Tag Archives: farming

Ransomware Update: Viruses Targeting Business IT Servers

Post Syndicated from Roderick Bauer original https://www.backblaze.com/blog/ransomware-update-viruses-targeting-business-it-servers/

Ransomware warning message on computer

As ransomware attacks have grown in number in recent months, the tactics and attack vectors also have evolved. While the primary method of attack used to be to target individual computer users within organizations with phishing emails and infected attachments, we’re increasingly seeing attacks that target weaknesses in businesses’ IT infrastructure.

How Ransomware Attacks Typically Work

In our previous posts on ransomware, we described the common vehicles used by hackers to infect organizations with ransomware viruses. Most often, downloaders distribute trojan horses through malicious downloads and spam emails. The emails contain a variety of file attachments, which if opened, will download and run one of the many ransomware variants. Once a user’s computer is infected with a malicious downloader, it will retrieve additional malware, which frequently includes crypto-ransomware. After the files have been encrypted, a ransom payment is demanded of the victim in order to decrypt the files.

What’s Changed With the Latest Ransomware Attacks?

In 2016, a customized ransomware strain called SamSam began attacking the servers in primarily health care institutions. SamSam, unlike more conventional ransomware, is not delivered through downloads or phishing emails. Instead, the attackers behind SamSam use tools to identify unpatched servers running Red Hat’s JBoss enterprise products. Once the attackers have successfully gained entry into one of these servers by exploiting vulnerabilities in JBoss, they use other freely available tools and scripts to collect credentials and gather information on networked computers. Then they deploy their ransomware to encrypt files on these systems before demanding a ransom. Gaining entry to an organization through its IT center rather than its endpoints makes this approach scalable and especially unsettling.

SamSam’s methodology is to scour the Internet searching for accessible and vulnerable JBoss application servers, especially ones used by hospitals. It’s not unlike a burglar rattling doorknobs in a neighborhood to find unlocked homes. When SamSam finds an unlocked home (unpatched server), the software infiltrates the system. It is then free to spread across the company’s network by stealing passwords. As it transverses the network and systems, it encrypts files, preventing access until the victims pay the hackers a ransom, typically between $10,000 and $15,000. The low ransom amount has encouraged some victimized organizations to pay the ransom rather than incur the downtime required to wipe and reinitialize their IT systems.

The success of SamSam is due to its effectiveness rather than its sophistication. SamSam can enter and transverse a network without human intervention. Some organizations are learning too late that securing internet-facing services in their data center from attack is just as important as securing endpoints.

The typical steps in a SamSam ransomware attack are:

1
Attackers gain access to vulnerable server
Attackers exploit vulnerable software or weak/stolen credentials.
2
Attack spreads via remote access tools
Attackers harvest credentials, create SOCKS proxies to tunnel traffic, and abuse RDP to install SamSam on more computers in the network.
3
Ransomware payload deployed
Attackers run batch scripts to execute ransomware on compromised machines.
4
Ransomware demand delivered requiring payment to decrypt files
Demand amounts vary from victim to victim. Relatively low ransom amounts appear to be designed to encourage quick payment decisions.

What all the organizations successfully exploited by SamSam have in common is that they were running unpatched servers that made them vulnerable to SamSam. Some organizations had their endpoints and servers backed up, while others did not. Some of those without backups they could use to recover their systems chose to pay the ransom money.

Timeline of SamSam History and Exploits

Since its appearance in 2016, SamSam has been in the news with many successful incursions into healthcare, business, and government institutions.

March 2016
SamSam appears

SamSam campaign targets vulnerable JBoss servers
Attackers hone in on healthcare organizations specifically, as they’re more likely to have unpatched JBoss machines.

April 2016
SamSam finds new targets

SamSam begins targeting schools and government.
After initial success targeting healthcare, attackers branch out to other sectors.

April 2017
New tactics include RDP

Attackers shift to targeting organizations with exposed RDP connections, and maintain focus on healthcare.
An attack on Erie County Medical Center costs the hospital $10 million over three months of recovery.
Erie County Medical Center attacked by SamSam ransomware virus

January 2018
Municipalities attacked

• Attack on Municipality of Farmington, NM.
• Attack on Hancock Health.
Hancock Regional Hospital notice following SamSam attack
• Attack on Adams Memorial Hospital
• Attack on Allscripts (Electronic Health Records), which includes 180,000 physicians, 2,500 hospitals, and 7.2 million patients’ health records.

