Archive for December 22, 2023

How Well Does The New Esso/Mobile App Work For Contactless Fuel Fill Ups? Let’s Find Out!

Posted in Commentary with tags on December 22, 2023 by itnerd

You might recall that because of recent issues with the Esso/Mobil app during its rollout that resolved themselves, that drove me to trying the Shell App to see if it was any better at contactless fuel fill ups and payments. But seeing as the Esso/Mobil app was all new, I decided to give that a test to see if it was any better. After all, it was the clear winner when pitted against the Petro Canada app. Thus it would only be fair to see if it retained the crown, or had dropped a couple of places.

I’ll skip past the registration process as I covered that when I encountered the issues with this app. But I am going to assume that now that things seem to be working, it should be smooth for you. The first thing that I will say is that the user interface of the Esso/Mobil app makes it easy to use. Once you click on “Pay At Pump” you’re presented with a pretty clean interface that allows you to type in the pump number and choose if you want a car wash as well (assuming the station has a car wash). Then you can pay using Apple Pay which is my preferred payment method. Once authorized, it only takes a few seconds for the pump to be activated. This is similar to the Shell App.

One thing that I should point out is that the previous version of the app which was called Speedpass+ had an Apple Watch app. But that Apple Watch app was pretty useless as it wouldn’t work properly unless your iPhone was nearby with the iPhone app running. The Esso/Mobil app has done away with the Apple Watch app and I can’t say that I miss it. Though it would be been nice for one of these gas companies to come up with an Apple Watch app that doesn’t require an iPhone so that I can use that to get a fill up if I need to.

Another thing that Esso/Mobil seem to have done away with is the gas discount cards. The previous version of the app allowed you to store discount card and apply them to your gas purchases automatically. This new app seems not to have that functionality. And that’s a serious downgrade from the previous version of the app. They need to bring that back as that was one of the things that made it better than the Petro Canada app. On the plus side, they do better integrate the PC Optimum rewards system into the Esso/Mobil app. Though some functionality requires you to have the PC Optimum app installed.

So where does this leave the Esso/Mobil app relative to the competition from Shell and Petro Canada? In my opinion, Esso/Mobil and Shell are basically tied. If Shell had the ability to use Apple Pay to pay in store, it would go ahead. If Esso/Mobil kept the functionality to add discount cards, it would go ahead. That leaves the Petro Canada app a step behind those two as they really haven’t changed or improve the functionality. And it takes longer to activate the pump versus the other two.

This is something that I’ll be keeping my eye on as contactless payments at the gas pump is the best way to get gas in Canada. And it’s nice that there are not only options, but hopefully those options spur competition to make things better for consumers. And that’s a win for everyone.

Leave a comment »

BREAKING: Moneris Takes A Dirt Nap [UPDATE: Fixed]

Posted in Commentary with tags on December 22, 2023 by itnerd

Canadian payment processor Moneris has apparently suffered an outage. The company has confirmed the outage on Twitter:

The outage is really ill timed as people are trying to get their holiday shopping done today. That and not many people carry cash any more.Though I suspect that they should as the company had another outage not that long ago. I’ll be monitoring the situation and update this story with anything I find out.

This latest outage means Moneris is really going to have explain this outage to consumers along with why consumers and retailers should trust them going forward.

More to come.

UPDATE: Moneris has posted this:

Leave a comment »

Guest Post: Beware of the Christmas application naughty list  – Consumers are ready to add banking applications and messaging platforms

Posted in Commentary with tags on December 22, 2023 by itnerd

By Gregg Ostrowski, CTO Advisor, Cisco Observability

As technologists eagerly anticipate a well-deserved break to celebrate the holiday season with loved ones, they‘re also facing pressure to ensure that applications and digital services are performing at an optimal level during seasonal spikes in demand. The challenge is ensuring applications and digital services, from online shopping to messaging platforms and banking applications, perform seamlessly. With consumer expectations for digital experiences higher than ever, technologists know that any slip up in application performance will lead to customers deleting applications and turning their backs on brands forever. 

