Tag Archives: find

For Sale – Huawei Matebook X Pro – i7, 512GB, MX150

I am selling my Huawei Matebook X Pro, i7, 8GB RAM, 512GB Storage, GPU MX150.
It is in excellent condition and I can’t find any scratches or dings on it anywhere.

I bought it from the Microsoft Store so I have been the only owner, and I purchased it on 21st November 2018.
It comes in the original box, with the original charger and the HDMI accessory that came with it.

The only reason for sale is that I was travelling a lot with work at the time and since that has died down, I’ve built a desktop.

This is an excellent laptop with a great display and battery life has never let me down.

Go to Original Article
Author:

How to manage Server Core with PowerShell

After you first install Windows Server 2019 and reboot, you might find something unexpected: a command prompt.

While you’re sure you didn’t select the Server Core option, Microsoft now makes it the default Windows Server OS deployment for its smaller attack surface and lower system requirements. While you might remember DOS commands, those are only going to get you so far. To deploy and manage Server Core, you need to build your familiarity with PowerShell to operate this headless flavor of Windows Server.

To help you on your way, you will want to build your knowledge of PowerShell and might start with the PowerShell integrated scripting environment (ISE). PowerShell ISE offers a wealth of features for the novice PowerShell user, including auto complete of commands to context-colored commands to step you through the scripting process. The problem is PowerShell ISE requires a GUI or the “full” Windows Server. To manage Server Core, you have the command window and PowerShell in its raw form.

Start with the PowerShell basics

To start, type in powershell to get into the environment, denoted by the PS before the C: prompt. A few basic DOS commands will work, but PowerShell is a different language. Before you can add features and roles, you need to set your IP and domain. It can be done in PowerShell, but this is laborious and requires a fair amount of typing. Instead, we can take a shortcut and use sconfig to compete the setup. After that, we can use PowerShell for additional administrative work.

PowerShell uses a verb-noun format, called cmdlets, for its commands, such as Install-WindowsFeature or Get-Help. The verbs have predefined categories that are generally clear on their function. Some examples of PowerShell cmdlets are:

  • Install: Use this PowerShell verb to install software or some resource to a location or initialize an install process. This would typically be done to install a windows feature such as Dynamic Host Configuration Protocol (DHCP).
  • Set: This verb modifies existing settings in Windows resources, such as adjusting networking or other existing settings. It also works to create the resource if it did not already exist.
  • Add: Use this verb to add a resource or setting to an existing feature or role. For example, this could be used to add a scope onto the newly installed DHCP service.
  • Get: This is a resource retriever for data or contents of a resource. You could use Get to present the resolution of the display and then use Set to change it.

To install DHCP to a Server Core deployment with PowerShell, use the following commands.

Install the service:

Install-WindowsFeature –name 'dhcp'

Add a scope for DHCP:

Add-DhcpServerV4Scope –name "Office" –StartingRange 192.168.1.100 -EndRange 192.168.1.200 -SubnetMask 255.255.255.0

Set the lease time:

Set-DHCPSet-DhcpServerv4Scope -ScopeId 192.168.1.100 -LeaseDuration 1.00:00:00

Check the DHCP IPv4 scope:

Get-DhcpServerv4Scope

Additional pointers for PowerShell newcomers

Each command has a purpose and means you have to know the syntax, which is the hardest part of learning PowerShell. Not knowing what you’re looking for can be very frustrating, but there is help. The Get-Help displays the related commands for use with that function or role.

Part of the trouble for new PowerShell users is this can still be overwhelming to memorize all the commands, but there is a shortcut. As you start to type a command, the tab key auto-completes the PowerShell commands. For example, if you type Get-Help R and press the tab key, PowerShell will cycle through the commands, such as the command Remove-DHCPServerInDC, see Figure 1. When you find the command you want and hit enter, PowerShell presents additional information for using that command. Get-Help even supports wildcards, so you could type Get-Help *dhcp* to get results for commands that contain that phrase.

