Friday, 8 December 2017

Security Of Virtualization Solutions

vmware
Memory Isolation
Direction Execution of User Requests
OS Requests lure to VMM while not Binary Transformation or Paravirtualization
The supervisor American state nes the RAM allotted to a virtual machine by the VMM via the virtual machine’s settings. The VMkernel allocates memory once it American state nes the resources to be utilized by the virtual machine. A guest OS uses physical memory allotted thereto by the VMkernel and American state ned within the virtual machine’s con guration autoimmune disorder.



Fig:Memory Isolation in vmware.



An OS booting on real hardware is given a zero-based physical address house; AN OS corporal punishment on virtual hardware is given a zero-based address space. The VMM offers every virtual machine the illusion that it's victimization such AN address house, virtualizing physical memory by adding an additional level of address translation. A machine address refers to actual hardware memory; a physical address may be a software package abstraction wont to give the illusion of hardware memory to a virtual machine. This paper uses “physical” in quotation marks to tell apart this deviation from the standard which means of the term.

Memory Protection
To protect privileged parts, like the VMM and VMkernel, vSphere uses sure well-known techniques. Address house layout organisation (ASLR) randomizes wherever core kernel modules square measure loaded into memory. The NX/XD C.P.U. options change the VMkernel to mark writeable areas of memory as nonexecutable. each ways shield the system from bu er over ow attacks in running code. NX/XD C.P.U. options are also exposed to guest virtual machines by default.

Device Isolation
Each virtual machine is isolated from different virtual machines running on an equivalent hardware. Virtual machines share physical resources like C.P.U., memory, and I/O devices; a guest OS in a private virtual machine cannot observe any device aside from the virtual devices created offered thereto.
To any clarify, a virtual machine will observe solely the virtual (or physical) devices assigned thereto by the systems administrator, like the subsequent examples:
• A virtual SCSI disk mapped to a autoimmune disorder on a disk
• AN actual disk or LUN connected to a physical host or array
• A virtual network controller connected to a virtual switch
• AN actual network controller connected to a physical network

Device Access to Hardware
At the hardware level, all direct access (DMA) transfers and device-generated interrupts square measure virtualized and isolated from different virtual machines. This prevents one virtual machine from accessing the memory house controlled by another virtual machine. If such an endeavor is formed by a virtual machine, the guest OS can receive a fault from the C.P.U..
Because the VMkernel and VMM mediate access to the physical resources, and every one physical hardware access takes place through the VMkernel, virtual machines cannot circumvent this level of isolation.

I/O Remapping
Modern processors feature AN I/O memory management unit that remaps I/O DMA transfers and device interrupts. this allows virtual machines to possess direct access to hardware I/O devices, like network cards, storage controllers (HBAs), and GPUs. In AMD processors, this feature is termed AMD I/O Virtualization (AMD-Vi) or I/O memory management unit (IOMMU); in Intel processors, the feature is termed Intel Virtualization Technology for Directed I/O (VT-d). among ESXi, use of this capability is termed DirectPath I/O. DirectPath I/O doesn't impact the protection properties in any approach. as an example, a virtual machine con gured to use VT-d or AMD-Vi to directly access a tool cannot in uence or access the I/O of another virtual machine.

      1. Resource Provisioning, Shares, and Limits

      2. Security of the VMware vSphere Hypervisor

DirectPath I/O
In a virtualized surroundings, resources square measure shared among all virtual machines. however as a result of system resources will be managed, it permits use limits on virtual machines. There square measure variety of ways to deal with this.

Provisioning
In a physical system, the OS will use all the hardware resources. If the system has 128GB of memory, and also the OS will address it, all of that memory will be used. an equivalent applies to C.P.U. resources. However, as antecedently noted, all resources square measure shared in an exceedingly virtual surroundings. AN OS victimization too several resources, C.P.U. as an example, probably will deprive another OS of the resources it wants. Provisioning is that the rst step in managing virtual machine resources. A virtual machine ought to be provisioned with solely the resources it needs to try and do employment. as a result of virtual machines ne'er will use additional C.P.U. or memory resources than provisioned, users will limit the impact on different virtual machines.

Shares
Users will any isolate and shield neighboring virtual machines from “noisy neighbors” through the employment of shares. Grouping “like” virtual machines into resource pools, and departure shares set to default, ensures that every one virtual machines within the pool receive about an equivalent resource priority. A “noisy neighbor” won't be ready to use quite the other virtual machine within the pool.

Limits
Previous recommendations prompt the employment of limits to manage resource usage. However, supported additional operational expertise, it's been found that virtual machine–level limits will have prejudicious operational e ects if used improperly.
For example, a virtual machine is provisioned with 4GB and also the limit is ready to 4GB

      1. Network Isolation

      2. ESXi Networks

There square measure variety of networks to think about on AN ESXi server:
1. vSphere infrastructure networks, used for options like VMware vSphere vMotion®, VMware vSphere Fault Tolerance, and storage. These networks square measure thought of to be isolated for his or her speci c functions and sometimes aren't routed outside one physical set of server racks.
2. A management network that isolates shopper, command-line interface (CLI) or API, and third-party software package tra c from traditional tra c. This network ought to be accessible solely by system, network, and security directors. Use of “jump box” or virtual personal network (VPN) to secure access to the management network is suggested. Access among this network to sources of malware ought to be strictly controlled.
3. Virtual machine networks will be one or several networks over that virtual machine tra c ows. Isolation of virtual machines among this network will be increased with the employment of virtual rewall solutions that set rewall rules at the virtual network controller. These settings travel with the virtual machine because it migrates from host to host among a vSphere cluster.