Recent research by Cisco AppDynamics, surveying over 1,000 Canadians, revealed that 51 per cent consider applications and digital services essential to an enjoyable holiday. Additionally, 48 per cent of Canadians anticipate greater reliance on digital services this holiday season than in previous years.

The problem is, however, that when applications don’t perform as they should, it really can dampen the holiday mood. At a time when tensions can already be running high, consumers are likely to react with fury towards any brand whose application lets them down and lessens their festive spirit.

Applications going on the naughty list this year

While traditional concerns such as power outages and travel delays may be the biggest holiday worries, a new nightmare has emerged due to the importance of applications and digital services. In Canada, 71 per cent of people use digital applications to connect with loved ones during the holidays and 66 per cent rely on banking and insurance apps for last-minute payments and transfers.

Canadian consumers identify potential scenarios that could spoil their festive spirit, with worry about banking applications failing to process important payments and messaging platforms disrupting communications with distant friends and family. In fact, 61 per cent of Canadians fear their banking apps might go down during the holidays, hindering crucial transitions. When it comes to connecting with friends and family, 51 per cent worry that messaging apps might fail, leaving them unable to communicate with loved ones. 

However, people will direct the most outrage towards the brands behind any application that lets them down. 40 per cent of consumers claim they won’t be able to forgive an application that fails to perform properly. Whether it’s slow loading pages, payment issues or downtime, they’ll immediately delete the offensive application and vow never to use it again.

Brands need application observability to optimize holiday opportunities

As brands approach this critical time of the year, they are walking a metaphoric tightrope. If they can deliver innovative, intuitive, secure and seamless digital experiences, they have an unprecedented opportunity to take advantage of heightened application demand, attracting new customers and driving sales. But if applications fail to perform, there will be a loss of customers, revenue and a tarnished reputation.

Organizations in all sectors urgently need to ensure their IT teams have the right tools and insights to manage application availability, performance and security, particularly at a time when their applications will be experiencing massive increase in demand. Technologists therefore need application observability to generate full visibility across their hybrid application landscapes, including both cloud native and on-premises environments.

With application observability, technologists can rapidly detect, understand and resolve issues. And by correlating application availability, performance and security data with key business metrics, they can prioritize the issues which could damage the end user experience.

Consumers around the world simply won’t tolerate poor digital experiences this holiday season, and brands will need to do whatever it takes to keep their applications off the naughty list!

Leave a comment »

Horizon3.ai Closes Out 2023 With Numerous Honors and Accolades

Posted in Commentary with tags on December 22, 2023 by itnerd

Horizon3.ai, a leading provider of autonomous security solutions, celebrated 2023, a break-out year in which the company was honored with numerous recognitions and prestigious honors.

Among Horizon3.ai’s 2023 recognitions:

  • The Fortune Cyber 60 – Horizon3.ai was recognized as a fastest-growing company on this new listing of the most important venture-backed startups that offer enterprise-grade cybersecurity solutions. Horizon3.ai was added to the Early-growth-stage companies category, and is the sole honoree offering an autonomous penetration testing solution.
  • 2023 CyberSecured Award for Autonomous Penetration Testing – Recognizing the crucial importance of reducing organizational security risk and protecting data integrity. NodeZero™ was recognized for its unmatched ability to autonomously find exploitable weaknesses in external, internal, and cloud IT infrastructures, providing detailed guidance on prioritizing and fixing them, and verifying that fixes are effective.
  • The Black Unicorn Awards – Recognition by Cyber Defense Magazine of Horizon3.ai’s potential to reach a $1 billion-dollar market value as determined by private or public investment within 3-5 years. Out of over 3,500 cybersecurity companies in the world, based on funding, sales and execution, Horizon3.ai was among only 50 finalists selected.
  • CRN Stellar Startups – Honoring emerging technology vendors that are committed to delivering innovative technology services and solutions that propel success in the IT channel. Horizon3.ai is singled out as a growth driver for MSSPs because it enables them to help overwhelmed IT administrators and security teams with no previous pentesting experience understand exactly what to fix, automating complex detection complexities that can otherwise take manual pentesters months to assess.
  • The Security Today New Products of the Year Award – Pentesting – Security Today selected Horizon3.ai’s NodeZero platform as the winner in the Pentesting category. These awards honor the outstanding product development achievements of security technology and solutions.
  • CyberSecurity Breakthrough Awards – Pentesting Solution of the Year – This annual program recognizes the best information security companies, products, and people around the world, and Horizon3.ai was awarded with the win in this category.
  • CRN MES Midmarket 100 – The MES Midmarket 100 recognizes forward-thinking vendors that target midsize customers with products and services designed to address the midmarket’s unique needs. Horizon3.ai was selected for the list for its consistent commitment to helping midmarket organizations utilize technology to help them thrive.
  • The Channel Company MES Fall 2023 XCellence Awards – Horizon3.ai was celebrated for excellence and innovation, and its outstanding achievements and contributions to supporting the cybersecurity of midmarket companies. It was named for the  XCellence in Boardroom Presentation – Event category, and was also honored in four other categories: Best Midmarket Solution: Software; Best Midmarket Solution: Services; XCellence in Solutions Track Presentation; and XCellence in Solutions Pavilion Strategy – Best in Show. This is the second time in a row that Horizon3.ai has won in the MES XCellence Awards.

