Supplier Report: 1/5/2018

Here we go again… there is another security flaw that could impact almost all connected computers.  This time the issue is at the CPU kernel level and it could take some time to completely correct.

Amazon is one of the companies impacted by this flaw, but on the bright side, their bets on home speakers, video and music services, and grocery stores are paying off. The company also seems to be making progress on ridding themselves of Oracle software internally and in their service offerings.

And last but not least, Google is saving billions of dollars in another off-shore tax shelter plan.

Acquisitions

  • Microsoft acquires Avere Systems, file-storage vendor for Windows and Linux

    Microsoft announced intentions to buy the Pittsburgh, Penn.-based vendor on Jan. 3 for an undisclosed amount.

    Avere has developed file system and caching technologies designed to speed access to compute and storage in hybrid environments. Avere provides NFS and SMB file storage for Windows and Linux clients running in the cloud, hybrid, and on-premises environments.

    http://www.zdnet.com/article/microsoft-acquires-avere-systems-file-storage-vendor-for-windows-and-linux/

  • How FANG Stocks Left the Media Business Snakebitten: A 2017 Retrospective

    But media moguls aren’t taking all this lying down; to defang FANG, they’re fighting with fire. They are remaking their companies in the same mold as their tech rivals, first by striking the deals necessary to scale into a group of fewer but bigger businesses that can at least approach the size of a quartet boasting a combined market capitalization of $1.9 trillion. They are also pivoting toward their rivals’ style of data-driven streaming direct to the consumer. As Murdoch summed it up in the wake of the Disney deal, “Silicon Valley is spending tens and tens of billions on entertainment programming,” he told NPR. “So it makes sense to bulk up the entertainment side, so that we’ve got a company that can go direct to consumers in a big way.”

    Nothing defined the media sector more in 2017 than the mergers and acquisitions that have been the order of the day to appease an increasingly skeptical Wall Street. In addition to the Fox-Disney stunner, there was the $14.6 billion union of Discovery and Scripps completed in November. More such deals seem inevitable next year, such as the potential for Shari Redstone to engineer the reunion of CBS Corp. and Viacom. Maybe someone in Silicon Valley will finally buy one of the content companies as well.

    http://variety.com/2017/digital/news/fang-facebook-amazon-netflix-amazon-2017-1202645607/

  • Inside the Eccentric, Relentless Deal-Making of Masayoshi Son

    Chris Lane, an analyst with Sanford Bernstein, says about eight in 10 of the investors he talks with are skeptical of Son. They see him as a solid telecom operator who is taking enormous risks with his investments and has demonstrated no special skill in technology investment. Lane sees clear evidence of that disbelief: SoftBank’s stock in Alibaba and other assets are worth more than 19 trillion yen after subtracting all its debt, but SoftBank’s market cap is only 9.8 trillion yen. It’s like your neighbor having a suitcase stuffed with $1 million in cash, but you’ll only pay him $500,000 for it because you think he’ll lose the rest on the way to your house. Critics not only don’t believe Son can pick the next Alibaba; they’re convinced he’s going to squander what he already has.

    “If you think of this as a telco making unrelated investments and likely to lose money, then maybe the discount is right,” Lane says. “If you think this is a sophisticated technology investment firm with a strong track record, then this is an unbelievable opportunity.”

    https://www.bloomberg.com/news/features/2018-01-02/inside-the-eccentric-unstoppable-deal-making-of-masayoshi-son

Artificial Intelligence

  • China emerges as a hotbed for artificial intelligence (thanks JD!)

