Vouched for you…

0_D5pUSVVgesTesSFofbfkSMEtEY5Xnano7CHXSMZGvUlzWETET_2BiJ22krLVzdB62QO5CO6Q7w-s Jarrett Neil Ridlinghafer has vouched for you to join FounderDating
Strategic Technology Consultant, Content Development, C-Level Advisor & Trainer, Fast Lane.

Hey ,

I was asked to vouch for people to join FounderDating – an invite-only network for entrepreneurs to connect with world-class advisors, potential cofounders and, of course, other entrepreneurs. There are really amazing people. You’re on my short list. I highly recommend applying no matter what stage you’re in.
Apply here > http://members.founderdating.com/connect/?frvche=355927&s=

Check it out,

Connect with Entrepreneurs?data=eyAiZXZlbnQiOiAiZS1tYWlsIG9wZW5lZCIsICJwcm9wZXJ0aWVzIjogeyAiZGlzdGluY3RfaWQiOiAiKGxpc3QgdGhhdCBtYXkgaW5jbHVkZSBCQ0NzKSIsICJ0b2tlbiI6ICJkODYzZGMxYTNhNjI0MmRjZWVlMTQzNWMwYTUwZTViNyIsICJ0aW1lIjogMTQzMDUyNDUzNSwgImNhbXBhaWduIjogIkludml0ZSBjb250YWN0cyBmcm9tIGZvbGxvdyJ9fQ==&ip=1&img=1


Amazon doesn’t eat its own DNS dogfood

Amazon.com uses domain name systems (DNS) from competitors instead of its own Amazon Web Services’ DNS named Route 53, according to a DNS tracking service.


For tech companies, using your own products and services is called “eating your own dog food,” or some call it “drinking your own champagne.” Amazon does not do that, at least for its DNS.

The issue was recently raised on Twitter and was discussed on AWS forums more than a year ago. An AWS spokesperson declined to comment publicly on the issue.

According to a search on the website Kloth.net, which provides DNS lookups, Amazon.com uses Dyn and UltraDNS to host Amazon.com, two name-brand DNS services. Route 53 is Amazon Web Service’s DNS that is used frequently to connect incoming traffic to websites hosted on AWS.

Last year users in an AWS forum questioned why Amazon.com does not us Route 53. An AWS employee initially said he could not discuss the details of the internal network configurations within AWS. When the questioner asked if Route 53 is a viable platform and what deficiencies or lack of important features have caused Amazon to not use Route 53, an AWS employee provided a slightly more detailed response.

“This is a totally fair question and concern,” the AWS employee Ben@AWS wrote. “We believe Route 53 compares well against other leading DNS providers in terms of scalability, responsiveness, and fault tolerance.” At the time, he said Amazon was migrating DNS zones to Route 53 and said some Amazon services currently did use Route 53, including Elastic Beanstalk and Alexa.com (which is an Amazon company). He added that there are customers with comparable DNS load to Amazon.com that use Route 53, but he did not name them.

There could be a legitimate reason for Amazon not to use Route 53 though. One Twitter user came to AWS’s defense: “Always a good idea to separate your DNS from your infrastructure,” user Tim Nash wrote, noting that if Route 53 had an outage, it could bring down AWS and Amazon.com, potentially preventing the ecommerce site from working and preventing AWS from alerting customers of the downtime. So perhaps spreading DNS workloads out across multiple providers is a good idea. But, Kloth.net does not show Amazon using Route 53 at all.

Shawn Campbell, a DNS expert and systems administrator for Canadian tech reseller Scalar Decisions said he was surprised to learn that Amazon.com doesn’t use Route 53. He said UltraDNS is a leader in the DNS market and he described Route 53 as a competing, up-and-coming platform compared to other more established offerings. He said typically Route 53 is a good option for customers who have many other services hosted in AWS, so he questions how much Amazon.com is using AWS overall.

On the AWS Case Studies page there is only one mention of Amazon.com using AWS, which is the example of how Amazon.com migrated the tape backup of its Oracle databases to AWS Simple Storage Service (Amazon S3). While that’s not an exhaustive list, it is the only public example AWS cites of Amazon using its own cloud service.

By Brandon Butler

Tubes: A Journey to the Center of the Internet


Okay, I admit that I’m a geek and have read numerous books on the history of IT and the Internet. Katie Hafner’s, Where Wizards Stay up Late, The Origins of the Internet, is a particular favorite of mine.

Along these lines, I just finished a book called, Tubes. A Journey to the Center of the Internet, by Andrew Blum, a Wired Magazine correspondent. Now Tubes does provide a bit of Internet history around the Arpanet project, BBN, the Interface Message Processor (IMP), and the original Internet node at UCLA but it takes the story in a different direction. Tubes goes on to look at the physical stuff like routers, cables, buildings, spinning disk drives, etc. – where they are, how they got there, who built them, and who manages them.

I can certainly relate to this book. Way back when during the Internet boom, I worked at a fly-by-night telecom startup named GiantLoop Network where I gained a bit knowledge about Internet pipes. Yup, I toured 111 8th Ave. in NYC (a massive telecom hotel now owned by Google) and Brooklyn’s MetroTech Center. My company also had relationships with a cast of Internet characters like AboveNet, ConEd Communications, Enron, Global Crossing, and Metromedia Fiber Network (MFN).

In this role, I got to talk the Internet talk for a while back in 2000, but Tubes helped fill in the blanks about all the stuff I didn’t know or hadn’t kept up with. For others who haven’t touched the bowels of the Internet, Tubes acts as a tour guide on major pieces of Internet infrastructure with commentary on how these pieces co-exist.

I won’t give away details, but here are a few tidbits I learned (or re-learned, I’m getting old) from this book:

Blum does a good job of describing how massive Internet connectivity came together during the boom of the 1990s. Remember Metropolitan Area Exchange (MAE) East, MAE-West, and the Palo Alto Internet Exchange (PAIX)? The book provides a good description of their development (In recounting the story of PAIX, Blum refers to Digital Equipment Corporation (DEC) as: “one of Silicon Valley’s oldest and most venerable computer companies.” Yes, PAIX was a valley-based institution, but as Blum has probably heard dozens of times since his book’s publication, Digital belonged to Ken Olsen and his fellow New England Yankees in places like Maynard, MA).
Blum set off to visit some of the biggest Internet exchanges, specifically in Frankfurt and Amsterdam. In this chapter, he does a good job at not only describing the technology aspects of each but also how these exchanges fit into their city’s geography, history, and culture. Later in the book, Blum takes the reader through a similar stroll through the telecom hotels in lower Manhattan, dragging the reader through subway conduits, telecommunications history, wire pulling in the streets of Manhattan, and into the fiber optic/Internet present. Finally, Blum follows the path of undersea fiber to places like Porthcurno (Cornwall England), Lisbon, and the U.S. Atlantic coast. He also describe the people and processes involved in picking these routes, deploying the fiber, and then connecting them to continental networks by the sea.
The book concludes with visits to massive data centers in areas like The Dalles (Google) and Prineville (Facebook) Oregon. In this chapter, Blum also meets with Microsoft executives and digs into how and why certain data center locations are chosen. Blum goes from tour guide to editorial contributor here, describing his Orwellian experience with the PR/legal-centric Google data center folks and a contrasting episode with surprisingly transparent Facebook personnel.

No, this isn’t a text book with deep technical descriptions. Rather it reads like a picaresque novel of one man’s journey for knowledge. Kind of an amalgamation of Homer’s Odyssey and a BGP routing table. Blum keeps asking questions, recounting history, and uncovering facts. As he gains knowledge, he brings the reader along for the ride.

I play in part of a rock n’ roll cover band here in Massachusetts with a few of my buddies from town. A few years ago, I learned that some of the ancient monitors we include in our sound system were actually used at Woodstock. I have no idea if this is true but it’s a great story and it gave me an emotional connection to the history of rock. My guess is that through his journey and book publication, Blum established a similar bond with the Internet infrastructure. This sense of joy and empathy comes shining through in Tubes, making it a fun read for geeks like me who never run out of questions to ask.

By Jon Oltsik

Company to demonstrate ‘Active Shooter Detection System’ in Massachusetts school

wpid wp 1409883685383

wpid wp 1409883685383

Company to demonstrate ‘Active Shooter Detection System’ in Massachusetts school

DARPA-inspired technology that promises to detect gunshots in a school, alert authorities and help first responders locate the shooter will be demonstrated this afternoon for civilian officials and members of law enforcement gathered in Methuen, Mass.

That the name of the school where this will happen, reportedly the first in the nation to be so equipped, isn’t being made public says a lot about the plague this technology is designed to address.

From a story on Boston.com:

Mayor Stephen Zanni, Schools Superintendent Judith Scannell, Police Chief Joseph Solomon and Congresswoman Nikki Tsongas are among those who were expected to be on hand, along with police chiefs and police officers from across the northeast.  The demonstration will simulate an active shooter in a school building and show how police would respond using the new technology.

The ‘‘Guardian Active Shooter Detection System’’ is triggered by the sounds of gunfire, sending an alert to police within seconds. Then, using smoke alarm-sized sensors installed throughout the school’s classrooms and hallways, it can transmit audio recordings in real time, so that emergency responders can track the shooter and monitor other developments before, during and after the person enters the building.

The company touting this technology, Shooter Detection Systems of Rowley, Mass., claims it produces “close to zero false alerts.” How close to zero that proves to be will likely be important.

The company has a six-minute marketing video that is predictably alarmist.

Will such a system actually help?

Methuen Police Chief Solomon seems convinced, having earlier told CNN: “What we always find is that seconds count … I want to go right to the target, because if I can stop or mitigate the target, I can stop the carnage.”

Call me skeptical. “Seconds count” sounds an awful lot like “if it saves just one life,” which gets used too often to defend public-safety and zero-tolerance practices that are more about appearing to do something than actually doing something.

However, it wasn’t that long ago that I would have dismissed technology like this out of hand, as I did the ever-more-common school lockdown procedures. Not anymore.

By Paul McNamara

Intel doubles capacity of its data center SSD | Network World


Intel doubles capacity of its data center SSD | Network World

Intel today announced upgrades to its Solid-State Drive DC S3500 Series of products that now offer up to 1.6TB of capacity, double what the previous generation had.

Intel also announced it has boosted the capacity of its M.2 form factor flash expansion card so that it can be used as a mass storage device and not simply a client boot drive.

The new S3500 M.2 expansion card comes in 80GB, 120GB and 340GB models.

“We do have customers asking for higher capacity on drives and we were able to accommodate it,” said David Ackerson, an Intel data center product line manager.

intel ssd dc s3500 series high capacity Intel
Intel’s S3500 2.5-in. form factor SSD now comes in capacities of up to 1.6TB.

Intel added to the M.2 card the same features that it had previously only offered in larger form factor SSDs, such as hardware-based AES 256-bit encryption and power loss protection.

“In addition to [acting as a boot drive], we expect M.2 will appeal to traditional server manufacturers that plan to offer smaller form factor servers. The S3500 M.2 provides data center performance in a small, sleek form factor to meet the needs of boot and traditional server applications,” Ackerson said.

The M.2 card could also be used as mass storage for digital signage, ATMs and other types of customer-facing devices such as digital slot machines, Ackerson added.

The M.2 flash card has a sequential read/write performance of up to 500MBps and 460MBps, respectively and a random performance of 67,000 read I/Os per second (IOPS) and 8,300 write IOPS.

“Basically, you’re getting all the performance of the 2.5-in. drive in a new form factor,” Ackerson said. The S3500 SSD also comes in a 1.8-in. form factor.

The new 2.5-in. S3500 SSD models have a top performance of 75,000 read IOPS and 18,500 write IOPS.

Up to 19% of Intel’s M.2 flash card is overprovisioned to increase write speeds; up to 10% of the new 2.5-in. SSD is used for the same purpose. The flash drives also have from 256MB to 1GB of DRAM depending on their overall flash capacity.

Intel’s latest S3500 2.5-in form factor SSD comes in two new capacities, 1.2TB and 1.6TB. Previously, the drive was available with up to 800GB of capacity.

The S3500 series SSDs can sustain up to three full drive writes per day — 880TB in writes over a lifetime. They have a 2-million hours mean time between failures rating, according to Intel. Both the 2.5-in. and the M.2 S3500 SSDs come with five-year warranties.

Intel also upgraded its NAND flash controller with additional I/O paths to address the higher density products.

Intel has set its recommended customer pricing for the 2.5-in. S3500 SSD at $1,099 for the 1.2TB version and $1,444 for the 1.6TB drive. The M.2 card will sell for $99 for 80GB, $124 for 120GB and $314 for 340GB.

This story, “Intel doubles capacity of its data center SSD” was originally published by Computerworld.

By Lucas Mearian

Microsoft’s Bing predicted midterm election with 95% accuracy


Microsoft’s Bing predicted midterm election with 95% accuracy

We think of Microsoft’s Bing as a search engine, but there is a lot more to it than that. For example, I’ve found its translation service to be very good, more accurate than Google’s, especially with Asian languages. The translations aren’t perfect but they give me a better idea of what is being said than Google Translate.

Well, Bing has another hidden gem: Bing Predicts. Using a secret analytics tool Microsoft isn’t about to disclose, it has been used to predict NFL games and was nearly flawless in its predictions for the World Cup this past summer.

Now that the dust has settled from the elections, Bing Predict has won out again with a 95% accuracy rate in calling the House, Senate, and Governor’s races. It got 34 out of 35 Senate races correct, 419 out of 435 House seats correct, and 33 out of 36 Governor’s races correct. That’s a better prediction rate than even Nate Silver’s lauded FiveThirtyEight blog.

If you are one of the few with a Windows Phone that has Cortana, the digital assistant is powered by Bing Predict, so you can ask questions to Cortana and she might have an answer for you.

Now, here’s a real challenge. It predicts “Duck Dynasty” teen star Sadie Robertson will win this season’s “Dancing With The Stars,” which would go completely against all the momentum for former “Fresh Prince of Bel Air” star Alfonso Ribero, the favorite to win. It also predicts the Indianapolis Colts have a 67% chance of beating my beloved New England Patriots this Sunday, to which I say phooey.

By Andy Patrizio

WireLurker malware threatens to destroy a key Apple advantage


WireLurker malware threatens to destroy a key Apple advantage.

Deserved or not, Apple’s Macintosh and iOS operating systems have long enjoyed a reputation as being largely immune to the kind of virus and other malware problems that have plagued Windows—and to a lesser extant Android—over the years.

Looked at objectively, that reputation has some basis in fact, especially on the tightly controlled iOS side, and also benefits from Apple being a far less lucrative target for criminals than Windows. With iOS’s worldwide popularity and Macintosh’s rising market share, however, the security pressure on Apple has never been higher.

So while the new WireLurker malware does not yet appear to have attacked Apple users outside of China, its very existence could threaten that extremely valuable reputation. Apart from any actual damage WireLurker or other malware might to do Apple systems, the more immediate danger is that significant numbers of Apple users might lose confidence in the relative security of their devices.

That’s already starting to happen, as media outlets sound the alarm and try to put the threat in perspective. Competitors and their supporters, meanwhile, are only too happy to try to pop Apple’s veneer of security.

That’s why it’s so essential that Apple come up with a credible, proactive response to WireLurker before it makes a dent in security for users of non-jailbroken phones who haven’t visited the compromised app story in China.

WireLurker is far from the first threat to Apple security, of course (see Apple’s iWorm fix still leaves major hole). But so far the threats haven’t been significant enough to change perceptions or behavior.

If that changes and Apple was to lose the perception of increased security, it wouldn’t kill the company. After all, ongoing security issues didn’t kill Windows or Android. But it would remove a key competitive advantage that helps burnish the Apple brand and allows it to be successful even when competitors offer similar features first or at lower prices.

Will WireLurker change behavior?

I’ve long worried that the world is waiting for the first widespread mobile security breach. I honestly don’t think that WireLurker will turn out to be that incident. But that’s not really the question.

The issue is whether WireLurker will turn out be the moment when Apple users no longer feel invulnerable to malware and start seriously worrying about the kind of anti-virus and other anti-malware countermeasures that users of other platforms take for granted.

For example, every corporate Windows PC I’ve ever used had anti-virus and other security software installed. Macs? Not so much. Even the conservative Fortune 500 companies I’ve worked for don’t routinely equip Macs, much less iPhones and iPads, with anti-malware solutions. And I’m pretty confident that’s the case for most people reading this as well. Having to add that hassle, expense, and performance overhead to Macs—and to iOS—would be a real drag.

I’m hoping it’s not necessary just because of WireLurker. But I’m resigned to the likelihood that no matter what Apple does now, something will make it happen sooner rather than later. At that point, all we’ll be able to say about Apple’s long, charmed run on the security front is, “it was nice while it lasted.”

By Fredric Paul

Pi, translated: The evolution of Raspberry Pi


wpid wp 1409883685383

wpid wp 1409883685383

Pi, translated: The evolution of Raspberry Pi | Network World.

A brief history of Pi

The Raspberry Pi has been the object of a great deal of nerdy affection since its initial release in 2012. A mousetrap-sized, self-contained single-board computer, the Pi is designed to serve as both an educational tool and a handy option for hobbyists – who have turned it into, well,pretty much anything you can think of. Here’s a look back through the brief but illustrious history of the Pi.

Read More…

How the FCC “THINKS” it can justify regulating U.S. internet


Throwing his full weight behind net neutrality, President Obama released a statement yesterday supporting the regulation of an open internet. The President’s statement didn’t have the same impact of Last Week Tonight’s John Oliver’s net neutrality rant, which ultimately broke the Federal Communications Commission’s website. But the President was heard and will bring the net neutrality discussion back to regulating an open internet.

See also: Obama’s net neutrality proclamation won’t help solve the problem

Comparing worldwide internet speeds with those in the U.S. and South Korea, home to a government-regulated internet, bolsters the President’s argument. Beginning in 1981, advanced telecommunications became a pillar in the Korean government’s educational and economic plans. Charged with modernizing telecommunications, the Korean Telecommunications Authority replaced the slow-moving South Korean Post and Telecom Ministry’s bureaucracy. South Korea made the information superhighway the core of an urgent economic restructuring, turning smoke-stack industries into an information technology economy that would compete with the rest of Asia. The results of South Korea’s choices of policy and competition are clear.

111114 chart

Understanding the background of net neutrality, which is often described as tearfully boring, isn’t the exclusive domain of policy analysts and regulators. Here’s the short form version, explaining the tall poles holding up the tent of net neutrality.

When Congress passed the Telecommunications Act of 1996, it deregulated telecommunications and created a virtuous cycle of innovations. The act failed at providing much choice for residential internet access. Susan Crawford, a visiting professor at Harvard Law School, said in a recent interview with NPR:

“for at least 77% of the country, your only choice for a high-capacity, high-speed Internet connection is your local cable monopoly.”

In 2010, when ISPs started to exercise their choke-hold to demand payments to create a fast lane for content providers like Netflix, the FCC issued its Open Internet Order that created net neutrality rules, which prohibited Internet service providers from blocking content and prioritizing certain kinds of traffic.

Verizon challenged the order and won on appeal before the United States Court of Appeals for the District of Columbia in January of this year. The court didn’t stop at striking down the FCC’s Open Internet Order, but clarified how the FCC could regulate an open internet under two provisions of the act.

Now, this gets a little wonky. The court interpreted Section 706 of the act to give the FCC the authority to “encourage the deployment on a reasonable and timely basis of advanced telecommunications capability to all Americans…Contrary to Verizon’s arguments, we believe the Commission has reasonably interpreted section 706(b) to empower it to take steps to accelerate broadband deployment if and when it determines that such deployment is not ‘reasonable and timely.'”

This can be compared to telephone universal service, promoting telephone service for all Americans. However, the decline in American leadership in broadband isn’t encouraging about the FCC’s ability to encourage unregulated ISPs to build out broadband comparable to what can be found elsewhere across the globe.

The President recommends an alternative to the weak authority of Section 706, regulating the internet using Title II of the act. It’s analogous to the way electric utilities are regulated. Electricity, an essential service in everyone’s’ lives, delivered through utilities that hold monopoly positions are regulated because consumers don’t have an alternative if the utility raises prices unreasonably. Electric utilities are managed to produce a fixed return on investment. If a utility wants to raise prices to cover the increased cost of improved services, the utility’s plan and ROI consistency must win regulatory approval.

Verizon and other internet access providers have a monopoly in 77% of the U.S., according to Crawford. Therefore, the FCC could choose to regulate internet access providers. The justification is that, without price competition or regulation, the internet access providers can increase prices without investing in improved service. The cost of internet access to consumers in the U.S. proves that the act failed to spark a virtuous cycle of internet innovation.

The Open Technology Institute’s October policy paper reports that internet access costs American consumers 25% more than their European counterparts for equivalent services. It also points out what could be possible. South Korea’s KDDI delivers 1 Gbps for just $30 per month, and Google delivers the same capacity in selected U.S. markets for $70 per month, a price that was considered shockingly low in the U.S. when Google introduced it.

The President can’t order the FCC to act, though. It gets its funding and oversight from Congress, and any new open internet rules must be voted on by its board of five commissioners, consisting of three Democrats and two Republicans. But the decline in the country’s internet ranking and its high cost to consumers, an urgent issue, warrants the President bringing regulation to the forefront in the discussion.

By Steven Max Patterson


Commentary by Jarrett Neil Ridlinghafer Follows:

Just because South Korea which is NOT AMERICA (Thank God) has the fastest Internet….THAT’s This guys Argument for Justifiying the Federal Government Takeover of the Internet? Let’s look at just how GREAT they Feds are at managing ANYTHING:

1. The US Postal Service, 100 Million A Month in the Negative and No Sign of it EVER making money or even breaking even…..

2. The Congressional Bank….CLosed due to so many bounced Personal Checks by Congressmen and women it went Bankrupt

3. Fanny Mae – Billions in Debt and Bailed out yet still in debt….

4. The Senate (Controlled By the Democrat Party)- NO BUDGET SUBMITTED (Much less passed) In 4 Years

5. The Supposed Housing Crisis and Supposed “Bank Bailout Crisis” both staged by the feds…like they believe they really faked the US Citizens out as they all lined their own pockets and repaid Political Debts with our hard-earned money

6. The VA where just last month a retired marine blew his brains out in front of his local VA Hospital because they refused to give him Pain Killers he required to stay sane…..

These are the people we want controlling the Internet which, with Nanotechnology, robotics, Cloud and Smarthome technology will have access to EVERYTHING AND EVERYONE?


FORGET IT!!! KEEP THE FREE ENTERPRISE AND BUSINESSES IN CHARGE AND LET THE FCC REGULATE MONOPOLISTIC BEHAVIOR PROPERLY! Rework the Monopoly laws with common-sense rules and then maybe we wouldn’t even be having this argument today!

U.S. sets sights on 300 Petaflop supercomputer

WASHINGTON — U.S. officials Friday announced plans to spend $325 million on two new supercomputers, one of which may eventually be built to support 300 petaflops, faster than any supercomputer running today.

The U.S. Department of Energy, the major funder of supercomputers used for scientific research, wants to have the two systems – each with a base speed of 150 petaflops – possibly running by 2017. Going beyond the base speed to reach 300 petaflops will take additional government approvals.

If the world stands still, the U.S. may conceivably regain the lead in supercomputing speed from China with these new systems. But how adequate this planned investment will look three years from now is a question.

The DOE also announced another $100 million in “extreme” supercomputing research spending.

The funding was announced at a press conference at the U.S. Capitol attended by lawmakers from both parties. But the lawmakers weren’t reading from the same script as U.S. Energy Secretary Ernest Moniz when it came to assessing the U.S.’s place in the supercomputing world.

Moniz said the awards for the two systems, which will be built at the DOE’s Oak Ridge and Lawrence Livermore National Laboratories, “will ensure the United States retains global leadership in supercomputing.”

But Rep. Chuck Fleischmann (R-Tenn.) put U.S. leadership in the past tense. “Supercomputing is one of those things that we can step up and lead the world again,” he said. The Oak Ridge lab is located in his state.

And Rep. Dan Lipinski (D-Ill.), whose state is home to the Argonne National Laboratory, said the U.S. lead “is being challenged by other countries,” and pointed out that the U.S. has dropped from having 291 supercomputers in the Top500 list to 233.

“Our technology lead is not assured,” said Rep. Bill Foster (D-Ill.), who lamented the movement of computer chip manufacturing to overseas locales.

In an interview, Foster said he believes there is good bipartisan support for supercomputing research, but the research may face a problem if GOP budget proposals in the House slash science funding by double-digit percentages.

It’s “going to be very hard to defend supercomputing budgets if you’re facing that sort of cut across all of science,” Foster said.

The U.S. leads the world in supercomputing in terms of the dominance of its vendors, research capability and, as Lipinski pointed out, in the overall number of systems in the top 500, but not in speed.

China has the top-ranked system, the Tianhe-2, at about 34 petaflops, and Japan and Europe have major investments underway in this area. (A petaflop is 1,000 teraflops, or 1 quadrillion floating-point operations per second. An exascale system is 1,000 petaflops.)

the Titan, despite using the same amount of power.

The new system to be built  at the Lawrence Livermore in California will known as Sierra.

These systems will use IBM Power CPUs and Nvidia’s Volta GPU, the name of the chip still in development.

Bill Dally, chief scientist at Nvidia, said in an interview that the GPUs will provide 90% of the compute capability on the new DOE machines. The improvement in power efficiency involved getting rid of overhead, including logic operations not directly involved with computation. Nvidia also looked at the data movement and focused on architectures to improve efficiency, such as colocating processes and minimizing the distance in which the data has to move.

Dally said chip efficiency will have to improve by a factor of 10 to get to exascale performance levels, but he believes that’s possible with this architecture. “We have enough things on our target list,” he said, referring to possible changes in the chip design.

The DOE announcement was made on the eve of next week’s supercomputing conference in New Orleans.

Moniz said supercomputing leadership is about not only the speed of the computer, but also how one matches and integrates that with the algorithms and software. And in that area, the U.S. has the deepest experience, he said, adding “we will sustain that leadership.”

By Patrick Thibodeau

This story, “U.S. sets sights on 300 petaflop supercomputer” was originally published by Computerworld.

Google’s super-secret process for finding potential employees

Early on in "The Matrix," Neo wakes up sitting in his desk chair to see a prompt on his PC monitor – "follow the white rabbit" – that ultimately leads him to the man he’d wanted to work with. Judging by a series of discussions on Hacker News, Google may be employing similar tactics.

