As part of the flurry of announcements for this year’s IBM THINK conference, IBM has announced a major update to Cloud Pak for Data that provides more capabilities for consuming and managing data across different steps of the lifecycle. As Larry Dignan covered it yesterday, AutoSQL is at the heart of the new capabilities for distributed query of data, expanding Cloud Pak for Data’s reach beyond the original prepackaged data warehouse to cloud object storage and other relational databases.
AutoSQL is one of several capabilities being introduced to Cloud Pak for Data, alongside AutoCatalog, which automates data discovery and maintains a real-time inventory of data assets, and AutoPrivacy, that uses machine learning to automate the designation of sensitive data and facilitate enforcement of privacy protection policies. Putting this all together is an architectural pattern that IBM calls the intelligent data fabric that provides APIs and integration for automating the management of data from discovery to query and governance/compliance. By the way, don’t confuse it with a similarly named service that schedules and automates queries to MySQL.
IBM describes AutoSQL as a universal query engine. The simplest way to describe it is as distributed query engine for your data landscape, or in essence, IBM’s take on the data lakehouse. That is, data may reside in Cloud Pak for Data’s own data warehouse or data lake, external data warehouses, or in object storage in other clouds. Queries are pushed down to the source, rather than the typical method of moving data to the database engine (which would otherwise run the queries). It accesses databases, data lakes (e.g., cloud storage such as S3, Azure ADLS, Google Cloud storage, or other object stores), and streaming data.
The guiding notion with AutoSQL is that you place a query and don’t have to worry about how to configure it to run against data that resides in different environments, on-premises or in the public cloud, and can run at petabyte scale. IBM has worked in various caching and acceleration schemes to accelerate query processing. Optimization and tuning of queries is all inside a black box.
AutoSQL’s query engine harvests capabilities consolidated from IBM”s roughly half dozen SQL engines that originated for Db2, Netezza, BigSQL for Hadoop, and others. And it offers the option for running batch jobs using Spark. In essence, this is IBM’s answer to Azure Synapse Analytics, which also provides a choice of SQL or Spark processing. IBM differentiates AutoSQL, and cloud Pak for Data, as being cloud-agnostic, vs. Azure Synapse, which only runs on Microsoft’s cloud.
Being part of the data fabric architecture, AutoSQL works with AutoCatalog. The discovery part means aligning the data with business terms – that’s where AutoCatalog comes in. The catalog can generate data description language (DDL) that AutoSQL can use for generating data stores for persisting results. This can be critical, especially when working with public clouds that have data egress charges, where it might be more expedient to persist the results of frequent queries in an intermediate data store. In a multicloud environment, where you want to minimize data movement from different clouds, such data stores can become the physical instantiation of materialized data views.
AutoSQL is the first step toward expanding the reach for Cloud Pak for Data. It has extended the envelope from the embedded data warehouse of Cloud Pak for Data to the broader world of data lakes. By combining capabilities from IBM’s various SQL engines and working in Spark, AutoSQL, IBM puts query of data warehouses and data lakes (cloud storage) on equal footing. We would like to see closer integration with IBM Event Streams – with the ability to run SQL query on real-time data in motion. Given that IBM is positioning AutoSQL as a way to scale query out to multiple data sources, we have a couple questions. What about querying data at the edge – whether the data resides in a local database inside a factory, or the aggregation of results of analytics conducted on remote devices out in the field? Or, flipping the equation, in a cloud-native world where compute is separated from storage what about multiple compute engines that are accessing the same data? These are the answers that we’ll expect to hear from IBM in coming months.
Google and Apple: Mobile operating systems and apps ‘duopoly’ in the spotlight
The UK’s Competition and Markets Authority (CMA) is eyeing Apple’s and Google’s “effective duopoly” over concerns that the smartphone and mobile app markets could be resulting in consumers losing out.
The regulator is concerned that iOS and Android, combined with Apple’s App Store and Google Play, could be harming consumers in a wide range of ways, primarily by stifling competition in digital markets through their outsized control over these gateways.
The CMA is not just concerned about apps but all the IoT devices in consumers’ homes that are controlled by smartphones, from TVs to smart speakers.
“Apple and Google control the major gateways through which people download apps or browse the web on their mobiles – whether they want to shop, play games, stream music or watch TV,” Andrea Coscelli, chief executive of the CMA said.
SEE: 5G smartphones: A cheat sheet (free PDF) (TechRepublic)
“We’re looking into whether this could be creating problems for consumers and the businesses that want to reach people through their phones.”