      1. Virtual Machine Networks

Just as a physical machine will communicate with different machines in an exceedingly network solely through a network adapter, a virtual machine will communicate with different virtual machines running on an equivalent ESXi host solely through a virtual switch. Further, a virtual machine communicates with the physical network, as well as virtual machines on different ESXi hosts, solely through a physical network adapter, unless it uses DirectPath I/O.

In considering virtual machine isolation in an exceedingly network context, users will apply these rules supported Figure 5:
• If a virtual machine doesn't share a virtual switch with the other virtual machine, it's fully isolated from different virtual networks among the host. this is often virtual machine one.
• If no physical network adapter is con gured for a virtual machine, the virtual machine is totally isolated from any physical networks. this is often virtual machine two. during this example, the sole access to a physical network is that if virtual machine three acts as a router between virtual switch two and virtual switch three.
• A virtual machine will span 2 or additional virtual switches provided that con gured by the administrator. this is often virtual machine three.


      1. Virtual Networking Layer

The virtual networking layer consists of the virtual network devices through that virtual machines interface with the remainder of the network. ESXi depends on the virtual networking layer to support communication between virtual machines and their users. additionally, ESXi hosts use the virtual networking layer to speak with iSCSI SANs, NAS storage, and so on. The virtual networking layer includes virtual network adapters and also the virtual switches.
Virtual Switches
The networking stack uses a standard style for optimum exibility. A virtual switch is “built to order” at runtime from a group of tiny useful units, like the following:
• The core layer two forwarding engine
• VLAN tagging, stripping, and ltering units
• Virtual port capabilities speci c to a specific adapter or a specific port on a virtual switch • Level security, checksum, and segmentation o oad units
When the virtual switch is constructed at runtime, ESXi installs and runs solely those parts that square measure needed to support the speci c physical and virtual LAN adapter sorts employed in the con guration. Therefore, the system pays the bottom doable price in quality and helps guarantee a secure design.







Virtual Switch VLANs
ESXi supports IEEE 802.1q VLANs, which might be wont to any shield the virtual machine network, management networks, and storage con guration. VMware software package engineers wrote this driver in accordance with the IEEE speci ion. VLANs change segmentation of a physical network thus 2 machines on an equivalent physical network cannot send packets to or receive packets from one another unless they're on an equivalent VLAN.

Virtual Ports
The virtual ports in ESXi give a fashionable management channel for communication with the virtual LAN adapters connected to them. ESXi virtual ports magisterially observe that square measure the con gured receive lters for virtual LAN adapters connected to them, thus no learning is needed to populate forwarding tables.
They conjointly magisterially observe the “hard” con guration of the virtual LAN adapters connected to them. This capability makes it doable to line such policies as forbidding macintosh address changes by the guest and rejecting solid macintosh address transmission, as a result of the virtual switch port will basically magisterially observe what's “burned into ROM”—actually, keep within the con guration autoimmune disorder, outside the management of the guest OS.
The policies offered in virtual ports square measure far more di cult—if not impossible—to implement with physical switches. Either ACLs should manually be programmed into the switch port, or weak conjecture like “ rst macintosh seen is assumed to be correct” should be relied on.

Virtual Network Adapters
vSphere provides many varieties of virtual network adapters that guest OSs will use. the selection of adapter depends upon factors like support by the guest OS and performance, however all the adapters share the subsequent characteristics:
• they need their own macintosh addresses and unicast/multicast/broadcast lters. • they're strictly stratified LAN adapter devices.
• They act with the low-level VMkernel layer stack via a standard API.


KVM

    1. Executive outline

You've most likely been reading regarding the economic science of cloud computing. the guarantees of economical, virtualized computing platforms square measure attractive: low entry price, dynamic filler to accommodate varied workloads, machine-controlled management, and more. the worth proposition appearance equally compelling for each rising and well-established organizations. Moving your mission-critical workloads to a cloud might save your organization a considerable fraction of its current IT expense. However, there's AN obstacle important enough to forestall you from ever taking advantage of the advantages cloud computing offers. That obstacle may be a very important question of security. What virtualization technology are you able to trust for the protection of your cloud? UN agency will give it? The answer: you'll trust the corporate that has the foremost virtualization expertise. you'll trust the open supply technology that powers its clouds. That company is IBM®, which technology is KVM.


KVM meets all the factors cartoonist outlined for a sort one hypervisor. First, the virtual machine monitor (VMM) runs in privileged mode and directly uses hardware directions to virtualize the guest. Guest code executes most of the time directly on hardware at full speed. most significantly, the virtual-to-physical resource translation happens just one occasion. In meeting these criteria, KVM is adequate VMWare, Xen, z/VM, and different vacant metal hypervisors. the actual fact that KVM will co-reside with AN enterprise UNIX system OS doesn't amendment any of its sort one characteristics.