Some programmers have reported receiving a prompt on their screen while browsing information on Python programming that invites them to Google Foobar, where they can solve difficult coding problems. No one can log into the site unless they’ve logged in before, suggesting that it’s an invite-only page. Here’s how a Hacker News userdescribed his invitation:

I was Googling some Python topic when my search results page suddenly split in the middle with some text saying something to the effect of "You speak our language, would you like to take a test?", linking to http://www.google.com/foobar/ .

I followed it and was led to a pseudo-shell, where I then found some coding problems. I can return to the page to continue working on them.

The discussion on Hacker News quickly turned to Google’s ambitions with the project. Many speculate that it’s an automated way to crowdsource potential employees through its search engine. Those who browse enough advanced information relating to the kind of programming Google is looking for might be a good fit, so why not devise a tool that reaches out to them? The coding tests can simply weed out those who might not be skilled enough, and could potentially uncover a "Good Will Hunting" kind of genius just waiting to solve a math problem on a chalk board.

Of course, some were skeptical and even annoyed at a Google tactic that appears to rely on large-scale monitoring of search results. But one Hacker News user who hinted at being a Google employee suggested that everybody relax:

Disclaimer: my opinions are my own and not representing those of my employer or co-workers. I have no direct relationship to this project and haven’t looked it up internally.

Has it occurred to any of you that we might do these things for sheer fun, because doing that is not only allowed but celebrated?

The Daily Dot has already covered this and the discussion is spreading to Reddit, so Google searches for Python information will probably spike in the next few days. Sure, you could always just find Google’s job listings the old-fashioned way, but wouldn’t it be more fun to see if your search habits make you seem smart enough for a job offer?

Sunnyvale-based enterprise storage platform Maxta has raised $25 million with Input from Andreessen & Horowitz


Sunnyvale-based enterprise storage platform Maxta has raised a $25 million Series B round led by Intel Capital and Tenaya Capital with participation from Andreessen Horowitz.

Maxta aims to redefine enterprise storage with its software that eliminates the need for specialized storage arrays to reduce cost and complexity.

Launched in November of last year, Maxta has raised $35 million in total funding to date.


By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

New York-based key management startup KeyMe has raised $7.8 million


New York-based key management startup KeyMe has raised $7.8 million in Series A funding from White Star Capital, Battery Ventures, 7-Ventures LLC, and Ravin Gandhi.

Through KeyMe’s mobile app, users can scan keys with their smartphone to make duplicates on the spot or order them by mail.

Launched in 2013, KeyMe has raised $10 million to date and will use the new funding to add hundreds of kiosks in local stores across the country within the next year and grow its 13-person team.



By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Boston-based insurance startup Consumer United has raised $14 million




Boston-based insurance startup Consumer United has raised $14 million in new funding co-led by Spark Capital and Thayer Street Partners with participation from Village Ventures and Five Elms. Consumer United provides online tools for consumers to compare rates on auto and home insurance for major insurance providers. Founded in 2007, Consumer United currently serves customers in 38 states and has raised a total of $70 million in funding to date.



By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

New York-based online invitations startup Paperless Post has raised $25 million



New York-based online invitations startup Paperless Post has raised a $25 million Series C round led by August Capital with participation from existing investors RRE Ventures, SV Angel, Tim Draper, Ram Shriram, and Mousse Partners. Paperless Post lets users create custom invitations online and send them to their friends via email or offline with its new printing service PAPER. Launched in 2008, Paperless Post currently has over 45 million users and will use the new funding to accelerate mobile and online development.

By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

New iOS malware highlights threat to Apple mobile devices



A newly-discovered malware dubbed  Unflod Baby Panda is stealing Apple ID credentials from jailbroken iPhones and iPads, warn security researchers.

Unflod hooks into the SSLWrite function of an infected device’s security framework, according to a blog post by German security firm SektionEins.

The malware is designed to listen for outgoing connections. Once it recognises an Apple ID and password, it sends these unencrypted IDs and passwords to the cyber criminals behind the malware.

The Unflod malware also highlights the risks of installing unknown apps on jailbroken iPhones.

Reports of the malware targeting Apple iOS emerged in posts on reddit by iOS users hit by repeated system crashes after installing iOS customisations that were not part of the official Cydia market.

A developer for the Cydia market, an alternative to the Apple App Store, has responded to news by in a reddit comment, saying that the probability of Unflod coming from a default Cydia repository is fairly low.

However, he added: “I don’t recommend people go adding random URLs to Cydia and downloading random software from untrusted people any more than I recommend opening the .exe files you receive by email on your desktop computer”.

The origin and source of the malware is still unknown, which means no one can yet say which software package from what unofficial repository is likely to initiate an infection, according to security firm Sophos.

The infected file relies on add-on functionality, commonly available on jailbroken devices, known as Cydia Substrate or Mobile Substrate, the firm’s Paul Ducklin wrote in a blog post.

This “substrate” allows users to extend and modify the behaviour of iOS in ways that are deliberately prohibited by Apple on devices that have not been jailbroken.

However, Ducklin said the threat is limited because the malware can affect only jailbroken devices and SophosLabs has not had any report of “in the wild” infections.

“If you haven’t jailbroken your iOS device, you don’t need to worry.

“If you are a jailbreaker and you have been circumspect in what you choose to install, you probably don’t need to worry,” Ducklin wrote.

The malicious code only works only on 32-bit versions of jailbroken iOS devices, according to SektionEins.

There is no ARM 64-bit version of the code, which means the malware should never be successful on the iPhone 5S, iPad Air or iPad mini 2G, the firm told ArsTechnica.

SektionEins recommends that anyone affected by the malware should restore the device and change their Apple ID and password as soon as possible.

By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Google Owns Four of the Seven Online Businesses with more than One Billion Active Monthly Subscribers





By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

AOL Mail Hacked, Accounts Sending Spam



If you get a suspicious email from an AOL user, it’s probably best to delete it. The service has apparently been compromised and some accounts are sending out spammy messages.

But rather than compromising actual accounts, it appears the scammers are just spoofing them. As AOL explained in a help page, “spoofing is when a spammer sends out emails using your email address in the From: field. The idea is to make it seem like the message is from you – in order to trick people into opening it.”

“These emails do not originate from AOL and do not have any contact with the AOL Mail system – their addresses are just edited to make them appear that way,” the company said. “The message actually originates from the spammer’s email account and is sent from the spammer’s email server.”

The easiest way to tell if you’ve been affected is if your inbox is littered with message bounce backs from emails you never sent. Or perhaps a friend or two has been kind enough to alert you to the spam messages your account appears to be sending. To determine if you’ve been hacked versus spoofed, check you sent messages: if there are sent emails you didn’t send, it’s a hack. If there’s nothing there, it’s a spoof.

AOL is urging users to change their passwords and be on the lookout for sketchy emails so they don’t fall prey to phishing scams.

“AOL takes the safety and security of consumers very seriously, and we are actively addressing consumer complaints,” the company said in a statement. “We are working to resolve the issue of account spoofing to keep users and their respective accounts running smoothly and securely.Users can find the latest updates on our AOL Help site, and should contact us if they believe their account is being spoofed.”

It appears the problem has been going on for about a week. AOL’s @aolmailhelp Twitter account has been responding to complaints from users since at least April 15, most of which direct users to the help page.

UPDATE: AOL on Monday said it would change its email policies to avoid delivery of spoofed messages. “AOL Mail is immediately changing its policy to help mail providers reject email messages that are sent using forged AOL Mail addresses,” the company said. “By initiating this change, AOL Mail, along with other major email providers will reject these spoofed email messages, rather than deliver them to the recipient’s inboxes.” More details are on its blog.




By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Personal Cloud Market Expected to Reach $43.5 Billion by 2018



(PRWEB) April 20, 2014

The report “Personal Cloud Market – Global Advancements, Business Models, Technology Roadmap, Forecasts & Analysis – 2018”, defines and segments the global personal cloud market with analysis and forecasting of the global revenues. It also identifies drivers and restraints for personal cloud market with insights on trends, opportunities, and challenges. In addition to this, the report also offers business case analyses, models, and Go to Market (GTM) and pricing Strategies.

Browse 150+ market data table/figures spread through 176 pages and in-depth TOC on “Personal Cloud Market”.

By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Server makers rushing out Heartbleed patches


Enterprise IT vendors are rushing to protect users from the Heartbleed bug, which has been found in some servers and networking gear and could allow attackers to steal critical data — including passwords and encryption keys — from the memories of exposed systems.

Hewlett-Packard, Dell and IBM have set up pages that identify hardware and software products affected by Heartbleed, which exposes a critical defect in certain versions of OpenSSL, a software library for secure communication over the Internet and networks.

The bug, which was detailed last week, has already been patched in a new version of OpenSSL, but hardware companies are now racing to patch products relying on older versions. Firmware and software patches have been issued for HP’s BladeSystems and IBM’s AIX servers and also Dell’s appliances and networking equipment. In advisories, the server makers have advised customers to investigate hypervisors, OSes and middleware for possible vulnerabilities.

Some HP servers use OpenSSL for encryption and secure communication, and the company is conducting an “aggressive and comprehensive review of all actively supported products” for exposure to the Heartbleed bug, an HP support page said. The security updates are available for free to all customers, an HP spokesman said in an email on Monday.

HP on Sunday issued patches for some versions of server management tools BladeSystem c-Class Onboard Administrator, Smart Update Manager and the System Management Homepage running OpenSSL on Linux and Windows.

HP last week said it had not yet identified networking equipment affected by Heartbleed, but would continue investigating products.

Dell’s PowerEdge servers and OpenManage system management products are not likely affected by Heartbleed. But in a comprehensive Heartbleed advisory, Dell identified system management, security appliances and networking equipment affected by the bug.

Dell is working on patches for the Kace K3000 mobile-device management appliance, some Foglight network appliances and networking equipment running on Dell’s Networking Operating System (FTOS). The company has already issued firmware patches for affected SonicWall security appliances, and the advisory page on Dell’s website will be updated when fixes for more products are released.

IBM has found the Heartbleed bug affecting AIX servers, which use OpenSSL to implement communication across clusters via the TLS (Transport Security Layer) protocol. OpenSSL also enables SSL (Secure Sockets Layer) for secure communication over the Internet.

IBM has issued an OpenSSL patch for servers that shipped with AIX 6.1 OS with the TL9 protocol and AIX 7.1 with the TL3 protocol. IBM is also recommending upgrading to the new OpenSSL version on GPFS (General Parallel File System) versions 3.4 and V3.5 for AIX and Linux for Power and x86 servers. Software including WebSphere MQ, Sametime Community Server version 9 HF1 and Cloudant are affected by the Heartland bug.

IBM in an advisory suggested System Z server customers subscribe to the System z Security Portal for the latest patches and software updates.


By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International


vmware’s AirWatch EMM & Horizon gives them a SUITE MDM Solution to compete in the burgeoning BYOD market using their already formidable Enterprise footprint


Analysts seem to not be able to figure out what vmware’s $1.54 billion acquisition of AirWatch‘s enterprise mobility management (EMM) products, will be used for however, it seems obvious to me, they need to leverage their Enterprise penetration to grab a chink of the BYOD market they obviously see passing them by…My prediction is that it will be integrated with vmware’s Horizon suite, particularly Desktop as a Service (DaaS) and Mirage, a desktop management tool, to then compete in the growing MDM (Mobile Device Management) Solution Suite for the BYOD  market which is predicted to be massive with currently only around 35% of Enterprises having any type of BYOD policy in place and 50% of those failing due to employee unhappiness says Gartner, Vmware has a real opportunity here.

Mobile management vendors like AirWatch helped solve the major problems behind the remote desktop experience which traditionally was terrible as well as the technical issues revolving  mainly around security and technologies such as remote wipe. But integrating AirWatch with the Horizon Suite takes MDM one step further by making mobility more about the user experience and allowing a flexible “follow-me” type of remote desktop experience across physical networks and locations.

I think its a smart move and I’ve heard they’ve thrown a ton of resources behind the effort, personally I would have been doing this a year ago if it had been me advising vmware but, they apparently now seem to be scrambling to put something together and I wish them luck with their endeavors.


If you would like to find out more about these specfic VMware products, here are some links to explore and learn

vmware Horizon Suite

vmware Airwatch

Knowledge IS Power, Keep Learning!




By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Marc Andreessen Calls Warren Buffett An Old White Man Crapping On Technology He Doesn’t Understand



Recently, Warren Buffett called Bitcoin “a mirage” and warned investors to stay away.

Today, at the CoinSummit in San Francisco, executives at Andreessen Horowitz, which has invested millions in Bitcoin and plans to invest “hundreds of millions more,” responded.

First, Marc Andreessen reportedly said Buffett’s remarks were an example of “old white men crapping on new technology they don’t understand.”

Here’s how Andreessen characterized the comment this afternoon on Twitter:


Monte Malhotra @montemalhotra

.@pmarca Warren Buffett is just an old white man crapping on technology he doesn’t understand #bitcoin

Marc Andreessen         @pmarca


@montemalhotra Actual quote: “Track record of old white men who don’t understand tech crapping on tech they don’t understand still at 100%.”

Then, Balaji Srinivasan claimed Bitcoin had outperformed Berkshire Hathaway “by a lot.”

This is all per Marketwatch’s Saumya Vaishampayan live-blog of the event.

Bitcoin prices stand at $584.

Disclosure: Marc Andreessen, co-founder of Andreessen Horowitz, is an investor in Business Insider.

By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

WARREN BUFFETT: ‘Stay Away From Bitcoin. It’s A Mirage’


Warren Buffet told CNBC on Friday he would be “surprised a lot” if stock prices around the world fell 50 percent from their current levels in the near future.

He predicted there will be another financial crisis “someday” in the years ahead that will shock financial markets, but he doesn’t think it will happen anytime soon.

“Humans will behave in crazy ways, both on the upside and the downside in the next 50 years. It’s very unlikely they do it in the next few years because after something like 2008, once they get out of the emergency room, they’re a little more careful for awhile.”

During an appearance on CNBC’s “Squawk Box,” Buffett told 58-year-old host Joe Kernen that he will live to see the Dow at 100,000. “I won’t, but you will,” the 83-year-old Berkshire Hathaway chairman said.

Buffett pointed out that Berkshire stock has dropped 50 percent four times in its history, but always recovered.

After reading an preliminary version of former Treasury Secretary Tim Geithner’s upcoming memoir, Buffett said he now thinks his characterization of the 2008 crisis as an “economic Pearl Harbor” looks understated.

But the U.S. did recover and he believes “this country will come through anything.”

Even if the U.S. hadn’t guaranteed money market funds, preventing a total shutdown of the economy, “the United States would still come back. We would come back if we had some massive attack from abroad. … The farms don’t go away, the productive capacity doesn’t go away, human ingenuity doesn’t go away, the desire of people to live better in the future and for their kids doesn’t go away.”

Buffett said he’s been bullish on the U.S. economy since the fall of 2008, but he doesn’t expect it to rapidly accelerate this year. Instead, he thinks it will continue its slow upward trajectory.

He said he’d advise people to “stay away” from bitcoin because the cryptocurrency is a “mirage” without any intrinsic value, although it’s an efficient way to transfer dollars.

Buffett also said Berkshire Hathaway has “almost” eliminated its catastrophe insurance in the U.S. because rates have dropped too much.

“The rates came down dramatically, and we do not regard the exposure as having come down dramatically,” Buffett said.

Berkshire is still writing policies in Asia.

Asked about the controversy over faulty ignition switches in General Motors cars, Buffett said CEO Mary Barra has a “new chance” because she just started in the post but the company needs to tell the truth and act quickly to fix any problems.

He said his advice is to “Get it right, get it fast, get it out, get it over, but get it right first.”


By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Wave Broadband, Astound to deploy co-branded TiVo products


The 415,000 residential and business customers who receive their cable and Internet services from Wave Broadband and Astound in the Pacific Northwest will get access to co-branded versions of TiVo’s (Nasdaq: TIVO) whole home products and services as part of an overarching partnership between TiVo and Wave Division Holdings.

Products that include TiVo’s set-top boxes as well as its cloud-based service, whole home gateway DVR, TiVo Mini and TiVo Stream, will roll out by the middle of 2014, the two companies said in a press release. Additionally, TiVo will supply DTAs and a “multi-screen experience through TiVo, Web, iOS and Android mobile applications.”

Wave CEO Steve Weed predicted that the relationship “will bring a new standard of viewing experience to our key markets” in Washington, Oregon and California, including those in the San Francisco Bay area.

Weed added that merging Wave and TiVo into a co-branded service “will bring a new standard of viewing experience to our key markets while providing an optimized combination of all the great Wave and Astound content available now, plus access to new broadband content.”

For more:
– see this press release



By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Comcast-Apple rumor picked apart by skeptics



Calling a rumored streaming deal between Comcast (Nasdaq: CMCSA) and Apple (Nasdaq: AAPL) “too good to be true,” tech publication GigaOM and others questioned the timing and details of the Wall Street Journal report that set the industry abuzz.

“(T)he real deal breaker here seems to be Comcast’s merger with Time Warner Cable (NYSE: TWC),” GigaOM’s Janko Roettgers wrote. While other publications saw an Apple-Comcast deal as a way to pacify regulators reviewing the merger, Roettgers pointed out several reasons why that’s not the real issue.

In addition to having invested millions in building out its next-generation Xfinity service and related hardware, like the X1 set top box, “Comcast has long been the company most concerned about owning the relationship with the customer,” Roettgers wrote. Meaning that the cable giant wants to be the one that controls the vertical and the horizontal (if you’re into “Outer Limits” references, anyway). Comcast is already encouraging subscribers to access VOD services through its own apps on devices like Xbox and Roku, rather than standalone apps like HBO Go.

Engadget’s Richard Lawler called the rumor “interesting timing,” noting that the deal would supposedly enable the Apple TV device to stream linear content and DVR recordings over a managed connection to avoid traffic bottlenecks. Citing Apple’s historic lack of innovation or action in the TV space, Lawler expressed skepticism that the deal would go through. “The WSJ reported that Apple had shifted its focus to potentially working with cable providers back in 2012, and despite what’s happened in the industry since then, we’re still not holding our breath on this one.”

While there’s always a possibility the deal will happen, Business Insider‘s Jay Yarow saw it as a messy, potentially unprofitable move for Apple. Providing special treatment to Apple TV traffic would require Comcast to invest more in its own network to ensure a high-quality, reliable stream. Apple would likely want a cut of the cable operator’s subscriber revenue, Yarow said. “The whole thing sounds messy and complicated. It also seems like a relatively small business for Apple.”

There’s also a case for Apple doing something entirely different, but still content-related. The manufacturer recently recruited several cable industry veterans, including experienced content negotiators. Rumors are also swirling that it is considering offering an iTunes app for Android smartphones, as well as a new on-demand music streaming service to compete with Spotify and Beats Music.

For more:
WSJ has this story (sub. req.)

By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Netflix, Arris stocks rocked by Comcast-Apple rumors



The suggestion that Comcast (Nasdaq: CMCSA) and Apple (Nasdaq: AAPL) might get together and create a streaming service has negatively impacted stocks of two bystanding companies–Arris (Nasdaq: ARRS) and Netflix (Nasdaq: NFLX).

Arris, which supplies Comcast with its X1 set-top boxes, saw its stock decline 5.45 percent ($1.62) after news that Apple might be muscling in on its market–especially if Comcast gets its way and merges with Time Warner Cable (NYSE: TWC).

Zacks Equity Research, taking note of the market movement, tried to put things in perspective by pointing out that Arris occupies a strong spot in the home gateway space with a product that lets cable operators deliver content to “any third party Internet-enable devices including iPhones and iPads.”

“Any agreement with Apple to deliver its TV streaming service will only expand the market size of Arris,” the researcher noted.

Netflix, which is already battling for prime space on Comcast’s broadband networks, also took an 8 percent stock hit as a result of the discussions. Rightly so, suggested Brian Solomon in a Forbes posting.

“While an Apple TV hookup on the nation’s largest cable provider (one that could get even bigger if its proposed merger with Time Warner Cable goes through) still looks a long way off, Silicon Valley’s biggest tech company poses a big threat to Netflix–especially if it can get cable providers on its side,” Solomon wrote.

Of course that Apple TV play is no given.

“There is a fundamental mystery in why an Apple smart TV doesn’t already exist,” wrote Seeking Alpha‘s Mark Hibben. “After all, most mainstream consumer electronics companies already produce smart TVs so it’s not a matter of technological feasibility.”

It is, he suggested, more a matter of margin–as in how much money such a device would make.

“Apple knows that there’s no money to be made in screens, per se,” he wrote.

Apple also doesn’t have a stranglehold on content, which would make any Apple TV play without a screen.

Hibben suggested that Apple TV can happen if the Silicon Valley company concentrates on pushing the boundaries of 4K television.

“The dearth of 4K content and the restriction of Internet-only delivery works in Apple’s favor,” he contended. “An Apple 4K television doesn’t have to be able to carry the universe of content available to cable subscribers … it just needs to have substantial 4K content on iTunes. Even with relatively slow Internet connections, the Apple 4K TV will be able to download content unattended and store it on its very large hard drive.”

That end product is a ways off, which leads to questions about why discussions about very early talks about an Apple-Comcast alliance would have any kinds of repercussions among providers with existing products.

For more:
Zacks News has this piece
Forbes has this story
Seeking Alpha has this analysis



By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Former A&P exec pleads guilty to $1.2M ticket-selling scheme


A former executive at A&P admitted in federal court in Newark Tuesday that he fraudulently used company funds to buy over 7,000 tickets to Giants games, Lady Gaga concerts, “The Book of Mormon” musical and other high-demand events, then re-sold the tickets to pocket more than $1.2 million.

John Moritz, A&P’s former SVP of marketing, plead guilty to the scheme, which occurred between December 2010 and December 2011. The tickets Moritz purchased were supposed to be used to reward A&P employees for good work and “for other legitimate business purposes,” according to a statement by U.S. Attorney Paul Fishman.

In order to conceal the scheme, Moritz, according to court documents, asked ticket vendors to hand-deliver tickets directly to his residence. He also told certain ticket vendors to only issue invoices in amounts less than $100,000 in order to stay within his authorized invoice approval level as designated by A&P, according to court documents.

During this same period, A&P was under Chapter 11 bankruptcy protection and seeking wage and benefits concessions from its employees. Moritz left A&P in 2012.

The wire fraud count carries a maximum potential penalty of 20 years in prison and up to a $250,000 fine. Sentencing is scheduled for July 9.

For more:
-See this Supermarket News article


By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

JC Penney CEO Mike Ullman gets $1.5 million raise


J.C. Penney (NYSE: JCP) CEO Mike Ullman has received a pay raise of $1.5 million, according to recent documents filed with the Securities and Exchange Commission. With the pay increase, Ullman has the potential to earn up to $10 million in 2014.

Ullman’s new pay package includes a base salary of $1.5 million, $5 million in equity awards and an incentive award of up to 200 percent of his base salary, or $3 million. Ullman’s equity awards are split into an equal mix of performance-contingent stock options and performance-based restricted stock units.

In 2013, Ullman earned a base salary of $810,606 plus $1.58 million in other compensation, bringing his total earnings to $2.39 million for the year, according to documents filed with the SEC. He had no target incentive opportunities.

While Ullman’s bank account may be getting bigger, the J.C. Penney chief executive still faces a long road ahead in reviving the struggling retail chain. For the most recent quarter, J.C. Penney reported a revenue loss of $206 million and income of $35 million. For fiscal 2013, it lost $1.39 billion compared to the $985 million it lost the previous year. The results were actually a smaller-than-expected fourth-quarter loss. The chain predicted that sales will increase approximately 5 percent in 2014.

For more:
-See this New York Post article


By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Sally’s data breach possibly affected up to 280,000 customers


Sally Beauty Supply (NYSE: SBH) earlier this month said that about 25,000 credit card numbers were stolen during a data breach, but new evidence shows the hack could have been much larger, reports KrebsOnSecurity. Information from 282,000 cards has been found to be potentially linked to the Sally Beauty breach.

Data from Krebs’ analysis shows that the Sally breach could have been 10 times larger than the company reported, affecting nearly all 2,600 Sally Beauty store locations. The findings are based on zip codes connected to stolen cards listed for sale on a cybercriminal shop, reports Krebs. Researchers studied the batch of 282,000 cards and found there are nearly the exact same number of U.S. ZIP codes represented in the batch as there are unique U.S. ZIP codes of Sally Beauty stores. In fact, researchers reportedly found a 99.99 percent overlap in the ZIP codes.

This point is key — especially considering that in the wake of the Target (NYSE:TGT) breach, which was also first reported by Krebs — the list of 1,800 specific ZIP codes listed in the cybercriminals’ shop was nearly identical to the list of ZIP codes where Target stores are located.

Sally Beauty said on March 17 that credit card data from up to 25,000 customer accounts was compromised in a systems breach discovered on March 5. At the time, security analysts suspected the attack could be the work of the same criminals who stole 40 million credit and debit cards from Target, reports KrebsOnSecurity.

“We have now discovered evidence that fewer than 25,000 records containing card-present (track two) payment card data have been illegally accessed on our systems and we believe it may have been removed,” Sally Beauty said in a statement.

The Denton, Texas-based seller of beauty supplies said it is investigating with a forensics firm and is working with the U.S. Secret Service.

This Sally breach followed wide-scale attacks on Target and Neiman Marcus that occurred during the critical holiday shopping season. Last month, Target reported a 46 percent decline in fourth-quarter profit, as costs related to the breach weighed on the retailer’s earnings. Target was hit with $61 million in quarterly expenses from the breach.

Most recently, U.K. grocer Morrisons came under attack when personal information from about 100,000 of its employees was leaked by an insider and posted on the internet. The information included names, addresses and bank account details of staffers from all levels of the organization.

For more:
-See this KrebsOnSecurity article



By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

The IRS Just Made A Crucial Ruling About Bitcoin


The IRS has ruled Bitcoin should be treated as property, not as currency, for tax purposes.

According to Bitcoin tax expert Tyson Cross, this will create a significant burden on Bitcoin users, as every transaction they ever make using the digital currency will have to be reported in some way.

That would not be the case if it had been ruled a digital currency.

“Users will have to track their transactions and determine the amount of their taxable gain each time,” he told BI in an email. “It’s quite a burden. The rules on taxing foreign currency provide an exception for ‘personal transactions’ for that very reason. It would be great to have that exception (or something similar) apply to bitcoins as well.”

But Cross adds the IRS’ guidance may not stand forever. The Treasury Department should now begin developing formal regulations tailored to digital currencies.

