All posts by Keumars Afifi-Sabet

Windows 10 bug is causing internet connection problems


Keumars Afifi-Sabet

20 Jul, 2020

Microsoft is investigating reports that Windows 10 is falsely suggesting users who have upgraded to the latest feature update aren’t connected to the internet, despite them experiencing a stable connection.

Bizarrely, this issue, which is being widely reported online, is also causing some desktop apps, such as Cortana and Feedback Hub, to break because these applications believe the device is not connected to the web, according to Windows Latest.

“I am running on Windows 10 Enterprise, Version 2004, OS Build 19041.264,” one user commented. “I recently changed to the Windows Insider Program and updated Windows.

“In the taskbar, the Wi-Fi icon shows No Internet Access, but I have a stable internet connection wirelessly (Ex: I can browse the internet, ping IP Addresses, etc.). Another problem is when I try to open Cortana it also says that I have no internet connection (By the way, I can also open Microsoft’s website).”

The bug manifests as the Wi-Fi icon to the bottom-right of the icon tray incorrectly displaying a ‘No Internet Access’ message. While users are still able to browse the internet, as normal, a host of apps seemingly rely on this status message in order to establish connections, with software such as Spotify and even the Microsoft Store failing to reach their servers. 

Microsoft is aware of the Network Connectivity Status Indicator (NCSI) issue, according to a contract worker posting on a Microsoft forum, but the bug hasn’t yet been resolved. 

Most users experiencing the issue have complained only after upgrading to version 2004, also known as the May 2020 Update. 

This is simply the latest in a string of minor, and major, issues that have arisen after Microsoft first launched its major May 2020 Update. This update, in the first instance, was initially delayed after the last-minute discovery of a zero-day flaw.

Microsoft subsequently warned users against installing the May 2020 update until a set of other issues were resolved.

Several issues have since come to light including incompatibility problems with certain Lenovo devices, as well as a Google Chrome flaw whereby the web browser logs users out of their accounts and wipes stored information such as cookies and passwords.

SAP patches critical flaw that lets hackers seize control of servers


Keumars Afifi-Sabet

14 Jul, 2020

Software company SAP has patched a critical vulnerability that can be exploited by an unauthenticated hacker to take control of systems and applications.

The flaw, assigned CVE-2020-6287, affects the LM Configuration Wizard element of the NetWeaver Application Server (AS) Java platform, and affects potentially 40,000 customers, according to Onapsis, which discovered the vulnerability.

Alarmingly, the flaw has been rated 10 out of 10 on the CVSS scale and has spurred the United States Computer Emergency Readiness Team (US-CERT) into issuing an alert encouraging organisations to patch their systems immediately.

“Due to the criticality of this vulnerability, the attack surface this vulnerability represents, and the importance of SAP’s business applications, the Cybersecurity and Infrastructure Security Agency (CISA) strongly recommends organizations immediately apply patches,” the alert said. 

“CISA recommends organizations prioritize patching internet-facing systems, and then internal systems.”

Those unable to patch their systems should mitigate the vulnerability by disabling the LM Configuration Wizard service. Should this step be impossible, or take more than 24 hours to complete, CISA has recommended closely monitoring SAP NetWeaver AS for any suspicious or anomalous activity. 

The flaw is a result of the lack of authentication in a web component of the SAP NetWeaver AS for Java which allows for several high-privileged activities on the SAP system. 

Successful exploitation involves a remote hacker obtaining unrestricted access to SAP systems by creating high-privileged users and executing arbitrary OS commands with high privileges. Hackers would retain unrestricted access to the SAP database and can perform application maintenance activities. 

The flaw, in essence, entirely undermines confidentiality, integrity and availability of data and processes hosted by the SAP application. 

The vulnerability is present by default in SAP applications running over SAP NetWeaver AS Java 7.3, and any newer versions up to SAP NetWeaver 7.5, affecting a handful of applications. These include SAP Enterprise Resource Planning (ERP), SAP Product Lifecycle Management, SAP Customer Relationship Management (CRM), and around a dozen more.

Flaws rated 10/10 on the CVSS scale are barely encountered, and ordinarily mean the vulnerability is highly exploitable, easy to trigger, and require little or no additional privileges and user interaction. Nevertheless, the SAP flaw is the second 10-rated vulnerability discovered within a couple of weeks, after Palo Alto patched a flaw in its networking services based around its SAML-based authentication mechanism.