In fact, KVM is prepackaged nowadays each with and while not a full UNIX system surroundings. Red Hat offers a locked- down, hypervisor-only KVM product that omits the Enterprise UNIX system OS and restricts administrator access to atiny low set of controlled interfaces. This implementation demonstrates the pliability of KVM's bare- metal style.
Regardless, the plain truth is that the hypervisor sort may be a false indicator of security. whereas style and implementation square measure vital issues to hypervisor security, hypervisor structure isn't. A badly designed sort one hypervisor will be abundant less secure than a literary sort two hypervisor, and also the reverse is additionally true. KVM's hypervisor style provides isolation properties that square measure almost like VMware ESX. The sure code base of KVM is mostly an equivalent as for different x86 hypervisors.


      1. Key advantages of KVM

The kernel-based virtual machine (KVM) hypervisor provides a full virtualization answer supported the UNIX system software package. the subsequent key advantages of KVM square measure delineated in additional detail later during this paper.
• KVM has sturdy guest isolation with an additional layer of protection against guest breakouts. necessary access management adds grade of isolation on the far side basic method separation.
• KVM's vacant metal style (Type one design) is comparable to different x86 hypervisors.
• KVM is strictly enforced and tested. With open supply, developers square measure unceasingly
inspecting KVM for flaws.
• KVM has the advantage over different x86 hypervisors in terms of lower total price of possession and bigger flexibility than competitive hypervisors.


      1. Strong guest isolation

One of the primary things that involves mind relating to hypervisor security, notably in an exceedingly cloud surroundings wherever multiple purchasers square measure served by one software package instance, is guest isolation. within the cloud, purchasers place their trust within the hypervisor. Unquestionably, the hypervisor should be protected against security breaches involving guests in operation on prime of the hypervisor. These security problems include:
• Guests bypassing security controls to access either the host or different guests in ways in which violate the host security policy
• Guests intercepting shopper information or host resources to that they're not approved
• Guests trying or changing into the victim of security attacks, that might probably take down the
entire cloud.








In addition, shopper information should be protected against spare access from the hypervisor itself. Finally, guests would like the aptitude to make controlled shared storage for collaboration functions.
Because KVM is constructed into UNIX system, KVM guest methodes square measure subject to any or all the standard user house process separation that's integral to the UNIX system kernel's operation. UNIX system method separation continues to evolve over time. However, the foremost basic protection mechanisms have existed since early within the development of the UNIX system kernel, and square measure well tested and authorized. On x86 systems, the kernel, at the bottom level, uses the central process unit (CPU) chip set hardware to realize separation between user house mode and kernel (privileged or supervisor) mode. within the kernel, discretionary access management (DAC) prevents user house processes from unauthorized access of resources or different processes. DAC is that the ancient set of access controls during which users own their own resources and may manage access to those resources at their discretion.

      1. Mandatory access management

KVM goes even any than basic DAC separation by incorporating necessary access management (MAC) through Security-Enhanced UNIX system (SELinux). With MAC, it's the administrator, not the method owner, UN agency determines the access a method should resources. macintosh implements sturdy guest isolation and controls resources offered to guests. The sVirt API, that integrates macintosh and UNIX system virtualization among SELinux, is enabled by default in RHEL six. As of the writing of this document, no different all-purpose x86 hypervisor implements macintosh by default, providing KVM with a layer of defense on the far side that of different hypervisors.

    1. Rigorous implementation and testing

Open supply may be a methodology of engineering that distributes style and development effort globally. Participants contribute labor whereas making the most of the work of others to resolve totally different issues. most work takes place on web mailing lists within the kind of patch submissions to open supply communities. Anyone will browse, comment on, and contribute to the mailing lists. Communities put together decide individual submissions, and meritocracies kind organically. Maintainers intumesce from the communities UN agency square measure specialists in their fields and lead the communities. Open supply communities attract consultants worldwide in specific downside domains that will preferably be troublesome or not possible to assemble.
All KVM development takes place in open supply communities. the event methodology brings nice advantages to KVM security. Maintainers and community members perform continuous examination and testing to seek out bugs. Weaknesses square measure known and patched quickly. Relentless analysis of the ASCII text file by multiple consultants is especially vital to reduce the likelihood of unknown vulnerabilities stepping into the code base and resulting in zero-day exploits. This development approach may be a explicit advantage that open supply has over proprietary development. Proprietary development is opaque; it's troublesome or not possible to get info regarding proprietary hypervisor internals. square measure guests extremely separated? square measure communications methods adequately controlled? square measure the privileged management arthropod genus coded correctly? while not security certification results offered, you have got very little selection however to trust proprietary vender security claims. However, there's zero mystery relating to the contents of KVM and its broader ecosystem; all its ASCII text file is accessible for viewing.








Conclusion
KVM may be a sure answer for implementing virtualized environments, like clouds that contain multiple tenants. KVM security stacks up well against different all-purpose x86 hypervisors. It implements layers of controls, as well as necessary access management and hardware-based isolation, to realize deep defense against attacks. KVM's direct access to hardware provides an equivalent level of protection as different vacant metal hypervisors.



Fig comparing both virtualisation technology as we can clearly see KVM is the clear winner.

Based on UNIX system, KVM advantages from the open supply development community, as well as constant examination for potential security flaws. moreover, KVM can presently succeed Common Criteria certification at AN EAL4+ level3.


Risk Assessment Report of Bluetooth technology

  1. Introduction

    1. Case Scenario




This report is all regarding identification and mitigation of current security threats of the Bluetooth.