That typically begins with a request for public comments, which was included in the notice,” he said. “Tax professionals can then identify issues and advocate possible solutions.  So between now and the issuance of actual regulations (which takes years), there’s ample opportunity to shape the tax treatment.”

The agency says anyone who holds the currency will have to calculate its value from the date it was received to determine whether a gain or loss was realized, and report the result.   

If you’ve done any Bitcoin mining, the fair market value of the virtual currency as of the date of receipt is includible in gross income. 

If you pay anyone in Bitcoin, you must file a W-2.

The Wall Street Journal’s tax guru Laura Saunders has a great explainer on what this all means »

Here is the full text of the IRS’ detailed Q&A:

Q-1:  How is virtual currency treated for federal tax purposes?

A-1:  For federal tax purposes, virtual currency is treated as property.  General tax principles applicable to property transactions apply to transactions using virtual currency.

Q-2:  Is virtual currency treated as currency for purposes of determining whether a transaction results in foreign currency gain or loss under U.S. federal tax laws?

A-2:  No.  Under currently applicable law, virtual currency is not treated as currency that could generate foreign currency gain or loss for U.S. federal tax purposes.

Q-3:  Must a taxpayer who receives virtual currency as payment for goods or services include in computing gross income the fair market value of the virtual currency?

A-3:  Yes. A taxpayer who receives virtual currency as payment for goods or services must, in computing gross income, include the fair market value of the virtual currency, measured in U.S. dollars, as of the date that the virtual currency was received.  See Publication 525, Taxable and Nontaxable Income, for more information on miscellaneous income from exchanges involving property or services.

Q-4:  What is the basis of virtual currency received as payment for goods or services in Q&A-3?

A-4:  The basis of virtual currency that a taxpayer receives as payment for goods or services in Q&A-3 is the fair market value of the virtual currency in U.S. dollars as of the date of receipt.  See Publication 551, Basis of Assets, for more information on the computation of basis when property is received for goods or services.

Q-5:  How is the fair market value of virtual currency determined?

A-5:  For U.S. tax purposes, transactions using virtual currency must be reported in U.S. dollars.  Therefore, taxpayers will be required to determine the fair market value of virtual currency in U.S. dollars as of the date of payment or receipt.  If a virtual currency is listed on an exchange and the exchange rate is established by market supply and demand, the fair market value of the virtual currency is determined by converting the virtual currency into U.S. dollars (or into another real currency which in turn can be converted into U.S. dollars) at the exchange rate, in a reasonable manner that is consistently applied.

Q-6:  Does a taxpayer have gain or loss upon an exchange of virtual currency for other property?

A-6:  Yes.  If the fair market value of property received in exchange for virtual currency exceeds the taxpayer’s adjusted basis of the virtual currency, the taxpayer has taxable gain.  The taxpayer has a loss if the fair market value of the property received is less than the adjusted basis of the virtual currency.  See Publication 544, Sales and Other Dispositions of Assets, for information about the tax treatment of sales and exchanges, such as whether a loss is deductible.

Q-7:  What type of gain or loss does a taxpayer realize on the sale or exchange of virtual currency?

A-7:  The character of the gain or loss generally depends on whether the virtual currency is a capital asset in the hands of the taxpayer.  A taxpayer generally realizes capital gain or loss on the sale or exchange of virtual currency that is a capital asset in the hands of the taxpayer.  For example, stocks, bonds, and other investment property are generally capital assets.  A taxpayer generally realizes ordinary gain or loss on the sale or exchange of virtual currency that is not a capital asset in the hands of the taxpayer.  Inventory and other property held mainly for sale to customers in a trade or business are examples of property that is not a capital asset.  See Publication 544 for more information about capital assets and the character of gain or loss.

Q-8:  Does a taxpayer who “mines” virtual currency (for example, uses computer resources to validate Bitcoin transactions and maintain the public Bitcoin transaction ledger) realize gross income upon receipt of the virtual currency resulting from those activities?

A-8:  Yes, when a taxpayer successfully “mines” virtual currency, the fair market value of the virtual currency as of the date of receipt is includible in gross income.  See Publication 525, Taxable and Nontaxable Income, for more information on taxable income.

Q-9:  Is an individual who “mines” virtual currency as a trade or business subject to self-employment tax on the income derived from those activities?

A-9: If a taxpayer’s “mining” of virtual currency constitutes a trade or business, and the “mining” activity is not undertaken by the taxpayer as an employee, the net earnings from self-employment (generally, gross income derived from carrying on a trade or business less allowable deductions) resulting from those activities constitute self-employment income and are subject to the self-employment tax.  See Chapter 10 of Publication 334, Tax Guide for Small Business, for more information on self-employment tax and Publication 535, Business Expenses, for more information on determining whether expenses are from a business activity carried on to make a profit.

Q-10:  Does virtual currency received by an independent contractor for performing services constitute self‑employment income?

A-10:  Yes.  Generally, self‑employment income includes all gross income derived by an individual from any trade or business carried on by the individual as other than an employee.  Consequently, the fair market value of virtual currency received for services performed as an independent contractor, measured in U.S. dollars as of the date of receipt, constitutes self‑employment income and is subject to the self-employment tax.  See FS-2007-18, April 2007, Business or Hobby? Answer Has Implications for Deductions, for information on determining whether an activity is a business or a hobby.

Q-11:  Does virtual currency paid by an employer as remuneration for services constitute wages for employment tax purposes?

A-11:  Yes.  Generally, the medium in which remuneration for services is paid is immaterial to the determination of whether the remuneration constitutes wages for employment tax purposes.  Consequently, the fair market value of virtual currency paid as wages is subject to federal income tax withholding, Federal Insurance Contributions Act (FICA) tax, and Federal Unemployment Tax Act (FUTA) tax and must be reported on Form W-2, Wage and Tax Statement.  See Publication 15 (Circular E), Employer’s Tax Guide, for information on the withholding, depositing, reporting, and paying of employment taxes.

Q-12:  Is a payment made using virtual currency subject to information reporting?

A-12:  A payment made using virtual currency is subject to information reporting to the same extent as any other payment made in property.  For example, a person who in the course of a trade or business makes a payment of fixed and determinable income using virtual currency with a value of $600 or more to a U.S. non-exempt recipient in a taxable year is required to report the payment to the IRS and to the payee.  Examples of payments of fixed and determinable income include rent, salaries, wages, premiums, annuities, and compensation.

Q-13:  Is a person who in the course of a trade or business makes a payment using virtual currency worth $600 or more to an independent contractor for performing services required to file an information return with the IRS?

A-13:  Generally, a person who in the course of a trade or business makes a payment of $600 or more in a taxable year to an independent contractor for the performance of services is required to report that payment to the IRS and to the payee on Form 1099-MISC, Miscellaneous Income.  Payments of virtual currency required to be reported on Form 1099-MISC should be reported using the fair market value of the virtual currency in U.S. dollars as of the date of payment.  The payment recipient may have income even if the recipient does not receive a Form 1099-MISC.  See the Instructions to Form 1099-MISC and the General Instructions for Certain Information Returns for more information.  For payments to non-U.S. persons, see Publication 515, Withholding of Tax on Nonresident Aliens and Foreign Entities.

Q-14:  Are payments made using virtual currency subject to backup withholding?

A-14:  Payments made using virtual currency are subject to backup withholding to the same extent as other payments made in property.  Therefore, payors making reportable payments using virtual currency must solicit a taxpayer identification number (TIN) from the payee.  The payor must backup withhold from the payment if a TIN is not obtained prior to payment or if the payor receives notification from the IRS that backup withholding is required.  See Publication 1281, Backup Withholding for Missing and Incorrect Name/TINs, for more information.

Q-15:  Are there IRS information reporting requirements for a person who settles payments made in virtual currency on behalf of merchants that accept virtual currency from their customers?

A-15:  Yes, if certain requirements are met.  In general, a third party that contracts with a substantial number of unrelated merchants to settle payments between the merchants and their customers is a third party settlement organization (TPSO).  A TPSO is required to report payments made to a merchant on a Form 1099-K, Payment Card and Third Party Network Transactions, if, for the calendar year, both (1) the number of transactions settled for the merchant exceeds 200, and (2) the gross amount of payments made to the merchant exceeds $20,000.  When completing Boxes 1, 3, and 5a-1 on the Form 1099-K, transactions where  the TPSO settles payments made with virtual currency are aggregated with transactions where the TPSO settles payments made with real currency to determine the total amounts to be reported in those boxes.  When determining whether the transactions are reportable, the value of the virtual currency is the fair market value of the virtual currency in U.S. dollars on the date of payment.

See The Third Party Information Reporting Center, http://www.irs.gov/Tax-Professionals/Third-Party-Reporting-Information-Center, for more information on reporting transactions on Form 1099-K.

Q-16:  Will taxpayers be subject to penalties for having treated a virtual currency transaction in a manner that is inconsistent with this notice prior to March 25, 2014?

A-16:  Taxpayers may be subject to penalties for failure to comply with tax laws.  For example, underpayments attributable to virtual currency transactions may be subject to penalties, such as accuracy-related penalties under section 6662.  In addition, failure to timely or correctly report virtual currency transactions when required to do so may be subject to information reporting penalties under section 6721 and 6722.  However, penalty relief may be available to taxpayers and persons required to file an information return who are able to establish that the underpayment or failure to properly file information returns is due to reasonable cause.

And here is an additional set of bulleted implications:

  • Wages paid to employees using virtual currency are taxable to the employee, must be reported by an employer on a Form W-2, and are subject to federal income tax withholding and payroll taxes.
  • Payments using virtual currency made to independent contractors and other service providers are taxable and self-employment tax rules generally apply.  Normally, payers must issue Form 1099.
  • The character of gain or loss from the sale or exchange of virtual currency depends on whether the virtual currency is a capital asset in the hands of the taxpayer.
  • A payment made using virtual currency is subject to information reporting to the same extent as any other payment made in property.

By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

BYOD Could Spell Trouble: Survey


More than half the organizations responding to a new survey said they have no response ready for a hack into data on notebooks, tablets and smartphones their staff is using as “bring your own devices.”

 BYOD Chart

The survey–conducted by Information Technology Intelligence Consulting and security trainer KnowB4.com– also found that half of the respondents concede that BYOD and corporate-owned devices may have been breached in the past 12 months without their knowledge, leaving data and applications alike vulnerable to internal and external threats.

ITIC and KnowBe4 said they drew their conclusions from a February survey conducted online among IT professionals at more than 300 organizations in 30 vertical market segments including 80% from North America and ranging in size from fewer than 200 employees to more than 10,000.

Along with no knowing they had been breached or having a plan for dealing with problems from personal devices, ITIC and KnowBe4 said, “56% of organizations acknowledge they are not fortifying their existing security measures, taking extra precautions or implementing security training despite recent high-profile security attacks against Fortune 1000 firms like Adobe, Reuters, Target, Skype, Snapchat and others.”

Other survey highlights:

  • 34% of the participants acknowledged they either “have no way of knowing” or “do not require” end users to inform them of security issues with employee-owned BYOD.
  • Three in 10 respondents were unaware or unable to discern whether BYOD security breaches impacted servers, mission critical apps or network operations.
  • 32% said they either have no BYOD-specific security in place or don’t know.

Recommendations from the report–titled “2014 State of Corporate Server, Desktop and BYOD Security Trends Survey”“–include:

  • Conduct regular security audits and vulnerability testing. Include server hardware, server OS, application and network infrastructure to identify vulnerabilities and compare security across platforms.
  • Regularly review and update policies and procedures. Corporations should review and update their security policies annually at a minimum or as needed to address emerging technologies and trends like BYOD and mobility.
  • Perform due diligence. Become familiar with all specifics of the platform before beginning any new technology deployment (such as server hardware, application software, virtualization and cloud deployments.)
  • Ensure compliance. The ability to adhere to compliance standards and meet service-level agreements hinges on server security, reliability and uptime.
  • Estimate the cost of downtime. “Being able to affix a monetary cost to a security breach and assess the potential risk and damages that ensue in the wake of a security breach, will make the most cogent and compelling case for strong security mechanisms and security awareness training,” ITIC and KnowBe4 said.

By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Top 10 Best HTML5 Sites of 2014


I personally believe HTML5 was what the Web was made for….In case you did not realize just HOW COOL it can be, it replaces Flash (Adobe has recently just published its final version of Flash which is no longer supported because HTML5 does what it did and a lot more so much better), it can do animation natively, embedded videos and audio can now be accomplished with just a simple tag, just like an image!, drag & drop, edit any document instantly in your browser window, HTMLL5 Game Development (HTML5 now has game development capabilities built into it so browser based games will be seamless and native which translates into a much faster and better gaming experience), cool effects like shadows and flash type buttons or transition effects are native to the html5 code now so there is no need to use an outside application to make your website stunningly beautiful,  hundreds of Icons, native tabs and a list of cool features so long that even I’m discovering new ones all the time…Best of all however, HTML5 was developed from the outset with the specific goal of delivering the Best Mobile Experience Ever.

We have therefore decided to make it part of our mission to share more of these sites, code feature snippets and tutorials to help keep you up-to-date and get less technical readers to upgrade their browsers to the newest version and hopefully wean them off of Internet Explorer and on to a Open Source Quality Browser such as Mozilla Firefox and Google Chrome, both of which Render HTML much closer to the way it should be than Microsoft’s Proprietary Product ever has. Download Mozilla Firefox or Chrome

Top 10 Best HTML5 Websites of 2014 based on visual artistry, integrated sound, ease of use, and uniqueness:

1 | The Wilderness Downtown
The Wilderness Downtown is an interactive music video for Arcade Fire’s song ”We Used to Wait”. Visitors are asked to input the address of the home they grew up in and then the site uses Google Earth and HTML5 to create a personalized music video that takes the user on a journey back home.

2 | Heart of The Artic
Heart of The Arctic takes users on an Arctic expedition/scavenger hunt through four distinct environments designed to show users the steps that would be needed to restore climate balance to the arctic region. This site perfectly showcases how Html5 can be used to create fun and educational websites.

3 | Three Dreams of Black
3 Dreams of Black uses HTML5 to promote Danger Mouse and Daniele Luppi’s album Rome. The site creates a 3D interactive world using WebGL where all the objects in the video react to both the music and user inputs. The site will make you feel as if you’ve EXPERIENCED the song and not simply listened to it.

4 | Enjoy Your Privacy
The website was created to warn consumers about the dangers of not using password protection on their mobile devices. This is done by using Html5 to produce a second-screen experience that will truly scare those that hitherto have avoided password protecting their mobile devices. So protect yourself.

5 | Google Play Music Tour
Google here uses Html5 to showcase the many features of its Google Play streaming music service. This is one of the prime examples of how the integration of video, sound, and interactive graphics can be brought together with Html5 to create an exciting and fun product promo that can drive consumer usage.

HTML5 was developed from the outset with the specific goal of delivering the Best Mobile Experience Ever, and it has surpassed all expectations!

6 | Soul Reaper
A scroll activated digital comic book developed by Saizen Media uses HTML5 to breathe some new live into the presentation of graphic stories. The added motion and pacing makes the static images and story seem to come alive in a way that seems to be a bridge between old comics and video.

7 | The Expressive Web
Adobe created the Expressive Web website to highlight the functionality and creative potential offered through the use of HTML5 and CSS3. Through various examples and code snippets this is truly the best ”advanced” HTML5 user guide we’ve seen. This site should be bookmarked by all HTML5 developers.

8 | Art of Stars
Art of the Stars uses your IP address to draw a picture of the Star constellation directly above you. What is most interesting about this project is that it uses HTML5 to develop an application on the web in a similar manner to those currently built in mobile applications for the Droid and iPhone.

9 | This Shell
This Shell website is an HTML5 experiment created by Legwork Studios that promotes Gamit’s new album ”Parts” in a rather fun and rewarding manner. The website presents fans with a video puzzle that if solved, before the music ends, allows them access to a free mp3 download of the song.

10 | Lost Worlds Fair
The Lost World’s Fair site was developed to showcase the HTML5 capabilities inherent in IE9 by creating interactive posters that take users on a journey to three fabled locales. By using your mouse to scroll down each poster visitors are allowed to uncover further mysteries hidden in each location.

By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

The Next Frontier in Crowdsourcing: Your Smartphone

Researchers have shown that the swipe-to-unlock action can be replaced with useful data collection or micro-tasks.
Rather than swiping the screen or entering a passcode to unlock the smartphone in my hand, I have to tell it how energetic the people around me are feeling by tapping one of four icons. I’m the only one here, and the one that best fits my actual energy level, to be honest, is a figure lying down and emitting a trail of z’s.I’m trying out an Android app called Twitch. Created by Stanford researchers, it asks you to complete a few simple tasks—contributing information, as with the reported energy levels, or performing simple tasks like ranking images or structuring data extracted from Wikipedia pages—each time you unlock your phone. The information collected by apps like Twitch could be useful to academics, market researchers, or local businesses. Such software could also provide a low-cost way to perform useful work that can easily be broken up into pieces and fed to millions of devices.

Twitch is one of several projects exploring crowdsourcing via the lock screen. Plenty of people already contribute freely to crowdsourcing websites like Wikipedia and Quora or paid services like Amazon’s Mechanical Turk, and the sustained popularity of traffic app Waze shows that people are willing to contribute to a common cause from their handsets if it provides a timely, helpful result.

There are certainly enough smartphones with lock screens ready to be harnessed. According to data from market researcher comScore, 160 million people in the U.S.—or 67 percent of cell phone users—have smartphones, and nearly 52 percent of these run Google’s Android OS, which allows apps like Twitch to replace the standard lock screen.

Michael Bernstein, an assistant professor at Stanford working on Twitch, sees this kind of bit-by-bit mass data collection—while you’re waiting for an elevator or sitting in a boring meeting—as a way to get around the time requirements of some current crowdsourcing efforts. “Many people wish they could help but simply don’t make it a priority,” he says.

In a study conducted by the Stanford researchers, 82 Twitch users completed 19 tasks per day over a three-week period. Participants were asked how many people were nearby, how they were dressed, and how energetic or lethargic they were—a novel mobile measure of public activity. The researchers found that the tasks weren’t more time-consuming or distracting than the basic slide-to-unlock gesture—the median time to complete each task was 1.6 seconds, while the unlock gesture was 1.4 seconds.

“All we did was replace that gesture that makes sure you’re paying attention with something else that makes sure you’re paying attention and also happens to contribute to some global goal,” Bernstein says.

Those who participated were not offered any payment for their efforts, but the app told them how many people nearby chose the same answer as they did. That may not be enough of an incentive to persuade people to participate, though. A little more than half of the study participants used the app, on average, for 32 days, but nearly half of the study’s participants uninstalled the app within a day.

Khai Truong, an associate professor at the University of Toronto who studies ways to make mobile computing more useful, developed a similar app but tried paying people to use it.

Truong gave 10 study participants $20 apiece to spend two weeks using an Android app called Slide to X that presented them with one of several different tasks to perform to unlock the phone: a standard swipe, a multiple-choice question about the user’s health or recent activities, or an easy math question designed to determine whether the user was actually providing thoughtful answers or just tapping on one at random. The app also collected data like the number of times a user unlocked his phone, and where he was and what time it was when he unlocked it.

Truong found that people in the study answered an average of 50 questions per day apiece, or 772 total over the full two weeks, and that they did seem to be engaging with the questions rather than absentmindedly tapping the screen. The compensation worked out to a bit less than 3 cents per question, and all but one participant said they’d be willing to continue the study for the same amount of time and compensation. “It’s a good indication that this kind of interface doesn’t require a lot of financial compensation for people to want to use it,” Truong says.

Truong is working on an application that anyone can use for simple, nonprofit data collection by asking multiple-choice questions (although rather than paying users, he imagines those using the app to gather data will make donations to a user’s charity of choice). He says this could be especially useful for gathering information that can’t be picked up while sitting in front of a computer—such as how noisy different parts of a city are at different times of day.

Bernstein and the Twitch group are also prepping a new version of their app that asks users to help structure the Web by checking the accuracy of facts posed by University of Washington-developed information extraction software Reverb’s analysis of Wikipedia text. The app is expected to be available in a month or two.

A paper about Twitch and another about a Slide to X will be presented at the upcoming Conference on Human Factors in Computing Systems in Toronto in April.

By: Jarrett Neil Ridlinghafer
CTO of the following startups –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Lands’ End to spin off from Sears on April 4


Sears Holdings (NASDAQ: SHLD) announced it will spin off the Lands’ End clothing business on April 4, a mere five months after floating the idea.

The deal, which was announced in December, will turn Lands’ End into a stand-alone, publicly-traded company.

Lands’ End, which sells clothing and home goods, was launched in 1963 as a sailboat hardware and equipment catalog, but later emerged as a clothing company by 1977. Sears has owned the brand since 2002 and most of its 253 retail outlets are located inside Sears stores. As part of the spinoff, Lands’ End will enter into a lease agreement, initially paying Sears about $27 million in total annual rent for those locations. The lease obligation will drop to $10.9 million for 102 Sears locations by 2019, according to the filing.

Sears said in October that it was considering separating the Lands’ End and Sears Auto Center businesses from the rest of the company to raise cash amid dwindling sales. Sears said its fourth-quarter losses were $358 million compared with $489 million last year. Total sales fell 13.6 percent to $10.59 billion hurt by lower same-store sales and fewer Kmart and Sears full-line stores in operation. U.S. same-store sales slid by 7.8 percent at Sears.

Sears has been busy spinning off businesses and selling assets. The company’s Hometown, Sears Outlet, and Orchard Supply Hardware stores were previously sold to raise cash.

For more:
-See this Sears earnings statement

By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Quiznos files for Chapter 11 bankruptcy protection


Sandwich chain Quiznos has filed for Chapter 11 bankruptcy protection as it struggles to compete with newer concepts.

Quiznos listed debt of more than $500 million in court documents filed in U.S. Bankruptcy Court in Wilmington, Del. Executives at the restaurant chain agreed to a restructuring plan that will reduce its debt by more than $400 million, the company said in a statement.

Quiznos operates 2,100 locations worldwide, and all but seven are independently owned franchises. All units will remain open during the restructuring.

Quiznos follows behind pizza chain Sbarro, which also filed for Chapter 11 bankruptcy protection last week on Mar. 10.

This is the second attempt in two years that Quiznos has made at getting its finances in order. In early 2012, the company entered an out-of-court restructuring deal with creditors that trimmed its debt by more than a third to approximately $570 million. The turnaround plan stalled, however, when the chain failed to hit its performance targets. Then, at the end of 2013, the chain missed a major loan payment, and eventually entered a forbearance agreement with creditors to give the company more time to pay its debts while maintaining its liquidity.

The Denver-based chain has closed thousands of restaurants over the past few years as it struggles to measure up against its dominant rival Subway and newer upstarts such as Potbelly. Quiznos’ store count pales in comparison to Subway’s more than 41,000 stores around the globe and 26,000 in the U.S. Quiznos’ current store count is less than half of the nearly 5,000 restaurants that were open during its peak in 2008.

The chain’s franchise structure has also hindered operations. Franchisees maintain it’s difficult to meet sales goals thanks to fees paid to Quiznos. Franchisees are also required to buy everything from food to condiments and paper supplies from Quzinos’ distribution business, American Food Distributors, which store operators allege charges more than what they’d pay elsewhere.

Franchisees also gripe that Quiznos has wasted time introducing new products, such as pasta items, rather than improving existing menu items.

By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Sally Beauty confirms card data breach, 25,000 customers affected


Sally Beauty Holdings (NYSE: SBH) said Monday that credit card data from up to 25,000 customer accounts was compromised in a systems breach discovered on Mar. 5.

The attack could be the work of the same criminals who stole 40 million credit and debit cards from Target, reports KrebsOnSecurity.

“We have now discovered evidence that fewer than 25,000 records containing card-present (track 2) payment card data have been illegally accessed on our systems and we believe it may have been removed,” Sally Beauty said in a statement.

The Denton, Texas-based seller of beauty supplies says it is investigating with a forensics firm and is working with the U.S. Secret Service.

Sally Beauty currently owns and operates more than 2,800 Sally Beauty Supply stores worldwide, including stores in Puerto Rico, Canada and every state in the U.S.

This data breach follows wide-scale attacks on Target (NYSE:TGT) and Neiman Marcus that occurred during the critical holiday shopping season. Last month, Target reported a 46 percent decline in fourth-quarter profit, as costs related to the breach weighed on the retailer’s earnings. Target was hit with $61 million in quarterly expenses from the breach.

Most recently, U.K. grocer Morrisons came under attack when personal information from about 100,000 of its employees was leaked by an insider and posted on the Internet. The information included names, addresses and bank account details of staffers from all levels of the organization.

For more:
-See this Sally Beauty press release
-See this KrebsOnSecurity article

By: Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Hadoop Magazine
Cloud Consulting International

Re-thinking Gender in Born Global Startups – Female Founders on the Rise


This week Google for Entrepreneurs kicked off their monthlong #40forward campaign, committing $1 million in aggregate to 40 startup-focused partner organizations, challenging them to increase the representation of women in their respective tech communities.

The campaign is a great reminder for everyone to gather and amplify the work being done by women in tech, consider new ways to advance female entrepreneurs and learn from the ways in which they already drive startup success. Globally, we’re seeing an increasing number of female founders enter the tech scene. This year alone might just be the tipping point!

Blackbox Connect, our 2 week immersion program in Silicon Valley for foreign tech entrepreneurs, will have 50% female founders in this upcoming March program powered by Google for Entrepreneurs. These results were unintentional; we selected the best of the best founders nominated by our partners, who did a great job encouraging female founders to apply. We’re excited to see the female talent we continue to attract in 2014.

Vladan Petrović, co-founder of Pubsonic and Blackbox Connect October ‘13 graduate, reflected on the vitality of having female co-founder, Ivana Gadjanski, to the success of their company.

“Ivana’s female perspective contributed to Pubsonic’s complete business image and strategy. Our female-male cooperation enabled us to be complete as a team and it gave rise to our personal qualities. The truth is that we wouldn’t be where we are now without our female co-founder.”

We want to highlight a new mother Julia Szopa, original “Captain Ivanova” of Blackbox Connect, now co-founder of her own company, Wellfitting, a Blackbox Accelerated company. What’s more, Julia launched Wellfitting three months after giving birth to her first child (photo above)! Wellfitting makes hand crafted lingerie accessible to women of all shapes and sizes, helping boost their confidence in return. Her motto is “live the well-fitting life,” meaning that the world should fit “you” versus “you” fitting the world. Read her post about 5 Things Being a Mom Can Teach You About Startups.

