These days, discussions about the economy often lead to comments about how the small businesses is what powers it. If small businesses are powering our economy, what invigorates it? Startups of course. That is why organizations such as the Founder Institute are such a key part of our future. The Founder Institute is a business accelerator program that helps aspiring founders launch their ideas into viable enterprises.
So what happens after the grueling three and a half month long program? Being one of their newest grads I can say that it is certainly an experience that helps to put your idea, your passion project, through the necessary steps to validate it. You also come out with a solid understanding of what you need to raise the necessary funding, something which is almost always necessary for tech startups. Most importantly, you come out with a minimum viable company and the tools necessary to have your enterprise take off. All the graduates are founders, the next step is for us all to become successful tech companies and invigorate the economy while pursuing our passion projects.
Video summary of my cohort’s experience on our last day where we pitched the applications we worked on for the last two weeks of the program. It can be very rewarding to dedicate yourself to an intensive program and make it through to the end.
Have you been wondering what benefits there are in moving some of your infrastructure to the cloud? Why are so many businesses talking about it and making the move? This decision can be particularly difficult if you have an environment that is paid for and running smoothly. But let’s explore some of the initial basic questions that come up while considering this question:
Are any of your business applications mission critical? If so, do you have a disaster recovery or any other kind of mitigation plan?
Is the underlying OS supporting your mission critical apps being properly maintained and patched?
What are your on-going IT operational expenses (including hardware and software maintenance, support contracts, and in-house staff)?
Is your IT staff spending a large amount of time doing routine maintenance and other operational jobs which could be automated (such as patching, upgrading, doing backups, etc.)?
Does your website or any web applications you have suffer from slow performance due to a bottleneck in your data center Internet connection?
Can your mission critical applications scale up properly and automatically whenever you have peak demand? And scale down to reduce costs?
This kind of initial assessment can help in realizing if you are a good candidate to migrate your environment. From a business point of view, one should also consider how often you are incurring capital expenses (such as replacing servers or hard drives) that would disappear after migrating to the cloud.
Finally, once the current cost structure is well understood, one can compare that model to an OPEX cloud based cost structure. Amazon Web Services, for example, does an excellent job of publishing their cost structure. These days, most enterprises are realizing that the benefits of moving to the cloud are more obvious than ever and that there are far greater costs in keeping their environment in-house.
It seems lately like a lot of smart people are talking about the potential future role that Artificial Intelligence will have in our lives. As usual, the bad news is the one that always gets the most attention and that means everyone highlights the expectation that AI will eventually lead to our doom. But what is different now in regards to our future expectation of AI’s capabilities? After all, we have been overly optimistic about its future capabilities ever since the movie 2001: A Space Odyssey came out; that was 1968 in case you are wondering. Most people might agree that even in 2015 Google, Siri, or IBM’s Watson are nowhere close to HAL’s capabilities in the movie (remember HAL lip-reading?). We were way off back then in forecasting our achievements in AI. Why do people like Elon Musk and Stephen Hawking think this is the time to consider the perils of out of control Human-level AI?
Tim Urban’s Part 1 article, The Road to Super intelligence, is a great read where he describes the reason why we need to start thinking about this now. One important reason why: the scale of human progress is now growing exponentially and most people don’t even realize it. Follow the link for the full article:
The sharing economy is one of the hot new trends of the tech industry. The hottest participants in this new trend are Uber and Lyft, Both are ride-sharing platforms focused on connecting you with a driver directly. The difference between using these apps and calling a taxi service are mostly in convenience. Whether you use a taxi or one of these services, you’ll likely get from A to B safely but the difference in convenience really adds up. Things like scheduling a pick-up, knowing how far away your driver is, receiving a confirmation, pre-arranging payment, having a picture of your driver, and requesting a specific type of vehicle are only a few of the added conveniences. All of these add up to a very compelling alternative. Although these services are also skirting the law in a lot of cases by not providing adequate driver insurances, background checks, and licenses these issues will eventually work themselves out.
Sadly, there are also examples of the sharing economy that provide questionable benefits and are basically abusing the system. Recently in the news, Monkey Parking, and app that helps you bid for on-street parking is one that provides questionable value. The key advantage being that you can more easily find parking in areas that have parking problems such as San Francisco. This app has already been deemed illegal by the SF city attorney because people are basically making money off of public property.
The latest entrant: Reservation Hop. This app apparently makes restaurant reservations under fake names and then sells those reservations to you. Really? Where is the value to consumers here? This app appears more like it is making itself a meddlesome middleman in a situation where it adds no value. Worse than that, it is basically abusing a system of reservations based on an honor system. Restaurants will likely start asking for credit cards or will ask for a form of ID to get rid of this abuse. Hopefully we’ll start giving less attention to these junky apps and get back to rewarding innovation rather than sleazy business tactics.
Heartbleed is a bug that was recently found on OpenSSL, which is basically a piece of open-sourced software used by websites which offer encrypted logins (the little green lock on your browser). If you routinely visit banking, email, and some social media sites, you have seen this lock and assumed that you are safe when you put in sensitive information. That is basically the idea behind that icon on your browser – the information is secure and encrypted and only you and the trusted server at the other end can see it. During your surfing session, your browser may send a heartbeat message periodically to the far-end server to ensure that the connection remains open. This is basically the portion of code that has the bug and it is interesting to note how this bug can be exploited because it is not like the typical type of attack a user might be warned about.
A web user is usually told to avoid surfing banking sites using untrusted or questionable hotspots or internet cafes. Also you are told not to trust someone else’s computer because it could have a virus that could grab your keyboard strokes. Out of these two warnings the second is the most important one, but easy enough to avoid. If you are at a public internet cafe, there are still mechanisms in place to protect you even from packet sniffers or man-in-the-middle attacks (where you inadvertently connect to a middle man impersonating your intended website). Encryption protects you from packet sniffers and a website’s Certificate protects you from a man-in-the-middle attack. A valid certificate is what turns on that green lock on your browser. The information provided by Heartbleed can offer a hacker the necessary information to perform these attacks easily without a user realizing it.
To get this information, a hacker performs an SSL connection to the target website just as you would. They then write a script that sends the SSL heartbeats to the target. Instead of sending the two-byte packets which are part of the specification, the hacker sends the two byte data along with a 64KB payload length variable. Because of the bug, the server never checks the payload length variable and because of this, allocates that amount of memory for your two bytes of data. The extra space is the memory leak information that is invaluable to the hacker. As part of the heartbeat protocol, the server replies back but instead of just sending back your two bytes, it sends back 64KB of information from its memory.
So what is in this memory and could this have any of your information? It could if you have visited the site recently. Your credentials along with other types of juicy stuff could be in there. The crown jewel would be the server’s private key which is also stored in the same memory space and is also a candidate in this memory leak. With the private key, the hacker can now decrypt any and all past and future communications to this server. With the private key, the hacker can now impersonate the website and you would never receive a warning from your browser, you would get a green lock even when visiting the hacker’s website.
This is why the steps to fix this problem are the following: the website admins have to patch OpenSSL to stop the memory leak, they have to get new certificates with new keys (their existing private keys might have been compromised), and finally they have to ask (and likely force) all users to change their passwords. By the way, OpenSSL has an estimated market share of over 66%. That’s a large part of the Internet, and that is why this bug is such a big deal.