Bluetooth was a technology for poor. Yea virtually it absolutely was designed specified adding to a sensible device wouldn't raise the general price quite five greenbacks. Ericsson was at forefront to create Bluetooth. several suppose that if you set the passcode or permit solely paired device to attach to your Bluetooth enabled device makes thier device safe. Well I solely enlighten them square measure YOU SURE!!!


Authentication
Authorization
Encryption
Few of the safety problems that square measure concerned in Bluetooth square measure
Short Pins square measure allowed, the cryptography key length is negotiable, master is shared, finish to finish security isn't performed to call many. (believe Pine Tree State the list goes on and on!!!)



Now I will explain few attacks on Bluetooth
1. Bluejacking:
Bluejacking is that the causing of uninvited messages over Bluetooth to Bluetooth-enabled devices like mobile phones, PDAs or portable computer computers, causing a vCard which usually contains a message within the name field (i.e. for bluedating or bluechat) to a different Bluetooth enabled device via the OBEX protocol. Bluetooth contains a terribly restricted range; typically around ten meters on mobile phones, however laptops will reach up to one hundred meters with powerful transmitters.
Bluejacking permits phone users to send business cards anonymously victimisation Bluetooth wireless technology. Bluejacking doesn't involve the removal or alteration of any information from the device. Bluejackers usually rummage around for the receiving phone to ping or the user to react. so as to hold out a bluejacking, the causing and receiving devices should be at intervals ten meters of 1 another. Phone homeowners United Nations agency receive bluejack messages ought to refuse to feature the contacts to their address book. Devices that square measure set in non-discoverable mode don't seem to be vulnerable to bluejacking.
Mobile phones are adopted as associate everyday technology, and that they square measure present in social things as users carry them around as they move through completely different physical locations throughout the day. As a communicative device, the itinerant has been bit by bit concerned in ways in which move on the far side just providing a channel for mediate speech. One such appropriation is bluejacking, the observe of causing short, uninvited messages via vCard practicality to alternative Bluetooth-enabled phones. to settle on the recipients of bluejacks, senders complete a scan victimisation their mobile phones to look for the obtainable Bluetooth- enabled devices within the immediate space. A bluejacker picks one in every of the obtainable devices, composes a message at intervals a body of the phone’s contact interface, sends the message to the recipient, and remains within the neighbourhood to watch any reactions expressed by the recipient.
The messages tend to be anonymous since the recipient has no plan United Nations agency has sent the bluejack, and therefore the recipient has no info regarding the bluejacker, aside from the name and model of the bluejacker’s itinerant. attributable to Bluetooth’s short-range networking capabilities, bluejacking will solely occur between actors United Nations agency square measure at intervals ten meters of every alternative, that makes this activity extremely location-dependent. Contrary to what the name suggests, the bluejack recipient’s phone isn't hijacked; that's, the phone is at no time below the management of the bluejacker.

We conceptualise bluejacking as a violation of possessional territory. galvanized by Goffman, we tend to propose that the itinerant could be a possessional territory as a results of the intimacy and continuing contact between itinerant users and their phones. A possessional territory, in our usage, is associate object that engenders attachment and defense by people who understand possession and may be stated as a “personal impact.” Possessional territories operate “egocentrically”; that's, they move around with their homeowners United Nations agency maintain and exert regulative management, like the definition of settings. Since we tend to characterize the itinerant as a possessional territory, we tend to adapt the class of violation, outlined as a short lived incursion wherever seizure isn't essentially the goal as a probable and acceptable class of infringement during this context.
We additionally propose that bluejackers try to modify their expertise of public area by partaking within the violation of others’ possessional territories through the act of illicit and anonymous electronic communication. guests to public areas will interact in habitual behaviors at a selected location, like choosing a favourite parking spot that one will come back to on every ordered visit, to achieve a way of familiarity to locations that square measure oft re-visited. These physical environments then hold enough significance to inspire defense among people who inhabit them and defensive behaviors, which might vary from process a private area at intervals a speech or whereas employing a work surface work-surface. Typically, associate somebody of a public place tends to modify a location if he or she feels that the social conventions of an area permit one the license to mark a territory.



2. Man in the middle attack:
This is not a attack that you simply dont grasp off. Infact I even have several friends United Nations agency in world act as man-in-the-middle either for serving to Pine Tree State or gaining info that they'll use for his or her own sensible. Buckeye State an excessive amount of critique on Pine Tree State, anyways, returning to the current quite attack, associate aggressor will hijack a already established bluetooth session to induce the info sent over bluetooth. the first objective of the aggressor is to attach the victim's portable computer to a faux Access purpose. aggressor uses the device that receives the Bluetooth packets in promiscuous mode and so sends cast ones to the mobile and portable computer of the victim.
Because Bluetooth could be a wireless communication system, there's perpetually a clear stage that its transmissions may be deliberately jam-pawncked or intercepted, or false/altered info may be passed to the piconet devices. to supply protection for the piconet, the system will establish security at many protocol levels. Bluetooth has inbuilt security measures at the link level.
Our work principally concentrates on the Man-In-The-Middle attack. By principle, with none verification of the general public keys, MITM attacks square measure usually potential against any message sent by victimisation public-key technology. the prevailing model uses the Bluetooth device that support SSP (Printer) that creates use of the simply Works, Numeric Comparison and therefore the Pass key entry association models. however it absolutely was proven that the prevailing model isn't abundantly secure. thus we tend to propose to use Out-Of-Band channeling association model to own additional security.
Out Of Band refers to communications that occur outside of a antecedently established communication ways or channel. The cryptographical systems that square measure secure against MITM attacks need a further exchange or transmission of data over some quite secure channel.