Security pros, their C-Suite and MSSPs everywhere are increasingly aware that breaches aren’t a case of if but of when. NodeZero enables even IT and security pros at the relative start of their career to discover their organization’s exploitable attack paths, identify and help fix the riskiest issues, and confirm that fixes worked before their organization becomes an attacker’s prey.

NodeZero and Horizon3.ai have also previously received numerous top honors such as: the SC Awards Most Promising Startup, Cloud Security Innovation, Cybersecurity Excellence Awards, TMC Cloud Security Excellence Awards, the Channel Company’s MES Matters honors, the Cyber Defense Global InfoSec Awards, and important recognitions by its growing global community of integration partners, channel partners and MSSPs.

Finally, in The Total Economic ImpactTM of the NodeZero Platform – Performed by Forrester Consulting in October 2023, analysis of a composite organization studied showed that it received vulnerability and risk intelligence that exceeds traditional approaches through use of the NodeZero platform, and achieved a three-year 63% return on investment (ROI). The TEI study also codified operations time savings that freed up the equivalent of one member of their four-member security team to focus on other security initiatives.

To learn more about what others had to say about NodeZero, download the full study here.

Leave a comment »

Here’s Some 2024 Predictions From Alluxio

Posted in Commentary with tags on December 22, 2023 by itnerd

Alluxio has the following 2024 Technology Predictions about major developments that are in the pipeline. Haoyuan Li, founder and CEO, describes what he sees in AI/ML, Data & Analytics, Cloud, DevOps and Storage in 2024.

AI/ML 

Compute Power is the New Oil

The soaring demand for GPUs has outpaced industry-wide supply, making specialized compute with the right configuration a scarce resource. Compute power has now become the new oil, and organizations are wielding it as a competitive edge. In 2024, we anticipate even greater innovation and adoption of technologies to enhance compute efficiency and scale capacity as AI workloads continue to explode. In addition, specialized AI hardware, like TPUs, ASICs, FPGAs and neuromorphic chips, will become more accessible.

Moving GenAI from Pilots to Production

GenAI is influencing organizations’ investment decisions. While early GenAI pilots show promise, most organizations remain cautious about full production deployment due to limited hands-on experience and rapid evolution. In 2023, most organizations are on small and targeted trials to assess benefits and risks carefully. As GenAI technologies mature and become more democratized through pre-trained models, cloud computing, and open-source tools, budget allocations will shift more heavily toward GenAI in 2024.

Balancing In-House and Vendor-Provided LLMs

To leverage the power of LLMs, organizations need to decide between building their own models, utilizing a closed-source model like GPT4 via APIs, or fine-tuning a pre-trained open-source LLM. In 2024, as LLMs keep iterating, organizations would not want to be “locked in” to one model or one vendor. They will likely adopt a hybrid approach, balancing the use of pre-trained models with developing in-house custom models when there are tighter privacy, IP ownership, and security requirements. 