February 2018
Attack volume increases

• Attack on Davidson County, NC.
• Attack on Colorado Department of Transportation.
SamSam virus notification

March 2018
SamSam shuts down Atlanta

• Second attack on Colorado Department of Transportation.
• City of Atlanta suffers a devastating attack by SamSam.
The attack has far-reaching impacts — crippling the court system, keeping residents from paying their water bills, limiting vital communications like sewer infrastructure requests, and pushing the Atlanta Police Department to file paper reports.
Atlanta Ransomware outage alert
• SamSam campaign nets $325,000 in 4 weeks.
Infections spike as attackers launch new campaigns. Healthcare and government organizations are once again the primary targets.

How to Defend Against SamSam and Other Ransomware Attacks

The best way to respond to a ransomware attack is to avoid having one in the first place. If you are attacked, making sure your valuable data is backed up and unreachable by ransomware infection will ensure that your downtime and data loss will be minimal or none if you ever suffer an attack.

In our previous post, How to Recover From Ransomware, we listed the ten ways to protect your organization from ransomware.

  1. Use anti-virus and anti-malware software or other security policies to block known payloads from launching.
  2. Make frequent, comprehensive backups of all important files and isolate them from local and open networks. Cybersecurity professionals view data backup and recovery (74% in a recent survey) by far as the most effective solution to respond to a successful ransomware attack.
  3. Keep offline backups of data stored in locations inaccessible from any potentially infected computer, such as disconnected external storage drives or the cloud, which prevents them from being accessed by the ransomware.
  4. Install the latest security updates issued by software vendors of your OS and applications. Remember to patch early and patch often to close known vulnerabilities in operating systems, server software, browsers, and web plugins.
  5. Consider deploying security software to protect endpoints, email servers, and network systems from infection.
  6. Exercise cyber hygiene, such as using caution when opening email attachments and links.
  7. Segment your networks to keep critical computers isolated and to prevent the spread of malware in case of attack. Turn off unneeded network shares.
  8. Turn off admin rights for users who don’t require them. Give users the lowest system permissions they need to do their work.
  9. Restrict write permissions on file servers as much as possible.
  10. Educate yourself, your employees, and your family in best practices to keep malware out of your systems. Update everyone on the latest email phishing scams and human engineering aimed at turning victims into abettors.

Please Tell Us About Your Experiences with Ransomware

Have you endured a ransomware attack or have a strategy to avoid becoming a victim? Please tell us of your experiences in the comments.

The post Ransomware Update: Viruses Targeting Business IT Servers appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

New – Machine Learning Inference at the Edge Using AWS Greengrass

Post Syndicated from Jeff Barr original https://aws.amazon.com/blogs/aws/new-machine-learning-inference-at-the-edge-using-aws-greengrass/

What happens when you combine the Internet of Things, Machine Learning, and Edge Computing? Before I tell you, let’s review each one and discuss what AWS has to offer.

Internet of Things (IoT) – Devices that connect the physical world and the digital one. The devices, often equipped with one or more types of sensors, can be found in factories, vehicles, mines, fields, homes, and so forth. Important AWS services include AWS IoT Core, AWS IoT Analytics, AWS IoT Device Management, and Amazon FreeRTOS, along with others that you can find on the AWS IoT page.

Machine Learning (ML) – Systems that can be trained using an at-scale dataset and statistical algorithms, and used to make inferences from fresh data. At Amazon we use machine learning to drive the recommendations that you see when you shop, to optimize the paths in our fulfillment centers, fly drones, and much more. We support leading open source machine learning frameworks such as TensorFlow and MXNet, and make ML accessible and easy to use through Amazon SageMaker. We also provide Amazon Rekognition for images and for video, Amazon Lex for chatbots, and a wide array of language services for text analysis, translation, speech recognition, and text to speech.

Edge Computing – The power to have compute resources and decision-making capabilities in disparate locations, often with intermittent or no connectivity to the cloud. AWS Greengrass builds on AWS IoT, giving you the ability to run Lambda functions and keep device state in sync even when not connected to the Internet.

ML Inference at the Edge
Today I would like to toss all three of these important new technologies into a blender! You can now perform Machine Learning inference at the edge using AWS Greengrass. This allows you to use the power of the AWS cloud (including fast, powerful instances equipped with GPUs) to build, train, and test your ML models before deploying them to small, low-powered, intermittently-connected IoT devices running in those factories, vehicles, mines, fields, and homes that I mentioned.

