A first person account from Brussels

Posted on by
1

A friend of mine, Arielle Goldfarb, is a graduate student in counter-terrorism at the IDC school outside of Tel Aviv. Goldfarb grew up in Israel and then moved to Toronto for several years, before going back to Israel to finish her studies. She found herself last week in Brussels. This is her story.

First, realize that I speak from my own personal experience and my own opinions. As part of my master’s program, we were offered to be part of an Israeli delegation to visit NATO and that is why I was there in Brussels. After the attacks, one of the immediate feelings I had was that I wanted to go home, home being Israel. It was such a strange thing to say, considering that Israel faces terrorism every single day. Somehow, being in Israel felt safer than staying in Europe. When we learned that El Al was sending a jumbo jet, I cannot say I was surprised, but I was relieved. Being on that plane, especially on Purim, was a very meaningful experience. I felt at that moment that all the passengers on the plane (over 400 of us) were grateful to be able to fly back to Israel. Without this flight, who knows how long we would have been stuck in Brussels?

Going through this experience has somewhat shifted my attention and interests. I would like to take steps to learn more about Europe’s security outlook, not only in relation to terror, but also as a doctrine as a whole.

It is somewhat ironic but the Brussels trip also strengthened my understanding of the reality of terrorism in the world today. That was an important learning experience. To me, it became clear through this trip that there is a requirement for international cooperation when it comes to fighting terror and that it is imperative for every country to think ahead and prepare, instead of acting to increase security only after being personally affected by terror.

I also learned that there are serious shortcomings in security in Europe that should be addressed. One of the recurring themes of the trip was that Europe does not view terrorism as an existential threat. With this outlook on the security situation, it is hard to believe that Europe is taking sufficient and drastic enough measures to increase their intelligence sharing among the various countries and agencies. What I do think is that unfortunately, with every attack, Europe’s outlook changes coming one step closer each time to viewing terrorism as a threat to its existence.

Another thing that I learned – which was somewhat surprising for me — has been the method in which terrorist organizations are funded. I had previous knowledge of the need to fight terrorism from its root, that is to follow the money trail, but I was not aware of the extent and the creativity of terror fundraising. I learned that charities are probably the main way that terrorists funnel money, and that ISIL has come up with new tactics for funding, such as selling antiquities that they pillage on the black market.

Thanks for the report Arielle. I am glad that you are safe and back in school.

Quickbase blog: Recognize the Warning Signs of Spreadsheet Abuse

Posted on by
Reply

There are lots of circumstances that don’t fall under abuse but do account for inappropriate spreadsheet usage.

Part of the problem has to do with the universal appeal of spreadsheets: after all, they have been around for decades and the user interface of the grid of empty cells is so seductive. You just have to type in a number or a formula and you are good to go, right?

Well, not exactly. There are lots of warning signs that it is time to retire your Excel spreadsheet and move to something more sophisticated and capable to build your mathematical models. As a public service, let’s look at a few questions to get to the bottom of things.

Is your data poorly structured? Just like poorly structured programs, a spreadsheet that has input cells all over the place (instead of at the top or organized into a single section) can quickly become a nightmare to debug and understand. Say one of those input cells is accidentally deleted. Or what if you have a spreadsheet that doesn’t clearly label its input fields at all (with a contrasting color or some other graphic device)? When you get to this level of complexity, it is time to consider using something else.

Do you have a very sparse matrix? When you have a spreadsheet that has hundreds of rows and columns with just a few numbers or formulae sprinkled throughout, it becomes harder to find those numbers across all that empty space. Even on the largest of monitors, there is a whole lot of scrolling around to see the active data cells, and easy to miss something that is hiding in an open field. Databases are better for this sort of situation.

Are you mixing spreadsheets with other data sources? You have heard the expression oil and water don’t mix, right? The more complex your data model, the more difficult it is to see how it works and what is the ultimate goal. This is especially true when it comes to using SQL and other data sources as part of your spreadsheet. Ideally, your spreadsheet shouldn’t depend on any external data file to do its work, but that isn’t always possible. If you are building a more complex model like this, think about using a different product or entering the world of serious programming. You probably should start by using an online tool that can make the data connections easier. One way to go would be to look carefully at what Microsoft is doing in its support for online OData sources, and while certainly you can add this to an existing spreadsheet, you probably don’t want to.

Can you find your mistakes quickly? Most spreadsheets suffer from this problem, because they have been built over time with lots of additions and changes to their models. This means that obvious arithmetic mistakes are often hidden or obscured. Or worse yet, you don’t have a feel for your numbers. You may not be able to test your assumptions and making some common sense inputs to see if your spreadsheet produces results that are within your expectations. If your spreadsheet has grown like topsy then maybe it is time to look at some other way to model your calculations.