Green AI

In 2024, more organizations will recognize the pressing sustainability challenges posed by AI projects as adoption accelerates. Technological advancements like optimized data architectures, reduced data copies, and renewable energy tapping will help. However, technology alone is not enough. Organizations will also need to implement governance processes and human-centered values that ensure AI projects drive business value without negatively impacting the environment. Organizations that proactively embrace green AI principles in 2024 will gain a competitive advantage and build public trust.

Data & Analytics 

Overcoming Data Silo Challenges

Data silos remain a challenge for organizations – many analytics and AI systems spread across regions, clouds, and platforms, resulting in a vast amount of data duplication and separate governance models. In 2024, to accelerate time-to-insights and scale analytics and AI initiatives, organizations will increasingly need to manage distributed data. More will develop data strategies for unified management of scattered data through flexible orchestration, abstraction, and virtualization.

Cloud 

Cloud Cost Optimization Will be More Strategic in 2024

In 2024, cloud cost optimization will become more strategic. Beyond tactical cost management, such as rightsizing and adopting spot instances, organizations will undertake more strategic evaluations and optimizations. These will modernize and optimize cloud-deployed systems for cost-efficiency, with some workloads potentially reverting to on-premises. Cloud ROI depends on holistic optimization spanning architecture designs, cost monitoring, negotiations with cloud vendors, and continuous re-evaluation.

Hybrid and Multi-cloud Acceleration

In 2024, the adoption of hybrid and multi-cloud strategies is expected to accelerate, both for strategic and tactical reasons. From a strategic standpoint, organizations will aim to avoid vendor lock-in and will want to retain sensitive data on-premises while still utilizing the scalable resources offered by cloud services. Tactically, due to the continued scarcity of GPUs, companies will seek to access GPUs or specific resources and services that are unique to certain cloud providers. A seamless combination of cross-region and cross-cloud services will become essential, enabling businesses to enhance performance, flexibility, and efficiency without compromising data sovereignty.

DevOps

The Integration of DevOps and MLOps to Streamline AI Projects

In 2024, MLOps will increasingly integrate with DevOps to create more streamlined workflows for AI projects. The combination of MLOps and DevOps creates a set of processes and automated tools for managing data, code, and models to enhance the efficiency of machine learning platforms. Data scientists and software developers will get the freedom to transition to high-value projects without the need for manually overseeing models. The trend is driven by streamlining the process of delivering models to production to reduce time-to-value.

Storage

From Specialized Storage to Optimized Commodity Storage for AI Platform

The growth of AI workloads has driven the adoption of specialized high-performance computing (HPC) storage optimized for speed and throughput. But in 2024, we expect a shift towards commoditized storage. Cloud object stores, NVMe flash, and other storage solutions will be optimized for cost-efficient scalability. The high cost and complexity of specialized storage will give way to flexible, cheaper, easy-to-manage commodity storage tailored for AI needs, allowing more organizations to store and process data-intensive workloads using cost-effective solutions.

Leave a comment »

Apple Being Investigated Over Their Attempts To Block Beeper

Posted in Commentary with tags on December 22, 2023 by itnerd

The Justice Department and the FTC are apparently deciding to investigate Apple over their attempts to block Beeper. Here’s the story from the New York Times that might be paywalled for you. But I’ll give you the TL:DR:

The Justice Department has taken interest in the case. Beeper Mini met with the department’s antitrust lawyers on Dec. 12, two people familiar with the meeting said. Eric Migicovsky, a co-founder of the app’s parent company, Beeper, declined to comment on the meeting, but the department is in the middle of a four-year-old investigation into Apple’s anticompetitive behavior.

The Federal Trade Commission said in a blog post on Thursday that it would scrutinize “dominant” players that “use privacy and security as a justification to disallow interoperability” between services. The post did not name any companies.

The battle also caught the attention of the Senate Judiciary subcommittee on antitrust. The committee’s leadership — Senators Amy Klobuchar, Democrat of Minnesota, and Mike Lee, Republican of Utah — wrote a letter to the Justice Department expressing concern that Apple was snuffing out competition.