“Our ongoing work into big tech has already uncovered some worrying trends and we know consumers and businesses could be harmed if they go unchecked. That’s why we’re pressing on with launching this study now, while we are setting up the new Digital Markets Unit, so we can hit the ground running by using the results of this work to shape future plans.”
The CMA established the Digital Markets Unit (DMU) in April as part of a plan to strengthen is regulatory powers over online platforms like Facebook and Google.
The DMU was depicted by the CMA as “a tough new regulator to help make sure tech giants such as Facebook and Google cannot exploit their market dominance to crowd out competition and stifle innovation.”
The CMA is also eyeing Apple’s Safari browser, which is dominant on iPhones, and Google Chrome, which is dominant on Android phones.
At the moment, the CMA’s probe of Apple and Google is characterized as a “study”, meant to inform the UK’s new “pro-competition regulatory regime” through the DMU.
The CMA recently launched an investigation into Apple’s App Store rules for developers over the 30% commission it takes on in-app sales with the aim of finding out whether Apple imposes unfair or anti-competitive terms on developers using the App Store, and whether this results in end users having less choice or paying higher prices for apps and add-ons.
Microsoft’s CISO: Why we’re trying to banish passwords forever
Bret Arsenault, Microsoft’s chief information security officer (CISO), who’s been at Microsoft for 31 years, says he’s only ever been publicly cheered once at the company: that was when he killed off Microsoft’s internal policy of changing passwords every 71 days.
“That’s the first time I’ve been applauded as a security person and executive,” Arsenault tells ZDNet. “We said we’re turning off password rotation within Microsoft, because we had eliminated that part of it.”
As Microsoft’s CISO, Arsenault is responsible for protecting both Microsoft products and its internal networks used by its 160,000 employees. After adding vendors into the mix, he’s responsible for about 240,000 accounts globally. And getting rid of passwords and replacing them with better options like multi-factor authentication (MFA) is high on his to-do list.
SEE: Network security policy (TechRepublic Premium)
Microsoft updated its password policy in stages. In January 2019, it moved to one-year expiry, using telemetry to validate effectiveness. In January, 2020 it moved to unlimited expiry based on the results.
Microsoft also stopped recommending to customers to implement a 60-day password expiration policy in 2019 because people tend to make small alterations to existing passwords or forget new good ones.
For Arsenault, rather than make the conversation about putting MFA everywhere, he framed the change as being about eliminating passwords.
“Because nobody likes passwords. You hate them, users hate them, IT departments hate them. The only people who like passwords are criminals – they love them,” he says.
“I remember we had a motto to get MFA everywhere, in hindsight that was the right security goal but the wrong approach. Make this about the user outcome, so transition to “we want to eliminate passwords”. But the words you use matter. It turned out that simple language shift changed the culture and the view of what we were trying to accomplish. More importantly, it changed our design and what we built, like Windows Hello for business,” he says.
“If I eliminate passwords and use any form of biometrics, it’s much faster and the experience is so much better.”
On Windows 10 PCs, that biometric security experience is handled by Windows Hello. On iOS and Android, access to Office apps is done through Microsoft Authenticator, which provides a smooth experience when logging into Microsoft Office apps. It taps into biometrics available on iPhones and Android phones.
“Today, 99.9% of our users don’t enter passwords in their environment. That said – progress over perfection – there are still legacy apps that will still prompt [for a password],” he says.
However, that’s not the end of the battle. Just 18% of Microsoft’s customers have enabled MFA.
This figure seems absurdly low given that enabling MFA is free for Microsoft customers, yet as ransomware shows, there can be mult-imillion dollar consequences when just one key internal account is compromised.
Protecting accounts with MFA won’t stop attackers completely, but it does make their lives harder by shielding an organization from the inherent weaknesses in usernames and passwords to protect accounts, which can be phished or compromised through password-spraying attacks.
The latter technique, which relies on password re-use, was one way the SolarWinds attackers breached targets besides breaking into the firm’s software build systems to spread a tainted software update.
Microsoft is moving towards a hybrid mode of work and, to support that shift, it’s making a push towards a Zero Trust network design, which assumes the network has been breached, that the network extends beyond the corporate firewall, and caters to BYOD devices that could be used at home for work or at work for personal communications.
But how do we get more organizations to enable MFA in critical enterprise products from Microsoft, Google, Oracle, SAP and other crucial software vendors?
For organizations looking to enable MFA, Arsenault recommends targeting high-risk accounts first and to work on progress rather than perfection. The biggest problem is legacy applications, but seeking perfection risks getting bogged down.
