Connect with us

Uncategorized

Cloudflare and Apple design a new privacy-friendly internet protocol

Published

on

Engineers at Cloudflare and Apple say they’ve developed a new internet protocol that will shore up one of the biggest holes in internet privacy that many don’t know even exists. Dubbed Oblivious DNS-over-HTTPS, or ODoH for short, the new protocol makes it far more difficult for internet providers to know which websites you visit.

But first, a little bit about how the internet works.

Every time you go to visit a website, your browser uses a DNS resolver to convert web addresses to machine-readable IP addresses to locate where a web page is located on the internet. But this process is not encrypted, meaning that every time you load a website the DNS query is sent in the clear. That means the DNS resolver — which might be your internet provider unless you’ve changed it — knows which websites you visit. That’s not great for your privacy, especially since your internet provider can also sell your browsing history to advertisers.

Recent developments like DNS-over-HTTPS (or DoH) have added encryption to DNS queries, making it harder for attackers to hijack DNS queries and point victims to malicious websites instead of the real website you wanted to visit. But that still doesn’t stop the DNS resolvers from seeing which website you’re trying to visit.

Enter ODoH, which decouples DNS queries from the internet user, preventing the DNS resolver from knowing which sites you visit.

Here’s how it works: ODoH wraps a layer of encryption around the DNS query and passes it through a proxy server, which acts as a go-between the internet user and the website they want to visit. Because the DNS query is encrypted, the proxy can’t see what’s inside, but acts as a shield to prevent the DNS resolver from seeing who sent the query to begin with.

“What ODoH is meant to do is separate the information about who is making the query and what the query is,” said Nick Sullivan, Cloudflare’s head of research.

In other words, ODoH ensures that only the proxy knows the identity of the internet user and that the DNS resolver only knows the website being requested. Sullivan said that page loading times on ODoH are “practically indistinguishable” from DoH and shouldn’t cause any significant changes to browsing speed.

A key component of ODoH working properly is ensuring that the proxy and the DNS resolver never “collude,” in that the two are never controlled by the same entity, otherwise the “separation of knowledge is broken,” Sullivan said. That means having to rely on companies offering to run proxies.

Sullivan said a few partner organizations are already running proxies, allowing for early adopters to begin using the technology through Cloudflare’s existing 1.1.1.1 DNS resolver. But most will have to wait until ODoH is baked into browsers and operating systems before it can be used. That could take months or years, depending on how long it takes for ODoH to be certified as a standard by the Internet Engineering Task Force.

Lyron Foster is a Hawaii based African American Musician, Author, Actor, Blogger, Filmmaker, Philanthropist and Multinational Serial Tech Entrepreneur.

Continue Reading
Comments

Uncategorized

Ars online IT roundtable today: What’s the future of the data center?

Published

on

Ars online IT roundtable today: What’s the future of the data center?

Enlarge

If you’re in IT, you probably remember the first time you walked into a real data center—not just a server closet, but an actual raised-floor data center, where the door wooshes open in a blast of cold air and noise and you’re confronted with rows and rows of racks, monolithic and gray, stuffed full of servers with cooling fans screaming and blinkenlights blinking like mad. The data center is where the cool stuff is—the pizza boxes, the blade servers, the NASes and the SANs. Some of its residents are more exotic—the Big Iron in all its massive forms, from Z-series to Superdome and all points in between.

For decades, data centers have been the beating hearts of many businesses—the fortified secret rooms where huge amounts of capital sit, busily transforming electricity into revenue. And they’re sometimes a place for IT to hide, too—it’s kind of a standing joke that whenever a user you don’t want to see is stalking around the IT floor, your best bet to avoid contact is just to badge into the data center and wait for them to go away. (But, uh, I never did that ever. I promise.)

But the last few years have seen a massive shift in the relationship between companies and their data—and the places where that data lives. Sure, it’s always convenient to own your own servers and storage, but why tie up all that capital when you don’t have to? Why not just go to the cloud buffet and pay for what you want to eat and nothing more?

