mishandling by third parties) its power to unilaterally change terms and conditions by limiting it to cases where the changes are reasonable the rules around temporary retention of content that has been deleted by consumers.  Such type of content can only be retained in few cases (eg; in compliance with an enforcement request by an authority) the language clarifying the right to appeal of users when their content has been removed. EU states that Facebook will complete the implementation of all commitments by the end of June 2019. Also, the Commission and the Consumer Protection Cooperation network will closely monitor the implementation. In case, Facebook fails to fulfill its commitments, national consumer authorities would then resort to enforcement measures including sanctions. For more information, check out the official updated Facebook terms of service. Facebook AI introduces Aroma, a new code recommendation tool for developers Ahead of Indian elections, Facebook removes hundreds of assets spreading fake news and hate speech Facebook will ban white nationalism, and separatism content in addition to white supremacy content

It was just two weeks back when Chinese developers protested over the “996 work schedule”, that requires employees to work from 9 am to 9 pm, 6 days a week in China. And now the news of Chinese tech firms firing employees over the age of 30 is trending. Shelly Banjo, Roving Asia Tech Reporter, at Bloomberg published a post in May last year where she shed light on the grotesque reality of the ageism work culture in China. One such example is of Helen He, a tech recruiter in Shanghai, who has been instructed by her bosses to not hire people over 35 years of age. “Most people in their 30s are married and have to take care of their family—they’re not able to focus on the high-intensity work. If a 35-year-old candidate isn’t seeking to be a manager, a hiring company wouldn’t even give that CV a glance”, said Helen. Ageism within tech firms is at its peak in China and is taking a toll over its employees, as they are forced to move out of the industry. Banjo states that the “30+ middle-age crisis”,  is rife in China. For instance, close to three-quarters of tech workers in China are below thirty in age and the employers further promote this concept. The core reason behind Chinese employers fortifying this practice is because employees over thirty years of age are not considered as efficient as the young. Apart from that, anybody over 30 years old is likely to be experienced and demand a higher wage. Whereas, young employees can be hired at lower wages (as most don’t have a family to look after), contributing to higher profits on the lower scale for the company. Banjo states that China’s 996 work schedule and its hiring young policies reflect China’s obsession with achieving global tech domination. However, the consequences of this obsession are hard-hitting. Banjo gives an example of Ou Jianxin, a 42-year-old, research engineer at ZTE Corp. who committed suicide after he was fired from his role without informing him of the reason. However, after the news went public, people had their suspicions and many blamed it on his age, saying that, he would have already been considered “too old” to be an engineer in China. Another example presented by Banjo is of a job search results on Zhaopin.com that over 10,000 job postings calling for applicants younger than 35. One such job posting is from e-commerce retailer JD.com Inc, which seeks an applicant with a master’s degree for a senior manager position between the age of 20-28. Moreover, although China has national laws that prohibit discrimination based on gender, religion, and disability, there are no laws based on declining someone an offer based on his/her age. “Age-dismissal victims rarely ask for help from lawyers,” says Lu Jun, a social activist and visiting scholar at Fordham University School of Law. But there are some who have fought against the ageism policy. For instance, in 2011 the Shenzhen Stock Exchange had put up a recruitment notice on its website asking for applicants younger than 28. But, the director of a local nonprofit wrote an open letter about this listing to the municipal bureau of human resources, after which the media made the story viral, leading to stock exchange investigating into the listing and taking it down. Others have a different way to fight ageism. One such example presented is of Liu Huai Yi, 33, who was fired from his IT role at Nokia Corp. in Chengdu. Liu says the incident pushed him “to change and improve.. skills to get a better job. I don’t buy the idea that after 35 you can’t get a job. Someone in IT has to just keep learning to keep up.” After a long job search, Liu got another IT job in a multinational healthcare company. However, the ageist policies are not just a part of China’s work culture but have also spread to other parts of the world. For instance, in March 2018, ProPublica conducted an investigation that showed that IBM cut 20,000 older employees in the U.S. over a course of last five years to “sharply increase hiring of people born after 1980.” A user named “duxup” on Hacker News commented, “A little bit like the US maybe? I was already in a technical field, was laid off after a company buyout, I changed careers and took a coding Bootcamp. The other two older guys (at Bootcamp) and I got a lot of "culture" related questions. One dude was actually told by the recruiter that they were worried he was too old, he was surprised they'd actually say it to him so he asked ... and the recruiter repeated herself happily”. Another user “jdietrich” commented on Hacker News, “Older workers expect higher wages and are less willing to tolerate unpaid overtime. They're harder to bullshit with cheap "perks" like foosball tables and beer on Friday. An experienced developer might be better, but who cares when you can get two junior devs for the same price and they'll work 14 hour days during your quarterly "crunch"? They don't believe in the 10x developer, they don't even believe in the 1.1x developer; their employees are just meat in a seat”. What the US-China tech and AI arms race means for the world – Frederick Kempe at Davos 2019 China’s Huawei technologies accused of stealing Apple’s trade secrets, reports The Information Is China’s facial recognition powered airport kiosks an attempt to invade privacy via an easy flight experience

