Technology

For the modern enterprise, providing delightful customer experiences may be an all-encompassing task, but obsessing about customers is well worth the effort. Forrester research reveals that customer-obsessed companies achieve 2.5 times higher revenue growth and 2.2 times better customer retention. 

Implementing systems that put the customer in the center requires harnessing all of an organization’s resources in a way that is greater than the sum of its parts. Connectivity is a key part of any modern IT infrastructure, and it’s becoming more complicated and important than ever before.

To read this article in full, please click here

Google “design by committee,” and you won’t see anything good. The phrase is a pejorative term for a project that has many designers and no unifying plan or vision.

That’s said, I’m seeing this approach more frequently these days when it comes to cloud architecture, which is disturbing. I’m not sure if it's due to the pandemic and the need to get people engaged remotely, or the lack of skills that is pushing important decisions to groups of people.

If you’re as old as me, you remember architecture steering committees. These were groups of IT leaders, typically from different departments, such as security, databases, development, etc., who came together to decide on a holistic architecture made up of technologies that everyone could agree on.

To read this article in full, please click here

A simmering proposal to address Java pain points, including slow startup, slow time to peak performance, and large footprint, is now moving forward.

Project Leyden, under discussion for more than two years, will address these pain points by introducing static images to the JDK and the Java platform. In an OpenJDK post on May 20, Mark Reinhold, chief architect of the Java platform group at Oracle, decreed it was time for the project to begin.

To read this article in full, please click here

Multicloud simply won’t go away. AWS spent years trying to avoid it, with persistent messaging that multicloud was more exception than rule. Former CEO Andy Jassy was fond of saying, “The vast majority don’t end up choosing to be multicloud. They predominantly use a single provider.” However, it’s becoming clear that multicloud is simply how enterprise IT gets done in 2022. At Temenos’ big event in London this past week, the banking software giant cited survey data from The Economist Intelligence Unit, which revealed that 81% of respondents believe that multicloud will become a regulatory prerequisite.

To read this article in full, please click here

I read an OutSystems report the other day that surprised me. According to OutSystems’ “Cloud-Native Development: Ready or Not?” report, although both Gartner and IDC predict that 90% to 95% of applications will be cloud-native by 2025, only 47% of IT decision makers and developers even understand what “cloud native” actually means.

In other words, fewer than half of the people who need to know how to build and implement a cloud-native application actually understand what it means to be cloud-native and how to be ready for it. If true, that’s a scary state of affairs for modern enterprise development efforts.

To read this article in full, please click here

Red Hat has unveiled new versions of its in-browser and local development environments geared to work with the OpenShift Kubernetes platform.

Red Hat OpenShift Dev Spaces 3 is the renamed, repackaged Red Hat CodeReady Workspaces, while Red Hat OpenShift Local 2 is the new name for Red Hat CodeReady Containers.

OpenShift Dev Spaces uses OpenShift and containers to provide development and IT teams with a consistent development environment. Version 3 features the new DevWorkspace engine, replacing the CodeReady Workspaces Java REST service with a Kubernetes controller that runs behind the kube-apiserver for better scalability and high availability. Also featured in this version is a universal API. The development team cited a simpler design achieved by decoupling the Dev Spaces workspace engine from the developer’s IDE and server-side components.

To read this article in full, please click here

A simmering proposal to address Java pain points, including slow startup, slow time to peak performance, and large footprint, is now moving forward.

Project Leyden, under discussion for more than two years, will address these pain points by introducing static images to the JDK and the Java platform. In an OpenJDK post on May 20, Mark Reinhold, chief architect of the Java platform group at Oracle, decreed it was time for the project to begin.

To read this article in full, please click here

Every programming language has two kinds of speed: speed of development, and speed of execution. Python has always favored writing fast versus running fast. Although Python code is almost always fast enough for the task, sometimes it isn’t. In those cases, you need to find out where and why it lags, and do something about it.

A well-respected adage of software development, and engineering generally, is “Measure, don’t guess.” With software, it’s easy to assume what’s wrong, but never a good idea to do so. Statistics about actual program performance are always your best first tool in the pursuit of making applications faster.