Read 4 remaining paragraphs | Comments

Continue Reading

Uncategorized

Transforming the energy industry with AI

Published

on

For oil and gas companies, digital transformation is a priority—not only as a way to modernize the enterprise, but also to secure the entire energy ecosystem. With that lens, the urgency of applying artificial intelligence (AI) and machine learning capabilities for optimization and cybersecurity becomes clear, especially as threat actors increasingly target connected devices and operating systems, putting the oil and gas industry in collective danger. The year-over-year explosion in industry-specific attacks underscores the need for meaningful advancements and maturity in cybersecurity programs.

However, most companies don’t have the resources to implement sophisticated AI programs to stay secure and advance digital capabilities on their own. Irrespective of size, available budget, and in-house personnel, all energy companies must manage operations and security fundamentals to ensure they have visibility and monitoring across powerful digital tools to remain resilient and competitive. The achievement of that goal is much more likely in partnership with the right experts.

MIT Technology Review Insights, in association with Siemens Energy, spoke to more than a dozen information technology (IT) and cybersecurity executives at oil and gas companies worldwide to gain insight about how AI is affecting their digital transformation and cybersecurity strategies in oil and gas operating environments. Here are the key findings:

  • Oil and gas companies are under pressure to adapt to dramatic changes in the global business environment. The coronavirus pandemic dealt a stunning blow to the global economy in 2020, contributing to an extended trend of lower prices and heightening the value of increased efficiency to compensate for market pressures. Companies are now forced to operate in a business climate that necessitates remote working, with the added pressure to manage the environmental impact of operations growing ever stronger. These combined factors are pushing oil and gas companies to pivot to new, streamlined ways of working, making digital technology adoption critical.
  • As oil and gas companies digitalize, the risk of cyberattacks increases, as do opportunities for AI. Companies are adding digital technology for improved productivity, operational efficiency, and security. They’re collecting and analyzing data, connecting equipment to the internet of things, and tapping cutting-edge technologies to improve planning and increase profits, as well as to detect and mitigate threats. At the same time, the industry’s collective digital transformation is widening the surface for cybercriminals to attack. IT is under threat, as is operational technology (OT)—the computing and communications systems that manage and control equipment and industrial operations.
  • Cybersecurity must be at the core of every aspect of companies’ digital transformation strategies. The implementation of new technologies affects interdependent business and operational functions and underlying IT infrastructure. That reality calls for oil and gas companies to shift to a risk management mindset. This includes designing projects and systems within a cybersecurity risk framework that enforces companywide policies and controls. Most important, they now need to access and deploy state-of-the-art cybersecurity tools powered by AI and machine learning to stay ahead of attackers.
  • AI is optimizing and securing energy assets and IT networks for increased monitoring and visibility. Advancements in digital applications in industrial operating environments are helping improve efficiency and security, detecting machine-speed attacks amidst the complexity of the rapidly digitalizing operating environments.
  • Oil and gas companies look to external partners to guard against growing cyberthreats. Many companies have insufficient cybersecurity resources to meet their challenges head-on. “We are in a race against the speed of the attackers,” Repsol Chief Information Officer Javier García Quintela explains in the report. “We can’t provide all the cybersecurity capabilities we need from inside.” To move quickly and address their vulnerabilities, companies can find partners that can provide expertise and support as the threat environment expands.

Cybersecurity, AI, and digitalization

Energy sector organizations are presented with a major opportunity to deploy AI and build out a data strategy that optimizes production and uncovers new business models, as well as secure operational technology. Oil and gas companies are faced with unprecedented uncertainty—depressed oil and gas prices due to the coronavirus pandemic, a multiyear glut in the market, and the drive to go green—and many are making a rapid transition to digitalization as a matter of survival. From moving to the cloud to sharing algorithms, the oil and gas industry is showing there is robust opportunity for organizations to evolve with technological changes.

