« First...102030...2,1162,1172,1182,1192,120...2,1302,1402,150...Last »

Top 10 Inspiring TED Talks for 2014

Posted on by

TIME Business Careers & Workplace Top 10 Inspiring TED Talks for 2014 Justin SullivanGetty Images Bill Gates, Edward Snowden, Larry Page, and the inventor of the World Wide Web converged on the year's hottest topics

This post is in partnership with Inc., which offers useful advice, resources and insights to entrepreneurs and business owners. The article below was originally published at Inc.com.

If youve yet to accumulate enough frequent-flier miles to dash off to this innovation conference, you can get inspired at home by watching the following top TED Talks of the year.

In 1993, Bill and Melinda Gates took a trip to Africa that changed the way they viewed what was truly valuable. The extreme poverty they witnessed then instigated a lifelong commitment to give back 95 percent of their wealth.

In this TED Talk, the mega-philanthropists talk to Chris Anderson about marrying Bills affinity for big data with Melindas global-minded intuition to help save millions of children from hunger and disease around the world. The always-ambitious Gates are now trying to persuade other business leaders and wealthy entrepreneurs to give back. Warren Buffett recently donated 80 percent of his fortune to the Gates Foundation.

These are people who have created their own businesses, put their own ingenuity behind incredible ideas. If they put their ideas and their brain behind philanthropy, they can change the world, Melinda Gates said.

Using the plight of painters, archers, and Arctic explorers as an extended metaphor, art historian Sarah Lewis makes a case for celebrating the near win: missing the mark but never losing sight of the target.

Mastery is in the reaching, not the arriving. Its in constantly wanting to close that gap between where you are and where you want to be, Lewis said.

Lewiss near win theory has been the driving force behind some of our cultures greatest minds, from Michelangelo to Franz Kafka. Almost succeeding gives leaders and competitors the focus and tenacity required to try again. According to Lewis, it is by harnessing these near wins that we can master a more fulfilling path.

See the article here:
Top 10 Inspiring TED Talks for 2014

In ‘Citizenfour,’ Laura Poitras feels heat of telling Snowden’s story

Posted on by

The word "risky" is thrown around often in the film world, usually when personalities embark on a new direction or a commercially challenging project.

But Oscar-nominated director Laura Poitras faced a different type of hazard with her latest film, "Citizenfour": the possibility of arrest, attack and harassment.

The filmmaker, after all, was making a documentary about one of the most-wanted fugitives: secret-spilling National Security Agency contractor Edward Snowden.

"I'd worked in conflict zones, and there's a kind of fear there," Poitras, who has made movies in places such as Iraq and Yemen, said in an interview Saturday. "But this is a different kind of fear. The intelligence world operates in the shadows. You don't know where the dangers lie."

Poitras was a key person Snowden reached out to when he decided to go public with documents detailing massive U.S. and British surveillance operations. She was one of three journalists who traveled to Hong Kong to hole up in a hotel room over eight days in June 2013 as Snowden revealed much of what he knew as a high-level NSA consultant. She also shot the 12-minute video of Snowden that went viral at the time and in turn made him, at 29, perhaps the most important and polarizing figure of his kind since Pentagon Papers leaker Daniel Ellsberg.

"Citizenfour," which had its world premiere at the New York Film Festival over the weekend to a standing ovation and will hit theaters Oct. 24, is Poitras' original video writ large. The movie is a look at how Snowden decided to pull back the curtain on the government surveillance operations and what happened to him when he did, often through never-before-seen footage. The film could reignite the debate over how Snowden should be viewed and shine a light anew on the surveillance apparatus.

Whether Snowden is a whistle-blower or a traitor is a question that has captivated security and foreign-policy thinkers since his leaks reached the public. With "Citizenfour," Poitras has made a movie that argues for his heroism, emphasizing the risks he took to step forward.

She also lays out in often startling detail the extensive surveillance operations of the U.S. and British governments including facilities that are believed to process data (possibly emails, phone calls or other information) of millions of citizens also layering in voices such as those of former NSA official-turned-critic William Binney and activist Jacob Appelbaum. Clips from the strange bedfellows of President Obama and former George W. Bush spokesman Ari Fleischer decrying Snowden are meant primarily to show an establishment's panic and defensiveness about Snowden's actions.