Here are a few of the many ways that you can put Greengrass ML Inference to use:

Precision Farming – With an ever-growing world population and unpredictable weather that can affect crop yields, the opportunity to use technology to increase yields is immense. Intelligent devices that are literally in the field can process images of soil, plants, pests, and crops, taking local corrective action and sending status reports to the cloud.

Physical Security – Smart devices (including the AWS DeepLens) can process images and scenes locally, looking for objects, watching for changes, and even detecting faces. When something of interest or concern arises, the device can pass the image or the video to the cloud and use Amazon Rekognition to take a closer look.

Industrial Maintenance – Smart, local monitoring can increase operational efficiency and reduce unplanned downtime. The monitors can run inference operations on power consumption, noise levels, and vibration to flag anomalies, predict failures, detect faulty equipment.

Greengrass ML Inference Overview
There are several different aspects to this new AWS feature. Let’s take a look at each one:

Machine Learning ModelsPrecompiled TensorFlow and MXNet libraries, optimized for production use on the NVIDIA Jetson TX2 and Intel Atom devices, and development use on 32-bit Raspberry Pi devices. The optimized libraries can take advantage of GPU and FPGA hardware accelerators at the edge in order to provide fast, local inferences.

Model Building and Training – The ability to use Amazon SageMaker and other cloud-based ML tools to build, train, and test your models before deploying them to your IoT devices. To learn more about SageMaker, read Amazon SageMaker – Accelerated Machine Learning.

Model Deployment – SageMaker models can (if you give them the proper IAM permissions) be referenced directly from your Greengrass groups. You can also make use of models stored in S3 buckets. You can add a new machine learning resource to a group with a couple of clicks:

These new features are available now and you can start using them today! To learn more read Perform Machine Learning Inference.

Jeff;

 

How to Compete with Giants

Post Syndicated from Gleb Budman original https://www.backblaze.com/blog/how-to-compete-with-giants/

How to Compete with Giants

This post by Backblaze’s CEO and co-founder Gleb Budman is the sixth in a series about entrepreneurship. You can choose posts in the series from the list below:

  1. How Backblaze got Started: The Problem, The Solution, and the Stuff In-Between
  2. Building a Competitive Moat: Turning Challenges Into Advantages
  3. From Idea to Launch: Getting Your First Customers
  4. How to Get Your First 1,000 Customers
  5. Surviving Your First Year
  6. How to Compete with Giants

Use the Join button above to receive notification of new posts in this series.

Perhaps your business is competing in a brand new space free from established competitors. Most of us, though, start companies that compete with existing offerings from large, established companies. You need to come up with a better mousetrap — not the first mousetrap.

That’s the challenge Backblaze faced. In this post, I’d like to share some of the lessons I learned from that experience.

Backblaze vs. Giants

Competing with established companies that are orders of magnitude larger can be daunting. How can you succeed?

I’ll set the stage by offering a few sets of giants we compete with:

  • When we started Backblaze, we offered online backup in a market where companies had been offering “online backup” for at least a decade, and even the newer entrants had raised tens of millions of dollars.
  • When we built our storage servers, the alternatives were EMC, NetApp, and Dell — each of which had a market cap of over $10 billion.
  • When we introduced our cloud storage offering, B2, our direct competitors were Amazon, Google, and Microsoft. You might have heard of them.

What did we learn by competing with these giants on a bootstrapped budget? Let’s take a look.

Determine What Success Means

For a long time Apple considered Apple TV to be a hobby, not a real product worth focusing on, because it did not generate a billion in revenue. For a $10 billion per year revenue company, a new business that generates $50 million won’t move the needle and often isn’t worth putting focus on. However, for a startup, getting to $50 million in revenue can be the start of a wildly successful business.

Lesson Learned: Don’t let the giants set your success metrics.

The Advantages Startups Have

The giants have a lot of advantages: more money, people, scale, resources, access, etc. Following their playbook and attacking head-on means you’re simply outgunned. Common paths to failure are trying to build more features, enter more markets, outspend on marketing, and other similar approaches where scale and resources are the primary determinants of success.

But being a startup affords many advantages most giants would salivate over. As a nimble startup you can leverage those to succeed. Let’s breakdown nine competitive advantages we’ve used that you can too.

1. Drive Focus

It’s hard to build a $10 billion revenue business doing just one thing, and most giants have a broad portfolio of businesses, numerous products for each, and targeting a variety of customer segments in multiple markets. That adds complexity and distributes management attention.

Startups get the benefit of having everyone in the company be extremely focused, often on a singular mission, product, customer segment, and market. While our competitors sell everything from advertising to Zantac, and are investing in groceries and shipping, Backblaze has focused exclusively on cloud storage. This means all of our best people (i.e. everyone) is focused on our cloud storage business. Where is all of your focus going?