    The rapid growth of AI in China can also be partly attributed to government support. Beijing laid out a development plan in July to become a world leader in AI, aiming to build a domestic AI industry worth at least 1 trillion yuan (around $1.5 billion), according to a government document. Chirag Dekate, research director of high-performance computing for Gartner, thinks China is getting into AI for the long haul. “The U.S. is driving AI innovation across the spectrum, in software and hardware,” said Dekate in an interview with Investor’s Business Daily. “Early use cases and early adopters are happening more in the U.S. than any geography in the world. But China is looking at it from a marathon perspective.”

    https://digiday.com/marketing/china-emerges-hotbed-artificial-intelligence/

Cloud

  • The CPU catastrophe will hit hardest in the cloud

    But privilege escalation is much scarier in the cloud, where the same server could be working for dozens of people at once. Platforms like Amazon Web Services and Google Cloud let online companies spread a single program across thousands of servers in data centers across the world, sharing hardware the same way you’d share an airplane or a subway car. Collective hardware isn’t a security problem because even when different users are on the same server, they’re in different software instances, with no way to jump from one instance to another. Spectre could change that, letting attackers steal data from anyone sharing the same chip. If a hacker wanted to perform that kind of attack, all they’d have to do is start their own instance and run the program.

    Cloud services are also a lucrative target for anyone hoping to cash in on Spectre. Lots of midsize businesses run their entire infrastructure on AWS or Google Cloud, often trusting the platform with sensitive and potentially lucrative information. Bitcoin exchanges, chat apps, even government agencies all keep passwords and other sensitive data on cloud servers. If you’re running a modern web service, there’s simply no other choice. If someone did set a new exploit running on a cloud instance, there’s no telling what kind of data might shake out.

    https://www.theverge.com/2018/1/4/16850120/meltdown-spectre-vulnerability-cloud-aws-google-cpu

Software/SaaS

  • Facebook has a 100-person engineering team that helps advertisers build tools and infrastructure

    You’d expect any digital media business to offer some degree of technical support to its biggest advertisers, but the solutions engineering team is actually building products.

    For example, it was involved in creating Facebook’s dynamic ads format (where ads show different products to different users based on their activities and interests). Mehta said dynamic ads were first inspired by the complaints of an advertiser he was meeting with in Hamburg, Germany, and he then worked with the Facebook Ads team to create a prototype, eventually leading to a more polished product and broader availability.

    It’s probably safe to say that not every client meeting leads to a new ad format — sometimes Mehta’s team is just helping advertisers understand how to use their existing tools in a more effective way. But that other option, working with the rest of Facebook to build something new, is also on the table.

    https://techcrunch.com/2017/12/29/facebook-solutions-engineering/?ncid=rss

  • Amazon and Salesforce are reportedly making ‘significant progress’ moving away from Oracle technology

    Salesforce is developing its own alternative to Oracle’s database, while Amazon is moving toward open-source technology called NoSQL, sources told The Information. If Amazon and Salesforce could move away from Oracle, it could be proof that other big businesses could, too, one consultant told The Information.

    Oracle’s database technology, as well as the coding language Java, have been the market standard in many industries since at least the 1990s, as one of the first databases to support “http” technologies online.

    https://www.cnbc.com/2018/01/02/amazon-salesforce-moving-away-from-oracle-technology-report.html

Security

  • Kernel panic! What are Meltdown and Spectre, the bugs affecting nearly every computer and device?

    In modern architectures, there are inviolable spaces where data passes through in raw, unencrypted form, such as inside the kernel, the most central software unit in the architecture, or in system memory carefully set aside from other applications. This data has powerful protections to prevent it from being interfered with or even observed by other processes and applications.

    Meltdown and Spectre are two techniques researchers have discovered that circumvent those protections, exposing nearly any data the computer processes, such as passwords, proprietary information, or encrypted communications.

    Meltdown affects Intel processors, and works by breaking through the barrier that prevents applications from accessing arbitrary locations in kernel memory. Segregating and protecting memory spaces prevents applications from accidentally interfering with one another’s data, or malicious software from being able to see and modify it at will. Meltdown makes this fundamental process fundamentally unreliable.