Get-Help command
Figure 1. Use the Get-Help command to see the syntax used with a particular PowerShell cmdlet.

The tab function in PowerShell is a savior. While this approach is a little clumsy, it is a valuable asset in a pinch due to the sheer number of commands to remember. For example, a base install of Windows 10 includes Windows PowerShell 5.1 which features more than 1,500 cmdlets. As you install additional PowerShell modules, you make more cmdlets available.

There are many PowerShell books, but do you really need them? There are extensive libraries of PowerShell code that are free to manipulate and use. Even walking through a Microsoft wizard gives the option to create the PowerShell code for the wizard you just ran. As you learn where to find PowerShell code, it becomes less of a process to write a script from scratch but more of a modification of existing code. You don’t have to be an expert; you just need to know how to manipulate the proper fields and areas.

Outside of typos, the biggest stumbling block for most beginners is not reading the screen. PowerShell does a mixed job with its error messages. The type is red when something doesn’t work, and PowerShell will give the line and character where the error occurred.

In the example in Figure 2, PowerShell threw an error due to the extra letter s at the end of the command Get-WindowsFeature. The system didn’t recognize the command, so it tagged the entire command rather than the individual letter, which can be frustrating for beginners.

PowerShell error message
Figure 2. When working with PowerShell on the command line, you don’t get precise locations of where an error occurred if you have a typo in a cmdlet name.

The key is to review your code closely, then review it again. If the command doesn’t work, you have to fix it to move forward. It helps to stop and take a deep breath, then slowly reread the code. Copying and pasting a script from the web isn’t foolproof and can introduce an error. With some time and patience, and some fundamental PowerShell knowledge of the commands, you can get moving with it a lot quicker than you might have thought.

Go to Original Article
Author:

For Sale – 2015 MBP Retina 13″ 16gb 512gb

Helloo,

After upgrading to a 15 inch lifestyle, I find myself ready to part with my beloved 13 inch MacBook Pro.

Specs are:

MacBook Pro 13″ early 2015
16GB Ram
Intel core i5 2.9Ghz
512GB SSD
intel graphics

condition wise, generally good, screen is pretty much pristine, its had a screen protector on it since day 0, and while that had one or two marks from use, simply peel it off and you’ll be left with a perfect display! (as much as I would love to do this, I will save that pleasure for the next person to enjoy)

the bottom casing has suffered a little bit from being inside one of those clear plastic cases. and there are a couple of scratches on the top of the unit, these have been pictured as best I could and a couple of the keys have some wear on them, this was a work machine and I tend to type a LOT.

Overall its been taken care of, but is not pristine, and I have adjusted price to reflect this. This specification is hard to find and has been a great tool.

Will also come with 2 chargers, one apple, 1 third party, so you can have 1 charger at home and one on the go.

this has been difficult to price and I’ve done my best to mark it fairly, but I am open to offers.UNADJUSTEDNONRAW_thumb_a.jpgUNADJUSTEDNONRAW_mini_18.jpgUNADJUSTEDNONRAW_mini_16.jpgUNADJUSTEDNONRAW_mini_c.jpgUNADJUSTEDNONRAW_mini_6.jpgUNADJUSTEDNONRAW_mini_7.jpgUNADJUSTEDNONRAW_mini_15.jpgUNADJUSTEDNONRAW_mini_3.jpg7410d32b-8d19-4238-8e71-cdb0553af1e6.jpg2249f9ee-6b5e-466a-bb24-46e11c95e672.jpg

Price and currency: 600
Delivery: Delivery cost is not included
Payment method: BT Preferred
Location: Bath/London
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article
Author:

For Sale – 2015 MBP Retina 13″ 16gb 512gb

Helloo,

After upgrading to a 15 inch lifestyle, I find myself ready to part with my beloved 13 inch MacBook Pro.