Both the SAP and Palo Alto flaws were highlighted by official US law enforcement agencies, the former flagged by US-CERT and the latter by US Cyber Command.

Nokia begins major data centre networking gambit


Keumars Afifi-Sabet

10 Jul, 2020

Nokia has launched a set of tools, equipment and an operating system for data centre networking to help large companies manage growing traffic in light of increased 5G and machine learning adoption.

Working in collaboration with Apple to build the technology, Nokia has launched a data centre Network Operating System (NOS) as a toolkit to allow for intent-based automation and operations in data centres. This is in addition to new routers and switches.

The company’s data centre venture is based on the idea that the data centre will overlap with cloud and telecoms networks, with technologies like 5G and the Internet of Things (IoT) causing demand for data movements to rise.

All together, Nokia’s foray will allow what it describes as ‘cloud builders’ – webscale firms, service providers and large enterprises – to scale-up and adapt their data centre environments in light of the surging traffic.

“With decades of experience serving the world’s telecom operators, we understand the engineering challenges of building and operating business and mission-critical IP networks on a global scale,” said Nokia’s president of IP and optical networks, Basil Alwan.

“However, today’s massive data centers have their own unique operational challenges. The SR Linux project was the proverbial ’clean-sheet’ rethink, drawing from our partnership with Apple and others. The resulting design is impressive in its depth and strikes the needed balance for the future.”

Nokia describes its Service Router Linux as the first fully modern microservices-based network operating system. It’s built on technology used in more than a million IP network routers, and runs standard Linux. This can be combined with the Nokia Service Router Linux NetOps development kit, which allows customers to take advantage of a rich set of programming capabilities.

Oracle to put its own hardware in customer data centres


Keumars Afifi-Sabet

9 Jul, 2020

Oracle has announced a package for enterprise customers to give them the full benefits of the company’s public cloud services while retaining all their data on-premise.

Dubbed Oracle Dedicated Region Cloud@Customer, the service is touted as the industry’s first fully-managed cloud region that brings more than 50 cloud services that can run from customers’ own data centres.

With packages starting at $500,000 per month, installing Oracle hardware in their own data centres allows enterprise customers with high security and regulatory commitments to benefit from cloud-based software without migrating their data.

Previously, Oracle customers adopting hybrid cloud configurations weren’t necessarily able to use all of the company’s cloud-based services due to incompatibility with their own hardware.

This new service will allow customers to port the entirety of Oracle’s software stack to their own data centres by installing Oracle hardware onsite.

“Enterprise customers have told us that they want the full experience of a public cloud on-premises, including access to all of Oracle’s cloud services, to run their most important workloads,” said executive vice president of engineering for Oracle Cloud Infrastructure, Clay Magouyrk.

“With Oracle Dedicated Region Cloud@Customer, enterprises get all of our second-generation cloud services, including Autonomous Database, in their datacenters. Our major competitors can’t offer customers a comparable dedicated cloud region running on-premises.”

However, the service will likely draw attention from those who campaign against practices that create vendor lock-in, as the installation of Oracle’s own hardware may make it more difficult for enterprise customers to transition to other providers should they wish.

Taking the fight to AWS

The move also represents an attempt to bring the fight to Amazon Web Services (AWS), as part of a long-running feud between the two companies, with Oracle taking on the highly similar AWS Outposts service.

AWS Outposts is Amazon’s fully managed and configurable compute and storage rack service built with AWS-designed hardware. The service allows AWS customers to run on-premise computing while connected to AWS services in the cloud.

Compared with Oracle Dedicated Region Cloud@Customer’s 50 cloud services, AWS Outposts only offers four, Oracle’s Larry Ellison claimed during an online event, according to Tech Radar.

AWS, incidentally, offers six services, including Amazon EC2, Amazon EBS, Amazon Elastic Container Service (ECS), Amazon Elastic Kubernetes Service (EKS), Amazon Relational Database Service (RDS), and Amazon Elastic MapReduce (EMR).

Ellison threw additional barbs at AWS while making the announcement, claiming Oracle’s compliance certifications and management are the same across the public cloud and dedicated region, unlike AWS Outposts.

He also highlighted AWS’ role – as he sees it – in last year’s infamous Capital One data breach in which the personal information of 100 million customers was targeted by cyber criminals due to a misconfigured web application.

The Oracle CEO said it happened because Amazon cloud databases require complex and manual provisioning, configuration, encryption, backup and security, suggesting it was very complicated and that human beings can make mistakes as a result, leading to data loss.