Lesson Learned: Align everyone in your company to a singular focus to dramatically out-perform larger teams.

2. Use Lack-of-Scale as an Advantage

You may have heard Paul Graham say “Do things that don’t scale.” There are a host of things you can do specifically because you don’t have the same scale as the giants. Use that as an advantage.

When we look for data center space, we have more options than our largest competitors because there are simply more spaces available with room for 100 cabinets than for 1,000 cabinets. With some searching, we can find data center space that is better/cheaper.

When a flood in Thailand destroyed factories, causing the world’s supply of hard drives to plummet and prices to triple, we started drive farming. The giants certainly couldn’t. It was a bit crazy, but it let us keep prices unchanged for our customers.

Our Chief Cloud Officer, Tim, used to work at Adobe. Because of their size, any new product needed to always launch in a multitude of languages and in global markets. Once launched, they had scale. But getting any new product launched was incredibly challenging.

Lesson Learned: Use lack-of-scale to exploit opportunities that are closed to giants.

3. Build a Better Product

This one is probably obvious. If you’re going to provide the same product, at the same price, to the same customers — why do it? Remember that better does not always mean more features. Here’s one way we built a better product that didn’t require being a bigger company.

All online backup services required customers to choose what to include in their backup. We found that this was complicated for users since they often didn’t know what needed to be backed up. We flipped the model to back up everything and allow users to exclude if they wanted to, but it was not required. This reduced the number of features/options, while making it easier and better for the user.

This didn’t require the resources of a huge company; it just required understanding customers a bit deeper and thinking about the solution differently. Building a better product is the most classic startup competitive advantage.

Lesson Learned: Dig deep with your customers to understand and deliver a better mousetrap.

4. Provide Better Service

How can you provide better service? Use your advantages. Escalations from your customer care folks to engineering can go through fewer hoops. Fixing an issue and shipping can be quicker. Access to real answers on Twitter or Facebook can be more effective.

A strategic decision we made was to have all customer support people as full-time employees in our headquarters. This ensures they are in close contact to the whole company for feedback to quickly go both ways.

Having a smaller team and fewer layers enables faster internal communication, which increases customer happiness. And the option to do things that don’t scale — such as help a customer in a unique situation — can go a long way in building customer loyalty.

Lesson Learned: Service your customers better by establishing clear internal communications.

5. Remove The Unnecessary

After determining that the industry standard EMC/NetApp/Dell storage servers would be too expensive to build our own cloud storage upon, we decided to build our own infrastructure. Many said we were crazy to compete with these multi-billion dollar companies and that it would be impossible to build a lower cost storage server. However, not only did it prove to not be impossible — it wasn’t even that hard.

One key trick? Remove the unnecessary. While EMC and others built servers to sell to other companies for a wide variety of use cases, Backblaze needed servers that only Backblaze would run, and for a single use case. As a result we could tailor the servers for our needs by removing redundancy from each server (since we would run redundant servers), and using lower-performance components (since we would get high-performance by running parallel servers).

What do your customers and use cases not need? This can trim costs and complexity while often improving the product for your use case.

Lesson Learned: Don’t think “what can we add” to what the giants offer — think “what can we remove.”

6. Be Easy

How many times have you visited a large company website, particularly one that’s not consumer-focused, only to leave saying, “Huh? I don’t understand what you do.” Keeping your website clear, and your product and pricing simple, will dramatically increase conversion and customer satisfaction. If you’re able to make it 2x easier and thus increasing your conversion by 2x, you’ve just allowed yourself to spend ½ as much acquiring a customer.

Providing unlimited data backup wasn’t specifically about providing more storage — it was about making it easier. Since users didn’t know how much data they needed to back up, charging per gigabyte meant they wouldn’t know the cost. Providing unlimited data backup meant they could just relax.

Customers love easy — and being smaller makes easy easier to deliver. Use that as an advantage in your website, marketing materials, pricing, product, and in every other customer interaction.

Lesson Learned: Ease-of-use isn’t a slogan: it’s a competitive advantage. Treat it as seriously as any other feature of your product

7. Don’t Be Afraid of Risk

Obviously unnecessary risks are unnecessary, and some risks aren’t worth taking. However, large companies that have given guidance to Wall Street with a $0.01 range on their earning-per-share are inherently going to be very risk-averse. Use risk-tolerance to open up opportunities, and adjust your tolerance level as you scale. In your first year, there are likely an infinite number of ways your business may vaporize; don’t be too worried about taking a risk that might have a 20% downside when the upside is hockey stick growth.