Counter Measures for This attacker

Knowing of potential issues of jacking and denial of service attacks of Bluetooth is that the initiative. Knowing that this stuff will occur could facilitate a user debate in once and wherever it's best to use their device. it'll additionally create them insure that info they are doing not would like to use over the air is insured to induce to the potential receiver.
The best resolution is to show off your Bluetooth device till you wish to speak with another user. Since we all know that code will activate and off Bluetooth a tool, disabling it and going it on isn't your best bet. If you want to keep the device on, than the concept of the E2X bag could also be your best choice explained below


Based on the Summary notes of information provided by Audit Scenario Document,

























Detection and Prevention

These attacks can be detected by monitoring the bluetooth communication channels we should be caution about any unknown device in the list of known device and unknown authentication attempts or also known as pairing attempts with the target device.

There are many stuff you will do to stop folks from connecting to your Bluetooth devices. this text focuses specifically on protective your telephone, however the following pointers will apply to alternative devices furthermore.

Depending on your specific telephone, you’ll have totally different Bluetooth choices and settings offered, however identical general recommendation applies to all or any phones.

If your phone isn't paired with another Bluetooth device at any time, flip its Bluetooth capability off.









Figure#1Bluetooth menu in mac os.

-to avoid Associate in Nursing unknown device from making an attempt to attach to that. even though you're paired with a tool, you ought to still close up Bluetooth discovery (so alternative devices will’t see your phone) furthermore as machine pairing (which can enable a tool you’re not conversant in to attach to your phone while not your approval).

On most phones you'll access all of those settings from one Bluetooth menu, that is sometimes found on the most menu, or below a sub-menu known as one thing like Settings, Configuration, or Connections. If Bluetooth is presently enabled on your phone, you ought to see the small Bluetooth icon (a weird-looking white B within a blue oval) somewhere on the most screen.

Depending on your phone and also the device or devices you usually try it with, you will or might not be needed to enter a passcode to create the affiliation. If your phone needs a passcode so as for a tool to try with it and you’re ready to amendment the code, create it one thing tougher to guess than “0000” or “1234” (which square measure the default codes for several devices).







By following these easy tips, and by often glancing at your phone to visualize if it's connected to a tool or personal space network (PAN) that you’re not conversant in, you'll keep strangers from connecting to your phone and either inflicting injury or stealing information.

As Bluetooth gets additional and additional in style, additional folks can try and use it to their advantage, therefore the additional protected and knowledgeable you're, the better.











Prevention Counter Measures to Bluetooth Attacks in steps:
1.Switch off Bluetooth once not in use
2.Purchase solely devices having long PIN codes
3. Refrain from coming into PIN into Bluetooth device for pairing
4.Limit the electrical power itself to stay the vary of the network at intervals the physical space
5.Switch off all superfluous SCO/eSCO links
6.Select the correct place once 2 Bluetooth devices meet for the primary time and generate data formatting keys.













Sunday, 5 November 2017

What's the Next Step in the Evolution of AI?



what exactly have we tend to been doing for the last sixty years?

Despite its age, these are still time period for AI, per Andrew NG, founding father of the Google Brain project at Google, the previous director of the Stanford computer science Laboratory and chief individual at Baidu analysis. 

AI, he states without ambiguity in a commentary in Harvard Business Review, "will remodel several industries." 

"But it’s not magic," he adds. "If a typical person will do a mental task with but one second of thought, we are able to in all probability automatize it victimization AI either currently or within the close to future," he wrote.

OK, therefore it's no solution. however it's already stirred on the far side a craze to the muse of helpful product. 

In a recent CMSWire story, Amit Kothari, chief executive officer of Tallyfy, same the largest developments of AI within the workplace is split into 2 distinct areas.
The first is language process (NLP), that is that the capture and identification of information
The second is machine learning, the power to check knowledge patterns and predict outcomes through analyzing historical patterns
He predicts fascinating things: "We have to be compelled to consider AI as a tool for coaching job, during this means we are able to faucet into human experience — and enhance this with machines."

The Question
"What's the next step in the evolution of AI?"
Here are the thought of some experts in the field one by one-


Today's conversations ar simplifying the potential of AI by golf shot it in a very slender scope. The market discusses AI usually as an automatic program response (chatbots), however it is enabled to find out and change responses supported the queries it's asked. 

The future of AI lies in pairing the technology with period, live knowledge to make customized and contextualized experiences. AI has the power to travel on the far side machine learning by deciphering and understanding the subtext of human feeling to make partaking experiences.

In this, AI will fully modification the client expertise as a result of most shoppers build selections supported its emotional impact. By deciphering specific signals that ar typically solely visible throughout in-person conversations, like facial impressions, marketers will really perceive their customers and supply intelligent responses.

With identity verification we have a tendency to ar near harnessing this power, however the ability of AI lies in victimization each single piece of information you have got access to. HBO's recent show, Westworld, stated the emotional capability of machines. 
-----Jamie Anderson, Senior vp and CMO, SAP Hybris




We reap all the advantages from analytics, procedure insights, prophetic  models, and therefore the like, particularly once foregone conclusion provides US with help or convenience. move the chase: humans ar willing to behave predictably for the sake of convenience.