“With Oracle, it is 100% automated and users cannot make mistakes on 100% automated processes. It is the only database where a person who runs the database has no access to users’ data,” he added.

Despite the war of words, however, AWS still dominates the cloud market, leading the industry in terms of market share, followed by Microsoft Azure and Google Cloud Platform.

Royal Marsden powers virtual COVID-19 agent with IBM Watson


Keumars Afifi-Sabet

8 Jul, 2020

The Royal Marsden NHS Foundation Trust has partnered with IBM to launch an AI-powered virtual agent that will provide staff with up-to-date HR and workplace information as the UK emerges from lockdown.

Ask Maisie, powered by IBM Watson, will give the Royal Marsden’s hospitals in London and Surrey the capacity to manage its workforce by serving as an information hub accessed through the intranet. 

Common questions can be answered through automation and AI with the HR department freed to engage in more complex areas, and handle more sensitive matters. Ask Maisie combines IBM Watson Assistant and natural langue processing (NLP) capabilities through the IBM public cloud. 

“As the pandemic evolves so have the long term implications on healthcare which include a growing expectation for immediate and remote access to trusted information,” said director for healthcare and life sciences with IBM UK and Ireland, Andreas Haimböck-Tichy. 

“This has led to many healthcare providers accelerating digital transformation plans to give clinicians time to focus on patients alongside helping to manage the physical and mental health of their key workers. Digital transformation in healthcare is not just limited to the clinical environment.

“Modern technology has an incredible potential to change the way a hospital operates for the better and help revolutionise the care patients receive.”

Topics the staff can access range from advice for high-risk workers, how to self-isolate, and what happens when staff receive official shielding letters. The sources of all information will be ‘trusted sources’ including the hospitals’ own policy handbooks as well as official bodies such as NHS England. 

The COVID-19 pandemic has been a highly disruptive force, but for many public sector organisations, it’s given development and engineering teams an opportunity to implement digital systems to help deliver services

For Royal Marsden, the crisis has triggered the need for technology to help manage its staff, with the organisation claiming the right investments in technology can help organisations build resilience and prepare for any future turmoil. 

Now that Ask Maisie has been launched, it can continue to enhance it knowledge-base as well as learning from interactions it has. 

Imperial aims to fight coronavirus with AI-powered data hub


Keumars Afifi-Sabet

7 Jul, 2020

Imperial College has partnered with several organisations to build a globally-sourced COVID-19 data hub designed to offer AI-powered insights to medical professionals to fight future infections. 

Using Amazon Web Services (AWS) machine learning tools, the REaltime Data Analysis and Synthesis (REDASA) platform aims to help the healthcare industry with real-time insights to help medical action and policymaking. 

The hub has been developed by PanSurg, a surgical network comprising Imperial health professionals and academics, in collaboration with a consortium of tech firms including Cloudwick and MirrorWeb alongside AWS.

It has been launched to pool together the insights and expertise of professionals working to fight the spread of infection by joining up a huge mass of material scattered across more than half a million different sources.

“Healthcare professionals are facing huge volumes of academic literature, public information and noise on COVID-19, making it challenging to extract key insights and translate these into best clinical practice,” said clinical senior lecturer and lead for PanSurg James Kinross.

“We are excited to collaborate with Cloudwick, MirrorWeb and Amazon Web Services to create a reliable, accurate information source with REDASA, for healthcare professionals seeking guidance during the pandemic.”

The project has recruited MirrorWeb’s website-capture technology to harvest large volumes of data at pace, with the organisation using machine learning to ensure the information gathered from public sources is accurate. These would include medical journals, healthcare literature and news sources.

This data is then stored and processed on Cloudwick’s Amorphic data and analytics platform, with advanced data science techniques used to generate automated insights and provide a secure way for users to access the intelligence.

Machine learning services by AWS, alongside an element of human curation, then allows REDASA to perform deep data analysis and extract the most important and relevant insights. Teams would, therefore, be able to process and make sense of the huge amounts of data flooding into the system.

The hub is centred on ‘live systematic review’ which means information is continuously updated and analysed, with data provided to private and public sector healthcare organisations and physicians to improve treatment and boost research.

COVID-19 has made it clear just how challenging it is to find critical information quickly and easily in an ‘infodemic’ situation, with the noise of millions of articles to sift through,” said international healthcare data science lead at AWS EMEA SARL Dr Matthew Howard.

