HPE Machine Learning: A Benefit of the Autonomy Tech?
April 8, 2021
This sounds like an optimal solution from HPE (formerly known as HP); too bad it was not available back when the company evaluated the purchase of Autonomy. Network World reports, “HPE Debuts New Opportunity Engine for Fast AI Insights.” The machine-learning platform is called the Software Defined Opportunity Engine, or SDOE. It is based in the cloud, and will greatly reduce the time it takes to create custom sales proposals for HPE channel partners and customers. Citing a blog post from HPE’s Tom Black, writer Andy Patrizio explains:
“It takes a snapshot of the customer’s workloads, configuration, and usage patterns to generate a quote for the best solution for the customer in under a minute. The old method required multiple visits by resellers or HPE itself to take an inventory and gather usage data on the equipment before finally coming back with an offer. That meant weeks. SDOE uses HPE InfoSight, HPE’s database which collects system and use information from HPE’s customer installed base to automatically remediate infrastructure issues. InfoSight is primarily for technical support scenarios. Started in 2010, InfoSight has collected 1,250 trillion data points in a data lake that has been built up from HPE customers. Now HPE is using it to move beyond technical support to rapid sales prep.”
The write-up describes Black’s ah-ha moment when he realized that data could be used for this new purpose. The algorithm-drafted proposals are legally binding—HPE must have a lot of confidence in the system’s accuracy. Besides HPE’s existing database and servers, the process relies on the assessment tool recently acquired when the company snapped up CloudPhysics. We learn that the tool:
“… analyzes on-premises IT environments much in the same way as InfoSight but covers all of the competition as well. It then makes recommendations for cloud migrations, application modernization and infrastructure. The CloudPhysics data lake—which includes more than 200 trillion data samples from more than one million virtual machines—combined with HPE’s InfoSight can provide a fuller picture of their IT infrastructure and not just their HPE gear.”
As of now, SDOE is only for storage systems, but we are told that could change down the road. Black, however, was circumspect on the details.
Cynthia Murrell, April 8, 2021
GitHub: Amusing Security Management
April 8, 2021
I got a kick out of “GitHub Investigating Crypto-Mining Campaign Abusing Its Server Infrastructure.” I am not sure if the write up is spot on, but it is entertaining to think about Microsoft’s security systems struggling to identify an unwanted service running in GitHub. The write up asserts:
Code-hosting service GitHub is actively investigating a series of attacks against its cloud infrastructure that allowed cybercriminals to implant and abuse the company’s servers for illicit crypto-mining operations…
In the wake of the SolarWinds’ and Exchange Server “missteps,” Microsoft has been making noises about the tough time it has dealing with bad actors. I think one MSFT big dog said there were 1,000 hackers attacking the company.
The main idea is that attackers allegedly mine cryptocurrency on GitHub’s own servers.
This is post SolarWinds and Exchange Server “missteps”, right?
What’s the problem with cyber security systems that monitoring real time threats and uncertified processes?
Oh, I forgot. These aggressively marketed cyber systems still don’t work it seems.
Stephen E Arnold, April 8, 2021
No Joke: Amazon and Social Media
April 1, 2021
A change at the top and Amazon gets wonky. Coincidence or just a new crew of social media advisors? Who knows. “Amazon Wanted Twitter Warriors with Great Sense of Humor, Leaked Doc Shows” reveals some allegedly accurate information about the humble online bookseller.
The write up states:
Amazon sought out warehouse staffers with a “great sense of humor” to build a squad of Twitter warriors to knock down criticism of its fulfillment centers, a leaked document reveals.
Yep, warehouse workers with the skills of a tweet master like the real Borat.
The story adds:
While Amazon wanted the workers to speak for themselves, the memo shows company officials wanted a standardized format for their Twitter handles and usernames. They mulled adding an emoji to the username to “give personality, for example a small box emoji…
A happy Amazon worker surrounded with positive tweets is running with an “emergency necessary bottle” from the automated Bezos bulldozer and its business processes.
The write up includes what may be an April Fool joke:
“| work for Amazon and not sure about other facilities but I’ve never felt pressured to pee in a trash can,” one trainee wrote in a draft tweet. “My managers understand when you gotta’ go you gotta’ go.”
You can read the allegedly accurate document at this link.