The good news is, Python offers a whole slew of packages you can use to profile your applications and learn where it’s slowest. These tools range from simple one-liners included with the standard library to sophisticated frameworks for gathering stats from running applications. Here I cover nine of the most significant, most of which run cross-platform and are readily available either in PyPI or in Python’s standard library.

To read this article in full, please click here

NY goes after Twitch, Musk's real plan, Apple's DeepMind defection

• Elon Musk says Twitter deal can't happen until bot account dispute is resolved.
•  Twitter asks shareholders to support Musk's purchase.
•  NY Launches Ridiculous, Blatantly Unconstitutional 'Investigations' Into Twitch, Discord; Deflecting Blame From NY's Own Failings.
•  @kendraschaefer: My goodness. China's cyberspace watchdog, the CAC, just published a long (and unprecedented) set of draft regulations for recommendation algorithms.
•  Why is the Johnny Depp/Amber Heard trial so visible on social media?
•  The Origins of Totalitarianism by Hannah Arendt.
•  Cultish: The Language of Fanaticism by Amanda Montell.
•  Dianetics and scientology technical dictionary by L. Ron Hubbard.
•  Losing Ian Goodfellow to DeepMind is the dumbest thing Apple's ever done.
•  The Genesis Machine: Our Quest to Rewrite Life in the Age of Synthetic Biology by Amy Webb, Andrew Hessel.
•  Apple Shows Headset to Board in Sign It's Reached Advanced Stage.
•  VeeCon: Exclusive Conference Around Web 3 and Culture.
•  Fears grow for smaller nations after ransomware attack on Costa Rica escalates.
•  Ransomware gang Conti 'shuts down' in midst of Costa Rica attack.
•  Project Hail Mary by Andy Weir.
•  Bobiverse by Dennis Taylor.
•  The Nineties: A Book by Chuck Klosterman.
•  Whole Earth Discipline: An Ecopragmatist Manifesto by Stewart Brand.
• Ideas That Created the Future: Classic Papers of Computer Science by Harry R. Lewis.
•  Pinball Map

Host: Leo Laporte

Guests: Amy Webb and David Spark

Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

Sponsors:

• www.stamps.com - promo code: TWIT
• expressvpn.com/twit
• noom.com/twit
• Indochino.com promo code TWIT

As a specification, the Jakarta Persistence API (formerly Java Persistence API) is concerned with persistence, which loosely means any mechanism by which Java objects outlive the application process that created them. Not all Java objects need to be persisted, but most applications persist key business objects. The JPA specification lets you define which objects should be persisted, and how they are persisted in your Java applications.

By itself, JPA is not a tool or framework; rather, it defines a set of concepts that guide implementers. While JPA's object-relational mapping (ORM) model was originally based on Hibernate, it has since evolved. Likewise, while JPA was originally intended for use with relational databases, some JPA implementations have been extended for use with NoSQL datastores. A popular framework that supports JPA with NoSQL is EclipseLink, the reference implementation for JPA 3.

To read this article in full, please click here

It’s a no-brainer. Proactive ops systems can figure out issues before they become disruptive and can make corrections without human intervention.

For instance, an ops observability tool, such as an AIops tool, sees that a storage system is producing intermittent I/O errors, which means that the storage system is likely to suffer a major failure sometime soon. Data is automatically transferred to another storage system using predefined self-healing processes, and the system is shut down and marked for maintenance. No downtime occurs.

These types of proactive processes and automations occur thousands of times an hour, and the only way you’ll know that they are working is a lack of outages caused by failures in cloud services, applications, networks, or databases. We know all. We see all. We track data over time. We fix issues before they become outages that harm the business.

To read this article in full, please click here

The unique approach of the Rust programming language results in better code with fewer compromises than C, C++, Go, and the other languages you probably use. It also gets updated regularly, often every month.

If you already have a previous version of Rust installed via rustup, you can access the latest version via the following command:

Published May 19, Rust 1.61 highlights custom exit codes from main. Rust proponents said that in the beginning, Rust main functions only could return the unit type () either implicitly or explicitly, indicating success in the exit status, and if developers wanted otherwise, they had to call process::exit. Since Rust 1.26, main has been allowed to return a Result, where Ok translated to a C EXIT_SUCCESS and Err to EXIT_Failure. These alternate return types were unified by an unstable Termination trait. In this release, Termination trait is stable, along with a more-general ExitCode type that wraps platform-specific return types. The Termination trait also can be implemented for a developer’s own types, allowing for customization of reporting before converting to an ExitCode.

