Digital Identity and verification processes on blockchain will change the game for business and university background checks

There has been a global challenge finding enough qualified programmers , cybersecurity experts , nurses , truck drivers, teachers and more. But that’s also helped create an entire industry of fake experienced staffing companies.

Atlanta has quite a few of these firms who find offshore resources and build fake personas and profiles for these individuals who suddenly go from inexperienced to having 10+ years of experience over a one month “bootcamp.”

That’s not the only challenge though. Fake diplomas and fake work experiences are a bigger problem. And we wonder why all these systems go down , are hacked or trucks flip over.

Besides these “boot camps “ that offer these “services” there is a growing trend where people can just pay some website for a counterfeit degree certificate, from made-up universities. We’ve even watched as wealthy celebrities pay to have their own children be some fake high school sports star just to get into a good university.

Some of these fake degree websites have made over $30 million in one year. That’s a lot of fake degrees and personas and experiences. But while someone messing up JC Penny’s mobile app causes downtime , a fake nurse could mean life or

Death. That’s scary.

And now places like open courseware , udemy, coursera and a boatload Of other e-learning and online educational platforms exist and are booming. It’s expected to be valued at over $300 million dollars by 2025.

Education that’s available to all is good. But a qualification award system that’s more fragmented, insecure, a bit fraudulent at times and difficult to verify isn’t good at all.

How can hiring employers or universities trust people to have actually completed these online courses they claim to? Studies already show most people stop after a a few weeks. We already know plenty of wealthy celebrity children cheated an entire system. And that’s the ones who got caught.

Pagarba has worked on digital identity and verification blockchain and AI projects that allow business professionals , government agencies , college graduates, educational and training institutions to upload and store their professional or academic credentials on a immutable easily verifiable blockchain platform.

They could upload, certify , and verify transcripts, certificates, degrees , diplomas and more. And this system can verify university degrees, employment histories, and other professional credentials. The uploaded information will be time stamped on the blockchain and any changes that are made to a qualification are linked to creating a historical chain of education and certification archive.

These blockchain based Digital identity verification platforms simply offer the Credentialed holders the ability to upload their credentials to the platform, and then through a smart contract and machine learning algorithm they go from an unverified document to a validated credential. And it offers potential employers and universities a peace of mind that they are getting the best and the brightest and not some fake crew star or green AI expert.

The colleges and employers can upload these verified academic or work history Credentials and thus create a trail of a degree , certificate or work experience by verified institutions and organizations. These documents and metadata are cryptographically secured and stored on a distributed blockchain network. Blockchain offers immutability and security , thus preventing any 3rd party to edit, change, or remove this data.

Organizations who need to verify a candidate for a job or graduate college application will get Access to this verified and certified credential, while the original uploaded user has complete control over the distribution of these credentials within the blockchain system.

There is a cost to implement this new technology as well as figuring the tokenization or gas cost angle. But in the long run it’ll be far cheaper for the hiring and background processes for businesses and universities because it saves time and resources finding the right qualified and verified candidates. It also reduces the risk of hiring someone who isn’t fully equipped for the job.

Pagaeba has utilized public blockchain systems like bitcoin , stellar , ethereum and ipfs or storj. We’ve also built a

Digital identity app using Hyperledger Fabric and Sawtooth platforms.

FPGA over GPU and CPU

When would you use an FPGA ?

Maybe you need to optimize a chip for a particular workload, or you need to make changes at the chip level for some sort of upgrade later on. Use cases for FPGAs cover a wide range of areas and verticals.

They could be used inside equipment for video and imaging or advanced circuitry for a computer, or maybe inside a smarter Tesla , think Boeing or Airbus planes utilization, or even intelligent autonomous military drones or weaponry. The use cases and possibilities might be endless. Or infinite.

FPGAs are useful for prototyping or piloting application-specific integrated circuits (ASICs) or processors. Bitcoin mining for example uses the concept of ASICS.

These devices and boards can be reprogrammed until the ASIC or processor design is final and bug-free and the actual manufacturing of the final ASIC begins.

The company Intel sometimes uses FPGAs to prototype new chips.

They recently purchased or bought a company called eASIC.

Why you might ask ?

Intel’s thought process might be a way to accelerate its designing and prototyping process. This company , eASIC, produced something called a “structured ASIC,” which relies on a model that is in between an ASIC and an FPGA.

This ASIC with a FPGA design philosophy bakes the fixed layout into a single design mask for manufacturing. Far more efficient and optimized design process for prototyping. By being a fixed design like an ASIC, it is faster than a variable design, but without the die area benefits of ASIC-like power savings. However, it was designed in FPGA time, rather than ASIC time (up to six months saved), and saves power through its fixed design.

So what can a enterprise business or small business user do with an FPGA ?

FPGAs can be useful to SMBs and enterprise businesses because they can be dynamically reprogrammed with a data path that exactly matches a specific workload.