We’re inspired by founders like Julia and Ivana and look forward to helping others across the globe accomplish their dreams despite the challenges they face as entrepreneurs, gender aside. Who are the female role models challenging the gender gap in your community? Tweet us at @blackboxvc.

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Cloud Consulting International

Cisco revamps enterprise product pricing


Cisco licensing model for suites intended to simplify customer purchases

Network World – SAN JOSE — In an effort simplify enterprise customer procurements, Cisco is implementing a licensing model for data center, WAN and access product purchases.

The new model, disclosed by Cisco executives in a roundtable session with reporters this week, will package Cisco’s new Application Centric Infrastructure controller – called Application Policy Infrastructure Controller, or APIC – with CiscoONE APIs and software developer kits, virtual switches and the company’s traditional router and switch hardware in four offerings for enterprise data center, WAN and access applications.

The four packages include:

  • CiscoONE Essentials, which include APIC, virtual switch, Cisco onePK southbound interfaces and oneDK development kit;
  • CiscoONE Foundational Elements, which includes management tools like Cisco Prime, ACI Fabric, and Layer 2/3 networking services;
  • CiscoONE Advanced Services, for policy-based, optimized end-to-end application delivery;
  • And CiscoONE Advanced Security Services, for end-to-end network security and threat defense.

+MORE ON NETWORK WORLD: First Look: Cisco ACI re-imagines the enterprise data center network +

“We have a bunch of products. We’ll turn those products into licenses – a data center suite, a WAN suite, an access suite – for the enterprise,” said Cisco President Rob Lloyd. “We’ll allow the customer to consume the full capabilities in a domain or across the full enterprise. It’ll be simpler and cost-effective to buy whole suites. The APIC controller is fundamental to every domain.”

We have a bunch of products. We’ll turn those products into licenses – a data center suite, a WAN suite, an access suite – for the enterprise.
— Cisco President Rob Lloyd

Lloyd said more details on the licensing model, including pricing, will be disclosed at the CiscoLive conference in May. Rob Soderbery, senior vice president of Cisco’s Enterprise Group, said programmability and orchestration should not be targeted solely at the data center.

“With the data center focus” of software-defined networking and programmability “people lost sight of the other domains. We (Cisco) have over 400 business-to-business connection points. Orchestrating the data center is important but orchestrating the WAN is just as important. Product brands will be much less important than the suite itself. With our product breadth, we need to simplify consumption. The challenge for us will be simplification and packaging.”

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Cloud Consulting International
Hadoop Magazine

Radtke’s death brings the number of questionable financial sector “Suicide” or “Accidental” deaths to THIRTEEN & I don’t buy it One BIT


It appears bitcoin’s recent turmoil has claimed its first life…… to go with the 9 Other Big Name Executives of Financial Instutions around the globe just in the last few months and all of strangeaccidents” or “suicides

Autumn Radtke a 28-year-old American CEO of bitcoin exchange firm First Meta was found dead in her Singapore apartment on Feb. 28

Autumn Radtke was found dead at the bottom of an apartment block at Cantoment Close last Wednesday March 5th

Local media are calling it a suicide, but Singapore officials are waiting for toxicology test results. Local police have called it an “unnatural death”…

The 28-year-old American boss of a Bitcoin exchange has been found dead at the base of a Singapore apartment block, police and reports said Thursday, in the latest misfortune linked with the troubled virtual currency.

Singapore police said they were investigating the “unnatural” death of Autumn Radtke, chief executive of Singapore-based First Meta, on February 26, but that no foul play was suspected. If you believe that, then I have some Ocean-Front property in Arizona for you to purchase…real cheap!


Radtke formerly worked with Apple and other Silicon Valley tech firms on developing digital payment systems.


Zennon Kapron, the Shanghai-based managing director of Kapronasia, a financial consulting firm which deals with Bitcoin firms, described First Meta as one of the pioneers of virtual currency exchanges.

“What happened to her is very unfortunate. I had the opportunity to meet her last year. She was somebody always very happy, outgoing, and had a way of bringing people together both within the virtual currency community and outside as well,” he told AFP.

“Until we know what happened around (Radtke’s death), it is wrong to speculate on whether there is a relationship between that and the situation with Bitcoin as a whole.”

He said Singapore’s openness to new payment methods, talent pool as well as its status as a financial hub made it a “natural place for Bitcoin firms to get a start”, along with Hong Kong.

According to her profile on business networking site LinkedIn, Radtke began her career in enterprise cloud computing and in 2007 worked with Apple to supply the Aqua Connect server product to major companies.

It said she “passed on an opportunity to work at Apple to stay in the fast-paced world of technology start ups”.

She moved to Singapore in 2012 to head First Meta, a web-based exchange for users to buy, sell and trade virtual currencies for real money.

Radtke’s death comes as controversy surrounding the Bitcoin sector grows.

After the MtGox exchange filed for bankruptcy protection last month, Canada-based Flexcoin was also forced to shut down, saying that someone attacked its systems and stole nearly $600,000 worth of Bitcoins.

First Meta last year secured funding of $588,000 from Silicon Valley-based technology firm Plug and Play Tech Center.

Singapore is Southeast Asia’s main hub for technology startups as well as for global computer and software companies and financial institutions.

Its central bank, the Monetary Authority of Singapore (MAS), has cautioned that virtual currencies are not legal tender and those who deal in them should be aware of the risks.


Radtke’s death brings the number of questionable financial sector deaths this year to THIRTEEN IN ONLY 6 MONTHS.

1. ABC Verlag (greetings cards, not finance) — CEO Daniel Eicher — suicide, left two notes — week of 6/10/2013

2. Swisscom (telecom) – CEO Carsten Schloter, 49 — suicide, found hanging — 7/23/13

3. Bank of America — intern Moritz Erhardt, 21 — seizure due to exhaustion — week of 8/12/2013

4. Zurich Insurance Group AG (insurance) — CFO Pierre Wauthier — suicide, found hanging, left two notes — 8/26/2013

bank-failures5. Wall Street — hedge fund exec Robert Wilson, 87 — suicide, jumped from 16th floor — week of Dec 23, 2013. (He gave away $800 million prior to death.)

6. Wall Street Journal — reporter  David Birdmissing/disappeared – 1/11/2014 (covered in our original piece)

7. Swiss Re AG — U.K.–based communications director Tim Dickenson — cause not released — week of  1/19/2014

8. Deutsche Bank AG — executive William Broeksmit — apparent suicide, found hanging— 1/26/14 (covered in our original piece)

9. JP Morgan — banker Gabriel Magee — jumped or fell from building, Canary Wharf, London — 1/28/14 (covered in our original piece)

10. Russell Investment — Mike Dueker, 50 — found dead next to Tacoma Narrows Bridge, suicide — week of 1/26/2014 (covered in our original piece)

11. JPMorgan — equities trading executive Ryan Crane, 37 — no cause given — 2/3/14

12. American Title (insurance) — CEO Richard Talley, 57 — suicide by nail gun, 7 or 8 self-inflicted wounds — 2/7/14

A cause of death in Crane’s case has not be determined until a toxicology report is complete, according to a spokesperson for the Stamford detectives division.

The report is expected within two weeks.

A local technology website first reported she may have committed suicide, but later updated its report to say it was “unclear” how she died.

Broadcaster Channel NewsAsia said on its website Thursday that Radtke “was found dead at the bottom of an apartment block”.

Her death comes as the virtual currency community is in turmoil after the collapse of Tokyo-based MtGox, one of the longest-established Bitcoin exchanges, due to a suspected theft worth nearly half a billion dollars.

The Singapore Police Force said they received a call early on February 26 requesting assistance at a public housing block on the fringe of the central business district.

“A woman in her 20s was found lying motionless,” they said in a statement.

“She was pronounced dead at scene by paramedics. Police are investigating the unnatural death,” it added. “Preliminary investigations show that no foul play is suspected.”

The term “unnatural death” is used to refer to suspected suicides and other deaths not due to natural causes like an illness. The cause of death is subsequently determined by a coroner.

A US embassy official confirmed that Radtke is an American citizen and that it has provided assistance to her family.

News of Radtke’s death first surfaced in the technology startup community, which has a thriving presence in Singapore.

First Meta confirmed her death in a statement on its website but did not give a cause.

“Our deepest condolences go out to her family, friends and loved ones. Autumn was an inspiration to all of us and she will be sorely missed,” it said in a statement.

Dont our representatives in Congress have something better to do like….GO HOME and leave US ALONE?


The US House of Representatives subcommittee on Financial Institutions and Consumer Credit is to hold a hearing on data security this week.


p>These CLOWNS Cannot even balance their OWN BUDGET, KEEP THEIR OWN BANK BRANCH (It was finally closed after hundreds of millions on dollars FROM BOUNCED CHECKS), or do their own TAXES (Yeah lets not forget the Obama Budget is run by some idiot who owed the IRS millions in Back Taxes from which he was never charged like you or I would have been…Can’t read their OWN 2000 PAGE BILLS and have no idea what they SWORE TO GOD AND TO THE AMERICAN PEOPLE TO UPHOLD (Namely the Constitution of the United States)

Now they want to concern themselves with stuff they have no business sticking their dumb ass noses into and would not understand if their lives depended on it? Mind your own business you weenies and go take a vacation so the rest of the country can get back to the real world of making things work…..Absolutely EVERYTHING you touch BREAKS DOWN SO PLEASE KEEP your grubby paws off the infrastructure & security of our nation and internet and allow the free market to work it out as it was originally setup to do.

The House Committee on Financial Services said these data breaches underscore the serious threats to financial privacy and data security posed by individuals and criminal syndicates that seek access to personal financial information to commit fraud or identity theft.

The purpose of these hearings is to provide members of the subcommittee with a better understanding of why and how these breaches occur; what happens during and after a breach; what security measures are in place to prevent breaches and what types of payment system technologies are on the horizon that will help reduce the risk of future breaches.

Witnesses include representatives of the US Secret Service, US Department of Homeland Security, US Consumer Program, The Clearing House Payments Company and the Payment Card Industry Security Standards Council (PCI SSC).

Bob Russo, general manger of the PCI SSC, said the hearing will highlight the seriousness and complexity of data security issues and why businesses need to develop a multi-layered approach to protecting their customers.

“The PCI Standards provide a strong foundation for this approach, helping organisations make payment security part of their everyday business practices by addressing people, process and technology.

“We look forward to continuing our role as a leader in this area and building on the thoughtful and constructive dialogue to date with policy makers.

“We all want the same goal – systems that protect consumer data security from criminals,” he said.

Representing the PCI SSC is chief technology officer Troy Leach, who is expected to tell the hearing that while there is no single technology to secure payment card data, the PCI SSC is an excellent example of effective industry collaboration to develop private sector standards.

“The PCI [Data Security] Standards (PCI DSS) are the best line of defence against the criminals seeking to steal payment card data,” he is expected to say.

“And while several recent high profile breaches have captured the nation’s attention, great progress has been made over the past seven years in securing payment card data through a collaborative cross-industry approach, and we continue to build upon the way we protect this data,” Leach will say.

In 2011, the Ponemon Institute, a non-partisan research centre dedicated to privacy, data protection, and information security policy wrote: “The Payment Card Industry Data Security Standard (PCI DSS) continues to be one of the most important regulations for all organisations that hold, process or exchange cardholder information.”

Leach will say that while the PCI SSC is pleased to have earned accolades such as this, it cannot rest on its laurels. “The recent breaches at retailers underscore the complex nature of payment card security. A complex problem cannot be solved by any single technology, standard, mandate, or regulation. It cannot be solved by a single sector of society – business, standards-setting bodies, policymakers, and law enforcement – must work together to protect the financial and privacy interests of consumers,” he will say.

Leach will say there is no time to waste. “The PCI SSC and business must commit to promoting stronger security protections while Congress leads efforts to combat global cyber-crimes that threaten us all,” Leach is expected to conclude.

US military Plan X aims to make cyber war easy


Top US military technologists have been working on a program for the past year that is aimed at making cyber war relatively easy, it has emerged.

The news comes about a year since US reports said the country planned to fast-track the development of cyber weapons to give it the ability to create the means to attack specific targets.

The rapid development process would be aimed at responding to “urgent, mission critical” needs, said the Washington Post, citing a Pentagon report.

Now it has emerged that with Plan X, the US Defense Advanced Research Projects Agency (Darpa) is seeking to build a technology infrastructure that will enable cyber offense to move on from being a fine, handcrafted capability, according to Wired.com.

The aim is to industrialise the production of cyber offensive capabilities, make cyber weapons as predictable as traditional ones and make launching a cyber attack as easy as navigating a smartphone.

If cyber war is going to be routine, it is a key requirement that cyber weapons should be as easy to understand and use as traditional ones.

Plan X is being led by cyber security specialist Dan Roelker, who has worked with Frog Design to develop a prototype user interface for cyber war that maps network topologies and makes them easy to navigate.

At present, the prototype is not fully functional, but is being used by the Plan X team to visualise cyberspace and understand how to interact with and navigate it.

The aim is to develop the interface to the point that users can find and identify targets and then pick what weapons to deploy, based on criteria set by the US military.

According to US reports, Plan X has already received $5m to fund preliminary studies to find new ways to understand network topologies and develop a unique programming language for online warfare.

The first full phase of the $110m four-year program is expected to kick off later this summer when contracts are awarded for system architecture, battlespace analytics, mission planning and more.

By the end of the year, Roelker hopes to introduce a Plan X software developers kit similar to the one Apple uses to encourage developers to build apps for its smartphones.

The strategy is to out-innovate US adversaries, but the risk is that it could result in introducing destructive cyber capabilities into cyberspace that adversaries can re-engineer and add to their own arsenals.

This concern has been raised by Howard Schmidt, former cyber security coordinator for the Obama Administration, Eugene Kaspersky, founder and CEO of security firm Kaspersky Lab, and David Davis, MP for Haltemprice and Howden and former UK minister of state at the Foreign Office.

Kaspersky said governments must understand that cyber weapons are extremely dangerous and have to agree not to use them at the Kaspersky Cyber Security Summit in New York

Schmidt said any government that creates a cyber weapon in the belief that it will not be discovered, reverse-engineered and used against it is “playing with fire”.

At the ISSA London 2013 European Conference, Davis said there is a very real danger that cyber weapons such as Stuxnet can be adapted and used against those who developed the original.

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Cloud Consulting International


Ukraine and Russia locked in a cyber stand-off


Security experts have warned that Ukraine and neighbouring Russia are locked in a cyber stand-off amid diplomatic efforts to reduce political tensions between the two countries.

Ukraine has accused Russia of disrupting mobile communications in the wake of smaller-scale attacks in which Ukraine websites have been defaced with propaganda messages, reports the BBC.


In response, Ukrainian hacktivist group Cyber-Berkut claims to have vandalised 40 Russian websites since the dispute began, prompting speculation about an escalation of cyber conflict.

Russia is suspected of conducting distributed denial of service (DDoS) attacks on neighbouring Georgia in the run up to conventional military conflict in 2008.

Russia denied being behind the DDoS attacks on Georgia and has not commented on accusations that it is disrupting mobile communications in Ukraine and tampered with fibre-optic networks.

However, experts say it is unlikely that Ukraine will experience cyber attacks on the same scale as Estonia in 2007, when the country was hit by 10 days of attacks on its internet services.

The attacks coincided with a disagreement between Estonia and Russia over the relocation of a Soviet war memorial.

“It is pre-mature to talk of ‘cyber war’ or ‘cyber conflict’ in Ukraine,” said Jarno Limnell, director of cyber security, Stonesoft, a McAfee Group Company.

“Cyber is likely to be an element in any modern war, and while website defacements are ongoing, that is entirely different to ‘cyber war’,” he told Computer Weekly.

Limnell, a former advisor to the military and government in Finland, said any serious player in international politics has to possess strong cyber capabilities, both defensive and offensive.

But, he said cyber offensives are usually in the form of website defacements and propaganda ahead of any serious attacks on government services and critical national infrastructure.

Countries should think seriously before moving to serious attacks, said Limnell, because such attacks could scupper diplomatic effort to restore calm.

Serious cyber attacks can also have unpredictable and unintended side effects, and could boomerang on attackers, he warned.

Opponents to cyber weapons argue that once an attack has been unleashed, the weaponised malware can be analysed, repurposed and turned on attackers.

They have also raised concerns that, while there are established rules for conventional war, no such parameters have been established in the cyber world.

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

GoDaddy joins OpenStack to bolster cloud strategy


GoDaddy has officially joined the OpenStack Foundation as a sponsor, following rumours that swirled in January after the hosting and domain name manager posted an engineer job spec on LinkedIn. The move is intended to accelerate GoDaddy’s push into the cloud services sector.

The announcement will see GoDaddy chief technical officer Elissa Murphy and vice president of engineering Charles Beadnall lead the company’s involvement with the Foundation. The company said it also plans to hire more engineers focused on contributing to the OpenStack community.

“GoDaddy is continuing to shift business operations to the cloud and using open source platforms to do it. With the launch of the GoDaddy cloud platform, we’re making significant progress in building a powerful and unified platform for our small business customers,” said Murphy.

“By sponsoring the OpenStack Foundation, we’re making a strategic move toward building GoDaddy’s cloud platform services. We plan to continue to contribute to the code base and use it as our own cloud infrastructure, as well,” she added.

The news arrives a month after GoDaddy’s recently appointed executive vice president, chief infrastructure officer and chief information officer Arne Josefsberg told Business Cloud News that the company intended to make use of open source technologies where available, both for internal use and as the foundation of its services.

“GoDaddy’s reach will enable its 12 million users to realize the benefits of running their applications on open cloud technologies,” said OpenStack chief operating officer Mark Collier.

“Service providers offering OpenStack powered solutions are a cornerstone of OpenStack’s mission to be the ubiquitous, open platform for public and private clouds. We’re glad to have GoDaddy as a sponsor of the Foundation and look forward to their continued code and community contributions,” he added.

Since Josefsberg was hired the company has eyed a strategic overhaul, and a source close to one of OpenStack’s competitors claimed to Business Cloud News that the company needed better technologies to make its infrastructure more scalable if GoDaddy was to successfully expand its services to new customers.

“GoDaddy is already at a disadvantage because it isn’t able to match the infrastructure footprint of industry giants like Amazon, and therefore can’t achieve the same scale, despite its ability to offer more value-added services in the local underserved markets it’s targeting,” she said. “This is where cloud federation could provide a leg up.”

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

Safeway receives $9 million purchase bid from Cerberus


Safeway (NYSE:SWY) has reportedly received a $9 million purchase bid from Cerberus Capital Management LP. The agreement, worth about $40 a share, was disclosed Thursday afternoon by the Wall Street Journal.  Safeway’s board has yet to approve the sale, but will be voting on the agreement Thursday afternoon. If approved, the purchase will be announced after after the stock market closes Thursday.  The potential bid comes just days after Kroger, the nation’s largest grocery store chain, reportedly expressed interest in acquiring some of Safeway’s 1,335 stores. It’s unclear how a Cerberus offer would affect Kroger’s pursuit, however, sources close to the matter report that Kroger could still put up a bid after a Safeway deal with Cerberus is announced

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

Check Point unveils security architecture for threat-intelligence sharing


‘Software-Defined Protection’ architecture expected to lead to management console design

By Ellen Messmer

Network World – San Francisco — Check Point Software Technologies today said it is extending its security architecture to be able to incorporate more threat-intelligence data that could be shared with other vendor partners, with the goal of providing more adaptive prevention.

Calling this architecture “Software-Defined Protection,” the concept is to integrate valuable threat information provided by other vendors through a set of APIs, which will be introduced later this year. The architecture is defined in a document Check Point is publishing today.

According to Gabi Reish, vice president of product development at Check Point, it envisions three main security layers for security enforcement, control and management. The goal is for Check Point to introduce a new type of management console by midyear that would integrate threat information from multiple sources for the purpose of applying preventive measures both through Check Point products, such as its firewalls, and participating vendors supporting the architecture.

+ ALSO ON NETWORK WORLD Hot, new products from RSA Conference +

Dorit Dor, vice president of products, said Check Point is beyond just the conceptual phase of the new “Software-Defined Protection” and is testing it out in a pilot mode with a few participants, such as iSIGHT Partners. The intent is to have a new management console for enforcement and control within six months.

The architecture is part of the security firm’s effort to widen its scope far beyond its traditional firewall/IPS product lines which now handle many tasks, including sandbox anti-malware detection, for the enterprise. But Check Point faces the same questions as any other firewall vendor that primarily sells hardware appliances. The question is how to extend firewalling used in the enterprise network to the cloud in a world where mobile devices are increasingly important and enterprise data ends up stored in virtualized cloud environments, whether private clouds, software-as-a-service or infrastructure as a service.

Check Point is quietly working on establishing the equivalent of cloud-based firewalling services by setting up a new infrastructure for in about 20 data centers globally (the data centers aren’t owned by Check Point). The goal is to allow the traditional firewall customer to establish policy for mobile device and cloud services, for example, that would be able to enforce policy such as data-loss prevention. Check Point already has a virtual firewall that can be deployed in cloud environments. But it remains to be seen how newer ideas around “Software-Defined Protection” and perhaps cloud firewall services will play out later this year.

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

13 of today’s coolest network research projects


From Driverless cars to robots Securing the Internet & outsmarting cyber attackers to networked honey bees all subjects of new research

Network World – Here’s a whirlwind look at some of the wildest and potentially most useful technology research projects from university and vendor labs related to computer networking.

Time travelers, where are you?

Michigan Technological University has published a paper “Searching the Internet for evidence of time travelers” in which they used three search implementations for signs of content that should not have been known about at the time it was posted. This search for “prescient knowledge” hasn’t located any full-fledged time travelers yet on Twitter, email or Facebook, though the researchers did note that it’s possible such people could cover their tracks. “Although the negative results reported here may indicate that time travelers from the future are not among us and cannot communicate with us over the modern day Internet, they are by no means proof.” More here.

+ MORE ON NETWORK WORLD: 25 of today’s coolest network research projects +

Optimizing computing

A group of researchers at the Massachusetts Institute of Technology have devised a potentially more effective way of helping computers solve some of the toughest optimization problems they face.

Their new algorithm is more computationally effective than other approaches, because it scales in a “near-linear” fashion, according to Jonathan Kelner, an associate professor of applied mathematics at MIT and a member of MIT’s Computer Science and Artificial Intelligence Laboratory, who co-authored the new algorithm.

“The running times for previously known algorithms scaled substantially worse than linearly,” Kelner wrote by email, meaning that as a problem becomes more complex, the performance of the computer undertaking the problem slows dramatically.

One day, an airline might want to use this optimization algorithm to find the most efficient way of scheduling its flight crews, for instance. Or a router may use it to calculate the fastest path through a busy network. More here.

Microsoft: We know you’re driving

Microsoft researchers are working on a smartphone app that can tell whether the device is being used by a driver or passenger (today it’s pretty easy to lie to apps like Waze).

“While the core problem can be solved relatively easily with special installations in new high-end vehicles (e.g., NFC), constraints of backward compatibility makes the problem far more challenging. We design a Driver Detection System (DDS) that relies entirely on smartphone sensors, and is thereby compatible with all automobiles,” the researchers state.

Not showing any Windows Phone bias, the researchers’ initial prototypes work on Android NexusS and Apple iPhones, and have shown greater than 85% accuracy.

More here.

Leave our utilities alone!

The U.S. Department of Energy has doled out some $30 million to 11 security vendors and organizations to help devise systems to detect and nix cyberattacks on critical infrastructure such as utilities and power grids. Georgia Tech Applied Research Corp., Grid Protection Alliance and Schweitzer are among those outfits on the job. A government report issued last year indicated that U.S. power companies are under frequent attack.

More here.

The right time for cyber conflict

University of Michigan researchers have published a paper regarding the timing of cyber conflict, looking at things from the perspective of a cyber attacker but providing information that might be used to sniff out such attacks. The researchers looked at past cyber attacks such as Stuxnet to build their mathematical model, which weighs things such as the reason for attack vs. the optimal timing. “The heart of our model is the trade-off between waiting until the stakes of the present situation are high enough to warrant the use of the resource, but not waiting so long that the vulnerability the resource exploits might be discovered and patched even if the resource is never used,” the authors wrote.

Robots get a Web of their own


After four years of research, the European team behind the cloud-based RoboEarth project demoed their World Wide Web for robots, showing four robots working together in a hospital setting. The robots, including both the classic R2-D2 type and more humanoid C-3PO type, used RoboEarth as a combination Wikipedia-like database, but also as a communications network and computer processing system. The goal is for robots to learn from each other to get smarter.

Self-driving cars bring Ford, techie schools together

Ford is enlisting top U.S. universities to make self-driving cars a reality, hoping researchers at the Massachusetts Institute of Technology can come up with advanced algorithms to help vehicles learn where pedestrians and other automobiles will be located.

“We’re using data from the sensors both on board and off board,” said Jonathan How, director of the MIT-Ford Alliance and a professor of aeronautics at MIT. He said that the system isn’t just using the car’s Lidar system, which captures a 3D view of its surroundings using spinning cameras, but crosswalk signs and traffic lights. Near term, How hopes MIT will have driverless shuttles on its campus ordered up via smartphone apps.

On the West Coast, Stanford University researchers are tasked with helping cars see around obstacles. More here.

RFID is bee’s knees


Australia’s Commonwealth Scientific and Industrial Research Organization (CSIRO) is fitting up to 5,000 honey bees with tiny RFID sensors to monitor the insects in hopes of helping improve pollination and productivity on farms and to try to get to the bottom of widespread colony collapse that so far has spared Australia.

“Using this technology, we aim to understand the bee’s relationship with its environment,” says CSIRO Science Leader Paola de Souza. “Bees are social insects that return to the same point and operate on a very predictable schedule. Any change in their behaviour indicates a change in their environment. If we can model their movements, we’ll be able to recognise very quickly when their activity shows variation and identify the cause. This will help us understand how to maximise their productivity as well as monitor for any biosecurity risks.”

Mosquitos and fruit flies listen up: even smaller sensors are being prepped for you.

More info.

Whale-friendly underwater communications breakthrough

University of California, San Diego researchers have shown that an artificial material made from nanopatterned layers of silver and silicon can speed up the blinking of LED systems used for underwater communications. An 80-fold increase in brightness, as demonstrated, could even pave the way for wireless optical communications systems under water, a development that might be welcomed by whales and other sea life that is possibly bothered by current acoustical communications systems used for ship-to-ship and other maritime interactions. More here.