Do you have more than one author of your spreadsheet? This can be a real issue. Having two or more authors writing formulae can be a problem: how do you track changes and who has the most current version of your file? Chances are, you have experienced this when two people are working on different portions of the file concurrently, and then it is up to someone else to be the final judge of which changes get put into production where. When your spreadsheet is in the cloud, this becomes a non-problem.

SecurityIntelligence.com: Security Solutions for the Virtual Network

Posted on by
Reply

I  cover a recent white paper from the Cloud Security Alliance about network function virtualization (NFV) in a series of posts for IBM’s SecurityIntelligence.com blog. In the first post, “Security and the Virtual Network: Part I,” I discuss how NFV and software-defined networks (SDNs) are changing the traditional enterprise infrastructure. Part two explored some security challenges and implementation risks involved with deploying new virtual networks and their related technologies. And in the third post, I recommend improvements and certain security frameworks for protecting your virtual networks.

Virtual networks’ dynamic nature means IT staff have to take time to document its topology and data flows carefully and keep up with any changes to its structure.

The rise of the anti-vaxxers

Posted on by
5

A story in the New York Times this past week is about a new documentary film that was originally going to be screened at the Tribeca Film Festival next month. When I first read the piece, I was mad. Turns out I wasn’t the only one. After others complained, the film was pulled from the schedule. Let’s review what happened, and why this is important.

The background is that the film is about the anti-vaccine movement, produced by the doctor who originally wrote papers on the subject many years ago. Thanks to the actions from the festival, Andrew Wakefield is now more infamous on the topic. His paper was initially published in the British medical journal The Lancet and later retracted. But that hasn’t stopped him, and his latest action was to turn to being a filmmaker.

The issue that I see is that the anti-vaxxers, as they are known, is a dangerous group. By refusing to vaccinate their kids, they are putting their lives and their children’s at tremendous risk. “Part of the problem is that our parents have seen polio,” as my friend Dr. Patricia Boiko told me after she read the Times story. Boiko has both an MD and an MPH and is also a documentary filmmaker, so she can speak to several aspects here. By the way, Tribeca rejected one of her films, but let’s talk about the public health aspects of the anti-vaxxers.

My dad actually had a light case of polio when he was a child. And back then, when the vaccines were first introduced, you didn’t have any choice: “We were lined up in school and given the shots. There wasn’t any parental consent, there was such a push to vaccinate everyone back then,” Boiko said. Since the 1950’s, the vaccines have been tremendously effective, and now it is rare to know someone who has contracted any of these diseases.

As a working clinician, she sees numerous kids who haven’t been vaccinated. “It is scary that people aren’t vaccinating their children against Rubella (German Measles). They are correct that children who get Rubella usually do fine. However, if they become pregnant and get Rubella before they even know they are pregnant, their child can be born with deafness, blindness and severe heart problems. I have seen cases of measles with encephalitis that causes brain damage as severe as autism. We saw children in Cambodian refugee camps die from measles. This is why I am especially fond of the MMR (Mumps, Measles and Rubella) vaccine because I hate the associated diseases. Plus, three vaccines in one – what more can you ask for? You can bet that my own kids were immunized against everything.” These days, kids get more than a dozen shots in their first year.

Part of the reason why the anti-vaxxers have taken hold is that “Autism is such a horrible disease, and every parents’ fear that their child may contract this. I get why these parents want to do anything for their kids, and why they don’t vaccinate. We certainly don’t know what causes autism,” she told me.

But as the population of non-vaccinated kids increases – especially in the States and other countries where these diseases have been almost eradicated – the consequences are dire. Disneyland had an outbreak of measles, and now some schools are allowing non-vaccinated kids to attend kindergarten. And if parents travel overseas to countries that don’t have universal vaccinations they could put their kids at further risk.

So that is the science and the medicine. Now what about the film itself? Boiko agrees with numerous other doctors that Wakefield has been so discredited. “Parents are going to get burned if they buy into his propaganda. But there could be some good to come out of all the attention with this film,” she says. “It could spark some interest in autism research. Initially scheduling the film didn’t surprise me as a physician, but it made me mad as a filmmaker. I’m talking to you, DeNiro!” she says.

Apparently she wasn’t the only one. Another documentary filmmaker quoted in the second Times article called the Wakefield film a fraud and “described it as a momentous and significant moment for documentary film making.” Still, I am glad the movie isn’t part of the festival, and maybe now we can focus on the science.

The Evolution of today’s enterprise applications

Posted on by
1

Enterprises are changing the way they deliver their services, build their enterprise IT architectures and select and deploy their computing systems. These changes are needed, not just to stay current with technology, but also to enable businesses to innovate and grow and surpass their competitors.