Specs are:

MacBook Pro 13″ early 2015
16GB Ram
Intel core i5 2.9Ghz
512GB SSD
intel graphics

condition wise, generally good, screen is pretty much pristine, its had a screen protector on it since day 0, and while that had one or two marks from use, simply peel it off and you’ll be left with a perfect display! (as much as I would love to do this, I will save that pleasure for the next person to enjoy)

the bottom casing has suffered a little bit from being inside one of those clear plastic cases. and there are a couple of scratches on the top of the unit, these have been pictured as best I could and a couple of the keys have some wear on them, this was a work machine and I tend to type a LOT.

Overall its been taken care of, but is not pristine, and I have adjusted price to reflect this. This specification is hard to find and has been a great tool.

Will also come with 2 chargers, one apple, 1 third party, so you can have 1 charger at home and one on the go.

this has been difficult to price and I’ve done my best to mark it fairly, but I am open to offers.UNADJUSTEDNONRAW_thumb_a.jpgUNADJUSTEDNONRAW_mini_18.jpgUNADJUSTEDNONRAW_mini_16.jpgUNADJUSTEDNONRAW_mini_c.jpgUNADJUSTEDNONRAW_mini_6.jpgUNADJUSTEDNONRAW_mini_7.jpgUNADJUSTEDNONRAW_mini_15.jpgUNADJUSTEDNONRAW_mini_3.jpg7410d32b-8d19-4238-8e71-cdb0553af1e6.jpg2249f9ee-6b5e-466a-bb24-46e11c95e672.jpg

Price and currency: 600
Delivery: Delivery cost is not included
Payment method: BT Preferred
Location: Bath/London
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article
Author:

For Sale – 2015 MBP Retina 13″ 16gb 512gb

Helloo,

After upgrading to a 15 inch lifestyle, I find myself ready to part with my beloved 13 inch MacBook Pro.

Specs are:

MacBook Pro 13″ early 2015
16GB Ram
Intel core i5 2.9Ghz
512GB SSD
intel graphics

condition wise, generally good, screen is pretty much pristine, its had a screen protector on it since day 0, and while that had one or two marks from use, simply peel it off and you’ll be left with a perfect display! (as much as I would love to do this, I will save that pleasure for the next person to enjoy)

the bottom casing has suffered a little bit from being inside one of those clear plastic cases. and there are a couple of scratches on the top of the unit, these have been pictured as best I could and a couple of the keys have some wear on them, this was a work machine and I tend to type a LOT.

Overall its been taken care of, but is not pristine, and I have adjusted price to reflect this. This specification is hard to find and has been a great tool.

Will also come with 2 chargers, one apple, 1 third party, so you can have 1 charger at home and one on the go.

this has been difficult to price and I’ve done my best to mark it fairly, but I am open to offers. UNADJUSTEDNONRAW_thumb_a.jpg UNADJUSTEDNONRAW_mini_18.jpg UNADJUSTEDNONRAW_mini_16.jpg UNADJUSTEDNONRAW_mini_c.jpg UNADJUSTEDNONRAW_mini_6.jpg UNADJUSTEDNONRAW_mini_7.jpg UNADJUSTEDNONRAW_mini_15.jpg UNADJUSTEDNONRAW_mini_3.jpg 7410d32b-8d19-4238-8e71-cdb0553af1e6.jpg 2249f9ee-6b5e-466a-bb24-46e11c95e672.jpg

Price and currency: 600
Delivery: Delivery cost is not included
Payment method: BT Preferred
Location: Bath/London
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article
Author:

For Sale – 2015 MBP Retina 13″ 16gb 512gb

Helloo,

After upgrading to a 15 inch lifestyle, I find myself ready to part with my beloved 13 inch MacBook Pro.