“Everyone has brownfield apps that can’t support modern authentication, such as biometrics, and so I think what a lot of people should and need to do is take a risk-based approach: first get MFA enforced for high-risk/value groups like admins, HR, legal group and so on, and then move to all users. It can be a multi-year journey, depending how quickly you want to do something,” he says.
Then there’s the difficult question about SolarWinds and how Microsoft, which has a $10 billion cybersecurity business, got caught out by Russian government hackers. Microsoft in February claimed it was only minimally harmed by the incident, but it was nonetheless breached. Microsoft president Brad Smith called the hack a “moment of reckoning” because customers, including Microsoft itself, can no longer trust the software they get from trusted vendors.
“Certainly, we used SolarWinds Software in our environment and we identified and remediated the impacted versions and we’ve been public about that there was access. We continue to modify how we do supply chain programs and how we evaluate what’s in supply chain and how quickly we can go do those things,” says Arsenault.
According to Arsenault, Microsoft had seen the supply chain threat coming for a long time.
“You see a lot of people doing stuff to protect their front doors, but then their backdoors are wide open,” he says.
“The part we’ve seen coming along is that the supply chain is the weak point, right. You have limited visibility into your suppliers. I think [US president Joe Biden’s] executive order will help in this space. But getting to the view of how we think about suppliers, we need a way to get that visibility in a scalable way.
“I want to take the Zero Trust concept for information workers and apply that to the software supply chain, which is no line of code that was ever written wasn’t from an attested identity, from a healthy device,” he says.
Facebook awards $30,000 bounty for exploit exposing private Instagram content
Facebook has awarded $30,000 to a researcher for reporting vulnerabilities in Instagram’s privacy features.
According to a Medium blog post penned by bug bounty hunter Mayur Fartade on Tuesday, a set of vulnerable endpoints in the Instagram app could have allowed attackers to view private media on the platform without following a target account.
This included private and archived posts, stories, and reels.
If an attacker obtains a target user’s Media ID, via brute-force or through other means, they could then send a POST request to Instagram’s GraphQL endpoint, which exposed display URLs and image URLs, alongside records including like and save counts.
A further vulnerable endpoint was also found that exposed the same information.
In both cases, an attacker could extract sensitive data concerning a private account without being accepted as a follower, a feature of Instagram designed to protect the privacy of users. In addition, the endpoints could be used to extract the addresses of Facebook pages linked to Instagram accounts.
Fartade reported his findings for the first endpoint through the Facebook Bug bounty program on April 16. Facebook’s security team then responded on April 19 with a request for further information including steps for reproduction.
By April 22, the bug bounty hunter’s report had been triaged, and a day later, Fartade found and informed Facebook of the second leaky endpoint.
Facebook patched up the vulnerable endpoints on April 29, however, Fartade says that a further fix was required to fully resolve the security issue.
A financial reward worth $30,000 was awarded by June 15, the bug bounty hunter’s first through Facebook’s program. The social media giant thanked the researcher for his report.
ZDNet has reached out to Facebook and we will update when we hear back.
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0
Most firms face second ransomware attack after paying off first
The majority of businesses that choose to pay to regain access to their encrypted systems experience a subsequent ransomware attack. And almost half of those that pay up say some or all their data retrieved were corrupted.
Some 80% of organisations that paid ransom demands experienced a second attack, of which 46% believed the subsequent ransomware to be caused by the same hackers. Amongst those that paid to regain access to their systems, 46% said at least some of their data was corrupted, according to a Cybereason survey released Wednesday. Conducted by Censuswide, the study polled 1,263 security professionals in seven markets worldwide, including 100 in Singapore, as well as respondents in Germany, France, the US, and UK.
Globally, 51% retrieved their encrypted systems without any data loss, while 3% said they did not regain access to any encrypted data. The report revealed that one particular organisation reportedly paid up a ransomware amount in the millions of dollars, only to be targeted for a second attack by the same attackers within a fortnight.
In Singapore, 90% experienced a second ransomware attack after paying up for the first ransom, with 28% regaining access to data that were corrupted. Some 73% admitted they lost revenue as a result of the attack, compared to the global average of 66%, while 40% saw their brand or reputation adversely affected, compared to 53% globally.
Some 37% of Singapore organisations that paid a ransomware forked out $140,000 to $1.4 million, and 5% paid ransom amounts of at least $1.4 million. Another 13% acknowledged having to lay off employees due to financial losses following an attack, while 20% were forced to close down.