    Spectre affects Intel, AMD, and ARM processors, broadening its reach to include mobile phones, embedded devices, and pretty much anything with a chip in it. Which, of course, is everything from thermostats to baby monitors now.

    https://techcrunch.com/2018/01/03/kernel-panic-what-are-meltdown-and-spectre-the-bugs-affecting-nearly-every-computer-and-device/
    Cloud infrastructure vendors begin responding to chip kernel vulnerability

    “We’re aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers. We are in the process of deploying mitigations to cloud services and are releasing security updates today to protect Windows customers against vulnerabilities affecting supported hardware chips from AMD, ARM and Intel. We have not received any information to indicate that these vulnerabilities had been used to attack our customers.”

    https://techcrunch.com/2018/01/03/cloud-infrastructure-vendors-begin-responding-to-chip-kernel-vulnerability/?ncid=rss

  • Intel was aware of the chip vulnerability when its CEO sold off $24 million in company stock

    But while the public is just being informed about the security problem, tech companies have known about it for months. In fact, Google informed Intel of the vulnerability in June, an Intel representative told Business Insider in a statement.

    That means Intel was aware of the problem before Krzanich sold off a big chunk of his holdings. Intel’s CEO saw a $24 million windfall November 29 through a combination of selling shares he owned outright and exercising stock options.

    The stock sale raised eyebrows when it was disclosed, primarily because it left Krzanich with just 250,000 shares of Intel stock — the bare minimum the company requires him to hold under his employment agreement.

    http://www.businessinsider.com/intel-ceo-krzanich-sold-shares-after-company-was-informed-of-chip-flaw-2018-1

Other

  • Amazon did a lot of funky stuff this year and it’s paying off

    The bet paid off, with AWS now on track to generate more than $10 billion annually. More importantly, that $10 billion annually comes with a pretty healthy margin — though, over time, that margin may slip down. For the time being, though, it’s an impressive business compared to the razor-thin profits that Amazon might generate from its retail operations and a good data point as its media services like video or music start to play out.

    And, as usual, recurring revenue is a story that Wall Street loves. Amazon is a company that people will often tell you not to bet against, and its stock is up more than 50 percent on the year thanks to an array of businesses that all appear to be showing growth and the company’s recent-ish ability to turn a profit. Amazon can thank AWS a lot for that.

    https://techcrunch.com/2017/12/29/amazon-did-a-lot-of-funky-stuff-this-year-and-its-paying-off/?ncid=rss

  • Peter Thiel’s Founders Fund Makes Monster Bet on Bitcoin

    Relatively few mainstream investors have bought large sums of bitcoin, scared off by concerns about cybersecurity and liquidity, as well as more mundane fears of investment losses. Even some of those who do own it are cautious about speaking too publicly, lest they draw the attention of hackers.

    The recent price plunge has also spooked some. On Dec. 22, the prominent investor Michael Novogratz said he was delaying launching a crypto-focused hedge fund for outside investors, stating “we didn’t like market conditions for new investors.” South Korea announced last week it would crack down on cryptocurrency trading, an ominous sign given that the country at one point accounted for as much as one-fourth of global bitcoin trading activity.

    https://www.wsj.com/articles/peter-thiels-founders-fund-makes-big-bet-on-bitcoin-1514917433

  • Google used a popular tax trick to shelter $19.2 billion

    Newly published Netherlands regulatory filings show that Google shielded €15.9 billion (about $19.2 billion) in 2016 using the popular “Dutch Sandwich” tax trick, saving it about $3.7 billion in taxes. The maneuver involves shifting revenue from an Irish subsidiary to a Dutch firm with no staff, and promptly moving the funds to a Bermuda mailbox owned by another Ireland-listed company. And this practice isn’t slowing down — Google moved 7 percent more cash through this approach in 2016 than it did a year earlier.

    https://www.engadget.com/2018/01/02/google-dutch-sandwich-tax-maneuver/

 

News You Can Use: 1/3/2018

  • The Google-Facebook Duopoly Threatens Diversity of Thought

    When virtually all online advertising goes through two companies, however, they have the power to harm websites arbitrarily. One political blog that posted an article trying to distinguish the “alt-right” from white nationalism received a warning email from Google’s AdSense team. An editor took the article down, explaining to readers that the blog “needs revenue from the Google ad platform in order to survive.” You needn’t agree with the editorial decision to publish the article to be troubled by Google’s vetoing it.