Telling at once a story both broad and personal, the film begins with Poitras' voice-over describing how she had been contacted anonymously by a man identifying himself as "Citizenfour," who claimed to have proof of illegal government surveillance.

The source turns out to be Snowden, but before Poitras gets to him, she details the extensive national security apparatus that he will soon expose. The director has activists explain how the government uses so-called metadata to track phone calls and movements of ordinary citizens, and she shows clips of James Clapper, director of national intelligence for the NSA, testifying before Congress that the government does not spy on millions of Americans.

See the original post here:
In 'Citizenfour,' Laura Poitras feels heat of telling Snowden's story

Google exposes ‘Poodle’ flaw in Web encryption standard

Posted on by

Three Google security engineers uncover a major vulnerability in the older -- but still supported -- Web encryption standard SSL 3.0. Experts say fixing it is impossible and upgrading will be difficult.

A 15-year-old encryption protocol for browsers and websites is now too vulnerable to safely use. CNET

Older Web technology continues to be dogged by revelations that show how insecure it is. A trio of Google security engineers proved that the encryption standard Secure Socket Layer can be circumvented thanks to a new vulnerability they dubbed "POODLE."

POODLE is a new security hole in Secure Socket Layer (SSL) 3.0 that makes the 15-year-old protocol nearly impossible to use safely, said Google security engineers Bodo Mller, Krzysztof Kotowicz and Thai Duong in a new report published on Tuesday.

The vulnerability allows encrypted, ostensibly-secret information to be exposed by an attacker with network access. POODLE, which stands for Padding Oracle On Downgraded Legacy Encryption (PDF), is a problem because it's used by both websites and Web browsers. Both must be reconfigured to prevent using SSL 3.0, and POODLE will remain a problem as long as SSL 3.0 is supported.

While SSL 3.0 is no longer the most advanced form of Web encryption in use, Mller explained browsers and secure HTTP servers still need it in case they encounter errors in Transport Layer Security (TLS), SSL's more modern, less vulnerable younger sibling.

The good news is that not much of the Web relies on SSL 3.0 anymore. A study by the University of Michigan shows that few sites rely on SSL 3.0 for anything. Less than 0.3 percent of communication between site and server depends on SSL 3.0, while 0.42 percent of the top 1 million domains on Alexa use it in even partially.

The reason that POODLE is a problem is that attackers can force your browser to downgrade to SSL 3.0.

If either browser or server runs into problems connecting with TLS, sites and browsers will often fall back to SSL. The problem is that attackers can force a connection failure which would force a site to use SSL 3.0, which would then expose it to hackers.

Because disabling SSL 3.0 outright causes compatibility problems for sites and servers, Mller recommended that administrators for both add support for TLS_FALLBACK_SCSV, a TLS protocol that blocks attackers from conning browsers into downgrading to not only SSL 3.0, but TLS 1.0 and 1.1 as well. It "may help prevent future attacks," he wrote.

Read the rest here:
Google exposes 'Poodle' flaw in Web encryption standard

Google Reveals ‘Poodle’ Web-Encryption Bug

Posted on by

The bug affects a 15-year-old encryption standard known as SSL 3.0, but is less severe than Heartbleed or Shellshock.

Another week, another Internet vulnerability uncovered: Google researchers have reported a Web encryption bug that allows hackers to infiltrate email, banking, and other online accounts.

Dubbed Poodle (for "Padding Oracle On Downgraded Legacy Encryption"), the threat affects a 15-year-old encryption standard known as SSL 3.0. But it is reportedly less severe than Heartbleed or Shellshock.

Existing in old software and nearly all browsers, the bug is not easy to apply: It requires a hacker to tap into the connection between you and your browser, referred to as a man-in-the-middle exploit.

"If Heartbleed/Shellshock merited a 10, then this attack is only around a 5," said Errata Security's Robert Graham.

So while you have little to worry about surfing the Web on a secure home connection, using the local coffee shop's unencrypted Wi-Fi makes it simpler for a nearby hacker to take complete control of your accounts.

The good news is they won't be able to steal your password.

Google researchers Bodo Mller, Thai Duong, and Krzysztof Kotowicz discovered the vulnerability, which unfortunately does not come with a quick fix.