In the old days, corporate IT departments built networks and data centers that supported computing monocultures of servers, desktops and routers, all of which was owned, specified, and maintained by the company. Those days are over, and now how you deploy your technologies is critical, what one writer calls “the post-cloud future.” Now we have companies who deliver their IT infrastructure completely from the cloud and don’t own much of anything. IT has moved to being more of a renter than a real estate baron. The raised-floor data center has given way to just a pipe connecting a corporation to the Internet. At the same time, the typical endpoint computing device has gone from a desktop or laptop computer to a tablet or smartphone, often purchased by the end user, who expects his or her IT department to support this choice. The actual device itself has become almost irrelevant, whatever its operating system and form factor.

At the same time, the typical enterprise application has evolved from something that was tested and assembled by an IT department to something that can readily be downloaded and installed at will. This frees IT departments from having to invest time in their “nanny state” approach in tracking which users are running what applications on which endpoints. Instead, they can use these staffers to improve their apps and benefit their business directly. The days when users had to wait on their IT departments to finish a requirements analysis study or go through a lengthy approvals process are firmly in the past. Today, users want their apps here and now. Forget about months: minutes count!

There are big implications for today’s IT departments. To make this new era of on-demand IT work, businesses have to change the way they deliver IT services. They need to make use of some if not all of the following elements:

  • Applications now have Web-front ends, and can be accessed anywhere with a smartphone and a browser. This also means acknowledging that the workday is now 24×7, and users will work with whatever device and whenever and wherever they feel the most productive.
  • Applications have intuitive interfaces: no manuals or training should be necessary. Users don’t want to wait on their IT department for their apps to be activated, on-boarded, installed, or supported.
  • Network latency matters a lot. Users need the fastest possible response times and are going to be running their apps across the globe. IT has to design their Internet access accordingly.
  • Security is built into each app, rather than by defining and protecting a network perimeter.
  • IT staffs will have to evolve away from installing servers and towards managing integrations, provisioning services and negotiating vendor relationships. They will have to examine business processes from a wider lens and understand how their collection of apps will play in this new arena.

 

Redmond Magazine: Using OpenStack to Control VM Chaos

Posted on by
Reply

I join Dell Virtualization Evangelist Hassan Fahimi to provide a complete overview of OpenStack and Foglight for OpenStack, including:

  • Understanding OpenStack deployment strategies and issues
  • Gaining complete visibility into your OpenStack topology
  • Monitoring the performance of specific OpenStack modules and components
  • Leveraging alerts to proactively identify issues
  • Taking advantage of built-in “FAQs” and reports to immediately get the answers you need

You can download my slides here, and watch the webinar here.

Welcome to the world of API-first vendors

Posted on by
2

The latest development to happen with the cloud is what is called API-first or API-based SaaS companies. What this means in layman’s terms is a service that set up to just connect something with something else using well-documented interfaces. It is hard enough to understand what a cloud-based vendor is selling, but generally there is some physical comparison: a disk drive (Dropbox), an email server (Gmail), a word processor (Office 365) or whatnot. But an API-first vendor is almost like selling a package of air. To give you a better idea, here are some examples of these API-first companies:

  • Contentful, which offers an API-based content management system
  • Chartmogul, which has an API for web-based charts
  • Stripe.com’s Atlas has an API-based Internet payments system
  • 18F, a division of the US Government’s General Services Administration, has developed a series of digital services and APIs so that others can access various federally-based data sources
  • Tray.io, who is building various connectors to different web services using a drag-and-drop drawing canvas
  • Bitwage, which offers banking APIs so companies can pay their employees in Bitcoin. (They have been a “traditional” SaaS vendor, adding this API layer to their existing offerings.)

This last example brings up an important point. The truest API-first companies are those that started out with putting together a great API, without regard for an eventual or legacy product or SaaS offering.

These API-first companies are another degree removed from any physical reality, but it is a cool idea nonetheless. Patricio Robles at the Programmable Web was the first that I found to write about this a few years ago here.  But they have begun to become more common, and add to what you could call meta-API vendors, such as Mashery and Apigee, both of whom offer API management functions and analytics for API-first companies and developers. And there are API marketplaces that have sprung up over the years, including ones from Microsoft Azure, Infochimps and others. These latter places will sell access to particular data feeds that you can incorporate into your own apps.

API-first companies all share several common elements:

  • They have no user interface. The idea is for their customers to build their own UI and differentiate based on this value-add.
  • You interact with their product or service via something web-based.
  • The best API-first companies take the effort to show developers how to become productive within minutes of first use. More on that in a moment.
  • Their inherent value is based on their API set. Once you understand this, it is easier to see what they are offering.
  • On the other hand, there is less to visually demonstrate about the product, so it can be difficult to explain to potential customers. And the sales cycle is longer, since a company has to convince both the resident nerd and management staff about the worthiness of the product.
  • Pricing is typically usage-based, such as the number of requests to their APIs.