Stephen E Arnold, April 1, 2021
High Tech Tension: Sparks Visible, Escalation Likely
March 25, 2021
I read Google’s “Our Ongoing Commitment to Supporting Journalism.” The write up is interesting because it seems to be a dig at a couple of other technology giants. The bone of contention is news, specifically, indexing and displaying it.
The write up begins with a remarkable statement:Google has always been committed to providing high-quality and relevant information, and to supporting the news publishers who help create it.
This is a sentence pregnant with baby Googzillas. Note the word “always.” I am not certain that Google is in the “always” business nor am I sure that the company had much commitment. As I recall, when Google News went live, it created some modest conversation. Then Google News was fenced out of the nuclear ad machinery. Over time, Google negotiated and kept on doing what feisty, mom and pop Silicon Valley companies do; namely, keep doing what they want and then ask for forgiveness.
Flash forward to Australia. That country wanted to get money in exchange for Australian news. Google made some growling noises, but in the end the company agreed to pay some money.
Facebook on the other hand resisted, turned off its service, and returned to the Australian negotiating table.
Where was Microsoft in this technical square dance?
Microsoft was a cheerleader for the forces of truth, justice, and the Microsoft way. This Google blog post strikes me as Google’s reminding Microsoft that Google wants to be the new Microsoft. Microsoft has not done itself any favors because the battle lines between these two giants is swathed in the cloud of business war.
Google has mobile devices. Microsoft has the enterprise. Google has the Chromebook. Microsoft has the Surface. And on it goes.
Now Microsoft is on the ropes: SolarWinds, the Exchange glitch, and wonky updates which have required the invention of KIR (an update to remove bad updates).
Microsoft may be a JEDI warrior with the feature-burdened Teams and the military’s go to software PowerPoint. Google knows that every bump and scrape slows the reflexes of the Redmond giant.
Both mom and pop outfits are looking after each firm’s self interests. Fancy words and big ideas are window dressing.
Stephen E Arnold, March 25, 2021
Microsoft: Losing an Appetite for Chinese Take Out?
March 16, 2021
I read “Microsoft Claims They Are under Attack by China.” Last month, Microsoft was under attack by Russia. In this most recent round of finger pointing, the Giant Freakin Robot states:
Microsoft says this hack actually began months ago, maybe as early as January with the hackers masking their efforts along the way and prying deeper into the base systems that stand up these email servers. Once it was noticed in early March, the company worked on a fix.
The bad actors have done significant harm. Attributing the attack to a nation state suggests that companies based in the US and deploying software and services worldwide are targets of value.
Several questions come to mind:
- With an attack which began months ago, why weren’t existing cyber security systems able to discern the breach and issue alerts?
- How long is “months ago”? What if the Exchange breaches occurred three, six, a year or more before being detected? Microsoft “defender” should have defended, but what about third party cyber security systems?
- Will the patches remediate the problem? Microsoft issued a Windows 10 update which caused some print functions to fail? Are Microsoft’s “fixes” introducing new vulnerabilities?
Net net: The bad actors (whether kids in McDonalds) or trained cyber warriors in bunkers may not be the actual problem.
What’s the problem?
Microsoft’s core business processes maybe?
The move to the cloud, background updates, flawed quality checks, and an eagerness to blame others could be contributing factors to the Redmond giant’s spate of woes.
What countries will be blamed for attacking Microsoft? I think Liechtenstein looks suspicious, don’t you?
Scrap the Chinese lunch order for today too.
Stephen E Arnold, March 16, 2021
India and Amazon Tie Contrived Knots
March 8, 2021
Small businesses in India have been accusing Amazon of shady business practices for some time. Now, a report from Reuters has exposed the company’s strategy to circumvent Indian regulators. Fossbytes discusses the report in, “The Great Amazon India Document Leak: All You Need to Know.” We’re told one internal presentation obtained by Reuters blatantly urged workers to “test the boundaries of what is allowed by law.” Not a good look, Amazon. Journalist Manik Berry writes:
“According to the report by Reuters, Amazon has been bending rules just enough to not get into legal trouble in India. For instance, the Indian FDI (foreign direct investment) rules prevent Amazon or other e-commerce retailers to control inventory in India. This means Amazon can be the platform where buyers meet sellers but it cannot control how the sellers sell things. However, the report says Amazon found a way to control the inventory. …
“Amazon’s internal documents reveal the creation of a ‘Special Merchant (SM)’ in 2014. This special merchant, namely Cloudtail, is one of the biggest sellers on Amazon, accounting for over 40% of the platform’s sales. Cloudtail was created as a collaboration between Amazon and the Infosys founder, N.R. Narayana Murthy. Amazon wanted it to control more than 40% of sales on Amazon India. This would’ve made it a $1 billion business, whose profit would, indirectly, go to Amazon. What’s alarming is that Cloudtail is created and controlled by Amazon, which means it directly flouted the Indian FDI rules.”