Cybereason’s Asia-Pacific vice president Leslie Wong said: “Singapore businesses must understand that paying a ransom demand does not guarantee a successful recovery, does not prevent the attackers from hitting the victim organisation again, and in the end only exacerbates the problem by encouraging more attacks. Getting in front of the threat by adopting a prevention-first strategy for early detection will allow organisations to stop disruptive ransomware before they can hurt the business.”
Globally, the survey found that 81% of respondents were highly concerned about risks posed by such attacks, with 73% saying they had policies or plans in place to specifically manage ransomware attacks.
Ransomware attacks were projected to cost $265 billion worldwide by 2031, with one attack impacting businesses and consumers every few seconds, according to Cybersecurity Ventures. This year, such attacks were estimated to cost $20 billion, up 57-fold from 2015.
Check Point Research also revealed Wednesday that the average number of ransomware attacks worldwide climbed 20% in the last two months, 41% over the last six months, and 93% in the past year.
In Singapore, such attacks grew 40% over the last couple of months, 99% in the last half a year, and 147% over the past year, said the security vendor. It added that Latin America and Europe clocked the highest spikes in ransomware attacks since the start of 2021, at 62% and 59%, respectively.
A Veritas survey last November revealed that 78% of businesses in Singapore and 88% in Australia had paid up ransoms in full or in part, after falling to victim to such attacks. In addition, 45% in Singapore took between five and 10 days to recover fully from a ransomware attack, compared to 11% in India and 35% in China.
Cybersecurity vendors typically advise organisations against paying up after experiencing ransomware attacks, advocating instead that businesses adopt a data protection and recovery strategy.
Cybereason, though, noted that data backup plans would not work as effectively when cybercriminals launched “double extortion” malware attacks, in which hackers went beyond encrypting data to exfiltrate sensitive data and intellectual property. They then would threaten to expose or peddle the stolen data if their ransom demands were not met.
Delta Air Lines Flight Diverts To Oklahoma Over Unruly Off-Duty Flight Attendant
Lost Ark Founders Pack: Everything You Need to Know
Spirit Airlines Just Made The Best Argument For Lifting LaGuardia’s Perimeter Rule
Data Breach that Impacted Both Audi of America and Volkswagen of America
Tesla Model S 420 Plaid Is The Best Car In The World (But Not For Me)
Industrial robots market in the automotive industry | $ 3.97 billion growth expected during 2021-2025 | 17000+ Technavio Research Reports
Daiki Axis Co., Ltd. (4245, First Section, Tokyo Stock Exchange) Overview of Operating Performance for the First Three Months Ended March 31, 2021
Blockchain technology can help to protect sensitive information
DCR Technical Analysis: Look for Support Levels of $130.13 and $126.01
State-Chartered Banks in Texas to Provide Crypto Custody
Clash of Clans June 2021 Update patch notes
Chamber of Digital Commerce Welcomes Zilliqa and Newly Formed Zilliqa Capital as New Members
Africa Leading Bitcoin P2P Trading Volume Growth in 2021
Facebook Just Bought Its Fifth VR Studio, ‘POPULATION: ONE’ Developer BigBox VR
Cybersecurity Degrees in Colorado
Industrial synchronous belt drives market|$ 518.13 million growth expected during 2021-2025|17000+ Technavio Research Reports
Genshin Impact Murals: Location Guide
Forza Horizon 5 Announced, Launches November 9
Heretics to reportedly lose VCT points after roster overhaul
Swiss Company Tokenizes Litigation Financing
Esports7 days ago
Genshin Impact Echoing Conch Locations Guide
Esports1 week ago
All 17 character locations in Collections in Fortnite Chapter 2, season 7
Esports1 week ago
Here are all the milestones in Fortnite Chapter 2, season 7
Esports1 week ago
How to complete Pokémon Go’s A Very Slow Discovery Collection Challenge
Esports1 week ago
Genshin Impact Kaedehara Kazuha Revealed
Esports1 week ago
How to complete Pokémon Go’s A Very Slow Discovery Collection Challenge
Esports1 week ago
Free boxes and skins up for grabs in Brawl Stars to celebrate one-year anniversary of China release
AI1 week ago
How to Become a 21st Century Engineer?
Gaming1 week ago
MUCK: How To Get The Best Weapon | Wyvern Dagger Guide
Esports1 week ago
What Time Does Minecraft 1.17 Release?
Esports1 week ago
Genshin Impact Kamisato Ayato Speculated for Release
Blockchain1 week ago
BPI No Longer Allows Crypto Transactions