“This solution we are developing with PanSurg, and AWS Partner Network (APN) Partners, Cloudwick and MirrorWeb, combines the best of expert human review with AWS machine learning technologies. 

“Our aim is to provide a new approach that will put the most accurate information possible in the hands of healthcare professionals, help improve medical knowledge, and develop more effective methods of patient care that will make a difference to frontline healthcare workers.”

The product is expected to launch in the coming months and will become a key legacy project with applications that stretch beyond coronavirus. While the main focus, for now, is to support the healthcare response to COVID-19, the team behind REDASA believes the model can be adapted and extended to encompass many other diseases, including cancer.

Developers welcome major overhaul to GitHub’s support documentation


Keumars Afifi-Sabet

2 Jul, 2020

GitHub has merged its two developer support sites into a single unified documentation hub to support users and integrators, offering a single repository of guidance and resources.

The platform, docs.github.com, merges the now-defunct help.github.com site and the widely-used developer.github.com, giving users the capacity to search across all of GitHub’s product content in a single place.

Previously, users seeking support would navigate either to the help platform, which was primarily curated for beginners, or the development platform, targeting advanced users, with GitHub addressing these two communities separately.

“As our product offerings have evolved, we decided to create a single place where everyone can find the information they need, whether you’re a new developer signing up for your GitHub account or a seasoned developer in the community,” said the platform’s product documentation team manager Jenn Leaver.

“This new site combines the product content that was on help.github.com and developer.github.com into a unified experience. With docs.github.com, you’re able to search across all of GitHub’s product content in one place.”

Users can explore docs.github.com by product, with support documents divided into branches, from GraphQL API to GitHub Actions, or they can use the search function to find something specific. The platform also lists a collection of getting started articles, as well as the most popular entries.

Leaver added this launch was the first step in creating an advisory platform on which users can discover new tools and methods, with further improvements coming in future. Language support, for example, will soon be expanded beyond its existing support for English, Japanese, Simplified Chinese, Brazilian Portuguese and Spanish.

The news has been welcomed by developers on social media, with others also calling for the concept to be extended to private repositories. Startup CTO and advisor Tom Jowitt, for example, called on GitHub to roll out an organisation-wide private documentation hub.

The project has been a long time in the making for the development hub and represents a culmination of efforts from engineers, designers, content strategists, writers, and many others. GitHub is expected to post further details in a behind-the-scenes blog post soon.

AWS launches CodeGuru to identify ‘most expensive’ code


Keumars Afifi-Sabet

30 Jun, 2020

Amazon Web Services (AWS) has taken its machine learning-powered CodeGuru development tool out of preview and rendered it generally available, alongside a host of additional features.

CodeGuru is being launched as a tool to help developers improve their applications and troubleshoot issues with automated code reviews and performance recommendations, available in Reviewer and Profiler modes.

CodeGuru Reviewer uses programme analysis and machine learning to detect potential defects that are tricky to find and recommend fixes in Java code. Code can be stored in GitHub, AWS CodeCommit, or Bitbucket.

Pull requests submitted also provide recommendations for how to improve the code, with each pull request also corresponding to a code review, and each code review including multiple recommendations that appear as comments on the pull request. 

Profiler mode, meanwhile, provides interactive visualisations and recommendations that help fine-tune application performance and troubleshoot operational issues using runtime data from live applications. This mode can also help find the most intensive lines of code, in terms of CPU usage or latency, and suggest ways to improve efficiency and reduce bottlenecks 

“Bringing new applications into production, maintaining their code base as they grow and evolve, and at the same time respond to operational issues, is a challenging task,” said chief evangelist for EMEA at AWS, Danilo Poccia. 

“For this reason, you can find many ideas on how to structure your teams, on which methodologies to apply, and how to safely automate your software delivery pipeline.

“CodeGuru helps you improve your application code and reduce compute and infrastructure costs with an automated code reviewer and application profiler that provide intelligent recommendations. Using visualizations based on runtime data, you can quickly find the most expensive lines of code of your applications.”

CodeGuru was first announced at AWS Re:Invent 2019 towards the end of last year as an AI-powered service designed to help write code. It was launched as an automated tool, trained on several decades of code reviews, adding comments to pull requests if it discovers an issue, also recommending remediation, including example code and links to documentation.