Specs are:

MacBook Pro 13″ early 2015
16GB Ram
Intel core i5 2.9Ghz
512GB SSD
intel graphics

condition wise, generally good, screen is pretty much pristine, its had a screen protector on it since day 0, and while that had one or two marks from use, simply peel it off and you’ll be left with a perfect display! (as much as I would love to do this, I will save that pleasure for the next person to enjoy)

the bottom casing has suffered a little bit from being inside one of those clear plastic cases. and there are a couple of scratches on the top of the unit, these have been pictured as best I could and a couple of the keys have some wear on them, this was a work machine and I tend to type a LOT.

Overall its been taken care of, but is not pristine, and I have adjusted price to reflect this. This specification is hard to find and has been a great tool.

Will also come with 2 chargers, one apple, 1 third party, so you can have 1 charger at home and one on the go.

this has been difficult to price and I’ve done my best to mark it fairly, but I am open to offers.

UNADJUSTEDNONRAW_thumb_a.jpg UNADJUSTEDNONRAW_mini_18.jpg UNADJUSTEDNONRAW_mini_16.jpg UNADJUSTEDNONRAW_mini_c.jpg UNADJUSTEDNONRAW_mini_6.jpg UNADJUSTEDNONRAW_mini_7.jpg UNADJUSTEDNONRAW_mini_15.jpg UNADJUSTEDNONRAW_mini_3.jpg 7410d32b-8d19-4238-8e71-cdb0553af1e6.jpg 2249f9ee-6b5e-466a-bb24-46e11c95e672.jpg

Price and currency: 600
Delivery: Delivery cost is not included
Payment method: BT Preferred
Location: Bath/London
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article
Author:

Talend CEO discusses importance of mining relevant data

Business intelligence only exists by mining relevant data.

Without the ability to find the right data, there’s no actual BI to base decisions upon.

Mining relevant data, however, is no simple task.

Given the organizational complexity of today’s big enterprises — many are multinational with offices around the world, others amalgams of companies sewn together over the years by mergers and acquisitions with product lines that go beyond one small niche — the amount of available data amassed over decades can be overwhelming and disorganized.

To help organizations curate their data and gain meaningful insights, vendors such as cloud Talend, founded in 2005 and based in Redwood City, Calif., along with others such as cloud data integration provider Informatica and MuleSoft, recently acquired by Salesforce, have risen and become specialists in data integration.

In a two-part Q&A, Talend CEO Mike Tuchen discusses in depth the difficulty companies face in mining relevant data.

In part one, Tuchen talks about the general challenges that have developed over the last 10 to 15 years as organizations digitize and pool their data, while in part two he discusses differences large corporations face compared with their small and midsize brethren, as well as Talend’s own strategy in helping organizations deal with their sudden abundance of data.

In terms of mining relevant data, what are the challenges organizations face?

Mike Tuchen, CEO of TalendMike Tuchen

Mike Tuchen: The biggest challenge that every company has is that their data is all over the place. It’s in a lot of different systems. They’re in a lot of different formats — some of them you might know about, but most of them you don’t know about. Where is all the relevant info, and how does it relate to each other? Once you start finding all of this data, you quickly start realizing that you’ve going from not knowing where it is to suddenly seeing you’ve got 10 different versions of everything, and they’re all inconsistent and overlapping. How do you start? Where do you go to find the right information? How do you get all that stuff consistent? Those are the core problems every single company faces.

How has it developed to this point — what has happened in the last 10 to 15 years to lead us to this point where mining relevant data is so difficult?

Tuchen: It was more simple 10 to 15 years ago, but that wasn’t necessarily a benefit. It was simpler because many companies simply hadn’t digitized. They had a whole lot of manual processes, so the data simply wasn’t available in any electronic system. The first part of a digital transformation is digitizing, getting everything in the system and now having electronic workflows, and that’s a huge step forward. But it brings that second step, which is that now you’ve created electronic information which you can start to harness and analyze. That’s a huge opportunity that’s just now starting to be tapped, but it leads to exactly the problems we just discussed. Where is all the data that’s relevant, how does it relate to each other, what’s the correct info, how do I make it consistent and correct and find that information and start there and use that to drive my analysis? That’s where value comes from.