Yesterday the team at Mozilla announced that the company is receiving hundreds of bug reports and feature requests from Firefox users on a daily basis. The team noted that it’s important to get the bugs fixed as soon as possible for the smooth functioning of the systems. Also, the developers should quickly come to know that there is a bug in order to fix it. Bug triage, a process where tracker issues are screened and prioritised can be useful in such cases. However, even when developers come to know that bugs exist in the system, it is still difficult for the developers to closely look at each bug. The team at Mozilla has been using Bugzilla since years now which is a web-based general-purpose bugtracker and testing tool that group the bugs by product. But product assignment or the grouping process was done manually by the developers so this process failed to scale. Now Mozilla is experimenting with Machine Learning to train systems to triage bugs. BugBug It’s important to get the bugs in the eye of the right set of engineers, for which the team at Mozilla developed BugBug, a machine learning tool that assigns a product and component automatically for every new untriaged bug. By bringing the bugs into the radar of the triage owners, the team at Mozilla has made an effort towards decreasing the turnaround time to fix new issues. Training the BugBug model Mozilla has a large training set of data for this model which includes two decades worth of bugs that have been reviewed by Mozillians and assigned to products and components. The bug data can’t be used as-is and any change to the bug after triage would create trouble during operation. So the team at Mozilla rolled back the bug to the time it was originally filed. Out of 396 components, 225 components had more than 49 bugs filed in the past 2 years. During operation, the team performed the assignment when the model was confident enough of its decision and currently, the team is using a 60% confidence threshold. Ever since the team has deployed BugBug in production at the end of February 2019, they have triaged around 350 bugs. The median time for any developer to act on triaged bugs is 2 days. Usually, 9 days is the average time to act, but with BugBug the Mozilla team took just 4 days to remove the outliers. Mozilla plans to use Machine learning in the future The Mozilla team has planned to use machine learning to assist in other software development processes, such as identifying duplicate bugs, providing automated help to developers, and detecting the bugs important for a Firefox release. The team plans to extend BugBug to automatically assign components for other Mozilla products. To know more about this news, check out the post by Mozilla. Mozilla is exploring ways to reduce notification permission prompt spam in Firefox Mozilla launches Firefox Lockbox, a password manager for Android Mozilla’s Firefox Send is now publicly available as an encrypted file sharing service  

Last year, the company announced about adopting an approach to anti-tracking considering user data privacy. The company listed a few key initiatives mitigating harmful practices like fingerprinting and cryptomining. Yesterday, Mozilla announced that it is adding a new feature to protect its users against threats and web annoyances in future releases of Firefox. This new feature is available in the beta version of Firefox 67, and the nightly version of Firefox 68. They will be available in the stable release of Firefox in a few weeks. Mozilla has also added a feature to block fingerprinting and cryptomining in Firefox Nightly as an option for users to turn on. The cryptomining and fingerprinting blocks work similar to anti-tracking blocks in current versions of Firefox. Fingerprinting and crypto mining scripts A variety of “fingerprinting” scripts are embedded invisibly on many web pages to harvest a snapshot of users’ computer configuration. These scripts further build a digital fingerprint that can be used for tracking users across the web, even if the user has cleared the cookies. Fingerprinting thus violates Firefox’s anti-tracking policy. Cryptominers is another category of scripts that run costly operations on users’ web browser without the knowledge or consent of the users. It further uses the power of the user’s CPU to generate cryptocurrency for someone else’s benefit. These scripts slow down the computer speed and the drain battery which affects the electric bill. Firefox’s move towards blocking these scripts To overcome these threats, Mozilla has announced new protections against fingerprinters and cryptominers. The company has collaborated with Disconnect and have compiled the list of domains that serve fingerprinting and cryptomining scripts. Cryptomining and fingerprinting blocks have been disabled by default for now but users can activate them in a couple of clicks in the browser settings under “Privacy & Security.” Mozilla has given an option to users option in the latest Firefox Nightly and Beta versions for blocking both kinds of scripts as part of their Content Blocking suite of protections. The team at Mozilla will be testing these protections in the coming months. To know more about this news, check out the official announcement by Mozilla. Mozilla is exploring ways to reduce notification permission prompt spam in Firefox Mozilla launches Firefox Lockbox, a password manager for Android Mozilla’s Firefox Send is now publicly available as an encrypted file sharing service