AWS has made a number of improvements to Amazon CodeGuru in the last few months, including a more cost-effective pricing model, support for Bitbucket repositories, and the capacity to start the profiling agent using a command-line switch.

In addition to existing features, the generally-available version of CodeGuru includes support for GitHub Enterprise in Reviewer mode, as well as new types of recommendations to solve defects and improve code. For Profiler mode, meanwhile, AWS has added anomaly detection, support for AWS Lambda, as well as the total CPU cost of issues in a recommendations report, among a number of others.

CodeGuru has been released days after AWS launched Honeycode, a visual application builder that can be used to create interactive web and mobile apps on a code-free basis. These can range in complexity from a task-tracking application for a small team to a project management system that controls complex workflows, with Honeycode aimed at those in need of innovative online capabilities but without the means to hire experienced engineers.

Safe Documents sandbox tool released for Microsoft 365


Keumars Afifi-Sabet

23 Jun, 2020

Microsoft has rolled out its Safe Documents feature for all Microsoft 365 customers in a bid to boost enterprise security by verifying untrusted files when they’re opened by a user.

When enabled by an administrator, the feature will automatically scan documents for any threats after opening the file in Protected View. This is an additional step which involves uploading and scanning by Microsoft Defender ATP.

Safe Documents essentially brings the power of the firm’s enterprise security platform Intelligent Security Graph to the desktop, with access to a live dataset of billions of data points, combing to form massive security-centric datasets.

The feature has been rolled out to rectify the limitations of Protected View, which is currently in play for all Microsoft 365 users. When opening documents received from external sources, the company suggested, people often exit the Protected View sandbox without considering whether the document is safe.

It was initially previewed in February 2020, when it was touted as a means to automate a crucial phase in the security of opening documents, which may often be overlooked if this decision is in the hands of the individual user.

“While a scan is in progress, Safe Documents will prevent users from exiting the Protected View container,” Microsoft’s security employee Kenny Shi said. “Users are still able to access and read the document during this process but will be unable to make any edits until the scan has completed.

“Once the file has been successfully scanned, users will be able to leave the Protected View container with confidence that their file is safe.”

If the file being scanned is identified as being malicious, users will be prevented from leaving Protected View entirely, with administrators able to decide whether users can bypass and ‘enable editing’ for malicious files using the Admin portal.

In addition to the added security features, IT admins will be given access to an Advanced Hunting feature to get additional analytical information on users.

Safe Documents is turned off by default, with security administrators able to activate the feature by navigating to the Security and Compliance centre within Microsoft 365. Organisations will need a Microsoft 365 E5 Security license in order to use the feature.

Microsoft acquires data model provider ADRM


Keumars Afifi-Sabet

19 Jun, 2020

Microsoft has snapped up enterprise data modelling company ADRM Software with a view to combining the firm’s “information blueprints” with Azure storage and compute to create sophisticated data lakes.

ADRM, which providers large-scale sector-specific industrial data models to large enterprises, has built and refined its services over decades for business-critical analytics. These models allow organisations to more completely capture and define their business processes and build interoperability across IT infrastructures.

Microsoft is hoping to combine these comprehensive industrial models with the limitless storage and computing power of Azure to create intelligent data lakes where data from several lines of businesses can be combined more efficiently.

“Data and AI are the foundation of modern technological innovation, yet businesses today struggle to unlock the full value data has to offer as fragmented data estates hinder digital transformation,” said Microsoft’s CVP for Azure Global Industry Ravi Krishnaswamy said.

“Without a comprehensive and integrated view of their data, companies are at a competitive disadvantage, which hinders digital adoption and data-driven innovation.

Combining ADRM Software’s services with Azure, these capabilities can be offered to enterprises at scale, and allow customers to embark on digital projects quicker and with less risk, Microsoft explained.

Although data and AI are considered key to modern innovation, many businesses struggle to fully extract value from datasets due to fragmentation. Without a comprehensive and integrated view of their data, companies may find their digital transformation plans disrupted. This is the issue that Microsoft is hoping to resolve by feeding ADRM’s data models into its cloud computing platform.

“As we worked closely with the Azure global engineering team during the past year, we became very enthusiastic about the tremendous additional value and acceleration we believe can be unlocked for large enterprises across many industries,” said ADRM Software in an announcement.

The post added that the data lakes that can be created as a result of the acquisition aren’t “just vast reservoirs” but are also metadata-rich foundations that can supercharge data warehouses, analytics, AI and machine learning.