What can a company do to find the data it needs?

Tuchen: One of the first steps a company takes is to start cataloging their data. There are companies like us that provide a data catalog that allows you to understand where all your data is and now get to the point where you have a common definition. When I talk about annual recurring revenue, what’s the actual definition, and how am I defining that here? There’s no accounting standard that says here’s what ARR [annual recurring revenue] means, so you need to define it somewhere, so how do I define that and say here are the source tables where all that kind of stuff is going to form. So you start with cataloging it, and now you start driving that cleaning and governance process, you start pulling the data together, automating the cleanup steps to start making it consistent and correct. And then, as you’ve built out those two core capabilities, you now are at the point where your data is consistent and correct and you know what it is. You’ve defined the most important definitions, and your team knows where to go to analyze it.

Are there potential pitfalls that can arise while mining relevant data?

Tuchen: The secondary problem that’s been created that we’re now starting to touch on is that different analytical teams, without having a catalog to go find the data, are going to start recreating it themselves — you not only have duplicate work being created but in some cases inconsistent work, which is even worse. It’s not just that they’re wasting time that could have been saved, it’s that they’re coming to different results by creating different definitions or different flows that result in different answers. It’s creating more confusion. By creating a catalog, understanding where your data is, and now driving convergence and consistency, you’re starting with the right data and everyone is starting in the same place and maximizing use.

Editor’s note: This interview has been edited for clarity and conciseness.

Go to Original Article
Author:

For Sale – 2015 MBP Retina 13″ 16gb 512gb

Helloo,

After upgrading to a 15 inch lifestyle, I find myself ready to part with my beloved 13 inch MacBook Pro.

Specs are:

MacBook Pro 13″ early 2015
16GB Ram
Intel core i5 2.9Ghz
512GB SSD
intel graphics

condition wise, generally good, screen is pretty much pristine, its had a screen protector on it since day 0, and while that had one or two marks from use, simply peel it off and you’ll be left with a perfect display! (as much as I would love to do this, I will save that pleasure for the next person to enjoy)

the bottom casing has suffered a little bit from being inside one of those clear plastic cases. and there are a couple of scratches on the top of the unit, these have been pictured as best I could and a couple of the keys have some wear on them, this was a work machine and I tend to type a LOT.

Overall its been taken care of, but is not pristine, and I have adjusted price to reflect this. This specification is hard to find and has been a great tool.

Will also come with 2 chargers, one apple, 1 third party, so you can have 1 charger at home and one on the go.

this has been difficult to price and I’ve done my best to mark it fairly, but I am open to offers.

UNADJUSTEDNONRAW_thumb_a.jpg UNADJUSTEDNONRAW_mini_18.jpg UNADJUSTEDNONRAW_mini_16.jpg UNADJUSTEDNONRAW_mini_c.jpg UNADJUSTEDNONRAW_mini_6.jpg UNADJUSTEDNONRAW_mini_7.jpg UNADJUSTEDNONRAW_mini_15.jpg UNADJUSTEDNONRAW_mini_3.jpg 7410d32b-8d19-4238-8e71-cdb0553af1e6.jpg 2249f9ee-6b5e-466a-bb24-46e11c95e672.jpg

Price and currency: 800
Delivery: Delivery cost is not included
Payment method: BT Preferred
Location: Bath/London
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article
Author:

As AI identity management takes shape, are enterprises ready?

BOSTON — Enterprises may soon find themselves replacing their usernames and passwords with algorithms.