Back in the day (say five years ago), when you built some whizzy consumer tech company, you built the whizzy thing first and worried about the APIs later when you had gobs of data that other folks wanted to get access to. Witness Foursquare, which was a darling for a brief moment of time, but now they want to leverage all their data via their API to track commuting routes or popular nightspots or other things in their vast database. But what is happening more and more, as Robles says, is “APIs are designed, implemented and documented before the application that will consume them even exists.”

I first came across one of these with Twilio, which plans to go public this year. That is an incredible statement in and of itself, since imagine explaining what an API-first strategy to your average VC: it could easily be a plot point on “Silicon Valley” (the TV show). Twilio now runs major infrastructure for Coca Cola, Uber and EMC, among others. Their idea is to put an API in front of the switched phone network, so your programs could have access to making calls.

About that part about being productive out of the gate. This is a key aspect of this class of products. As I said, the idea is that you want your APIs to connect something to something else. The more integrations of various services you supply, the easier it will be for developers to build these bridges between their program and an existing SaaS product. This is what Contentful did: they have a variety of integrations with existing content management products, such as WordPress and Joomla, so you can import your existing blog posts and images and make use of them within minutes of signing up for their platform. This means an API-first company has to invest time in a solid knowledge base, lots of programming samples, and installation guides to make sure their potential developer customers can figure out how to use their APIs.

Chartmogul had a post here about how few apps will be built completely from scratch in the future. Companies will be able to launch faster, add new functionality easier, evaluate their costs more predictably, and scale more reliability.

Want to join in? There is now an entire website, naturally, to help you get started. Welcome to this brave new world!

Dice: Making a Job Transition on Social Media

Posted on by
Reply

This situation happens every day: you receive a job offer while still employed, and give notice to your current employer. Pretty straightforward, right?

Under certain circumstances, some employers will respond by immediately terminating your employment. Others will give you time to get your affairs in order. But how much should you share about your job transition on social media? Considering the ever-increasing number of online oversharing disasters, some self-imposed rules are in order. I write about these notions in my latest post for Dice Insights.

Email is more than just the @ sign

Posted on by
3

With the passing this week of Ray Tomlinson, I am tripping down memory lane and thinking once again about email. Ray, for those of you that don’t recall, was credited with the invention of the @ sign back in 1971 as a mechanism to separate a user from the computer that ran the user’s account. It took decades before it became the ubiquitous part of the Internet addressing system that we all take for granted today.

But, no disrespect to Ray, email is a lot more than just the @ sign, although it certainly is the easiest and most recognizable part of it. If you want to really dive into the history of email, I would start with Dave Crocker’s excellent compendium site. Crocker had a hand in inventing several key elements of email infrastructure himself and wrote this excellent history of early email for the Washington Post several years ago.

As you review some of these documents, you’ll quickly see that email isn’t just the product of any one person. Like many of the things behind the Internet and the world of open source software, dozens if not hundreds of people contributed, block by block and bit by bit. Today’s email system makes use of numerous different protocols to get a message from you to me and back again. What is astounding is that essentially email is the same basic service and “has not been replaced or interrupted in 40 years. It simply grew from a couple hundred users to a couple billion,” as Crocker wrote in his Post piece. Well, maybe not so simply, but still.

One thing not often discussed is the fact that for its early years, email thrived outside of the Internet. Many of the early email systems were local to a company, and only able to exchange messages with other users there. Vendors such as cc:Mail, Network Courier, and Higgins (remember those?) dominated that early corporate landscape. Eventually, the Internet would connect these disparate systems together and avoid the use of messaging gateways or remote dial-up modems. Now it is almost impossible to use email and not be connected to the billions of others online. Of course, finding a current email address for a recipient is another matter.

In the 1990s, I was lucky to have worked with some of these early pioneers, such as Crocker. Also with Marshall Rose, who wrote some of those early Internet email standards. Marshall and I co-authored a book called Internet Messaging back in 1998. Penn Jillette, part of the comedy magic team of Penn and Teller, wrote the foreword to our book. He says, “email is still the greatest thing ever invented in the history of the world. ‘What about fire?’ you say. And I answer, what good would it be without an email to ‘come and get it?'” Penn also had some sage advice: “When I see your words [via email], they are in my font and color on my computer, and the computer feels like part of my brain. Telephone is talking; email is whispering thoughts directly into my mind.”

All food for thought when you send your next email.