Your best bet is to avoid SSL 3.0 entirely, and add a second mechanism called TLS_FALLBACK_SCSV, which will help solve the immediate problem and prevent future attacks.

Chrome and Firefox users can visit Googler Adam Langley's blog for more details on how to implement the patches.

Read the rest here:
Google Reveals 'Poodle' Web-Encryption Bug

Report: Open Source Needs to Get With the Security Program

Posted on by

Open source developers apparently don't adhere to best practices such as using static analysis and conducting regular security audits, found Coverity's Spotlight report, released Wednesday.

The Coverity Scan service, which is available at no charge to open source projects, helped devs find and fix about 50,000 quality and security defects in code last year.

That number can be attributed in part to continuous improvement, which lets users find previously undetected defects. Also, as projects mature, devs can focus on rooting out new defects. Another factor is that user registration for the Coverity service was quadruple that of 2012, noted Zach Samocha, senior director of products at Coverity.

Coverity in June added its Security Advisor to the Coverity Scan service, which resulted in the discovery of almost 4,000 defects. The Security Advisor includes sophisticated analysis algorithms that help developers find and fix critical Web application security issues.

Of the 4,000 discoveries, almost 2,400 of these were high-severity defects, while 1,330 were low severity, and the remaining 260 or so were medium severity.

There have been several highly publicized open source vulnerabilities this year alone, including Heartbleed and Shellshock.

Those two flaws impacted a large number of users because of the widespread implementation of open source software.

"We would like to see more open source projects sign up for the [Coverity Scan] service and incorporate the finding and fixing of defects into their standard process," Samocha told TechNewsWorld. More than 3,000 open source projects have signed up for the service, but "there are many more."

Security Advisor can find quality defects in C#, Java, C and C++ code, and it can spot security defects in Java, C and C++, Samocha said.

Since June, Security Advisor has identified 688 OWASP Top 10 issues in 37 open source projects, including big data, network management and blog server projects.

Read more:
Report: Open Source Needs to Get With the Security Program

Crash Course in Open Source Cloud Computing By @CitrixCloud | @CloudExpo

Posted on by

Linux Authors: Pat Romanski, Trevor Parsons, Shahbaz Ali, Carmen Gonzalez, Elizabeth White

Related Topics: SOA & WOA, Java, Linux, Open Source, Eclipse, Cloud Expo, Apache

SOA & WOA: Article

Storage, networking (OpenDaylight), compute virtualization (Xen, KVM, LXC) orchestration (Apache CloudStack, OpenStack)

Article Rating:

Reads:

In hissession at 15thCloud Expo, Mark Hinkle, Senior Director, Open Source Solutions at Citrix Systems Inc., will provide overview of the open source software that can be used to deploy and manage a cloud computing environment.

Mark will include information on storage, networking (e.g., OpenDaylight) and compute virtualization (Xen, KVM, LXC) and the orchestration (Apache CloudStack, OpenStack) of the three to build their own cloud services.

Contact@CitrixCloud for your FREE@CloudExpo pass.

Speaker Bio:Mark Hinkle is the Senior Director, Open Source Solutions, at Citrix Systems Inc. He joined Citrix as a result of their July 2011 acquisition of Cloud.com where he was their Vice President of Community. He is currently responsible for Citrix open source efforts around the open source cloud computing platform, Apache CloudStack and the Xen Hypervisor. Previously he was the VP of Community at Zenoss Inc., a producer of the open source application, server, and network management software, where he grew the Zenoss Core project to over 100,000 users and 20,000 organizations on all seven continents. He also is a longtime open source expert and author having served as Editor-in-Chief for both LinuxWorld Magazine and Enterprise Open Source Magazine. His blog on open source, technology, and new media can be found athttp://www.socializedsoftware.com.

Go here to see the original:
Crash Course in Open Source Cloud Computing By @CitrixCloud | @CloudExpo

Julian Assange discovers Google’s given MONEY to EFF

Posted on by

Choosing a cloud hosting partner with confidence

+Comment Silicon Valleys biggest companies are an essential part of both the US states data-processing operation and a barely controllable element in American foreign policy, says WikiLeaks fugitive Julian Assange in his latest interview.