At the Identiverse 2018 conference last month, a chorus of vendors, infosec experts and keynote speakers discussed how machine learning and artificial intelligence are changing the identity and access management (IAM) space. Specifically, IAM professionals promoted the concept of AI identity management, where vulnerable password systems are replaced by systems that rely instead on biometrics and behavioral security to authenticate users. And, as the argument goes, humans won’t be capable of effectively analyzing the growing number of authentication factors, which can include everything from login times and download activity to mouse movements and keystroke patterns. 

Sarah Squire, senior technical architect at Ping Identity, believes that use of machine learning and AI for authentication and identity management will only increase. “There’s so much behavioral data that we’ll need AI to help look at all of the authentication factors,” she told SearchSecurity, adding that such technology is likely more secure than relying solely on traditional password systems.

During his Identiverse keynote, Andrew McAfee, principal research scientist at the Massachusetts Institute of Technology, discussed how technology, and AI in particular, is changing the rules of business and replacing executive “gut decisions” with data intensive predictions and determinations. “As we rewrite the business playbook, we need to keep in mind that machines are now demonstrating excellent judgment over and over and over,” he said.

AI identity management in practice

Some vendors have already deployed AI and machine learning for IAM. For example, cybersecurity startup Elastic Beam, which was acquired by Ping last month, uses AI-driven analysis to monitor API activity and potentially block APIs if malicious activity is detected. Bernard Harguindeguy, founder of Elastic Beam and Ping’s new senior vice president of intelligence, said AI is uniquely suited for API security because there are simply too many APIs, too many connections and too wide an array of activity to monitor for human admins to keep up with.

There are other applications for AI identity management and access control. Andras Cser, vice president and principal analyst for security and risk professionals at Forrester Research, said he sees several ways machine learning and AI are being used in the IAM space. For example, privileged identity management can use algorithms to analyze activity and usage patterns to ensure the individuals using the privileged accounts aren’t malicious actors.

“You’re looking at things like, how has a system administrator been doing X, Y and Z, and why? If this admin has been using these three things and suddenly he’s looking at 15 other things, then why does he need that?” Cser said.

In addition, Cser said machine learning and AI can be used for conditional access and authorization. “Adaptive or risk-based authorization tend to depend on machine learning to a great degree,” he said. “For example, we see that you have access to these 10 resources, but you need to be in your office during normal business hours to access them. Or if you’ve been misusing these resources across these three applications, then it will ratchet back your entitlements at least temporarily and grant you read-only access or require manager approval.”

Algorithms are being used not just for managing identities but creating them as well. During his Identiverse keynote, Jonathan Zittrain, George Bemis professor of international law at Harvard Law School, discussed how companies are using data to create “derived identities” of consumers and users. “Artificial intelligence is playing a role in this in a way that maybe it wasn’t just a few years ago,” he said.

Zittrain said he had a “vague sense of unease” around machine learning being used to target individuals via their derived identities and market suggested products. We don’t know what data is being used, he said, but we know there is a lot of it, and the identities that are created aren’t always accurate. Zittrain joked about how when he was in England a while ago, he was looking at the Lego Creator activity book on Amazon, which was offered up as the “perfect partner” to a book called American Jihad. Other times, he said, the technology creates anxieties when people discover they are too accurate.

“You realize the way these machine learning technologies work is by really being effective at finding correlations where our own instincts would tell us none exist,” Zittrain said. “And yet, they can look over every rock to find one.”

Potential issues with AI identity management

Experts say allowing AI systems to automatically authenticate or block users, applications and APIs with no human oversight comes with some risk, as algorithms are never 100% accurate. Squire says there could be a trial and error period, but added there are ways to mitigate those errors. For example, she suggested AI identity management shouldn’t treat all applications and systems the same and suggested assigning risk levels for each resource or asset that requires authentication.

“It depends on what the user is doing,” Squire said. “If you’re doing something that has a low risk score, then you don’t need to automatically block access to it. But if something has a high risk score, and the authentication factors don’t meet the requirement, then it can automatically block access.”