Think in terms of business and technology processes like Data processing , advanced data analytics, image recognition, data and network encryption, and data compression. Optimized FPGAs are also more power-efficient than running equivalent workloads on a CPU. So a great use case for the Internet of things (IOT). Far better total cost of ownership (TCO) and versatility too.

FPGAs are starting to become important in IOT and fields like Artificial intelligence, machine learning, AI on the edge, and neural networks

More importantly, FPGAs are gaining prominence in deep neural networks (DNNs).

Running DNN inference models takes significant processing power. Think of that P3 AWS bill. Graphics processing units (GPUs) are often used to accelerate inference processing, but in some cases, high-performance FPGAs might actually outperform GPUs in analyzing large amounts of data for machine learning.

AWS has FPGA ec2 instances available now

These Amazon AWS EC2 F1 instances use FPGAs to enable delivery of custom hardware accelerations. F1 instances are easy to program and come with everything you need to develop, simulate, debug, and compile your hardware acceleration code, including an FPGA Developer AMI and supporting hardware level development on the cloud.

Using these F1 instances to deploy hardware accelerations can be useful in many applications to solve complex science, engineering, and business problems that require high bandwidth, enhanced networking, and very high compute capabilities.

Think of use cases where you might have a modest number of distinct operations that account for significant portions of application in run-time. These could be very useful for big data analytics, genomics, electronic design automation (EDA), image and video processing, compression, security, and search/analytics.

Microsoft is also starting to put Intel FPGA versatility to use on their Azure cloud platform

Microsoft’s Project Brainwave provides customers with access to Intel Stratix FPGAs through Microsoft Azure cloud services. The cloud servers outfitted with these FPGAs have been configured specifically for running deep learning models. The Microsoft service lets developers harness the power of FPGA chips without purchasing and configuring specialized hardware and software. Instead, developers can work with common open-source tools, such as the Microsoft Cognitive Toolkit or TensorFlow AI development framework.

FPGAs are becoming very important. And useful.

Ask a Pagarba neoteric innovation sandbox lab

subject matter expert to tell you more ,

Contact FPGA expert today

Top 10 OWASP application security best recommendations

There are many bugs, flaws, vulnerabilities and more when it comes to cyber security challenges and philosophies.

Below are the OWASP top 10 :

1> Injection:

– Injection flaws include SQL, QS, and LDAP

– injections occur when untrusted data is sent to an interpreter as part of a command or query

– The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization

2> Broken Authentication and Session Management:

– Application functions related to authentication and session management are often because they are not always implemented correctly, thus allowing an attacker to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities

3> Cross-Site Scripting (XSS):

– XSS flaws occur when an application takes untrusted data and sends it to a web browser without proper validation or escaping

– XSS allows attackers to execute scripts in the victim’s browser, which can hijack user sessions, deface websites, or redirect the user to malicious sites

4> Insecure Direct Object Reference:

– direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, or database key

– Without an access control check or other protection, attackers can manipulate these references to access unauthorized data

5> Security Misconfiguration:

– Good security requires having a secure configuration defined and deployed for the application, frameworks, application server, web server, database server, and platform

– Secure settings should be defined, implemented, and maintained, as defaults are often insecure

– software should be kept up to date

6> Sensitive Data Exposure:

– Some web applications do not properly protect sensitive data, such as credit cards, tax IDs, and authentication credentials. Think PII and more.

– Attackers may steal or modify such weakly protected data to conduct credit card fraud, identity theft, or other crimes

– Sensitive data deserves extra protection such as encryption at rest or in transit

– special precautions should be configured when exchanged with the browser

7> Missing Function Level Access Control:

– Most web applications verify function-level access rights before making that functionality visible in the UI

– applications need to perform the same access control checks on the server when each function is accessed

– If requests are not verified attackers will be able to forge requests in order to access functionality without proper authorization

8> Cross-Site Request Forgery (CSRF):

– A CSRF attack forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any other automatically included authentication information, to a vulnerable web application

– allows the attacker to force the victim’s browser to generate requests the vulnerable application things are legitimate requests from the victim

9> Using Components with Known Vulnerabilities

– Components, such as libraries, frameworks and other software modules, almost run with full privileges

– If a vulnerable component is exploited, such an attack can facilitate serious data loss or server takeover

– Application components with known vulnerabilities may undermine application defenses and enable a range of possible attacks and impacts

10> Unvalidated Redirects and Forwards

– Web applications frequently redirect and forward users to other pages and websites, and uses untrusted data to determine the destination pages

– Without proper validation, attackers can redirect victims to phishing or malware sites, or use forwards to access unauthorized pages

Bluetooth is bad.