Using consumer-grade hard drives in our servers may have caused pain and suffering for us years down-the-line, but they were priced at approximately 50% of enterprise drives. Giants wouldn’t have considered the option. Turns out, the consumer drives performed great for us.

Lesson Learned: Use calculated risks as an advantage.

8. Be Open

The larger a company grows, the more it wants to hide information. Some of this is driven by regulatory requirements as a public company. But most of this is cultural. Sharing something might cause a problem, so let’s not. All external communication is treated as a critical press release, with rounds and rounds of editing by multiple teams and approvals. However, customers are often desperate for information. Moreover, sharing information builds trust, understanding, and advocates.

I started blogging at Backblaze before we launched. When we blogged about our Storage Pod and open-sourced the design, many thought we were crazy to share this information. But it was transformative for us, establishing Backblaze as a tech thought leader in storage and giving people a sense of how we were able to provide our service at such a low cost.

Over the years we’ve developed a culture of being open internally and externally, on our blog and with the press, and in communities such as Hacker News and Reddit. Often we’ve been asked, “why would you share that!?” — but it’s the continual openness that builds trust. And that culture of openness is incredibly challenging for the giants.

Lesson Learned: Overshare to build trust and brand where giants won’t.

9. Be Human

As companies scale, typically a smaller percent of founders and executives interact with customers. The people who build the company become more hidden, the language feels “corporate,” and customers start to feel they’re interacting with the cliche “faceless, nameless corporation.” Use your humanity to your advantage. From day one the Backblaze About page listed all the founders, and my email address. While contacting us shouldn’t be the first path for a customer support question, I wanted it to be clear that we stand behind the service we offer; if we’re doing something wrong — I want to know it.

To scale it’s important to have processes and procedures, but sometimes a situation falls outside of a well-established process. While we want our employees to follow processes, they’re still encouraged to be human and “try to do the right thing.” How to you strike this balance? Simon Sinek gives a good talk about it: make your employees feel safe. If employees feel safe they’ll be human.

If your customer is a consumer, they’ll appreciate being treated as a human. Even if your customer is a corporation, the purchasing decision-makers are still people.

Lesson Learned: Being human is the ultimate antithesis to the faceless corporation.

Build Culture to Sustain Your Advantages at Scale

Presumably the goal is not to always be competing with giants, but to one day become a giant. Does this mean you’ll lose all of these advantages? Some, yes — but not all. Some of these advantages are cultural, and if you build these into the culture from the beginning, and fight to keep them as you scale, you can keep them as you become a giant.

Tesla still comes across as human, with Elon Musk frequently interacting with people on Twitter. Apple continues to provide great service through their Genius Bar. And, worst case, if you lose these at scale, you’ll still have the other advantages of being a giant such as money, people, scale, resources, and access.

Of course, some new startup will be gunning for you with grand ambitions, so just be sure not to get complacent. 😉

The post How to Compete with Giants appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

WannaBark (at the Moon)

Post Syndicated from Йовко Ламбрев original https://yovko.net/wannabark/

Не. Няма да пиша за ИскаПлаче. Вече много се изписа – и както обикновено малка част си струваше четенето.

Проблемът е много по-голям от раздуханата случка. А резюмето е, че сме прецакани. Генерално сме прецакани! Нещо, което си повтаряме от време на време из технологичните среди, но е крайно време да го обясним с човешки думи на всички и да започнем някак да поправяме нещата.

Интернет е лабораторно чедо. Няма някакъв съвършен имунитет. Роди се и проходи в среда на академична романтика, обгрижвано с наивната добронамереност на първосъздателите и първопотребителите си. До скоро (в Интернет) все още беше донякъде вярно, че мнозинството по принцип е рационално, що-годе грамотно, а полезното и смисленото естествено ще надделяват над глупостта и враждебността. Вече не е така. Приказката свърши!

Време е да се събудим и да признаем, че доброто няма да победи злото по подразбиране, без да му помогнем.

Свързани сме. Всички. Повече от всякога. И затова трябва да осъзнаваме отговорността си един към друг. Както когато сме пипнали грип, не си стоим вкъщи само за да се излекуваме по-бързо, а и за да ограничим заразата сред останалите – така и не можем в наши дни да си позволим да ползваме компютър, смартфон и софтуер, който е стар и изоставен от поддръжка – защото сме уязвими не само ние, но застрашаваме и останалите.