In the oil and gas industry, the digital revolution has enabled companies to connect physical energy assets with hardware control systems and software programs, which improves operational efficiency, reduces costs, and cuts emissions. This trend is due to the convergence of energy assets connected to OT systems, which manage, monitor, and control energy assets and critical infrastructure, and IT networks that companies use to optimize data across their corporate environments.

With billions of OT and IT data points captured from physical assets each day, oil and gas companies are now turning to built-for-purpose AI tools to provide visibility and monitoring across their industrial operating environments—both to make technologies and operations more efficient, and for protection against cyberattacks in an expanded threat landscape. Because energy companies’ business models rely on the convergence of OT and IT data, companies see AI as an important tool to gain visibility into their digital ecosystems and understand the context of their operating environments. Enterprises that build cyber-first digital deployments similarly have to accommodate emerging technologies, such as AI and machine learning, but spend less time on strategic realignment or change management.

Importantly, for oil and gas companies, AI, which may have once been reserved for specialized applications, is now optimizing everyday operations and providing critical cybersecurity defense for OT assets. Leo Simonovich, vice president and global head of industrial cyber and digital security at Siemens Energy, argues, “Oil and gas companies are becoming digital companies, and there shouldn’t be a trade-off between security and digitalization.” Therefore, Simonovich continues, “security needs to be part of the digital strategy, and security needs to scale with digitalization.”

To navigate today’s volatile business landscape, oil and gas companies need to simultaneously identify optimization opportunities and cybersecurity gaps in their digitalization strategies. That means building AI and cybersecurity into digital deployments from the ground up, not bolting them on afterward.

Download the full report.

This content was produced by Insights, the custom content arm of MIT Technology Review. It was not written by MIT Technology Review’s editorial staff.

Continue Reading

Uncategorized

Soci raises $80M for its localized marketing platform

Published

on

Soci, a startup focused on what it calls “localized marketing,” is announcing that it has raised $80 million in Series D funding.

National and global companies like Ace Hardware, Anytime Fitness, The Hertz Corporation and Nekter Juice Bar use Soci (pronounced soh-shee) to coordinate individual stores as they promote themselves through search, social media, review platforms and ad campaigns. Soci said that in 2020, it brought on more than 100 new customers, representing nearly 30,000 new locations.

Co-founder and CEO Afif Khoury told me that the pandemic was a crucial moment for the platform, with so many businesses “scrambling to find a real solution to connect with local audiences.”

One of the key advantages to Soci’s approach, Khoury said, is to allow the national marketing team to share content and assets so that each location stays true to the “national corporate personality,” while also allowing each location to express  a “local personality.” During the pandemic, businesses could share basic information about “who’s open, who’s not” while also “commiserating and expressing the humanity that’s often missing element from marketing nationally.”

“The result there was businesses that had to close, when they had their grand reopenings, people wanted to support that business,” he said. “It created a sort of bond that hopefully lasts forever.”

Khoury also emphasized that Soci has built a comprehensive platform that businesses can use to manage all their localized marketing, because “nobody wants to have seven different logins to seven different systems, especially at the local level.”

The new funding, he said, will allow Soci to make the platform even more comprehensive, both through acquisitions and integrations: “We want to connect into the CRM, the point-of-sale, the rewards program and take all that data and marry that to our search, social, reviews data to start to build a profile on a customer.”

Soci has now raised a total of $110 million. The Series D was led by JMI Equity, with participation from Ankona Capital, Seismic CEO Doug Winter and Khoury himself.

“All signs point to an equally difficult first few months of this year for restaurants and other businesses dependent on their communities,” said JMI’s Suken Vakil in a statement. “This means there will be a continued need for localized marketing campaigns that align with national brand values but also provide for community-specific messaging. SOCi’s multi-location functionality positions it as a market leader that currently stands far beyond its competitors as the must-have platform solution for multi-location franchises/brands.”

Continue Reading

Trending