    In his 2014 book “Zero to One,” Peter Thiel notes that because Google “doesn’t have to worry about competing with anyone, it has wider latitude to care about . . . its impact on the wider world.” If executives at a Silicon Valley monopoly believe that censoring certain content will push the world in a positive direction, market pressures cannot sufficiently restrain them.

    Journalists also argue that tech companies are pushing media toward the lowest common denominator. Social media rewards clickbait—sensational headlines that confirm readers’ biases. Google and Facebook’s advertising duopoly bleeds traditional publishers of the revenue needed to produce high-quality news. At the same time, Google’s search engine is biased against subscription content, depleting another source of funding.

    https://www.wsj.com/articles/the-google-facebook-duopoly-threatens-diversity-of-thought-1513642519

  • China’s New Lenders Collect Invasive Data and Offer Billions. Beijing Is Worried.

    In November, the People’s Bank of China, the country’s central bank, stopped companies and people from starting new online cash lending platforms. In early December, the China Banking Regulatory Commission said it would crack down on unlicensed cash loan companies and put a lid on high-interest loans.

    China’s small loans are piling up. More than 8,600 companies offer some form of small loan, and about $145 billion of those debts remain unpaid, according to the People’s Bank of China. Other estimates run as high as $392 billion, according to the Boston Consulting Group. The government does not track default rates among online lenders, which disclose little on their own.

    “We are worried that in an environment where there is no effective credit system, people tend to overborrow, especially when capital comes in,” said Bai Chengyu, an executive at the China Association of Microfinance, who is no relation to Bai Shichao.

    https://www.nytimes.com/2017/12/25/business/china-online-lending-debt.html

  • 2017 in 7 minutes
  • Internet Tightens: Popular Chinese WeChat App to Become Official ID

    “The data these companies collect is richer and thicker than what the government can collect, so the typical case now is the government going to the companies to get information,” said Severine Arsene, managing editor of AsiaGlobal Online at the University of Hong Kong’s Asia Global Institute. “This shows how much power the companies hold.”

    The move from physical ID cards to digital images makes sense in a country where people use their mobile devices for an array of daily functions, from shopping to paying restaurant bills to streaming videos, Ms. Arsene said, but it also carries risks that the companies might be seen to be working too closely with the government.

    Hosting a huge repository of government data also increases the threat it could be compromised, said Paul McKenzie, a managing partner of law firm Morrison Foerster.

    “In the course of deploying this technology, WeChat may end up with huge volumes of data associated with people’s ID cards and other personal information,” Mr. McKenzie said. “If that’s the case, the security of WeChat ’s network from hacks will be critical.”

    https://www.wsj.com/articles/internet-tightens-popular-chinese-wechat-app-to-become-official-id-1514541980

  • Use This Five-Point Guide to Find Patience When You’re Annoyed

    Over at Quick and Dirty Tips, Psychologist Ellen Hendriksen, PhD, writes that patience is a kind of self-control, which, she says, is “the ability to regulate your emotions and behavior, even when your impulses are screaming otherwise.” Thus, patience is a state of mind that can be trained and strengthened—it’s not a rarefied state for saints and superheroes. And annoyance, as anyone who’s stewed in it will recognize, is a subset of anger.

    Hendriksen draws on research about self-control and anger to draw up this five-point guide to letting go of annoyance and find patience:

    1. Know that your goal will still be achieved.
    2. Give yourself what you need in your imagination.
    3. Change your conclusion.
    4. Pretend you’re being watched.
    5. Save the story for later.

    https://lifehacker.com/use-this-five-point-guide-to-find-patience-when-youre-a-1821563720

Photo: Geran de Klerk

News You Can Use: 11/15/2017

  • I Learned a Lot About Strong Company Culture From Jeff Bezos — But There’s 1 Strategy I Won’t Copy