Както някой сполучливо обобщи тези дни в twitter: „Не е вярно, че не можеш да си позволиш да обновяваш. Не можеш да си позволиш да не обновяваш!“

Системите, които ползваме явно или невидимо около нас, ще стават все по-свързани и отговорността да ги опазим е обща. Тя включва и да изискваме отговорност – от себе си, от операторите, от правителствата.

WannaCry нямаше да има този ефект, ако пострадалите бяха обновили софтуера си. Затова, когато на телефона или какъвто и да е компютър или умно устройство изгрее обновление, за бога, не го пренебрегвайте! Да, понякога може да е досадно. Не е много забавно и да си миеш зъбите, но е силно препоръчително и полезно за здравето.

Но… дори и от утре всички да започнем стриктно да спазваме това, то пак няма да е достатъчно, ако срещу себе си имаме правителства и организации, които злоупотребяват. WannaCry е производна на уязвимост в Windows, която Агенцията за сигурност на Съединените щати е открила, но вместо да уведоми за това Microsoft, неясно колко време се е възползвала от нея, за да прониква в чужди системи и да проследява и краде данни от тях. Кракерска групировка ги открадна пък от тях преди време, публикува присвоения арсенал – и ето – бързо се намери някой, който да го използва с користна цел.

Такива случки тепърва ще зачестяват. И ако правителствата ни играят срещу нас… няма да е никак весело.

Нужна е глобална, масова и упорита съпротива срещу практиката да се пазят в тайна уязвимости.

Играем и една друга рискована игра. Ежедневно. С великодушно безразличие за мащаба и ефекта на проблема. Смартфоните и таблетите ни също са компютри, а огромна част от производителите им, увлечени от стремежа за повече продажби на нови модели, бързат да „пенсионират“ старите, спирайки обновленията за тях, притискайки клиентите си да сменят устройството си. Това обаче не се случва така, както на производителите им се иска, и по-старите устройства продължават да бъдат ползвани без обновления, с уязвимости, препродават се на вторичен пазар, преотстъпват се на деца, роднини или по-възрастни хора. Докато един ден… нещо като WannaCry ще направи и от това новина… или тихо ще отмъква данни – телефонни номера, съобщения, снимки, пароли, кредитни карти, всевъзможна лична информация… И понеже сме толкова свързани – ще пострадат не само притежателите на пробити устройства, а косвено и тези, с които те са в някакви взаимоотношения.

Най-лошият пример са старите телефони и таблети с Android, за които Google няма механизъм да принуди производителите им да се грижат по-добре и по-адекватно и продължително за тях.

Огледайте се около себе си и вижте колко ваши познати използват много стари устройства.

За кошмарната сигурност на доста IoT джаджи за автоматизация и управление на умни домове и производства дори не ми се отваря тема.

Но като споменах Google… Необходим ни е нов, променен Интернет!

Централизираният модел на гигантски силози с информация, които пълним всички, но контрол върху тях имат малцина, е фундаментално сбъркан.

И тук проблемът не опира само до сигурност, защото пробив в такава система директно се проектира върху много хора, които разчитат на нея. Имаме и вторичен, но много сериозен проблем, свързан със зависимостта ни от нея и злоупотребата с данните ни там.

Подхлъзвайки ни да ползваме „безплатните“ услуги на Google, Facebook и подобните им… те ни обричат на зависимост и контрол. Елегантно се оказва, че данните, които им поверяваме, не са наши данни, а техни. Те ги използват, за да ни профилират, да отгатват интересите ни, темите към които имаме чувствителност, манипулират ни с тях, продават ги, за да ни манипулират и други. Това е цената на „безплатното“.

Както казва Aral Balkan (вече два пъти беше и в България) – това не е data farming, а people farming, защото нашите данни това сме самите ние. А пренебрежителното махване с ръка, че няма какво да крием, е престъпление към общността ни (пак да акцентирам) в нашия свързан свят, защото пък както казва Edward Snowden: „Да нямаш нужда от лична неприкосновеност, защото нямало какво да криеш, е като да нямаш нужда от право на свободна воля, защото няма какво да кажеш.“

Права = Сила

И борбата за тях (трябва да) е непрекъсната.