To read this article in full, please click here

A consortium led by Dynatrace has submitted OpenFeature to the Cloud Native Computing Foundation (CNCF) for consideration as a sandbox project.

The observability software specialist is developing the open source feature flag standard in partnership with LaunchDarkly, GitLab, Split, Flagsmith, CloudBees, and others.

Feature flagging has emerged as a key enabler for effective continuous software delivery, devops and site reliability engineering (SRE) practices by enabling developers to toggle certain application functionality on and off at runtime, without deploying new code.

To read this article in full, please click here

Multithreaded programming could be about to get easier for Java developers under a plan currently incubating in the OpenJDK community.

The structured concurrency proposal would introduce a library that treats multiple tasks running in different threads as a single unit of work. The new library would streamline error handling and cancellation, improving reliability and enhancing observability, according to the proposal. Goals of the plan include improving the reliability and observability of multithreaded code and promoting a concurrent programming style that can eliminate common risks arising from cancellation and shutdown, such as thread leaks and cancellation delays. At this point, the structured concurrency proposal is not targeted for a specific version of Java.

To read this article in full, please click here

When it comes to developer preference, JavaScript and Python have maintained their staying power while Rust usage is rising, according to a recent worldwide survey of developers.

A May 4 report entitled, "State of the Developer Nation, 22nd Edition," from analyst firm SlashData, featured data from a survey of more than 20,000 developers in 166 countries, taken from December 2021 to February 2022. In this report, JavaScript remained the most-popular language for the tenth survey in a row, with nearly 17.5 million developers using the popular web scripting language. (SlashData has published these reports about two to three times a year for several years.) The JavaScript community itself has been growing consistently for several years. Python, which surpassed Java in popularity two years ago, was the second most-popular language behind JavaScript, with 15.7 million users. In just the past six months, Python added 3.3 million net new developers.

To read this article in full, please click here

Quantum computing continues to inhabit the nebulous space between practical application and theoretical speculation, but it is edging closer toward real-world use. One of the more interesting use cases for quantum computers is modern internet cryptography.

Quantum computing's name comes from the fact that it relies on the properties of subatomic particles, governed by laws that seem strange to those of us rooted in the macro world. In particular, quantum computers use qubits (quantum bits) instead of the binary digits (bits) we know from traditional computer systems.

To read this article in full, please click here

Some of more tech-savvy Democrats in the U.S. Senate are asking the Federal Trade Commission (FTC) to investigate identity-proofing company ID.me for “deceptive statements” the company and its founder allegedly made over how they handle facial recognition data collected on behalf of the Internal Revenue Service, which until recently required anyone seeking a new IRS account online to provide a live video selfie to ID.me.

In a letter to FTC Chair Lina Khan, the Senators charge that ID.me’s CEO Blake Hall has offered conflicting statements about how his company uses the facial scan data it collects on behalf of the federal government and many states that use the ID proofing technology to screen applicants for unemployment insurance.

The lawmakers say that in public statements and blog posts, ID.me has frequently emphasized the difference between two types of facial recognition: One-to-one, and one-to-many. In the one-to-one approach, a live video selfie is compared to the image on a driver’s license, for example. One-to-many facial recognition involves comparing a face against a database of other faces to find any potential matches.

Americans have particular reason to be concerned about the difference between these two types of facial recognition, says the letter to the FTC, signed by Sens. Cory Booker (D-N.J.), Edward Markey (D-Mass.), Alex Padilla (D-Calif.), and Ron Wyden (D-Ore.):

“While one-to-one recognition involves a one-time comparison of two images in order to confirm an applicant’s identity, the use of one-to-many recognition means that millions of innocent people will have their photographs endlessly queried as part of a digital ‘line up.’ Not only does this violate individuals’ privacy, but the inevitable false matches associated with one-to-many recognition can result in applicants being wrongly denied desperately-needed services for weeks or even months as they try to get their case reviewed.”