    Amazon’s culture is fairly cutthroat and trust does not run high. Every year employees are stack ranked and those at the bottom of the list are cut. In theory, it’s important to keep the bar for performance high and this is one of the ways Amazon does that. But, this practice pits employees against each other. Instead of working as teammates they compete as rivals. Trust is essential in building a healthy company. You need every person on the team to be willing to shift priorities and pitch in on initiatives that fall well outside their defined job role in order to make the company successful. You need a culture where people have each other’s backs. If you get the right people on board and align them all around a single vision, this will happen naturally.

    https://www.entrepreneur.com/article/304037

  • Don’t Struggle Always to Be the ‘Smartest Person in the Room.’ Instead, Rely on a Mentor.

    Find several mentors who share your passions. When you reach out to mentors — and aim to have more than one — look for common ground according to your passion for similar challenges and objectives. Then, when you approach these individuals, emphasize these shared passions in a letter or speech to demonstrate the potential of a collaboration.

    Don’t just ask someone generically and blandly to be your mentor; you’ll risk coming across as a “social climber.” Mentors want to be aligned with those who share similar values and goals.

    https://www.entrepreneur.com/article/304265

  • John Oliver: Economic Development (NSFW)

    Once again, I beat Mr. Oliver to the punch (Obviously I love Last Week Tonight, and just feel vindicated that we cover the same topics (and that I am a little ahead of the trend every once and a while).
  • Facebook, WeWork and others use this startup to make swag

    “People think of swag as junk but it shouldn’t be,” Swag co-founder Jeremy Parker told TechCrunch. “It could be an amazing marketing tool if it’s built right.”

    Swag.com offers products like water bottles, umbrellas, shirts, jackets, USB drives, bags and other items from brands like Patagonia, Case Logic. Once you pick the product, you upload your designs, specify how many you want printed and then wait for Swag to send you the production mockup for approval.

    Standard production time takes about 15 days while priority production takes 10 days and costs a bit more. Production doesn’t start until the customer has approved the mockup. Since Swag works directly with the manufacturer and vendor, it doesn’t have to hold any inventory.

    https://techcrunch.com/2017/11/06/facebook-wework-and-others-use-this-startup-to-make-swag/?ncid=rss
    I really do enjoy good company swag and there is so much bad swag that I end up tossing.

  • How Facebook Figures Out Everyone You’ve Ever Met

    Behind the Facebook profile you’ve built for yourself is another one, a shadow profile, built from the inboxes and smartphones of other Facebook users. Contact information you’ve never given the network gets associated with your account, making it easier for Facebook to more completely map your social connections.

    Facebook isn’t scanning the work email of the attorney above. But it likely has her work email address on file, even if she never gave it to Facebook herself. If anyone who has the lawyer’s address in their contacts has chosen to share it with Facebook, the company can link her to anyone else who has it, such as the defense counsel in one of her cases.

    https://gizmodo.com/how-facebook-figures-out-everyone-youve-ever-met-1819822691

Photo: Jase Ess

Supplier Report: 11/22/2014

paperwork_flickr

IBM

  • There is alot of news about IBM’s “BlueMix” Platform as a Service (PaaS) this week.

    Another Bluemix addition that goes hand-in-hand with Dedicated is what IBM called a Private API catalog, a collection of APIs that allow developers to connect their existing on-premise systems with IBM’s Bluemix. An organization can in effect republish its data through Bluemix and make it available as a service, either to other internal developers or external third parties. A company that can’t or doesn’t want to move its data into the cloud at all, even to an isolated instance like Bluemix Dedicated, could use this as a halfway-house solution.

    http://www.infoworld.com/article/2851129/paas/ibm-spins-up-a-new-bare-metal-private-paas.html

  • IBM is going after email with a freemium model.
    They are talking about merging email with social tools, instant messaging, file sharing, and calendars in one tool.  Sounds similar to what Microsoft tried to do with the Outlook relaunch last year.
    http://www.techzone360.com/topics/techzone/articles/2014/11/20/394009-ibm-launch-innovative-new-email-service.htm

Oracle

HP

Other