Talking to Pando Daily (from the Ecuadorian embassy in London), Assange dubs Google, Facebook and Apple "surveillance barons", which is not a new observation. He also highlights the US states reliance on the internet giant to increase American "soft power" abroad:

Google perceives that its overlapping networks should include networks of traditional US soft power, hard power, and networks in other countries where it is either collaborating with the establishments of those countries or if it feels it doesnt have an in with the elite of the other countries, it brings in the people that might one day replace it.

Assange also criticises Googles network of digital rights groups - for being tame and domesticated, which means Google rarely comes under scrutiny. Google funds over 150 academic departments, think tanks and "citizens groups", offering them advertising, analytics help and fund-raising tools and often hard cash. The support for these organisations helps shape the policy agenda to one that doesnt disrupt Googles business.

The problem is that a lot of groups that would normally criticize Google, the nonprofits that are involved in the tech sector, are funded directly or indirectly by Google. Or by USAID. Or by Freedom House. Google and its extended network have significant patronage in the very groups that would normally be criticizing it, says Assange. Its the nature of organizations. They dont like to bite the hand that feeds them.

Assange singles out the Electronic Frontier Foundation (EFF), which received more than half of its annual income from just one of a series of controversial "cy pres" class action payouts*. The out-of-court payments over privacy breaches saw university departments and groups enriched by Google and Facebook, while the individuals who brought the class action didnt receive a penny.

The EFF is a great group, and theyve done good things for us, but nonetheless it is significantly funded by Google, or people who work at Google, says Assange.

Although hes now known as a notorious conspiracy theorist, Assange has found a conspiracy hidden in plain view.

But a better indicator of Google's influence is not when money changes hand, but when it doesn't. Take for example, the implications of the CJEUs Gonzalez ruling, which upheld that Google wasnt exempt from European data protection law, and which confirmed that individuals have the right to ask for links to old and irrelevant information to be removed from Google.

Read the original:
Julian Assange discovers Google's given MONEY to EFF

Bitcoin survival relies on community ‘growing up’

Posted on by

Summary: According to security experts, the cryptocurrency community needs to grow up in order to thrive -- and become more like the establishment it originally tried to break away from.

ISLE OF MAN The cryptocommunity needs to "grow up" if Bitcoin is going to flourish, according to a prominent member of the security community.

Interest in Bitcoin exploded after the 2008 recession. In 2012, there was a sharp rise in Bitcoin-based merchant services. Since this time, the cryptocurrency has become monetized due to rising demand, which peaked last year at over $1,000 for a single BTC. Many attempted to cash in, but the price fell by over 50 percent following the decimation of major Bitcoin trading post Mt. Gox.

Despite this, faith in virtual currency remains strong but could the lure of cryptocurrency's unstructured and unregulated system also be its undoing?

There are endless possibilities for cryptocurrency, and this is not limited to Bitcoin. Litecoin, Dogecoin and Peercoin to name but a few are also in the mix, and many individuals and businesses are working out how virtual currency will fit in to our future. Traditional financial institutions may underpin transactions using virtual currency, more individual power and privacy could end up in the hands of consumers, and underdeveloped nations may be able to use crypto to circumvent corrupt governments or to allow for easier payments and reduced transfer costs where traditional economies are volatile.

Bitcoin may have had its name tainted by association with underground marketplace Silk Road, but virtual currency's story doesn't have to end there.

Bruce Elliott, anexecutivefrom financial services firm Boston, told attendeesat the Crypto Valley Summit on the Isle of Man:

Bitcoin for us is a nice thing and a nice way to make money. For others, it's a matter of life and death and a way to transform their own lives [...] and control their own destiny.

In short, Bitcoin is more than a "scheme," as a recent report issued by the Bank of England implied.Within the report, the financial institution said that while Bitcoin had the potential to "disrupt monetary policy," the inherent volatility of the currency means crypto is not a threat to traditional currency and the "small size of such schemes" leaves virtual currency outside of the bank's notice.

However, in order for virtual currency to succeed, more is needed than ideas, glue and tape. Major ingredients including investment, security and regulation may also be necessary.

Visit link:
Bitcoin survival relies on community 'growing up'


« First...102030...2,1162,1172,1182,1192,120...2,1302,1402,150...Last »