To that finish, i feel we are going to see a dramatic acceleration of accommodative and intuitive applications and technologies, such as AI, not like we've got ever seen. 

This acceleration can build all of our devices and applications smarter so as to accommodate our behaviors. And associate degree exceedingly|in a very} world wherever technology is omnipresent and everybody and everything is connected — a notion I decision the "Engagement Economy" — the winners can use these technologies and a lot of to interact with individuals in an authentic and customized means at scale.
-----Steve movie maker, CEO, Marketo




In 2016, the business created unbelievable achieve democratize the ability of computer science even any. AI interfaces and technology ar currently therefore intuitive and simple to use that they need become a seamless a part of the means we have a tendency to run our personal lives.

But there's still lots of labor to try to to once it involves transfer AI into our businesses. The challenge is twofold: obtaining AI right is tough and therefore the overwhelming majority of firms simply do not have the technical experience and infrastructure needed. additionally, AI ought to be seamlessly integrated into the business user expertise. till recently, the insights, predictions and suggestions coming back from AI were offered in a very separate application and solely accessible by knowledge specialists, not the business users.

The next evolution of AI can ring within the age of the subject developer wherever each business user — not PhDs and knowledge scientists — ar ready to leverage AI to form smarter, a lot of prophetic  selections. 

Intelligent business apps can become a lot of client in nature, mimicking the straightforward expertise and lowering the barriers to entry to empower business users across sales, service, promoting and IT to remodel their business. similar to Siri is made into our phones and Netflix recommendations seem right the homepage, AI are going to be embedded directly wherever individuals work — not siloed in sophisticated tools that ar controlled by a pick few. 
-------John Ball, SVP, Salesforce, Salesforce Einstein

Thursday, 7 September 2017

What will we call a AI agent based Trojan/malware which can develop its own version of advance Trojan by unsupervised learning and spread like wildfire on networks?


What will we call a AI agent based Trojan/malware which can develop its own version of advance Trojan by unsupervised learning and spread like wildfire on networks?

This came as a wild thought in my mind and i start looking for the extent to how much this crazy idea is helpful hence i posted a thread on facebook and my finding are worth sharing enjoy.
The idea shared in this post is for educational purpose only please take it any other way,

Notion of even developing such a program will be very very difficult.



Here are my final thoughts this kind of malware agent based on Machine learning AI is not possible for next decade at least until we invent a working model of Quantum Entanglement Storage Device which is necessary for our AI agent  a to exchange  a massive amount of data for it's nodes to work in parallel cluster simultaneously so hence sleep tight 😃 and share this post.

If you want to learn more about Quantum Entanglement Applications in computer science refer to these link to research paper below, 

Thanks to my pal AdhokshajMishra https://www.facebook.com/AdhokshajMishra?fref=ufi for his valuable input on the topic.

Wednesday, 16 August 2017

Game of Thrones season 7 episode 6 just leaked no spoilers in this article



Yes you heard right the unreleased episode of Game of Thrones season 7, episode 6 Name "Death is the Enemy" just leaked today by accident.

let me explain how:-

This news news came just after the arrest of 4 people in India for leaking the episode 4.
Episode 4 leaked online two days before its scheduled time, but episode 6 arrived a lot earlier. Neither leak comes courtesy of the hackers that cracked HBO’s computer systems. Instead, we’re looking at two distinct internal leaks in the distribution and broadcasting chain system.

HBO Europe said in a statement (via AP) it had “learned that the upcoming episode of Game of Thrones was accidentally posted for a brief time on the HBO Nordic and HBO Espana platforms."

the new episode 6 is available to download on torrent as we speak right now i suggest you not to watch it from your home network at least use TOR browser/ TAIL or some kind of VPN before doing such wrong deed. 😁

But the question is will this time Game of Thrones fan will be able to commit to HBO official broadcasting while the social media is filled with spoilers already, during the last leak we say a new kind of behaviour among Game of Thrones fan they refused to watch the leaked show not just because the leaked show from Star media was of low quality but because of there love and respect of the show of HBO.

For legal reasons i can't tell you or share any links how to download or watch the leaked episode if you have not figured it out yourself but i am telling go out there somewhere.


Sharing is caring.

Thursday, 15 June 2017

OpenCV installation for Ubuntu

OpenCV installation for Ubuntu 

To install OpenCV 2.4.2 or 2.4.3 on the Ubuntu 12.04 operating system, first install a developer environment to build OpenCV.
    sudo apt-get -y install build-essential cmake pkg-config
Install Image I/O libraries
    sudo apt-get -y install libjpeg62-dev 
    sudo apt-get -y install libtiff4-dev libjasper-dev
Install the GTK dev library
    sudo apt-get -y install  libgtk2.0-dev
Install Video I/O libraries
    sudo apt-get -y install libavcodec-dev libavformat-dev libswscale-dev libv4l-dev
Optional - install support for Firewire video cameras
 sudo apt-get -y install libdc1394-22-dev
Optional - install video streaming libraries
 sudo apt-get -y install libxine-dev libgstreamer0.10-dev libgstreamer-plugins-base0.10-dev 
Optional - install the Python development environment and the Python Numerical library
    sudo apt-get -y install python-dev python-numpy
 