Facebook out-researches Princeton University

After Princeton University researchers published a paper  in January in which it uses epidemiological models to suggest that Facebook’s fast rise could be followed by a fast decline, too. The conclusion really got Facebook’s attention: “Extrapolating the best fit model into the future suggests that Facebook will undergo a rapid decline in the coming years, losing 80% of its peak user base between 2015 and 2017.”

So much so, in fact, that Facebook cheekily responded to Princeton’s “innovative use of Google search data” with some research of its own about Princeton’s prospects for survival. Facebook’s findings: “In keeping with the scientific principle ‘correlation equals causation,’ our research unequivocally demonstrated that Princeton may be in danger of disappearing entirely.”

Disappearing microprocessors

While it might seem as though microprocessors have shrunken so much over the years that they practically have disappeared, they’re still around. But the Defense Advanced Research Projects Agency (DARPA) has handed IBM $3.4 million to come up with disintegrating processors under DARPA’s Vanishing Programmable Resources program. The idea is that if these things fall into the wrong hands, there won’t be anything left of them to worry about.

According to a synopsis in the award document, DARPA states: “A trigger, such as a fuse or a reactive metal layer will be used to initiate shattering, in at least one location, on the glass substrate. An external RF signal will be required for this process to be initiated.” More here.

Sadists and psychpaths

A new research paper from three Canadian universities is titled “Trolls just want to have fun,” but the researchers’ conclusion is in fact that trolling on the Internet “correlated positively with sadism, psychopathy, and Machiavellianism.”

For those of us who aren’t researchers or trolls, the conclusion that these anonymous troublemakers aren’t quite normal comes as no surprise.

Laser focused

Five years of work by California Institute of Technology researchers seems to have paid off: They’ve developed a new laser they claim has the potential to boost data transmission rates on optical fiber networks by orders of magnitude vs. existing laser technology with its beginnings in the 1970s.

The breakthrough comes from the lab of Amnon Yariv, a professor of applied physics and electrical engineering, and was led by postdoctoral scholar Christos Santis (PhD ’13) and graduate student Scott Steger. Their work focused on creating a purer laser light emitting just one frequency and they did so in large part by coming up with a way to store light in a layer of silicon that doesn’t absorb light.

The work has been funded by the Army Research Office, the National Science Foundation, and the Defense Advanced Research Projects Agency. More here.

IDG News Service and Network World staff contributed to this report.

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International


Federal Agencies Struggle to Implement Cloud First


By Bernadette Wilson

cloudfirst mandate

In the news, federal agencies struggle to implement Cloud First, and the June deadline for cloud service providers to comply with FedRAMP is approaching.

Government Agencies Consider Using Cloud Brokers

A FedTech article details Texas’ “cloud brokerage” pilot program. The National Institute of Standards and Technology (NIST) defines “cloud broker” as “an entity that manages the use, performance and delivery of cloud services and negotiates the relationships between cloud providers and cloud consumers.” Government agencies could benefit from using a cloud broker who can better compare costs and handle security and compliance procedures vetting.  Cloud brokers could play a significant role in the federal Cloud First initiative.

Will Your Customer Require FedRAMP Security Authorization?

The Federal Risk and Authorization Management Program (FedRAMP), which includes security assessment, authorization, and continuous monitoring for cloud products and services has a June deadline for cloud service providers that work with federal agencies. These providers will have to meet program requirements, apply or work with a sponsoring agency to make a submission to FedRAMP for authorization, have a third-party assessment, and provide continuous monitoring and reports to FedRAMP.

Federal Agencies Face Difficulties Implementing Cloud First

An Accenture Federal Services and Government Business Council report, “The Road Ahead: 3 Years After Cloud First.” Roadblocks to transitioning to the cloud include agencies submitting incomplete migration plans to the Government Accountability Office. More than two-thirds of agencies surveyed said they lack the staff to execute a cloud strategy, and would face expenditures to hire or train an employee. The study reveals only 10 percent of agencies have migrated more than one-half of their IT portfolio to the cloud, and 58 percent were not aware of any cloud strategy at their agencies.

MeriTalk’s Cloud First Consumer Guide also highlights some of the issues with agencies adopting Cloud First. The guide includes results of a survey of federal IT professionals, who rated cloud companies, the cloud offering itself, providers, brokers, and systems integrators. Systems integrators received a rating of “good” for messaging and collaboration, and “excellent” for support applications.

Government IT Talking Points

UPI reports 2 Israeli air force pilots received five days in jail, one was fined, and 11 received suspended sentences for storing military secrets on their smartphones. Information included photographs of documents and maps. The investigation began after one of the pilots lost his cellphone.

Gigaom reports a record-breaking distributed denial-of-service (DDoS) attack occurred Monday, more extensive than Spamhaus last year. This attack, reported primarily in Europe, was aimed at interfering with the accuracy of computers’ clocks.

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

Microsoft Lets Agencies Test Government-Only Cloud


Microsoft lets federal agencies take its newly operational Azure for Government for a “shakedown cruise.”

Microsoft has begun giving a select group of federal customers the chance to put Microsoft’s new government-only cloud service through a series of private tests. “The processes, people, technology, and infrastructure are all in place. We want real-world test loads,” for a shakedown cruise, said Greg Myers, VP of federal sales, in announcing the news Tuesday at Microsoft’s US Public Sector Federal Executive Forum in Washington.

Although Microsoft’s commercial Azure cloud offering has received authority to operate under the FedRAMP program for cloud services, the new government platform — announced last fall and called Azure for Government — has not yet been certified.

The government-only offering is housed in two specially constructed datacenters located in the United States and isolated physically and logically from the public cloud. All personnel will be US citizens screened for moderate public trust clearance and the servers will house only data from federal, state, and local government customers. The new platform, although operational, is not finished and will keep evolving to provide enhanced security, said Myers.

“We see this as a dynamic environment,” he said. “It is very labor intensive, very capital intensive. It’s not an environment for the weak.”

A dynamic system is necessary to provide adequate security, because defense in modern, complex systems requires the ability to respond and adapt, said David Aucsmith, senior director of Microsoft’s Institute for Advanced Technology for Governments.



John Pepper, computing and network services director at Sandia National Laboratories, talks about using unified communications at Microsoft's US Public Sector Federal Executive Forum.

John Pepper, computing and network services director at Sandia National Laboratories, talks about using unified communications at Microsoft’s US Public Sector Federal Executive Forum.

Aucsmith, an author of the Defense Department’s 1985 Orange Book, Trusted Computer System Evaluation Criteria, said at the federal forum that after 30 years of trying, “I do not believe you can create a secure computer system.”

The complexity of IT systems makes it impossible to understand them fully, and this complexity makes it impossible to specify conditions and requirements with enough granularity to ensure security, he said. Testing and built-in processes are necessary but not sufficient to ensure security.

Because “we don’t know what we don’t know,” any static system will become vulnerable to an adversary, Aucsmith added. The only effective defense requires the ability to recognize and respond to threats, which includes keeping systems fully patched and up-to-date.

Because patching and updating IT systems in a large enterprise is complex and time consuming, cloud platforms can provide enhanced security because dedicated staff can handle these jobs for multiple customers, and usually deploy them more quickly, he said. Patches represent a healthy way to combat adversaries. But if enterprises don’t apply the patches quickly — within about five days of release — hackers can get the upper hand by exploiting the vulnerabilities revealed by patches.

“Hackers today are better organized, certainly better financed, and outcome driven,” said forum guest speaker Tom Ridge, the former Pennsylvania governor who helped lead the creation of the Homeland Security Department. “There’s still some people in the private sector that see a (cyber threats) as an IT problem instead of a business risk.”

Azure for Government initially will host workloads with higher security clearances than usual and will not take the place of the commercial Azure offering, which still will be available to government customers. But Myers said that eventually the new platform would become the default for all government customers.

There is no timeline for general availability of the new offering, but the next step in the rollout, a public preview, is expected in late spring.

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

Awesome Photography Site & 40 Must-See Photos From The Past @PulpTastic

We came across this selection of astonishing photos from the past, thanks to Reddit user epicnesshunter. Some of these are absolutely mind-boggling, but what makes most of them so powerful is that they were taken in the past century, just one or two generations away from us.

#1. Woman With A Gas-Resistant Pram, England, 1938

#2. Unpacking the head of the Statue of Liberty, 1885

#3. Elvis in the Army, 1958

#4. Animals being used as part of medical therapy, 1956

#5. Testing of new bulletproof vests, 1923

#6. Charlie Chaplin at age 27, 1916

#7. Hindenburg Disaster, May 6, 1937

#8. Circus hippo pulling a cart, 1924

#9. Annette Kellerman promotes women’s right to wear a fitted one-piece bathing suit, 1907. She was arrested for indecency

#10. Annie Edison Taylor, the first person to survive going over Niagara Falls in a barrel, 1901

#11. 106-year-old Armenian Woman guards home, 1990

#12. Baby cages used to ensure that children get enough sunlight and fresh air when living in an apartment building, ca. 1937

#13. The original Ronald McDonald, 1963

#14. Disneyland Employee Cafeteria in 1961

#15. Advertisement for Atabrine, anti-malaria drug, in Papua, New Guinea during WWII

#16. Soldier shares a banana with a goat during the battle of Saipan, ca. 1944

#17. Little girl with her doll sitting in the ruins of her bombed home, London, 1940

#18. Construction of the Berlin wall, 1961

#19. Unknown soldier in Vietnam, 1965

#20. Bookstore in London ruined by an air raid, 1940

#21. Walter Yeo, one of the first to undergo an advanced plastic surgery and a skin transplant, 1917

#22. Measuring bathing suits – if they were too short, women would be fined, 1920′s

#23. Martin Luther King with his son removing a burnt cross from their front yard, 1960

#24. Hotel owner pouring acid in the pool while black people swim in it, ca. 1964

#25. Lifeguard on the coast, 1920′s

#26. Artificial legs, UK, ca. 1890

#27. Mom and son watching the mushroom cloud after an atomic test, Las Vegas, 1953

#28. Mother hides her face in shame after putting her children up for sale, Chicago, 1948

#29. Austrian boy receives new shoes during WWII

#30. Hitler’s officers and cadets celebrating Christmas, 1941

#31. Christmas dinner during Great Depression: turnips and cabbage

#32. The real Winnie the Pooh and Christopher Robin, ca. 1927

#33. Last prisoners of Alcatraz leaving, 1963

#34. Melted and damaged mannequins after a fire at Madam Tussaud’s Wax Museum in London, 1930

#35. A space chimp posing to camera after a successful mission to space, 1961

#36. Illegal alcohol being poured out during Prohibition, Detroit, 1929

#37. Princeton students after a freshman vs. sophomores snowball fight, 1893

#38. 23 year-old Evelyn McHale’s suicide – she jumped from the 83rd floor of the Empire State Building and landed on a United Nations limousine, 1947

#39. Suntan vending machine, 1949

#40. First morning after Sweden changed from driving on the left side to driving on the right, 1967

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

CloudWiser Startup Funding Roundup


CloudWiser Startup Investment Roundup

The following is our roundup of the top VC deals of Feb. 2014
San Francisco-based private communications startup Wickr has raised a Series A round of $9 million led by Alsop Louie Partners with participation from angels including Thor Halvorssen, Gilman Louie, Richard A. Clarke, and Eileen Burbidge. Wickr has developed a messaging app that lets users send encrypted and self-destructing messages to make social networking a more protected experience. Founded in 2012, Wickr will use the new investment to fund product development and build out its business model.

London-based company data source DueDil has raised $17 million in a Series B round led by Oak Investment Partners with participation from existing investors Notion Capital and Passion Capital. The largest source of private company information in the UK, DueDil provides company and director data on private companies in over 22 countries. Launched in mid-2011, DueDil has raised a total of $22 million and will use the new funds to continue product growth and expand into new countries.

London-based travel startup Top10.com has raised $8 million in a Series B round led by Balderton Capital. Top10 is a hotel search platform that aggregates review scores, location, popularity, price, and other features to create a shortlist of 10 recommendations for each search. Founded in 2011 with a pivot in early 2013 to focus on solely hotel search, Top10 plans to use the new funds to expand its team and reach in Europe.

Chinese personal finance app developer Wacai has raised $15 million in Series A+ funding from QiMing Venture Partners. Wacai’s core product is a bookkeeping service that claims over 60 million users and includes features for buying monetary, stock, and bond funds within the app. Wacai has raised nearly $30 million to date from investors including IDG Capital Partners and CDH Investments, and will use the new investment to expand its team and fund product development.

New York-based learning community Skillshare has raised $6.1 million in new venture funding from undisclosed investors. Skillshare is a community marketplace where people can offer classes to others on a variety of real-world skills. Founded in 2010, Skillshare has raised over $10 million to date from a list of investors including Spark Capital, BoxGroup, Union Square Ventures, and SV Angel.

Mountain View-based mobile gaming platform Midverse Studios has raised $6.5 million in new funding from IDG Capital Partners, Signia Ventures, and IDG-Accel China. Midverse has developed an app marketing and user retention solution focused on acquiring and engaging users in Android. Founded in 2012, Midverse will continue working on features to incentivize users and boost quality engagement.

Cambridge-based distributed database management company NuoDB has raised $14.2 million in an extended Series B round led by Dassault Systèmes with participation from previous investors Morganthaler Ventures, Hummer Winblad Venture Partners, and Longworth Venture Partners. NuoDB is an operational database management system that handles transactions, interactions, and observations to maintain business continuity and gain operational intelligence in real-time. Founded in 2012, NuoDB has raised $26.2 million in funding to date.
Mountain View-based mobile marketing startup Kahuna has raised $11 million in Series A funding from Sequioa Capital. Kahuna helps marketers test and automate their push notifications so that apps can send fewer yet more effective promotional messages. Founded in 2011 and launched last fall, Kahuna will put the new funds toward production of new engagement channels and additional forms of marketing automation.
San Mateo-based educational game developer If You Can has raised $6.5 million in a Series A funding led by Greylock Partners with participation from Almaz Capital. “IF…” by If You Can is a chapter-based adventure game for iPad that helps children ages 7-11 learn social and emotional skills. Founded in 2012, If You Can has raised $9.3 million to date, with previous investors including Andreessen Horowitz, Founders Fund, and Maveron.

Mountain View-based web security startup Shape Security has raised $40 million in Series C funding led by new investors Norwest Venture Partners and Sierra Ventures with participation from Kleiner Perkins, Venrock, Google Ventures, TomorrowVentures, and Allegis Capital. Shape emerged from stealth last month with an enterprise product, ShapeShifter, that fights automated malware and bots with a firewall that shifts its shape depending on the attacker. Shape has raised $66 million to date and will put the new funds toward continued development of ShapeShifter and building out its global salesforce.
Palo Alto-based alternative power company d.light has raised $11 million in Series C funding from DFJ, Omidyar Network, Nexus India Capital, Gray Ghost Ventures, Acumen Fund and Garage Technology Ventures. d.light manufactures and distributes affordable solar lighting and power products, providing households and small business throughout the developing world with access to power and renewable energy. Founded in 2007, d.light has raised over $22 million to date and will use the latest funding to accelerate product development and expand distribution in developing markets.
Austin-based self-storage marketplace SpareFoot has raised $10 million in a new funding entirely from Insight Venture Partners. SpareFoot’s free online marketplace lets customers find and reserve storage units in the U.S. and provides a platform for local storage facilities to list rates and availability. Founded in 2008, SpareFoot has raised around $6 million to date and will use the new funds to expand engineering teams and continue building out its platform.

Cambridge, MA-based stealthy wearable device startup Quanttus has raised $19 million in funding from Khosla Ventures and Matrix Partners. Quanttus is developing wearable vital sign monitoring technology that can capture and analyze more than half a million vital sign data points per day. Founded in 2012 out of MIT, Quanttus will use the funds to continue testing and improving its wearable devices.
London-based e-commerce analytics company eCommera has raised $41 million in a Series C round led by Dawn Capital with participation from ePlanet Capital, Frog Capital, West Coast Capital, WPP, and WTI. eCommera’s data analytics software uses retail data to help retailers make better decisions around customer service to drive online sales and growth. Founded in 2007, eCommera will use the new capital to accelerate global growth, specifically in the North American market.
San Francisco-based farming software and analytics startup Granular has raised $4.2 million in funding from Andreessen Horowitz, Google Ventures, and Khosla Ventures. Granular, formerly known as Solum, was founded as a soil science and analytics company but has just sold its soil science business to Monsanto in order to focus on building out its cloud business software and analytics platform for farmers. Granular will use the funds to expand its engineering, sales and customer service teams.

By Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

MX3D-Metal 3D Printer Creates Complex Metal Objects in Thin Air


Amsterdam-based Joris Laarman Lab teamed up with the Institute for Advanced Architecture of Catalonia (IAAC) to design a 3D printer that can produce complex metal objects in thin air. MX3D-Metal is a combination of a 3D printer and a welding machine that can print lines of steel, stainless steel, aluminium, bronze or copper. The device made its debut at the Fabricate2014 Digital Fabrication Conference in Zurich, Switzerland.

The MX3C-Metal 3D printer can manufacture complex metal forms that include irregular and non-horizontal surfaces. This breakthrough technology has finally moved away from the build platform and has opened the door to free-form 3D printing of material that doesn’t need additive layers. A robotic arm extrudes a special fast-curing resin and can 3D print objects independent of their inclination, smoothness or shape.

The device will have to use an interface that will allow the user to print directly from CAD. Vertical, horizontal and spiraling lines require different settings such as pulse time, pause time, layer height and tool orientation which should be incorporated into the software, currently being developed by experts at Joris Laarman Lab and IAAC.

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

WARNING: Hacked NETFLIX APP Found to be Sending Credit Card & Passwords to Hacker Server in Russia, Even found Installed on New Phones!


Pre-article Commentary: by Jarrett Neil Ridlinghafer

Steps You Should Take Immediately

  1. Disable Netflix so it can do no more harm, if it is corrupted – I go into your phone settings and “Disable your Netflix App” if you have it installed on your Android or iOS device
    • On my Android HTC One you can do that by going into “Settings > Applications > > All (Fling the screen to the right two screens so it shows the  “ALL” Menu on the top) > Scroll down to Netflix and click on it. Inside select “Disable Application” when it asks if you really want to, click Yes or OK whichever it has
  2. Install an Antivirus Protection:
    • Go to Google Play and download one of the following Antivirus Applications:

The Android and Apple Operating Systems are both Unix/Linux based systems instead of windows which means although you do not have the same risks and vulnerabilities you will find in a windows operating system, instead it has its own set of vulnerabilities such as root-kits and  the most common way to hijack a UNIX machine other than directly penetrating an open port is via malware which, unlike a Trojan which is a separate app hiding inside a normal app, malware has completely taken over an app like Netflix. It sill works exactly like Netflix App so you never know there is anything wrong however, the hacker has “hacked the code” and modified it to do a lot more than just allow you to watch movies, it now has little mini-me criminal agents running around on your phone in disguise and stealing credit card data, usernames & passwords etc. Successful Malware attacks according to the reports I’ve read, have increased 20% over 2013 due to the rise in smartphone/mobile device sales

They are all highly reputable and recommended security and antivirus vendors who have all been developing software for the PC market for years and these are their new Mobile app versions. So you can rest assured any one of them will offer the best protection currently available today. What do I use? I’ve been using AVG for many years and believe it is the best free software available for both the Windows PC and Android OS, but again I’ve used each of the ones above with the exception of 360 which is made by a company I’ve never heard of however they have over 1.5 million downloads of their app with 4.5 of 5 stars as their average which means it is offering top of the line protection that people like.

IDG News Service – David Jevans, CTO and founder of Marble Security, recently received some bad feedback from a potential customer testing his company’s product, which helps organizations manage and secure their mobile devices.

“They basically said ‘Your stuff doesn’t work’,” Jevans said. “It thinks Netflix is malicious.”

Marble Security performs static code analysis of Android and iOS applications, which shows what the code is supposed to do. Apps are also run through an emulator with instrumentation that allows analysts to get a larger view of how an application performs. They also check an app’s network traffic to see if it is communicating with known malicious servers.

After taking a close look at the suspicious application, Jevans said they found it wasn’t the real Netflix app.

“We’re like, yeah, this isn’t the real Netflix,” Jevans said “You’ve got one that has been tampered with and is sending passwords and credit card information to Russia.”

Security experts have long warned that downloading applications from third-party marketplaces for the Android platform is risky since the applications have often not undergone a security review. Google patrols Android apps in its Play store, but malicious ones occasionally sneak in. Apple’s App Store is less affected due to the company’s strict reviews.

With the fake Netflix application, the organization told Marble Security the app was pre-installed when it bought the device. Marble Security then looked at devices from its other customers and found the problem was widespread. They found a fake version of Netflix on phones and tablets from at least four different manufacturers, Jevans said.

“We suspect for most of them, it is preinstalled,” Jevans said.

Marc Rogers, principal security researcher with Lookout Mobile Security, said his company has seen instances of malware show up on new phones. Lookout found a variant of a family of Chinese malware on new devices imported on the gray market from China.

“We can say that we’ve seen malware authors target device supply chains as a way to install malware in a device before it ends up in the hands of a customer,” Rogers said via email.

It is possible that somewhere in the supply chain, a bundle of applications that were not vetted well were installed on hundreds of thousands of devices, Jevans said.

The applications in those bundles “are rarely run through anti-malware or privacy leak detection software,” he said.

Another possibility is that companies are buying refurbished phones, which may have taken a loop through another supply chain with loose security controls.

Marble Security found the fake Netflix app on six devices from Samsung Electronics: the GT-N8013 Galaxy Note tablet, the SGH-1727 Galaxy S III phone, the SCH-1605 Galaxy Note 2 phone, the SGH-1337 Galaxy S4 phone, the SGH-1747 Galaxy S III phone and the SCH-1545 Galaxy S4 phone.

Samsung spokeswoman Jessica Baker said in an email that “if there is a fake Netflix app on the devices, it is something that was not preloaded by Samsung or U.S. carrier partners.” Netflix spokesman Joris Evers said the company did not have a comment.

The fake app was also found on three Motorola Mobility devices, the Droid Razr, Droid 4 and Droid Bionic; two Asus tablets, theA Eee PadA Transformer TF101 and the Memo Pad SmartA MT301; and on LG Electronics’ Nexus 5 phone. Those companies didn’t respond to a queries asking for comment.

Jevans said it’s not Netflix’s fault, as the company is just an attractive target for cybercriminals. At least four different fake versions of Netflix were found by Marble’s analysts, some of which were a modified clone of the real application.

Ideally, an application’s hash — a mathematical calculation of the exact size of the program — should be compared to that of the legitimate application before it is installed at a factory, Jevans said. If those figures are different, it may signal a fake.

Also, the application’s security certificate should be checked to ensure it is not self-signed, a trick that some malware writers use to make their software look more legitimate.

“People aren’t checking the apps that are on these things,” Jevans said.

By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

NASA Administrator Bolden’s Statement on the Agency’s FY 2015 Budget Request


The following statement is from NASA Administrator Charles Bolden on the Obama Administration’s budget request for the 2015 fiscal year:

“Today, President Obama released his Fiscal Year 2015 budget request for the nation, and there is a lot of good news in it for NASA. The president’s funding plan for America’s space program reaffirms the path we are on, and will keep us moving forward — pushing farther in the solar system and leading the world in a new era of exploration.

“Through NASA’s work at all of our centers, our nation is recognized for scientific and technological leadership and knowledge-sharing that improves lives all around the world.

“Over the past six years, the Obama Administration has invested more than $100 billion in America’s space program, including the $17.5 billion that is part of this year’s budget. The president’s budget, once again, affirms the bi-partisan strategic exploration plan agreed to with the Congress in 2010.  It keeps us moving toward the missions and breakthroughs of tomorrow even as it enables the tangible successes of today.

“This budget keeps us on the same, steady path we have been following – a stepping stone approach to send humans to Mars in the 2030’s. It’s a path that has seen many recent successes, from the launch of the Global Precipitation Measurement mission last week — the first of an unprecedented five Earth Science launches this year — to returning space station resupply missions to U.S. soil with private American companies… to the power-up of Orion and the countdown toward its first flight test later this year… to the final mirrors for the James Webb Space Telescope being delivered.

“This budget ensures that the United States will remain the world’s leader in space exploration and scientific discovery for years to come. The budget supports the administration’s commitment that NASA be a catalyst for the growth of a vibrant American commercial space industry, and keeps us on target to launch American astronauts from right here in the USA by 2017, ending our reliance on others to get into space and freeing us up to carry out even more ambitious missions beyond low-Earth orbit.

“We are committed to the International Space Station, and the latest extension guarantees we’ll have this unique orbiting outpost for at least another decade. This means an expanded market for private space companies, more ground-breaking research and science discovery in microgravity – and additional opportunities to live, work and learn in space over longer and longer periods of time.

“This budget keeps NASA’s deep space exploration program on track by funding the Space Launch System (SLS) and Orion crew vehicle to take American astronauts farther into the solar system than we have ever gone before.  Our stepping stone approach to sending humans to Mars involves continued research on the space station, testing our new capabilities beyond the moon, exploring an asteroid and ultimately sending a crewed mission to the Red Planet.

“In order to carry out these pioneering missions, we have to develop technologies for our asteroid redirect mission that will lead to the subsequent first crewed mission to Mars.

“This budget funds all elements of that stepping stone approach, and actually increases funding for space technology development and other efforts that will support the first crewed flight of SLS to an asteroid.

“In the coming year, we’ll build on our nation’s record of breathtaking and compelling scientific discoveries and achievements in space, with science missions that will reach far into our solar system, reveal unknown aspects of our universe and provide critical knowledge about our home planet.  It includes funding for missions to Mars and the formulation for a mission to Jupiter’s moon, Europa. It also funds science missions already heading toward destinations such as Jupiter and Pluto and operating throughout the solar system, a mission to study our planet’s magnetic system, and steady progress on the James Webb Space Telescope.

“Under this budget, our pioneering aeronautics research program will continue to focus on substantially reducing fuel consumption, emissions and noise – and help make the Next Generation Air Transportation System, or NextGen, a reality.

“All of the investments we make at NASA help drive technology and innovation, spur economic activity and create jobs. That is why under the president’s Opportunity, Growth, and Security Initiative, with Congressional approval, NASA will receive nearly $900 million in additional funding in FY15 to focus on specific priorities. This “invest in America” initiative recognizes that the type of innovation and technology development we do helps create opportunity, grow our economy and secure our future.

“The Fiscal Year 2015 budget advances NASA’s strategic plan for the future, and with it we’ll continue to build on U.S. preeminence in science and technology, improve life on Earth and protect our home planet, while creating good paying jobs and strengthening the American economy.