“This risk is especially acute for people of color: NIST’s Facial Recognition Vendor Test found that many facial recognition algorithms have rates of false matches that are as much as 100 times higher for individuals from countries in West Africa, East Africa and East Asia than for individuals from Eastern European countries. This means Black and Asian Americans could be disproportionately likely to be denied benefits due to a false match in a one-to-many facial recognition system.”

The lawmakers say that throughout the latter half of 2021, ID.me published statements and blog posts stating it did not use one-to-many facial recognition and that the approach was “problematic” and “tied to surveillance operations.” But several days after a Jan. 16, 2022 post here about the IRS’s new facial ID requirement went viral and prompted a public backlash, Hall acknowledged in a LinkedIn posting that ID.me does use one-to-many facial recognition.

“Within days, the company edited the numerous blog posts and white papers on its website that previously stated the company did not use one-to-many to reflect the truth,” the letter alleges. “According to media reports, the company’s decision to correct its prior misleading statements came after mounting internal pressure from its employees.”

Cyberscoop’s Tonya Riley published excerpts from internal ID.me employee Slack messages wherein some expressed dread and unease with the company’s equivocation on its use of one-to-many facial recognition.

In February, the IRS announced it would no longer require facial scans or other biometric data from taxpayers seeking to create an account at the agency’s website. The agency also pledged that any biometric data shared with ID.me would be permanently deleted.

But the IRS still requires new account applicants to sign up with either ID.me or Login.gov, a single sign-on solution already used to access 200 websites run by 28 federal agencies. It also still offers the option of providing a live selfie for verification purposes, although the IRS says this data will be deleted automatically.

Asked to respond to concerns raised in the letter from Senate lawmakers, ID.me instead touted its successes in stopping fraud.

“Five state workforce agencies have publicly credited ID.me with helping to prevent $238 billion dollars in fraud,” the statement reads. “Conditions were so bad during the pandemic that the deputy assistant director of the FBI called the fraud ‘an economic attack on the United States.’ ID.me played a critical role in stopping that attack in more than 20 states where the service was rapidly adopted for its equally important ability to increase equity and verify individuals left behind by traditional options. We look forward to cooperating with all relevant government bodies to clear up any misunderstandings.”

As Cyberscoop reported on Apr. 14, the House Oversight and Reform Committee last month began an investigation into ID.me’s practices, with committee chairwoman Carolyn Maloney (D-N.Y.) saying the committee’s questions to the company would help shape policy on how the government wields facial recognition technology.

A copy of the letter the senators sent to the FTC is here (PDF).

As much as we might like to think otherwise, cloud-native applications are web applications. We may build services, but their APIs are often RESTful, and where we may have used various remote procedure call technologies in the past, we’re now transitioning to the QUIC-based gRPC. All that means we’re running most of our applications’ interactions with the outside world over web protocols through the same limited set of ports.

Back in the early days of the internet, we were able to segregate applications by IP ports, using firewalls to block unwanted traffic by preventing access to unwanted ports. Attackers needed to scan the entire range of possible port numbers before finding vulnerabilities, reducing the size of the available attack surface and keeping risk to a minimum. Now, however, they can simply go to the familiar HTTP, HTTPS, and QUIC ports and try to break in using a reduced set of tools.

To read this article in full, please click here

The Python programming language releases new versions yearly, with a feature-locked beta release in the first half of the year and the final release toward the end of the year. The feature set for Python 3.11 has just been finalized, with a beta version available for testing. Developers are encouraged to try out this latest version on non-production code, both to verify that it works with your programs and to get an idea of whether your code will benefit from its performance enhancements.

Here's a rundown of the most significant new features in Python 3.11 and what they mean for Python developers.

To read this article in full, please click here

With the latest planned upgrade to the Bootstrap web development framework, builders are offering CSS variables for all components, along with new helpers and utilities.

Bootstrap v5.2.0-beta1, published May 13, is being called the biggest release of the framework since Bootstrap 5.0 two years ago. Components now include easier theming and CSS variables to enable real-time customization. Color-mode support, beginning with dark mode, will be added soon. Component pages have been updated to include a reference guide of relevant CSS variables. Values for most CSS variables are assigned via Sass variables; customization via CSS and Sass are both supported.

To read this article in full, please click here