Bluetooth makes life easier. It’s the IOT connectivity easy button. It made your life quick and easy to be able to connect your iPhone or Android , smart earbuds , smart speakers, cars radios , smart lightbulbs and smart fridges and even smart toaster ovens. But blue tooth and Blue tooth low energy is very problematic for reasons more serious than pairing issues.

Bluetooth has been proven time and time again to be a security and privacy nightmare. Security professionals and hackers think of it as a bad word. Or awesome tech if they are capitalizing on the vulnerabilities.

The Def Con hacker conference, in Las Vegas, just finished up and one of the recommendations given to attendees is to make sure Bluetooth is disabled on their phones. Yes, don’t turn on Bluetooth or turn it off is the advice given for this conference.

Think about that the next time you want to leave Bluetooth enabled.

Is this all just more click bait fake news fear mongering like Elon Musk loving to hear himself speak about the end of the world scare tactics ? Not exactly.

This isn’t nuking Mars or Asteroid destroying earth or AI robots turning into sky net scare tactics here. Blue tooth is really poorly designed and built when it comes to security.

It’s been shown at various conferences and events, in blog posts and on YouTube videos that hackers and security professionals can use Bluetooth to identify vulnerable medical devices , digital speakers, and hack into your now always connected car. Hackers or bored tech savvy intelligent thirteen year olds could take control of these devices and force them to play dangerous sounds or mess with heartbeat monitoring devices or turn a car off or lead them astray. The nation state or ransom ware bad guy hackers are one thing , but some script kiddie just learning isn’t even out to really harm anybody. Except they accidentally would in some of these instances.

Earlier this year researchers announced a flaw that could allow hackers to both intercept and alter data sent over Bluetooth. Talk about data security and privacy concerns. A attacker is able to listen in on, or change the content of, nearby Bluetooth communication, even between devices that have previously been successfully paired.

There are other stories and media reports where many stores like Walmart or Target or a grocery store now use Bluetooth beacons to track the location of individual shoppers down to the inch. That information is collected, analyzed and often sold or given to advertisers, who then use it to build data profiles on unwitting people just trying to buy some shampoo or socks or a bottle of water.

Many people keep Bluetooth enabled all the time. It makes life easier to pair and connect. Who wants to go to their phone settings or home security settings and enable Bluetooth and then pair it with the other Device every time you want to use your headphones or get into a car. But by having Bluetooth always on and always connected , you open yourself up to these potential hacks, abuses, and privacy violations.

What’s the solution to fix these Bluetooth vulnerabilities and challenges ?

Well that’s simple. You just have to turn Bluetooth off. Use it when you must , disable it or turn it off the rest of the time. Problem solved. It’s not exactly comforting, but it is what it is for now.

Why the Internet of Life Saving Things (IoLST) is the future

Another day and another internet of everything talk or article or conversation. Yet helping save lives and cleaning up the environment and improving our communities is not only key for a better tomorrow, but any tomorrow.

What is this Internet of Life Saving Things (IoLST) anyway ?

It falls under the umbrella of the Internet of Things, also known as IOT, but geared toward solutions for the public safety and first responders sector.

IoLST is all about helping save lives and improving communities through digital transformative processes and automation. It may include emerging technologies like blockchain, AI, IOT, LoraWAN, software defined radio , quantum computing, digital twins , augmented and virtual reality, smart sensors and devices, the cloud, mesh networking, as well as 3d printing. But it’s not just about technology and normal city government and business processes.

It’s all about the people and their communities. Digital transformation doesn’t work without the people. And the Internet of Life Saving Things helps save lives and improve communities by making sure the first responders, healthcare professionals, and city and community officials can protect the people and their property. The technology aspect helps make their jobs a little less chaotic and more efficient.

It’s enabling communities to be better prepared for natural and man made disasters and normal everyday occurrences.

IoLST and smarter communities is all about living and breathing the ideals and philosophies of a better, healthier, and safer today and tomorrow. Every neighborhood can be a safer, cleaner and self-Sufficient thriving community.

IoLST products and solutions could improve police officers’ ability to gather evidence and solve crimes. IoLST solutions can help accelerate the response of EMS personnel to motor vehicle collisions.

The digital transformation aspect helps protect firefighters from harm, or even alert healthcare professionals to dangerous changes to the vital signs of their patients recovering from an emergency while at home. 

IoLST products and solutions expand upon normal tech , IOT tech and everyday city wide daily processes. Smarter connected street lamps and traffic lights. CCTV, tiny cameras , wearables like fitbits and Apple watches, and drones all help transform a community.

Going even further, the Deep Edge IoLST products, solutions and applications may use mesh networking, 5G, as well as small, processing- and power-constrained edge devices that are deeply embedded in assets that will monitor a police officer’s heartbeat, cities automobile and foot traffic , and help paramedics measure vital signs.

Sensors and actuators that can detect a vehicle collision at a busy intersection, and automatically propose detours.

The Internet of Life Saving Things is here. It’s coming. It’s Tomorrow already today.