The report also reveals that about a third of Amazon India’s sales come from only 33 sellers. It seems the company has been providing those select few with support and promotion, giving them an unfair advantage. The leaked docs suggest this practice is resulting in losses for the other 66%. For more details, we direct readers to the extensive Reuters article.
Amazon is still the Bezos bulldozer. Perhaps the new driver is a streak of cleverness lacking when Mr. Bezos pulled the levers?
Cynthia Murrell, March 8, 2021
The Microsoft Supply Chain Works Even Better Going Backwards
March 4, 2021
Do you remember the character KIR-mit. He once allegedly said:
Yeah, well, I’ve got a dream too, but it’s about singing and dancing and making people happy. That’s the kind of dream that gets better the more people you share it with.
I am not talking about Jim Henson’s memorable character. That frog spelled its name Kermit. This is KIR-mit, an evil doppelgänger from another universe called Redmonium.
This KIR-mit is described in “Microsoft Is Using Known Issue Rollback (KIR) to Fix Problems Caused by Windows 10 Updates.” I learned that KIR
enables Microsoft to rollback changes introduced by problematic patches rolled out through Windows Update. KIR only applies to non-security updates.
Does the method expand the attack service for bad actors? Will weird calls to senior citizens increase with offers to assist with KIR-mit modifications? Will questionable types provide links to download KIRs which are malware? Yes, yes, and yes.
The article points out:
Known Issue Rollback is an important Windows servicing improvement to support non-security bug fixes, enabling us to quickly revert a single, targeted fix to a previously released behavior if a critical regression is discovered.
KIR is something users have said they wanted. Plus Microsoft has had this capability for a long time. I recall reading that Microsoft had a method for verifying the “digital birth certificate” of software in order to identify and deal with the SolarWinds-type of supply chain hack. I point this out in my upcoming lecture for a law enforcement entity. Will my audience find the statement and link interesting? I have a hunch the cyber officers will perk up their ears. Even the JEDI fans will catch my drift.
Just regular users may become woozy from too much KIR in the system. Plus, enterprise users will be “in charge of things.” Wonderful. Users at home are one class of customers; enterprise users are another. In between, attack surface the size of the moon.
Several questions:
- Why not improve the pre release quality checks?
- Why not adopt the type of practices spelled out by In Toto and other business method purveyors?
- Why not knock off the crazy featuritis and deliver stable software in a way that does not obfuscate, mask, and disguise what’s going on?
And the answers to these questions is, “The cloud is more secure.”
Got it. By the way a “kir” is a French cocktail. Some Microsoft customers may need a couple of these to celebrate Microsoft’s continuous improvement of its outstanding processes.
As KIR-mit said, “It’s about making people happy.” That includes bad actors, malefactors, enemies of the US, criminals, and Microsoft professionals like Eric Vernon and Vatsan Madhava, the lucky explainers of KIR-mit’s latest adventure.
Stephen E Arnold, March 4, 2021
Google Gets into Insurance
March 3, 2021
Worrying about the relevance of search results? You probably should. The online ad giant is facing some big problems. And what do giant corporations do when their core business faces competitive, legal, employee, management, and customer pressure?
Give up.
Here’s the answer: Sell insurance.
“Google Rolls Out First of Its Kind Cyber Insurance Program for Cloud Customers” reports:
Google LLC has teamed up with two major insurers to develop a cyber security insurance offering that will provide Google Cloud customers who sign up with coverage against cyber attacks.
Ask an actuary. Is insurance a good business? Listen to the answer… carefully.
The article notes:
The Risk Manager tool is available to Google Cloud customers by request. As for the cyber insurance coverage against data breaches, it will initially be offered to organizations in the U.S.