I’ve said this before and I will say it again. Beeper doesn’t have a right to just hack its way into iMessage just to give Android users the blue bubble experience. Conversely, Apple has every right to secure iMessage to keep Beeper out, seeing as Beeper and those who use the Beeper Mini service are unauthorized users of iMessage. Hopefully some common sense prevails here and Beeper gets shunted to the dustbin of history as this topic is really taking up way too much oxygen in the room.

Leave a comment »

Here Are Some 2024 Predictions from Tidelift

Posted in Commentary with tags on December 22, 2023 by itnerd

Tidelift, is a provider of solutions for improving open source software supply chain resilience, which we know from both government and industry attention will continue to be a pressing issue in 2024. Here’s commentary from Tidelift’s CEO/co-founder Donald Fischer for your reading pleasure. 

Another Log4Shell-sized vulnerability leads organizations and government to finally eliminate their open source blind spot. For many years, there has been a blind spot within organizations when it comes to open source software security. These organizations bring in open source packages without knowing whether the maintainers of these packages follow the same secure development practices the organization would require of their own code. In 2024, the emergence of a new Log4Shell-scale vulnerability finally convinces organizations that “nothing comes for free.” They begin paying more attention to their open source suppliers and start making the changes necessary to ensure that the maintainers developing the code they rely on are properly incentivized to do important security and maintenance work. Interestingly, the U.S. federal government emerges as a leader of this effort and begins to invest in paying for the security and maintenance work of open source maintainers. 

New government security mandates around the world create a confusing GDPR-like moment for open source security. As new government security requirements emerge (like those required under M-22-18 and White House Executive Order 14028 in the US and the Cyber Resilience Act in the EU), confusion reigns for organizations and open source maintainers. The lack of clear direction and conflicting incentives and penalties actually slows down progress toward improving security outcomes intended to be served by the regulations.

Open source contributors fed up with corporate interests exploiting open source start fighting back. After a period in which the principles underlying the open source movement took a back seat, open source contributors will rediscover open source’s roots in the free software movement and start fighting back against commercially controlled projects bending and breaking open source principles in search of profits. Interestingly, by revisiting the original core tenets of open source, organizations will begin to once again reap the benefits of the model as it returns stronger than ever, with new antibodies to protect it. 

In 2024, we see the rise of dedicated open source product security teams within organizations. As open source continues to expand its footprint within commercial products, product security groups will begin building out dedicated teams focused exclusively on the security of the open source components that make up much of the source code in their products. 

Intellectual property issues return as a primary concern in open source. In part driven by the increasing attention on the provenance of data used to train AI machine learning models, organizations return to paying closer attention to IP issues with open source and the “legal technology” patterns innovated by open source licenses. 


Already overwhelmed open source maintainers “cry uncle” as well intended, AI-generated pull requests create a snowball of even more noise for them to deal with. Predictably, the end result is even more frustrated maintainers, many of whom will quit their maintenance work altogether, leading to more security risk for organizations.  

Leave a comment »

Twitter Has Taken A Pair Of Dirt Naps Recently…. And It’s Likely To Get Worse

Posted in Commentary with tags on December 22, 2023 by itnerd

Elon Musk has once again proved that his actions have made Twitter incredibly unstable. There’s been a pair of outages recently that highlight how badly he’s running Twitter:

  • Twitter was down for 40 minutes on December 17.
  • Twitter was also down on Thursday

That led to the hashtag “TwitterDown” trending both times. Along with these funny Tweets:

https://twitter.com/cartierflaws/status/1737725497478648213

Elon himself hasn’t said anything about these two outages. Which isn’t a shock as he’s cut things so much there that it’s likely that if he did say anything, he’d open himself to a lot of criticism. And since his skin is so thin, he wouldn’t be able to deal with that like a functioning adult. So he’s hiding. Meanwhile, those who are left on Twitter should get used to this instability. Because I suspect that it is going to get worse as we move into 2024 due to the fact that Elon likely doesn’t have the cash to properly run the platform due to him driving away advertisers in droves. And even he he did have the cash, he fired everyone. So he’s kind of screwed. And those who still use the platform will suffer as a result.

Leave a comment »