Startup vs. Larger Company:
Working for a smaller company is that you get to make more of an impact: Working in a larger corporation might have more benefits or a higher salary but a startup is where you can really make a difference and see the influence your work is having on the business. You’re heavily involved in each stage of production and your opinion is more likely to carry weight than at a larger, more structured operation. Decentralization of big companies would be done through tokenization. The shares will be done through ICOs.
Jobs in IT:
In Artificial Intelligence, the Internet of Things, data security, virtual reality and augmented reality, virtual worlds (and virtual assets) and bank-less, free nodes back-boned, Internet of payment. Jobs to see as or related to: big data engineer, Software 2.0 Engineer (maintain Neural Networks that write code), full-stack developer, security engineer, IoT architect and VR/AR engineer and hybrid engineers, with agile mindsets through the teams, with solid technology stacks knowledge that working together are able to bind different ends of the domain spectrum (similarly like DevOps is to the “from Code to Infrastructure” mindset paradigm), runners of decentralized Internet (sustained by Blockchain and other similar technologies yet to come, in order to back-up the Virtual Assets in the Virtual Worlds in the Decentralized Network).
Thus the skills needed to succeed in the IT jobs of tomorrow revolve around security certifications, programming and applications development, proficiency with cloud, decentralized architectures and mobile technologies, and other specialized skill sets giving also way to the hybrid IT roles that bind the business to IT.
Roles grow vertically based on business domain vs. technology stacks. For example: a Solutions Architect has the business domain knowledge but has also a technical background. He will develop complex technology solutions in a specific business domain. Software Architect knows in a deeper way the technology stacks. He will design the architecture of the technical implementation. Technical Lead is one with deeper knowledge of the, or a part of the technology stack. He designs using established patterns, coaches teams into the adopted technologies and unlocks teams in order to succeed in project delivery.
Data Scientists: it is essential for data scientists to work with languages like R, Python, SAS, Hadoop, Netezza in which they apply their knowledge in statistics, mathematics (algebra), matrices (multivariable) calculus. And to have a knowledge in platforms like MapReduce, GridGain, HPCC, Storm, Hive, Pig, Amazon S3.
The user as valuable “in the network” resource, in parallel digital universes (eg. Metaverse). Their actions should be monetized and generate income. We are producing valuable data even now by only navigating on FB, Google and other social networks which the system themselves uses it to become better (the long therm plan is building the future AI systems together). The “Internaut” will be one of the nicest job of the future.
Category: Cybersecurity & Privacy
The protection of computer systems from the theft or damage to the hardware, software or the information on them, as well as from disruption or misdirection of the services they provide.
Software Security Vulnerabilities
Cause of security vulnerabilities, the possibility of being exploited, the degree of harm and the difficulty to solve.
1. Input Validation and Representation
Input validation and representation problems are usually caused by special characters, encodings, and numerical representations. Such problems occur as a result of input trust. These problems include: buffer overflow, cross-site scripting, SQL injection, command injection and so on.
2. API Abuse
The API is a convention between the caller and the callee, and most API abuses are caused by the caller not understanding the purpose of the convention. Security problems can also arise when the API is not used properly.
3. Security Features
This category contains vulnerabilities in authentication, access control, confidentiality, password usage, and privilege management.
4. Memory Management
Memory management is a common type of vulnerability associated with memory operations, including memory leaks, post-release use, double-release and so on. This type of vulnerability usually leads to system performance degradation, program crashes and a common type of flaws in C / C + + language.
5. Time and State
Distributed computing is time and state dependent. The interaction between threads and processes and the order in which tasks are executed are often determined by shared state, such as semaphores, variables, file systems and so on. The vulnerabilities associated with distributed computing include race conditions, blocking misuse and so on.
6. Error and Exception Handling Errors
This type of vulnerability is related to error and exception handling, and the most common type of vulnerability is that there is no proper processing mechanism (or errors are not processed), resulting in unexpected termination of program. Another vulnerability is that the error generated provides potential attacker with too much information.
7. Code Quality
Poor code quality can lead to unpredictable behavior. For the attacker, the poor code enables them to threaten the system in unexpected ways. Common types of vulnerabilities include dead code, null pointer dereferences and resource leak.
8. Encapsulation and hidden defects
Reasonable encapsulation means that the distinction between verified and unverified data, distinction between data of different users, or distinguish data that is visible or invisible to users. Common vulnerabilities include hidden fields, information leakage, cross-site request forgery and so on.
9. Flaws in Code Runtime Environment
These types of vulnerability is external to the source code, such as runtime configuration issues, sensitive information management issues and so on, which are critical to the product security.
The first eight types of vulnerabilities are related to security flaws in the source code. They can be the target of malicious attacks. Once exploited, they can cause serious consequences such as information leak, authorization lift and command execution. The last type of vulnerability describes security concerns that are external to the actual code. They are likely to cause abnormal operation of the software, data loss and other serious problems. (http://www.bikaifa.com)
10. With the advances of Quantum Computer technology there is more and more concern about the obsolete soon to be of current cryptographic security algorithms. A quantum computer will be able to break keys in matter of days. Hackers are already preparing to gain that calculus power and even today they secure certificates and keys. In danger of that Quantum era is also the actual Blockchains, in which the keys use the same technology of todays.
Docker
An open-source project for automating the deployment of applications as portable, self-sufficient containers that can run virtually anywhere on any type of server. Docker serves as a lightweight alternative to full machine virtualization provided by traditional hypervisors like VMware’s ESXi, Xen or KVM. Create image with Docker and deploy virtual machine as container. Upload it on docker hub for public access. Need orchestration tools to manage the containers.
There is an established certification program to make trusted, secure application containers supporting Docker and the Docker Engine, which should make it easier to deploy a uniform container environment over virtual hybrid clouds. A key benefit to the enterprise will be the establishment of common application lifecycle functions, such as security and certification, across distributed architectures, providing a level playing field for all container-based apps and services.