  • Трябва да си върнем контрола върху дигиталното ни Аз в Интернет. Да редуцираме до минимум използването на безплатни услуги, които събират данни.
  • Да приемем грижата за сигурността на софтуера и устройствата ни като част от личната ни хигиена.
  • Да възпитаваме чувствителност към манипулациите в Интернет и особено към фалшивите новини и некачествената журналистика.
  • Да настояваме за прозрачност от правителствата, организациите, политиците и корпорациите.
  • Да предпочитаме децентрализирани или фокусирани (в едно нещо) услуги, вместо глобални конгломерати със стремеж към монопол в колкото се може повече теми (напр. ProtonMail или FastMail вместо Gmail, собствени блогове вместо Facebook и др.)
  • Да използваме по-малки, децентрализирани платформи (медийни, за услуги, за комуникация) и да ги подкрепяме финансово, а когато можем – и да стартираме собствени такива.
  • Да надвиваме индивидуализма си и да се подкрепяме взаимно в общността си.
  • Да обучаваме и призоваваме повече хора да правят същото…

Бъдещето принадлежи не на големите мастодонти, а на мрежи от малки, взаимносвързани, независими и подкрепящи се проекти, които случваме заедно. Колкото по-рано осъзнаем тенденцията и силата си, толкова по-добре.

Снимка: Markus Spiske

Now with added cucumbers

Post Syndicated from Liz Upton original https://www.raspberrypi.org/blog/now-added-cucumbers/

Working here at Pi Towers, I’m always a little frustrated by not being able to share the huge number of commercial businesses’ embedded projects that use Raspberry Pis. (About a third of the Pis we sell go to businesses.) We don’t get to feature many of them on the blog; many organisations don’t want their work replicated by competitors, or aren’t prepared for customers and competitors to see how inexpensively they’re able to automate tasks. Every now and then, though, a company is happy to share what they’re using Pis for.

cucumber-farmer-3

Makoto Koike, centre, with his parents on the family cucumber farm

Here’s a great example: a cucumber farm in Japan, which is using a Raspberry Pi to sort thorny cucumbers, saving the farmer eight to nine hours’ manual work a day.

Makoto Koike is the son of farmers, who works as an embedded systems designer for the Japanese car industry. He started helping out at his parents’ cucumber farm (which he will be taking over when they retire), and spotted a process that was ripe for automation.

cucumber-farmer-7

Cucumbers from the Makotos’ farm

At the Makotos’ farm, cucumbers are graded into nine categories: the straightest, thickest, freshest, most vivid cucumbers (which must have plenty of characteristic spurs) are the best, and can be sold at the highest price. Makoto-san’s mother was in charge of sorting the cucumbers every day, which took eight hours at the peak of the harvest. Makoto-san had an epiphany after reading about Google’s AlphaGo beating the world number one professional Go player. He realised that machine learning and deep learning meant the sorting process could be automated, so he built a process using Google’s open-source machine learning library, TensorFlow, and some machinery to process the cucumbers into graded batches.

cucumber-farmer-10

Sorting in action

cucumber-farmer-6

Camera interface

Google have put together a diagram showing how the system works:

cucumber-farmer-14

There are difficulties in building this sort of system, not least the 7000 cucumbers, pre-graded by his mother, that Makoto-san had to photograph and label over a period of three months to give the model material to train with. He says:

“When I did a validation with the test images, the recognition accuracy exceeded 95%. But if you apply the system with real use cases, the accuracy drops down to about 70%. I suspect the neural network model has the issue of “overfitting” (the phenomenon in neural networks where the model is trained to fit only the small training dataset) because of the insufficient number of training images.”

Still, it’s an impressive feat, and a real-world >95% accuracy rate is not unfeasible with a big enough data set. We’d be interested to see how the setup progresses, especially as more automation is added; right now, cucumbers are added to the processing hopper by hand, and a human has to interact with the touchscreen grading panel. Here’s the system at work:

TensorFlow powered cucumber sorter by Makoto Koike

Uploaded by Kazunori Sato on 2016-08-05.

We’re hoping to see some updates from the Makoto family as the system evolves. And in the meantime, if you have an embedded project you’d like to share with us, let us know in the comments!

 

The post Now with added cucumbers appeared first on Raspberry Pi.

FarmBot, the open-source CNC farming robot

Post Syndicated from Courtney Lentz original https://www.raspberrypi.org/blog/farmbot-open-source-cnc-farming-robot/

What do you imagine the future of farming to look like? The FarmBot team, located along the California coast in San Luis Obispo, is exploring just that. The team has set out to create humanity’s first open-source CNC farming machine to put the power of polycrop farming into the smallest of spaces.