“The passion and dedication of the NASA workforce has taken us to new heights over the past 50-plus years. Today, we build on that strong foundation and carry out new pioneering missions to lead the world and reach even higher.  Working together, we turn science fiction into science fact and make the impossible possible.”

The NASA budget and supporting information are available at:


By: Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

Social Media…Its Not all Bad. A Remarkable 99 Year Old Veteran Served the Respect he deserved through the power of Social Media

This Veteran Died Without Any Friends Or Family. But Then Something Remarkable Happened.

Harold Percival was a veteran who had served with the Royal Air Force during World War 2. He died on October 25th 2013 in Lytham St Annes, England, at the age of 99. After realising he had no friends or relatives alive, his nursing home placed an advertisement in the local newspaper asking military personnel to attend the funeral service, expecting a humble turnout to pay their respects to this fallen hero.

What happened next was remarkable. After the story started trending on social media sites Facebook and Twitter, hundreds of soldiers, veterans and civilians gathered at the crematorium overnight to pay their respects to Percival, who had served with the Royal Air Force during the war.

In fact, so many people had attended that the roads around the crematorium were blocked with traffic, with the crowds spilled out of the building, the Daily Mail reported.

Percival served as ground crew on the famous Dambusters raids carried out in May 1943. 

The Dambusters theme was played as his coffin, wrapped in the Union flag, was carried in to the crematorium.

Many of those who attended the ceremony were dressed in military uniforms, and they applauded as the hearse carrying his coffin arrived.

The Reverend Alan Clark told mourners they had “come in numbers surpassing anything that was expected. Not because you knew him, but because each of us has a common humanity.”

Best Practices for Cryptocurrency Adoption

Source: Pat Litke and Joe Stewart
Dell SecureWorks Counter Threat Unit™ Threat Intelligence
Release Date: 27 January 2014


Bitcoin is a digital currency and payment system introduced in 2009. It is a cryptocurrency, so-called because it uses cryptography to control the creation and transfer of money. When working with Bitcoin, wallet security is the name of the game. A Bitcoin wallet is a collection of private encryption keys that can unlock funds sent to their corresponding public keys, or Bitcoin addresses. Whoever controls the private key of a Bitcoin address can spend the funds it contains. Once funds are transferred (that is, signed over to another Bitcoin address), the original owner cannot retrieve them. Essentially, holders of Bitcoin act as their own bank. No one can seize funds without the private key, but no one can replace funds if the private key is lost or stolen.
Ultimate responsibility for the security of a large sum of Bitcoins may be intimidating, but transacting with Bitcoin does not need to be a daunting or risky task.
This analysis requires a basic understanding of the following concepts as they relate to Bitcoin:

  • Addresses
  • Mining
  • Wallets

The official Bitcoin glossary provides easy to understand definitions. Additional technical information, including answers to frequently asked questions, can be found on the Bitcoin wiki.

  • Wallet fundamentals
  • Real-world wallet loss

These two examples of poor security practices and subsequent ramifications illustrate some of the avoidable risks associated with cryptocurrencies such as Bitcoin. According to a news story, a laptop discarded in mid-2013 hosted a wallet containing approximately 7,500 Bitcoins. Bitcoins weren’t valuable in 2009 when they were mined, so the wallet was not backed up. At present value, this user’s loss can be calculated in millions of dollars.

Lesson: Back up your wallet!

In 2012, the BTC-E crypto-currency exchange was hacked and lost 4,500 Bitcoins. People who stored Bitcoins in the exchange lost all their funds. Fortunately, BTC-E was able to reimburse customers, but this same scenario has been repeated several times at other exchanges without a positive outcome.

Lesson: Trusting someone with your wallet is a bad idea.

Keeping your wallet safe

A wallet on a device that has network connectivity is at risk. Bitcoin is very much on the radar of computer criminals and Bitcoin-harvesting malware is increasingly popular. A wallet is stored on a device that is not connected to the Internet (or any network), becomes much more difficult to steal.

Types of wallets

Online wallet

An online wallet is “online” in the sense that the client is connected to the Internet, versus a wallet accessed via a website, which is known as a web wallet. The online wallet is the “traditional” type of wallet implemented in the Bitcoin reference client, as well as used by most desktop and mobile Bitcoin clients. Keypairs are stored in a file on the local device and accessed by the Bitcoin client that is connected directly to the Bitcoin peer-to-peer network.

Online wallet risks:

  • Physical theft of device
  • Hard drive failure
  • Theft of wallet file by malware

Online wallet risk mitigations

Use of wallet encryption is recommended when a wallet file is created on a networked device. However, malware that can steal a wallet file can also record decryption passphrases as they are entered on the keyboard or pasted from the clipboard. Therefore, the best mitigation is to avoid using this type of wallet.

Brain wallets

Because a private key is essentially a very long number, a wallet need not be stored in digital or written format. The private key could simply be memorized. However, as most humans are unable to reliably remember numbers with dozens of digits, there are shortcuts that can produce a “brain wallet” that is completely non-physical, existing only in the memory of the owner.

There are two types of brain wallets:

  • The first type is created by accepting a user-provided passphrase as an input to an algorithm that generates a longer key based on the passphrase. This type of brain wallet is only as secure as the entropy of the passphrase. Because most humans are remarkably bad at thinking of a random string of characters or words, some brain wallets of this type have been stolen in seconds by thieves using “rainbow tables,” which are large pre-generated lists of private keys created from common words, phrases, and combinations of characters.
  • The second kind of brain wallet contains a private key generated with randomized data. An algorithm then generates a sequence of words that can reconstruct the private key. This sequence of words can be memorized and the key can be deleted from the device that generated it. As long as a copy of the program that generated the word list exists and the word sequence is remembered, the wallet can be recreated at any point in the future.

Brain wallet risks

  • Loss of memory
  • Weak passphrase

Brain wallet risk mitigations

Only use high-entropy seed passphrases generated by a secure offline device. Write down the passphrase (without reference to what it is) and store in a safe or bank vault.

Paper wallets

A paper wallet is a keypair that has been written or printed to paper. Often the keys are displayed as both text and QR codes for easy importation into a Bitcoin client.
Figure 1. An example of an unencrypted Bitcoin paper wallet. (Source: Dell SecureWorks)

Paper wallet risks

  • Physical destruction (e.g.: water, fire, fading ink)
  • Theft by duplication (attacker can photograph or manually copy the private key if shown the paper wallet)

Paper wallet risk mitigations

Seal paper wallets in watertight UV-resistant plastic. Store multiple copies in different secure locations, such as a fireproof safe or bank vault. Use Bitcoin Improvement Protocol (BIP)BIP 0038 passphrase encryption to protect the private key from unauthorized use. Do not transmit a picture of an unencrypted paper wallet to public destinations such as social media sites.

Web wallets

Web wallets have become a popular choice for newcomers to Bitcoin. They’re easy, accessible, and users only need to keep track of a typical account username and password. From a convenience standpoint this sounds great, but for security, not so much. Any wallet where the owner does not control the private key technically does not belong to the owner. Anyone who manages to access the server where the web wallet is stored can transfer the funds. Users might think their funds are insured when using a web wallet service, much like putting money in a bank. However, there is no insurance organization such as the Federal Deposit Insurance Corporation (FDIC) for Bitcoin. If the funds are stolen, then they will likely not be replaced.

Web wallet risks

  • Physical theft
  • Hard drive failure
  • Theft of web wallet by malware
  • Loss of memory
  • Weak username or password

Web wallet risk mitigations

Avoid web wallets except as necessary to convert between currencies. At publication time, cryptocurrency exchanges (e.g.: Mt. Gox, Bitstamp, CampBX, and BTC-E) are the easiest way to trade large amounts of fiat (backed by a government) currency for Bitcoin and vice versa. Unfortunately, they also tend to be primary targets for Bitcoin theft, due to the amount of funds stored at the exchange.
As exchanges are essentially web wallets, currency should be stored only for as long as necessary for the trade. Once Bitcoin have been purchased or sold, the funds should be transferred out as quickly as possible to mitigate any potential security breach of the site.

Many web wallets and exchanges offer two-factor authentication (2FA) using one-time passwords (OTP). While this is a step in the right direction, this type of authentication provides no security against malware that can hook into the web browser. Conventional banking malware has been bypassing this type of authentication for years, and these techniques will likely soon be adapted to compromise web wallets protected by 2FA.

Hybrid wallets

A hybrid wallet is a combination of a web wallet and a traditional wallet. It uses JavaScript to manage private and public keys on the client side, so keys are never stored on the server and cannot be stolen en masse. Hybrid wallets are popular, but trusting its security because the keys are not stored server-side is misguided, as an attacker can still steal a user’s keys. Because hybrid wallets offer slightly more security than web wallets, while maintaining the convenience of a single wallet that can be easily accessed from both mobile devices and desktops, they are likely to be the most popular form of Bitcoin client for the foreseeable future.

Hybrid wallet risks

  • Website compromise can modify JavaScript delivered from server to leak private keys and passphrases from client
  • Malware on client side can steal keys and passphrases directly from web browser

Hybrid wallet risk mitigations

  • Only use this type of wallet for small transactions.

Offline wallet

An offline wallet is a traditional wallet created on a device that runs Bitcoin client software but is never connected to a network. A Raspberry Pi computer running the GNU/Linux operating system and the Electrum wallet software makes an excellent offline wallet. In this configuration, the offline wallet pairs with an online wallet that connects to the network. The online wallet knows what Bitcoin addresses belong to the offline wallet and can create transactions. However, the online wallet cannot sign transactions because it does not have access to the private key. A transaction request must be manually transferred to the offline wallet (e.g.: via a USB drive or by QR code webcam capture).

The offline wallet reads and signs this request, authorizing the transfer of funds out of the wallet. This signed transaction is then manually transferred to the online wallet, where it is submitted to the network for verification.

Offline wallet risks

  • Infection of offline device by exploit delivered by USB or QR code
  • Preloading of device, operating system, or wallet software with code that weakens the random number generator used to create the private key (so-called “kleptographic attacks”)

Successful exploitation of an offline wallet is more difficult than a compromise of an online wallet, but it is still a possibility. An attack on the code repository used by a popular wallet client could insert code to weaken the random number generation algorithm. These types of attacks would likely be detected eventually, but any users of the software that downloaded the client during the affected period would have generated weak wallet keys and be subject to theft of funds.

Offline wallet risk mitigations

All code used by offline wallets should be open-source, compared against the public code repository, and audited for potential vulnerabilities. A blackbox audit of the random number generator inside the key generation binary should be conducted to ensure that the key being generated is seeded with random data in a truly unpredictable fashion.

Type-2 deterministic wallets

Similar to brain wallets, Type-2 deterministic wallets are based on a seed number that can be exported as a sequence of words, which can be memorized and saved. Their primary feature is that any number of private keys can be generated from the seed data in a deterministic fashion, that is, the same seed will generate the same sequence of private keys and corresponding public keys every time. There is a special “master” public key that is derived from the seed and can be imported into online clients. The master public key allows the online client to know all of the public keys that belong to the wallet, without knowing the seed value or private keys. A wallet configured this way is called a “watching” wallet and knows the balance of the wallet’s addresses, but cannot authorize transactions without the transaction being signed by the offline wallet.

This analysis does not cover Type-1 deterministic wallets, as they are functionally equivalent to Type-2 but lack security measures and additional features. As a result of the lack of security, their use is not recommended.
Because the master public key need not be a secret, the wallet can be simultaneously used on multiple devices. While metadata won’t remain synchronized (e.g.: nicknames you give your addresses, or notes about given transactions), data such as addresses, transactions, and balances will automatically stay synchronized.
At publication time, two variants of the Type-2 wallet exist: Armory and Electrum. Both are Type-2 deterministic wallets and either is an excellent choice.

Hardware wallets

A hardware wallet is a single-purpose electronic device that stores one or more private keys and allows for easy offline transaction signing. Bitcoin wallet clients that support hardware wallets generate and send an unsigned transaction to the device. The transaction details are displayed by the device, verified and signed by the user, and returned to the online client for submission to the Bitcoin peer-to-peer network.

One such wallet is called the “Trezor”, which is German for “vault” or “safe.” This particular device requires a USB cable to connect the hardware wallet to the online computer. While the creators of this device claim a high degree of security using this connection method (if an attempt to read data from the device is made, the device will reject the request), there is always a risk when connecting an offline device to an online (and potentially compromised) computer.

Hardware wallet risks

  • Must trust device manufacturer to not have weak random number generator or backdoor method to access the key
  • The potential exists (albeit small) for exploitation of device when connected to compromised computer

Hardware wallet risk mitigations

Open-source hardware and software should be required elements of hardware wallets. However, unless a user has the resources to perform physical chip logic verification, always assume a small amount of risk with all security solutions.

Best practices

This section discusses methods to safely use Bitcoin wallets in the enterprise.


Wallets holding significant funds should be backed up using the “3-2-1” rule: three copies of the wallet file, backed up on two different types of media, with at least one offsite backup. Clients should consider the duration of the intended storage and the lifespan of the media storing the wallet.

Special consideration is required for the backup of non-deterministic (traditional) wallets that hold multiple keypairs. The backup of these wallets only contain the keypairs generated up until the backup time. If the wallet is used after the backup, new keypairs may be generated, and if the wallet file is lost before the next backup, funds assigned to those addresses will be lost.

Encryption of wallet files

Akin to practices used for sensitive data, encrypting your private key is a good idea. A malicious actor in possession of the wallet file would still need to decrypt the keys within to gain access to the funds. Most wallet software has a built-in wallet encryption feature. For the best security, the password encryption method used by the client software should conform to BIP 0038.

Cold storage

Cold storage wallets are never connected to a network. The cold storage wallet stores the larger part of the cryptocurrency when it’s not needed.
Deposits can be made to a cold storage wallet at any time, but withdrawals should be relatively infrequent, requiring manual intervention. A “hot” (online) wallet is where smaller and frequent transactions are instead performed. Offline wallets, paper wallets, and hardware wallets can be used as cold storage, depending on how often the funds need to be accessed.

For example, a company holds 6,000 BTC in cryptocurrency. On a daily basis, the company receives approximately 45 BTC from sales, and spends 15 BTC. This means they only need to keep about 20 BTC in their online wallet per day. At close of business, all but 20 BTC should be transferred to a cold storage address. An even better practice is moving all funds into cold storage at the close of business, and moving back only what is required the following morning.

Access controls

Whoever has access to the private key of a Bitcoin address controls the funds. An ex-employee with copies of still-used private keys can transfer funds out of the company’s wallets in perpetuity. For this reason, any time an employee with access to a company wallet leaves the company, a new wallet should be immediately generated and the funds from the old wallet transferred to it.

Employee access to the cold storage wallet should be strictly limited by employee role. It is a bad idea to have the company’s funds controlled by a single person who might become incapacitated and unable to authorize transactions moving funds out of the wallet. Bitcoin supports the concept of “m of n” transactions, where multiple persons can sign a transaction but not all parties are needed to move the funds. This feature can prevent a single person from either freezing or stealing funds from a company account, and is a highly recommended part of anyBitcoin wallet access policy.

BIP 0070: Payment protocol messages

Malware performing a man-in-the-middle attack on the network may redirect Bitcoin payments by replacing a merchant’s Bitcoin address with that of an attacker. An individual with a random-looking Bitcoin address or QR code has a hard time knowing if it really belongs to the merchant.

BIP 0070 adds a layer of authentication to Bitcoin payments similar to that used by secure HTTP. BIP 0070 uses public-key infrastructure (PKI) certificates to validate that a site belongs to the merchant and not an attacker. An additional BIP 0070 feature allows clients to enter a Bitcoin address where any refunds should be sent, as well as notes about the transaction. Implementation of BIP 0070 also allows clients to prove payment of a certain invoice.
BIP 0070 does not address the case where the compromised system is infected by malware that can both change what is seen by the browser and redirect the BIP 0070 transaction being conducted by the Bitcoin client software. If an attacker has malware on the infected system, it is far easier to steal the contents of the wallet instead of intercepting individual payments.

The mitigation is to offer a signature that can be compared against using the public key of the remote party. A verification failure indicates data tampering and would discourage transferring currency to the address being displayed.

The enterprise wallet appliance imagined

The ideal enterprise wallet appliance can be used in the enterprise for secure cold-storage wallet management. This yet-to-be-developed solution would be a secure device that generates type-2 deterministic wallets using random data. The hardware and software of the device would be open-source and auditable by users of the device. The device would support transaction signing via an optical link (i.e. QR code shown to camera, and an embedded display shows signed transaction, or as a static or animated QR code) to transfer transaction data to and from an online-only wallet software. This device would not possess a physical network connection such as USB or Ethernet.

The device would be physically secure and difficult to steal. An internal printer could back up the wallet’s deterministic seeds to paper using non-fading waterproof ink. The paper seed backups would then be laminated and placed inside tamper-proof envelopes and stored securely in a vault in another geographic location.

Incident response

If a theft occurs, following an incident response plan helps to identify the weaknesses in the system that allowed the theft to occur, as well as prevent the incident from happening again. A good incident response plan includes several steps followed in order, and is ideally documented and understood by all parties involved in the response.
The standard incident response plan outline for cyberintrusions can be extended to a Bitcoin theft incident, because a Bitcoin wallet is essentially digital data. In general, these steps are:

  1. Preparation
  2. Detection
  3. Containment
  4. Remediation
  5. Resolution
  6. Lessons Learned

While recovering funds stolen in an incident is unlikely, it is still useful to activate the incident response process to prevent additional funds from being stolen. More information on network incident response and handling can be obtained from the SANS Institute.

Best practices for exchanges

The proliferation of malware has made online banking risky for many. Malware can inject itself into the web browser and change what the user thinks the bank is asking for. Likewise, malware can alter user transactions to the bank software, intercepting and changing transactions on the fly.

Because it is nearly impossible to guarantee that a consumer operating system is infection-free, all parties should assume the computer is already compromised and work under that assumption when conducting transactions. This doesn’t mean that transactions can’t be performed under these conditions; it just means that an extra layer of verification is needed for both parties to be assured that no tampering has occurred on the transaction.

OCTV – Offline Cryptographic Transaction Verification

To securely verify a transaction that has transited a potentially compromised waypoint requires an offline device that can display the details of the transaction before it is processed. Public-key cryptography signs the transaction data on the bank’s server before it is sent to the user. The offline device can verify the signature of the transaction and determine if any changes occurred in transit. If the transaction shows no tampering, the offline device generates a one-time code that authenticates this (and only this) transaction.

Bitcoin exchange implementation

All Bitcoin exchanges should make OCTV a mandatory security feature. In practice, the exchange displays a QR code when a transaction is requested, especially for an outbound transfer to a wallet. The QR code contains the following data:

  • The destination address of the transfer
  • The amount of the transfer
  • A one-time code generated on the server (for validation)
  • A signature of the data that verifies the transaction details

The user scans the QR code using the offline device. The offline device uses the exchange’s public key to verify the accuracy of the signature in the QR code. If the signature is valid, the device displays the one-time authorization code, which the user enters into the exchange’s prompt, authorizing only the transaction shown in the device’s display. It is still incumbent upon the user to verify that the transaction shown matches the transaction desired.

The QR code has the following properties:

  • Generated on the server
  • Would be entirely unique
  • Would only be valid for that specific transaction, globally
  • Would be valid only for a small time duration (e.g.: 15 minutes)

Instead of a dedicated device, a smartphone app could be substituted. Because smartphones are both networked and have been targeted by malware to bypass authentication systems, this option should only be considered as a stopgap measure until inexpensive dedicated cryptographic devices can be produced en masse.
An OCTV system called Cronto already exists, works nearly exactly as described above, and has been used at banks worldwide.

Indirect Bitcoin security considerations

Blockchain Analysis

At the core of the Bitcoin protocol is the public ledger, known as the blockchain. It allows anyone to look up what funds are owned by what addresses and prevents Bitcoins from being double-spent. But this public record is a double-edged sword for those who want to keep details of their Bitcoin finances secret. For this reason, “tumblers” can obfuscate the flow of Bitcoin funds across multiple users. A user sends Bitcoin into the tumbler’s wallet address, as do many other users at the same time. The tumbler then sends the Bitcoins to their original owners at completely different addresses in different amounts at different times, making it nearly impossible to trace a single user’s funds in and out of the tumbler (assuming many users are using the tumbler service).

Discussions about the obfuscation of Bitcoin transactions quickly lead to claims of money laundering. There are legitimate reasons to use tumblers, such as protecting sensitive financial information. For example, to gain “inside” information on a company’s financial transactions, anyone could analyze the blockchain and determine the cash flow associated with the company’s public Bitcoin addresses. They would be able to trace the flow of payments from those addresses to the company’s cold storage wallet, and then trace other payments to that wallet, to determine the rate of that company’s income. The use of a tumbler, under ideal circumstances, would mitigate this risk. However, tumblers introduce another risk: trusting the tumbler operator for the duration of the transaction.

In the future, it may be possible for tumbler services to operate transparently for regulatory authorities (to assuage claims of money laundering or tax evasion), but that are opaque to would-be opportunist traders.

Denial-of-service attacks

One overarching problem that impacts Bitcoin and e-commerce is distributed denial-of-service (DDoS) attacks. As more companies hold Bitcoin in their portfolio, criminals have an opportunity for quick and easy extortion attacks where they can be paid instantly and the money cannot be traced.

Most of the largest DDoS attacks could be completely neutralized simply by making it impossible to falsify (or spoof) the source of traffic on the Internet. In 2000, Cisco employee Paul “Fergdawg” Ferguson published technical document RFC 2827 showing how ISPs could and should filter spoofed traffic crossing their networks, thus drastically mitigating the effects of DDoS attacks. The need for complete adoption of this recommendation has never been more urgent.


Any enterprise wanting to transact business using Bitcoin must perform careful due diligence to ensure the security of the company’s cryptocurrency accounts. The approach discussed in this analysis for wallet security may make handling Bitcoin at the enterprise level more cumbersome than an individual’s experience. However, the threat landscape will most likely evolve so that these precautions will be practiced by all Bitcoin users. The general adoption of Bitcoin should ultimately lead to more secure computing and network architectures for everyone.



  • Encrypt private keys
  • Limit employee access to wallets
  • Store private keys on offline devices that only serve to sign transactions
  • Keep all funds not needed for daily operation in “cold storage”
  • Use type-2 deterministic wallets (Electrum, Armory) for enhanced security and availability
  • Use secure hardware wallets where possible
  • Keep secure offsite backups of wallets
  • Implement an incident response plan for wallet theft

Exchanges and web wallets

  • Do not use web wallets
  • Keep funds on exchanges for as little time as is necessary
  • Encourage exchanges to implement offline cryptographic transaction verification

Authenticating payments

  • Implement BIP 0070 for customers and vendors
  • Enterprise Best Practices for Cryptocurrency Adoption

By Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

New Bitcoin Hardware Encryption Keys for General Public – myTREZOR Web Wallet to use BOP Bitcoin Server


Bits of Proof and TREZOR developers cooperate to provide access to the blockchain for myTREZOR Web Wallet users.

will be launched as an exclusive web wallet for TREZOR device owners. It is a lightweight and easy to use web wallet for secure bitcoin transactions.

Common web wallets require users to register using their user name, or email address and password. Such elements inherently create potential security risks and are subject to frequent hacker attacks. Thanks to the advanced TREZOR cryptography, myTREZOR Web Wallet eliminates the need for sensitive user data. Effectively, myTREZOR represents a comfortable transaction tool, suitable for users with little experience as well as for those with high security expectations.

Using BOP Bitcoin Server provides a comfortable access to user’s wallet balance and transaction history. This basic wallet information including incoming transactions can stay visible in myTREZOR even after unplugging the TREZOR device.

“We at TREZOR believe that this is a revolutionary combination of user experience and security which is very much needed in the Bitcoin world.” explains Alena Vranova, Director of TREZOR. “We are excited to bring TREZOR Hardware Wallet together with myTREZOR Web Wallet to their first users and want to thank everybody in the community for adding their ideas, expertise and for being so patient with our delays in the delivery.”

Bits of Proof implements advanced Bitcoin technologies such as the Hierarchical and Deterministic Wallet (BIP32) which enable myTREZOR users to enjoy full potential of the TREZOR Hardware Wallet.

Tamas Blummer, CEO of Bits of Proof (BOP) adds: “I believe TREZOR users will appreciate the fact that their private keys are never transmitted from myTREZOR to the BOP Bitcoin Server. The transactions are signed purely in the TREZOR device. It is finally safe to use a web wallet, thanks to TREZOR and our BOP Bitcoin Server”.

By Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International


Senator Calls For Bitcoin Ban In Letter To Financial Regulators


Source: Andy Greenberg Forbes.com

Since Senator Charles Schumer first called on law enforcement nearly three years ago to shut down the Silk Road and cited the black market’s use of Bitcoin for anonymous transactions, the cryptocurrency community has been waiting for the other shoe to drop. It just did: Another lawmaker has demanded an outright ban on Bitcoin.

In a letter to Treasury Secretary Jack Lew, Fed Chairwoman Janet Yellen and other financial regulators, West Virginia Senator Joe Manchin demanded that they “take appropriate action to limit the abilities of this highly unstable currency.”

“This virtual currency is currently unregulated and has allowed users to participate in illicit activity, while also being highly unstable and disruptive to our economy,” Manchin wrote. He went on to cite Bitcoin’s use by the Silk Road and other black markets for anonymous transactions, as well as its volalitility as a currency. “The clear ends of Bitcoin for either transacting in illegal goods and services or speculative gambling make me weary of its use.”

Congressional hearings and New York financial regulatory hearings have floated the idea of new regulations on Bitcoin that would treat it as a more or less traditional currency, subject to the same anti-money-laundering laws as any other form of money. But Manchin advised that the U.S. instead follow the example of China and Thailand, who he described as having made the currency fully illegal. (In fact, China at least allows Bitcoin to act as a commodity and a store of value, if not a means of transaction.) The clear ends of Bitcoin for either transacting in illegal goods and services or speculative gambling make me weary of its use. “Our foreign counterparts have already understood the wide range of problems even with Bitcoin’s legitimate uses – from its significant price fluctuations to its deflationary nature,” he writes.

Update: A spokesperson in Senator Manchin’s office said that his call for regulation doesn’t yet extend to other cryptocurrencies, such as Litecoin or Dogecoin. And asked how such a ban would be technically feasible, he admitted that the senator is still trying to gather information on “different ways to protect consumers” that might entail a ban or simply increased regulation.