Squire said she doesn’t expect AI identity management to remove the need for human infosec professionals. In fact, it may require even more. “Using AI is going to allow us to do our jobs in a smarter way,” she said. “We’ll still need humans in the loop to tell the AI to shut up and provide context for the authentication data.”

Cser said the success of AI-driven identity management and access control will depend on a few critical factors. “The quality and reliability of the algorithms are important,” he said. “How is the model governed? There’s always a model governance aspect. There should be some kind of mathematically defensible, formalized governance method to ensure you’re not creating regression.”

Explainability is also important, he said. Vendor technology should have some type of “explanation artifacts” that clarify why access has been granted or rejected, what factors were used, how those factors were weighted and other vital details about the process. If IAM systems or services don’t have those artifacts, then they risk becoming black boxes that human infosec professionals can’t manage or trust.

Regardless of potential risks, experts at Identiverse generally agreed that machine learning and AI are proving their effectiveness and expect an increasing amount of work to be delegated to them. “The optimal, smart division of labor between what we do — minds — and [what] machines do is shifting very, very quickly,” McAfee said during his keynote. “Very often it’s shifting in the direction of the machines. That doesn’t mean that all of us have nothing left to offer, that’s not the case at all. It does mean that we’d better re-examine some of our fundamental assumptions about what we’re better at than the machines because of the judgment and the other capabilities that the machines are demonstrating now.”

Have I Been Pwned integration comes to Firefox and 1Password

Have I Been Pwned has been helping users find out if their data was part of a data breach since 2013, and now the service will be integrated into new products from Mozilla and 1Password.

Troy Hunt, the security expert who created and runs the project, announced the new Have I Been Pwned integration and noted the partnership with Firefox will “significantly expand the audience that can be reached.”

“I’m really happy to see Firefox integrating with HIBP in this fashion, not just to get it in front of as many people as possible, but because I have a great deal of respect for their contributions to the technology community,” Hunt wrote in a blog post. “They’ve also been instrumental in helping define the model which HIBP uses to feed them data without Mozilla disclosing the email addresses being searched for.”

This is a key feature featured in both Mozilla’s new Firefox Monitor and 1Password Watchtower: using Have I Been Pwned integration to allow users to search without disclosing email addresses. Hunt said this privacy feature will work in a similar way to the k-anonymity model used by Have I Been Pwned when searching for passwords.

When searching for passwords, Have I Been Pwned matches the first five characters of a SHA-1 hash, which returns, on average, 477 results per search range in a data set of 500 million records, in order to avoid exposing too much information about the password being queried — the results could include the password being queried, or not, but an attacker would not be able to determine the password being queried on the basis of the results returned. With email addresses, Hunt searches on the first six characters of the hash against the database of over 3 billion email addresses, but he added that this shouldn’t result in less secure searches.

“This number [of breached passwords] will grow significantly over time; more data breaches means more new email addresses means larger results in the range search. More importantly though, email addresses are far less predictable than passwords; as I mentioned earlier, if I was to spy on searches for Pwned Passwords, the prevalence of passwords in the system beginning with that hash can indicate the likelihood of what was searched by,” Hunt wrote. “But when we’re talking about email addresses, there’s no such indicator, certainly the number of breaches each has been exposed in divulges nothing in terms of which one is likely being searched for.”

Have I Been Pwned integration

Mozilla has built Have I Been Pwned integration into its Firefox Monitor tool, which will begin as an invitation-only service. Mozilla plans to invite an initial group of 250,000 people to test the feature on the web beginning next week and do a wider release later on.

1Password will include Have I Been Pwned integration in its Watchtower tool as part of the Breach Report feature. The Breach Report will let users know where an account with a user’s email address may have been compromised; show a list of websites where an item saved in 1Password might have been compromised; and show a list of breaches where a 1Password item was found, but the user has already changed the compromised data.

Currently, 1Password Watchtower is only available on the web, but 1Password expects to eventually add the service to all of its apps.