No Title

No Description

The FarmBot structure fixes directly on top of any standard raised planter box. You can think of it like a 3D printer, but instead of extruding plastic, the tool head deposits seeds, delivers water and rids the box of weeds, all by moving across a gantry. Powered by a Raspberry Pi 3, an Arduino Mega and a motor control shield, the FarmBot brings agricultural automation within the reach of the committed hobbyist.

FarmBot Electronics

FarmBot’s interchangeable tooling set is impressive and has been carefully designed so that you may print tools with any hobbyist-level 3D printer.

The universal tool mount features 12 electrical connections, three liquid/gas lines and magnetic coupling. Ready-to-print attachment tools include the seed injection mount, the water nozzle specially designed for efficient watering, and the weed suppression tool which detects and destroys weeds at the root. FarmBot has documented detailed technical specifications of the universal tool mount, to encourage community members to design additional custom mounts that are specific to their particular farming needs.

Check out the tech specs of the tooling attachments for further nerding out!

FarmBot’s drag-and-drop web-based platform allows you to design and build your planter box farm easily. No coding is required; in fact, it has an almost game-like interface. Once your design is complete, the sequence builder and scheduler will help to allocate appropriate care to each plant.

Web-App-on-Different-Devices

It’s evident from looking at the design structure, documentation, CAD files, and detailed BOM that the creators of the FarmBot took to heart the idea of open source. By selecting off-the-shelf products and tools, they ensured this system is as accessible as possible. I’m really happy to see the Raspberry Pi 3 at the heart of FarmBot and I can’t wait to see how this community grows.

If you’re someone who’s serious about getting a good crop return from your small space, and you’re as mesmerized by FarmBot as I am, there’s still time to place a pre-order to receive one of the first batches ready to ship in February!

The post FarmBot, the open-source CNC farming robot appeared first on Raspberry Pi.

Case 230: All Together Now

Post Syndicated from The Codeless Code original http://thecodelesscode.com/case/230

The Hungry Worm Clan was building a website
for a craftsman who made custom farming tools.
Young master Zjing was reviewing the code
of their three developers.

“I do not understand the purpose of the LatestSellByDate property
in your shopping cart’s PurchaseItem,” she said to the three.
“Shovels and rakes do not expire.”

“That property was requested by the Red Pebble Clan,”
replied the first monk. “They are building a system for
managing a merchant’s cherry farms, and they plan to use our
order-placement service instead of building their own.”

“What?” asked Zjing in disbelief. “Who suggested that?”

“You did,” said the second monk. “For did you not
tell two of our clans that the reuse of services
was superior to the copying and pasting of code?”

“Yes, but the business needs of your two clans are
completely different!” cried Zjing.
“Eventually, the cherry purchasers may need options for crate size,
refrigerated shipping, and insurance against pests.
All of these could have their own rules and calculations!”

“You are worrying about a future that may never come to
pass,” countered the third monk. “And even if it does, so
what? The more features we implement, the greater the
chance that we can support our other clients.”

“Other clients?” asked Zjing.

“Two other Tiny Clans have expressed interest in our services,”
said the first monk.

“For unicycle parts and novelty wedding costumes,”
said the second monk.

“And I have begun designing a plug-in mechanism to handle
unforeseen cases,” said the third monk. “In the end the
Temple will save much development time overall.”

- - -

Later that week Zjing called a meeting of the Tiny Clans
under her tutelage. Dozens of monks and nuns crowded
into the dim, stuffy, windowless Hall of Irresistable
Somnolence where long presentations were given.*

Most of the benches had already been taken up by unfamiliar
villagers—employees, explained Zjing, of the novelty
wedding costume shop, who were there to ensure that their
requirements would be met. The meeting then began with an
extraordinarily dull presentation about tailoring, during
which many of the monks and nuns could be seen nodding off.

After the final slide the villagers were excused. When the
last of them had gone, Zjing brought forth a lantern from
behind the podium, and without a word she set the huge rice
paper projection screen on fire. Flames climbed swiftly and
spread across the dry ceiling timbers; heat seared the air;
smoke billowed forth; monks coughed or cried out; the fire
alarm clanged; then somewhere overhead the sprinkers came to
life and began gushing water ineffectively on the scene of
pandemonium below. It was only then—as the occupants
rose to flee in four different directions to the four exit
doors—that they discovered that their robes had been
swiftly and skillfully sewn to the robes of their neighbors.

* Usually these were mandated by the HR department, and included yearly refresher courses like: “First Aid For Accidental Injuries”, “First Aid For Intentional Injuries”, “How to Choose a Comprehensive Life Insurance Plan”, and “The Importance of Good Workplace Morale.”