Whether Manchin seeks a ban or stricter regulation for Bitcoin, his announcement comes as the latest bad news for the cryptocurrency, which was already pummeled earlier in the week by the shutdown of Mt. Gox–its oldest and once-largest exchange–after what may have been a theft of hundreds of thousands of the exchange’s stored bitcoins. Bitcoin’s value has fallen to around $567 as of Wednesday afternoon from a high of more than $850 earlier this month.

Here’s the full letter Manchin sent to regulators:

Dear Secretary Lew, Chairwoman Yellen, Commissioner Curry, Acting Chairman Wetjen, Chairman Gruenberg, Chairwoman White:

I write today to express my concerns about Bitcoin. This virtual currency is currently unregulated and has allowed users to participate in illicit activity, while also being highly unstable and disruptive to our economy. For the reasons outlined below, I urge regulators to take appropriate action to limit the abilities of this highly unstable currency.

By way of background, Bitcoin is a crypto-currency that has gained notoriety in recent months due to its rising exchange value and relation to illegal transactions.  Each Bitcoin is defined by a public address and a private key, thus Bitcoin is not only a token of value but also a method for transferring that value.  It also means that Bitcoin provides a unique digital fingerprint, which allows for anonymous and irreversible transactions.

The very features that make Bitcoin attractive to some also attract criminals who are able to disguise their actions from law enforcement. Due to Bitcoin’s anonymity, the virtual market has been extremely susceptible to hackers and scam artists stealing millions from Bitcoins users. Anonymity combined with Bitcoin’s ability to finalize transactions quickly, makes it very difficult, if not impossible, to reverse fraudulent transactions. 

Bitcoin has also become a haven for individuals to buy black market items. Individuals are able to anonymously purchase items such as drugs and weapons illegally. I have already written to regulators once on the now-closed Silkroad, which operated for years in supplying drugs and other black market items to criminals, thanks in large part to the creation of Bitcoin.

That is why more than a handful of countries, and their banking systems, have cautioned against the use of Bitcoin.  Indeed, it has been banned in two different countries—Thailand and China—and South Korea stated that it will not recognize Bitcoin as a legitimate currency.  Several other countries, including the European Union, have issued warnings to Bitcoin users as their respective governments consider options for regulating or banning its use entirely. While it is disappointing that the world leader and epicenter of the banking industry will only follow suit instead of making policy, it is high time that the United States heed our allies’ warnings. I am most concerned that as Bitcoin is inevitably banned in other countries, Americans will be left holding the bag on a valueless currency.

Our foreign counterparts have already understood the wide range of problems even with Bitcoin’s legitimate uses – from its significant price fluctuations to its deflationary nature. Just last week, Bitcoin prices plunged after the currency’s major exchange, Mt. Gox, experienced technical issues. Two days ago, this exchange took its website down and is no longer even accessible. This was not a unique event; news of plummeting or skyrocketing Bitcoin prices is almost a weekly occurrence. In addition, its deflationary trends ensure that only speculators, such as so-called “Bitcoin miners,” will benefit from possessing the virtual currency. There is no doubt average American consumers stand to lose by transacting in Bitcoin. As of December 2013, the Consumer Price Index (CPI) shows 1.3% inflation, while a recent media report indicated Bitcoin CPI has 98% deflation. In other words, spending Bitcoin now will cost you many orders of wealth in the future. This flaw makes Bitcoin’s value to the U.S. economy suspect, if not outright detrimental.

The clear ends of Bitcoin for either transacting in illegal goods and services or speculative gambling make me weary of its use.  The Senate Homeland Security and Governmental Affairs Committee issued a report just this month stating, “There is widespread concern about the Bitcoin system’s possible impact on national currencies, its potential for criminal misuse, and the implications of its use for taxation.” Before the U.S. gets too far behind the curve on this important topic, I urge the regulators to work together, act quickly, and prohibit this dangerous currency from harming hard-working Americans.

U.S. Joe Manchin III
United States Senator

By Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

Mt. Gox CEO Says All The Bitcoin Is Gone In Bankruptcy Filing


Source: Kashmir Hill Forbes.com

On Wednesday, Tokyo-based Bitcoin exchange Mt. Gox “reassured everyone” that its CEO Mark Karpeles was still in Japan and working to “ find a solution to our recent issues.” It turns out that solution is filing for bankruptcy. Having halted withdrawals for over a month, and complaining about a “transaction malleability” Bitcoin bug that let users steal coins, the exchange now says its Bitcoin loss is higher than the 744,000 figure cited in a “crisis plan” leaked this week. Mt. Gox says 750,000 of its customers’ Bitcoins are gone and more than 100,000 of its own. At Bitcoin’s current surprising stable $550 – $570 value, and more than 100,000 of its own coins, that’s around $475 million. Ouch.

At a news conference at the bankruptcy court in Tokyo Friday, Mark Karpelès told reporters that “technical issues had opened the way for fraudulent withdrawals,” reports the Wall Street Journal, and handed out a document that said that “the exchange was illegally accessed in early February.”

Mark Karpeles Mt Gox

“First of all, I’m very sorry,” Mt. Gox CEO Mark Karpeles said at a press conference after filing for bankruptcy protection.

The wider Bitcoin community is still in a state of shock and disbelief that half a billion dollars worth of Bitcoin could go missing that quickly if Mt. Gox were exercising proper security measures. A crisis strategy plan allegedly created for Mt. Gox by consulting firm Mandalah says “the cold storage has been wiped out due to a leak in the hot wallet.” That doesn’t make much sense. When Bitcoin are in “cold storage,” the private keys needed to transfer their value are stored on a secure, offline device (or the codes may even be printed out). So either the storage was lukewarm not cold — meaning they were still accessible through a network in some way — or the claim is an inaccurate one.

In addition to the loss of coins, the bankruptcy filing says Mt. Gox owes creditors $63.5 million. Among its claimed $38 million assets, it says it has $5 million “held by CoinLab” and $5.5 million held by the Department of Homeland Security, reports Coindesk.  Those are reminders of earlier legal problems for the company. After their plans to partner to create a U.S. Bitcoin exchange fizzled, Mt. Gox sued Coinlab for the return of that $5 million; the suit is ongoing. Meanwhile DHS seized money from Gox last year claiming it was not licensed to perform money transmission in the U.S. Rumors continue to swirl in the Bitcoin community that the crackdown was related to the prosecution of Silk Road, and that the U.S. government actually has control of Mt. Gox’s cold storage wallet.

Law enforcement in the U.S. has become interested in the case according to the Wall Street Journal, which reported that federal prosecutors in Manhattan — who have been responsible for pursuing Bitcoin-related charges against alleged Silk Road founder Ross Ulbricht and BitInstant CEO Charlie Shrem — have subpoenaed Mt. Gox and asked it to preserve certain records that could come in handy in a later criminal investigation.

As for the over 100,000 customers who had their Bitcoin holdings with Mt. Gox, this would appear to confirm the devastating news that began to leak out at the beginning of the week: that their Bitcoin savings are gone. Some of the more fervent believers in Bitcoin are still sanguine.

“I have dedicated my life to building and supporting the Bitcoin project,” writes early Bitcoin entrepreneur Erik Voorhees, who reportedly had over 550 Bitcoin (or $300,000) in Mt. Gox. ” I don’t give a damn about the money I lost at Gox. That’s not important. What is important is that Bitcoin is resilient and enduring, and will continue to grow and change the world for the better.”

For those whose heads are still reeling from the news, here’s a timeline of this month’s MtGoxalypse:

February 7, 2014

Mt. Gox halts withdrawals.

In a bankruptcy filing at the end of the month, Gox will say that the exchange was illegally accessed in early February

February 10, 2014

Mt. Gox blames a transaction malleability bug for the halt. In a press release, Mt. Gox said it “detected unusual activity on its Bitcoin wallets and performed investigations during the past weeks. This confirmed the presence of transactions which need to be examined more closely.”


Two protestors fly to Mt. Gox’s Tokyo headquarters and sit in front of its office with signs demanding their Bitcoin back.

Image via Kolin Burges

February 23, 2014

Barry Silbert of SecondMarket emails a Fortune reporter saying he wants to accelerate the announcement of the launch of a new U.S.-based Bitcoin exchange.

February 24, 2014

On Monday afternoon, Bitcoin entrepreneur Ryan Selkis who blogs under the name The Two-Bit Idiot reports that a document circulating reveals that Mt. Gox has lost 744,408 Bitcoin. Two hours later, he posts the document, a Mt. Gox “crisis strategy plan” that he says he has authenticated with sources close to Gox.

CEOs from other Bitcoin companies hold a Skype call Monday afternoon Pacific time to release a statement reassuring the Bitcoin community, calling Mt. Gox “a bad actor that needed to be weeded out.”

February 25, 2014

Mt. Gox’s website goes dark. Trading stops.

The New York Times and Fortune report SecondMarket’s new U.S.-based Bitcoin exchange in articles that also focus more and less, respectively, on Mt. Gox’s implosion. “I wasn’t planning to make this public yet,” Silbert told me. “I decided to accelerate it to counterbalance the Gox news.”

Mt. Gox site comes back but with a simple statement: “In light of recent news reports and the potential repercussions on MtGox’s operations and the market, a decision was taken to close all transactions for the time being in order to protect the site and our users. We will be closely monitoring the situation and will react accordingly.”

Wall Street Journal reports that federal prosecutors in Manhattan have subpoenaed Mt. Gox, asking it to preserve documents. Reuters reports that the FBI is also involved.

February 26, 2014

Mt. Gox site adds another statement from its CEO to its website:

Dear MtGox Customers,

As there is a lot of speculation regarding MtGox and its future, I would like to use this opportunity to reassure everyone that I am still in Japan, and working very hard with the support of different parties to find a solution to our recent issues.

Furthermore I would like to kindly ask that people refrain from asking questions to our staff: they have been instructed not to give any response or information. Please visit this page for further announcements and updates.

Mark Karpeles

February 27, 2014

After a West Virginia senator calls for a ban on Bitcoin in reaction partly to the Mt. Gox news, Federal Reserve Chair Janet Yellen says the “Fed doesn’t have authority to supervise or regulate bitcoin in any way.”

Gregory Greene, of Illinois, who says he had $25,000 worth of Bitcoin stored with Mt. Gox files a class-action lawsuit against the company for fraud and breach of contract.

By Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

You Don’t Need A Nobel Prize To Be Wrong About Bitcoin, But It Helps


Source: Mark Rogowsky Forbes.com Contributor

The internet may have brought us unlimited sources of news and opinion, but the New York Times still has powers that few of the new generation can muster. Among those is the ability to claim two Nobel Prize-winning economists among its staff: the op-ed columnist Paul Krugman and Economic View’s Robert Shiller. Back in December, Krugman declared: “Bitcoin is Evil” and after the Mt. Gox exchange for the electronic currency declared bankruptcy in the past week, taking with it millions of investors money, some might argue he had a point. Shiller took that event as his chance to pile on Bitcoin while it was down: “ The central problem with Bitcoin in its present form, though, is that it doesn’t really solve any sensible economic problem,” he wrote in yesterday’s Times.

Bubble trouble?

Schiller could scarcely be more wrong about that “central problem” thesis, which we’ll get to in a moment. But he does raise an important question about the wild gyrations of Bitcoin’s price over the past year. “The Bitcoin phenomenon seems to fit the basic definition of a speculative bubble — that is, a special kind of fad, a mania for holding an asset in expectation of its appreciation,” he wrote. “The instability of Bitcoin’s value in dollars is a measure of failure, not success.”

Jean-Paul Rodrigue , a Ph.D. who teaches at Hofstra University, came up with a model that defines the stages of an investment bubble. It looks like this:


Now here’s a chart of Bitcoin over the past year, using data from Coinbase, a leading Bitcoin exchange:

Screenshot 2014-03-02 05.52.10

Keeping in mind that Rodrigue’s chart is a model, not a precise guide for what every single bubble is going to look like, reasonable people could argue that we’ve had the full run up to the “new paradigm” stage — and that the investment in so many Bitcoin companies, including Coinbase, attests to that — as well as the “return to normal” peak. But so far, what we haven’t seen at all is the fear from the Mt. Gox implosion leading to the capitulation and despair stages of Rodrigue’s model. They still might. And there are reasons why I believe that might be the best thing for Bitcoin in the long run, but it’s worth examining what is actually happening as best as it’s understood.

Where are the Bitcoins?

Because the price of a Bitcoin appreciated nearly a hundredfold over the course of 2013, the people involved in “mining” them and many who were trading them ended up holding onto their Bitcoins in the hope of ever-higher prices. An analysis at BitcoinTalk has concluded that as of the end of January, 8.8 of the 11.8 Bitcoins in existence are held by people with at least 100 of them. (At today’s prices, each of them has more than $50,000 in Bitcoin wealth.) Within that group it’s estimated that fewer than 1,000 people are holding more than half of the world’s Bitcoins and just 46 of them hold at least 10 thousand Bitcoins representing 3.6 million total coins — 30% of everything that exists. Given that there isn’t much to buy with Bitcoins yet, it’s reasonable to conclude most of those are held by speculators betting on higher prices.

That much consolidated ownership among people that don’t want to spend their Bitcoins isn’t good news and would lend credence to Shiller’s hypothesis that Bitcoin is nothing but a speculative bubble without much utility. But a deeper look tells a much different story. The same analysis was conducted just 3 months earlier and back then 9.3 million coins where in the hands of 100+ coin holders. In other words, 500,000 coins have moved down into more general circulation in the short time since late October. Better still, the number of people holding any Bitcoins at all has soared from 350,000 to more than 2 million.

It’s certainly possible these people are late to “tulip mania” but it seems more likely that they’re getting involved with Bitcoin now not to try to get rich from it, but instead to actually use it.

Wait, I thought it was useless?

Among the 25,000 merchants now accepting Bitcoin, are Overstock and Fancy. While proponents like Coindesk tend to get ahead of themselves with claims like “paying in bitcoin eliminates the need to enter personal information” — if you want something shipped to you, personal information entry will continue to be involved — the currency is gaining acceptance as a medium of exchange. For many of you, Bitcoin attempts to solve a problem in these cases you don’t have: Paying online by credit card.

But consider how many people do have this problem. First, everyone who for whatever reason can’t get easily get a card or is among the stunning 106 million who is “unbanked” or “underbanked” in the U.S. Second, consider those that are more mobile and need something shipped to an unusual location, but the merchant can’t accommodate goods going anywhere but to the address on the card. Third, consider the possibilities of high-dollar purchases where you might be willing to forgo the right to dispute the purchase in exchange for a discount of 2% from the merchant — the money they’d save not taking your credit card.

But what if the savings isn’t just 2%? What if the cost to the merchant is 10% or more just to process payment with a card? If you’re skeptical such businesses are out there, visit the website of ccBill. They process payments for the kind of web services no one else will touch. As ccBill describes it: “Some of these high-risk business models include adult online entertainment, live entertainment and cam sites, penny auction sites, as well as complex business selling. And now even dating sites fall into the high-risk category with MasterCard.”

Never mind potentially innovative ideas that people don’t even bother trying to get off the ground because they’ve been told by Paypal, Mastercard, or a bank that the chargeback risk is to great, so they shouldn’t bother. Enter Bitcoin, where willing consumers can choose to pay without having unlimited rights to decide later to “un-pay” and new opportunities abound. Yes, some of them will be nefarious schemes, but others will be like Bitcoin itself: Something that today is just a bit outside the mainstream, too difficult to understand until it gains adoption.

This is just the tip of the Bitcoin iceberg. Currently, it costs $8 to send $1000 to Guatemala with Western Union plus whatever they get on the currency conversion. With Bitcoin, the transfer itself is free. The only cost will be in whatever nominal fees the sender might pay to get Bitcoins in the first place and what it might cost the seller to turn them back into the local currency. These are already close to zero and the competition among Bitcoin exchanges is only in its infancy. In 2012, $478 billion in remittances, money transfers across borders, occurred globally. Not only is it hard to imagine Bitcoin failing to play a role in the market, it’s hard to imagine Bitcoin failing to gain a dominant position in it.

Gliding_Over_AllBitcoin, too, is a natural for all sorts of underground activity like offshoring money either legally or illegally and quite possibly engaging in black-market trading for prohibited goods, as was the case with Silk Road, which was busted by the FBI. But to say, as Shiller does, these are not uses for the technology is to make a similar claim about the United States $100 bill, the preferred medium of exchange around the world for illegal activity. (Just ask Walter White.) And unlike many U.S. notes, Bitcoin is actually traceable. Everyone who is out there mining also stores an ever-growing ledger of all the Bitcoin transactions. While they don’t contain personally identifiable information, they do provide a breadcrumb trail of where the coins have come from and gone. If someone is up to no good, appropriate subpoena power and surveillance could be use to follow the money. That’s doable with paper currency only if you knew the serial numbers ahead of time.

Bit by Bitcoin

In the aftermath of the Mt. Gox debacle, what we’re left with has surprised many. Bitcoin’s price stayed stable in part because of the consolidated holdings. The speculators saw Mt. Gox as an outlier and didn’t panic. Without the bulk of Bitcoins being dumped, the price didn’t go into free fall. In the meantime, through a period in which the currency did indeed lose half its value from what might well prove to be a short-term speculative peak (from late last year through now), its adoption as a way to buy and sell things — and to move money — slowly began to rise.

Serious investors like Marc Andreessen of Andreessen Horowitz, who has aggressively taken to Twitter to defend and promote Bitcoin, and Fred Wilson of Union Square Ventures, who wrote a response to Senator Joe Manchin’s anti-Bitcoin tirade have put millions into companies that hope to profit from the growth of Bitcoin. That makes them less than completely honest brokers but more than mere self-promoters. They are basically putting their money where their mouths are. Without a robust set of well-financed exchanges, Bitcoin would likely fail.

With them, however, it starts to resemble a new kind of banking. One without a central authority, yes, but one with much lower overhead, too. Bitcoin isn’t designed to replace the dollar, the yen or the euro. That makes CNBC’s Larry Kudlow’s recent screed all the more mystifying: “[B]itcoin is not real money. It is not a reliable medium of exchange, nor is it a reliable store of value. It has no central bank regulation, network operations or even centralized issuance. And because of its wild price fluctuations, bitcoin can never be a reliable payment system.” But Larry, you can get Bitcoins for payments the instant you’re ready to purchase something, making you indifferent to the exchange rate. The merchant can turn those coins back into their currency just as quickly for a fee far lower than what they pay to take your credit card. Oh, and they get paid faster than a bank pays them too. Kudlow doesn’t have a Nobel Prize in Economics. But he’s every bit as off base as Shiller.

By Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

On A Mission – By Marc Andreessen

I enjoyed Marc’s recent article so much I thought I would share it to my blog readers as well…So I hope you enjoy 🙂


On a Mission



One of the interesting things I have seen, especially in the last 10 years, is that many of the big winners in technology have been what I call “mission-driven” versus “mercenary-driven” companies.

There are a lot of companies that cut corners. There are a lot of companies that have a mercenary outlook, and will dump their idealistic goal to make a business work in the short-term. We steer clear of those. We are looking for the companies who are going to be the big winners because they are going to cause a fundamental change in the world, as opposed to making a short-term grab for revenue or a short-term grab for an acquisition.

These are the founders who come in to the firm and say, “Look, I don’t care whether I make money or not, that’s not my goal. I want to change the world in the following way. I have this mission…” As Steve Jobs used to say, “I want to make a ding in the universe. I want to make beautiful products that people love.” Or Mark Zuckerberg: “I want to make the world more open and connected.” Or Larry Page and Sergey Brin: “I want to index the world’s information.”

How they will make money is typically not part of the conversation. These companies, and Google is a great example, usually have no business model. There is this vague notion of generating revenue. So you always wonder with your investor hat on, “Am I funding a social mission or am I funding a company? What’s going on here? Will they make compromises so fatal in the direction of pure ideology that they won’t actually ever build a business?”

But the pattern at the moment is the stronger the ideology or mission of the company, the more successful the company. I think a lot of that has to do with recruiting. A lot of the best people in the field don’t want to just work for money.

Let’s say you are founder of a company, and you are competing with 1,000 other founders to hire the smartest people coming out of the best universities. If you go in with a pitch that says, “You are going to make $120,000 a year, come work for us,” that is not as effective as, “You are going to change the world, and oh, by the way, you are going to make $120,000 a year.” So mission-driven companies seem to have a gigantic leg-up in recruiting, and that ripples through to morale and ultimately to retention.

Conversely, the purely mercenary startups we see, they generally don’t go well. They aren’t able to get good people, and don’t end up having a message that can punch through the noise. They don’t tend to go anywhere.

The Machiavellian view on this is if you are the founder you actually want to pretend you have a huge ideological mission, even if you don’t. And I guess you would rather do that, than not have one, but clearly it helps enormously to have a real mission.

By Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

SaaS Global Trends for 2014 – An Analysis


Cloud Market Overview for 2014

2014 is set to be a stellar year for Cloud Computing in general and SaaS in particular. An estimated 70% of SaaS customers are from “Small to Medium Businesses” with 80% of Enterprises still concerned with the Risk issues of both Security & Compliance. With 2013 being hailed as the “Year of the Internet Breaches” where everyone from Amazon to Ebay, Facebook and Forbes, IRS to Target being hacked and literally hundreds of millions of customer data being compromised, it’s no wonder “Steve Wozniak” in his now famous 2012 statement, in respect to the public cloud saw “…horrible problems…” with the cloud due primarily to the blatant lies in marketing which claim the cloud is “safer than your own private enterprise infrastructure” an actual claim on numerous websites and in interviews by executives at Amazon, Google and other major Public Cloud companies which, in my opinion (just like Steve said) has definitely harmed the whole cloud market from a trust perspective as executives become more educated about the realities of cloud computing and the public cloud in particular, and realize those kinds of statements are far from the truth it has left a bad taste in many executives mouths for the public cloud, which I’ve experienced first hand. What it has done is made enterprise executives who see these blatant lies for what they are, much more cautious which, in the long run is a good thing since, I believe, they should take time and not jump into the public cloud without careful consideration, a lot of planning and a complete & unbiased third party risk assessment.

So, although cloud sales are steadily increasing, with total Global Cloud spending expected to reach $75B-$100B globally (depending on which analyst you speak to) in 2014, I believe the frequent and highly publicized breaches have hurt the market and so, look for a slow-down in the SaaS market overall, as companies take stock to address the security and compliance concerns before they stick their big toe into the swamp that has become the cloud market, to “test the waters” so to speak.

SaaS Service Management

According to new research by Enterprise Management Associates (EMA), most IT organizations have limited visibility into the usage and cost of public SaaS applications. I believe in 2014 you will see more organizations seeking solutions to this problem and for that reason I see the “SaaS management” market as one to keep an eye on in 2014. Both new startups and existing “SaaS Management” businesses should see an increase in sales over the next few years and you should also see a market consolidation with the best players acquiring or putting out of business the lesser product/service vendors.

Security & Compliance

web hosting

Security & Compliance will be the real winner in 2014. Again with 2013 being named the “Year of the Security Breaches” and hundreds of millions of private data being compromised at mainstream websites look for SaaS Enterprise growth to slow down even more while start-ups race to secure market share of this massive new “Public Cloud Security & Compliance” emerging market.

Currently an estimated 80% of Enterprises fear to enter the Public SaaS market (according to multiple surveys), and for good reason as the risks have been shown to be astronomical indeed. As new software, hardware and services begin to appear to address these concerns such as the new CSPComply service by Compass Solutions, LLC of Washington DC and others, we should begin to see an uptick in SaaS adoption begin to appear however, I would not hold my breath for that to occur in 2014, look for this increase to be more pronounced in 2016 and beyond.

Medical-Device Technology


Another emerging market which is expected to be massive indeed is the so-called medical-device market. Products such as the FitBit Flex wrist band and FitBit Aria wireless scale seem to motivate people to reduce weight and exercise more, as studies are beginning to show us. Currently there are socks, ankle bracelets and even sneakers which all work together as a unit with embedded sensor technology to show your heat dispersion pattern on your feet, how many miles you’ve walked, your average rate of speed, how many calories you’ve burned, your heart-rate and other data including your travel patterns.

Many of these devices utilize a SaaS infrastructure, which will, along with additional factors will lead to more “service” oriented SaaS business models to begin to develop in 2014 through the next few years with the Medical-Device Market being a major influence.

“Hyperconverged Network Paradigm”


As technologies such as the next wave in wireless 802.11ac begin to take hold bandwidth in the first-wave 80MHz products will deliver throughout from 433 megabits per second on the low end to a maximum of 1.3 gigabits per second at the physical layer & more dense modulation schemes of up to up to 256 quadrature amplitude modulation (QAM), compared to 802.11n’s 64 QAM, for a 33 percent improvement. The new protocol doubles multiple input, multiple output (MIMO) capabilities. The increase moves from 802.11n’s four spatial streams to eight streams. For users, this means a speed boost, greater up-link reliability and opportunities for improved down-link reliability as well. For the internet this means massive increased bandwidth issues which, was why the IPv6 Protocol was developed in the first place…Look for IPv6 to also be a big winner in 2014 and beyond as more and more ISP’s, Backbone Providers and Telco’s begin migrating over from IPv4 do to the massive increase in bandwidth demands in 2014 and beyond.

A growing number of manufacturers are already shipping first-wave 802.11ac products for consumers and plan to expand offerings for business and enterprise network environments in the coming year. A Second Wave in Performance Speed and efficiency will ramp up even higher when Wave 2 devices for 802.11ac arrive. They’ll offer additional improvements in channel bonding by handling up to 160MHz, along with support for four spatial streams. These capabilities will help second-wave devices achieve throughput of around 3.47Gbps. (Source Cisco)

Worldwide smartphone shipments grew 40%, to more than 1 billion units, in 2013 and are on pace to reach 1.7 billion units by 2017.  (Source: CDW)

In 2014 we will see an increase of both “Smart” mobile devices, increased access to unlimited storage space on these devices via the emerging free and subscription cloud storage and a “Quadrupling” increase in bandwidth beginning as 802.11ac takes hold and most important of all the majority of the mobile carriers will finish large portions of their 4G/LTE infrastructure upgrades over the next three years starting with some pretty large expansions this year which most analysts seem to ignore or forget even though this will be by far the largest contributor to the “hyperconverged” market as wherever these increased bandwidths occur, increases in sales of “smart”, “handheld” mobile device sales increased dramatically. Look for all of these emerging technologies to trigger a number of unique situations as well as opportunities and even new markets. This type of increased traffic has never been experienced before and my prediction is it will cause many problems with unprepared SaaS infrastructure capacity which you should be prepared for in 2014 however, even more important will be the emergence of the “Hyperconverged” network, the increased importance of the end-point device within the Enterprise market and the increased importance of the emerging “Bring Your Own Device” & “Bring Your Own Technology” (BYOD/BYOT) market and the management of as well as the security & compliance issues associated with it. Look for these emerging technologies and markets to become major influencers receiving large boosts in both Capital investiture as we as large sources of new ideas and SaaS solutions to address the issues which will be created by this new paradigm.