There are several implications of this deal. But it is early days, and one cannot purchase insurance to cover a ride in a Waymo infused vehicle directly from the GOOG yet.
The thoughts which ran through my mind after reading the news story were:
- Is Google cashing in on SolarWinds’ paranoia?
- Does selling insurance for cloud services suggest that cloud services are a big fat bad actor target which cannot be adequately protected?
- Will Google insure homes, yachts, and health?
- Has Google run out of ideas for generating revenue from its home brew and me too technology?
I have no answers, just hunches.
The Google has looked backwards to bottomry contracts shaped in Babylon. When did this insight dawn? Round about 4,000 before common era (that’s AD in thumbtyper speak).
Will Google innovate with stone flaking methods and sell non fungible tokens for these artifacts?
Stephen E Arnold, March 3, 2021
Microsoft: Back in the Security Spotlight
March 3, 2021
What giant software company with a great marketing operation is back in the spotlight? The answer may be Microsoft. I read “real” news from an outfit which is into trust “Chinese Hackers Plundered Inboxes Using Flaws in Microsoft’s Exchange Server Software.”
The write seems to be taking a slightly less enthusiastic approach to the outstanding software and services provided by the Redmond giant. The company is, as you may know, the outfit which is going to run much of the Department of Defense cloud system. That’s because the cloud is much better than on premises computing devices. The cloud is magical, which I think is a synonym for easier, but that’s just me.
I noted this statement in the trustiness article:
Microsoft’s suite of products has been under scrutiny since the hack of SolarWinds, the Texas-based software firm that served as a springboard for several intrusions across government and the private sector. In other cases, hackers took advantage of the way customers had set up their Microsoft services to compromise their targets or dive further into affected networks. Hackers who went after SolarWinds also breached Microsoft itself, accessing and downloading source code — including elements of Exchange, the company’s email and calendaring product.
The paragraph suggests that because Microsoft’s methods worked for the SolarWinds’ misstep, other bad actors are jumping into the hay stack of wild and crazy methods.
My view is that we are likely to see the feedback loop scale to some painful frequencies. Should anyone worry? Nope, those trusted permissions, the fluid code, and the big fat targets like Azure, Exchange, and Office 365 are no big deal. Right, Microsoft. It takes 1,000 engineers to fool the Softies.
Stephen E Arnold, March 3, 2021
Gebru-Gibberish: A Promise, Consultants, and Surgical Management Action
March 1, 2021
I read “Google Reportedly Promises Change to Research Team after High Profile Firings.” The article explains that after female artificial intelligence researchers found their futures elsewhere, Google (the mom and pop neighborhood online ad agency) will:
will change its research review procedures this year.
Okay, 10 months.
The write up points out that the action is
an apparent bid to restore employee confidence in the wake of two high-profile firings of prominent women from the [AI ethics] division.
Yep, words. I found this passage redolent of Gebru-gibberish; that is, wordage which explains how smart software ethics became a bit of a problem for the estimable Google outfit:
By the end of the second quarter, the approvals process for research papers will be more smooth and consistent, division Chief Operating Officer Maggie Johnson reportedly told employees in the meeting. Research teams will have access to a questionnaire that allows them to assess their projects for risk and navigate review, and Johnson predicted that a majority of papers would not require additional vetting by Google. Johnson also said the division is bringing in a third-party firm to help it conduct a racial-equity impact assessment, Reuters reports, and she expects the assessment’s recommendations “to be pretty hard.”
Okay. A questionnaire. A third party firm. Pretty hard.
What’s this mean?
The Ars Technica write up does not translate. However, from my vantage point in rural Kentucky, I understand the Gebru-gibberish to mean:
- Talk about ethical smart software and the GOOG reacts in a manner informed by high school science club principles
- Female AI experts are perceived as soft targets but that may be a misunderstanding in the synapses of the Google
- The employee issues at Google are overshadowing other Google challenges; for example, the steady rise of Amazon product search, the legal storm clouds, and struggles with the relevance of ads displayed in response to user queries or viewed YouTube videos.
Do I expect more Gebru-gibberish?
Will Microsoft continue to insist that its SAML is the most wonderful business process in the whole wide world?
Stephen E Arnold, March 1, 2021
-
- Subscribe to Beyond Search
Feature archive
News archive
-