Optional - install the parallel code processing library (the Intel tbb library)
    sudo apt-get -y install libtbb-dev
Optional - install the Qt dev library
    sudo apt-get -y install libqt4-dev
Now download OpenCV 2.4 to wherever you want to compile the source.
    mkdir xxx
    cd xxx 
    wget http://sourceforge.net/projects/opencvlibrary/files/opencv-unix/2.4.2/Op...
or  
   wget http://sourceforge.net/projects/opencvlibrary/files/opencv-unix/2.4.3/Op...
file given above are old releases please follow this link to get the latest version of the opencv http://opencv.org/releases.html    

tar -xvf OpenCV-2.4.*.tar.bz2
Create and build directory and onfigure OpenCV with cmake. Don't forget the .. part at the end of cmake cmd !!
    cd OpenCV-2.4.*
    mkdir build
    cd build
    cmake -D CMAKE_BUILD_TYPE=RELEASE -D CMAKE_INSTALL_PREFIX=/usr/local
    -D WITH_TBB=ON -D BUILD_NEW_PYTHON_SUPPORT=ON -D WITH_V4L=ON 
    -D INSTALL_C_EXAMPLES=ON -D INSTALL_PYTHON_EXAMPLES=ON 
    -D BUILD_EXAMPLES=ON -D WITH_QT=ON -D WITH_OPENGL=ON ..
Now compile it
    make
And finally install OpenCV
    sudo make install

Saturday, 10 June 2017

Flashing/Installing stock MIUI image to the Rooted Redmi Devices and Fixing the Error 7

If you been wondering why the latest images of Android 7.1 Nougat based Lineage OS or RM OS are not working during the flashing processes showing some kind of Error 7,
Well there are 2 Solution for this problem


1) Edit the Android image zip file yourself remove the line of code regarding to devicename in the
following file which is responsible for this Error 7.
Open the Lineage OS ROM zip using any archiving software like 7zip, WinRAR, etc… You can also open it on your device.
  • Now, you need to navigate to this path: META-INF » com » google » android » updater-script.
  • Open the file updater-script in a text editor. You’ll see a bunch of lines with the command assert and the model name of the device next to it.
  • If there’s a mismatch with the codename of the device in the script, you’ll get Error 7 while flashing.
  •   
  • So, just either edit the code to match your device’s codename or delete all the lines having the code “assert & getprop”
  • Save the file.
  • Try to install the ROM now.



2) Install the Stock image of the Device in this case its the MIUI 8 from the Redmi

here is the link for it http://en.miui.com/download-301.html
on the section of -

and you also need these two things

b) Download the SuperSu zip file from here to root your phone again. Save the zip file on your phone.
Link here http://www.supersu.com/download

c) Download the lazy flasher zip file here to fix the boot loop issue. Yes, you nee to flash this file to fix the boot problem. Save the zip file on your phone internal memory.

Stable ROM

Click on Download Full Stock ROM if you have not yet rooted the device then you can follow there official guide for it that has been linked next to the download button there.
Else follow this blog.

 
 1. Download all the three files mention above and save all the file on your phone and remember the location of the files.

 2. Now open the updater application on your phone and Tap on the tap on three dots from top right corner and select “Reboot to Recovery Mode.”

 3. Now your phone will boot in the custom TWRP recovery mode.

 4. From here tap on the Wipe > Advanced Wipe and Select Dalvik Cache and Cache > Swipe to Wipe.

 5. After that go back to the main menu of the TWRP recovery. Select Install and Locate the MIUI 8 Recovery Full ROM zip file and flash the same on your phone.

 6. After flashing the ROM, Flash the Super Su zip file to get the Root access, and after that Lazy flasher zip file to fix the boot issue.

 7. Now reboot the system.


1. Download all the three files mention above and save all the file on your phone and remember the location of the files. 2. Now open the updater application on your phone and Tap on the tap on three dots from top right corner and select “Reboot to Recovery Mode.” 3. Now your phone will boot in the custom TWRP recovery mode. 4. From here tap on the Wipe > Advanced Wipe and Select Dalvik Cache and Cache > Swipe to Wipe. 5. After that go back to the main menu of the TWRP recovery. Select Install and Locate the MIUI 8 Recovery Full ROM zip file and flash the same on your phone. 6. After flashing the ROM, Flash the Super Su zip file to get the Root access, and after that Lazy flasher zip file to fix the boot issue. 7. Now reboot the system.



b) Download the SuperSu zip file from here to root your phone again. Save the zip file on your phone. c) Download the lazy flasher zip file here to fix the boot loop issue. Yes, you nee to flash this file to fix the boot problem. Save the zip file on your phone internal memory.


Monday, 5 June 2017

Highlights of WWDC 2017

I attended the World Wide Developer Conference of Apple and if you missed it or too busy to watch the lengthy keynote don't worry here it is-
In Total there are 8 new thing that came up in WWDC 2017

1 New Apple Watch OS 4.
2 Upgrades to Macbook.
3 New iMacPro.
4 Mac OS 11 High Sierra.
5 New iPad Pro.
6 HomePod.
7 ARKit
8 iOS 11


1 New Apple Watch OS 4


The Apple Watch has developed a new watch OS: Watch OS 4. Here are some of the important bits:

  1. There are new faces including a kaleidoscope and some Toy Story animations
  2. An increased focus on fitness allows for better tracking during runs and swims. There's also more encouragement for setting and achieving goals.
  3. The Apple Watch will automatically sync with fitness equipment from some of the biggest manufacturers to track your suffering.
  4. A new Music app has a redesigned interface.
  5. Native Bluetooth support allows the watch to communicate with small devices like a glucose monitor for diabetics.
  6. H.265 video supports HDR footage with 40% better compression to save space.