However the reality is that all of these devices as they begin to communicate back to the cloud will begin to seriously erode the bandwidth capabilities of the current infrastructure, so look for startups with unique ideas of mitigating this increase in traffic to play a niche yet exciting and influential role as the “idea” people and “Think-Tanks”  & “Brain-Trusts” such as the new “Synapse Synergy Group” begin to come into their own in 2014 and beyond” – Quote by Jarrett Neil Ridlinghafer

Market Consolidation



Finally, we should see a lot more consolidation of the SaaS market with the winners and losers become clearer in 2014. Look for Amazon to steam ahead and broaden their lead, Salesforce will continue to be strong although they are already looking for ways to broaden their market as their primary business slows down, Microsoft will attempt to reinvent themselves in the Cloud with their new CEO at the helm and Oracle and IBM should begin to capture more market share as both of their new services start to take hold. As for VMware it still seems a bit too early to say one way or another. They did not come out with a big splash and a few Billion Dollars to throw around like IBM, they actually do very little marketing which makes one wonder, are they really ready or did they jump early in order to stop their slide to cloud obscurity or are they so confident they just don’t need to advertise their cloud offering? They obviously have a massive private cloud and enterprise infrastructure base from which to draw on, so one would hope with their vendor specific offering, that all those VMware Enterprise infrastructures will pay off as Hybrid becomes a much larger player over the next 3-5 years in the Enterprise.

Analysis By Jarrett Neil Ridlinghafer
Chief Technology Analyst & Consultant
Compass Solutions, LLC
Cloud Consulting International

Science Fiction? Star-Trek? Nope..The Coolest Top 10 Emerging Technologies For 2014

Technology Innovation1

The World Economic Forum, famous for its annual Davos convention in Switzerland, has put out a new report identifying the top technological trends for the coming year.

“Technology has become perhaps the greatest agent of change in the modern world,” writes WEF’s Noubar Afeyan. “While never without risk, positive technological breakthroughs promise innovative solutions to the most pressing global challenges of our time, from resource scarcity to global environmental change.”

“By highlighting the most important technological breakthroughs, the Council aims to raise awareness of their potential and contribute to closing gaps in investment, regulation and public understanding,” he writes.

From wearable electronics to brain-computer interfaces, here are the big technologies to look out for this year.

1. Body-adapted Wearable Electronics

Kevin Smith/Business Insider

“These virtually invisible devices include earbuds that monitor heart rate, sensors worn under clothes to track posture, a temporary tattoo that tracks health vitals and haptic shoe soles that communicate GPS directions through vibration alerts felt by the feet.

“The applications are many and varied: haptic shoes are currently proposed for helping blind people navigate, while Google Glass has already been worn by oncologists to assist in surgery via medical records and other visual information accessed by voice commands.”

2. Nanostructured Carbon Composites


“Emissions from the world’s rapidly-growing fleet of vehicles are an environmental concern, and raising the operating efficiency of transport is a promising way to reduce its overall impact.

“New techniques to nanostructure carbon fibers for novel composites are showing the potential in vehicle manufacture to reduce the weight of cars by 10% or more. Lighter cars need less fuel to operate, increasing the efficiency of moving people and goods and reducing greenhouse gas emissions.”

3. Mining Metals from Desalination Brine

REUTERS/ Eduardo Munoz

As freshwater continues to dwindle, desalinating seawater has emerged as an option. “Desalination has serious drawbacks, however. In addition to high energy use, the process produces a reject-concentrated brine, which can have a serious impact on marine life when returned to the sea.

“Perhaps the most promising approach to solving this problem is to see the brine from desalination not as waste, but as a resource to be harvested for valuable materials. These include lithium, magnesium and uranium, as well as the more common sodium, calcium and potassium elements.”

Grid-scale Electricity Storage


“There are signs that a range of new technologies is getting closer to cracking [challenges]. Some, such as flow batteries may, in the future, be able to store liquid chemical energy in large quantities analogous to the storage of coal and gas.

“Various solid battery options are also competing to store electricity in sufficiently energy-dense and cheaply available materials. Newly invented graphene supercapacitors offer the possibility of extremely rapid charging and discharging over many tens of thousands of cycles. Other options use kinetic potential energy such as large flywheels or the underground storage of compressed air.”

5. Nanowire Lithium-ion Batteries

REUTERS/Yuya Shino

“Able to fully charge more quickly, and produce 30%-40% more electricity than today’s lithium-ion batteries, this next generation of batteries could help transform the electric car market and allow the storage of solar electricity at the household scale. Initially, silicon-anode batteries are expected to begin to ship in smartphones within the next two years.”

6. Screenless Display

AP/Christof Stache

“This field saw rapid progress in 2013 and appears set for imminent breakthroughs of scalable deployment of screenless display. Various companies have made significant breakthroughs in the field, including virtual reality headsets, bionic contact lenses, the development of mobile phones for the elderly and partially blind people, and hologram-like videos without the need for moving parts or glasses.”

7. Human Microbiome Therapeutics

Getty Images

“Attention is being focused on the gut microbiome and its role in diseases ranging from infections to obesity, diabetes and inflammatory bowel disease.

“It is increasingly understood that antibiotic treatments that destroy gut flora can result in complications such as Clostridium difficile infections, which can in rare cases lead to life-threatening complications. On the other hand, a new generation of therapeutics comprising a subset of microbes found in healthy gut are under clinical development with a view to improving medical treatments.”

. RNA-based Therapeutics

Abid Katib/Getty Images

Developments in basic Ribonucleic acid (RNA) science, synthesis technology, and in vivo delivery i.e. in a living organism,  “are combining to enable a new generation of RNA-based drugs that can attenuate the abundance of natural proteins, or allow for the in vivo production of optimized, therapeutic proteins. Working in collaboration with large pharmaceutical companies and academia, several private companies that aim to offer RNA-based treatments have been launched.”

. Quantified Self (Predictive Analytics)

Julian Finney/Getty Images

“Smartphones contain a rich record of people’s activities, including who they know (contact lists, social networking apps), who they talk to (call logs, text logs, e-mails), where they go (GPS, Wi-Fi, and geo-tagged photos) and what they do (apps we use, accelerometer data).

“Using this data, and specialized machine-learning algorithms, detailed and predictive models about people and their behaviors can be built to help with urban planning, personalized medicine, sustainability and medical diagnosis.”

10. Brain-computer Interfaces

REUTERS/ Morris MacMatzen

The ability to control a computer using only the power of the mind is closer than one might think. Brain-computer interfaces, where computers can read and interpret signals directly from the brain, have already achieved clinical success in allowing quadriplegics, those suffering ‘locked-in syndrome’ or people who have had a stroke to move their own wheelchairs or even drink coffee from a cup by controlling the action of a robotic arm with their brain waves. In addition, direct brain implants have helped restore partial vision to people who have lost their sight.”

By Jarrett Neil Ridlinghafer
Chief Technology Analyst
Compass Solutions, LLC


Hennessey Venom GT is the world’s fastest production car, beating out the Bugatti Veyron Super Sport


The Hennessey Venom GT has been named the world’s fastest production car, taking away the title from the Bugatti Veyron Super Sport. The fastest street-legal production car in the world has a maximum speed of 265.7 mph, while the production Veyron, which features a tuned engine, maxes out at 258 mph. The Veyron Super Sport still holds the title as the world’s fastest car, with the pre-production model reaching 267.8 mph.

As a matter of semantics, the Hennessey Venom GT has been named the world’s fasted production car, outpacing the production Bugatti Veyron Super Sport.

On a technicality, the Hennssey Venom GT has cinched the title of world’s fastest production car with a speed of 265.7 mph from the reigning champion, the Bugatti Veyron Super Sport.

The technicality in question is engine tuning. A standard production version of the Hennessey Venom GT managed to come close to 270mph along a 2.9 mile stretch of runway whereas the Bugatti Veyron Super Sport, using Volkswagen’s 5-mile+ straight, got closer still, hitting 267.8 mph (431kph). After setting its record, the production version of the car had its engine slightly detuned so that its top speed would be limited to a mere 258mph in order to guarantee the tires don’t disintegrate.

Therefore, though it is still technically the world’s fastest petrol engine car, the Bugatti is not the world’s fastest street-legal production car.

The Hennessey Venom GT was tested in February but the figures have only now been ratified. The car, which is loosely based on the Lotus Exige, is powered by a twin turbo-charged 7.0-liter V-8 engine. It pumps out 1244 horespower and, as the car weighs exactily 1244kg, its power to weight ratio is 1000 horsepower per ton.

“While a Veyron Super Sport did run 267.8 mph, Bugatti speed-limits its production vehicles to 258 mph,” said company founder and president John Hennessey. “Thus, at 265.7 mph the Venom GT is the fastest production car available to the public.” Hennessey also suggested that his company was at a disadvantage because it only had a 2.9-mile runway over which to set its benchmarks, whereas the Veyron had the luxury of using Volkswagen Group AG’s private test track located near Ehra-Lessien, Germany which, at 5.9 miles, has one of the world’s longest straight sections of track. “Afforded the same distance to accelerate, the Venom GT would exceed 275 mph,” said Hennessey.

In February of 2013, the Venom GT officially became the quickest accelerating production vehicle in the world as it ran 0-300 km/h in 13.63 seconds, thus establishing a new Guinness World Record. The car also managed to go from 0-60 mph in 3.05 seconds and 0-100 mph in 5.88 seconds, and it ran the standing quarter-mile in 10.29 seconds at 158.83 mph.

Only 29 Venom GTs are scheduled to be built and each will cost their lucky owner $1.2 million plus shipping, not including options. Hennessey claims that the first 10 have already been sold.

By Jarrett Neil Ridlinghafer
Chief Technology Analyst
Compass Solutions, LLC

$615,000 Mercedes-Benz G63 AMG 6×6 is rolling, rocking, and rumbling its way through New York!


Hide the kids and bring the dog inside, the Mercedes-Benz G63 6×6 is loose! This 9,000 lb. SUV has six wheels, stretches 19 feet in total length, and rides on 37-inch tires. If you’re convinced a zombie apocalypse is coming, or if you really want people to get out of your way during a morning commute, this is the truck for you!

We’d be really excited, if we weren’t a little bit scared too.

Standing nearly 8-feet tall and stretching 19-feet in total length, the six-wheeled Mercedes-Benz G63 AMG 6×6 is like nothing else on the road.


A 536-horsepower biturbo V-8 engine hauls the G63 AMG 6×6 from zero to 60 mph in 7.8 seconds, according to Mercedes-Benz’ stopwatch.


And the fact Mercedes-Benz announced via Facebook that this behemoth is rolling around New York and New Jersey has us scratching our heads (and looking over our shoulders).


Six wheels and 37-inch tires mean ground clearance is, ern, most definitely not going to be a problem.

Is the German automaker planning on bringing this beast stateside? Only a handful were supposedly going to be built.


Unless you’re driving a dump-truck or city bus, this is guaranteed to be your view of the G63 AMG 6×6 – if you’re brave enough to get in its way!

And with a price that crests $600,000, we’re not sure who the target audience might be.

Frustrated SLS AMG Gullwing fans who long for a Peterbilt tractor-trailer?


How many owners do you think are going to head to Home Depot? Yea, we doubt it too. But if Mercedes tosses us the keys, we’re making the ultimate run to IKEA!

You can bet we’ll stay hot on the (XXL-sized!!!) heels of his mega machine as it thunders through the New York area!


Mercedes let the secret out that the G63 AMG 6×6 is rumbling through the New York area. Call it a really solid educated guess, but we think this all has something to do with the impending debut of the C63 AMG sedan (seen here parked next to the almighty G63!).


This week also happens to kick off Mercedes-Benz Fashion Week here in NYC. Hey, if you’re going to make an impression on the catwalk, you might as well go BIG.


Mercedes had planned on only building a handful of these outrageous beasties. Could U.S. sales now be around the corner for the G63 AMG 6×6?


The G63 AMG 6×6 has five, count ’em, five locking differentials. This thing makes a Jeep Wrangler look like a Tonka toy.

By Jarrett Neil Ridlinghafer
Chief Technology Analyst
Compass Solutions, LLC

Lamborghini Nitro tractor gets the work done in hypercar style


The new Lamborghini Nitro tractor pushes Italian style, giving the utility of the tractor that extra Lamborghini edge. This is no hypercar, however, with engines topping out at 130 horsepower.

It’s the tractor you don’t want to get dirty.

Today, the name may evoke images of a fast-racing Gallardo, but Lamborghini’s beginnings were about as far from the race track as possible.


Lamborghini Trattori, the tractor-manufacturing arm of the hypercar maker, shows of its latest farm tool. The 2013 Lamborghini Nitro combines style with the rugged functionality, looking just as ready to roll out onto the moon as it does onto the construction site.

With exterior styling designed by Giugiaro Design, the Nitro looks undeniably slick with its shiny white body. LED headlights, a standard in the hypercar world, make their way into this super tractor, as well as a high-tech cabin that looks to be inspired in equal parts by a race car and an airplane. And, yes, “Lamborghini” is emblazoned on the driver’s seat headrest, just in case anyone forgets.


s with any Lamborghini, form and function come hand-in-hand. The Nitro’s honeycomb grille is seriously eye-catching, while it also helps to keep the tractor’s 3.6-liter DEUTZ engine running cool and efficient.

The Nitro’s DEUTZ engine will be available in four power levels ranging from 100 to 130 horsepower while buyers will be able to also pick between mechanical, Powershift, and variable ratio transmissions.

Lamborghini has not yet announced the price for the 2013 Nitro.

By Jarrett Neil Ridlinghafer
Chief Technology Analyst
Compass Solutions, LLC

Big-Data Comes to the Farm – Farmers fear Monsanto is collecting too much crop data


Big data has come to the farm. The world’s two largest seed sellers, Monsanto and DuPont, are building “prescriptive planting” technology that will take in detailed data from farmers and spit out precise guidelines for planting. The upside is that farmers can use the algorithmic advice to easily identify things like the best soil for the best seeds, the amount of fertilizer needed, and optimal density for planting.

Deere tractors beams data directly to DuPont and Dow Chemical


Some farmers and agricultural organizations are worried about the amount of control the industry is ceding to megacorporations, however. Farmers today rely heavily on algorithms and iPads to automate their planting, and that data is easily harvested. Deere even signed a contract to beam data directly from its tractors to DuPont and Dow Chemical, reports The Wall Street Journal. Furthermore, the new technology could price struggling small farmers out of business.


There are also fears that the data services will be used to convince farmers to plant more and therefore buy more seeds. Farmers are also concerned that the data could be used on Wall Street to inform price projections, cutting into their profit on futures contracts. “I’m afraid, as farmers, we are not going to be the ones reaping the benefit,” one farmer told WSJ.

By Jarrett Neil Ridlinghafer
Chief Technology Analyst
Compass Solutions, LLC

Mt. Gox & $350 Million Dollars of Investors Money Disappears as Bitcoin community goes into damage control mode


The embattled Bitcoin exchange Mt. Gox has gone offline, after several organizations from the Bitcoin community released a joint statement distancing themselves from the Tokyo company’s troubles. Mt. Gox’s website remains inaccessible, and the exchange appears to have deleted its entire Twitter feed.

The joint statement was originally billed as “regarding the insolvency of Mt. Gox,” but was later updated to remove that language. A spokesman for the group told Recode, however, that “Mt. Gox has confirmed it will file bankruptcy in private discussions with other members of the bitcoin community.” Mt. Gox did not respond to requests for comment from The Verge.

“As with any new industry, there are certain bad actors that need to be weeded out.”

An unverified document purporting to show Mt. Gox’s “crisis strategy” alleges that the exchange has lost over 744,000 bitcoins in a theft dating back several years. The theft is said to have been enabled by the malleability bug that caused Mt. Gox to halt all withdrawals earlier in the month, though the document’s authenticity cannot yet be confirmed.

“This tragic violation of the trust of users of Mt. Gox was the result of one company’s actions and does not reflect the resilience or value of Bitcoin and the digital currency industry,” read the joint statement, backed by companies including Coinbase, Blockchain, Bitstamp, Kraken, Circle, and BTC China.


“It looks like the company has finally collapsed.”

“There are hundreds of trustworthy and responsible companies involved in Bitcoin. These companies will continue to build the future of money by making Bitcoin more secure and easy to use for consumers and merchants.  As with any new industry, there are certain bad actors that need to be weeded out, and that is what we are seeing today.”

Mt. Gox CEO Mark Karpeles stepped down from the Bitcoin Foundation’s board on Sunday, but has otherwise not been heard from in recent days. “It looks like the company has finally collapsed,” said Kolin Burges, the Bitcoin trader who started protesting outside Mt. Gox’s Tokyo headquarters on February 14th. “The question is whether people will get any of their assets back.”

By Jarrett Neil Ridlinghafer
Chief Technology Analyst
Compass Solutions, LLC

Over 322,000 PS4 consoles sold on Japanese opening weekend


The PlayStation 4 appears to be off to a good start in Japan. According to figures from Japanese magazine Famitsu, 322,083 PS4 consoles were bought in the first two days on sale — that’s nearly four times as many as the 88,443 PS3 systems sold on its opening weekend back in 2006.


Nearly four times as many as PS3

However, the circumstances were a little different. While the PS3 was extremely supply-constrained for its first few months, and its successor remains hard to find around the world, Sony appears to have secured a lot of PS4 stock for the Japanese launch.


It’s also worth noting that the Wii U sold 308,570 units in Japan in its first week on sale before Nintendo’s numbers nosedived. Still, if Sony can maintain a healthy pace of sales in its home territory as it has elsewhere, the Japanese giant has reason to feel encouraged.

By Jarrett Neil Ridlinghafer
Chief Technology Analyst
Compass Solutions, LLC

Samsung dives into fitness wearables with the Gear Fit


Samsung applies its smartwatch technology to something you can wear to the gym

By Dan Seifert

Alongside the new Gear 2 and Gear 2 Neo announced at Mobile World Congress in Barcelona, Samsung is expanding its line of wearable technology to include a fitness tracker. The new Gear Fit is a downsized version of its smartwatch siblings, with a focus on tracking your heart rate and counting your steps. It looks like a Samsung version of the popular wrist-worn Fitbit trackers, but with a larger screen and quite a few more functions.

The display on the Gear Fit is the real draw: it’s a rectangular, curved AMOLED touchscreen panel with characteristic-for-Samsung vibrant colors and exceptionally wide viewing angles. The curve in the display allows the Fit to conform around your wrist yet still have a large enough screen to make text readable and buttons easy to press with your finger. It’s not the first product from Samsung to have a curved display, but it does feel like it’s the first to actually benefit from its curvature. Plus it just looks cool.

The Fit doesn’t have the camera, microphone, or speaker of the Gear 2 and Gear 2 Neo, but it still can receive all of your smartphone’s notifications and alerts, making it one of the smartest fitness trackers we’ve seen yet. The focus is clearly on fitness, however, as the Fit includes a real-time fitness coach to encourage you to speed up or slow down via alerts, the ability to measure your heart rate in real time, and syncing with Samsung’s S Health apps on Galaxy smartphones.

It’s significantly more comfortable to wear than the other Gear smartwatches, mainly due to the fact that it’s half the weight and much narrower. The rubber strap is interchangeable and available in a variety of colors, and its basic clasp is pretty easy to close with one hand. The band’s soft-touch finish was comfortable in the few minutes we had to wear the Fit, though we’ll have to see how comfortable it is when breaking a sweat at the gym.

Samsung promises that the Fit will last three to four days between charges with normal use, and light users will be able to eke out even more time than that. Like the new Galaxy S5 and other Gear smartwatches, it’s IP67 rated for water and dust resistance, so it shouldn’t stop working when it’s doused in sweat or rinsed off in the shower.

Fitness wearables are becoming increasingly popular, and Samsung is a bit late to enter what is already a pretty crowded market. But from what we’ve seen thus far, the Gear Fit is quite impressive, and its integration with Samsung’s existing ecosystem is powerful. Samsung isn’t yet revealing how much the Fit will cost when it arrives on April 11th, but if it’s able to offer it for a reasonable price, we could see it easily rising to the top of the fitness-wearables heap.

By Jarrett Neil Ridlinghafer
Chief Technology Analyst
Compass Solutions, LLC

Apple Security Bug Could Let Hackers Intercept Encrypted Data

Security & Compliance-6

Apple on Friday quietly pushed out an update for its mobile devices to fix a major security flaw that could allow attackers to intercept encrypted email and other data. Experts warn that Mac desktops and laptops are still at risk.

The flaw, which relates to how iOS 7 validates the SSL certificates intended to protect websites, could let an attacker on the same network as a victim eavesdrop on all user activity. Apple did not reveal too much information about the problem, though experts who have studied the bug said hackers could launch so-called man in the middle attacks to intercept messages as they pass from a user’s device to sites like Gmail, Facebook, or even online banking.

“An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS,” Apple said in its advisory.

As PCMag’s Security Watch blog noted, SSL certificate validation is “critical” for establishing secure sessions with websites.

“By validating the certificate, the bank website knows that the request is coming from the user, and is not a spoofed request by an attacker,” PCMag’s Fahmida Rashid wrote. “The user’s browser also relies on the certificate to verify the response came from the bank’s servers and not from an attacker sitting in the middle and intercepting sensitive communications.”

A patch is available for the iPhone 4 and newer Apple smartphones, as well as the iPod touch (5th generation), iPad 2, 3, and Air. Those who have not already installed the update should do so immediately.

But the problem doesn’t end there. The same flaw also affects the latest version of Apple’s Mac OS X desktop software, which has several applications like Safari that rely on the faulty SSL/TLS library, called SecureTransport, Adam Langley, a senior engineer at Google, wrote in a blog post. At this point, OS X has not yet been patched, though a fix is expected soon and users should install it as soon as it’s available.

While waiting for the patch, there are a few ways to stay safe. For starters, avoid connecting to other people’s Wi-Fi networks, even if they are password-protected, Paul Ducklin, head of technology at security firm Sophos, wrote in a blog post Monday. If you are using a Mac for business, consider asking your employer to set you up as part of the company’s VPN if they have one.

It’s also a good idea to use alternative browsers like Firefox or Chrome until the patch is out. These browsers use their own SSL/TLS libraries, thereby “immunizing them against the bug in Apple’s SecureTransport library,” Ducklin wrote. Once the fix is available, it will be safe to switch back to Safari.

By Jarrett Neil Ridlinghafer
Chief Cloud Consultant
Compass Solutions, LLC

Data produced by wearable devices are providing users with a new view on how they can maintain a healthy lifestyle.


Contributed by: Wesley Robison

What is your ideal vision of health and how do you measure it? Whatever metric you may use, it’s likely a different standard than the person standing next to you. Over the years, people have counted calories and reps to benchmark and compare their relative fitness, but as our understanding of health has evolved, there are more and more stats to track. Thankfully, with an explosion of wearable technology and mobile apps, much of that work has moved from manual entries in notebooks and spreadsheets to a level of automated tracking.

In fact, we’re at a point where our devices are not only able to seamlessly monitor a wider range of activities and behaviors from sleep and steps to stress, but make sense of that data though meaningful stories and visualizations, supporting us on our individual journey to healthier living. This trend of Holistic Tracking is featured in PSFK LabsFuture of Health report, further exploring the devices, metrics and visualizations that companies are using to educate consumers and help them actively manage their health.

While the demographics of the global market are continually expanding and becoming more diverse, one unifying factor in the quest for greater health is the relationship between access to information and behavior change. In a 2013 study from Pew Research, 46% of people who tracked their health say that this activity has changed their overall approach to maintaining their health or the health of someone for whom they provide care.

In a conversation with Travis Bogard, Jawbone’s VP of Product Management & Strategy, he noted, “We see this huge gap that exists between intention and action ‑‑ what people think they’re doing, and what they’re actually doing ‑‑ and I think the transparency of seeing that starts to help people understand what their patterns are, and where can they make adjustments to live the life that they really want to.”

As brands and healthcare providers look to engage consumers around the Holistic Tracking trend, the PSFK Labs’ team suggests considering the following questions:

  • What are the next wave of personal metrics that are going to be essential for maintaing good health?
  • How do we move from historical tracking to predictive warnings, and what lifestyle behaviors should be the focus?
  • How do we standardize the data being gathered and make it shareable with the wider healthcare system?
  • As this data is shared with insurance companies and providers, how do we ensure that consumers maintain ownership and receive greater value?
  • What new services will be needed to connect and analyze a wider range of data sources, and deliver deeper meaning?
  • How can we tap into “in the moment” achievements or long-term goals to support consumers on their goal to better health?

With the help of our partner Boehringer IngelheimPSFK Labs has released the latest Future of Health Report, which highlights the four major themes and 13 emerging trends shaping the evolving global landscape of healthcare. To see more insights and thoughts on the Future of Health visit the PSFK page.

By Jarrett Neil Ridlinghafer
Chief Cloud Consultant
Compass Solutions, LLC


Tenable Adds Cloud Management and Multi-Scanner Support to Nessus


Tenable Network Security, Inc., the leader in real-time vulnerability and threat management, today announced powerful cloud management capabilities will be delivered to Nessus users in a March 3rd update. Departments, teams and remote locations will have, as part of their subscription, the ability to control internal and external scanners from a primary scanner. Nessus customers with Nessus Perimeter Service will be able to do so through the cloud. Nessus is also introducing a new simplified view of scan findings, affected hosts, and compliance status with one-click drill-down for details.

Many organizations have multiple scanners for different segments of their networks and geographical locations. Managing multiple vulnerability scanners, scheduling scans, and processing results can be a challenge for organizations with a single person or small team responsible for vulnerability and compliance scanning.

“The introduction of the new multi-scanner management capability in Nessus allows users to benefit from the robust capabilities of the most widely-used vulnerability scanner in the world—while saving time, effort, and resources by managing internal and external scanning from a single point in the cloud or on premise,” said Ron Gula, CEO of Tenable Network Security.

Key new features in Nessus include:

  • Cloud management portal—Nessus Perimeter Service can now be used as a primary scanner and will be able to control multiple secondary Nessus scanners (internal Nessus scanners or Nessus Amazon Machine Images) regardless of location. At no extra charge, Perimeter Service customers may also submit up to two externa