2 Mac and iMac


New MacBook Pros

All the MacBook and MacBook Pro are getting new Kabylake Processors from Intel (including MacBook Air).
Other big changes came in iMac
The venerable iMac computer is getting a refresh across a variety of specs. The screen is getting brighter, the max memory specs are doubling, and they're getting a pair of USB-C ports on the back for connecting fast storage.
  1. The 21.5-inch lower level model is getting a serious uptick in terms of graphic processing, which makes it 80% faster than before. 
  2. The 21.5-inch iMac 4K Retina now moves to discrete graphics, which makes it three times faster than the previous generation.
  3. The 27-inch 5K iMac goes up to 8 GB of VRAM, which can push up to 5.5-teraflops of computing power so it can handle VR development.
  4. Kaby Lake processors are coming across the board.

3 iMacPro

iMac Pro
The typical iMac can't handle super hardcore workstation stuff like machine learning development or real-time 3D rendering, so Apple build the iMac Pro. 
  1. Up to 18 cores of Xeon processing power
  2. AMD Radeon Vega graphics will handle the GPU roll.
  3. Up to 22 teraflops of computing power at the high-end which is a crazy amount. 
  4. It can have up to 128 GB of ECC memory
  5. Storage goes up to 4 terabytes built in. 
  6. It has 4 Thunderbolt ports and built-in 10 gigabit ethernet.
  7. Priced at $4,999 in December.

4 macOS High Sierra

The new version of macOS comes with a slight name change and a grip of new features.
  1. Apple now claims Safari is the fastest browser. 
  2. Auto play blocking in Safari detects videos with sound and blocks them, which is excellent.
  3. Safari's Intelligent Tracking prevention uses machine learning to identify cross-site tracking services. By, umbrella ads I see on every website.
  4. Photos gets improved search and better facial recognition. Tagging system is also synced across all devices if you're a neat freak about your images.
  5. Photos now gives you access to curves, which makes me very happy as a photography nerd. It's for advanced editing.
  6. Apple is opening its photo book printing service up to third party printers, which makes Microsoft's recent announcement about photo book printing seem weak.
  7. Public beta coming this month, free update coming in Fall as usual.
  8. Apple is releasing a new file system called APFS which is going to more performance cruncher.

5 iPad Pro 10.5-inch


iPad Pro
So a new iPad Pro today and it has a bigger screen with a smaller bazel.

  • 20% larger than the 9.7-inch, with a smaller border. 
  • It still weighs just a pound.
  • A10X Fusion with a six-core CPU and 12-core GPU which makes it 30-40% faster than the previous version across the board.
  • It's big enough to give a full-sized on-screen keyboard.
  • 120 Hz refresh rate makes scrolling and responses faster.
  • Apple Pencil now has just a 20 millisecond latency so it's more like writing. It's also 1 millisecond faster than Microsoft's Surface Pen.
  • Screens across the range will get 50% brighter.The screens also now have the color gamut for HDR video.

6 HomePod

Apple Home PodThis is the very exciting smart speaker launched by apple today. Here are the details on Apple's new smart home speaker.
  1. Siri is baked in and listens to you via six built-in microphones. It's built with the idea that you'll have an Apple Music subscription, of course.
  2. There's a HomeKit base built in, so you can use it to control smart home devices. Apple isn't focusing on this aspect as much as it is the sound quality, though.
  3. Spatial awareness helps it recognize the space it's in to tune the sound accordingly.
  4. Powered by an A8 chip that also powers the iPhone.
  5. There's a 4-inch woofer and the speaker itself is around 7-inches tall.
  6. It starts shipping in December for $349.

7 ARKit

With ARKit Apple is diving deep into the world of augmented reality, which is something that Microsoft and Google have been big on lately. It can place virtual objects on real-life surfaces in the world.
Apple ARKit
ARKit is going to let developers produce more augmented reality stuff. There's an AR Lego demo which sounds great because I can play with Legos, but not step on them.
Apple has taken this new step in Augmented Reality trend,

8 iOS 11

Apple started off its iOS 11 presentation by taking a shot at Google's Android fragmentation problem. No punches pulled there.
  1. Messages gets an update for to help sync messages across devices more efficiently as you sign in. 
  2. Apple Pay now operates on a person-to-person level so you can settle up with your friends after going out to eat.
  3. Siri is getting more conversational voices! 
  4. Siri will also now be able to do real-time translation so it can act as a go-between for people who don't have a common language.

Camera and Photos

  1. HEVC is the new format for video, which gives increased fidelity with smaller files.
  2. HEIF gives better quality photos at 2x compression.
  3. Portrait Mode in the camera now gets HDR and optical image stabilization.
  4. Machine learning recognizes different events and automatically creates slideshow-style presentations.
  5. They have embedded ML(Machine Learning ) inside the new iOS 11 to use the Apple Pencil more perfectly and to render graphics for the photos app like selecting a curve area etc.
That is all that happened today, Although more eyes will be on the September 2017 event of apple when it will launch the new IPhone8 which is going to be the most promising flagship smartphone.

Proper way to install nvidia 390 fix error

Proper way to install nvidia 390 if you see any error in the process look below; command  sudo apt purge --autoremove '*nvidia*...